def my_address_ops():
addr_id = utils.get_int(request.form, "id", 0)
action = request.form.get("action", "")
addr_info = MemberAddress.query.filter_by(id=addr_id).first()
if not addr_info:
return json_error_response("地址更改操作错误(1)")
if action == "set_default":
member_id = g.current_member.id
current_time = utils.get_current_time()
MemberAddress.query.filter_by(member_id=member_id) \
.update({"is_default": 0, "updated_time": current_time})
addr_info.is_default = 1
addr_info.updated_time = utils.get_current_time()
db.session.add(addr_info)
db.session.commit()
return json_response()
elif action == "delete":
addr_info.status = 0
addr_info.updated_time = utils.get_current_time()
db.session.add(addr_info)
db.session.commit()
latest_addr = MemberAddress.query.filter_by(status=1).order_by(MemberAddress.updated_time.desc()).first()
if latest_addr:
latest_addr.is_default = 1
db.session.add(latest_addr)
db.session.commit()
return json_response()
else:
return json_error_response("地址更改操作错误(2)")
def close_order(pay_order_id):
pay_order_info = PayOrder.query.filter_by(id=pay_order_id,
status=-8).first()
if not pay_order_info:
return False
# revert stock for items in this order
pay_order_items = PayOrderItem.query.filter_by(
pay_order_id=pay_order_id).all()
if pay_order_items:
for item in pay_order_items:
food_info = Food.query.filter_by(id=item.food_id).first()
if food_info:
set_food_stock_change_log(item.food_id,
food_info.stock,
item.quantity,
note="取消订单,归还库存")
food_info.stock += item.quantity
food_info.updated_time = get_current_time()
db.session.add(food_info)
db.session.commit()
pay_order_info.status = 0
pay_order_info.updated_time = get_current_time()
db.session.add(pay_order_info)
db.session.commit()
return True
def my_address_set():
member_id = g.current_member.id
addr_id = utils.get_int(request.form, "id", 0)
contact_name = request.form.get("contact_name", "")
mobile = request.form.get("mobile", "")
address = request.form.get("address", "")
province_id = utils.get_int(request.form, "province_id", 0)
city_id = utils.get_int(request.form, "city_id", 0)
district_id = utils.get_int(request.form, "district_id", 0)
province_str = request.form.get("province_str", "")
city_str = request.form.get("city_str", "")
district_str = request.form.get("district_str", "")
empty_items = []
for var, item in zip([contact_name, mobile, address, province_str, city_str, province_id, city_id],
["联系人姓名", "手机号码", "详细地址", "省份名称", "城市名称", "省份代码", "城市代码"]):
if not var:
empty_items.append(item)
if len(empty_items) > 0:
return json_error_response("设置地址时以下内容不能为空:" + "、".join(empty_items))
# check if addr_info already exists
addr_info = MemberAddress.query.filter_by(id=addr_id).first()
if addr_info:
if addr_info.member_id != member_id:
return json_error_response("修改地址时出现错误(1)")
if not addr_info:
default_addr_cnt = MemberAddress.query.filter_by(is_default=1,
member_id=member_id,
status=1).count()
addr_info = MemberAddress()
addr_info.member_id = member_id
addr_info.is_default = 1 if default_addr_cnt == 0 else 0
addr_info.created_time = utils.get_current_time()
addr_info.contact_name = contact_name
addr_info.mobile = mobile
addr_info.province_id = province_id
addr_info.province_str = province_str
addr_info.city_id = city_id
addr_info.city_str = city_str
addr_info.district_id = district_id
addr_info.district_str = district_str
addr_info.address = address
addr_info.updated_time = utils.get_current_time()
db.session.add(addr_info)
db.session.commit()
return json_response("操作成功")
def login():
"""Complete login process:
1. mina/pages/index/index.js: Page.login() --> request with login_code --> this server
3. this function --> request with appid, appSecretKey, login_code --> wechat official api
4. wechat official api --> session_key, openid --> this server
"""
values = request.values
login_code = values.get("login_code", "")
if len(login_code) < 1:
return json_error_response("需要login_code")
# complete login process using login_code
openid = get_wechat_openid(login_code)
if openid is None:
return json_error_response("调用微信登录信息出错")
# check if user has registered
bind_info = OauthMemberBind.query.filter_by(
openid=openid, type=1).first() # type=1 corresponds to wechat
if bind_info:
# member exists
member_info = Member.query.filter_by(id=bind_info.member_id).first()
if not member_info:
return json_error_response("查询不到后台用户信息")
return json_response("已经绑定成功",
data={"token": generate_token(member_info)})
else:
# register new member
new_member = Member()
new_member.nickname = values.get("nickName", "")
new_member.sex = values.get("gender", 0)
new_member.avatar = values.get("avatarUrl", "")
new_member.salt = generate_salt()
new_member.updated_time = new_member.created_time = get_current_time()
db.session.add(new_member)
db.session.commit()
# bind new member with new OathMemberBind entry
new_bind = OauthMemberBind()
new_bind.member_id = new_member.id
new_bind.type = 1
new_bind.openid = openid
new_bind.extra = ""
new_bind.updated_time = new_bind.created_time = get_current_time()
db.session.add(new_bind)
db.session.commit()
return json_response("新用户注册成功",
data={"token": generate_token(new_member)})
def get_access_token():
token_info = OauthAccessToken.query.filter(
OauthAccessToken.expired_time > get_current_time()).first()
if token_info:
return token_info.access_token
appid = app.config["MINA_APP_ID"]
appsecret = app.config["MINA_APP_SECRET"]
url = "https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=%s&secret=%s" \
% (appid, appsecret)
r = requests.get(url=url)
if r.status_code != 200 or not r.text:
app.logger.error("获取access_token失败!")
return None
data = json.loads(r.text)
now = datetime.datetime.now()
expired_date = now + datetime.timedelta(seconds=data["expires_in"])
token_info = OauthAccessToken()
token_info.access_token = data["access_token"]
token_info.expired_time = expired_date.strftime("%Y-%m-%d %H:%M:%S")
token_info.created_time = now.strftime("%Y-%m-%d %H:%M:%S")
db.session.add(token_info)
db.session.commit()
return data
def ops():
values = request.values
if "act" not in values or "uid" not in values:
return json_error_response("无效的账号编辑操作")
user_info = User.query.filter_by(uid=values["uid"]).first()
if not user_info:
return json_error_response("无效的账号编辑操作")
if values["act"] == "remove":
user_info.status = 0
success_msg = "成功移除 %s 的账户 (登录名 %s)" % (user_info.nickname,
user_info.login_name)
elif values["act"] == "recover":
success_msg = "成功恢复 %s 的账户 (登录名 %s)" % (user_info.nickname,
user_info.login_name)
user_info.status = 1
else:
return json_error_response("无效的账号编辑操作")
user_info.update_time = get_current_time()
db.session.add(user_info)
db.session.commit()
return json_response(success_msg)
def get_release_version():
ver = get_current_time("%Y%m%d%H%M%S")
# release_path = app.config.get('RELEASE_PATH')
# if release_path and os.path.exists(release_path):
# with open(release_path, 'r') as f:
# ver = f.readline()
return app.config.get("RELEASE_VERSION", ver)
def ops():
id = get_int(request.form, "id", 0)
act = request.form.get("act", None)
if "act" is None or "id" == 0:
return json_error_response("无效的菜品项目编辑操作")
food_info = Food.query.filter_by(id=id).first()
if not food_info:
return json_error_response("无效的菜品项目编辑操作")
if act == "remove":
food_info.status = 0
success_msg = "成功移除菜品项目 %s" % (food_info.name)
elif act == "recover":
success_msg = "成功恢复菜品项目 %s" % (food_info.name)
food_info.status = 1
else:
return json_error_response("无效的账号编辑操作")
food_info.update_time = get_current_time()
db.session.add(food_info)
db.session.commit()
return json_response(success_msg)
def set():
if request.method == "GET":
id = int(request.args.get("id", "0"))
redir_response = make_response(redirect(build_url("/member/index")))
if id == 0:
return redir_response
member_info = Member.query.filter_by(id=id).first()
if member_info is None:
return redir_response
return render_template_with_global_vars(
"member/set.html", context={"member": member_info})
elif request.method == "POST":
id = int(request.form.get("id", "0"))
if id == 0:
return json_error_response("该用户不存在,请确认用户id!")
member_info = Member.query.filter_by(id=id).first()
if member_info is None:
return json_error_response("该用户不存在,请确认用户id!")
new_nickname = request.form.get("nickname", "")
if len(new_nickname) < 1:
return json_error_response("会员名称不能为空!")
member_info.nickname = new_nickname
member_info.update_time = get_current_time()
db.session.add(member_info)
db.session.commit()
return json_response("修改会员信息成功!")
def ops():
values = request.form
if "act" not in values or "id" not in values:
return json_error_response("无效的账号编辑操作")
member_info = Member.query.filter_by(id=values["id"]).first()
if not member_info:
return json_error_response("无效的账号编辑操作")
if values["act"] == "remove":
member_info.status = 0
success_msg = "成功移除 %s 的账户" % (member_info.nickname)
elif values["act"] == "recover":
success_msg = "成功恢复 %s 的账户" % (member_info.nickname)
member_info.status = 1
else:
return json_error_response("无效的账号编辑操作")
member_info.update_time = get_current_time()
db.session.add(member_info)
db.session.commit()
return json_response(success_msg)
def order_ops():
member_info = g.current_member
order_sn = request.form.get("order_sn", None)
if order_sn is None:
return json_error_response("订单操作失败(1)")
action = request.form.get("action", None)
if action is None:
return json_error_response("订单操作失败(2)")
pay_order_info = PayOrder.query.filter_by(order_sn=order_sn).first()
if pay_order_info is None:
return json_error_response("订单操作失败(3)")
if action == "cancel":
if pay_utils.close_order(pay_order_id=pay_order_info.id):
return json_response("取消订单成功")
else:
return json_error_response("订单操作失败(4)")
elif action == "confirm":
pay_order_info.deliver_status = 1
pay_order_info.updated_time = get_current_time()
db.session.add(pay_order_info)
db.session.commit()
return json_response("确认收货成功")
elif action == "comment":
pass
else:
return json_response("订单操作失败(5)")
def add_error_log(msg, request):
entry = AppErrorLog()
entry.target_url = request.url
entry.referer_url = request.referrer
entry.query_params = json.dumps(request.values.to_dict())
entry.content = msg
entry.created_time = get_current_time()
db.session.add(entry)
db.session.commit()
return True
def push(queue_name, data=None):
new_queue_info = QueueList()
new_queue_info.queue_name = queue_name
if data:
new_queue_info.data = json.dumps(data)
new_queue_info.created_time = new_queue_info.updated_time = get_current_time(
)
db.session.add(new_queue_info)
db.session.commit()
def run(self, params):
queue_list = QueueList.query.filter_by(status=-1).order_by(QueueList.id.asc()).limit(3).all()
for item in queue_list:
if item.queue_name == "pay":
self.handle_pay(item)
item.status = 1
item.updated_time = get_current_time()
db.session.add(item)
db.session.commit()
def order_success(pay_order_id=0, pay_sn=""):
# pessimistic concurrent handling:
try:
pay_order_info = PayOrder.query.filter_by(id=pay_order_id).first()
if pay_order_info is None or pay_order_info.status not in [-8, -7]:
return True
pay_order_info.pay_sn = pay_sn
pay_order_info.status = 1
pay_order_info.deliver_status = -7
pay_order_info.pay_time = get_current_time()
pay_order_info.updated_time = get_current_time()
db.session.add(pay_order_info)
db.session.commit()
# update FoodSaleChangeLog
pay_order_items = PayOrderItem.query.filter_by(
pay_order_id=pay_order_id).all()
for order_item in pay_order_items:
sale_log = FoodSaleChangeLog()
sale_log.food_id = order_item.food_id
sale_log.quantity = order_item.quantity
sale_log.price = order_item.price
sale_log.member_id = order_item.member_id
sale_log.created_time = get_current_time()
db.session.add(sale_log)
db.session.commit()
except Exception as e:
app.logger.error("%s" % e)
db.session.rollback()
return False
# add item to queue to notify that the payment has succeeded
if pay_order_info.subscribed:
queue_utils.push(
"pay", {
"member_id": pay_order_info.member_id,
"pay_order_id": pay_order_info.id
})
return True
def set_cart_info(member_id=0, food_id=0, quantity=0):
if member_id < 1 or food_id < 1 or quantity < 1:
return None
cart_info_query = MemberCart.query.filter_by(member_id=member_id,
food_id=food_id)
cart_info = cart_info_query.first()
if cart_info is None:
cart_info = MemberCart()
cart_info.member_id = member_id
cart_info.food_id = food_id
cart_info.created_time = get_current_time()
cart_info.quantity = quantity
cart_info.updated_time = get_current_time()
db.session.add(cart_info)
db.session.commit()
return cart_info
def cat_set():
if request.method == "GET":
id = get_int(request.args, "id", 0)
if id > 0:
cat_info = FoodCat.query.filter_by(id=id).first()
if cat_info is None:
return make_response(redirect(build_url("/food/cat")))
else:
cat_info = None
return render_template_with_global_vars("food/cat_set.html",
context={"cat": cat_info})
elif request.method == "POST":
id = get_int(request.form, "id", 0)
if id > 0:
cat_info = FoodCat.query.filter_by(id=id).first()
if cat_info is None:
return json_error_response("无效的食品类别编辑操作")
else:
cat_info = None
name = request.form.get("name", "")
weight = int(request.form.get("weight", "0"))
if len(name) < 1:
return json_error_response("食品类别名称不能为空!")
if weight < 1 or weight > 4:
return json_error_response("食品类别的权重必须在1-4之间!(含1和4)")
if cat_info is None:
cat_info = FoodCat()
cat_info.created_time = get_current_time()
cat_info.status = 1
cat_info.name = name
cat_info.weight = weight
cat_info.updated_time = get_current_time()
db.session.add(cat_info)
db.session.commit()
return json_response("修改食品类别信息成功!")
def set_food_stock_change_log(food_id, old_stock, change, note):
if food_id < 1:
return False
stock_change_info = FoodStockChangeLog()
stock_change_info.food_id = food_id
stock_change_info.unit = change
stock_change_info.total_stock = int(old_stock) + int(change)
stock_change_info.note = note
stock_change_info.created_time = get_current_time()
db.session.add(stock_change_info)
db.session.commit()
return True
def upload_by_file(f):
res = {"code": -1, "msg": "", "data": {}}
filename = secure_filename(f.filename)
extension = filename.rsplit(".", maxsplit=1)[1]
# check if ext is in our predefined list of extensions
img_upload_configs = app.config["IMG_UPLOAD_CONFIGS"]
if extension not in img_upload_configs["allowed_extensions"]:
res["msg"] = "不允许的扩展类型文件"
return res
# save uploaded file locally, check and create directory for files uploaded each day
file_dir = get_current_time("%Y%m%d")
save_dir = os.path.join(app.root_path,
img_upload_configs["prefix_path"].strip("/"),
file_dir)
if not os.path.exists(save_dir):
os.makedirs(save_dir)
os.chmod(save_dir, stat.S_IRWXU | stat.S_IRGRP | stat.S_IRWXO) # 747
# generate unique identifier and save file to server
file_name = str(uuid.uuid4()).replace("-", "") + "." + extension
file_key = os.path.join(file_dir, file_name)
file_path = os.path.join(save_dir, file_name)
f.save(file_path)
app.logger.info("Saved uploaded image at %s" % file_path)
image_info = Image()
image_info.file_key = file_key
image_info.created_time = get_current_time()
db.session.add(image_info)
db.session.commit()
res["code"] = 200
res["msg"] = "上传文件成功"
res["data"] = {"file_key": file_key}
return res
def add_pay_callback_data(pay_order_id=0, type="pay", data=""):
cb_info = PayOrderCallbackData()
cb_info.pay_order_id = pay_order_id
if type == "pay":
cb_info.pay_data = data
cb_info.refund_data = ""
else:
cb_info.pay_data = ""
cb_info.refund_data = data
cb_info.created_time = cb_info.updated_time = get_current_time()
db.session.add(cb_info)
db.session.commit()
return True
def my_comment_add():
member_id = g.current_member.id
order_sn = request.form.get("order_sn", None)
if not order_sn:
return json_error_response("评价操作失败(1)")
pay_order_info = PayOrder.query.filter_by(member_id=member_id, order_sn=order_sn).first()
if not pay_order_info:
return json_error_response("评价操作失败(2)")
if pay_order_info.comment_status:
return json_error_response("已经评价过了,请勿重复评价")
pay_order_items = PayOrderItem.query.filter_by(pay_order_id=pay_order_info.id).all()
food_ids = "_".join(str(item.food_id) for item in pay_order_items)
score = utils.get_int(request.form, "score", 10)
content = request.form.get("content", "")
comment_info = MemberComment()
comment_info.member_id = member_id
comment_info.food_ids = "_" + food_ids + "_"
comment_info.pay_order_id = pay_order_info.id
comment_info.score = score
comment_info.content = content
comment_info.created_time = utils.get_current_time()
db.session.add(comment_info)
db.session.commit()
pay_order_info.comment_status = 1
pay_order_info.updated_time = utils.get_current_time()
db.session.add(pay_order_info)
db.session.commit()
return json_response()
def add_access_log(request, g):
entry = AppAccessLog()
entry.target_url = request.url
entry.referer_url = request.referrer
entry.ip = request.remote_addr
entry.query_params = json.dumps(request.values.to_dict())
if "current_user" in g and g.current_user is not None:
entry.uid = g.current_user.uid
entry.ua = request.headers.get("User-Agent")
entry.created_time = get_current_time()
db.session.add(entry)
db.session.commit()
return True
def order_pay():
member_info = g.current_member
order_sn = request.form.get("order_sn", None)
if order_sn is None:
return json_error_response("支付失败,请稍后再试(1)")
pay_order_info = PayOrder.query.filter_by(order_sn=order_sn).first()
if pay_order_info is None:
return json_error_response("支付失败,请稍后再试(2)")
# get openid for member
oauth_bind_info = OauthMemberBind.query.filter_by(
member_id=member_info.id).first()
if oauth_bind_info is None:
return json_error_response("支付失败,请稍后再试(3)")
subscribed = request.form.get("subscribed", "False")
subscribed = subscribed == "true"
notify_url = build_url("/api/order/callback")
data = {
"appid": app.config["MINA_APP_ID"],
"mch_id": app.config["MCH_ID"],
"nonce_str": wc_utils.get_nonce_str(),
"body": "订餐",
"out_trade_no": pay_order_info.order_sn,
"total_fee": int(pay_order_info.total_price * 100), #单位为分
"notify_url": notify_url,
"trade_type": "JSAPI",
"openid": oauth_bind_info.openid
}
prepay_info = wc_utils.get_pay_info(data)
# save prepay_id to database
pay_order_info.prepay_id = prepay_info["prepay_id"]
pay_order_info.subscribed = subscribed
db.session.add(pay_order_info)
db.session.commit()
res_data = {"prepay_info": prepay_info}
if app.config["DEV_MODE"]:
# prepare callback xml message right here, send to frontend, and then
# frontend will send it back to backend's /order/callback_dev
res_data["dev_mode"] = True
cb_dev_data = {
"appid": data["appid"],
"bank_type": "CFT",
"cash_fee": data["total_fee"],
"fee_type": "CNY",
"is_subscribe": "N",
"mch_id": app.config["MCH_ID"],
"nonce_str": wc_utils.get_nonce_str(),
"openid": oauth_bind_info.openid,
"out_trade_no": pay_order_info.order_sn,
"result_code": "SUCCESS",
"return_code": "SUCCESS",
"time_end": get_current_time("%Y%m%d%H%M%S"),
"total_fee": data["total_fee"],
"trade_type": "JSAPI",
# this is supposed to be automatically generated by WeChat API
# use our own order_sn temporarily for development purposes
"transaction_id": pay_order_info.order_sn
}
sign = wc_utils.create_sign(cb_dev_data)
cb_dev_data["sign"] = sign
xml_data = wc_utils.dict_to_xml(cb_dev_data)
res_data["cb_dev_data"] = xml_data
return json_response(data=res_data)
def create_order(member_id, items, params=None):
res = {"code": -1, "msg": "", "data": {}}
for item in items:
item["price"] = Decimal(item["price"])
food_id_list = [item["food_id"] for item in items if item["price"] >= 0]
pay_price = Decimal(
sum(item["price"] * item["quantity"] for item in items
if item["price"] >= 0))
if len(food_id_list) <= 0 or pay_price <= 0:
res["msg"] = "订购商品列表为空,或者所有商品的价格都小于等于0元"
return res
shipping_price = Decimal(params.get("shipping_price", 0))
total_price = pay_price + shipping_price
notes = params.get("note", "")
deliver_address_id = params.get("deliver_address_id", 0)
deliver_info = params.get("deliver_info", {})
# concurrent handling of orders. We use a pessimistic row-level lock, where
# a lock is held by a thread/process even when they are just querying the value
try:
food_info_list = db.session.query(Food).filter(Food.id.in_(food_id_list)) \
.with_for_update().all()
food_id_to_stock_map = {food.id: food.stock for food in food_info_list}
pay_order = PayOrder()
pay_order.order_sn = generate_order_sn()
pay_order.member_id = member_id
pay_order.total_price = total_price
pay_order.shipping_price = shipping_price
pay_order.pay_price = pay_price
pay_order.note = notes
pay_order.status = -8
pay_order.deliver_status = -8
pay_order.deliver_address_id = deliver_address_id
pay_order.deliver_info = json.dumps(deliver_info)
pay_order.updated_time = pay_order.created_time = get_current_time()
db.session.add(pay_order)
for item in items:
food_id = item["food_id"]
quantity = item["quantity"]
price = item["price"]
stock = food_id_to_stock_map[food_id]
if price < 0:
continue
if quantity > stock:
raise Exception("您购买的菜品数量太火爆了,剩余%d, 您购买了%d" %
(stock, quantity))
update_successful = Food.query.filter_by(id=food_id).update(
{"stock": stock - quantity})
if not update_successful:
raise Exception("下单失败,请重新下单 (1)")
if not set_food_stock_change_log(food_id, stock, -1 * quantity,
"由用户%d下单购买" % member_id):
raise Exception("下单失败,请重新下单 (2)")
pay_order_item = PayOrderItem()
pay_order_item.pay_order_id = pay_order.id
pay_order_item.member_id = member_id
pay_order_item.quantity = quantity
pay_order_item.price = price
pay_order_item.food_id = food_id
pay_order_item.note = notes
pay_order_item.created_time = pay_order_item.updated_time = get_current_time(
)
db.session.add(pay_order_item)
db.session.commit()
except Exception as e:
db.session.rollback()
app.logger.error(e)
res["msg"] = str(e)
return res
res["code"] = 200
res["msg"] = "下单成功!"
res["data"] = {
"pay_order_id": pay_order.id,
"order_sn": pay_order.order_sn,
"total_price": str(pay_order.total_price)
}
return res
def set():
if request.method == "GET":
cat_list = FoodCat.query.all()
id = get_int(request.args, "id", 0)
food_info = Food.query.filter_by(id=id).first()
if (id > 0 and food_info is None) or (food_info is not None
and food_info.status != 1):
return redirect(build_url("/food/index"))
ctx = {"food": food_info, "cat_list": cat_list}
return render_template_with_global_vars("food/set.html", context=ctx)
elif request.method == "POST":
id = get_int(request.form, "id", 0)
cat_id = get_int(request.form, "cat_id", 0)
name = request.form.get("name", "")
price = request.form.get("price", "")
title_pic = request.form.get("title_pic", "")
summary = request.form.get("summary", "")
stock = get_int(request.form, "stock", 0)
tags = request.form.get("tags", "")
# form content verification
if cat_id == 0:
return json_error_response("请选择类别")
empty_items = []
for var, item in zip([name, price, title_pic, summary, tags],
["菜品名称", "菜品价格", "封面图", "描述", "标签"]):
if len(var) < 1:
empty_items.append(item)
if len(empty_items) > 0:
return json_error_response("以下内容不能为空:" + "、".join(empty_items))
price = Decimal(price).quantize(Decimal("0.00"))
if price <= 0:
return json_error_response("售卖价格不能小于或者等于0")
# create new entry in Food table
food_info = Food.query.filter_by(id=id).first()
before_stock = 0
if food_info:
before_stock = food_info.stock
else:
food_info = Food()
food_info.status = 1
food_info.created_time = get_current_time()
food_info.cat_id = cat_id
food_info.name = name
food_info.price = price
food_info.main_image = title_pic
food_info.summary = summary
food_info.stock = stock
food_info.tags = tags
food_info.updated_time = get_current_time()
db.session.add(food_info)
db.session.commit()
# add entry into food stock change log
if not set_food_stock_change_log(food_info.id, int(before_stock),
int(stock) - int(before_stock),
"后台直接更改"):
return json_error_response("登记库存变更信息出现错误")
return json_response("成功添加菜品 %s" % name)
def set():
default_pwd = "******"
if request.method == "GET":
# pass user info into template to fill in values of html form
uid = request.args["uid"] if "uid" in request.args else None
user_info = User.query.filter_by(uid=uid).first() if uid else None
ctx = {"user": user_info, "default_pwd": default_pwd}
return render_template_with_global_vars("account/set.html",
context=ctx)
elif request.method == "POST":
# obtain info from form
uid = int(request.form["uid"]) if "uid" in request.form else 0
username = request.form[
"login_name"] if "login_name" in request.form else ""
pwd = request.form["login_pwd"] if "login_pwd" in request.form else ""
nickname = request.form[
"nickname"] if "nickname" in request.form else ""
mobile = request.form["mobile"] if "mobile" in request.form else ""
email = request.form["email"] if "email" in request.form else ""
app.logger.debug("setting info for uid %d, new username %s, pwd %s" %
(uid, username, pwd))
# validate form elements
if len(nickname) < 1 or len(email) < 1 or len(mobile) < 1:
empty_items = []
if len(nickname) < 1:
empty_items.append("姓名")
if len(mobile) < 1:
empty_items.append("手机")
if len(email) < 1:
empty_items.append("邮箱")
if len(username) < 1:
empty_items.append("登录名")
if len(pwd) < 1:
empty_items.append("登录密码")
msg = "以下内容不能为空:" + "、".join(empty_items)
return json_error_response(msg)
if len(pwd) < 6 and uid == 0:
return json_error_response("您的密码不能短于6个字符!")
user_info = User.query.filter(User.login_name == username,
User.uid != uid).first()
if user_info:
return json_error_response("该用户名已被使用,请使用别的用户名!")
user_info = User.query.filter_by(uid=uid).first()
app.logger.debug("uid %d user_info %s" % (uid, user_info))
new_user = False
if user_info is None:
new_user = True
user_info = User()
user_info.login_salt = generate_salt()
user_info.created_time = get_current_time()
user_info.login_name = username
user_info.nickname = nickname
user_info.mobile = mobile
user_info.email = email
user_info.updated_time = get_current_time()
# edit password when it is not default value "*****" (see set.html)
if pwd != default_pwd:
user_info.login_pwd = generate_salted_pwd(pwd,
user_info.login_salt)
db.session.add(user_info)
db.session.commit()
return json_response("账号个人信息编辑成功!", data={})
