def AppFindPwd(request, account, captcha):
# print "find pwd first", account, captcha
if not account or not captcha:
return HttpReturn(ArgError)
mycaptcha = request.session.pop(request.COOKIES.get(G_CSRFTOKEN), None)
if not mycaptcha or cmp(mycaptcha, captcha):
return HttpReturn(CaptchaError)
try:
accobj = AppUser.objects.raw(
'SELECT * FROM user_manager_appuser where uname = %s OR email = %s OR phone= %s',
[account, account, account])[0]
except:
return HttpReturn(UserNotExists)
else:
if not accobj:
return HttpReturn(TargetNotExists)
smscode = hashlib.md5(accobj.phone +
str(time.time())).hexdigest().upper()
ipaddr = request.META.get(G_REMOTE_ADDR)
redis_pool.hmset(smscode, {G_PHONE: accobj.phone, G_IPADDR: ipaddr})
redis_pool.expire(smscode, settings.SESSION_COOKIE_AGE)
res = {
'name': accobj.uname,
G_PHONE: "%s****%s" % (accobj.phone[:3], accobj.phone[-4:]),
G_SMSCODE: smscode,
G_OK: True
}
return HttpReturn(json.dumps(res))
def AppShareDev(body, *args):
user, devuuid, _ = args
# print "share devices ---------- ",user,devuuid
try:
# results = AppBindDevList.objects.raw("SELECT devid_id from bindlist WHERE appid_id = %s AND devid_id=%s",
# [user.uuid.hex,devuuid])
results = AppBindDevList.objects.filter(devid_id=devuuid,
appid_id=user)[0]
except (ObjectDoesNotExist, IndexError) as e:
return HttpReturn(TargetNotExists)
# print "result id ",results
if results.devid.uuid.hex != devuuid:
return HttpReturn(TargetNotExists)
otpuuid = uuid.uuid4().hex
# body = GetRequestBody(request)
# print "------ >type body is",type(body)
if not body or not isinstance(body, dict):
return HttpReturn(ArgError)
topics = body.get(G_TOPICS, None)
# print "----------- >share topics is ",topics
# 检查topics 是否为空,是否是为列表类型,是否全部为真.
if not topics or not isinstance(topics, list):
return HttpReturn(ArgError)
# if not all(devuuid in item for item in topics):
# return HttpReturn(ShareError)
# full_url = ''.join(['http://', get_current_site(request).domain,
# '/shared/%s' % otpuuid])
expire = settings.SESSION_COOKIE_AGE * 6
res = {G_OK: True, 'otp': otpuuid, G_EXPIRE: expire}
redis_pool.hmset(otpuuid, {
G_APPID: user,
G_DEVID: devuuid,
G_TOPICS: json.dumps(topics)
})
redis_pool.expire(otpuuid, expire)
# return JsonResponse(res,safe=False)
return HttpReturn(json.dumps(res))
def AppSendSmsToNewPhone(body, *args):
if not all(x in body for x in [G_PHONE, G_CAPTCHA]):
return HttpReturn(ArgError)
user, request = args
mycaptcha = request.session.pop(request.COOKIES.get(G_CSRFTOKEN), None)
print "mycaptcha ", mycaptcha == str(body.get(G_CAPTCHA, None))
if not mycaptcha or cmp(mycaptcha, str(body.get(G_CAPTCHA, None))):
return HttpReturn(CaptchaError)
phone = str(body.get(G_PHONE, ''))
# 不能发给已经注册的手机.
if len(AppUser.objects.filter(phone=phone)) > 0:
return HttpReturn(PhoneExists)
smscode = hashlib.md5(phone + str(time.time())).hexdigest().upper()
ipaddr = request.META.get(G_REMOTE_ADDR)
redis_pool.hmset(smscode, {G_PHONE: phone, G_IPADDR: ipaddr})
redis_pool.expire(smscode, settings.SESSION_COOKIE_AGE)
res = {G_PHONE: phone, G_SMSCODE: smscode, G_OK: True}
return HttpReturn(json.dumps(res))
def IotAppRegister(data, *args):
# {"name":"test3","email":"*****@*****.**","phone":"13825461111","key":123456,"captcha":123456}
request = args[0]
email = data.get(G_EMAIL, None)
uname = data.get(G_NAME, None)
phone = data.get(G_PHONE, None)
key = data.get(G_KEY, None)
captcha = str(data.get(G_CAPTCHA, None))
# print "data is ",data
# print "my captcha", request.session.pop(request.COOKIES.get(G_CSRFTOKEN))
mycaptcha = request.session.pop(request.COOKIES.get(G_CSRFTOKEN), None)
if not mycaptcha or cmp(mycaptcha, captcha):
return HttpReturn(CaptchaError)
if uname:
try:
tmp = AppUser.objects.get(uname=uname)
except:
pass
else:
return HttpReturn(UserError)
else:
return HttpReturn(ArgError)
if phone:
if len(phone) != 11:
return HttpReturn(PhoneError)
try:
int(phone)
except:
return HttpReturn(PhoneError)
try:
tmp = AppUser.objects.get(phone=phone)
except:
pass
else:
return HttpReturn(PhoneExists)
else:
return HttpReturn(ArgError)
if email:
try:
tmp = AppUser.objects.get(email=email)
except:
pass
else:
return HttpReturn(EmailError)
else:
return HttpReturn(ArgError)
if not key:
return HttpReturn(ArgError)
### 注册成功,验证手机激活帐号#####
sendsms_code = hashlib.md5(phone + str(time.time())).hexdigest().upper()
nuuid = uuid.uuid4().hex
ipaddr = request.META.get(G_REMOTE_ADDR)
redis_pool.hmset(
sendsms_code, {
G_EMAIL: email,
G_KEY: key,
G_UNAME: uname,
G_UUID: nuuid,
G_REGISTER: 1,
G_PHONE: phone,
G_IPADDR: ipaddr
})
redis_pool.expire(sendsms_code, settings.SESSION_COOKIE_AGE)
return HttpReturn(
json.dumps({
G_OK: True,
G_UUID: nuuid,
G_SMSCODE: sendsms_code
}))
def PreCheckRequest(request, obj, rawpwd):
# print len(data),data;
# signMethod = data.get('signMethod','')
# rawpwd = data.get(G_KEY, '')
# print "request key", rawpwd,obj.key
if not check_password(rawpwd, obj.key):
return HttpReturn(UnAuth)
# srvobj = SrvList.objects.annotate(max_mark=Min('concount')).filter(concount=F('max_mark'))
# ##选取最小的连接数的服务器
srvipaddr = '0.0.0.0'
retdict = {}
hkey = 'null'
try:
srvipaddr = SrvList.objects.values_list(G_IPADDR).annotate(
Min('concount')).order_by('concount')[0]
except (ObjectDoesNotExist, IndexError) as e:
retdict[G_SRVS] = None
# retdict[G_VER] = None
else:
srvobj = SrvList.objects.get(ipaddr=srvipaddr[0])
retdict[G_SRVS] = ':'.join([srvobj.ipaddr, str(srvobj.port)])
retdict[G_EXPIRE] = settings.SESSION_COOKIE_AGE
hasher, iterations, salt, code = obj.key.split('$')
# retdict[G_SIGN] = hmac.new(str(salt), str(time.time())).hexdigest().upper()
retdict[G_OK] = True
# hkey = retdict[G_SIGN]
request.session.set_expiry(settings.SESSION_COOKIE_AGE)
request.session.save()
retdict[G_SIGN] = sessionid = request.session.session_key
# sessionid = request.COOKIES.get(G_SESSIONID,None)
# print "login cookies",sessionid,request.COOKIES
ipaddr, state = IpAddress.objects.get_or_create(
ipaddr=request.META.get(G_REMOTE_ADDR))
# print "ipaddr",ipaddr
redis_pool.hmset(
sessionid, {
G_PASSWORD: hashlib.sha256(rawpwd).hexdigest(),
G_IPADDR: ipaddr.ipaddr,
G_UUID: obj.uuid.hex
})
redis_pool.expire(sessionid, settings.SESSION_COOKIE_AGE)
tokenlist = []
if 'dev' in request.path:
# print "devices cookies ",request.COOKIES,sessionid
tokenlist.append(obj.uuid.hex)
DevicesLoginHistory.objects.create(devices=obj,
inout=True,
ipaddr=ipaddr)
else:
tokenlist = [obj.uname, obj.uuid.hex, obj.phone, obj.email]
AppUserLoginHistory.objects.create(user=obj, inout=True, ipaddr=ipaddr)
retdict[G_UUID] = obj.uuid.hex
# 记录登录数据,十分钟之内的重复登录,不查数据,只查redis
redis_pool.hmset(sessionid, {
"res": json.dumps(retdict),
G_ACCOUNT: tokenlist
})
redis_pool.expire(sessionid, settings.SESSION_COOKIE_AGE)
retdict['time'] = str(int(time.time()))
return HttpReturn(json.dumps(retdict))
def AppSendSms(request, account):
SENDCOUNT = 'sendcount'
# phone = redis_pool.hget(account, G_PHONE)
adict = redis_pool.hgetall(account)
# print "all key is",adict
if G_PHONE not in adict:
return HttpReturn(UnAuth)
# redis_pool.hdel(account, G_PHONE)
# print "phone number ", phone
### 同一号24小时只能发送三次短信. ###
sendnum = redis_pool.hget(adict[G_PHONE], SENDCOUNT)
# print "gettxt from redis", sendnum
if sendnum and int(sendnum) == 3:
return HttpReturn(SmsOverError)
sendtime = redis_pool.hget(adict[G_PHONE], 'lastime')
if sendtime and (time.time() -
int(sendtime)) < settings.SESSION_COOKIE_AGE / 10:
return HttpReturn(SmsIntervalError)
# ipaddr = request.META.get('REMOTE_ADDR')
ipobj, ok = IpAddress.objects.get_or_create(
ipaddr=request.META.get(G_REMOTE_ADDR))
oldaddr = redis_pool.hget(account, G_IPADDR)
if cmp(ipobj.ipaddr, oldaddr):
return HttpReturn(IpAddrError)
try:
(sms, state) = sendsms.SendSMS(adict[G_PHONE])
except HTTPError:
return HttpReturn(InternalError)
except IndexError:
SmsErrorLog.objects.create(-100, ipobj, timezone.now, adict[G_PHONE])
return HttpReturn(InternalError)
if state == 0:
redis_pool.expire(adict[G_PHONE], settings.SESSION_COOKIE_AGE)
redis_pool.hset(adict[G_PHONE], 'lastime', int(time.time()))
# redis_pool.expire(phone,settings.SESSION_COOKIE_AGE)
if redis_pool.hget(adict[G_PHONE], SENDCOUNT):
redis_pool.hincrby(adict[G_PHONE], SENDCOUNT, 1)
else:
redis_pool.hset(adict[G_PHONE], SENDCOUNT, 1)
resetcode = hashlib.md5(adict[G_PHONE] +
str(time.time())).hexdigest().upper()
if G_REGISTER in adict:
for (k, v) in adict.items():
redis_pool.hset(resetcode, k, v)
redis_pool.hmset(resetcode, {G_PHONE: adict[G_PHONE], 'sms': sms})
# print "reset code dict is",redis_pool.hgetall(resetcode)
redis_pool.expire(resetcode, settings.SESSION_COOKIE_AGE)
redis_pool.hdel(account, G_PHONE) # 删除这个键,一次有效
return HttpReturn(json.dumps({G_OK: True, 'rescode': resetcode}))
else:
if state in ErrDict:
errobj, ok = SmsErrorTable.objects.get_or_create(errcode=state,
msg=ErrDict.get(
state,
u"未知错误"))
SmsErrorLog.objects.create(errcode=errobj,
ipaddr=ipobj,
addtime=timezone.now(),
phone=adict[G_PHONE])
if state in [10006, 10007, 10005]:
return HttpReturn(
json.dumps({
G_ERR: "OtherError",
G_MSG: ErrDict[state]
}))
else:
return HttpReturn(InternalError)