def login(): user_form = forms.LoginForm() if user_form.is_submitted(): if not user_form.validate(): return jsonify( models.R.fail(code_msg.PARAM_ERROR.get_msg(), str(user_form.errors))) utils.verify_num(user_form.vercode.data) user = mongo.db.users.find_one({'email': user_form.email.data}) if not user: return jsonify(code_msg.USER_NOT_EXIST) if not models.User.validate_login(user['password'], user_form.password.data): raise models.GlobalApiException(code_msg.PASSWORD_ERROR) if not user.get('is_active', False): return jsonify(code_msg.USER_UN_ACTIVE) if user.get('is_disabled', False): return jsonify(code_msg.USER_DISABLED) login_user(models.User(user)) action = request.values.get('next') if not action: action = url_for('index.index') return jsonify(code_msg.LOGIN_SUCCESS.put('action', action)) logout_user() ver_code = utils.gen_verify_num() # session['ver_code'] = ver_code['answer'] return render_template('user/login.html', ver_code=ver_code['question'], form=user_form, title='登录')
def add(post_id=None): posts_form = forms.PostsForm() if posts_form.is_submitted(): if not posts_form.validate(): return jsonify(models.BaseResult(1, str(posts_form.errors))) utils.verify_num(posts_form.vercode.data) user = current_user.user if not user.get('is_active', False) or user.get('is_disabled', False): return jsonify(code_msg.USER_UN_ACTIVE_OR_DISABLED) user_coin = user.get('coin', 0) if posts_form.reward.data > user_coin: return jsonify(models.R.ok('悬赏金币不能大于拥有的金币,当前账号金币为:' + str(user_coin))) posts = { 'title': posts_form.title.data, 'catalog_id': ObjectId(posts_form.catalog_id.data), # 'is_closed': False, 'content': posts_form.content.data, } post_index = posts.copy() post_index['catalog_id'] = str(posts['catalog_id']) msg = '发帖成功!' reward = posts_form.reward.data if post_id: posts['modify_at'] = datetime.now() mongo.db.posts.update_one({'_id': post_id}, {'$set': posts}) msg = '修改成功!' else: posts['create_at'] = datetime.utcnow() posts['reward'] = reward posts['user_id'] = user['_id'] # 扣除用户发帖悬赏 if reward > 0: mongo.db.users.update_one({'_id': user['_id']}, {'$inc': {'coin': -reward}}) mongo.db.posts.save(posts) post_id = posts['_id'] # 更新索引文档 update_index(mongo.db.posts.find_one_or_404({'_id': post_id})) return jsonify(models.R.ok(msg).put('action', url_for('index.index'))) else: ver_code = utils.gen_verify_num() # session['ver_code'] = ver_code['answer'] posts = None if post_id: posts = mongo.db.posts.find_one_or_404({'_id': post_id}) title = '发帖' if post_id is None else '编辑帖子' return render_template('jie/add.html', page_name='jie', ver_code=ver_code['question'], form=posts_form, is_add=(post_id is None), post=posts, title=title)
def register(): if db_utils.get_option('open_user', {}).get('val') != '1': abort(404) user_form = forms.RegisterForm() if user_form.is_submitted(): if not user_form.validate(): return jsonify( models.R.fail(code_msg.PARAM_ERROR.get_msg(), str(user_form.errors))) utils.verify_num(user_form.vercode.data) user = mongo.db.users.find_one({'email': user_form.email.data}) if user: return jsonify(code_msg.EMAIL_EXIST) #以字典的形式存储用户注册时所填写的信息 user = dict({ 'is_active': False, 'coin': 0, 'email': user_form.email.data, 'username': user_form.username.data, 'vip': 0, 'reply_count': 0, 'avatar': url_for('static', filename='images/avatar/' + str(randint(0, 12)) + '.jpg'), 'password': generate_password_hash(user_form.password.data), 'create_at': datetime.utcnow() }) #向mongo数据库插入此用户的这条数据 mongo.db.users.insert_one(user) send_active_email(user['username'], user['_id'], user['email']) return jsonify( code_msg.REGISTER_SUCCESS.put('action', url_for('user.login'))) ver_code = utils.gen_verify_num() # session['ver_code'] = ver_code['answer'] #title会传给base页面的变量title,会在对应的页面标签显示 return render_template('user/reg.html', ver_code=ver_code['question'], form=user_form, title='注册')
def user_pass_forget(code=None): if request.method == 'POST': mail_form = forms.SendForgetMailForm() if not mail_form.validate(): return jsonify( models.R.fail(code_msg.PARAM_ERROR.get_msg(), str(mail_form.errors))) email = mail_form.email.data ver_code = mail_form.vercode.data utils.verify_num(ver_code) user = mongo.db.users.find_one({'email': email}) if not user: return jsonify(code_msg.USER_NOT_EXIST) send_active_email(user['username'], user_id=user['_id'], email=email, is_forget=True) return jsonify( code_msg.RE_PWD_MAIL_SEND.put('action', url_for('user.login'))) has_code = False user = None if code: print(code) active_code = mongo.db.active_codes.find_one({'_id': code}) print(active_code) print(active_code['user_id']) has_code = True if not active_code: return render_template('user/forget.html', page_name='user', has_code=True, code_invalid=True) user = mongo.db.users.find_one({'_id': active_code['user_id']}) print(user) ver_code = utils.gen_verify_num() # session['ver_code'] = ver_code['answer'] return render_template('user/forget.html', page_name='user', ver_code=ver_code['question'], code=code, has_code=has_code, user=user, title='找回密码')