def change_pwd():
req_data = None
if request.headers['Content-Type'].startswith('application/json'):
req_data = request.get_json()
if req_data is None:
return jsonify({'code': 9000, 'msg': '请上传json数据,且参数必须按api接口标准给定'})
token = req_data.get('token', None)
if token is None:
return jsonify({'code': 202, 'msg': '没有登录,请先登录'})
if bool(cache.check_token(token)):
user_id = cache.get_token_user_id(token)
pwd = dao.select_pwd(user_id)
pwd1 = pwd['password']
oldpwd = req_data['oldpwd']
newpwd = req_data['newpwd']
once_newpwd = req_data['once_newpwd']
if check_password(oldpwd, pwd1):
if newpwd == once_newpwd:
m_new_password = make_password(str(newpwd))
new_password = dao.update_pwd(m_new_password, user_id)
if new_password:
return jsonify({'code': 200, 'msg': '修改成功'})
else:
return jsonify({'code': 201, 'msg': '两次输入密码不一致'})
else:
return jsonify({'code': 202, 'msg': '原密码错误'})
else:
return jsonify({"msg": "token值错误或者过期,请先登录"})
def code_login():
r_data = request.get_json()
if r_data:
phone = r_data['phone']
pwd = r_data['pwd']
#判断接受的数据是否为空
if all((phone, pwd)):
u_password = UserDao().get_pwd('u_tel',phone)
if check_password(pwd,u_password):
user_id = UserDao().get_id('u_tel',phone)
print(user_id)
if user_id is not None:
token = uuid.uuid4().hex
save_token(token, user_id)
data = UserDao().get_profile(user_id)
return jsonify({
'code': 200,
'msg': '登录成功,欢迎使用MT外卖品台',
'token': token,
'data': data
})
return jsonify({
"code": 207,
"msg": "手机号或者密码错误,请重新输入"
})
def login_pwd(self, u_phone, u_auth_string):
sql = "select * from users where u_phone=%s"
user_profile = self.query(sql, u_phone)
id, auth_str = (user_profile[0].get('id'),
user_profile[0].get('u_auth_string'))
if check_password(u_auth_string, auth_str):
return user_profile
api_logger.warn('用户 %s 的口令不正确' % u_phone)
return [{'code': '303', 'msg': '用户口令不正确'}]
def login_str(self, phone, login_auth_str):
user_data = self.login_data(phone) # 获取用户表中的用户id和口令
if user_data:
user_id, auth_str = (user_data[0].get('id'),
user_data[0].get('login_auth_str'))
if check_password(login_auth_str, auth_str):
# 验证成功
return True
# api_logger.warn('用户 %s 的口令不正确' % phone)
return False
def to_lend():
req_data = None
api_logger.info(request.headers)
if request.headers['Content-Type'].startswith('application/json'):
req_data = request.get_json()
if req_data is None:
api_logger.warn('%s 请求参数未上传-json' % request.remote_addr)
return jsonify({'code': 9000, 'msg': '请上传json数据,且参数必须按api接口标准给定'})
api_logger.debug(req_data)
if all((req_data.get('token', False), req_data.get('product_id', False),
req_data.get('lendMoney',
False), req_data.get('lendpassword', False))):
datas = {}
token = req_data.get('token')
datas['user_id'] = get_token_user_id(token)
datas['product_id'] = req_data.get('product_id')
datas['lendTime'] = datetime.now()
user = dao.query_user(datas['user_id'])[0]
datas['lendUserTel'] = user['userName']
datas['lendMoney'] = req_data.get('lendMoney')
datas['is_past'] = '0'
user_id = datas['user_id']
user_cart = dao.query_user_cart(user_id)
cartid = user_cart['card_id']
card = dao.query_cart(cartid)
cardPwd = card['cardPwd']
lendpassword = req_data.get('lendpassword')
if check_password(lendpassword, cardPwd):
if float(datas['lendMoney']) < float(user['zyMoney']):
if dao.lend_save(**datas):
zyMoney = float(user['zyMoney']) - float(
datas['lendMoney'])
dao.update_user_zymoney(zyMoney, user_id)
return jsonify({'code': 200, 'msg': "成功借出"})
else:
return jsonify({'code': 201, 'msg': "出借失败"})
else:
return jsonify({'code': 203, 'msg': '账户余额不足请先充值'})
else:
return jsonify({"code": 205, "msg": '密码输入错误'})
else:
return jsonify({'code': 204, 'msg': '输入参数不全,参数必须按api接口标准给定'})
def login(self, login_name, login_auth_str):
sql = 'select id, login_auth_str from app_user_2 ' \
'where login_name=%s and activated=%s'
user_data = self.query(sql, login_name, 1)
if user_data:
user_id, auth_str = (user_data[0].get('id'),
user_data[0].get('login_auth_str'))
if check_password(login_auth_str, auth_str):
# 验证成功
user_profile = self.get_profile(user_id)
if user_profile is None:
return {'user_id': user_id, 'nick_name': login_name}
return user_profile
api_logger.warn('用户 %s 的口令不正确' % login_name)
raise Exception('用户 %s 的口令不正确' % login_name)
else:
api_logger.warn('查无此用户 %s' % login_name)
raise Exception('查无此用户 %s' % login_name)
def login(self, userTel, password): #输入用户名密码
sql = 'select id, password from wklc_users ' \
'where userTel=%s'
user_data = self.query(sql, userTel) #返回用户对象
if user_data:
#得到用户id和密码
user_id, auth_str = (user_data[0].get('id'),
user_data[0].get('password'))
#验证用户名密码是否正确
print(user_id)
if check_password(password, auth_str):
# 验证成功获取详细信息
user_profile = self.get_profile(user_id)
if user_profile is None:
return {'user_id': user_id, 'userTel': userTel}
#返回用户详细信息
return user_profile
api_logger.warn('用户 %s 的口令不正确' % userTel)
raise Exception('用户 %s 的口令不正确' % userTel)
else:
api_logger.warn('查无此用户 %s' % userTel)
raise Exception('查无此用户 %s' % userTel)
def pay_order(self, user_id, order_id, pay_pwd): # 订单支付
sql1 = "select pay_pwd,balance from yl_user where id=%s" # 查询密码和余额
sql2 = "select o_price,o_status from orders where o_id=%s" # 查询订单总价,订单状态
sql3 = "update yl_user set balance=balance - %s where id=%s" # 付款
sql4 = "select o_goods_id,o_med_num from order_detail where o_order_id=%s" # 查询订单中药品id,药品数量
sql5 = "update medicine set med_stock=med_stock - %s where id=%s" # 更改药品库存
sql6 = "update orders set o_status=1 where o_id=%s" # 改变订单状态
db_pay_pwd = self.query(sql1, user_id)[0]["pay_pwd"]
balance = self.query(sql1, user_id)[0]["balance"]
o_price = self.query(sql2, order_id)[0]["o_price"]
if self.query(sql2, order_id)[0]["o_status"]:
return "订单状态有误,支付失败"
if not check_password(pay_pwd, db_pay_pwd):
return "支付密码输入错误,请重新输入"
if not o_price <= balance:
return "余额不足请充值"
self.query(sql6, order_id)
self.query(sql3, o_price, user_id)
data = self.query(sql4, order_id)
for i in data:
self.query(sql5, i["o_med_num"], i["o_goods_id"])
return {"o_status": 1}
def recharge():
req_data = None
api_logger.info(request.headers)
if request.headers['Content-Type'].startswith('application/json'):
req_data = request.get_json()
if req_data is None:
api_logger.warn('%s 请求参数未上传-json' % request.remote_addr)
return jsonify({
'code': 9000,
'msg': '请上传json数据,且参数必须按api接口标准给定'
})
api_logger.debug(req_data)
# 验证上传的必须的数据是否存在
if all((req_data.get('token', False),
req_data.get('number', False),
req_data.get('cardPassword', False))):
user_id = get_token_user_id(req_data.get('token'))
if user_id:
user = dao.query_user(user_id)
number = req_data['number']
user_card = dao.user_card(user_id)
if user_card:
card_id = user_card["card_id"]
card = dao.query_card(card_id)
cardPassword = str(req_data.get('cardPassword'))
card_pwd = card['cardPwd']
if check_password(cardPassword, card_pwd):
cardMoney =card['cardMoney']
number = float(number)
if number < cardMoney:
cardMoney=card['cardMoney']-number
dao.update_card_money(cardMoney,card_id)
zyMoney = user['zyMoney']+number
dao.update_user_zymoney(zyMoney,user_id)
return jsonify({
'code':200,
'msg':'成功充值%s'%(number)
})
else:
return jsonify({
'code':201,
'msg':'银行卡中余额不足'
})
else:
return jsonify({
'code':204,
'msg':"支付密码输入错误"
})
else:
return jsonify({
'code':203,
'msg':'用户还未绑卡'
})
else:
return jsonify({
'code':202,
'msg':'用户未登录'
})
else:
return jsonify({
'code':201,
'msg':'传入参数不有误'
})