Exemple #1
0
def add_user():
    data = request.get_json()
    username = data.get("username")
    password = data.get("password")
    permission_dict = data.get("permission_dict")
    data = {}
    if username and password and permission_dict:
        current_user = session.get("user")
        if current_user != "root":
            data["result"] = "fail"
            data["errorinfo"] = "没有权限"
        else:
            password_md5_str = utils.get_md5(password)
            result = dao.save_user(username, password_md5_str)
            if result == 1:
                u_id = dao.get_id_by_username(username)
                if u_id:
                    total_num = len(permission_dict)
                    for k, v in permission_dict.items():
                        total_num -= dao.sava_permission(u_id, int(k), v)
                    if total_num != 0:
                        data["result"] = "fail"
                        data["errorinfo"] = "添加用户成功,但在添加权限时失败,请在修改权限页面重新添加权限"
                    else:
                        data["result"] = "success"
                else:
                    abort(500)
            else:
                data["result"] = "fail"
                data["errorinfo"] = "写入数据库时失败"
    else:
        data["result"] = "fail"
        data["errorinfo"] = "提交的信息不完整"
    return jsonify(data)
Exemple #2
0
def login(request):
    if request.session.get('is_login', None):
        #如果已经登录,则直接跳转到首页
        return redirect("/%s/index/" % MyappConfig.name)

    if request.method == 'POST':
        login_form = forms.UserForm(request.POST)
        message = "请检查填写的内容!"
        if login_form.is_valid():
            username = login_form.cleaned_data['username']
            password = login_form.cleaned_data['password']
            try:
                user = User.objects.get(name=username)
                if user.password == get_md5(password):
                    request.session['is_login'] = True
                    request.session['user_id'] = user.id
                    request.session['user_name'] = user.name
                    return redirect("/%s/index/" % MyappConfig.name)  #重定向到首页
                else:
                    message = "密码不正确!"
            except:
                message = "用户不存在!"
    login_form = forms.UserForm()
    return render(request=request,
                  template_name="login.html",
                  context=locals())
Exemple #3
0
def change_password():
    username = request.form.get("username")
    password = request.form.get("password")
    new_password = request.form.get("new_password")
    data = {}
    if username and password and new_password:
        current_user = session.get("user")
        if current_user != "root" and current_user != username:
            data["result"] = "fail"
            data["errorinfo"] = "没有权限"
        else:
            if current_user != "root":
                md5_str = dao.get_password(username)
                new_md5_str = utils.get_md5(new_password)
                if not md5_str:
                    data["result"] = "fail"
                    data["errorinfo"] = "此用户不存在"
                elif not utils.check_password(password, md5_str):
                    data["result"] = "fail"
                    data["errorinfo"] = "密码错误"
                elif md5_str == new_md5_str:
                    data["result"] = "fail"
                    data["errorinfo"] = "密码与原先一致"
                else:
                    result = dao.update_password(username, new_md5_str)
                    if result == 1:
                        data["result"] = "success"
                    else:
                        data["result"] = "fail"
                        data["errorinfo"] = "修改未成功"
            else:
                md5_str = dao.get_password(username)
                new_md5_str = utils.get_md5(new_password)
                if not md5_str:
                    data["result"] = "fail"
                    data["errorinfo"] = "此用户不存在"
                else:
                    result = dao.update_password(username, new_md5_str)
                    if result == 1:
                        data["result"] = "success"
                    else:
                        data["result"] = "fail"
                        data["errorinfo"] = "修改未成功"
    else:
        data["result"] = "fail"
        data["errorinfo"] = "用户名或密码不能为空"
    return jsonify(data)
Exemple #4
0
def register(request):
    #首先判断当前用户是否是登录状态,如果是登录状态跳转到首页
    if request.session.get('is_login', None):
        return redirect("/%s/index/" % MyappConfig.name)

    if request.method == 'POST':
        register_form = forms.RegisterForm(request.POST)
        message = "请检查填写的内容"
        if register_form.is_valid():
            # other = register_form.cleaned_data['other']
            # print(other)
            username = register_form.cleaned_data['username']
            password1 = register_form.cleaned_data['password1']
            password2 = register_form.cleaned_data['password2']
            email = register_form.cleaned_data['email']
            sex = register_form.cleaned_data['sex']
            if password1 == password2:
                sample_name_user = User.objects.filter(name=username)
                print(type(sample_name_user))
                if not sample_name_user:
                    sample_email_user = User.objects.filter(email=email)
                    if not sample_email_user:
                        new_user = User.objects.create()
                        new_user.name = username
                        new_user.password = get_md5(password1)
                        new_user.email = email
                        new_user.sex = sex
                        new_user.save()

                        code = make_confirm_string(new_user)  #创建确认码
                        send_email(email, code)
                        message = '请前往注册邮箱,进行邮件确认!'
                        app_name = MyappConfig.name
                        return render(request=request,
                                      template_name="confirm.html",
                                      context=locals())
                    else:
                        message = '该邮箱地址已被注册,请使用别的邮箱!'
                else:
                    message = "用户已存在,请重新输入用户名"
            else:
                message = "用户名密码不一致"
    register_form = forms.RegisterForm()
    return render(request=request,
                  template_name="register.html",
                  context=locals())
Exemple #5
0
def make_confirm_string(user):
    now = datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S')
    code = get_md5(user.name, now)

    ConfirmString.objects.create(code=code, user=user)
    return code