def api_platform_user_create():
levels = UserLevel.queryall_ordereddict()
if request.method == 'GET':
return render_template('platform/user_create.html', levels=levels, form={})
else:
form = {
'name': request.values.get('name'),
'phone': request.values.get('phone'),
'note': request.values.get('note'),
}
try:
# 检查手机号合法性
int(form.get('phone'))
if len(form.get('phone')) != 11 or int(form.get('phone')[0]) != 1:
raise RuntimeError('手机号不合法')
except:
return render_template('platform/user_create.html', form=form, msg='手机号格式不正确,手机号格式需为11位数字!')
# 检查是否存在
ta = ThirdAccount(thirdtype=ThirdAccountType.phone, thirdid=form.get('phone'))
if ta.exists:
return render_template('platform/user_create.html', form=form, levels=levels, msg='该手机号已经有会员在使用!')
# 注册用户
user = User.signup(config.appids[0], 'console', ThirdAccountType.phone, ta.thirdid)
user.name = form.get('name')
user.note = form.get('note')
user.save()
return render_template('platform/user_create.html', form=form, msg='会员创建成功')
def api_user_login():
if request.method != 'POST':
# 进入登录界面
return render_template('user/login.html',
_from=request.values.get('_from') or 'login')
else:
# 验证表单
phone = request.form.get('phone')
token = request.form.get('token')
if not all([phone, token]):
return render_template('user/login.html',
message={'alert': '输入错误,请重新登录!'})
ta = ThirdAccount(thirdtype=ThirdAccountType.phone, thirdid=phone)
if not ta.exists:
return render_template('user/login.html',
message={'alert': '该账户不存在!'})
usertoken = UserToken(uid=ta.uid, appid=config.appids[0])
if usertoken.token != token:
return render_template('user/login.html',
message={'alert': '输入错误,请重新登录!'})
# 巴迪家族平台所有运营环境以手机号作为session单点登录连接信息
session['phone'] = phone
access_url = session.pop('access_url', None)
if access_url:
return redirect(access_url)
return redirect('/%s/platform/index' % config.appname)
def api_user_login_token_get_ajax():
'''获取用于登录的验证码'''
phone = request.values.get('phone')
smscode = request.values.get('smscode')
if not all([phone, len(phone) == 11, smscode]):
return apphelper.format_response(
meta={
'code': 400,
'message': BadRequest.__name__,
'description': u'请输入正确的手机号和验证码!'
})
# 验证码检验
sc = SmsCode(phone=phone)
if phone not in userconfig.whitelist and not sc.verify_smscode(
smscode, seconds=300):
return apphelper.format_response(
meta={
'code': 400,
'message': SmsCodeError.__name__,
'description': u'请输入正确的验证码!'
})
ta = ThirdAccount(thirdtype=ThirdAccountType.phone, thirdid=phone)
if not ta.exists or ta.uid is None:
return apphelper.format_response(meta={
'code': 400,
'message': NotFound.__name__,
'description': u'该账号不存在!'
})
usertoken = UserToken(uid=ta.uid, appid=config.appids[0])
return apphelper.format_ok_response(data={'token': usertoken.token})
def api_ajax_thirdaccount_unbind():
'''ajax异步查询用户信息'''
thirdtype = request.values.get('thirdtype')
target_uid = request.values.get('target_uid')
user = User(uid=target_uid)
thirdid = user.third_accounts.get(thirdtype)
td = ThirdAccount(thirdtype=thirdtype, thirdid=thirdid)
thirdinfo = td.thirdinfo
user.unbind(thirdtype)
userRds = UserRDS(uid=target_uid)
userRds.is_subscribe_miniapp = 'false'
userRds.save()
return apphelper.format_ok_response()
def before_app_request():
if request.endpoint and 'static' in request.endpoint:
return
if request.endpoint and request.endpoint.split('.')[-1] in ['favicon']:
return
# #############通用登录检查代码##############
# 登录成功后,session中必有phone,单点登录成功用户的身份识别使用phone。
phone = session.get('phone', None)
if not phone:
# 没有登录或者session已经过期
# session['access_url'] = request.url
# return redirect('%s://%s/bbsconsole/user/login' % (config.scheme, config.domain))
return
# 找到登录的用户
ta = ThirdAccount(thirdtype=ThirdAccountType.phone, thirdid=phone)
if not ta.exists:
raise BadRequest(description='用户不存在!')
# 如果不为职工,则不允许登录
staff = Staff(uid=ta.uid)
if not staff.exists:
raise BadRequest(description='您不在职工列表内!')
g.user = User(uid=ta.uid)
session['user'] = g.user.to_dict()
session['power'] = []
urls = []
staff = Staff(uid=g.user.uid)
if staff.exists:
roleids = staff.roleids
if roleids:
roles = StaffRole.query(roleid=roleids)
for r in roles:
l = r.to_dict().get('permission_urls') if r.to_dict().get(
'permission_urls') else []
urls.extend(l)
session['power'] = '|'.join(list(set(urls)))
# 拒绝url直接访问
if str(request.path) in Blueprint.get_allmenu_urls() and str(
request.path) not in list(set(urls)):
raise BadRequest(description='无权限访问!')
def api_platform_user_custom_create():
if request.method == 'GET':
return render_template('platform/user_custom_create.html', form={})
else:
form = {
'userid': request.values.get('userid'),
'name': request.values.get('name'),
'avatar': request.values.get('avatar')
}
bool_userid = re.match(r"^[a-zA-Z0-9]*[a-zA-Z0-9]*$", form.get('userid')) and True or False
# 检查是否只是数字与字母组合
if not bool_userid:
return render_template('platform/user_custom_create.html', form=form, msg='自定义账号只能是数字与字母组合!')
# 检查是否存在
ta = ThirdAccount(thirdtype=ThirdAccountType.userid, thirdid=form.get('userid'))
if ta.exists:
return render_template('platform/user_custom_create.html', form=form, msg='该账号已经有用户在使用!')
# # 注册用户
user = User.signup(config.appids[0], 'console', ThirdAccountType.userid, ta.thirdid)
user.name = form.get('name')
user.avatar = form.get('avatar')
user.save()
# qiyehao_message.send_text('【用户管理】\n\n运营平台自定义用户创建成功!\n\n账号:%s\n姓名:%s\n用户ID:%s\n' % (ta.thirdid, user.name, user.uid))
return redirect('/%s/platform/user/update?target_uid=%s&msg=%s' % (config.appname, user.uid, u'创建成功!'))
def api_platform_user_update():
# 获取登录入口
entry = request.values.get('entry')
uid = request.values.get('target_uid')
target_user = User(uid=uid)
if not target_user.exists:
raise BadRequest(description='用户不存在!')
if request.method == 'GET':
return render_template('%s/user_update.html' % ('user' if entry=='mine' else 'platform'), form={}, user=target_user.to_dict(), third_accounts=target_user.third_accounts_detail, msg=request.values.get('msg') or '')
else:
form = {
'name': request.values.get('name'),
'phone': request.values.get('phone'),
'weixinid': request.values.get('weixinid'),
'inviteruid': request.values.get('inviter_uid'),
'levelid': request.values.get('levelid'),
'note': request.values.get('note'),
'birthday': request.values.get('birthday')
}
# 先处理子账户删除和绑定逻辑
for thirdtype in ThirdAccountType:
thirdid = target_user.third_accounts.get(thirdtype)
if thirdtype not in form or thirdid == form.get(thirdtype):
# 没变
continue
# 处理变了的逻辑
thirdid = form.get(thirdtype)
if not thirdid and userconfig.signup_account_type == thirdtype:
return render_template('%s/user_update.html' % ('user' if entry=='mine' else 'platform'), form=form, user=target_user.to_dict(), levels=levels, third_accounts=target_user.third_accounts_detail, msg='主账户不允许被删除!可以修改,不能删除!')
if not thirdid:
# 删除该子账户
target_user.unbind(thirdtype)
# qiyehao_message.send_text('【用户管理】\n\n删除%s%s成功!\n\n手机:%s\n姓名:%s\n昵称:%s\n级别:%s\n用户ID:%s\n微信号:%s' % (ThirdAccountType.name(thirdtype), thirdid, target_user.phone, target_user.name, target_user.nickname, target_user.level.get('name') or '', target_user.uid, target_user.weixinid))
else:
# 修改该子账户
# 检查手机号合法性
if thirdtype == ThirdAccountType.phone:
try:
int(thirdid)
if len(thirdid) != 11 or int(thirdid[0]) != 1:
raise RuntimeError('手机号不合法')
except:
return render_template('%s/user_update.html' % ('user' if entry=='mine' else 'platform'), form=form, user=target_user.to_dict(), levels=levels, third_accounts=target_user.third_accounts_detail, msg='手机号格式不正确,手机号格式需为11位数字!')
# 检查是否存在
ta = ThirdAccount(thirdtype=thirdtype, thirdid=thirdid)
if ta.exists:
return render_template('%s/user_update.html' % ('user' if entry=='mine' else 'platform'), form=form, user=target_user.to_dict(), third_accounts=target_user.third_accounts_detail, msg='指定%s已经有用户在使用,请更换!' % ThirdAccountType.name(thirdtype))
target_user.unbind(thirdtype)
target_user.bind(thirdtype, thirdid)
# qiyehao_message.send_text('【用户管理】\n\n绑定%s%s成功!\n\n手机:%s\n姓名:%s\n昵称:%s\n级别:%s\n用户ID:%s\n微信号:%s' % (ThirdAccountType.name(thirdtype), thirdid, target_user.phone, target_user.name, target_user.nickname, target_user.level.get('name') or '', target_user.uid, target_user.weixinid))
# 基本信息修改
target_user.name = form.get('name')
target_user.weixinid = form.get('weixinid')
target_user.note = form.get('note')
oldlevelid = target_user.levelid
target_user.levelid = form.get('levelid')
target_user.birthday = form.get('birthday')
target_user.save()
# qiyehao_message.send_text('【用户管理】\n\n修改成功!\n\n手机:%s\n姓名:%s\n昵称:%s\n级别:%s\n用户ID:%s\n微信号:%s\n邀请人:%s' % (target_user.phone, target_user.name, target_user.nickname, target_user.level.get('name') or '', target_user.uid, target_user.weixinid, (inviter.name or inviter.nickname)))
if oldlevelid != form.get('levelid'):
__usersignal__.send(__usersignal__.levelupdate, target_user)
return redirect('/%s/platform/user/update?entry=%s&target_uid=%s&msg=%s' % (config.appname, entry or '', target_user.uid, u'保存成功!'))
def api_platform_user_upload():
if request.method == 'POST':
file = request.files['file']
f = file.read()
data = xlrd.open_workbook(file_contents=f)
table = data.sheets()[0]
names = data.sheet_names() # 返回book中所有工作表的名字
status = data.sheet_loaded(names[0]) # 检查sheet1是否导入完毕
nrows = table.nrows # 获取该sheet中的有效行数
# ncols = table.ncols # 获取该sheet中的有效列数
phone_update_line = ''
phone_error_line = ''
for index in range(1, nrows, 1):
# ["姓名", "手机号", "会员编号及份数"]
u = table.row_values(index) # 第i行数据
# 检查手机号合法性
try:
phone = str(int(u[1]))
except:
phone_error_line = phone_error_line + str(index) + ','
continue
ret = re.match(r'^1[356789][0-9]{9}$', phone)
if not ret:
phone_error_line = phone_error_line + str(index)+','
continue
ta = ThirdAccount(thirdtype=ThirdAccountType.phone, thirdid=phone)
# 判断用户是否存在
if ta.exists:
#用户已存在,更改会员信息
user = UserRDS.query(phone=ta.thirdid)
user[0].name = u[0]
user[0].save()
# 更新会员 会员格式VIP1-12|VIP2-12
vips = u[2].split('|')
phone_update_line = phone_update_line + str(index) + ','
for v in vips:
card_num = v.split('-')[0]
remain = v.split('-')[1]
card = VipCard.query(card_num=card_num)
if len(card) < 1:
continue
vip = JiameiVip.query(uid=user[0].uid, cardid=card[0].cardid)
if len(vip) < 1:
#之前未创建会员
vip = JiameiVip(vipid=utils.uuid1())
else:
vip = vip[0]
vip.cardid = card[0].cardid
vip.uid = user[0].uid
vip.remain = remain
vip.save()
# 创建会员并开通相关会员权益
# 注册用户
else:
user = User.signup(config.appids[0], 'console', ThirdAccountType.phone, ta.thirdid)
user.name = u[0]
user.save()
# 开通会员 会员格式VIP1-12|VIP2-12
vips = u[2].split('|')
for v in vips:
card_num = v.split('-')[0]
remain = v.split('-')[1]
card = VipCard.query(card_num=card_num)
if len(card) < 1:
continue
vip = JiameiVip(vipid=utils.uuid1())
vip.cardid = card[0].cardid
vip.uid = user.uid
vip.remain = remain
vip.save()
return render_template('platform/user_upload.html', message='会员创建成功', phone_update_line=phone_update_line, phone_error_line=phone_error_line)
return render_template('platform/user_upload.html')