Exemple #1
0
    def post(self):

        username = self.validated_arguments['username']
        verify_code = self.validated_arguments['verify_code']
        new_password = self.validated_arguments['new_password']

        if is_mobile(username):
            if not self.verify_mobile(username, verify_code):
                raise ApiException(400, "验证码错误,请重新输入")

            user = User.get_or_none(mobile=username)
            if not user:
                raise ApiException(400, "手机号还没有注册")

            User.update(password=User.create_password(new_password)).where(
                User.id == user.id).execute()

        elif username.find("@") > 0:

            user = User.get_or_none(email=username)
            if not user:
                raise ApiException(400, "邮箱还没有注册")

            User.update(password=User.create_password(new_password)).where(
                User.id == user.id).execute()

        else:
            raise ApiException(400, "用户名格式有误,请填写手机号或电子邮箱")

        self.write_success()
Exemple #2
0
    def post(self):

        username = self.validated_arguments['username'].lower()
        password = self.validated_arguments['password']

        if len(username) == 0 or len(password) == 0:
            raise ApiException(400, "用户名和密码不能为空")

        fail_times_key = "yiyun:user:%s:login_fail_times" % username
        if intval(self.redis.get(fail_times_key)) >= 5:
            raise ApiException(403, "密码错误次数太多,请休息10分钟再试")

        if is_mobile(username):
            user = User.get_or_none(mobile=username)

        elif username.find('@') > 0:
            user = User.get_or_none(email=username)

        else:
            raise ApiException(400, "用户名格式不正确,请填写手机号或电子邮箱")

        if not password or not user \
                or not User.check_password(user.password, password):

            fail_times = intval(self.redis.incr(fail_times_key))
            if fail_times == 1:
                self.redis.expire(fail_times_key, 600)

            raise ApiException(403, "密码有误,如果没有设置密码请使用手机号找回密码")

        # 重试次数归零
        self.redis.delete(fail_times_key)

        if not user.is_active():
            raise ApiException(403, "你的账户不可用,无法登录")

        update = {"last_login": datetime.now()}

        if self.device_id > 0:
            update["last_device_id"] = self.device_id

        User.update(**update).where(User.id == user.id).execute()

        if user and self.device_id:
            Device.update(owner_id=user.id).where(
                Device.id == self.device_id).execute()

        self.write(self.create_session(user))
Exemple #3
0
    def __init__(self, *args, **kwargs):
        super(CreateActivityFrom, self).__init__(*args, **kwargs)

        obj = kwargs.get("obj", None)
        team = kwargs.get("team", None)

        if not isinstance(team, Team):
            raise AssertionError("must a team")

        if obj and obj.province:
            province = obj.province

        else:
            province = self.province.choices[0][0]

        if province:
            self.city.choices = ChinaCity.get_cities(province)

        leaders = team.get_members(role="leader")
        leaders.insert(0, User.get_or_none(id=team.owner_id))

        if leaders:
            self.leader.choices = [(str(user.id), user.name or user.mobile)
                                   for user in leaders]

        groups = team.groups
        if groups:
            self.allow_groups.choices = [(str(group.id), group.name)
                                         for group in groups]
Exemple #4
0
 def validate_email_existed(form):
     user = User.get_or_none(email=form.new_email.data)
     if user:
         form.new_email.errors.append('邮箱已存在')
         return False
     else:
         return True
Exemple #5
0
    def post(self):
        form = LoginVerifyCodeForm(self.arguments)

        fail = False
        if form.validate() and self.validate_verify_code(form):
            user = User.get_or_none(mobile=self.get_argument("mobile"))
            if user:
                remember_me = self.get_argument("remember", "off")

                if remember_me == "on":
                    expires_days = 30
                else:
                    expires_days = None

                self.login(user, expires_days)

                team = Team.get_or_none(owner_id=user.id)
                if team is None:
                    self.redirect(self.reverse_url("club_create"))
                    return

                if team.state == 0:
                    self.redirect(self.reverse_url("club_wait_approve"))
                    return

                if self.next_url:
                    self.redirect(self.next_url)
                else:
                    self.redirect(self.reverse_url("club_home"))

                return

            fail = True

        self.render("login-by-sms.html", form=form, fail=fail)
Exemple #6
0
    def post(self):

        email = self.validated_arguments['email']

        if email.find("@") <= 0:
            raise ApiException(400, "电子邮箱格式有误")

        user = User.get_or_none(email=email)

        if not user:
            raise ApiException(404, "你还没有注册或用户名有误")

        verify_code = self.redis.get("yiyun:email:verify_code:%s" % email)
        if not verify_code:
            verify_code = random.randint(1000, 9999)

        # 验证码两小时内有效
        self.redis.set("yiyun:email:verify_code:%s" % email, verify_code)
        self.redis.expire("yiyun:email:verify_code:%s" % email, 3600 * 24)

        # 发送验证邮件
        tasks.user.send_forgot_email.delay(user.name or email, email,
                                           verify_code)

        self.write_success()
Exemple #7
0
    def post(self):

        mobile = self.validated_arguments['mobile']
        verify_code = self.validated_arguments['verify_code']

        if not self.verify_mobile(mobile, verify_code):
            raise ApiException(400, "验证码错误,请重新输入")

        user = User.get_or_none(mobile=mobile)

        if not user:
            with self.db.transaction() as txn:
                user = User.create(
                    mobile=mobile,
                    mobile_verifyed=True,
                    reg_device_id=self.device_id,
                    last_device_id=self.device_id,
                    last_login=datetime.now(),
                )

        else:
            update = {"last_login": datetime.now()}

            if self.device_id > 0:
                update["last_device_id"] = self.device_id

            User.update(**update).where(User.id == user.id).execute()

        if user and self.device_id:
            User.update_device(user.id, self.device_id)

        self.write(self.create_session(user))
Exemple #8
0
 def have_user(cls, name: str) -> User:
     """
     检查用户是否存在,如果存在返回用户实例,否则返回None
     Args:
         name: email or mobile
     """
     if is_mobile(name):
         data = {"mobile": name}
     elif is_email(name):
         data = {"email": name}
     else:
         return None
     return User.get_or_none(**data)
    def get_current_user(self):
        user = self.get_secure_cookie("club_session")
        if not user:
            return None

        try:
            userinfo = json.loads(user.decode("utf-8"))

            if userinfo and userinfo.get("id", None):
                user = User.get_or_none(id=userinfo['id'])

                if user is not None:
                    return user
        except:
            return None
 def owner(self):
     return User.get_or_none(id=self.owner_id)