def email_confirm(request, id, sign): """邮件确认""" if not sign: return HttpResponseForbidden() if not get_md5(settings.SECRET_KEY + str(id) + settings.SECRET_KEY).upper() == sign.upper(): return HttpResponseForbidden() oauthuser = get_object_or_404(OAuthUser, pk=id) with transaction.atomic(): if oauthuser.author: author = get_user_model().objects.get(pk=oauthuser.author_id) else: result = get_user_model().objects.get_or_create(email=oauthuser.email) author = result[0] if result[1]: author.source = 'email_confirm' author.username = oauthuser.nickname.strip() if oauthuser.nickname.strip() else 'blog' + datetime.datetime.now().strftime('%Y%m%d%H%M%S') author.save() oauthuser.author = author oauthuser.save() oauth_user_login_signal.send(sender=email_confirm.__class__, id=oauthuser.id) login(request, author) site = get_current_site().domain content = ''' <p>恭喜您,您已经成功绑定邮箱,您可以使用{type}类绵密登录本网站,欢迎您继续关注本站</p> <a href='{url}' rel='bookmark'>{url}</a> <br /> 如果上面的链接无法打开,请讲次链接复制到浏览器。 {url} '''.format(type=oauthuser.type, url='http://' + site) send_email(emailto=[oauthuser.email, ], title='恭喜您绑定成功!', content = content) url = reverse('oauth: bind_success', kwargs={'oauthid': id}) url = url + '?type=success' return HttpResponseRedirect(url)
def form_valid(self, form): email = form.cleaned_data['email'] authid = form.cleaned_data['authid'] authuser = get_object_or_404(AuthUser, pk=authid) authuser.email = email authuser.save() sign = get_md5(settings.SECRET_KEY + str(authuser.id) + settings.SECRET_KEY) site = get_current_site().domain if settings.DEBUG: site = '127.0.0.1:8000' path = reverse('auth: email_confirm', kwargs={ 'id': authid, 'sign': sign }) url = 'http://{site}{path}'.format(site=site, path=path) content = """ <a href="{url}" rel="bookmark">{url}</a> """.format(url=url) senf_email(emailto=[ email, ], title='绑定您的电子邮箱', content=content) url = reverse('auth: bindsuccess', kwargs={'authid': authid}) url = url + "?type=email" return HttpResponseRedirect(url)
def fileupload(request): """图片上传""" if request.method == 'POST': sign = request.GET.get('sign', None) if not sign: return HttpResponseForbidden() if not sign == get_md5(get_md5(settings.SECRET_KEY)): return HttpResponseForbidden() response = [] for filename in request.FILES: timestr = datetime.datetime.now().strftime('%Y%m%d') imgextensions = ['jpg', 'png', 'jpeg', 'bmp'] file_name = ''.join(str(filename)) is_image = len( [i for i in imgextensions if file_name.find(i) >= 0]) > 0 blogsetting = get_blog_setting() basepath = r'{basedir}/{type}/{timestr}'.format( basedir=blogsetting.resource_path, type='files' if not is_image else 'image', timestr=timestr) if settings.TESTING: basepath = settings.BASE_DIR + '/uploads' url = 'http://localhost/{type}/{timestr}/{filename}'.format( type='files' if not is_image else 'image', timestr=timestr, filename=filename) if not os.path.exists(basepath): os.makedirs(basepath) savepath = os.path.join(basepath, filename) with open(savepath, 'wb') as f: for chunk in request.FILES[filename].chunks(): f.write(chunk) if is_image: from PIL import Image image = Image.open(savepath) image.save(savepath, quality=20, optimize=True) response.append(url) return HttpResponse(response) else: return HttpResponse('only for post')
def handler(self): info = self.message.content if self.userinfo.isAdmin and info.upper() == "EXIT": self.userinfo = WxUserInfo() self.savesession() return '退出成功' if info.upper() == 'ADMIN': self.userinfo.isAdmin = True self.savesession() return "输入管理员密码" if self.userinfo.isAdmin and not self.userinfo.isPasswordSet: passwd = settings.WXADMIN if settings.TESTING: passwd = '123' if passwd.upper() == get_md5(get_md5(info)).upper(): self.userinfo.isPasswordSet = True self.savesession() return "验证通过,请输入命令或者要执行的命令代码:输入helpme获取帮助" else: if self.userinfo.Count >= 3: self.userinfo = WxUserInfo() self.savesession() return '超过验证次数' self.userinfo.Count += 1 self.savesession() return '验证失败,请重新输入管理员密码:' if self.userinfo.isAdmin and self.userinfo.isPasswordSet: if self.userinfo.Command != '' and info.upper() == 'Y': return cmdhandler.run(self.userinfo.Command) else: if info.upper() == 'HELPME': return cmdhandler.get_help() self.userinfo.Command = info self.savesession() return '确认执行:' + info + '命令' resp = tuling.getdata(info) return resp
def emailconfirm(request, id, sign): """ :param request: :param id: :param sign: :return: """ if not sign: return HttpResponseForbidden() if not get_md5(settings.SECRET_KEY + str(id) + settings.SECRET_KEY).upper() == sign.upper(): return HttpResponseForbidden() authuser = get_object_or_404(AuthUser, pk=id) with transaction.atomic(): if authuser.author: author = get_user_model().objects.get(pk=authuser.author_id) else: result = get_user_model().objects.get_or_create( email=authuser.email) author = result[0] if result[1]: author.source = 'emailconfirm' author.username = authuser.nickname.strip( ) if authuser.nickname.strip( ) else 'bolg' + datetime.datetime.now().strftime( '%y%m%d%H%M%S') author.save() authuser.author = author author.save() auth_user_login_signal.send(sender=emailconfirm.__class__, id=authuser.id) login(request, author) site = get_current_site().domain content = f''' <p>恭喜您, 您已经成功绑定您的邮箱,您可以使用{type}来直接免密码登录 ''' send_email(emailto=[ authuser.email, ], title='恭喜您绑定成功!', content=content) url = reverse('auth:bindsuccess', kwargs={'authid': id}) url = url + '?type=success' return HttpResponseRedirect(url)