def password():
"""修改密码"""
g.page_title = _(u'修改密码')
if request.method == 'GET':
form = AdminUsersPasswordForm()
return render_template('admin/auth/password.html.j2', form=form)
form = AdminUsersPasswordForm(request.form)
if not form.validate_on_submit():
return render_template('admin/auth/password.html.j2', form=form)
sha256_password = sha256(form.password.data.encode('utf8')).hexdigest()
admin_user = form.admin_user
admin_user.salt = randomstr(32)
admin_user.password = sha256((sha256_password+admin_user.salt).encode('utf8')).hexdigest()
db.session.commit()
return redirect(
url_for(
'admin.index.success',
title=_(u'修改密码成功'),
back_url=url_for('admin.auth.password')
)
)
def sms_template():
"""短信模版"""
g.page_title = _(u'短信模版')
form = SmsTemplateForm(CombinedMultiDict((request.files, request.form)))
ss = SysSetting.query.\
filter(SysSetting.key == 'config_sms_template').first()
data = {}
try:
data = json.loads(ss.value)
except Exception as e:
log_info("[view.admin.config] [sms_template]:%s" % e.__str__())
if request.method == 'GET':
form.fill_form(data=data)
return render_template('admin/config/sms_template.html.j2', form=form)
if not form.validate_on_submit():
return render_template('admin/config/sms_template.html.j2', form=form)
data = {
'code_tpl': form.code_tpl.data,
'order_shipping_tpl': form.order_shipping_tpl.data
}
# 配置表中没该key,先添加该key
if ss is None:
ss = SysSetting()
ss.key = 'config_sms_template'
db.session.add(ss)
ss.value = json.dumps(data)
db.session.commit()
return redirect(url_for('admin.index.success', title=_(u'设置短信模版配置成功')))
def login():
"""登陆"""
if request.method == 'GET':
return_url = request.args.get('return_url', '/admin/dashboard')
session['return_url'] = return_url
form = AdminLoginForm()
return render_template('admin/auth/login.html.j2', f=form, errmsg={})
form = AdminLoginForm(request.form)
if not form.validate_on_submit():
return render_template('admin/auth/login.html.j2', f=form, errmsg={})
account = form.account.data
password = form.password.data
als = AuthLoginService()
ret = als.login(account, password)
if not ret:
return render_template(
'admin/auth/login.html.j2',
f=form,
errmsg=als.errmsg)
# 登录成功
als.write_session(session)
# 跳转到目标url
return_url = session.get('return_url', '/admin/dashboard')
return redirect(return_url)
def weixinpay():
"""微信支付"""
g.page_title = _(u'微信支付')
form = WeixinPayForm(CombinedMultiDict((request.files, request.form)))
ss = SysSetting.query.filter(
SysSetting.key == 'config_paymethod_weixin').first()
data = {}
try:
data = json.loads(ss.value)
except Exception as e:
data = {}
if request.method == 'GET':
form.fill_form(data=data)
form.apiclient_cert.data = data.get('apiclient_cert_url', '')
form.apiclient_key.data = data.get('apiclient_key_url', '')
return render_template('admin/config/weixinpay.html.j2', form=form)
data = {
'mch_id': form.mch_id.data,
'partner_key': form.partner_key.data,
'apiclient_cert': data.get('apiclient_cert', ''),
'apiclient_key': data.get('apiclient_key', '')
}
if not form.validate_on_submit():
form.apiclient_cert.data = data.get('apiclient_cert_url', '')
form.apiclient_key.data = data.get('apiclient_key_url', '')
return render_template('admin/config/weixinpay.html.j2', form=form)
# 证书文件cert上传
if form.apiclient_cert.data:
apiclient_cert = secure_filename(form.apiclient_cert.data.filename)
uploads_path = os.path.join(os.getcwd(), 'pem')
cert_filename = os.path.join(uploads_path, apiclient_cert)
if not os.path.exists(uploads_path):
os.makedirs(uploads_path)
form.apiclient_cert.data.save(cert_filename)
data['apiclient_cert'] = cert_filename
data['apiclient_cert_url'] = '/apiclient_cert.pem'
# 证书文件key上传
if form.apiclient_key.data:
apiclient_key = secure_filename(form.apiclient_key.data.filename)
uploads_path = os.path.join(os.getcwd(), 'pem')
key_filename = os.path.join(uploads_path, apiclient_key)
if not os.path.exists(uploads_path):
os.makedirs(uploads_path)
form.apiclient_key.data.save(key_filename)
data['apiclient_key'] = key_filename
data['apiclient_key_url'] = '/apiclient_key.pem'
if ss is None:
ss = SysSetting()
ss.key = 'config_paymethod_weixin'
db.session.add(ss)
ss.value = json.dumps(data)
db.session.commit()
return redirect(url_for('admin.index.success', title=_(u'设置微信支付成功')))
def success(order_id):
"""手机站 - 支付成功"""
order = Order.query.get(order_id)
if not order:
return redirect(url_for('mobile.index.root'))
if order.order_type == 2:
return render_template('mobile/pay/recharge_success.html.j2',
order=order)
else:
return render_template('mobile/pay/success.html.j2', order=order)
def server_error(error):
endpoint = request.endpoint
if not request.is_xhr:
if (endpoint.find('mobile.') == 0):
return render_template('mobile/index/500.html.j2')
elif (endpoint.find('pc.') == 0):
return render_template('pc/index/500.html.j2')
elif (endpoint.find('admin.') == 0):
return render_template('admin/500.html.j2')
resjson = ResponseJson()
return resjson.print_json(resjson.SYSTEM_BUSY)
def sms_alisms():
"""配置阿里短信"""
g.page_title = _(u'阿里短信')
form = SmsAlismsForm()
alisms = SysSetting.query.\
filter(SysSetting.key == 'config_sms_alisms').first()
vendor = SysSetting.query.\
filter(SysSetting.key == 'sms_vendor').first()
data = {}
try:
data = json.loads(alisms.value)
except Exception as e:
log_info("[view.admin.config][sms_alisms]: %s " % e.__str__())
if request.method == "GET":
if vendor is not None:
data['is_use'] = 1 if vendor.value == 'AliSmsService' else 0
form.fill_form(data=data)
return render_template('admin/config/sms_alisms.html.j2',
form=form,
data=data)
if not form.validate_on_submit():
return render_template('admin/config/sms_alisms.html.j2',
form=form,
data=data)
data_ali = {
'access_key_id': form.access_key_id.data,
'access_key_secret': form.access_key_secret.data,
'app_name': form.app_name.data
}
if alisms is None:
alisms = SysSetting()
alisms.key = 'config_sms_alisms'
db.session.add(alisms)
alisms.value = json.dumps(data_ali)
if vendor is None:
vendor = SysSetting()
vendor.key = 'sms_vendor'
db.session.add(vendor)
if form.is_use.data:
vendor.value = 'AliSmsService'
elif vendor.value == 'AliSmsService':
vendor.value = ""
db.session.commit()
return redirect(url_for('admin.config.sms_alisms'))
def storage_alioss():
"""配置阿里存储"""
g.page_title = _(u'阿里云OSS存储')
form = StorageAliossForm()
aliyun = SysSetting.query.filter(
SysSetting.key == 'config_storage_alioss').first()
vendor = SysSetting.query.filter(
SysSetting.key == 'storage_vendor').first()
data = {}
try:
data = json.loads(aliyun.value)
except Exception as e:
log_info("[view.admin.config] [storage_alioss]:%s" % e.__str__())
if request.method == "GET":
if vendor is not None:
data['is_use'] = 1 if vendor.value == 'aliyunoss' else 0
form.fill_form(data=data)
return render_template('admin/config/storage_alioss.html.j2',
form=form,
data=data)
if not form.validate_on_submit():
return render_template('admin/config/storage_alioss.html.j2',
form=form,
data=data)
data = {
'access_key_id': form.access_key_id.data,
'access_key_secret': form.access_key_secret.data,
'bucket_name': form.bucket_name.data,
'endpoint': form.endpoint.data,
'cname': form.cname.data
}
if aliyun is None:
aliyun = SysSetting()
aliyun.key = 'config_storage_alioss'
db.session.add(aliyun)
aliyun.value = json.dumps(data)
data_vendor = 'aliyunoss' if form.is_use.data else ''
if vendor is None:
vendor = SysSetting()
vendor.key = 'storage_vendor'
db.session.add(vendor)
vendor.value = data_vendor
db.session.commit()
return redirect(url_for('admin.config.storage_alioss'))
def shipping_100():
"""快递100"""
g.page_title = _(u'快递100')
form = ShippingServiceForm()
shipping = SysSetting.query.\
filter(SysSetting.key == 'config_shipping').first()
vendor = SysSetting.query.\
filter(SysSetting.key == 'shipping_vendor').first()
data = {}
try:
data = json.loads(shipping.value)
except Exception as e:
log_info("[view.admin.config] [shipping_100]:%s" % e.__str__())
if request.method == "GET":
if vendor is not None:
data[
'is_use'] = 1 if vendor.value == 'Shipping100TrackService' else 0
form.fill_form(data=data)
return render_template('admin/config/shipping_100.html.j2',
form=form,
data=data)
if not form.validate_on_submit():
return render_template('admin/config/shipping_100.html.j2',
form=form,
data=data)
data = {'customer': form.customer.data, 'key': form.key.data}
if shipping is None:
shipping = SysSetting()
shipping.key = 'config_shipping'
db.session.add(shipping)
shipping.value = json.dumps(data)
if vendor is None:
vendor = SysSetting()
vendor.key = 'shipping_vendor'
db.session.add(vendor)
if form.is_use.data:
vendor.value = 'Shipping100TrackService'
elif vendor.value == 'Shipping100TrackService':
vendor.value = ""
db.session.commit()
return redirect(url_for('admin.config.shipping_100'))
def storage_qiniu():
"""配置七牛存储"""
g.page_title = _(u'七牛云存储')
form = StorageQiniuForm()
qiniu = SysSetting.query.filter(
SysSetting.key == 'config_storage_qiniu').first()
vendor = SysSetting.query.filter(
SysSetting.key == 'storage_vendor').first()
data = {}
try:
data = json.loads(qiniu.value)
except Exception as e:
log_info("[view.admin.config] [storage_qiniu]:%s" % e.__str__())
if request.method == "GET":
if vendor is not None:
data['is_use'] = 1 if vendor.value == 'qiniu' else 0
form.fill_form(data=data)
return render_template('admin/config/storage_qiniu.html.j2',
form=form,
data=data)
if not form.validate_on_submit():
return render_template('admin/config/storage_qiniu.html.j2',
form=form,
data=data)
data = {
'access_key': form.access_key.data,
'secret_key': form.secret_key.data,
'bucket_name': form.bucket_name.data,
'cname': form.cname.data
}
if qiniu is None:
qiniu = SysSetting()
qiniu.key = 'config_storage_qiniu'
db.session.add(qiniu)
qiniu.value = json.dumps(data)
data_vendor = 'qiniu' if form.is_use.data else ''
if vendor is None:
vendor = SysSetting()
vendor.key = 'storage_vendor'
db.session.add(vendor)
vendor.value = data_vendor
db.session.commit()
return redirect(url_for('admin.config.storage_qiniu'))
def sms_yunpian():
"""配置云片短信"""
g.page_title = _(u'云片短信')
form = SmsYunpianForm()
yunpian = SysSetting.query.filter(
SysSetting.key == 'config_sms_yunpian').first()
vendor = SysSetting.query.filter(SysSetting.key == 'sms_vendor').first()
data = {}
try:
data = json.loads(yunpian.value)
except Exception as e:
log_info("[view.admin.config][sms_yunpian]: %s " % e.__str__())
if request.method == "GET":
if vendor is not None:
data['is_use'] = 1 if vendor.value == 'YunPianSmsService' else 0
form.fill_form(data=data)
return render_template('admin/config/sms_yunpian.html.j2',
form=form,
data=data)
if not form.validate_on_submit():
return render_template('admin/config/sms_yunpian.html.j2',
form=form,
data=data)
# 设置云片信息
data_yunpian = {'ak': form.ak.data, 'app_name': form.app_name.data}
if yunpian is None:
yunpian = SysSetting()
yunpian.key = 'config_sms_yunpian'
db.session.add(yunpian)
yunpian.value = json.dumps(data_yunpian)
# 设置短信当前启用方式(云片或阿里)
if vendor is None:
vendor = SysSetting()
vendor.key = 'sms_vendor'
db.session.add(vendor)
if form.is_use.data:
vendor.value = 'YunPianSmsService'
elif vendor.value == 'YunPianSmsService':
vendor.value = ""
db.session.commit()
return redirect(url_for('admin.config.sms_yunpian'))
def weixinopen():
"""微信开放平台"""
g.page_title = _(u'微信开放平台')
form = WeixinOpenForm()
ss = SysSetting.query.filter(
SysSetting.key == 'config_weixin_open').first()
if request.method == 'GET':
try:
data = json.loads(ss.value)
except Exception as e:
data = {}
form.fill_form(data=data)
else:
data = {'appid': form.appid.data, 'secret': form.secret.data}
if form.validate_on_submit():
if ss is None:
ss = SysSetting()
ss.key = 'config_weixin_open'
db.session.add(ss)
ss.value = json.dumps(data)
db.session.commit()
return redirect(
url_for('admin.index.success', title=_(u'设置微信开放平台成功')))
return render_template('admin/config/weixinopen.html.j2', form=form)
def root():
"""手机站 - 售后服务列表"""
if not check_login():
session['weixin_login_url'] = request.url
return redirect(url_for('api.weixin.login'))
uid = get_uid()
params = request.args.to_dict()
params['uid'] = uid
_data = AfterSalesStaticMethodsService.aftersales(params)
paging_url = url_for('mobile.aftersales.paging', **request.args)
aftersales_status_text = {}
for aftersale in _data['aftersales']:
status_text, action_code = AfterSalesStaticMethodsService.aftersale_status_text_and_action_code(
aftersale)
aftersales_status_text[aftersale.aftersales_id] = status_text
data = {
'aftersales': _data['aftersales'],
'paging_url': paging_url,
'aftersales_status_text': aftersales_status_text
}
return render_template('mobile/aftersales/index.html.j2', **data)
def create():
"""添加商品"""
g.page_title = _(u'添加商品')
form = ItemForm()
return render_template('admin/item/detail.html.j2', form=form, item=None)
def category_create():
"""添加分类"""
g.page_title = _(u'添加分类')
form = CategoryForm()
return render_template('admin/item/category_detail.html.j2', form=form)
def recharge_save():
"""充值"""
admin_uid = session.get('admin_uid', None)
if not admin_uid:
return_url = request.args.get('return_url', '/admin/dashboard')
return redirect(url_for('admin.auth.login', return_url=return_url))
form = RechargeForm(request.form)
form.avatar.data = request.args.get('avatar')
if not form.validate_on_submit():
return render_template('admin/user/recharge.html.j2', form=form)
recharge_amount = Decimal(form.recharge_amount.data).quantize(
Decimal('0.00'))
remark_user = _(u'充值成功')
remark_sys = _(u'充值: 订单ID:%s, 充值方式:%s, 充值金额:%s' %
(u"无", u"管理员打款", recharge_amount))
fs = FundsService(form.uid.data, recharge_amount, 1, 2, 0, remark_user,
remark_sys, current_timestamp())
if not fs.check():
log_error(
'[ErrorServiceApiOrderPaidServicePaid][FundsServiceError01] remark_sys:%s'
% remark_sys)
return redirect(url_for('admin.user.recharge', form=form))
# 更新余额 - 充值
fs.update()
fs.commit()
return redirect(url_for('admin.user.detail', uid=form.uid.data))
def create():
"""添加优惠券"""
g.page_title = _(u'添加优惠券')
form = CouponBatchForm()
return render_template('admin/coupon/detail.html.j2', form=form)
def index():
"""商品列表页"""
args = request.args
p = toint(args.get('p', '1'))
ps = toint(args.get('ps', '10'))
cat_id = toint(args.get('cat_id', '0'))
is_hot = toint(args.get('is_hot', '0'))
is_recommend = toint(args.get('is_recommend', '0'))
service = ItemListService(
p,
ps,
cat_id=cat_id,
is_hot=is_hot,
is_recommend=is_recommend)
items = service.items()
cs = CategoryService()
cat = cs.get_category(cat_id)
return render_template(
'mobile/item/index.html.j2',
items=items,
pagination=service.pagination,
category=cat,
paging_url=url_for('mobile.item.paging', **args))
def index(page=1, page_size=20):
"""优惠券列表"""
g.page_title = _(u'优惠券')
args = request.args
tab_status = toint(args.get('tab_status', '0'))
cb_name = args.get('cb_name', '').strip()
current_time = current_timestamp()
q = CouponBatch.query
if tab_status == 1:
q = q.filter(CouponBatch.is_valid == 1).\
filter(or_(CouponBatch.begin_time == 0, CouponBatch.begin_time <= current_time)).\
filter(or_(CouponBatch.end_time == 0, CouponBatch.end_time >= current_time))
elif tab_status == 2:
q = q.filter(
and_(CouponBatch.end_time > 0,
CouponBatch.end_time < current_time))
if cb_name:
q = q.filter(CouponBatch.cb_name.like('%%%s%%' % cb_name))
batches = q.order_by(CouponBatch.cb_id.desc()).offset(
(page - 1) * page_size).limit(page_size).all()
pagination = Pagination(None, page, page_size, q.count(), None)
return render_template('admin/coupon/index.html.j2',
pagination=pagination,
batches=batches)
def index():
"""pc站 - 个人中心"""
if not check_login():
session['weixin_login_url'] = request.url
return redirect(url_for('api.weixin.login_qrcode'))
uid = get_uid()
data = MeStaticMethodsService.detail(uid)
#用户信息
user = User.query.get(uid)
# 收藏商品
q = db.session.query(Like.like_id).\
filter(Like.uid == uid).\
filter(Like.like_type == 2).\
filter(Like.ttype == 1)
collect_count = get_count(q)
wtf_form = ProfileForm()
data['user'] = user
data['collect_count'] = collect_count
data['wtf_form'] = wtf_form
return render_template('pc/me/index.html.j2', **data)
def shipping_save():
"""保存快递"""
g.page_title = _(u'保存快递')
wtf_form = ShippingForm()
shipping_id = wtf_form.shipping_id.data
shipping = Shipping.query.get_or_404(shipping_id)
if wtf_form.validate_on_submit():
shipping.shipping_amount = wtf_form.shipping_amount.data
shipping.free_limit_amount = wtf_form.free_limit_amount.data
shipping.is_enable = wtf_form.is_enable.data
shipping.is_default = wtf_form.is_default.data
shipping.sorting = wtf_form.sorting.data
if shipping.is_default == 1:
_shipping_list = Shipping.query.\
filter(Shipping.shipping_id != shipping_id).\
filter(Shipping.is_default == 1).all()
for _shipping in _shipping_list:
_shipping.is_default = 0
db.session.commit()
return redirect(url_for('admin.config.shipping_open'))
wtf_form.shipping_name.data = shipping.shipping_name
shipping = wtf_form.data
return render_template('admin/config/shipping_detail.html.j2',
form=wtf_form,
shipping=shipping)
def index():
"""手机站 - 商品评论"""
data = CommentStaticMethodsService.index_page(request.args)
data['paging_url'] = url_for('mobile.comment.paging', **request.args)
return render_template('mobile/comment/index.html.j2', **data)
def paging():
"""加载分页"""
data = CommentStaticMethodsService.comments(request.args.to_dict())
return render_template('mobile/comment/paging.html.j2',
comments=data['comments'])
def index():
"""商品列表页"""
args = request.args
p = toint(args.get('p', '1'))
ps = toint(args.get('ps', '10'))
cat_id = toint(args.get('cat_id', '0'))
is_hot = toint(args.get('is_hot', '0'))
is_recommend = toint(args.get('is_recommend', '0'))
search_key = args.get('search_key').strip()
service = ItemListService(
p,
ps,
cat_id=cat_id,
is_hot=is_hot,
is_recommend=is_recommend,
search_key=search_key)
items = service.items()
cs = CategoryService()
cat = cs.get_category(cat_id)
return render_template(
'pc/item/index.html.j2',
items=items,
pagination=service.pagination,
category=cat)
def create():
"""添加广告"""
g.page_title = _(u'添加广告')
form = AdvForm()
return render_template('admin/adv/detail.html.j2', form=form)
def deliver():
"""确认收货"""
if not check_login():
session['weixin_login_url'] = request.url
return redirect(url_for('api.weixin.login'))
uid = get_uid()
args = request.args
order_id = toint(args.get('order_id', 0))
if order_id <= 0:
return ''
ods = OrderDeliverService(order_id, uid)
try:
ods.deliver()
except OrderException as e:
msg = u'%s' % e.msg
log_error(msg)
return ''
text, code = OrderStaticMethodsService.order_status_text_and_action_code(
ods.order)
return render_template('mobile/order/order.html.j2',
order=ods.order,
text=text,
code=code)
def cancel():
"""取消订单"""
if not check_login():
session['weixin_login_url'] = request.url
return redirect(url_for('api.weixin.login'))
uid = get_uid()
args = request.args
order_id = toint(args.get('order_id', 0))
cancel_desc = args.get('cancel_desc', '').strip()
if order_id <= 0:
return ''
ocs = OrderCancelService(order_id, uid, cancel_desc)
try:
ocs.cancel()
except OrderException as e:
msg = u'%s' % e.msg
log_error(msg)
return ''
text, code = OrderStaticMethodsService.order_status_text_and_action_code(
ocs.order)
return render_template('mobile/order/order.html.j2',
order=ocs.order,
text=text,
code=code)
def edit(admin_uid):
"""编辑管理员"""
g.page_title = _(u'编辑管理员')
au = AdminUsers.query.get_or_404(admin_uid)
form = AdminUsersEditForm()
form.fill_form(au)
return render_template('admin/auth/admin_user_detail.html.j2', form=form)
def index(page=1, page_size=20):
"""评论列表"""
g.page_title = _(u'商品评价')
args = request.args
goods_id = toint(args.get('goods_id', '0'))
add_time_daterange = args.get('add_time_daterange', '').strip()
q = db.session.query(Comment.comment_id, Comment.uid, Comment.nickname, Comment.avatar,
Comment.rating, Comment.content, Comment.img_data, Comment.add_time,
Goods.goods_id, Goods.goods_name, Goods.goods_img).\
filter(Comment.tid == Goods.goods_id).\
filter(Comment.ttype == 1).\
filter(Comment.is_show == 1)
if goods_id > 0:
q = q.filter(Comment.tid == goods_id)
if add_time_daterange:
start, end = date_range(add_time_daterange)
q = q.filter(Comment.add_time >= start).filter(Comment.add_time < end)
comments = q.order_by(Comment.comment_id.desc()).offset(
(page - 1) * page_size).limit(page_size).all()
pagination = Pagination(None, page, page_size, q.count(), None)
return render_template('admin/comment/index.html.j2',
pagination=pagination,
comments=comments)
def pay(order_id):
"""支付订单"""
if not check_login():
session['weixin_login_url'] = request.url
return redirect(url_for('api.weixin.login_qrcode'))
uid = get_uid()
ret, msg, data, url = CartStaticMethodsService.pay_page(
order_id, uid, 'pc')
if not ret:
return redirect(url)
# 创建支付
ps = PayService(uid, [order_id])
if not ps.check():
return redirect(url_for('pc.order.index', msg=ps.msg))
if not ps.tran:
ps.create_tran()
tran = ps.tran
tran_id = tran.tran_id
subject = u'交易号:%d' % tran_id
nonce_str = str(tran_id)
pay_amount = Decimal(tran.pay_amount).quantize(Decimal('0.00'))*100
# 支付二维码
ns = NativeService(nonce_str, subject, tran_id,
pay_amount, request.remote_addr)
if not ns.create_qrcode():
return redirect(url_for('pc.order.index', msg=ns.msg))
data['qrcode'] = ns.qrcode
return render_template('pc/cart/pay.html.j2', **data)
def administration():
return render_template('administration.html', link_what='admlink')
def test500():
return render_template('errors/500.html')