def activate(user_id, token): """激活用户""" user = User.query.get_or_404(user_id) if token == hashlib.sha1(user.name).hexdigest(): user.is_new = False db.session.add(user) db.session.commit() signin_user(user, True) flash('账号激活成功!') return redirect(url_for('site.index')) flash('无效的激活链接') return redirect(url_for('site.index'))
def activate(user_id, token): """激活用户""" user = User.query.get_or_404(user_id) if token == hashlib.sha1(user.name).hexdigest(): user.is_new = False db.session.add(user) db.session.commit() signin_user(user, True) flash('账号激活成功!') return redirect(url_for('site.index')) flash('无效的激活链接') return redirect(url_for('site.index'))
def signin(): """通过豆瓣OAuth登陆""" # get current authed user id code = request.args.get('code') if not code: return redirect(url_for('site.index')) url = "https://www.douban.com/service/auth2/token" config = current_app.config data = { 'client_id': config.get('DOUBAN_CLIENT_ID'), 'client_secret': config.get('DOUBAN_SECRET'), 'redirect_uri': config.get('DOUBAN_REDIRECT_URI'), 'grant_type': 'authorization_code', 'code': code } headers = { 'User-Agent': 'request' } res = requests.post(url, data=data, headers=headers).json() if 'douban_user_id' not in res: return redirect(url_for('site.index')) user_id = int(res['douban_user_id']) user = User.query.get(user_id) if user: if user.is_banned: flash('账户已被禁用') return redirect(url_for('site.index')) if user.is_new: flash('账户尚未激活,请登陆邮箱激活账户') return redirect(url_for('site.index')) flash('欢迎来到西窗烛') signin_user(user, True) redirect_url = session.get('referer') or url_for('site.index') session.pop('referer') return redirect(redirect_url) # 通过加密的session传递user_id数据,防止恶意注册 session['signup_user_id'] = user_id return redirect(url_for('.signup'))
def signin(): """通过豆瓣OAuth登陆""" # get current authed user id code = request.args.get('code') if not code: return redirect(url_for('site.index')) url = "https://www.douban.com/service/auth2/token" config = current_app.config data = { 'client_id': config.get('DOUBAN_CLIENT_ID'), 'client_secret': config.get('DOUBAN_SECRET'), 'redirect_uri': config.get('DOUBAN_REDIRECT_URI'), 'grant_type': 'authorization_code', 'code': code } headers = {'User-Agent': 'request'} res = requests.post(url, data=data, headers=headers).json() if 'douban_user_id' not in res: return redirect(url_for('site.index')) user_id = int(res['douban_user_id']) user = User.query.get(user_id) if user: if user.is_banned: flash('账户已被禁用') return redirect(url_for('site.index')) if user.is_new: flash('账户尚未激活,请登陆邮箱激活账户') return redirect(url_for('site.index')) flash('欢迎来到西窗烛') signin_user(user, True) redirect_url = session.get('referer') or url_for('site.index') session.pop('referer') return redirect(redirect_url) # 通过加密的session传递user_id数据,防止恶意注册 session['signup_user_id'] = user_id return redirect(url_for('.signup'))