def post(self, *args, **kwargs):
next = self.get_argument('next', '')
email = self.get_argument('email', None)
mobile = self.get_argument('mobile', None)
username = self.get_argument('username', None)
sex = self.get_argument('sex', None)
password = self.get_argument('password', None)
repass = self.get_argument('repass', '')
rsa_encrypt = self.get_argument('rsa_encrypt', 0)
ref_user_id = self.get_argument('ref_user_id', '')
if settings.login_pwd_rsa_encrypt and int(
rsa_encrypt) == 1 and len(password) > 10:
private_key = sys_config('sys_login_rsa_priv_key')
password = RSAEncrypter.decrypt(password, private_key)
repass = RSAEncrypter.decrypt(repass, private_key)
if not username:
return self.error('用户名不能为空')
if not password:
return self.error('密码不能为空')
if repass != password:
msg = '两次输入的密码不一致,请重新输入'
msg = "%s, %s" % (password, repass)
return self.error(msg)
count = Member.Q.filter(Member.username == username).count()
if count > 0:
return self.error('用户名已被占用')
client = 'web'
params = {
'username': username,
'password': make_password(password),
'status': 1,
'avatar': 'image/default_avatar.jpg',
'register_ip': self.request.remote_ip,
'register_client': client,
}
if email:
params['email'] = email
count = Member.Q.filter(Member.email == email).count()
if count > 0:
return self.error('Email已被占用')
if mobile:
params['mobile'] = mobile
count = Member.Q.filter(User.mobile == mobile).count()
if count > 0:
return self.error('电话号码已被占用')
if sex:
params['sex'] = sex
if ref_user_id:
params['ref_user_id'] = ref_user_id
member = Member.register(params)
Member.login_success(member, self, client=client)
return self.success(next=next)
def post(self, *args, **kwargs):
id = self.get_argument('id', None)
params = self.params()
params['status'] = params.get('status', 0)
if not id:
return self.error('用户ID不能为空')
username = params.get('username', None)
if username:
count = Member.Q.filter(Member.id != id).filter(
Member.username == username).count()
if count > 0:
return self.error('用户名已被占用')
mobile = params.get('mobile', None)
params.pop('mobile', None)
if mobile:
params['mobile'] = mobile
if Func.is_mobile(mobile):
count = Member.Q.filter(Member.id != id).filter(
Member.mobile == mobile).count()
if count > 0:
return self.error('电话号码已被占用')
email = params.get('email', None)
params.pop('email', None)
if email:
params['email'] = email
if Func.is_email(email):
count = Member.Q.filter(Member.id != id).filter(
Member.email == email).count()
if count > 0:
return self.error('Email已被占用')
password = params.get('password', None)
params.pop('password', None)
if password:
rsa_encrypt = params.get('rsa_encrypt', 0)
if settings.login_pwd_rsa_encrypt and int(
rsa_encrypt) == 1 and len(password) > 10:
private_key = sys_config('sys_login_rsa_priv_key')
# print('password: '******'password'] = make_password(password)
params.pop('_xsrf', None)
params.pop('rsa_encrypt', None)
Member.Q.filter(Member.id == id).update(params)
Member.session.commit()
# update member cache info
member = Member.Q.filter(Member.id == id).first()
cache_key = member.cache_info(self)
return self.success(data=params)
def post(self, *args, **kwargs):
role_id = self.get_argument('role_id', None)
uuid = self.get_argument('uuid', None)
username = self.get_argument('username', None)
password = self.get_argument('password', None)
rsa_encrypt = self.get_argument('rsa_encrypt', 0)
email = self.get_argument('email', None)
mobile = self.get_argument('mobile', None)
status = self.get_argument('status', 0)
permission = self.get_body_arguments('permission[]')
email = None if email == 'None' else email
mobile = None if mobile == 'None' else mobile
if not uuid:
return self.error('用户ID不能为空')
user = {
'status': status,
}
if username:
user['username'] = username
count = User.Q.filter(User.uuid != uuid).filter(
User.username == username).count()
if count > 0:
return self.error('用户名已被占用')
if password:
if settings.login_pwd_rsa_encrypt and int(
rsa_encrypt) == 1 and len(password) > 10:
private_key = sys_config('sys_login_rsa_priv_key')
password = RSAEncrypter.decrypt(password, private_key)
user['password'] = make_password(password)
if mobile:
user['mobile'] = mobile
count = User.Q.filter(User.uuid != uuid).filter(
User.mobile == mobile).count()
if count > 0:
return self.error('电话号码已被占用')
if email:
user['email'] = email
count = User.Q.filter(User.uuid != uuid).filter(
User.email == email).count()
if count > 0:
return self.error('Email已被占用')
if permission:
user['permission'] = json.dumps(permission)
if role_id:
user['role_id'] = role_id
User.Q.filter(User.uuid == uuid).update(user)
User.session.commit()
return self.success(data=user)
def post(self, *args, **kwargs):
role_id = self.get_argument('role_id', None)
username = self.get_argument('username', None)
password = self.get_argument('password', None)
rsa_encrypt = self.get_argument('rsa_encrypt', None)
email = self.get_argument('email', None)
mobile = self.get_argument('mobile', None)
status = self.get_argument('status', 1)
permission = self.get_body_arguments('permission')
role_id = int(role_id)
if not username:
return self.error('用户名不能为空')
if not password:
return self.error('密码不能为空')
if username:
count = User.Q.filter(User.username == username).count()
if count > 0:
return self.error('用户名已被占用')
if settings.login_pwd_rsa_encrypt and int(
rsa_encrypt) == 1 and len(password) > 10:
private_key = sys_config('sys_login_rsa_priv_key')
password = RSAEncrypter.decrypt(password, private_key)
params = {
'username': username,
'password': make_password(password),
'status': status,
}
if role_id:
params['role_id'] = role_id
if mobile:
params['mobile'] = mobile
count = User.Q.filter(User.mobile == mobile).count()
if count > 0:
return self.error('电话号码已被占用')
if email:
params['email'] = email
count = User.Q.filter(User.email == email).count()
if count > 0:
return self.error('Email已被占用')
user = User(**params)
User.session.add(user)
User.session.commit()
return self.success()
def post(self, *args, **kwargs):
"""重置密码
"""
user_id = self.current_user.get('id')
next = self.get_argument('next', '')
nowpass = self.get_argument('nowpass', None)
password = self.get_argument('password', None)
repass = self.get_argument('repass', '')
rsa_encrypt = self.get_argument('rsa_encrypt', 0)
if settings.login_pwd_rsa_encrypt and int(
rsa_encrypt) == 1 and len(password) > 10:
private_key = sys_config('sys_login_rsa_priv_key')
nowpass = RSAEncrypter.decrypt(nowpass, private_key)
password = RSAEncrypter.decrypt(password, private_key)
repass = RSAEncrypter.decrypt(repass, private_key)
if not nowpass:
return self.error('当前密码不能够为空')
if not password:
return self.error('新密码不能为空')
if repass != password:
msg = '两次输入的密码不一致,请重新输入'
msg = "%s, %s" % (password, repass)
return self.error(msg)
member = Member.Q.filter(Member.id == user_id).first()
if int(member.status) == 0:
return self.error('用户被“禁用”,请联系客服')
if check_password(nowpass, member.password) is not True:
return self.error('当前密码错误')
params = {
'password': make_password(password),
'status': 1,
}
Member.Q.filter(Member.id == user_id).update(params)
Member.session.commit()
return self.success(next=next)
def post(self, *args, **kwargs):
params = self.params()
params['status'] = params.get('status', 0)
if not params.get('username', None):
return self.error('用户名不能为空')
if not params.get('password', None):
return self.error('密码不能为空')
count = Member.Q.filter(Member.username == params['username']).count()
if count > 0:
return self.error('用户名已被占用')
if Func.is_mobile(params.get('mobile', '')):
count = Member.Q.filter(Member.mobile == params['mobile']).count()
if count > 0:
return self.error('电话号码已被占用', data=params)
if Func.is_email(params.get('email', '')):
count = Member.Q.filter(Member.email == params['email']).count()
if count > 0:
return self.error('Email已被占用')
password = params.get('password')
rsa_encrypt = params.get('rsa_encrypt', 0)
if settings.login_pwd_rsa_encrypt and int(
rsa_encrypt) == 1 and len(password) > 10:
private_key = sys_config('sys_login_rsa_priv_key')
password = RSAEncrypter.decrypt(password, private_key)
params['password'] = make_password(password)
params.pop('_xsrf', None)
params.pop('rsa_encrypt', None)
params['uuid'] = Func.uuid32()
member = Member(**params)
Member.session.add(member)
Member.session.commit()
return self.success(data=member.as_dict())
def post(self, *args, **kwargs):
username = self.get_argument('username', None)
password = self.get_argument('password', None)
rsa_encrypt = self.get_argument('rsa_encrypt', 0)
email = self.get_argument('email', None)
mobile = self.get_argument('mobile', None)
uuid = self.current_user.get('uuid', None)
user = {}
if username:
user['username'] = username
count = Member.Q.filter(Member.uuid != uuid).filter(
Member.username == username).count()
if count > 0:
return self.error('用户名已被占用')
if password:
if settings.login_pwd_rsa_encrypt and int(
rsa_encrypt) == 1 and len(password) > 10:
private_key = sys_config('sys_login_rsa_priv_key')
password = RSAEncrypter.decrypt(password, private_key)
user['password'] = make_password(password)
if mobile:
user['mobile'] = mobile
count = Member.Q.filter(Member.uuid != uuid).filter(
Member.mobile == mobile).count()
if count > 0:
return self.error('电话号码已被占用')
if email:
user['email'] = email
count = Member.Q.filter(Member.uuid != uuid).filter(
Member.email == email).count()
if count > 0:
return self.error('Email已被占用')
Member.Q.filter(Member.uuid == uuid).update(user)
Member.session.commit()
return self.success(data=user)
def post(self, *args, **kwargs):
"""重置密码
"""
token = self.get_argument('token', None)
next = self.get_argument('next', '')
password = self.get_argument('password', None)
repass = self.get_argument('repass', '')
rsa_encrypt = self.get_argument('rsa_encrypt', 0)
code = self.get_argument('code', '')
_ = self.locale.translate
if self.invalid_img_captcha(code):
return self.error(_('验证码错误'))
token2 = self.get_secure_cookie(settings.token_key)
if not (token and token2):
return self.error('Token不存在或已经过期')
token2 = str(token2, encoding='utf-8')
token2 = token2.replace('\'', '"')
token2 = json_decode(token2)
action = token2.get('action', '')
account = token2.get('account', '')
# print('token2 ', token2.get('token', ''), token)
if token2.get('token', '') != token:
return self.error('Token不匹配')
if not password:
return self.error('新密码不能为空')
if settings.login_pwd_rsa_encrypt and int(
rsa_encrypt) == 1 and len(password) > 10:
private_key = sys_config('sys_login_rsa_priv_key')
password = RSAEncrypter.decrypt(password, private_key)
repass = RSAEncrypter.decrypt(repass, private_key)
if repass != password:
msg = '两次输入的密码不一致,请重新输入'
msg = "%s, %s" % (password, repass)
return self.error(msg)
member = None
if action == 'email_reset_pwd':
member = Member.Q.filter(Member.email == account).first()
else:
return self.error('不支持的action')
if member is None:
return self.error('用户不存在')
if int(member.status) == 0:
return self.error('用户被“禁用”,请联系客服')
user_id = member.id
params = {
'password': make_password(password),
}
Member.Q.filter(Member.id == user_id).update(params)
Member.session.commit()
params = {
'user_id': user_id,
'account': account,
'action': 'email_reset_pwd',
'ip': self.request.remote_ip,
'client': 'web',
}
MemberOperationLog.add_log(params)
self.clear_cookie(settings.token_key)
return self.success(next=next)