def resetPwd():
if request.method == 'GET':
return ops_render("user/reset_pwd.html",{'current':'reset-pwd'})
resp = {'code': 200, 'msg': '操作成功', 'data': {}}
req = request.values
old_password = req['old_password'] if 'old_password' in req else ''
new_password = req['new_password'] if 'new_password' in req else ''
if old_password is None or len(old_password) < 6:
resp['code'] = -1
resp['msg'] = '请输入符合规范的原密码!'
return jsonify(resp)
if new_password is None or len(new_password) < 6:
resp['code'] = -1
resp['msg'] = '请输入符合规范的新密码!'
return jsonify(resp)
if old_password == new_password :
resp['code'] = -1
resp['msg'] = '新旧密码不能相同!'
return jsonify(resp)
user_info = g.current_user
user_info.login_pwd = UserService.genePwd(new_password, user_info.login_salt)
db.session.add(user_info)
db.session.commit()
responce = make_response(json.dumps(resp))
responce.set_cookie(app.config['AUTH_COOKIE_NAME'], '%s#%s' % (UserService.geneAuthCode(user_info), user_info.uid))
return responce
def set():
default_pwd = "******"
if request.method == "GET":
resp_data = {}
req = request.args
uid = int(req.get("id", 0))
info = None
if uid:
info = User.query.filter_by(uid=uid).first()
resp_data['info'] = info
return ops_render("account/set.html", resp_data)
resp = {'code': 200, 'msg': '编辑成功', 'data': {}}
req = request.values
nickname = req['nickname'] if 'nickname' in req else ''
email = req['email'] if 'email' in req else ''
mobile = req['mobile'] if 'mobile' in req else ''
login_name = req['login_name'] if 'login_name' in req else ''
login_pwd = req['login_pwd'] if 'login_pwd' in req else ''
id = req['id'] if 'id' in req else '0'
if nickname is None or len(nickname) < 1:
resp['code'] = -1
resp['msg'] = "nickname failed"
return jsonify(resp)
if email is None or len(email) < 1:
resp['code'] = -1
resp['msg'] = "email failed"
return jsonify(resp)
has_in = User.query.filter(User.login_name == login_name,
User.uid != id).first()
if has_in:
resp['code'] = -1
resp['msg'] = "email failed"
return jsonify(resp)
user_info = User.query.filter(User.uid == id).first()
if user_info:
model_user = user_info
else:
model_user = User()
model_user.updated_time = getCurrentDate()
model_user.created_time = getCurrentDate()
if login_pwd != default_pwd:
model_user.login_salt = UserService.genSalt()
model_user.login_pwd = UserService.genePwd(login_pwd,
model_user.login_salt)
model_user.nickname = nickname
model_user.email = email
model_user.mobile = mobile
model_user.login_name = login_name
db.session.add(model_user)
db.session.commit()
return jsonify(resp)
def login():
resp = {'code': 200, 'msg': "success", "data": {}}
req = request.values
code = req['code']
app.logger.info(req)
if code == None or len(code) < 10:
resp['code'] = -1
resp['msg'] = "需要code"
app.logger.info("need code")
return jsonify(resp)
openid = UserService.getWeChatOpenId(code)
if openid == None:
resp['code'] = -1
resp['msg'] = "微信调用登录接口失败"
app.logger.info("微信调用登录接口失败")
return jsonify(resp)
user_model = Users()
resp["is_user"] = True
user_info = Users.query.filter_by(openid=openid).first()
if not user_info:
user_model.openid = openid
user_model.nickName = req['nickName']
user_model.avatarUrl = req['avatarUrl']
user_model.sex = req['gender']
user_model.createTime = user_model.updateTime = getCurrentDate()
db.session.add(user_model)
db.session.commit()
db.session.flush()
resp["is_user"] = False
user_info = Users.query.filter_by(openid=openid).first()
resp['data'] = {
'nickName': user_info.nickName,
'avatarUrl': user_info.avatarUrl,
'openid': user_info.openid
}
response = make_response(json.dumps(resp))
response.set_cookie(
"sunners",
"%s#%s" % (UserService.geneAuthCode(user_info), user_info.id))
return response
def index():
if request.method == 'GET':
return ops_render("user/login.html")
resp = {'code':'200', 'msg':'登录成功','data':{}}
req = request.values
login_name = req['login_name'] if 'login_name' in req else ''
login_pwd = req['login_pwd'] if 'login_pwd' in req else ''
#输入有效性前端js可以不判断,但是后端一定要判断,js只是给用户更好的体验
if login_name is None or len(login_name) < 1:
resp['code'] = -1
resp['msg'] = '登录失败'
return jsonify(resp)
if login_pwd is None or len(login_pwd) < 1:
resp['code'] = -1
resp['msg'] = '请输入正确的密码'
return jsonify(resp)
user_info = User.query.filter_by(login_name = login_name).first()
if not user_info :
resp['code'] = -1
resp['msg'] = "请输入正确的用户名和密码!"
return jsonify(resp)
if user_info.login_pwd != UserService.genePwd(login_pwd,user_info.login_salt):
resp['code'] = -1
resp['msg'] = "请输入正确的用户名和密码!"
return jsonify(resp)
#cookie的使用
responce = make_response(json.dumps(resp))
responce.set_cookie(app.config['AUTH_COOKIE_NAME'],'%s#%s'%(UserService.geneAuthCode(user_info),user_info.uid))
return responce
def login():
if request.method == "GET":
resp_data = {}
config = app.config['APP_MAKER']
resp_data['config'] = config
return ops_render("user/login.html", resp_data)
resp = {'code': 200, 'msg': '登录成功', 'data': {}}
#这里是获取输入的东西
req = request.values
login_name = req['login_name'] if 'login_name' in req else ''
login_pwd = req['login_pwd'] if 'login_pwd' in req else ''
#测试是否获得输入值,如果有没输入的就直接返回错误
#return "%s-%s" %(login_name,login_pwd)测试成功
if login_name is None or len(login_name) < 1:
resp['code'] = -1
resp['msg'] = "请输入正确的登录用户名"
return jsonify(resp)
if login_pwd is None or len(login_pwd) < 1:
resp['code'] = -1
resp['msg'] = "请输入正确的登录密码"
return jsonify(resp)
user_info = User.query.filter_by(login_name=login_name).first() #查询匹配的方法
#确认输入的账户是在数据库中存在的
if not user_info:
resp['code'] = -1
resp['msg'] = "请输入正确的登录用户名和密码-1"
return jsonify(resp)
#确认密码对的上账户
#这里是将数据库中的密码(这个密码就是经过MD5与秘钥进行加密过的,不可逆加密) 与 输入的密码通过数据库中的秘钥进行加密得出的密码 进行比对
#由于数据库中的密码并没有进行加密操作,所以这里的比对先直接进行明文比对
#if user_info.login_pwd != UserService.genePwd(login_pwd,user_info.login_salt):
if user_info.login_pwd != login_pwd:
resp['code'] = -1
resp['msg'] = "请输入正确的登录用户名和密码-2 "
return jsonify(resp)
response = make_response(json.dumps(resp))
response.set_cookie(app.config['AUTH_COOKIE_NAME'], '%s#%s' %
(UserService.geneAuthCode(user_info), user_info.uid),
60 * 60 * 24 * 120) #保存120天
return response
def check_login():
cookies = request.cookies
auth_cookie = cookies[app.config['AUTH_COOKIE_NAME']] if app.config[
'AUTH_COOKIE_NAME'] in cookies else None
if auth_cookie is None:
return False
auth_info = auth_cookie.split("#")
if len(auth_info) != 2:
return False
try:
user_info = User.query.filter_by(uid=auth_info[1]).first()
except Exception:
return False
if user_info is None:
return False
if auth_info[0] != UserService.geneAuthCode(user_info):
return False
return user_info
def reset_Pwd():
if request.method == "GET":
return ops_render("user/reset_pwd.html", {"current": "reset_pwd"})
resp = {'code': 200, 'msg': '操作成功', 'data': {}}
req = request.values
old_password = req['old_password'] if 'old_password' in req else ''
new_password = req['new_password'] if 'new_password' in req else ''
#参数有效性的再次判断的
if old_password is None or len(old_password) < 6:
resp['code'] = -1
resp['msg'] = "请输入符合规范的原始密码~~"
return jsonify(resp)
if new_password is None or len(new_password) < 6:
resp['code'] = -1
resp['msg'] = "请输入符合规范的新密码~~"
return jsonify(resp)
if old_password == new_password:
resp['code'] = -1
resp['msg'] = "请重新输入新密码,新密码不能和原密码相同~~"
return jsonify(resp)
user_info = g.current_user
#更改这里的时候不是简单地更改,需要使用封装的办法进行加密保存更改
#user_info.login_pwd=UserService.genePwd(new_password,user_info.login_salt)使用新密码和这个人本来加密随机字符串进行保存加密
#这里为了后面的简单比对并没有进行加密保存,需要注意
user_info.login_pwd = new_password
#数据库提交
db.session.add(user_info)
db.session.commit()
#更新cookie值
response = make_response(json.dumps(resp))
response.set_cookie(app.config['AUTH_COOKIE_NAME'], '%s#%s' %
(UserService.geneAuthCode(user_info), user_info.uid),
60 * 60 * 24 * 120) # 保存120天
return response
def checkReg():
resp = {
'code': 200,
'msg': "已登录",
}
req = request.json
code = req['code']
if code == None or len(code) < 10:
resp['code'] = -1
resp['msg'] = "code不存在"
return jsonify(resp)
openid = UserService.getWeChatOpenId(code)
if openid == None:
resp['code'] = -1
resp['msg'] = "微信调用登录接口失败"
return jsonify(resp)
user_info = Users.query.filter_by(openid=openid).first()
if user_info is None:
resp['code'] = -1
resp['msg'] = "该用户没有注册"
return jsonify(resp)
return jsonify(resp)
def set():
default_pwd = "******"
if request.method == 'GET':
resp_data = {}
req = request.args
uid = int(req.get('id',0))
user_info = None
if uid:
user_info = User.query.filter_by(uid=uid).first()
resp_data['user_info'] = user_info
return ops_render("account/set.html", resp_data)
resp ={'code':200,'msg':"操作成功",'data':{}}
req = request.values
id = req['id'] if 'id'in req else 0
nickname= req['nickname'] if 'nickname' in req else ""
mobile = req['mobile'] if 'mobile' in req else ""
email = req['email'] if 'email' in req else ""
login_name = req['login_name'] if 'login_name' in req else ""
login_pwd = req['login_pwd'] if 'login_pwd' in req else ""
if nickname is None or len(nickname)<2:
resp['code'] = -1
resp['msg'] = '请输入符合规范的姓名'
return jsonify(resp)
if mobile is None or len(mobile)<2:
resp['code'] = -1
resp['msg'] = '请输入符合规范的mobile'
return jsonify(resp)
if email is None or len(email)<2:
resp['code'] = -1
resp['msg'] = '请输入符合规范的email'
return jsonify(resp)
if login_name is None or len(login_name)<2:
resp['code'] = -1
resp['msg'] = '请输入符合规范login_name'
return jsonify(resp)
if login_pwd is None or len(login_pwd)<6:
resp['code'] = -1
resp['msg'] = '请输入符合规范的密码'
return jsonify(resp)
has_in = User.query.filter(User.login_name == login_name, User.uid!=id).first()
if has_in:
resp['code'] = -1
resp['msg'] = '登录用户名已存在!'
return jsonify(resp)
user_info = User.query.filter_by(uid=id).first()
if user_info:
#编辑
model_user = user_info
else:
#新增
model_user = User()
model_user.created_time = getCurrentDate()
model_user.login_salt = UserService.geneSalt()
model_user.nickname = nickname
model_user.mobile = mobile
model_user.email = email
model_user.login_name = login_name
if login_pwd != default_pwd:
model_user.login_pwd = UserService.genePwd(login_pwd,model_user.login_salt)
model_user.updated_time = getCurrentDate()
db.session.add(model_user)
db.session.commit()
return jsonify(resp)