def resetPwd():
if request.method == "GET":
return render_template_ops("user/reset_pwd.html",
{'current': 'reset-pwd'})
resp = {'code': 200, 'msg': '操作成功~', 'data': {}}
req = request.values
user_info = g.current_user
old_password = req['old_password'] if 'old_password' in req else ''
new_password = req['new_password'] if 'new_password' in req else ''
if user_info.login_pwd != UserService.getPwd(old_password,
user_info.login_salt):
resp['code'] = -1
resp['msg'] = "原密码输入错误~~"
return jsonify(resp)
if old_password is None or len(old_password) < 6:
resp['code'] = -1
resp['msg'] = "请输入符合规范的原密码~~"
return jsonify(resp)
if new_password is None or len(new_password) < 6:
resp['code'] = -1
resp['msg'] = "请输入符合规范的新密码~~"
return jsonify(resp)
if old_password == new_password:
resp['code'] = -1
resp['msg'] = "请重新输入一个吧,新密码和原密码不能相同哦~~"
return jsonify(resp)
user_info = g.current_user
# if user_info.uid == 1:
# resp['code'] = -1
# resp['msg'] = "该用户是演示账号,不准修改密码和登录用户名~~"
# return jsonify(resp)
user_info.login_pwd = UserService.getPwd(new_password,
user_info.login_salt)
db.session.add(user_info)
db.session.commit()
# 为了防止修改密码后直接退出 更新cookie
response = make_response(json.dumps(resp))
response.set_cookie(app.config['AUTH_COOKIE_NAME'], '%s#%s' %
(UserService.setAuthcode(user_info), user_info.uid),
60 * 60 * 24) # 保存1天
return response
def login():
if request.method == "GET":
if g.current_user:
return redirect(UrlManager.buildUrl("/"))
return render_template_ops("user/login.html",
{'SEO_TITLE': app.config['SEO_TITLE']})
resp = {'code': 200, 'msg': '登录成功', 'data': {}}
req = request.values
login_name = req.get("login_name", '')
login_pwd = req.get("login_pwd", '')
if not login_name or len(login_name) < 5:
resp['code'] = -1
resp['msg'] = "请输入正确的用户名"
return jsonify(resp)
if not login_pwd or len(login_pwd) < 6:
resp['code'] = -1
resp['msg'] = "请输入正确的密码"
return jsonify(resp)
user_info = User.query.filter_by(login_name=login_name).first()
if not user_info:
resp['code'] = -1
resp['msg'] = "请输入正确的用户名密码"
return jsonify(resp)
if user_info.login_pwd != UserService.getPwd(login_pwd,
user_info.login_salt):
resp['code'] = -2
resp['msg'] = "请输入正确的用户名密码"
return jsonify(resp)
if user_info.status != 1:
resp['code'] = -3
resp['msg'] = "账号被禁用"
return jsonify(resp)
response = make_response(json.dumps(resp))
# expires=time.time() + 10 设置过期时间 10s
response.set_cookie(
app.config['AUTH_COOKIE_NAME'],
"%s#%s" % (UserService.setAuthcode(user_info), user_info.uid))
return response
def set():
default_pwd = "******"
if request.method == "GET":
resp_data = {}
req = request.args
uid = int(req.get("id", 0))
info = None
if uid:
info = User.query.filter_by(uid=uid).first()
resp_data['info'] = info
return render_template_ops("account/set.html", resp_data)
resp = {'code': 200, 'msg': '操作成功~~', 'data': {}}
req = request.values
id = req['id'] if 'id' in req else 0
nickname = req['nickname'] if 'nickname' in req else ''
mobile = req['mobile'] if 'mobile' in req else ''
email = req['email'] if 'email' in req else ''
login_name = req['login_name'] if 'login_name' in req else ''
login_pwd = req['login_pwd'] if 'login_pwd' in req else ''
if nickname is None or len(nickname) < 1:
resp['code'] = -1
resp['msg'] = "请输入符合规范的姓名~~"
return jsonify(resp)
if mobile is None or len(mobile) < 1:
resp['code'] = -1
resp['msg'] = "请输入符合规范的手机号码~~"
return jsonify(resp)
if email is None or len(email) < 1:
resp['code'] = -1
resp['msg'] = "请输入符合规范的邮箱~~"
return jsonify(resp)
if login_name is None or len(login_name) < 1:
resp['code'] = -1
resp['msg'] = "请输入符合规范的登录用户名~~"
return jsonify(resp)
if login_pwd is None or len(email) < 6:
resp['code'] = -1
resp['msg'] = "请输入符合规范的登录密码~~"
return jsonify(resp)
has_in = User.query.filter(User.login_name == login_name,
User.uid != id).first()
if has_in:
resp['code'] = -1
resp['msg'] = "该登录名已存在,请换一个试试~~"
return jsonify(resp)
user_info = User.query.filter_by(uid=id).first()
if user_info:
model_user = user_info
else:
model_user = User()
model_user.created_time = getCurrentDate()
model_user.login_salt = UserService.setSalt()
model_user.nickname = nickname
model_user.mobile = mobile
model_user.email = email
model_user.login_name = login_name
if login_pwd != default_pwd:
model_user.login_pwd = UserService.getPwd(login_pwd,
model_user.login_salt)
model_user.updated_time = getCurrentDate()
db.session.add(model_user)
db.session.commit()
return jsonify(resp)
