def login():
user_form = forms.LoginForm()
if user_form.is_submitted():
if not user_form.validate():
return jsonify(
models.R.fail(code_msg.PARAM_ERROR.get_msg(),
str(user_form.errors)))
utils.verify_num(user_form.vercode.data)
user = mongo.db.users.find_one({'email': user_form.email.data})
if not user:
return jsonify(code_msg.USER_NOT_EXIST)
if not models.User.validate_login(user['password'],
user_form.password.data):
raise models.GlobalApiException(code_msg.PASSWORD_ERROR)
if not user.get('is_active', False):
return jsonify(code_msg.USER_UN_ACTIVE)
if user.get('is_disabled', False):
return jsonify(code_msg.USER_DISABLED)
login_user(models.User(user))
action = request.values.get('next')
if not action:
action = url_for('index.index')
return jsonify(code_msg.LOGIN_SUCCESS.put('action', action))
logout_user()
ver_code = utils.gen_verify_num()
# session['ver_code'] = ver_code['answer']
return render_template('user/login.html',
ver_code=ver_code['question'],
form=user_form,
title='登录')
def user_repass():
if 'email' in request.values:
# email = request.values.get('email')
# ver_code = request.values.get('ver_code')
# code = request.values.get('code')
# password = request.values.get('password')
# repassword = request.values.get('repassword')
pwd_form = forms.ForgetPasswordForm()
if not pwd_form.validate():
return jsonify(
models.R.fail(code_msg.PARAM_ERROR.get_msg(),
str(pwd_form.errors)))
email = pwd_form.email.data
ver_code = pwd_form.vercode.data
code = pwd_form.code.data
password = pwd_form.password.data
# 验证码校验
utils.verify_num(ver_code)
# 查询、删除邮箱激活码
active_code = mongo.db.active_codes.find_one_or_404(
{'_id': ObjectId(code)})
mongo.db.active_codes.delete_one({'_id': ObjectId(code)})
# 更新用户密码
user = mongo.db.users.update(
{
'_id': active_code['user_id'],
'email': email
}, {'$set': {
'password': generate_password_hash(password)
}})
# print(user)
if user['nModified'] == 0:
return jsonify(
code_msg.CHANGE_PWD_FAIL.put('action', url_for('user.login')))
return jsonify(
code_msg.CHANGE_PWD_SUCCESS.put('action', url_for('user.login')))
# return redirect(url_for('user.login'))
if not current_user.is_authenticated:
return redirect(url_for('user.login'))
# nowpassword = request.values.get('nowpassword')
# password = request.values.get('password')
# repassword = request.values.get('repassword')
pwd_form = forms.ChangePassWordForm()
if not pwd_form.validate():
return jsonify(
models.R.fail(code_msg.PARAM_ERROR.get_msg(),
str(pwd_form.errors)))
nowpassword = pwd_form.nowpassword.data
# print(nowpassword)
password = pwd_form.password.data
user = current_user.user
if not models.User.validate_login(user['password'], nowpassword):
raise models.GlobalApiException(code_msg.PASSWORD_ERROR)
mongo.db.users.update(
{'_id': user['_id']},
{'$set': {
'password': generate_password_hash(password)
}})
return jsonify(models.R.ok())
def add(post_id=None):
posts_form = forms.PostsForm()
if posts_form.is_submitted():
if not posts_form.validate():
return jsonify(models.BaseResult(1, str(posts_form.errors)))
utils.verify_num(posts_form.vercode.data)
user = current_user.user
if not user.get('is_active', False) or user.get('is_disabled', False):
return jsonify(code_msg.USER_UN_ACTIVE_OR_DISABLED)
user_coin = user.get('coin', 0)
if posts_form.reward.data > user_coin:
return jsonify(models.R.ok('悬赏金币不能大于拥有的金币,当前账号金币为:' + str(user_coin)))
posts = {
'title': posts_form.title.data,
'catalog_id': ObjectId(posts_form.catalog_id.data),
# 'is_closed': False,
'content': posts_form.content.data,
}
post_index = posts.copy()
post_index['catalog_id'] = str(posts['catalog_id'])
msg = '发帖成功!'
reward = posts_form.reward.data
if post_id:
posts['modify_at'] = datetime.now()
mongo.db.posts.update_one({'_id': post_id}, {'$set': posts})
msg = '修改成功!'
else:
posts['create_at'] = datetime.utcnow()
posts['reward'] = reward
posts['user_id'] = user['_id']
# 扣除用户发帖悬赏
if reward > 0:
mongo.db.users.update_one({'_id': user['_id']}, {'$inc': {'coin': -reward}})
mongo.db.posts.save(posts)
post_id = posts['_id']
# 更新索引文档
update_index(mongo.db.posts.find_one_or_404({'_id': post_id}))
return jsonify(models.R.ok(msg).put('action', url_for('index.index')))
else:
ver_code = utils.gen_verify_num()
# session['ver_code'] = ver_code['answer']
posts = None
if post_id:
posts = mongo.db.posts.find_one_or_404({'_id': post_id})
title = '发帖' if post_id is None else '编辑帖子'
return render_template('jie/add.html', page_name='jie', ver_code=ver_code['question'], form=posts_form, is_add=(post_id is None), post=posts, title=title)
def register():
if db_utils.get_option('open_user', {}).get('val') != '1':
abort(404)
user_form = forms.RegisterForm()
if user_form.is_submitted():
if not user_form.validate():
return jsonify(
models.R.fail(code_msg.PARAM_ERROR.get_msg(),
str(user_form.errors)))
utils.verify_num(user_form.vercode.data)
user = mongo.db.users.find_one({'email': user_form.email.data})
if user:
return jsonify(code_msg.EMAIL_EXIST)
#以字典的形式存储用户注册时所填写的信息
user = dict({
'is_active':
False,
'coin':
0,
'email':
user_form.email.data,
'username':
user_form.username.data,
'vip':
0,
'reply_count':
0,
'avatar':
url_for('static',
filename='images/avatar/' + str(randint(0, 12)) + '.jpg'),
'password':
generate_password_hash(user_form.password.data),
'create_at':
datetime.utcnow()
})
#向mongo数据库插入此用户的这条数据
mongo.db.users.insert_one(user)
send_active_email(user['username'], user['_id'], user['email'])
return jsonify(
code_msg.REGISTER_SUCCESS.put('action', url_for('user.login')))
ver_code = utils.gen_verify_num()
# session['ver_code'] = ver_code['answer']
#title会传给base页面的变量title,会在对应的页面标签显示
return render_template('user/reg.html',
ver_code=ver_code['question'],
form=user_form,
title='注册')
def user_pass_forget(code=None):
if request.method == 'POST':
mail_form = forms.SendForgetMailForm()
if not mail_form.validate():
return jsonify(
models.R.fail(code_msg.PARAM_ERROR.get_msg(),
str(mail_form.errors)))
email = mail_form.email.data
ver_code = mail_form.vercode.data
utils.verify_num(ver_code)
user = mongo.db.users.find_one({'email': email})
if not user:
return jsonify(code_msg.USER_NOT_EXIST)
send_active_email(user['username'],
user_id=user['_id'],
email=email,
is_forget=True)
return jsonify(
code_msg.RE_PWD_MAIL_SEND.put('action', url_for('user.login')))
has_code = False
user = None
if code:
print(code)
active_code = mongo.db.active_codes.find_one({'_id': code})
print(active_code)
print(active_code['user_id'])
has_code = True
if not active_code:
return render_template('user/forget.html',
page_name='user',
has_code=True,
code_invalid=True)
user = mongo.db.users.find_one({'_id': active_code['user_id']})
print(user)
ver_code = utils.gen_verify_num()
# session['ver_code'] = ver_code['answer']
return render_template('user/forget.html',
page_name='user',
ver_code=ver_code['question'],
code=code,
has_code=has_code,
user=user,
title='找回密码')