def login(request):
if request.session.get('is_login'): #不允许重复登陆
return redirect("/index/")
if request.method=="POST": #提交表单后,满足请求为post就执行下面的内容
message = '所有字段都必须填写'
login_form=forms.UserForm(request.POST) #获取每个input标签
# username = request.POST.get('username') #获取表单中输入的用户名和密码
# password = request.POST.get('password')
# print(username,password)
# if username and password : #用户名和密码都不为空
# username=username.strip() #清除用户名前后的空格
if login_form.is_valid(): #这个就是用于验证输入表单内容的合法性
username=login_form.cleaned_data['username'] #cleaned_data会将input标签中的变量和值作为以字典的一个元素形式表现出来
password=login_form.cleaned_data['password']
# user = User(username, password) #添加到User表中
# user.save() #存储到数据库中
#查询数据库中是否存在该用户名和密码
t_username=User.objects.filter(name=username)
print(t_username)
t_password=User.objects.filter(password=password)
if t_username and t_password:
request.session['is_login']=True #写入用户状态和数据
# request.session['user_id']=t_username.id
request.session['user_name']=username
return redirect('/index/')
elif not t_username:
# return HttpResponse('用户名不存在')
message='用户名不存在'
elif not t_password:
# return HttpResponse('密码不存在')
message='密码不存在'
return render(request,'login/login.html',{"message":message,"login_form":login_form}) #将message信息通过模板传递到网页
login_form=forms.UserForm() #保留输入的错误字段
return render(request,'login/login.html',{"login_form":login_form})
def newsite(req):
import base.models as M, random, string
form = None
auth_user = UR.getUserInfo(req)
ensemble_form = None
user_form = None
if auth_user is not None:
return HttpResponseRedirect("/")
if req.method == 'POST':
user = M.User(confkey="".join([choice(string.ascii_letters+string.digits) for i in xrange(0,32)]))
ensemble = M.Ensemble()
user_form = forms.UserForm(req.POST, instance=user)
ensemble_form = forms.EnsembleForm(req.POST, instance=ensemble)
if user_form.is_valid() and ensemble_form.is_valid():
user_form.save()
ensemble.invitekey = "".join([ random.choice(string.ascii_letters+string.digits) for i in xrange(0,50)])
ensemble_form.save()
m = M.Membership(user=user, ensemble=ensemble, admin=True)
m.save()
p = {"tutorial_url": settings.GUEST_TUTORIAL_URL, "conf_url": "http://%s?ckey=%s" %(settings.NB_SERVERNAME, user.confkey), "firstname": user.firstname, "email": user.email, "password": user.password }
email = EmailMessage(
"Welcome to NB, %s" % (user.firstname),
render_to_string("email/confirm_newsite", p),
settings.EMAIL_FROM,
(user.email, ),
(settings.EMAIL_BCC, ))
email.send()
return HttpResponseRedirect('/newsite_thanks')
else:
user_form = forms.UserForm()
ensemble_form = forms.EnsembleForm()
return render_to_response("web/newsite.html", {"user_form": user_form, "ensemble_form": ensemble_form})
def users(request, username=None) :
wikidbase.core.security.barrier(request.user.username, "access administration pages")
users = wikidbase.core.security.getUsers()
if username :
user = wikidbase.core.security.getUser(username)
else :
user = None
if request.method == 'POST':
userForm = forms.UserForm(request.POST)
if userForm.is_valid():
userForm.save()
if user :
wikidbase.core.session.setMessage(request, message="The user has been updated.")
return django.http.HttpResponseRedirect("/controlpanel/users/%s" % username)
else :
wikidbase.core.session.setMessage(request, message="The new user has been added.")
return django.http.HttpResponseRedirect("/controlpanel/users")
else:
userForm = forms.UserForm(user=user)
context = {
"users":users,
"pageTabs":getPageTabs("Users"),
"userForm":userForm,
}
return django.shortcuts.render_to_response("users.html", django.template.RequestContext(request, context))
def subscribe(req):
key = req.GET.get("key", "")
e = M.Ensemble.objects.get(invitekey=key)
if not e.use_invitekey:
return HttpResponseRedirect("/notallowed")
auth_user = UR.getUserInfo(req)
user = None
P = {"ensemble": e, "key": key}
if req.method == 'POST':
if auth_user is None:
user = M.User(confkey="".join([
choice(string.ascii_letters + string.digits)
for i in xrange(0, 32)
]))
user_form = forms.UserForm(req.POST, instance=user)
if user_form.is_valid():
user_form.save()
m = M.Membership(user=user, ensemble=e)
m.save(
) #membership exists but user is still invalid until has confirmed their email
p = {
"tutorial_url":
settings.GUEST_TUTORIAL_URL,
"conf_url":
"%s://%s/?ckey=%s" %
(settings.PROTOCOL, settings.NB_SERVERNAME, user.confkey),
"firstname":
user.firstname,
"email":
user.email
}
email = EmailMessage(
"Welcome to NB, %s" % (user.firstname, ),
render_to_string("email/confirm_subscribe",
p), settings.EMAIL_FROM, (user.email, ),
(settings.EMAIL_BCC, ))
email.send()
return HttpResponseRedirect('/subscribe_thanks')
else:
P["form"] = forms.UserForm(req.POST, instance=user)
return render_to_response("web/subscribe_newuser.html", P)
else:
user = auth_user
m = M.Membership.objects.filter(user=user, ensemble=e)
if m.count() == 0:
m = M.Membership(user=user, ensemble=e)
m.save()
return HttpResponseRedirect('/')
#user_form = forms.EnterYourNameUserForm(req.POST, instance=user)
else:
if auth_user is not None:
P["user"] = auth_user
P["form"] = forms.UserForm(instance=user)
return render_to_response("web/subscribe_existinguser.html", P)
else:
P["form"] = forms.UserForm()
return render_to_response("web/subscribe_newuser.html", P)
def student_add(request):
if request.POST.has_key('add'):
form = forms.UserForm(request.POST)
form.fields['grade'].choices = common_def.get_all_grades(
request.session['school_type'], prompt=True)
form.fields['myclass'].choices = cache.get_grade_classes(
request.session['school'], int(request.POST['grade']))
if form.is_valid():
uname = form.cleaned_data['username']
#utype = int(form.cleaned_data['type'])
with transaction.commit_on_success():
user = User.objects.create(
username=uname,
first_name=form.cleaned_data['name'],
email=form.cleaned_data['email'])
user.set_password(form.cleaned_data['password'])
user.save()
profile = user.userprofile
profile.usertype = common_def.USERTYPE_STUDENT
profile.region_id = request.session['region']
profile.school_id = request.session['school']
profile.myclass_id = int(request.POST['myclass'])
profile.gender = form.cleaned_data['gender']
profile.birthday = form.cleaned_data['birthday']
profile.telphone = form.cleaned_data['tel']
profile.contact = json.dumps(
{
'tel': profile.telphone,
'email': user.email
},
ensure_ascii=False)
profile.save()
log.log_addition(request.user, user, u'添加用户')
return HttpResponseRedirect('/student/list/')
elif request.POST:
# change grade
grade = int(request.POST['grade'])
cache.set_selected_grade(request.user, 'change_student', grade, 300)
form = forms.UserForm(request.POST)
form.fields['grade'].choices = common_def.get_all_grades(
request.session['school_type'], prompt=True)
form.fields['myclass'].choices = cache.get_grade_classes(
request.session['school'], grade)
form.errors.clear()
else:
grade = cache.get_selected_grade(request.user, 'change_student')
form = forms.UserForm(initial={'grade': grade})
form.fields['grade'].choices = common_def.get_all_grades(
request.session['school_type'], prompt=True)
form.fields['myclass'].choices = cache.get_grade_classes(
request.session['school'], grade)
ctx = RequestContext(request, {
'form': form,
})
return render_to_response('change_user.html', ctx)
def user_new(request):
if request.method == 'POST':
form = forms.UserForm(request.POST)
if form.is_valid():
user = form.save()
return HttpResponseRedirect(reverse('user_login'))
else:
return render(request, 'website/user_new.html', {'form': form})
else:
form = forms.UserForm()
return render(request, 'website/user_new.html', {'form': form})
def form():
user_form = forms.UserForm(request.form)
if request.method == 'POST' and user_form.validate():
print('OK')
else:
print('ERROR')
return render_template('form.html', form=user_form, title='Form')
def post(self):
form = forms.UserForm(self)
if form.validate():
self.write('Hello %s' % form.planet.data)
else:
self.render('index.html', form=form)
email = self.get_argument('email', '').strip()
username = self.get_argument('username', '').strip()
password1 = self.get_argument('password1', '').strip()
password2 = self.get_argument('password2', '').strip()
if password1 != password2:
error_msg = tornado.escape.url_escape("Password is not match!")
self.write(u'/user/register?error=' + error_msg)
return
if email == '':
error_msg = tornado.escape.url_escape("Email is required!")
self.redirect(u"/user/register?error=" + error_msg)
return
else:
if email.find('@') == -1:
error_msg = tornado.escape.url_escape("Email is invalid!")
self.redirect(u"/user/register?error=" + error_msg)
if not username:
username = email.split('@')[0]
exist, msg = yield self.exist(email=email, username=username)
if exist:
# exist user email or username
error_msg = u'?error=' + tornado.escape.url_escape(
'Login name already taken')
self.redirect(u'/user/register?error=' + error_msg)
return
if password1:
password = password1
else:
error_msg = u'?error=' + tornado.escape.url_escape(
'Password not set')
self.redirect(u'/user/register?error=' + error_msg)
return
user = {}
user['email'] = email
user['username'] = username
user['password'] = password
user = yield self.add_user(**user)
if user:
self.set_current_user(user)
self.redirect('/admin/user')
return
def register():
userform = forms.UserForm()
if userform.validate_on_submit():
new_user = User(username=userform.username.data,
email=userform.email.data)
new_user.encode_password(userform.password.data)
db.session.add(new_user)
db.session.commit()
return redirect(url_for("index", _external=True, _scheme='http'))
return render_template('register.html', template_form=userform)
def update_user(userid=None):
form = forms.UserForm()
user_id = int(userid)
user = models.User.get(current_user.id)
if form.validate_on_submit():
user.username = form.username.data
user.email = form.email.data
user.password = form.password.data
user.save()
return redirect(url_for('user', username=user.username))
return render_template('edit-user.html', form=form, userid=userid)
def add_user():
request_data = request.get_json()
form = forms.UserForm(request.form)
if request.method == 'POST':
name = request.form['name'] or request_data['name']
surname = request.form['surname'] or request_data['surname']
email = request.form['email'] or request_data['email']
if form.validate():
cursor_dict.execute(
"INSERT INTO `SPbSU_log_analysis_system`.`User` (email, surname, name) VALUES "
"('{0}', '{1}', '{2}')".format(email, surname, name))
return render_template('add_user.html', form=form)
def get(self):
users_total = User.select().count()
users = User.select()
form = forms.UserForm()
print form
print dir(form)
kwargs = {
'form': form,
'users': users,
'users_total': users_total,
}
self.render('admin/user_add.html', **kwargs)
def update_user(username):
form = forms.UserForm()
user = models.User.select().where(models.User.username == username).get()
if form.validate_on_submit():
filename = images.save(request.files['profile_image'])
url = images.url(filename)
user.username = form.username.data
user.email = form.email.data
user.password = generate_password_hash(form.password.data)
user.first_name = form.first_name.data
user.save(only=user.dirty_fields)
return redirect(url_for('user', userid=current_user.id))
return render_template('edit_user.html', user=user, form=form)
def add_user():
form = forms.UserForm()
if form.validate_on_submit():
username = form.username.data
email = form.email.data
user = User(username=username, email=email)
User.users_list.append(user)
return flask.render_template("user_added.html", user=user)
return flask.render_template("form.html", form=form)
def login(request):
if request.session.get('is_login', None):
return redirect("/index/")
if request.method == "POST":
login_form = forms.UserForm(request.POST)
message = "请检查填写的内容!"
if login_form.is_valid():
username = login_form.cleaned_data['username']
password = login_form.cleaned_data['password']
try:
user = User.objects.get(name=username)
if user.password == password:
request.session['is_login'] = True
request.session['user_id'] = user.id
request.session['user_name'] = user.name
return redirect('/index/')
else:
message = "密码不正确!"
except:
message = "用户不存在!"
return render(request, 'login/login.html', locals())
login_form = forms.UserForm()
return render(request, 'login/login.html', locals())
def edit_profile(request):
"""Edit user profile view."""
# Don't user request.user
user = User.objects.get(pk=request.user.id)
profile = user.get_profile()
user_groups = stringify_groups(profile.groups.all().order_by('name'))
user_skills = stringify_groups(profile.skills.all().order_by('name'))
user_languages = stringify_groups(profile.languages.all().order_by('name'))
user_form = forms.UserForm(request.POST or None, instance=user)
new_profile = False
form = forms.ProfileForm
if not profile.is_complete:
new_profile = True
form = forms.RegisterForm
profile_form = form(request.POST or None,
request.FILES or None,
instance=profile,
locale=request.locale,
initial=dict(groups=user_groups,
skills=user_skills,
languages=user_languages))
if (user_form.is_valid() and profile_form.is_valid()):
old_username = request.user.username
user_form.save()
profile_form.save()
# Notify the user that their old profile URL won't work.
if new_profile:
_update_invites(request)
messages.info(request, _(u'Your account has been created.'))
elif user.username != old_username:
messages.info(
request,
_(u'You changed your username; please note your '
'profile URL has also changed.'))
return redirect(reverse('profile', args=[user.username]))
data = dict(profile_form=profile_form,
user_form=user_form,
user_groups=user_groups,
my_vouches=UserProfile.objects.filter(vouched_by=profile),
profile=request.user.userprofile,
apps=user.apiapp_set.filter(is_active=True))
# If there are form errors, don't send a 200 OK.
status = 400 if (profile_form.errors or user_form.errors) else 200
return render(request, 'phonebook/edit_profile.html', data, status=status)
def obtain_user_data(update):
data = request.data.decode()
if data:
data_dict = ast.literal_eval(data)
if update:
user_form = form.UpdateUserForm.from_json(data_dict)
else:
user_form = form.UserForm.from_json(data_dict)
else:
data = request.form
if update:
user_form = form.UpdateUserForm(data)
else:
user_form = form.UserForm(data)
return user_form
def system_users(url_type=None):
etcd_conn = Etcd()
headers = [(_('Username'), 'username'), (_('Role'), 'role'), (_('Enabled'), 'enabled')]
button_list = [{'name': _('New'), 'href': '/system_users/change'}, {'name': _('List'), 'href': '/system_users'}]
if url_type == 'change':
form = forms.UserForm()
if form.validate_on_submit():
status = False
if form.enabled.data is True:
status = True
row = {"enabled": status, "locale": form.locale.data, "email": form.email.data,
"username": form.username.data, "role": form.role.data}
if flask.request.args.get('key'):
if form.password.data:
row['password'] = g.user.hash_password(form.password.data)
else:
form_data = etcd_conn.get_list(flask.request.args.get('key'))
row['password'] = form_data.get('password')
else:
row['password'] = g.user.hash_password(form.password.data)
etcd_conn.put('/appuser/' + form.username.data, json.dumps(row))
flash(_('System User') + ' ' + _('Added') + ' / ' + _('Updated'), 'info')
return flask.redirect(flask.url_for('system_users'))
elif flask.request.args.get('key'):
form_data = etcd_conn.get_list(flask.request.args.get('key'))
form.enabled.data = False
if form_data.get('enabled') is True:
form.enabled.data = True
form.username.render_kw = {'readonly': True}
form.email.data = form_data.get('email')
form.locale.data = form_data.get('locale')
form.username.data = form_data.get('username')
form.role.data = form_data.get('role')
return flask.render_template('list.html', main_header=_('Users'), form=form, button_list=button_list)
elif url_type == 'delete':
etcd_conn.delete(flask.request.args.get('key'))
flash(_('SQL User') + ' ' + _('Deleted'), 'error')
return flask.redirect(flask.url_for('system_users'))
group_list = etcd_conn.search('/appuser/')
page = pagination(len(group_list))
links = [{'name': _('Delete'), 'type': 'danger', 'link': '/system_users/delete'},
{'name': _('Update'), 'type': 'info', 'link': '/system_users/change'}]
return flask.render_template('list.html', main_header=_('SQL Users'),
list=get_calculated_page(group_list, page), headers=headers,
button_list=button_list, links=links, pagination=page)
def user():
form = forms.UserForm()
if form.validate_on_submit():
# g.user.enabled = form.enabled.data
g.user.locale = form.locale.data
g.user.email = form.email.data
if form.password.data:
g.user.password_hash = g.user.hash_password(form.password.data)
# print(g.user.password_hash)
g.user.set()
flash(_('User Info') + ' ' + _('Updated'), 'success')
else:
form.enabled.data = g.user.enabled
# form.username.data = g.user.username
form.locale.data = g.user.locale
form.email.data = g.user.email
form.password.data = None
form.username.data = g.user.username
form.role.data = g.user.role
form.username.render_kw = {'readonly': True}
form.role.render_kw = {'readonly': True}
form.enabled.render_kw = {'readonly': True}
return flask.render_template('list.html', main_header=_('User Info'), form=form)
def update_user(id):
'''
This function takes a POSTed form and updates the given
user with values from the form.
'''
# Check to make sure the session user is the
# owner of the user model they are trying to update
if int(id) != g.user.id:
flash('You can\'t update other user accounts')
return redirect(url_for('view_library', id=g.user.id))
# Check to make sure the user we are trying to
# update actually exists
# Start setting attributes on the user
# For right now, we only have one attribute we care about
form = forms.UserForm(request.form)
should_save = False
if form.location.data:
g.user.location = form.location.data
should_save = True
if form.avatar_url.data:
g.user.avatar_url = form.avatar_url.data
should_save = True
if should_save:
model.session.add(g.user)
model.session.commit()
# Finally, tell the browser to redirect the user
# to their library page
flash('You updated your account successfully')
return redirect(url_for('view_library', id=g.user.id))
username = login_form.cleaned_data['username']
password = login_form.cleaned_data['password']
try:
user = models.User.objects.get(name=username)
if user.password == password:
request.session['is_login'] = True
request.session['user_id'] = user.user_id
request.session['user_name'] = user.name
return redirect('/index/')
else:
message = "您输入的密码不正确"
except Exception, e:
message = "此用户不存在"
return render(request, 'login/login.html', locals())
login_form = forms.UserForm()
return render(request, 'login/login.html', locals())
def register(request):
if request.session.get('is_login', None):
# 登录状态不允许注册。你可以修改这条原则!
return redirect("/index/")
if request.method == "POST":
register_form = forms.RegisterForm(request.POST)
message = "请检查填写的内容!"
if register_form.is_valid(): # 获取数据
username = register_form.cleaned_data['username']
password1 = register_form.cleaned_data['password1']
password2 = register_form.cleaned_data['password2']
email = register_form.cleaned_data['email']
def student_edit(request):
if request.POST.has_key('edit'):
form = forms.UserForm(request.POST)
form.fields['password'].required = False
form.fields['password1'].required = False
form.fields['grade'].choices = common_def.get_all_grades(
request.session['school_type'], prompt=True)
form.fields['myclass'].choices = cache.get_grade_classes(
request.session['school'], int(request.POST['grade']))
uid = request.POST['uid']
user = User.objects.get(pk=uid)
if form.is_valid():
password = form.cleaned_data['password']
if password:
user.set_password(password)
#utype = int(form.cleaned_data['type'])
user.username = form.cleaned_data['username']
user.first_name = form.cleaned_data['name']
user.email = form.cleaned_data['email']
profile = user.userprofile
#profile.usertype = utype
profile.gender = form.cleaned_data['gender']
profile.myclass_id = form.cleaned_data[
'myclass'] #int(request.POST['myclass'])
profile.birthday = form.cleaned_data['birthday']
profile.telphone = form.cleaned_data['tel']
profile.contact = json.dumps(
{
'tel': profile.telphone,
'email': user.email
},
ensure_ascii=False)
with transaction.commit_on_success():
user.save()
profile.save()
log.log_change(request.user, user, u'修改用户')
return HttpResponseRedirect('/student/list/')
elif request.POST.has_key('delete'):
uid = request.POST['uid']
user = User.objects.get(pk=uid)
user.delete()
log.log_deletion(request.user, user, u'删除用户')
return HttpResponseRedirect('/student/list/')
elif request.POST:
# change grade
uid = request.POST['uid']
grade = int(request.POST['grade'])
cache.set_selected_grade(request.user, 'change_student', grade, 300)
form = forms.UserForm(request.POST)
form.fields['grade'].choices = common_def.get_all_grades(
request.session['school_type'], prompt=True)
form.fields['myclass'].choices = cache.get_grade_classes(
request.session['school'], grade)
form.errors.clear()
else:
uid = request.GET['uid']
profile = models.UserProfile.objects.select_related(
'user', 'myclass').get(user__id=uid)
grade = profile.myclass.get_grade()
data = {
'username': profile.user.username,
'name': profile.user.first_name,
#'en_name': user.last_name,
'gender': profile.gender,
'grade': grade,
'myclass': profile.myclass_id,
'birthday': profile.birthday,
#'type': profile.usertype,
}
form = forms.UserForm(initial=data)
form.fields['password'].required = False
form.fields['password1'].required = False
form.fields['grade'].choices = common_def.get_all_grades(
request.session['school_type'], prompt=True)
form.fields['myclass'].choices = cache.get_grade_classes(
request.session['school'], grade)
ctx = RequestContext(request, {
'form': form,
'uid': uid,
})
return render_to_response('change_user.html', ctx)
