def POST(self): data = web.input(req='') req = data.req if req == "email": try: result = Admin.getBy(username=self.session.username) web.header('Content-Type', 'application/json') if result: return json.dumps({'email': result.email}) else: return json.dumps({'err': '没有找到匹配的用户'}) except Exception as err: web.header('Content-Type', 'application/json') return json.dumps({'err': '出现错误: ' + str(err)}) elif req == "submit": web.header('Content-Type', 'application/json') try: if data.nickname == "": return json.dumps({"err", "请输入昵称"}) if data.email == "email": return json.dumps({'err', "请输入邮箱"}) person = Admin.getBy(username=self.session.username) person.nickname = data.nickname person.email = data.email person.update() self.session.nickname = data.nickname return json.dumps({'success': "个人资料更新成功"}) except Exception as err: return json.dumps({'err': "出现错误: " + str(err)}) else: return web.Forbidden()
def POST(self): data = web.input(req='', username='', id='', newp='') req = data.req if req == 'check': try: person = Admin.getBy(username=data.username) web.header('Content-Type', 'application/json') if person == None: return json.dumps({'is_valid': '1'}) else: return json.dumps({'is_valid': '0'}) except Exception as err: web.header('Content-Type', 'application/json') raise err return json.dumps({'err': '出现错误: ' + str(err)}) elif req == 'submit': try: person = Admin.getBy(username=data.username) web.header('Content-Type', 'application/json') if person: # 用户名已被占用 return json.dumps({'err': '用户名已被占用!'}) else: # 更新密码 Admin(dict( username=data.username, password=hashlib.new('md5', data.newp).hexdigest(), role=data.role, )).insert() return json.dumps({'success': '成功添加用户'}) except Exception as err: web.header('Content-Type', 'application/json') return json.dumps({'err': '出现错误: ' + str(err)}) elif req == 'delete': if not data.id: return json.dumps({'err': '请求出错'}) person = Admin.get(data.id) operator = Admin.getBy(username=self.session.username) if not person: return json.dumps({'err': '用户不存在'}) if operator.role >= person.role: return json.dumps({'err': '无权限'}) person.delete() return json.dumps({'success': '已删除'}) elif req == 'update': person = Admin.getBy(username=data.username) operator = Admin.getBy(username=self.session.username) if not person: return json.dumps({'err': '用户不存在'}) if operator.role >= person.role: return json.dumps({'err': '无权限'}) person.password = hashlib.new('md5', data.newp).hexdigest() person.update() return json.dumps({'success': '修改成功!'}) else: return web.Forbidden()
def POST(self): # username password remeber data = web.input(username="", password="", remeber="") try: result = Admin.getBy( username=data.username, password=hashlib.new("md5", data.password).hexdigest() ) if result == None: # 身份验证失败 # self.page.errinfo = "您输入的用户名和密码不匹配,请检查后重试." # print self.page.errinfo # return render.admin.login(page = self.page) return json.dumps({'err': '您输入的用户名和密码不匹配,请检查后重试'}) else: self.session.username = result.username self.session.nickname = result.nickname self.session.role = "admin" self.session.logged = True if data.remeber: # 记住密码 web.config.session_parameters['ignore_expiry'] = True return json.dumps({'success': '登录成功!'}) except Exception as err: self.page.title = "出错啦!" self.page.errinfo = err return render.errinfo(page=self.page)
def GET(self): admins = Admin.getAll() operator = Admin.getBy(username=self.session.username) print admins for i in range(len(admins)): # role = 0 为最高权限, role越大, 权限越低 if admins[i].username == operator.username: index = i admins[i].deletable = (admins[i].role > operator.role) admins.pop(index) print admins return render.admin.users(page=self.page, session=self.session, admins=admins)
def POST(self): data = web.input(req='') req = data.req if req == "check": try: person = Admin.getBy( username=self.session.username, password=hashlib.new("md5", data.oldp).hexdigest() ) web.header('Content-Type', 'application/json') if person: return json.dumps({'is_valid': '1'}) else: return json.dumps({'is_valid': '0'}) except Exception as err: web.header('Content-Type', 'application/json') return json.dumps({'err': '出现错误: ' + str(err)}) elif req == "submit": try: person = Admin.getBy( username=self.session.username, password=hashlib.new("md5", data.oldp).hexdigest() ) web.header('Content-Type', 'application/json') if person is None: # 旧密码输错 return json.dumps({'err': '旧密码输入错误!'}) else: # 更新密码 person.password = hashlib.new("md5", data.newp).hexdigest() person.update() return json.dumps({'success': '密码修改成功'}) except Exception as err: web.header('Content-Type', 'application/json') return json.dumps({'err': '出现错误: ' + str(err)}) else: return web.Forbidden()