def initialize(self):
self.init()
self.muser = MUser()
self.mclass = MPycateCatalog()
if self.get_current_user():
self.userinfo = self.muser.get_by_id(self.get_current_user())
else:
self.userinfo = None
def init(self):
self.tmpl_name = 'doc'
self.muser = MUser()
if self.get_current_user():
self.userinfo = self.muser.get_by_id(self.get_current_user())
else:
self.userinfo = None
def initialize(self):
self.init()
self.muser = MUser()
self.mclass = MPycateCatalog()
if self.get_current_user():
self.userinfo = self.muser.get_by_id(self.get_current_user())
else:
self.userinfo = None
def __init__(self):
self.tab = TabUsage
try:
TabUsage.create_table()
except:
pass
self.mapp2catalog = MApp2Catalog()
self.muser = MUser()
class BaseHandler(tornado.web.RequestHandler):
def init(self):
self.muser = MUser()
if self.get_current_user():
self.userinfo = self.muser.get_by_id(self.get_current_user())
else:
self.userinfo = None
def parse_url(self, url_str):
url_str = url_str.strip()
url_arr = [] if len(url_str) == 0 else url_str.split('/')
return url_arr
def check_doc_priv(self, userinfo):
priv_dic = {
'ADD': False,
'EDIT': False,
'DELETE': False,
'ADMIN': False
}
if userinfo:
pass
else:
return priv_dic
if userinfo.privilege[1] >= '1':
priv_dic['ADD'] = True
if userinfo.privilege[1] >= '2':
priv_dic['EDIT'] = True
if userinfo.privilege[1] >= '4':
priv_dic['DELETE'] = True
if userinfo.privilege[1] >= '7':
priv_dic['ADMIN'] = True
return priv_dic
def get_current_user(self):
return self.get_secure_cookie("user")
def is_admin(self):
if self.userinfo and self.check_doc_priv(self.userinfo)['ADMIN']:
return True
else:
return False
def editable(self):
# Deprecated.
if self.get_current_user():
return 1
else:
return 0
class BaseHandler(tornado.web.RequestHandler, TemplateRendring):
def init(self):
self.tmpl_name = 'doc'
self.muser = MUser()
if self.get_current_user():
self.userinfo = self.muser.get_by_id(self.get_current_user())
else:
self.userinfo = None
def parse_url(self, url_str):
url_str = url_str.strip()
url_arr = [] if len(url_str) == 0 else url_str.split('/')
return url_arr
def get_current_user(self):
return self.get_secure_cookie("user")
def is_admin(self):
if self.userinfo and self.userinfo.privilege[4] == '1':
return True
return False
def editable(self):
# Deprecated.
if self.get_current_user():
return 1
else:
return 0
def render_jinja2(self, template_name, **kwargs):
kwargs.update({
'settings': self.settings,
'STATIC_URL': self.settings.get('static_url_prefix', '/static/'),
'request': self.request,
'current_user': self.current_user,
'xsrf_token': self.xsrf_token,
'xsrf_form_html': self.xsrf_form_html,
})
content = self.render_template(template_name, **kwargs)
self.write(content)
def initialize(self):
self.init()
self.muser = MUser()
self.user_name = self.get_current_user()
self.tmpl_router = 'user'
class UserHandler(BaseHandler):
def initialize(self):
self.init()
self.muser = MUser()
self.user_name = self.get_current_user()
self.tmpl_router = 'user'
def get(self, url_str):
url_arr = self.parse_url(url_str)
if url_str == 'regist':
if self.get_current_user():
self.redirect('/')
else:
self.__to_register__()
elif url_str == 'login':
self.to_login()
elif url_str == 'info':
self.show_info()
elif url_str == 'logout':
self.logout()
elif url_str == 'reset-password':
self.to_reset_password()
elif url_str == 'changepass':
self.changepass()
elif url_str == 'changeinfo':
self.change_info()
elif url_str == 'reset-passwd':
if self.gen_passwd():
pass
else:
self.redirect(config.site_url)
elif url_arr[0] == 'changeprivilege':
self.change_privilege(url_arr[1])
elif url_str == 'find':
if self.tmpl_router == "user":
self.to_find()
else:
self.p_to_find()
elif url_arr[0] == 'find':
self.find(url_arr[1])
elif url_arr[0] == 'delete_user':
self.delete(url_arr[1])
def post(self, url_str):
url_arr = self.parse_url(url_str)
if url_str == 'regist':
self.register()
elif url_str == 'login':
self.login()
elif url_str == 'changepass':
self.changepassword()
elif url_arr[0] == 'changepass':
self.p_changepassword()
elif url_str == 'changeinfo':
self.changeinfo()
elif url_arr[0] == 'changeinfo':
self.p_changeinfo()
elif url_str == 'find':
self.post_find()
elif url_arr[0] == 'find':
self.find(url_arr[1])
elif url_str == 'reset-password':
self.reset_password()
elif url_arr[0] == 'changeprivilege':
self.changeprivilege(url_arr[1])
@tornado.web.authenticated
def p_changepassword(self):
post_data = {}
for key in self.request.arguments:
post_data[key] = self.get_arguments(key)
uu = self.muser.check_user(self.user_name, post_data['rawpass'][0])
if uu == 1:
self.muser.update_pass(self.user_name, post_data['user_pass'][0])
output = {
'changepass ': uu,
}
else:
output = {
'changepass ': 0,
}
return json.dump(output, self)
@tornado.web.authenticated
def p_changeinfo(self):
post_data = {}
for key in self.request.arguments:
post_data[key] = self.get_arguments(key)
uu = self.muser.check_user(self.user_name, post_data['rawpass'][0])
if uu == 1:
self.muser.update_info(self.user_name, post_data['user_email'][0])
output = {
'changeinfo ': uu,
}
else:
output = {
'changeinfo ': 0,
}
return json.dump(output, self)
@tornado.web.authenticated
def changepassword(self):
post_data = {}
for key in self.request.arguments:
post_data[key] = self.get_arguments(key)
uu = self.muser.check_user(self.user_name, post_data['rawpass'][0])
if uu == 1:
self.muser.update_pass(self.user_name, post_data['user_pass'][0])
self.redirect(('/{0}/info').format(self.tmpl_router))
else:
return False
@tornado.web.authenticated
def changeinfo(self):
post_data = {}
for key in self.request.arguments:
post_data[key] = self.get_arguments(key)
uu = self.muser.check_user(self.user_name, post_data['rawpass'][0])
if uu == 1:
self.muser.update_info(self.user_name, post_data['user_email'][0])
self.redirect(('/user/info'))
else:
return False
@tornado.web.authenticated
def changeprivilege(self, xg_username):
post_data = {}
for key in self.request.arguments:
post_data[key] = self.get_arguments(key)
if self.tmpl_router == "user":
self.muser.update_privilege(xg_username, post_data['privilege'][0])
self.redirect(('/user/info'))
else:
if self.muser.update_privilege(xg_username, post_data['privilege'][0]):
output = {
'del_category ': 1,
}
else:
output = {
'del_category ': 0,
}
return json.dump(output, self)
@tornado.web.authenticated
def logout(self):
self.clear_all_cookies()
self.redirect('/')
@tornado.web.authenticated
def changepass(self):
self.render('{0}/{1}/changepass.html'.format(self.tmpl_name, self.tmpl_router),
user_info=self.muser.get_by_id(self.user_name))
@tornado.web.authenticated
def change_info(self):
self.render('{0}/{1}/changeinfo.html'.format(self.tmpl_name, self.tmpl_router),
user_info=self.muser.get_by_id(self.user_name))
@tornado.web.authenticated
def change_privilege(self, xg_username):
self.render('{0}/{1}/changeprivilege.html'.format(self.tmpl_name, self.tmpl_router),
user_info=self.muser.get_by_id(xg_username))
@tornado.web.authenticated
def show_info(self):
self.render('{0}/{1}/info.html'.format(self.tmpl_name, self.tmpl_router),
user_info=self.muser.get_by_id(self.user_name),
userinfo=self.muser.get_by_id(self.user_name), )
def to_reset_password(self):
self.render('{0}/{1}/reset_password.html'.format(self.tmpl_name, self.tmpl_router))
def to_login(self):
if self.get_current_user():
self.redirect('/')
else:
kwd = {
'pager': '',
}
self.render('{0}/{1}/login.html'.format(self.tmpl_name, self.tmpl_router),
kwd=kwd,
userinfo = None,
)
def register(self):
post_data = {}
for key in self.request.arguments:
post_data[key] = self.get_arguments(key)
form = SumForm(self.request.arguments)
if form.validate():
if self.muser.insert_data(post_data):
self.redirect('/user/login')
else:
kwd = {
'info': '注册不成功',
}
self.set_status(400)
self.render('html/404.html',
cfg = config.cfg,
kwd=kwd,
userinfo = None,)
else:
kwd = {
'info': '注册不成功',
}
self.set_status(400)
self.render('html/404.html',
cfg = config.cfg,
kwd=kwd,
userinfo = None,)
def __to_register__(self):
kwd = {
'pager': '',
}
self.render('{0}/{1}/regist.html'.format(self.tmpl_name, self.tmpl_router),
cfg = config.cfg,
userinfo = None,
kwd=kwd)
def login(self):
post_data = {}
for key in self.request.arguments:
post_data[key] = self.get_arguments(key)
if 'next' in post_data:
next_url = post_data['next'][0]
else:
next_url = '/'
u_name = post_data['user_name'][0]
u_pass = post_data['user_pass'][0]
kwd = {
'pager': '',
}
result = self.muser.check_user(u_name, u_pass)
if result == 1:
self.set_secure_cookie("user", u_name)
self.redirect("{0}".format(next_url))
elif result == 0:
self.set_status(401)
kwd = {
'info': '密码验证出错,请<a href="/user/login">重新登陆</a>。'
}
self.render('html/404.html',
cfg = config.cfg,
kwd=kwd,
userinfo = self.userinfo,)
elif result == -1:
self.set_status(401)
kwd = {
'info': '没有这个用户'
}
self.render('html/404.html',
cfg = config.cfg,
kwd=kwd,
userinfo = self.userinfo,)
else:
self.set_status(305)
self.redirect("{0}".format(next_url))
def to_find(self, ):
kwd = {
'pager': '',
}
self.render('{0}/{1}/find.html'.format(self.tmpl_name, self.tmpl_router),
cfg = config.cfg,
kwd=kwd,
userinfo = self.userinfo,
)
def p_to_find(self, ):
kwd = {
'pager': '',
}
self.render('{0}/{1}/find_list.html'.format(self.tmpl_name, self.tmpl_router),
kwd=kwd,
view=self.muser.get_by_keyword(""),
cfg = config.cfg,
userinfo = self.userinfo,
)
def find(self, keyword):
kwd = {
'pager': '',
'unescape': tornado.escape.xhtml_unescape,
'title': '查找结果',
}
if self.tmpl_router == "user":
self.render('{0}/{1}/find_list.html'.format(self.tmpl_name, self.tmpl_router),
kwd=kwd,
view=self.muser.get_by_keyword(keyword),
cfg = config.cfg,
userinfo = self.userinfo,
)
else:
result=self.muser.get_by_keyword(keyword)
if result:
output = {
'find': result
}
else:
output = {
'find': 0,
}
return json.dump(output, self)
def delete(self, del_id):
if self.tmpl_router == "user":
is_deleted = self.muser.delete(del_id)
if is_deleted:
self.redirect('/user/find')
else:
return False
else:
if self.muser.delete(del_id):
output = {
'del_category': 1
}
else:
output = {
'del_category': 0,
}
return json.dump(output, self)
def post_find(self):
keyword = self.get_argument('keyword')
self.find(keyword)
def reset_password(self):
post_data = {}
for key in self.request.arguments:
post_data[key] = self.get_arguments(key)
if 'email' in post_data:
userinfo = self.muser.get_by_email(post_data['email'][0])
if tools.timestamp() - userinfo.reset_passwd_timestamp < 70:
self.set_status(400)
kwd = {
'info': '两次重置密码时间应该大于1分钟',
}
self.render('html/404.html', kwd=kwd, userinfo = self.userinfo)
return False
if userinfo:
timestamp = tools.timestamp()
passwd = userinfo.user_pass
username = userinfo.user_name
hash_str = tools.md5(username + str(timestamp) + passwd)
url_reset = '{0}/user/reset-passwd?u={1}&t={2}&p={3}'.format(config.site_url, username, timestamp,
hash_str)
email_cnt = '''
<div>请查看下面的信息,并<span style="color:red">谨慎操作</span>:</div>
<div>您在"{0}"网站({1})申请了密码重置,如果确定要进行密码重置,请打开下面链接:</div>
<div><a href={2}>{2}</a></div>
<div>如果无法确定本信息的有效性,请忽略本邮件。</div>
'''.format(config.site_name, config.site_url, url_reset)
if send_mail([userinfo.user_email], "{0}|密码重置".format(config.site_name), email_cnt):
self.muser.update_reset_passwd_timestamp(username, timestamp)
self.set_status(200)
return True
else:
self.set_status(400)
return False
else:
self.set_status(400)
return False
else:
self.set_status(400)
return False
def gen_passwd(self):
post_data = {}
for key in self.request.arguments:
post_data[key] = self.get_arguments(key)
userinfo = self.muser.get_by_id(post_data['u'][0])
sub_timestamp = int(post_data['t'][0])
cur_timestamp = tools.timestamp()
if cur_timestamp - sub_timestamp < 600 and cur_timestamp > sub_timestamp:
pass
else:
kwd = {
'info': '密码重置已超时!',
}
self.set_status(400)
self.render('html/404.html',
kwd=kwd,
userinfo = self.userinfo)
hash_str = tools.md5(userinfo.user_name + post_data['t'][0] + userinfo.user_pass)
if hash_str == post_data['p'][0]:
pass
else:
kwd = {
'info': '密码重置验证出错!',
}
self.set_status(400)
self.render('html/404.html',
kwd=kwd,
userinfo = self.userinfo,)
new_passwd = tools.get_uu8d()
self.muser.update_pass(userinfo.user_name, new_passwd)
kwd = {
'user_name': userinfo.user_name,
'new_pass': new_passwd,
}
self.render('{0}/{1}/show_pass.html'.format(self.tmpl_name, self.tmpl_router),
cfg = config.cfg,
kwd=kwd,
userinfo = self.userinfo,)
class MaintainPycateCategoryHandler(BaseHandler):
def initialize(self):
self.init()
self.muser = MUser()
self.mclass = MPycateCatalog()
if self.get_current_user():
self.userinfo = self.muser.get_by_id(self.get_current_user())
else:
self.userinfo = None
def get(self, url_str=''):
url_arr = self.parse_url(url_str)
if url_str == 'add':
self.to_add_class()
elif url_str == 'list':
self.recent()
elif url_str == 'refresh':
self.refresh()
elif url_arr[0] == 'modify':
self.to_modify(url_arr[1])
elif url_arr[0] == 'delete':
self.delete(url_arr[1])
else:
kwd = {
'info': '页面未找到',
}
self.render('html/404.html', kwd=kwd)
def post(self, url_str=''):
url_arr = self.parse_url(url_str)
if len(url_arr) == 1 and url_str.endswith('.html'):
self.add_post()
if url_arr[0] == 'modify':
self.update(url_arr[1])
elif url_str == 'add':
self.user_add_class()
else:
self.redirect('html/404.html')
def recent(self):
kwd = {
'pager': '',
'unescape': tornado.escape.xhtml_unescape,
'title': '最近文档',
}
self.render('{0}/maintain/pycatecategory/category_list.html'.format(self.tmpl_name),
kwd=kwd,
view=self.mclass.query_recent(),
format_date=tools.format_date,
userinfo=self.userinfo,
)
def refresh(self):
kwd = {
'pager': '',
'title': '最近文档',
}
self.render('{0}/maintain/pycatecategory/category_list.html'.format(self.tmpl_name),
kwd=kwd,
userinfo=self.userinfo,
view=self.mclass.query_dated(10),
format_date=tools.format_date,
unescape=tornado.escape.xhtml_unescape, )
def get_random(self):
return self.mclass.query_random()
def wiki(self, uid):
dbdate = self.mclass.get_by_id(uid)
if dbdate:
self.viewit(uid)
else:
self.to_add(uid)
def to_add_class(self, ):
kwd = {
'pager': '',
'uid': '',
}
self.render('{0}/maintain/pycatecategory/category_add.html'.format(self.tmpl_name),
topmenu='',
kwd=kwd,
userinfo=self.userinfo,
)
@tornado.web.authenticated
def to_add(self, uid):
if self.is_admin():
pass
else:
return False
kwd = {
'uid': uid,
'pager': '',
}
self.render('{0}/maintain/pycatecategory/list.html'.format(self.tmpl_name),
kwd=kwd,
)
@tornado.web.authenticated
def update(self, uid):
if self.is_admin():
pass
else:
return False
raw_data = self.mclass.get_by_id(uid)
post_data = {}
for key in self.request.arguments:
post_data[key] = self.get_arguments(key)
post_data['user_name'] = self.get_current_user()
self.mclass.update(uid, post_data)
self.redirect('/maintain/pycatecategory/list'.format(uid))
@tornado.web.authenticated
def to_modify(self, id_rec):
a = self.mclass.get_by_id(id_rec)
# 用户具有管理权限,或文章是用户自己发布的。
if self.is_admin():
pass
else:
return False
kwd = {
'pager': '',
}
self.render('{0}/maintain/pycatecategory/category_edit.html'.format(self.tmpl_name),
kwd=kwd,
unescape=tornado.escape.xhtml_unescape,
dbrec=a,
userinfo=self.userinfo,
)
@tornado.web.authenticated
def viewit(self, post_id):
rec = self.mclass.get_by_uid(post_id)
if not rec:
kwd = {
'info': '您要找的分类不存在。',
}
self.render('html/404.html', kwd=kwd)
return False
kwd = {
'pager': '',
'editable': self.editable(),
}
self.render('{0}/maintain/pycatecategory/category_view.html'.format(self.tmpl_name),
view=rec,
unescape=tornado.escape.xhtml_unescape,
kwd=kwd,
userinfo=self.userinfo,
)
@tornado.web.authenticated
def user_add_class(self):
if self.is_admin():
pass
else:
return False
post_data = {}
for key in self.request.arguments:
post_data[key] = self.get_arguments(key)
post_data['user_name'] = self.get_current_user()
self.mclass.insert_data(post_data)
self.redirect('/maintain/pycatecategory/list'.format())
@tornado.web.authenticated
def delete(self, del_id):
if self.is_admin():
pass
else:
return False
is_deleted = self.mclass.delete(del_id)
if is_deleted:
self.redirect('/maintain/pycatecategory/list')
else:
return False
def init(self):
self.muser = MUser()
if self.get_current_user():
self.userinfo = self.muser.get_by_id(self.get_current_user())
else:
self.userinfo = None
class BaseHandler(tornado.web.RequestHandler, TemplateRendring):
def init(self):
self.muser = MUser()
if self.get_current_user():
self.userinfo = self.muser.get_by_id(self.get_current_user())
else:
self.userinfo = None
def parse_url(self, url_str):
url_str = url_str.strip()
url_arr = [] if len(url_str) == 0 else url_str.split('/')
return url_arr
def check_doc_priv(self, userinfo):
priv_dic = {
'ADD': False,
'EDIT': False,
'DELETE': False,
'ADMIN': False
}
if userinfo.privilege[1] >= '1':
priv_dic['ADD'] = True
if userinfo.privilege[1] >= '2':
priv_dic['EDIT'] = True
if userinfo.privilege[1] >= '4':
priv_dic['DELETE'] = True
if userinfo.privilege[1] >= '8':
priv_dic['ADMIN'] = True
return priv_dic
def get_current_user(self):
return self.get_secure_cookie("user")
def is_admin(self):
if self.userinfo and self.userinfo.privilege[4] == '1':
return True
return False
def editable(self):
# Deprecated.
if self.get_current_user():
return 1
else:
return 0
def render_jinja2(self, template_name, **kwargs):
kwargs.update({
'settings':
self.settings,
'STATIC_URL':
self.settings.get('static_url_prefix', '/static/'),
'request':
self.request,
'current_user':
self.current_user,
'xsrf_token':
self.xsrf_token,
'xsrf_form_html':
self.xsrf_form_html,
})
content = self.render_template(template_name, **kwargs)
self.write(content)
def initialize(self):
self.init()
self.muser = MUser()
self.user_name = self.get_current_user()
self.tmpl_router = 'user_ajax'
class UserHandler(BaseHandler):
def initialize(self):
self.init()
self.muser = MUser()
self.user_name = self.get_current_user()
self.tmpl_router = 'info'
def get(self, url_str):
url_arr = self.parse_url(url_str)
if url_str == 'regist':
if self.get_current_user():
self.redirect('/')
else:
self.__to_register__()
elif url_str == 'login':
self.to_login()
elif url_str == 'info':
self.show_info()
elif url_str == 'logout':
self.logout()
elif url_str == 'reset-password':
self.to_reset_password()
elif url_str == 'changepass':
self.changepass()
elif url_str == 'changeinfo':
self.change_info()
elif url_str == 'reset-passwd':
if self.gen_passwd():
pass
else:
self.redirect(config.site_url)
elif url_arr[0] == 'changeprivilege':
self.change_privilege(url_arr[1])
elif url_str == 'find':
if self.tmpl_router == "user":
self.to_find()
else:
self.p_to_find()
elif url_arr[0] == 'find':
self.find(url_arr[1])
elif url_arr[0] == 'delete_user':
self.delete(url_arr[1])
def post(self, url_str):
url_arr = self.parse_url(url_str)
if url_str == 'regist':
self.register()
elif url_str == 'login':
self.login()
elif url_str == 'changepass':
self.changepassword()
elif url_arr[0] == 'changepass':
self.p_changepassword()
elif url_str == 'changeinfo':
self.changeinfo()
elif url_arr[0] == 'changeinfo':
self.p_changeinfo()
elif url_str == 'find':
self.post_find()
elif url_arr[0] == 'find':
self.find(url_arr[1])
elif url_str == 'reset-password':
self.reset_password()
elif url_arr[0] == 'changeprivilege':
self.changeprivilege(url_arr[1])
@tornado.web.authenticated
def p_changepassword(self):
post_data = {}
for key in self.request.arguments:
post_data[key] = self.get_arguments(key)
uu = self.muser.check_user(self.user_name, post_data['rawpass'][0])
if uu == 1:
self.muser.update_pass(self.user_name, post_data['user_pass'][0])
output = {
'changepass ': uu,
}
else:
output = {
'changepass ': 0,
}
return json.dump(output, self)
@tornado.web.authenticated
def p_changeinfo(self):
post_data = {}
for key in self.request.arguments:
post_data[key] = self.get_arguments(key)
uu = self.muser.check_user(self.user_name, post_data['rawpass'][0])
if uu == 1:
self.muser.update_info(self.user_name, post_data['user_email'][0])
output = {
'changeinfo ': uu,
}
else:
output = {
'changeinfo ': 0,
}
return json.dump(output, self)
@tornado.web.authenticated
def changepassword(self):
post_data = {}
for key in self.request.arguments:
post_data[key] = self.get_arguments(key)
uu = self.muser.check_user(self.user_name, post_data['rawpass'][0])
if uu == 1:
self.muser.update_pass(self.user_name, post_data['user_pass'][0])
self.redirect(('/{0}/info').format(self.tmpl_router))
else:
return False
@tornado.web.authenticated
def changeinfo(self):
post_data = {}
for key in self.request.arguments:
post_data[key] = self.get_arguments(key)
uu = self.muser.check_user(self.user_name, post_data['rawpass'][0])
if uu == 1:
self.muser.update_info(self.user_name, post_data['user_email'][0])
self.redirect(('/user/info'))
else:
return False
@tornado.web.authenticated
def changeprivilege(self, xg_username):
post_data = {}
for key in self.request.arguments:
post_data[key] = self.get_arguments(key)
if self.tmpl_router == "user":
self.muser.update_privilege(xg_username, post_data['privilege'][0])
self.redirect(('/user/info'))
else:
if self.muser.update_privilege(xg_username, post_data['privilege'][0]):
output = {
'del_category ': 1,
}
else:
output = {
'del_category ': 0,
}
return json.dump(output, self)
@tornado.web.authenticated
def logout(self):
self.clear_all_cookies()
self.redirect('/')
@tornado.web.authenticated
def changepass(self):
self.render('user/{0}/changepass.html'.format(self.tmpl_router),
userinfo=self.muser.get_by_id(self.user_name))
@tornado.web.authenticated
def change_info(self):
self.render('user/{0}/changeinfo.html'.format(self.tmpl_router),
userinfo=self.muser.get_by_id(self.user_name))
@tornado.web.authenticated
def change_privilege(self, xg_username):
self.render('user/{0}/changeprivilege.html'.format(self.tmpl_router),
userinfo=self.muser.get_by_id(xg_username))
@tornado.web.authenticated
def show_info(self):
self.render('user/{0}/info.html'.format(self.tmpl_router),
userinfo=self.muser.get_by_id(self.user_name), )
def to_reset_password(self):
self.render('user/{0}/reset_password.html'.format(self.tmpl_router))
def to_login(self):
if self.get_current_user():
self.redirect('/')
else:
kwd = {
'pager': '',
}
self.render('user/{0}/login.html'.format(self.tmpl_router),
kwd=kwd,
userinfo=None,
)
def register(self):
post_data = {}
for key in self.request.arguments:
post_data[key] = self.get_arguments(key)
form = SumForm(self.request.arguments)
if form.validate():
if self.muser.insert_data(post_data):
self.redirect('/user/login')
else:
kwd = {
'info': '注册不成功',
}
self.set_status(400)
self.render('html/404.html',
cfg=config.cfg,
kwd=kwd,
userinfo=None, )
else:
kwd = {
'info': '注册不成功',
}
self.set_status(400)
self.render('html/404.html',
cfg=config.cfg,
kwd=kwd,
userinfo=None, )
def __to_register__(self):
kwd = {
'pager': '',
}
self.render('user/{0}/regist.html'.format(self.tmpl_router),
cfg=config.cfg,
userinfo=None,
kwd=kwd)
def login(self):
post_data = {}
for key in self.request.arguments:
post_data[key] = self.get_arguments(key)
if 'next' in post_data:
next_url = post_data['next'][0]
else:
next_url = '/'
u_name = post_data['user_name'][0]
u_pass = post_data['user_pass'][0]
kwd = {
'pager': '',
}
result = self.muser.check_user(u_name, u_pass)
if result == 1:
self.set_secure_cookie("user", u_name)
self.redirect("{0}".format(next_url))
elif result == 0:
self.set_status(401)
kwd = {
'info': '密码验证出错,请<a href="/user/login">重新登陆</a>。'
}
self.render('html/404.html',
cfg=config.cfg,
kwd=kwd,
userinfo=self.userinfo, )
elif result == -1:
self.set_status(401)
kwd = {
'info': '没有这个用户'
}
self.render('html/404.html',
cfg=config.cfg,
kwd=kwd,
userinfo=self.userinfo, )
else:
self.set_status(305)
self.redirect("{0}".format(next_url))
def to_find(self, ):
kwd = {
'pager': '',
}
self.render('user/{0}/find.html'.format(self.tmpl_router),
cfg=config.cfg,
kwd=kwd,
userinfo=self.userinfo,
)
def p_to_find(self, ):
kwd = {
'pager': '',
}
self.render('user/{0}/find_list.html'.format(self.tmpl_router),
kwd=kwd,
view=self.muser.get_by_keyword(""),
cfg=config.cfg,
userinfo=self.userinfo,
)
def find(self, keyword):
kwd = {
'pager': '',
'unescape': tornado.escape.xhtml_unescape,
'title': '查找结果',
}
if self.tmpl_router == "user":
self.render('user/{0}/find_list.html'.format(self.tmpl_router),
kwd=kwd,
view=self.muser.get_by_keyword(keyword),
cfg=config.cfg,
userinfo=self.userinfo,
)
else:
result = self.muser.get_by_keyword(keyword)
if result:
output = {
'find': result
}
else:
output = {
'find': 0,
}
return json.dump(output, self)
def delete(self, del_id):
if self.tmpl_router == "user":
is_deleted = self.muser.delete(del_id)
if is_deleted:
self.redirect('/user/find')
else:
return False
else:
if self.muser.delete(del_id):
output = {
'del_category': 1
}
else:
output = {
'del_category': 0,
}
return json.dump(output, self)
def post_find(self):
keyword = self.get_argument('keyword')
self.find(keyword)
def reset_password(self):
post_data = {}
for key in self.request.arguments:
post_data[key] = self.get_arguments(key)
if 'email' in post_data:
userinfo = self.muser.get_by_email(post_data['email'][0])
if tools.timestamp() - userinfo.reset_passwd_timestamp < 70:
self.set_status(400)
kwd = {
'info': '两次重置密码时间应该大于1分钟',
}
self.render('html/404.html', kwd=kwd, userinfo=self.userinfo)
return False
if userinfo:
timestamp = tools.timestamp()
passwd = userinfo.user_pass
username = userinfo.user_name
hash_str = tools.md5(username + str(timestamp) + passwd)
url_reset = '{0}/user/reset-passwd?u={1}&t={2}&p={3}'.format(config.site_url, username, timestamp,
hash_str)
email_cnt = '''
<div>请查看下面的信息,并<span style="color:red">谨慎操作</span>:</div>
<div>您在"{0}"网站({1})申请了密码重置,如果确定要进行密码重置,请打开下面链接:</div>
<div><a href={2}>{2}</a></div>
<div>如果无法确定本信息的有效性,请忽略本邮件。</div>
'''.format(config.site_name, config.site_url, url_reset)
if send_mail([userinfo.user_email], "{0}|密码重置".format(config.site_name), email_cnt):
self.muser.update_reset_passwd_timestamp(username, timestamp)
self.set_status(200)
return True
else:
self.set_status(400)
return False
else:
self.set_status(400)
return False
else:
self.set_status(400)
return False
def gen_passwd(self):
post_data = {}
for key in self.request.arguments:
post_data[key] = self.get_arguments(key)
userinfo = self.muser.get_by_id(post_data['u'][0])
sub_timestamp = int(post_data['t'][0])
cur_timestamp = tools.timestamp()
if cur_timestamp - sub_timestamp < 600 and cur_timestamp > sub_timestamp:
pass
else:
kwd = {
'info': '密码重置已超时!',
}
self.set_status(400)
self.render('html/404.html',
kwd=kwd,
userinfo=self.userinfo)
hash_str = tools.md5(userinfo.user_name + post_data['t'][0] + userinfo.user_pass)
if hash_str == post_data['p'][0]:
pass
else:
kwd = {
'info': '密码重置验证出错!',
}
self.set_status(400)
self.render('html/404.html',
kwd=kwd,
userinfo=self.userinfo, )
new_passwd = tools.get_uu8d()
self.muser.update_pass(userinfo.user_name, new_passwd)
kwd = {
'user_name': userinfo.user_name,
'new_pass': new_passwd,
}
self.render('user/{0}/show_pass.html'.format(self.tmpl_router),
cfg=config.cfg,
kwd=kwd,
userinfo=self.userinfo, )
class MaintainPycateCategoryHandler(BaseHandler):
def initialize(self):
self.init()
self.muser = MUser()
self.mclass = MPycateCatalog()
if self.get_current_user():
self.userinfo = self.muser.get_by_id(self.get_current_user())
else:
self.userinfo = None
def get(self, url_str=''):
url_arr = self.parse_url(url_str)
if url_str == 'add':
self.to_add_class()
elif url_str == 'list':
self.recent()
elif url_str == 'refresh':
self.refresh()
elif url_arr[0] == 'modify':
self.to_modify(url_arr[1])
elif url_arr[0] == 'delete':
self.delete(url_arr[1])
else:
kwd = {
'info': '页面未找到',
}
self.render('html/404.html', kwd=kwd)
def post(self, url_str=''):
url_arr = self.parse_url(url_str)
if len(url_arr) == 1 and url_str.endswith('.html'):
self.add_post()
if url_arr[0] == 'modify':
self.update(url_arr[1])
elif url_str == 'add':
self.user_add_class()
else:
self.redirect('html/404.html')
def recent(self):
kwd = {
'pager': '',
'unescape': tornado.escape.xhtml_unescape,
'title': '最近文档',
}
self.render(
'doc/maintain/pycatecategory/category_list.html',
kwd=kwd,
view=self.mclass.query_recent(),
format_date=tools.format_date,
userinfo=self.userinfo,
)
def refresh(self):
kwd = {
'pager': '',
'title': '最近文档',
}
self.render(
'doc/maintain/pycatecategory/category_list.html',
kwd=kwd,
userinfo=self.userinfo,
view=self.mclass.query_dated(10),
format_date=tools.format_date,
unescape=tornado.escape.xhtml_unescape,
)
def get_random(self):
return self.mclass.query_random()
def wiki(self, uid):
dbdate = self.mclass.get_by_id(uid)
if dbdate:
self.viewit(uid)
else:
self.to_add(uid)
def to_add_class(self, ):
kwd = {
'pager': '',
'uid': '',
}
self.render(
'doc/maintain/pycatecategory/category_add.html',
topmenu='',
kwd=kwd,
userinfo=self.userinfo,
)
@tornado.web.authenticated
def to_add(self, uid):
if self.is_admin():
pass
else:
return False
kwd = {
'uid': uid,
'pager': '',
}
self.render(
'doc/maintain/pycatecategory/list.html',
kwd=kwd,
)
@tornado.web.authenticated
def update(self, uid):
if self.is_admin():
pass
else:
return False
raw_data = self.mclass.get_by_id(uid)
post_data = {}
for key in self.request.arguments:
post_data[key] = self.get_arguments(key)
post_data['user_name'] = self.get_current_user()
self.mclass.update(uid, post_data)
self.redirect('/maintain/pycatecategory/list'.format(uid))
@tornado.web.authenticated
def to_modify(self, id_rec):
a = self.mclass.get_by_id(id_rec)
# 用户具有管理权限,或文章是用户自己发布的。
if self.is_admin():
pass
else:
return False
kwd = {
'pager': '',
}
self.render(
'doc/maintain/pycatecategory/category_edit.html',
kwd=kwd,
unescape=tornado.escape.xhtml_unescape,
dbrec=a,
userinfo=self.userinfo,
)
@tornado.web.authenticated
def viewit(self, post_id):
rec = self.mclass.get_by_uid(post_id)
if not rec:
kwd = {
'info': '您要找的分类不存在。',
}
self.render('html/404.html', kwd=kwd)
return False
kwd = {
'pager': '',
'editable': self.editable(),
}
self.render(
'doc/maintain/pycatecategory/category_view.html',
view=rec,
unescape=tornado.escape.xhtml_unescape,
kwd=kwd,
userinfo=self.userinfo,
)
@tornado.web.authenticated
def user_add_class(self):
if self.is_admin():
pass
else:
return False
post_data = {}
for key in self.request.arguments:
post_data[key] = self.get_arguments(key)
post_data['user_name'] = self.get_current_user()
self.mclass.insert_data(post_data)
self.redirect('/maintain/pycatecategory/list'.format())
@tornado.web.authenticated
def delete(self, del_id):
if self.is_admin():
pass
else:
return False
is_deleted = self.mclass.delete(del_id)
if is_deleted:
self.redirect('/maintain/pycatecategory/list')
else:
return False