def post(self):
"""Send captcha to user's phone through sms.
"""
status = ErrorCode.SUCCESS
try:
mobile = self.get_argument('mobile','')
captcha = ''.join(random.choice(string.digits) for x in range(6))
ios_captcha_sms = SMSCode.SMS_IOS_CAPTCHA % (captcha)
ret = SMSHelper.send(mobile, ios_captcha_sms)
ret = DotDict(json_decode(ret))
if ret.status == ErrorCode.SUCCESS:
logging.info("[CLIENT] passenger get sms captcha: %s successfully, mobile: %s",
captcha, mobile)
captcha_key = get_captcha_key(mobile)
self.redis.setvalue(captcha_key, captcha, UWEB.SMS_CAPTCHA_INTERVAL)
else:
status = ErrorCode.SERVER_BUSY
logging.error("[CLIENT] passenger get sms captcha failed, mobile: %s", mobile)
self.write_ret(status)
except Exception as e:
logging.exception("[CLIENT] passenger get sms captcha failed, mobile: %s. Exception: %s",
mobile, e.args)
status = ErrorCode.SERVER_BUSY
self.write_ret(status)
def post(self):
try:
pid = self.get_argument('pid')
iosid = self.get_argument('iosid')
mobile = self.get_argument('mobile')
cid = self.get_argument('cid')
captcha = self.get_argument('captcha')
logging.info("[CLIENT] passenger bind mobile request pid : %s, mobile : %s, cid: %s, iosid: %s, captcha: %s",
pid, mobile, cid, iosid, captcha)
except Exception as e:
status = ErrorCode.ILLEGAL_DATA_FORMAT
self.write_ret(status)
return
try:
status = ErrorCode.FAILED
captcha_key = get_captcha_key(mobile)
redis_captcha = self.redis.get(captcha_key)
if redis_captcha:
if captcha == redis_captcha:
#1.find corp's passenger is exist or not
passenger = self.db.get("SELECT pid "
" FROM T_PASSENGER"
" WHERE mobile = %s"
" AND cid = %s",
mobile, cid)
print passenger
#2.if no passenger,bind mobile else remind passenger
if passenger:
if passenger.pid == '':
self.db.execute("UPDATE T_PASSENGER "
" SET pid = %s ,"
" iosid = %s"
" WHERE mobile = %s "
" AND cid = %s ",
pid, iosid, mobile, cid)
status = ErrorCode.SUCCESS
else:
status = ErrorCode.PASSENGER_EXIST
logging.error("[CLIENT] passenger bind mobile failed. mobile: %s, captcha: %s, Message: %s",
mobile, captcha, ErrorCode.ERROR_MESSAGE[status])
else:
status = ErrorCode.WRONG_CAPTCHA
logging.error("[CLIENT] passenger bind mobile failed. mobile: %s, captcha: %s, Message: %s",
mobile, captcha, ErrorCode.ERROR_MESSAGE[status])
else:
status = ErrorCode.NO_CAPTCHA
logging.error("[CLIENT] passenger bind mobile failed. mobile: %s, captcha: %s, Message: %s",
mobile, captcha, ErrorCode.ERROR_MESSAGE[status])
self.write_ret(status)
except Exception as e:
logging.exception("[CLIENT] passenger bind mobile failed. mobile: %s. Exception: %s",
pid, e.args)
status = ErrorCode.SERVER_BUSY
self.write_ret(status)
def post(self):
"""Generate a captcha for retrieving the password."""
status = ErrorCode.SUCCESS
try:
data = DotDict(json_decode(self.request.body))
umobile = data.mobile
captcha_psd = data.captcha_psd
logging.info("[UWEB] Get captcha request: %s", data)
except Exception as e:
status = ErrorCode.ILLEGAL_DATA_FORMAT
logging.exception("[UWEB] Invalid data format. body: %s, Exception: %s",
self.request.body, e.args)
self.write_ret(status)
return
try:
status = self.check_privilege(umobile)
if status != ErrorCode.SUCCESS:
logging.error("[UWEB] User: %s is just for test, has no right to access the function.",
umobile)
self.write_ret(status)
return
captchahash = self.get_secure_cookie("captchahash_password")
m = hashlib.md5()
m.update(captcha_psd.lower())
m.update(UWEB.HASH_SALT)
hash_ = m.hexdigest()
if hash_.lower() != captchahash.lower():
status = ErrorCode.WRONG_CAPTCHA_IMAGE
logging.info("[UWEB] Come from browser, captcha-check failed.")
self.write_ret(status)
return
user = self.db.get("SELECT mobile"
" FROM T_USER"
" WHERE mobile = %s"
" LIMIT 1",
umobile)
if user:
remote_ip = self.request.remote_ip
remote_ip_key = "register_remote_ip:%s" % remote_ip
umobile_key = "register_umobile:%s" % umobile
remote_ip_times = self.redis.getvalue(remote_ip_key)
umobile_times = self.redis.getvalue(umobile_key)
if remote_ip_times is None:
remote_ip_times = 0
if umobile_times is None:
umobile_times = 0
logging.info("[UWEB] Register. umobile: %s, umobile_times: %s, remote_ip: %s, remote_ip_times: %s",
umobile, umobile_times, remote_ip, remote_ip_times)
#NOTE: In current day, the same remote_ip allows 10 times, the umobile, 3 times
current_time = int(time.time())
date = get_date_from_utc(current_time)
year, month, day = date.year, date.month, date.day
start_time_, end_time_ = start_end_of_day(year=year, month=month, day=day)
if umobile_times >= 3: # <= 3 is ok
status = ErrorCode.REGISTER_EXCESS
if remote_ip_times >= 10: # <= 10 is ok
status = ErrorCode.REGISTER_EXCESS
if status == ErrorCode.REGISTER_EXCESS:
body = u'管理员您好:检测到频繁注册,请查看. umobile: %s, umobile_times: %s, remote_ip: %s, remote_ip_times: %s' % (
umobile, umobile_times, remote_ip, remote_ip_times)
notify_maintainer(self.db, self.redis, body, 'password')
self.write_ret(status)
return
captcha = ''.join(random.choice(string.digits) for x in range(4))
getcaptcha_sms = SMSCode.SMS_CAPTCHA % (captcha)
ret = SMSHelper.send(umobile, getcaptcha_sms)
ret = DotDict(json_decode(ret))
if ret.status == ErrorCode.SUCCESS:
logging.info("[UWEB] user uid: %s get captcha success, the captcha: %s",
umobile, captcha)
captcha_key = get_captcha_key(umobile)
self.redis.setvalue(captcha_key, captcha, UWEB.SMS_CAPTCHA_INTERVAL)
self.redis.set(umobile_key, umobile_times+1)
self.redis.expireat(umobile_key, end_time_)
self.redis.set(remote_ip_key, remote_ip_times+1)
self.redis.expireat(remote_ip_key, end_time_)
else:
status = ErrorCode.SERVER_BUSY
logging.error("[UWEB] user uid: %s get captcha failed.", umobile)
else:
status = ErrorCode.USER_NOT_ORDERED
logging.error("[UWEB] user uid: %s does not exist, get captcha failed.",
umobile)
self.write_ret(status)
except Exception as e:
logging.exception("[UWEB] user uid: %s retrieve password failed. Exception: %s",
umobile, e.args)
status = ErrorCode.SERVER_BUSY
self.write_ret(status)
def get(self):
"""Send captcha to user's phone through sms.
"""
status = ErrorCode.SUCCESS
try:
umobile = self.get_argument('umobile', '')
tmobile = self.get_argument('tmobile', '')
remote_ip = self.request.remote_ip
captcha_image = self.get_argument('captcha_img', '')
captchahash = self.get_secure_cookie("captchahash_image")
logging.info("[UWEB] Get captcha-sms request. umobile:%s, tmobile: %s, captcha_img: %s",
umobile, tmobile, captcha_image)
m = hashlib.md5()
m.update(captcha_image.lower())
m.update(UWEB.HASH_SALT)
hash_ = m.hexdigest()
if hash_.lower() != captchahash.lower():
status = ErrorCode.WRONG_CAPTCHA_IMAGE
logging.info(
"[UWEB] Come from browser, captcha-check failed.")
self.write_ret(status)
return
# check tmobile is whitelist or not
white_list = check_zs_phone(tmobile, self.db)
if not white_list:
logging.info("[UWEB] %s is not whitelist", tmobile)
status = ErrorCode.MOBILE_NOT_ORDERED
message = ErrorCode.ERROR_MESSAGE[status] % tmobile
self.write_ret(status, message=message)
return
# NOTE: check times
remote_ip_key = "register_remote_ip:%s" % remote_ip
umobile_key = "register_umobile:%s" % umobile
remote_ip_times = self.redis.getvalue(remote_ip_key)
umobile_times = self.redis.getvalue(umobile_key)
if remote_ip_times is None:
remote_ip_times = 0
if umobile_times is None:
umobile_times = 0
logging.info("[UWEB] Register. umobile: %s, umobile_times: %s, remote_ip: %s, remote_ip_times: %s",
umobile, umobile_times, remote_ip, remote_ip_times)
# NOTE: In current day, the same remote_ip allows 10 times, the
# umobile, 3 times
current_time = int(time.time())
date = get_date_from_utc(current_time)
year, month, day = date.year, date.month, date.day
start_time_, end_time_ = start_end_of_day(
year=year, month=month, day=day)
if umobile_times >= 3: # <= 3 is ok
status = ErrorCode.REGISTER_EXCESS
if remote_ip_times >= 10: # <= 10 is ok
status = ErrorCode.REGISTER_EXCESS
if status == ErrorCode.REGISTER_EXCESS:
body = u'管理员您好:检测到频繁注册,请查看. umobile: %s, umobile_times: %s, remote_ip: %s, remote_ip_times: %s' % (
umobile, umobile_times, remote_ip, remote_ip_times)
notify_maintainer(self.db, self.redis, body, 'register')
self.write_ret(status)
return
psd = ''.join(random.choice(string.digits) for x in range(4))
captcha_sms = SMSCode.SMS_REG % (psd)
ret = SMSHelper.send(umobile, captcha_sms)
ret = DotDict(json_decode(ret))
if ret.status == ErrorCode.SUCCESS:
logging.info("[UWEB] Get sms captcha successfully. umobile: %s, captcha: %s.",
umobile, psd)
captcha_key = get_captcha_key(umobile)
self.redis.setvalue(
captcha_key, psd, UWEB.SMS_CAPTCHA_INTERVAL)
self.redis.set(umobile_key, umobile_times + 1)
self.redis.expireat(umobile_key, end_time_)
self.redis.set(remote_ip_key, remote_ip_times + 1)
self.redis.expireat(remote_ip_key, end_time_)
else:
status = ErrorCode.SERVER_BUSY
logging.error(
"[UWEB] Get sms captcha failed. umobile: %s.", umobile)
self.write_ret(status)
except Exception as e:
logging.exception("[UWEB] Get sms captcha failed. umobile:%s. Exception: %s",
umobile, e.args)
status = ErrorCode.SERVER_BUSY
self.write_ret(status)
def post(self):
"""Regist a pair of umobile and tmobile.
"""
status = ErrorCode.SUCCESS
try:
data = DotDict(json_decode(self.request.body))
logging.info("[UWEB] Register request: %s", data)
umobile = data.umobile
tmobile = data.tmobile
captcha = data.captcha
except Exception as e:
status = ErrorCode.ILLEGAL_DATA_FORMAT
logging.exception("[UWEB] Invalid data format. Exception: %s",
e.args)
self.write_ret(status)
return
try:
# check tmobile is whitelist or not
white_list = check_zs_phone(tmobile, self.db)
if not white_list:
logging.info("[UWEB] Mobile is not whitelist. tmobile: %s.", tmobile)
status = ErrorCode.MOBILE_NOT_ORDERED
message = ErrorCode.ERROR_MESSAGE[status] % tmobile
self.write_ret(status, message=message)
return
captcha_key = get_captcha_key(umobile)
captcha_old = self.redis.get(captcha_key)
if captcha_old:
if captcha == str(captcha_old):
terminal = QueryHelper.get_terminal_by_tmobile(
tmobile, self.db)
if terminal:
if terminal.service_status == UWEB.SERVICE_STATUS.TO_BE_UNBIND:
# delete to_be_unbind terminal!
delete_terminal(terminal.tid, self.db, self.redis)
else:
status = ErrorCode.TERMINAL_ORDERED
logging.info("[UWEB] Regist failed. umobile: %s, tmobile: %s Message: %s",
umobile, tmobile, ErrorCode.ERROR_MESSAGE[status])
self.write_ret(status)
return
register_sms = SMSCode.SMS_REGISTER % (umobile, tmobile)
ret = SMSHelper.send_to_terminal(tmobile, register_sms)
ret = DotDict(json_decode(ret))
if ret.status == ErrorCode.SUCCESS:
logging.info("[UWEB] Regist successfully. umobile: %s, tmobile: %s ",
umobile, tmobile)
self.redis.delete(captcha_key)
else:
status = ErrorCode.REGISTER_FAILED
logging.error("[UWEB] Regist failed. umobile: %s, tmobile: %s. Message: %s",
umobile, tmobile, ErrorCode.ERROR_MESSAGE[status])
else:
status = ErrorCode.WRONG_CAPTCHA
logging.error("[UWEB] Regist failed. umobile: %s, captcha: %s, captcha_old: %s, Message: %s",
umobile, captcha, captcha_old, ErrorCode.ERROR_MESSAGE[status])
else:
status = ErrorCode.NO_CAPTCHA
logging.error("[UWEB] Register failed. umobile: %s, captcha: %s, Message: %s",
umobile, captcha, ErrorCode.ERROR_MESSAGE[status])
self.write_ret(status)
except Exception as e:
logging.exception("[UWEB] Register failed. umobile: %s tmobile: %s , Exception: %s",
umobile, tmobile, e.args)
status = ErrorCode.REGISTER_FAILED
self.write_ret(status)
def post(self):
"""Retrieve the password."""
status = ErrorCode.SUCCESS
try:
data = DotDict(json_decode(self.request.body))
umobile = data.mobile
captcha_psd = data.get('captcha_psd','')
captchahash = self.get_secure_cookie("captchahash_password")
logging.info("[UWEB] Corp retrieve password request: %s", data)
except Exception as e:
status = ErrorCode.ILLEGAL_DATA_FORMAT
logging.exception("[UWEB] Invalid data format. body: %s, Exception: %s",
self.request.body, e.args)
self.write_ret(status)
return
try:
# check the umobile whether belongs to guandong
is_guandong = check_gd_phone(umobile)
if is_guandong:
pass
else:
logging.info("[UWEB] Mobile is not come from GuanDong, reject it.")
status = ErrorCode.UMOBILE_REGISTER_EXCESS
self.write_ret(status)
return
#NOTE: check captcha-sms for brower
from_brower = False
if self.request.headers.get('User-Agent',None):
user_agent = self.request.headers.get('User-Agent').lower()
if re.search('darwin', user_agent): # Ios client
logging.info("[UWEB] Come from IOS client, do not check captcha-image, User-Agent: %s",
user_agent)
from_brower = False
else:
logging.info("[UWEB] Come from browser, check captcha-image, User-Agent: %s",
user_agent)
from_brower = True
else: # Android client
from_brower = False
logging.info("[UWEB] Come from Android client, do not check captcha-image")
if from_brower:
m = hashlib.md5()
m.update(captcha_psd.lower())
m.update(UWEB.HASH_SALT)
hash_ = m.hexdigest()
if hash_.lower() != captchahash.lower():
status = ErrorCode.WRONG_CAPTCHA_IMAGE
logging.info("[UWEB] Come from browser, captcha-check failed.")
self.write_ret(status)
return
user = self.db.get("SELECT mobile"
" FROM T_CORP"
" WHERE cid = %s"
" LIMIT 1",
umobile)
if not user:
user = self.db.get("SELECT mobile"
" FROM T_OPERATOR"
" WHERE oid = %s"
" LIMIT 1",
umobile)
if user:
remote_ip = self.request.remote_ip
remote_ip_key = "register_remote_ip:%s" % remote_ip
umobile_key = "register_umobile:%s" % umobile
remote_ip_times = self.redis.getvalue(remote_ip_key)
umobile_times = self.redis.getvalue(umobile_key)
if remote_ip_times is None:
remote_ip_times = 0
if umobile_times is None:
umobile_times = 0
logging.info("[UWEB] Register. umobile: %s, umobile_times: %s, remote_ip: %s, remote_ip_times: %s",
umobile, umobile_times, remote_ip, remote_ip_times)
#NOTE: In current day, the same remote_ip allows 10 times, the umobile, 3 times
current_time = int(time.time())
date = get_date_from_utc(current_time)
year, month, day = date.year, date.month, date.day
start_time_, end_time_ = start_end_of_day(year=year, month=month, day=day)
if umobile_times >= 3: # <= 3 is ok
status = ErrorCode.REGISTER_EXCESS
if remote_ip_times >= 10: # <= 10 is ok
status = ErrorCode.REGISTER_EXCESS
if status == ErrorCode.REGISTER_EXCESS:
body = u'管理员您好:检测到频繁注册,请查看. umobile: %s, umobile_times: %s, remote_ip: %s, remote_ip_times: %s' % (
umobile, umobile_times, remote_ip, remote_ip_times)
notify_maintainer(self.db, self.redis, body, 'password')
self.write_ret(status)
return
captcha = ''.join(random.choice(string.digits) for x in range(4))
getcaptcha_sms = SMSCode.SMS_CAPTCHA % (captcha)
ret = SMSHelper.send(umobile, getcaptcha_sms)
ret = DotDict(json_decode(ret))
if ret.status == ErrorCode.SUCCESS:
logging.info("[UWEB] corp mobile: %s get captcha success, the captcha: %s",
umobile, captcha)
captcha_key = get_captcha_key(umobile)
self.redis.setvalue(captcha_key, captcha, UWEB.SMS_CAPTCHA_INTERVAL)
self.redis.set(umobile_key, umobile_times+1)
self.redis.expireat(umobile_key, end_time_)
self.redis.set(remote_ip_key, remote_ip_times+1)
self.redis.expireat(remote_ip_key, end_time_)
else:
status = ErrorCode.SERVER_BUSY
logging.error("[UWEB] Get captcha failed. corp mobile: %s",
umobile)
else:
logging.error("[UWEB] Get captcha failed. corp mobile: %s does not exist.",
umobile)
status = ErrorCode.USER_NOT_ORDERED
self.write_ret(status)
except Exception as e:
logging.exception("[UWEB] Get captcha failed. corp mobile: %s, Exception: %s",
umobile, e.args)
status = ErrorCode.SERVER_BUSY
self.write_ret(status)
def post(self):
"""Retrieve the password."""
status = ErrorCode.SUCCESS
try:
data = DotDict(json_decode(self.request.body))
mobile = data.mobile
captcha = data.get('captcha','')
logging.info("[UWEB] User retrieve password request: %s", data)
except Exception as e:
status = ErrorCode.ILLEGAL_DATA_FORMAT
self.write_ret(status)
return
try:
status = self.check_privilege(data.mobile)
if status != ErrorCode.SUCCESS:
logging.error("[UWEB] User: %s is just for test,"
" has no right to access the function.",
data.mobile)
self.write_ret(status)
return
psd = get_psd()
user = QueryHelper.get_user_by_mobile(mobile, self.db)
if user:
psd_info = dict(user_id=mobile,
user_type=UWEB.USER_TYPE.PERSON,
password=psd)
if not captcha: # old version
update_password(psd_info, self.db, self.redis)
retrieve_password_sms = SMSCode.SMS_RETRIEVE_PASSWORD % (psd)
ret = SMSHelper.send(mobile, retrieve_password_sms)
ret = DotDict(json_decode(ret))
if ret.status == ErrorCode.SUCCESS:
logging.info("[UWEB] user uid: %s retrieve password success, "
" the new passwrod: %s",
mobile, psd)
else:
status = ErrorCode.SERVER_BUSY
logging.error("[UWEB] user uid: %s retrieve password failed.",
mobile)
else: # new version
captcha_key = get_captcha_key(mobile)
captcha_old = self.redis.get(captcha_key)
if captcha_old:
if captcha == str(captcha_old):
update_password(psd_info, self.db, self.redis)
retrieve_password_sms = SMSCode.SMS_RETRIEVE_PASSWORD % (psd)
ret = SMSHelper.send(mobile, retrieve_password_sms)
ret = DotDict(json_decode(ret))
if ret.status == ErrorCode.SUCCESS:
logging.info("[UWEB] user uid: %s retrieve password success, "
" the new passwrod: %s",
mobile, psd)
else:
status = ErrorCode.SERVER_BUSY
logging.error("[UWEB] user uid: %s retrieve password failed.",
mobile)
else:
status = ErrorCode.WRONG_CAPTCHA
logging.error("mobile: %s retrieve password failed. "
" captcha: %s, captcha_old: %s, Message: %s",
mobile, captcha, captcha_old, ErrorCode.ERROR_MESSAGE[status])
else:
status = ErrorCode.NO_CAPTCHA
logging.error("mobile: %s retrieve password failed. captcha: %s, Message: %s",
mobile, captcha, ErrorCode.ERROR_MESSAGE[status])
else:
status = ErrorCode.USER_NOT_ORDERED
logging.error("[UWEB] umobile: %s does not exist, retrieve password failed.",
mobile)
self.write_ret(status)
except Exception as e:
logging.exception("[UWEB] user uid: %s retrieve password failed. Exception: %s",
mobile, e.args)
status = ErrorCode.SERVER_BUSY
self.write_ret(status)
def post(self):
"""Retrieve the password."""
status = ErrorCode.SUCCESS
try:
data = DotDict(json_decode(self.request.body))
mobile = data.mobile
captcha = data.get('captcha','')
logging.info("[UWEB] corp retrieve password request: %s",
data)
except Exception as e:
status = ErrorCode.ILLEGAL_DATA_FORMAT
self.write_ret(status)
return
try:
status = ErrorCode.SUCCESS
psd = get_psd()
user = QueryHelper.get_corp_by_cid(mobile, self.db)
if user: # corp
psd_info = dict(user_id=mobile,
user_type=UWEB.USER_TYPE.CORP,
password=psd)
if not captcha: # old version
update_password(psd_info, self.db, self.redis)
else: # new version
captcha_key = get_captcha_key(mobile)
captcha_old = self.redis.get(captcha_key)
if captcha_old:
if captcha == str(captcha_old):
update_password(psd_info, self.db, self.redis)
else:
status = ErrorCode.WRONG_CAPTCHA
logging.error("[UWEB] Crop retrieve password failed."
" mobile: %s, captcha: %s, captcha_old: %s, Message: %s",
mobile, captcha, captcha_old, ErrorCode.ERROR_MESSAGE[status])
else:
status = ErrorCode.NO_CAPTCHA
logging.error("[UWEB] Corp retrieve password failed. "
" mobile: %s, captcha: %s, Message: %s",
mobile, captcha, ErrorCode.ERROR_MESSAGE[status])
else:
user = QueryHelper.get_operator_by_oid(mobile, self.db)
if user: # operator
psd_info = dict(user_id=mobile,
user_type=UWEB.USER_TYPE.OPERATOR,
password=psd)
if not captcha: # old version
update_password(psd_info, self.db, self.redis)
else: # new version
captcha_key = get_captcha_key(mobile)
captcha_old = self.redis.get(captcha_key)
if captcha_old:
if captcha == str(captcha_old):
update_password(psd_info, self.db, self.redis)
else:
status = ErrorCode.WRONG_CAPTCHA
logging.error("[UWEB] Operator retrieve password failed. "
" mobile: %s, captcha: %s, captcha_old: %s, Message: %s",
mobile, captcha, captcha_old, ErrorCode.ERROR_MESSAGE[status])
else:
status = ErrorCode.NO_CAPTCHA
logging.error("[UWEB] Operator retrieve password failed. "
" mobile: %s, captcha: %s, Message: %s",
mobile, captcha, ErrorCode.ERROR_MESSAGE[status])
else:
status = ErrorCode.USER_NOT_ORDERED
logging.error("[UWEB] Operator does not exist, retrieve password failed. mobile: %s",
mobile)
if status == ErrorCode.SUCCESS:
retrieve_password_sms = SMSCode.SMS_RETRIEVE_PASSWORD % (psd)
ret = SMSHelper.send(mobile, retrieve_password_sms)
ret = DotDict(json_decode(ret))
if ret.status == ErrorCode.SUCCESS:
logging.info("[UWEB] Corp retrieve password success, "
" mobile: %s, the new passwrod: %s",
mobile, psd)
else:
status = ErrorCode.SERVER_BUSY
logging.error("[UWEB] Corp retrieve password failed. mobile: %s",
mobile)
self.write_ret(status)
except Exception as e:
logging.exception("[UWEB] Corp retrieve password failed. mobile: %s, Exception: %s",
mobile, e.args)
status = ErrorCode.SERVER_BUSY
self.write_ret(status)
