def post(self): username = self.validated_arguments['username'] verify_code = self.validated_arguments['verify_code'] new_password = self.validated_arguments['new_password'] if is_mobile(username): if not self.verify_mobile(username, verify_code): raise ApiException(400, "验证码错误,请重新输入") user = User.get_or_none(mobile=username) if not user: raise ApiException(400, "手机号还没有注册") User.update(password=User.create_password(new_password)).where( User.id == user.id).execute() elif username.find("@") > 0: user = User.get_or_none(email=username) if not user: raise ApiException(400, "邮箱还没有注册") User.update(password=User.create_password(new_password)).where( User.id == user.id).execute() else: raise ApiException(400, "用户名格式有误,请填写手机号或电子邮箱") self.write_success()
def test_refresh_token(self): self.auth_user = User.create(name='test3', mobile="13838003803", password=User.create_password("123456")) url = "api/2/auth/refresh_token" response = self.fetch(url) self.assertEqual(200, response.code, response.body.decode()) result = json.loads(response.body.decode()) self.assertIn("session", result, result) self.assertIn("current_user", result, result)
def post(self): form = MobileResetPasswordForm(self.arguments) if form.validate() and self.validate_verify_code(form): User.update(password=User.create_password( self.get_argument("password"))).where( User.mobile == self.get_argument("mobile")).execute() self.flash("重置密码成功,请使用新密码登录") self.redirect(self.reverse_url("club_auth_login")) self.render("password/mobile_reset_password.html", form=form)
def test_login(self): user = User.create(name='test2', mobile="13838003802", password=User.create_password("123456")) url = "api/2/auth/login" body = {"username": "******", "password": "******"} response = self.fetch(url, method="POST", body=json.dumps(body)) self.assertEqual(200, response.code, response.body.decode()) result = json.loads(response.body.decode()) self.assertIn("session", result, result) self.assertIn("current_user", result, result)
def post(self): form = RegisterForm(self.arguments) if form.validate() and self.verify_register_form_data(form): user = User() form.populate_obj(user) user.password = User.create_password(user.password) user.save() self.login(user) self.redirect(self.reverse_url("club_create")) else: self.render("register.html", form=form)
def post(self): form = ChangePasswordForm(self.arguments) if form.validate() and self.validate_password(form): User.update( password=User.create_password(self.get_argument("newPassword")) ).where( User.id == self.current_user.id ).execute() self.flash("修改密码成功!", category='success') self.redirect(self.reverse_url("club_account_change_password")) return self.render("account/change_password.html", form=form)
def test_reset_password(self): user = User.create(name='test4', mobile="13838003804", password=User.create_password("123456")) new_password = "******" url = "api/2/auth/reset_password" body = { "username": "******", "verify_code": "8888", "new_password": new_password } response = self.fetch(url, method="POST", body=json.dumps(body)) self.assertEqual(200, response.code, response.body.decode()) user = User.get(id=user.id) result = User.check_password(user.password, new_password) self.assertEqual(True, result, result)
def post(self): form = EmailResetPasswordForm(self.arguments) messages = self.get_flashed_messages() if form.validate(): user = self.have_user(form.email.data) key = self.get_reset_password_mail_cache_key(form.email.data) verify_code = self.redis.get(key) if not user: messages = [('danger', '邮箱未注册')] elif not verify_code or verify_code != form.verify_code.data: messages = [('danger', '重置密码邮箱验证失败,请重新验证')] else: user.password = User.create_password(form.new_password.data) user.save() self.redis.delete(key) messages = [('info', '密码修改成功')] return self.redirect(self.reverse_url('club_auth_login')) self.render("password/reset_password.html", form=form, messages=messages)