def adduser():
s = request.environ.get('beaker.session')
username = request.forms.get("username")
passwd = request.forms.get("passwd")
policy = request.forms.get("policy")
access = request.forms.get("access")
comment = request.forms.get("comment")
#把密码进行md5加密码处理后再保存到数据库中
m_encrypt = LoginCls().encode(keys,passwd)
#检查表单长度
if len(username) < 4 or (len(passwd) > 0 and len(passwd) < 8) :
message = "用户名或密码长度不符要求!"
return '-2'
#检测表单各项值,如果出现为空的表单,则返回提示
if not (username and policy and access):
message = "表单不允许为空!"
return '-2'
sql = """
INSERT INTO
user(username,passwd,policy,access,comment)
VALUES(%s,%s,%s,%s,%s)
"""
data = (username,m_encrypt,policy,access,comment)
result = writeDb(sql,data)
if result:
wrtlog('User','新增用户成功:%s' % username,s['username'],s.get('clientip'))
return '0'
else:
wrtlog('User','新增用户失败:%s' % username,s['username'],s.get('clientip'))
return '-1'
def user():
s = request.environ.get('beaker.session')
username = s.get('username')
oldpwd = request.forms.get("oldpwd")
newpwd = request.forms.get("newpwd")
newpwds = request.forms.get("newpwds")
sql = " select passwd from user where username=%s "
result = readDb(sql,(username,))
if result[0].get('passwd') != LoginCls().encode(keys,oldpwd) :
msg = {'color':'red','message':u'旧密码验证失败,请重新输入'}
return template('changepasswd',session=s,msg=msg,info={})
if newpwd != newpwds :
msg = {'color':'red','message':u'密码两次输入不一致,请重新输入'}
return template('changepasswd',session=s,msg=msg,info={})
m_encrypt = LoginCls().encode(keys,newpwd)
sql2 = " update user set passwd=%s where username=%s "
result = writeDb(sql2,(m_encrypt,username))
if result == True :
wrtlog('User','更改密码成功',username,s.get('clientip'))
msg = {'color':'green','message':u'密码更新成功,后续请以新密码登录系统'}
return template('changepasswd',session=s,msg=msg,info={})
else:
wrtlog('User','更改密码失败',username,s.get('clientip'))
msg = {'color':'red','message':u'密码更新失败,请核对错误'}
return template('changepasswd',session=s,msg=msg,info={})
def deluser():
s = request.environ.get('beaker.session')
id = request.forms.get('str').rstrip(',')
if not id:
return '-1'
# 禁止删除ADMIN账户
if id == '1':
return '-1'
for i in id.split(','):
if i == '1':
return '-1'
sql = "delete from user where id in (%s) "
result = writeDb(sql,(i,))
if result:
wrtlog('User','删除用户成功',s['username'],s.get('clientip'))
return '0'
else:
wrtlog('User','删除用户失败',s['username'],s.get('clientip'))
return '-1'
def do_login():
s = request.environ.get('beaker.session')
s['sitename'] = AppServer().getConfValue('site','sitename')
"""用户登陆过程,判断用户帐号密码,保存SESSION"""
username = request.forms.get('username').strip()
passwd = request.forms.get('passwd').strip()
if not username or not passwd:
message = u'帐号或密码不能为空!'
return template('login',message=message)
m_encrypt = LoginCls().encode(keys,passwd)
auth_sql = '''
SELECT
id,username,access
FROM
user
WHERE
username=%s and passwd=%s
'''
auth_user = readDb(auth_sql,(username,m_encrypt))
if auth_user:
s['webhost'] = request.environ.get('HTTP_HOST')
s['clientip'] = request.environ.get('REMOTE_ADDR')
s['username'] = username
s['userid'] = auth_user[0]['id']
s['access'] = auth_user[0]['access']
# session中添加系统环境检测警报
s['admemail'] = '*****@*****.**'
s['errnum'] = errnum
s['PayInfo'] = AppServer().getPayinfo()
s.save()
wrtlog('Login','登录成功',username,s['clientip'])
else:
clientip = request.environ.get('REMOTE_ADDR')
wrtlog('Login','登录失败',username,clientip)
message = u'帐号或密码错误!'
return template('login',message=message,session=s)
if auth_user[0]['access'] == 0 :
return redirect('/project')
return redirect('/')
def do_changeuser(id):
s = request.environ.get('beaker.session')
username = request.forms.get("username")
passwd = request.forms.get("passwd")
stopdate = request.forms.get("stopdate")
policy = request.forms.get("policy")
access = request.forms.get("access")
comment = request.forms.get("comment")
#把密码进行加密处理后再保存到数据库中
if not passwd:
sql = "select passwd from user where id = %s"
m_encrypt = readDb(sql, (id, ))[0].get('passwd')
else:
m_encrypt = LoginCls().encode(keys, passwd)
# 判断用户表单跳转[弃用]
#if int(access) == 0:
# formaddr='user'
#else :
# formaddr='admin'
#检查表单长度
if len(username) < 4 or (len(passwd) > 0 and len(passwd) < 8):
return -1
if not (username and policy):
return -2
sql = """
UPDATE user SET
username=%s,passwd=%s,stopdate=%s,policy=%s,access=%s,comment=%s
WHERE id=%s
"""
data = (username, m_encrypt, stopdate, int(policy), access, comment, id)
result = writeDb(sql, data)
if result == True:
wrtlog('User', '更新用户成功:%s' % username, s['username'],
s.get('clientip'))
writeVPNconf(action='uptuser')
return 0
else:
wrtlog('User', '更新用户失败:%s' % username, s['username'],
s.get('clientip'))
return -1
def do_changeuser(id):
s = request.environ.get('beaker.session')
username = request.forms.get("username")
passwd = request.forms.get("passwd")
policy = request.forms.get("policy")
access = request.forms.get("access")
comment = request.forms.get("comment")
#把密码进行加密处理后再保存到数据库中
if not passwd :
sql = "select passwd from user where id = %s"
m_encrypt = readDb(sql,(id,))[0].get('passwd')
else:
m_encrypt = LoginCls().encode(keys,passwd)
# 判断用户表单跳转[弃用]
#if int(access) == 0:
# formaddr='user'
#else :
# formaddr='admin'
#检查表单长度
if len(username) < 4 or (len(passwd) > 0 and len(passwd) < 8) :
return -1
if not (username and policy):
return -2
sql = """
UPDATE user SET
username=%s,passwd=%s,policy=%s,access=%s,comment=%s
WHERE id=%s
"""
data = (username,m_encrypt,int(policy),access,comment,id)
result = writeDb(sql,data)
if result == True:
wrtlog('User','更新用户成功:%s' % username,s['username'],s.get('clientip'))
writeVPNconf(action='uptuser')
return 0
else:
wrtlog('User','更新用户失败:%s' % username,s['username'],s.get('clientip'))
return -1
from Functions import getAPIData, netModule, wrtlog
netmod = netModule()
API = getAPIData()
if __name__ == '__main__':
#获取用户策略ID [VPN]
if sys.argv[1] == 'API' and sys.argv[2] == 'getUserLineID':
print API.getUserLineID(sys.argv[3])
#重置管理员密码接口
elif sys.argv[1] == 'API' and sys.argv[2] == 'resetAdminPass':
print API.resetAdminPass(sys.argv[3])
#操作日志写入接口
elif sys.argv[1] == 'API' and sys.argv[2] == 'wrtvpnlogin':
print wrtlog(sys.argv[3], sys.argv[4], sys.argv[5], sys.argv[6])
#获取设备接口状态
elif sys.argv[1] == 'API' and sys.argv[2] == 'getnistatus':
print netmod.getNistatus(sys.argv[3])
#获取设备接口网关
elif sys.argv[1] == 'API' and sys.argv[2] == 'getgw':
print netmod.getIfGW(sys.argv[3])
#获取接口权重值
elif sys.argv[1] == 'API' and sys.argv[2] == 'getniweight':
print netmod.getNiWeight(sys.argv[3])
#获取接口名称
elif sys.argv[1] == 'API' and sys.argv[2] == 'getniname':
print netmod.getNiname(sys.argv[3])
#获取接口区域
elif sys.argv[1] == 'API' and sys.argv[2] == 'getnizone':
print netmod.getNizone(sys.argv[3])