def backup():
'''Run backup tasks'''
data = input(
'Enter data identifier (e.g.: backup or 20180805 or press the enter/return key): '
)
if data == '':
from datetime import datetime
data = datetime.now().strftime('%Y%m%d%H%M%S')
datadir = os.path.join(app.config['DATA_DIR'], data)
if not os.path.exists(datadir):
os.makedirs(datadir)
from app.models import User
User.backup_entries(data=data)
from app.models import Punch
Punch.backup_entries(data=data)
from app.models import Device
Device.backup_entries(data=data)
from app.models import DeviceLessonType
DeviceLessonType.backup_entries(data=data)
from app.models import UserLog
UserLog.backup_entries(data=data)
def delete_video(id):
video = Video.query.get_or_404(id)
name = video.title
if current_user != video.uploader:
abort(403)
db.session.delete(video)
video_file = os.path.join(current_app.config['UPLOADS_DEFAULT_DEST'], 'videos/', video.url)
cover_file = os.path.join(current_app.config['UPLOADS_DEFAULT_DEST'], 'images/', video.cover)
extension = os.path.splitext(video.cover)
thumbnail_name = extension[0] + '_thumbnail' + extension[-1]
thumbnail_file = os.path.join(current_app.config['IMG_THUMB_DEST'], thumbnail_name)
try:
if os.path.exists(video_file):
os.remove(video_file)
if os.path.exists(cover_file):
os.remove(cover_file)
if os.path.exists(thumbnail_file):
os.remove(thumbnail_file)
except:
error_log = UserLog(user=current_user, ip=request.remote_addr, info='删除视频文件失败!')
db.session.add(error_log)
try:
user_log = UserLog(user=current_user, ip=request.remote_addr, info='删除 '+video.title)
db.session.add(user_log)
db.session.commit()
flash('视频[ ' + name + ' ]已经删除')
except:
flash('未知错误!请重试或联系管理员')
db.session.rollback()
return redirect(url_for('.user', username=current_user.username))
def deploy():
'''Run deployment tasks'''
# migrate database to latest revision
from flask_migrate import upgrade
upgrade()
verbose = False
if app.debug:
verbose_mode = input('Run in verbose mode? [yes/No]: ')
if verbose_mode.lower() in ['y', 'yes']:
verbose = True
# insert data
data = 'common'
from app.models import Permission
Permission.insert_entries(data=data, verbose=verbose)
from app.models import Role
Role.insert_entries(data=data, verbose=verbose)
from app.models import Room
Room.insert_entries(data=data, verbose=verbose)
from app.models import DeviceType
DeviceType.insert_entries(data=data, verbose=verbose)
from app.models import LessonType
LessonType.insert_entries(data=data, verbose=verbose)
from app.models import Lesson
Lesson.insert_entries(data=data, verbose=verbose)
from app.models import Video
Video.insert_entries(data=data, verbose=verbose)
data = input(
'Enter data identifier (e.g.: 20180805 or press the enter/return key for initial data): '
)
if data == '':
data = 'initial'
datadir = os.path.join(app.config['DATA_DIR'], data)
if os.path.exists(datadir):
from app.models import User
User.insert_entries(data=data, verbose=verbose)
from app.models import Punch
Punch.insert_entries(data=data, verbose=verbose)
from app.models import Device
Device.insert_entries(data=data, verbose=verbose)
from app.models import DeviceLessonType
DeviceLessonType.insert_entries(data=data, verbose=verbose)
from app.models import UserLog
UserLog.insert_entries(data=data, verbose=verbose)
def _login(user):
login_user(user, remember=True)
if (user.auth == AuthEnum.Admin) or (user.auth == AuthEnum.SuperAdmin):
admin_log = AdminLog()
admin_log.add()
user_log = UserLog()
user_log.add()
next_ = request.args.get('next')
# not next_.startswith('/') 防止重定向攻击
if (next_ is None) or (not next_.startswith('/')):
if (user.auth == AuthEnum.Admin) or (user.auth == AuthEnum.SuperAdmin):
next_ = url_for('admin.index')
else:
next_ = url_for('home.index')
return next_
def login() -> Union[str, None, werkzeug.wrappers.Response]:
form = LoginForm()
if request.method == 'GET':
return render_template('home/login.html', form=form)
else:
if form.validate_on_submit() is True: # 验证格式
data = form.data
user_field = User.query.filter_by(name=data['name']).first()
if check_pwd(form) is True: # 验证密码
session.update({
'user': user_field.name,
'user_id': user_field.id
})
# 储存用户登录日志信息
user_log = UserLog(
user_id=user_field.id,
ip=request.remote_addr,
)
db.session.add(user_log)
db.session.commit()
return redirect(
request.args.get('next') or url_for('home.user'))
else:
flash('密码验证失败', 'err')
else:
flash('用户名或密码格式不正确', 'err')
return redirect(url_for('home.login'))
def login():
form = LoginForm()
if request.method == "GET":
form.contact.flags.required = False
form.pwd.flags.required = False
if form.validate_on_submit():
data = form.data
user = User()
if re.match(r"^1[34578]\d{9}$", data["contact"]):
user = User.query.filter_by(phone=data["contact"]).first()
elif re.match(
r"^[0-9a-zA-Z_]{0,19}@[0-9a-zA-Z]{1,13}\.[com,cn,net]{1,3}$",
data["contact"]):
user = User.query.filter_by(email=data["contact"]).first()
else:
user = User.query.filter_by(name=data["contact"]).first()
if user is not None and user.check_pwd(data["pwd"]):
userlog = UserLog(user_id=user.id, ip=request.remote_addr)
try:
db.session.add(userlog)
db.session.commit()
session["user"] = user.name
session["user_id"] = user.id
return redirect(
request.args.get("next") or url_for("home.user"))
except Exception as e:
print(e)
flash("用户登录日志录入错误请联系管理员", "error")
db.session.rollback()
else:
flash("账号或者密码错误", "error")
return render_template("home/login.html", form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
data = form.data
# 查询该用户
user = Users.query.filter(
or_(
Users.nickname==data['account'],
Users.phone==data['account'],
Users.email==data['account'])
).first()
# 验证该用户密码与输入密码是否一致
if not user.check_pwd(data['pwd']):
flash('密码错误!', 'pwderr')
return redirect(url_for('home.login'))
# 让浏览器保存cookie一段时间
login_user(user, remember=True)
# 记录用户登录
new_userlog = UserLog(
user_id=current_user.id,
ip=request.remote_addr
)
db.session.add(new_userlog)
db.session.commit()
return redirect(url_for('home.index'))
return render_template("home/login.html", form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
log = UserLog(ip=request.remote_addr, user_id=session.get("user_id"))
db.session.add(log)
db.session.commit()
return redirect(request.args.get("next") or url_for("home.index"))
return render_template("home/login.html", form=form)
def load_user(id):
if id is None:
redirect(url_for('web.login'))
userinfo = UserService.get_userinfo_by_id(id)
user = UserLog(userinfo.user_id, userinfo.user_name, userinfo.level)
if user.is_active:
return user
else:
return None
def login():
form = LoginForm()
if form.validate_on_submit():
data = form.data
user = User.query.filter_by(name=data["name"]).first()
if user.check_pwd(data["pwd"]):
userlog = UserLog(user_id=user.id, ip=request.remote_addr)
db.session.add(userlog)
db.session.commit()
session["name"] = user.name
return redirect(url_for("home.user"))
return render_template("home/login.html", form=form)
def _track_logins(sender, user, **extra):
"""
登录时接受信号
:param sender:
:param user:
:param extra:
:return:
"""
ip = request.remote_addr
address = get_ip_address(ip)
user_log = UserLog(user_id=user.id, userlog_ip=address)
db.session.add(user_log)
db.session.commit()
def UserLogAdd(user_id, user_name, orders, aim=None):
order = select_order(orders)
if aim:
order = order + " " + aim
if order:
log = UserLog(
user_id=user_id,
user_name=user_name,
order=order,
)
db.session.add(log)
db.session.commit()
return True
return False
def login():
form = LoginFrom()
if form.validate_on_submit():
data = form.data
user = User.query.filter_by(name=data['name']).first()
if not user.check_pwd(data['pwd']):
flash('密码错误', category='err')
return redirect(url_for('home.login'))
session['login_user'] = user.name
session['login_user_id'] = user.id
userlog = UserLog(user_id=user.id, ip=request.remote_addr)
db.session.add(userlog)
db.session.commit()
return redirect(url_for('home.user'))
return render_template('home/login.html', form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
data = form.data
user = User.query.filter_by(email=data["email"]).first()
if not user.check_pwd(data["pwd"]):
flash("密码错误!", "err")
return redirect(url_for("home.login"))
session["user"] = user.email
userlog = UserLog(user_id=user.id, ip=request.remote_addr)
db.session.add(userlog)
db.session.commit()
return redirect(
request.args.get("next") or url_for("home.index", page=1))
return render_template("home/login.html", form=form)
def login():
form = LoginForm(name=session.get("user", None))
if form.validate_on_submit():
data = form.data
user = User.query.filter_by(name=data["name"]).first()
if not user.check_pwd(data["pwd"]):
flash("密码错误!", "err")
return redirect(url_for('home.login'))
session["user"] = data["name"]
session["user_id"] = user.id
# 管理员登录日志
userlog = UserLog(user_id=session["user_id"], ip=request.remote_addr)
db.session.add(userlog)
db.session.commit()
return redirect(url_for('home.user'))
return render_template('home/login.html', form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
data = form.data
user = User.query.filter_by(email=data["email"]).first()
if not user.check_pwd(data["pwd"]):
flash("密码错误")
return redirect(url_for("home.login"))
# 账号密码正确
session["user"] = data["email"]
session["user_id"] = user.id
userlog = UserLog(user_id=user.id, ip=request.remote_addr)
db.session.add(userlog)
db.session.commit()
return redirect(url_for("home.user"))
return render_template("home/login.html", form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
data = form.data
user = User.query.filter(User.name == data.get('name')).first()
if not user.check_password(data.get('password')):
flash('用户密码错误!', 'error')
return redirect(url_for('home.login'))
session['user'] = user.name
session['user_id'] = user.id
userlog = UserLog(
user_id=user.id,
ip=request.remote_addr,
)
db.session.add(userlog)
db.session.commit()
return redirect(url_for('home.index', page=1))
return render_template('home/login.html', form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user and user.check_password(form.password.data):
duration = datetime.timedelta(seconds=60)
login_user(user, form.remember_me.data, duration=duration)
next = request.args.get("next")
if next is None or not next.startswith("/"):
next = url_for("foreground.index")
userlog = UserLog(user_id=user.id,
ip=request.remote_addr)
db.session.add(userlog)
db.session.commit()
return redirect(next)
flash("邮箱或密码错误!")
return redirect(url_for("auth.login"))
return render_template("auth/login.html", form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
data = form.data
userobj = User.query.filter(User.name == data['name']).first_or_404()
# 密码错误时 check_pwd返回flase, 此时not check_pwd(data['name'])
if not userobj.check_pwd(data["pwd"]):
flash(u"密码不正确", "err")
return redirect(url_for("home.login"))
session["user"] = userobj.name
session["user_id"] = userobj.id
userlog = UserLog(user_id=userobj.id,
ip=request.remote_addr,
addtime=current_time)
db.session.add(userlog)
db.session.commit()
return redirect(url_for("home.user_info"))
return render_template("home/login.html", form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
data = form.data
user = User.query.filter_by(name=data["name"]).first()
if user is None:
flash("昵称不存在", 'err')
return redirect(url_for("home.login"))
if not user.check_pwd(data["pwd"]):
flash("密码错误", 'err')
return render_template('home/login.html', form=form)
session["user"] = user.name
session["user_id"] = user.id
userlog = UserLog(user_id=user.id, ip=request.remote_addr)
db.session.add(userlog)
db.session.commit()
return redirect(request.args.get("next") or url_for("home.user"))
return render_template('home/login.html', form=form)
def login():
form=LoginForm()
if form.validate_on_submit():
username=form.username.data
password=form.password.data
u=User.query.filter_by(name=username).first()
if u and u.check(password):
session['user_id']=u.id
session['user']=u.name
userLog=UserLog(user_id=u.id,ip=request.remote_addr,area='陕西西安')
db.session.add(userLog)
db.session.commit()
flash('用户%s登录成功' %(username))
return redirect(url_for('home.user'))
else:
flash('用户登录失败')
return redirect(url_for('home.login'))
else:
return render_template('home/login.html',form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
data = form.data
user = User.query.filter_by(name=data['account'])
user_count = user.count()
if user_count == 0:
flash('当前用户不存在')
return redirect(url_for('home.login'))
if not user.first().check_pwd(data['pwd']):
flash('账户密码不正确')
return redirect(url_for('home.login'))
session['user'] = data['account']
session['user_id'] = user.first().id
usr_log = UserLog(user_id=int(user.first().id), ip=request.remote_addr)
db.session.add(usr_log)
db.session.commit()
return redirect(
request.args.get('next') or url_for('home.index', page=1))
return render_template('home/login.html', form=form)
def login():
if request.method == "GET":
return render_template("home/login.html")
else:
name = request.form.get("name")
pwd = request.form.get("pwd")
user = User.query.filter(User.name == name).first()
if not user:
flash("user not exits", "error")
return redirect(url_for("home.login"))
if not user.check_pwd(pwd):
flash("wrong password", "error")
return redirect(url_for("home.login"))
else:
session["id"] = user.id
session.permanent = True
userlog = UserLog(user_id=session["id"], ip=request.remote_addr)
db.session.add(userlog)
db.session.commit()
return redirect(url_for("home.index", page=1))
def login():
from sqlalchemy import or_
form = LoginForm()
if form.validate_on_submit():
# 从前端获取form表单的数据(字典形式)
data = form.data
# 从redis中获取图片验证码
real_image_code = redis_store.get(
"image_code_%s" % session.get("image_code_id")).decode()
# 如果验证码None,说明验证码失效
if real_image_code is None:
flash("图片验证码失效", "error")
return redirect(url_for("home.login"))
# 如果输入的验证码和redis真实值不一样,验证失败
if data['imagecode'].lower() != real_image_code.lower():
flash("验证码不正确", "error")
return redirect(url_for("home.login"))
# 验证码输入正确
# 验证用户
user = User.query.filter(
or_(User.name == data['username'], User.phone == data['username'],
User.email == data['username'])).first()
# 验证用和密码是否正确
if user is None or not user.check_password(data["password"]):
flash("用户名或密码错误", "error")
return redirect(url_for("home.login"))
login_user(user, data['remeber_me'])
# 判断是从那个页面跳转到登录页面的
next_page = request.args.get("next")
# 如果没有跳转页面,默认设置为登录成功后返回到index页面
if not next_page or url_parse(next_page).netloc != '':
next_page = url_for("home.index")
# 记录登录日志
userlog = UserLog(
user_id=user.id,
ip=request.remote_addr # 获取ip
)
db.session.add(userlog)
db.session.commit()
return redirect(next_page)
return render_template("home/login.html", form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
data = form.data
user = User.query.filter_by(name=data["name"]).first()
if not user:
flash('请检查用户名!', 'err')
return redirect(url_for('home.login'))
if not user.check_pwd(data["pwd"]):
flash("密码错误!", "err")
return redirect(url_for("home.login"))
session["user"] = user.name
session["user_id"] = user.id
userlog = UserLog(
user_id=user.id,
ip=request.remote_addr
)
db.session.add(userlog)
db.session.commit()
return redirect(url_for('home.user'))
return render_template("home/login.html", form=form)
def login():
""""
登陆
"""
form = LoginForm()
if form.validate_on_submit():
data = form.data
user = User.query.filter_by(name=data['name']).first()
if not user.check_pwd(data['pwd']):
flash('密码错误', 'error')
return redirect(url_for('home.login'))
# 保存用户信息到session中
session['user'] = user.name
session['user_id'] = user.id
# 记录会员登陆
user_log = UserLog(user_id=user.id, login_ip=request.remote_addr)
db.session.add(user_log)
db.session.commit()
return redirect(url_for('home.user_center'))
return render_template('home/login.html', form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
data = form.data
user = User.query.filter((User.name==data["account"]) | (User.email==data["account"]) | (User.phone==data["account"])).first()
if not user.check_pwd(data["passwd"]):
flash("密码错误", "Error")
return redirect(url_for("home.login"))
session["user"] = user.name
session["user_id"] = user.id
# 会员登录日志
user_log = UserLog(
user_id=user.id,
ip=request.remote_addr,
)
db.session.add(user_log)
db.session.commit()
return redirect(request.args.get("next") or url_for("home.index"))
return render_template("home/login.html", form=form)
def login():
if current_user.is_authenticated:
return redirect(url_for('main.home'))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user and bcrypt.check_password_hash(user.password,
form.password.data):
login_user(user, remember=form.remember.data)
next_page = request.args.get('next')
session["user"] = user.username
session["user_id"] = user.id
userlog = UserLog(user_id=user.id, ip=request.remote_addr)
db.session.add(userlog)
db.session.commit()
return redirect(next_page) if next_page else redirect(
url_for('main.home'))
else:
flash('Login Unsuccessful. Please check email and password',
'danger')
return render_template('login.html', title='Login', form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user is not None and user.verify_password(form.password.data):
session['is_user'] = '******'
login_user(user, form.remember_me.data)
user.ping()
user_log = UserLog(user_id=user.id,
ip=request.remote_addr,
info='登录')
db.session.add(user_log)
try:
db.session.commit()
except:
db.session.rollback()
finally:
return redirect(
request.args.get('next') or url_for('home.index'))
flash('无效用户名或密码')
return render_template('auth/login.html', form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
print("用户名:{}".format(user.username))
print("传入的密码:{}".format(form.password.data))
if user and user.check_password(form.password.data):
session['user'] = user.username
session['User_id'] = user.id
# 持久化 默认保存31天,可通过在config中设置PERMENENT_SESSION_LIFETIME改变
session.permanent = True
userlog = UserLog(
ip=request.remote_addr,
user_id=user.id,
)
db.session.add(userlog)
db.session.commit()
return redirect(url_for('home.index'))
else:
flash("密码错误", "err")
return render_template('home/login.html', form=form)