def register(): form = RegisterForm() lg_form = LoginForm() if request.method == 'POST': if form.validate_on_submit(): email = form.email.data uname = form.username.data passwd = form.password.data rp_passwd = form.repeat.data if passwd != rp_passwd: flash('两次密码不相同', 'WARNING') elif User.find_by_email(email) is not None: flash('该邮箱已被注册', 'WARNING') else: id = User.add_user(email, uname, passwd) if id is not None: user = User(bson_obj_id(id)) login_user(user) token = user.gen_auth_token(expiration=600) send_email(email, '欢迎注册pkyx,请确认你的账户', 'email', token=token) return redirect(url_for('main.index')) flash('注册失败', 'WARNING') else: for field, errors in form.errors.items(): for error in errors: flash("%s: %s" % (getattr(form, field).label.text, error), 'WARNING') return render_template('register.html', form=form, lg_form=lg_form)
def register(): form = RegisterForm() lg_form = LoginForm() if request.method == 'POST': if form.validate_on_submit(): email = form.email.data uname = form.username.data passwd = form.password.data rp_passwd = form.repeat.data if passwd != rp_passwd: flash('两次密码不相同', 'WARNING') elif User.find_by_email(email) is not None: flash('该邮箱已被注册', 'WARNING') else: id = User.add_user(email, uname, passwd) if id is not None: user = User(bson_obj_id(id)) login_user(user) token = user.gen_auth_token(expiration=600) send_email(email, '欢迎注册pkyx,请确认你的账户', 'email', token=token) return redirect(url_for('main.index')) flash('注册失败', 'WARNING') else: for field, errors in form.errors.items(): for error in errors: flash("%s: %s" %(getattr(form, field).label.text, error), 'WARNING') return render_template('register.html', form=form, lg_form=lg_form)
def load_user(user_id): user = None db_user = mongo.db.users.find_one({"_id": bson_obj_id(user_id)}) if db_user is not None: user_id = db_user.pop('_id') user = User(user_id, extras=db_user) return user
def profile(id=None): user = None if id is None: if current_user is not None: return redirect(url_for('.profile', id=current_user.id)) else: user = User.find_by_id(bson_obj_id(id)) return render_template('profile.html', user=user)
def verify_auth_token(token): from app.extensions import mongo s = Serializer(current_app.config['SECRET_KEY']) try: data = s.loads(token) except: return None dict_ = json.loads(data) return mongo.db.users.find_one({"_id": bson_obj_id(dict_['id']["$oid"])})
def avatar(oid): if oid is None: return '' try: fs = GridFS(mongo.db, "avatar") img = fs.get(bson_obj_id(oid)) response = make_response(img.read()) response.headers['Content-Type'] = img.content_type return response except NoFile: abort(404)
def get(self, item_id): if item_id is not None: item = Item.find_item_by_id(bson_obj_id(item_id)) return bson_to_json(item) params = {} for k, v in request.args.items(): if v: Item.add_param(params, k, v) cursor = Item._find_many(params) items = [bson_to_json(item) for item in cursor] return json.dumps(items)
def profile_edit(): user = User.find_by_id(bson_obj_id(current_user.id)) if not user: abort(404) form = ProfileForm() if request.method == 'POST': if form.validate_on_submit(): username = form.username.data location = form.location.data website = form.website.data introduction = form.introduction.data data = { 'username': username, 'location': location, 'website': website, 'introduction': introduction } avatar = request.files['avatar'] if avatar and AllowFile.is_img(avatar.filename): filename = secure_filename(avatar.filename) fs = GridFS(mongo.db, collection="avatar") avatar_id = fs.put(avatar, content_type=avatar.content_type, filename=filename) if avatar_id: if user['avatar']: fs.delete(bson_obj_id(user['avatar'])) data['avatar'] = avatar_id else: flash('图片格式不支持', 'red') User.update_user(user['_id'], data) return redirect(url_for('.profile')) else: flash('资料修改失败', 'red') return render_template('profile_edit.html', user=user, form=form, title='编辑资料')
def uploaded_file(avatar): avatarid = avatar if avatarid is None: return '' try: fs = GridFS(MongoClient().db, 'avatar') img = fs.get(bson_obj_id(avatarid)) response = make_response(img.read()) response.headers['Content-Type'] = img.content_type return response except NoFile: abort(404)
def get(self, item_id): if item_id is not None: item = mongo.db['users'].find_one({'_id': bson_obj_id(item_id)}) return bson_to_json(item) else: params = {} for k, v in request.args.items(): if v: # params['attributes.'+k] = v.strip() params[k] = v.strip() cursor = mongo.db['users'].find(params) items = [bson_to_json(item) for item in cursor] return json.dumps(items)
def edit_attr(): if request.method == 'POST': title = request.json['title'] attr_name = request.json['attr_name'].strip() attr_type = request.json['attr_type'] attr_value = request.json['attr_value'].strip() user = users.views.User.find_by_id(bson_obj_id(current_user.id)) if not user: return jsonify(status=False, reason="权限不足") if not attr_name: return jsonify(status=False, reason="属性名不能为空") if not attr_value: return jsonify(status=False, reason="属性值不能为空") status = Item.edit_attr(title, attr_name, attr_value, attr_type) if status: if current_user.is_authenticated: current_user.add_edit() return jsonify(status=True, reason="修改属性成功") else: return jsonify(status=True, reason="修改失败")
def is_admin(self): return mongo.db['users'].find_one( {'_id': bson_obj_id(self.id), 'admin':True}, ) != None
def add_edit(self): mongo.db['users'].update( {'_id': bson_obj_id(self.id)}, {'$inc': {'edit_count': 1}} )