def email_update(): ''' 更新邮箱绑定 :return: ''' new_email_code = request.argget.all('new_email_code') current_email_code = request.argget.all('current_email_code') email = request.argget.all('email').strip() password = request.argget.all('password').strip() s, r = arg_verify(reqargs=[(gettext("email"), email)], required=True) data = {} if not s: data = r elif mdb_user.db.user.find_one({"_id":{"$ne":current_user.id}, "email":email}): data = {'msg':gettext("This E-mail address has been registered"), 'msg_type':"w", "http_status":403} elif mdb_user.db.user.find_one({"_id":current_user.id, "email":email}): data = {'msg':gettext("This is the email address you currently use"), 'msg_type':"w", "http_status":403} if data: return data r, msg= email_format_ver(email) if not r: return {"msg":msg, "msg_type":"w", "http_status":422} elif not current_email_code and current_user.email: data = {"msg":gettext("Invalid verification code [currently bound]"), "msg_type":"w", "http_status":401} return data elif not new_email_code: data = {"msg":gettext("Invalid verification code [ready to bind]"), "msg_type":"w", "http_status":401} return data data = p_email_change(new_email_code, current_email_code, email, password) return data
def add_user(mdb_user): """ 初始化root用户角色, 管理员, 管理员基本资料 :return: """ from werkzeug.security import generate_password_hash from apps.utils.validation.str_format import email_format_ver, password_format_ver from apps.modules.user.models.user import user_model print(' * [User] add') is_continue = False while True: username = input("Input username:"******"[\.\*#\?]+", username): print( "[Warning]: The name format is not correct,You can't use '.','*','#','?'\n") else: break while not is_continue: email = input("Input email:") s, r = email_format_ver(email) if not s: print("[Warning]: {}".format(r)) else: break while not is_continue: password = getpass("Input password(Password at least 8 characters):") s, r = password_format_ver(password) if not s: print("[Warning]: {}\n".format(r)) else: break try: mdb_user.db.create_collection("role") print(' * Created role collection') except BaseException: pass try: mdb_user.db.create_collection("user") print(' * Created user collection') except BaseException: pass # 初始化角色 root_per = SUPER_PER role_root = mdb_user.db.role.find_one({"permissions": root_per}) if not role_root: print(" * Create root role...") r = mdb_user.db.role.insert_one({"name": "Root", "default": 0, "permissions": root_per, "instructions": 'Root'}) if r.inserted_id: print("Create root user role successfully") else: print("[Error] Failed to create superuser role") sys.exit(-1) root_id = r.inserted_id else: root_id = role_root['_id'] password_hash = generate_password_hash(password) user = get_one_user_mfilter(username=username, email=email, op="or") if user: update_one_user(user_id=str(user["_id"]), updata={"$set": {"password": password_hash, "role_id": str(root_id)}}) print(" * This user already exists, updated password.") else: print(' * Create root user...') user = user_model( username=username, email=email, password=password, custom_domain=-1, role_id=str(root_id), active=True) r = insert_one_user(updata=user) if r.inserted_id: print(" * Create a root user role successfully") else: print(" * [Error] Failed to create a root user role") sys.exit(-1) # To create the average user role average_user = mdb_user.db.role.find_one({"permissions": 1}) if not average_user: print(" * Create the average user role...") r = mdb_user.db.role.insert_one({ "name": "User", "default": 1, "permissions": 1, "instructions": 'The average user', }) if r.inserted_id: print(" * Create a generic user role successfully") else: print(" * Failed to create a generic user role") role = mdb_user.db.role.find_one({"_id": root_id}) hidden_password = "******".format(password[0:2], password[6:]) print('The basic information is as follows') print('Username: {}\nEmail: {}\nUser role: {}\nPassword: {}'.format( username, email, role["name"], hidden_password)) print('End')
def send_code(): """ 发送验证码 :return: """ data = {} account_type = request.argget.all('account_type', "email").strip() account = request.argget.all('account') exist_account = str_to_num(request.argget.all('exist_account', 0)) code = request.argget.all('code', '').strip() code_url_obj = json_to_pyseq(request.argget.all('code_url_obj', {})) s, r = arg_verify(reqargs=[("account_type", account_type)], only=["email", "mobile_phone"]) if not s: return r if account_type == "email": s, r = arg_verify(reqargs=[(gettext("Email"), account)], required=True) if not s: return r # 邮箱格式验证 r, s = email_format_ver(account) if not r: data = {'msg': s, 'msg_type': "e", "custom_status": 422} return data if exist_account: if not get_one_user(email=account): data = { 'msg': gettext("This account is not registered on this platform"), 'msg_type': "w", "custom_status": 400 } return data r, s = call_verification(code_url_obj, code) if not r: return s data = create_code_send(account=account, account_type=account_type) elif account_type == "mobile_phone": s, r = arg_verify(reqargs=[(gettext("Telephone number"), account)], required=True) if not s: return r # 移动号码格式格式验证 r, s = mobile_phone_format_ver(account) if not r: data = {'msg': s, 'msg_type': "e", "custom_status": 422} return data if exist_account: user_query = {"mphone_num": account} if not get_one_user(mphone_num=account): data = { 'msg': gettext("This account is not registered on this platform"), 'msg_type': "w", "custom_status": 400 } return data r, s = call_verification(code_url_obj, code) if not r: return s data = create_code_send(account=account, account_type=account_type) return data
def comment_issue(): if not get_config("comment", "OPEN_COMMENT"): data = { "msg": gettext("Comment feature is not open"), "msg_type": "w", "custom_status": 401 } return data target_id = request.argget.all('target_id') # 目标ID指的是什么事件的评论 target_type = request.argget.all('target_type', "post") content = request.argget.all('content') reply_id = request.argget.all('reply_id') # 回复哪条评论 reply_user_id = request.argget.all('reply_user_id') # 回复的评论的用户ID reply_username = request.argget.all('reply_username') # 回复的评论的用户名 s, r = arg_verify(reqargs=[(gettext("comment"), content)], min_len=1, max_len=int(get_config("comment", "MAX_LEN"))) if not s: return r s, r = arg_verify(reqargs=[("target_id", target_id), ("target_type", target_type)], required=True) if not s: return r if reply_id: s, r = arg_verify(reqargs=[("reply_user_id", reply_user_id), ("reply_username", reply_username)], required=True) if not s: return r """ 查看最后一次评论时间 """ tquery = { "issue_time": { "$gt": time.time() - int(get_config("comment", "INTERVAL")) } } if current_user.is_authenticated: user_id = current_user.str_id username = current_user.username email = None tquery["user_id"] = user_id elif get_config("comment", "TRAVELER_COMMENT"): user_id = None username = request.argget.all('username') email = request.argget.all('email') # 用户名格式验证 r, s = short_str_verifi(username) if not r: data = {'msg': s, 'msg_type': "e", "custom_status": 422} return data # 邮箱格式验证 r, s = email_format_ver(email) if not r: data = {'msg': s, 'msg_type': "e", "custom_status": 422} return data tquery["email"] = email else: data = { "msg": gettext( "Guest reviews feature is not open, please login account comments" ), "msg_type": "w", "custom_status": 401 } return data if mdbs["web"].db.comment.find(tquery).count(True) >= int( get_config("comment", "NUM_OF_INTERVAL")): # 频繁评论 data = { "msg": gettext("You comment too often and come back later"), "msg_type": "e", "custom_status": 400 } return data target = None if target_type == "post": target = mdbs["web"].db.post.find_one({ "_id": ObjectId(target_id), "issued": { "$in": [1, True] } }) if not target: data = { "msg": gettext("Articles do not exist or have not been published"), "msg_type": "w", "custom_status": 400 } return data target_user_id = str(target["user_id"]) target_brief_info = target["title"] if not target: data = { "msg": gettext("Your comment goal does not exist"), "msg_type": "w", "custom_status": 400 } return data issue_time = time.time() # 自动审核内容 r = content_inspection_text(content) audit_score = r["score"] audit_label = r["label"] if r["label"] == "detection_off" or ("suggestion" in r and r["suggestion"] == "review"): # 未开启审核或无法自动鉴别, 等待人工审核 audited = 0 audit_way = "artificial" elif r["label"] == "no_plugin": # 没有检查插件 audited = 0 audit_way = "artificial" else: audit_label = r["label"] audited = 1 audit_way = "auto" comment = { "target_id": str(target_id), "target_user_id": target_user_id, "target_brief_info": target_brief_info, "type": target_type, "user_id": user_id, "username": username, "email": email, "content": content, "issued": 1, "audited": audited, "audit_score": audit_score, "audit_label": audit_label, "audit_way": audit_way, "audit_user_id": None, "issue_time": issue_time, "word_num": len(content), "is_delete": 0, "like_user_id": [], "like": 0 } if reply_id: comment["reply_id"] = reply_id comment["reply_user_id"] = reply_user_id comment["reply_username"] = reply_username r = mdbs["web"].db.comment.insert_one(comment) # 如果已审核, 并且违规分数高于正常 if audited and audit_score >= get_config("content_inspection", "ALLEGED_ILLEGAL_SCORE"): # 通知评论不通过 msg_content = {"text": content} insert_user_msg( user_id=user_id, ctype="notice", label="audit_failure", title=gettext("[Label:{}]Comment on alleged violations").format( audit_label), content=msg_content, target_id=str(r.inserted_id), target_type="comment") elif audit_score < get_config("content_inspection", "ALLEGED_ILLEGAL_SCORE"): # 更新文章中的评论数目 if target_type == "post": mdbs["web"].db.post.update_one({"_id": ObjectId(target_id)}, {"$inc": { "comment_num": 1 }}) if current_user.is_authenticated: # 评论正常才通知被评论用户 user_ids = [target_user_id] if reply_id: user_ids.append(reply_user_id) user_ids = list(set(user_ids)) if user_id in user_ids: user_ids.remove(user_id) msg_content = { "id": str(r.inserted_id), "reply_id": reply_id, "reply_user_id": reply_user_id, "reply_username": reply_username, "user_id": user_id, "username": username, "text": content } insert_user_msg(user_id=user_ids, ctype="notice", label="comment", title=target_brief_info, content=msg_content, target_id=target_id, target_type=target_type) if current_user.is_authenticated: data = { "msg": gettext("Successful reviews"), "msg_type": "s", "custom_status": 201 } else: data = { "msg": gettext("Success back, waiting for the system audit."), "msg_type": "s", "custom_status": 201 } return data
def p_retrieve_password(email, code, password, password2): """ 密码重设 :param account: :param code: :param password: :param password2: :return: """ data = {} if not email: data = { 'msg': gettext('Account does not exist'), 'msg_type': 'e', "http_status": 404 } return data s, r = email_format_ver(email=email) if s: user = get_one_user(email=email) else: data = {"msg": r, "msg_type": "e", "http_status": 403} return data if user: r = verify_code(code, email=user["email"]) else: data = { 'msg': gettext('Account does not exist'), 'msg_type': 'e', "http_status": 404 } return data if not r: data = { 'msg': gettext('Email or SMS verification code error'), 'msg_type': 'e', "http_status": 401 } else: if user: r = password_format_ver(password) if not r: data = {"msg": r, "msg_type": "e", "http_status": "403"} return data elif password != password2: data = { 'msg': gettext('Two password is not the same'), 'msg_type': 'w', "http_status": 400 } else: password_hash = generate_password_hash(password) # 将jwt_login_time设为{}退出所有jwt登录的用户 r = update_one_user(user_id=str(user["_id"]), updata={ "$set": { "password": password_hash, "jwt_login_time": {} } }) if r.modified_count: oplog = { 'op_type': 'retrieve_pass', 'time': time.time(), 'status': 's', 'info': '', 'ip': request.remote_addr } insert_op_log(oplog, user_id=user["_id"]) # 发送邮件 subject = gettext("Password reset notification") body = "Your account <a>{}</a> has reset your password. <br>Please keep it safe.".format( user["email"]) data = { "title": subject, "body": body, "other_info": gettext("End"), } html = get_email_html(data) send_email(subject=subject, recipients=[user["email"]], html_msg=html) data = { 'msg': gettext( 'Password reset successfully.Please return to login page to login' ), 'msg_type': 's', "http_status": 201 } logout_user() else: data = { "msg_type": "w", "msg": gettext("Reset password failed(unknown error)"), "http_status": 400 } return data return data
def p_sign_up(username, password, password2, code, email=None, mobile_phone_number=None): ''' 普通用户注册函数 :return: ''' data = {} if current_user.is_authenticated: data['msg'] = gettext("Is logged in") data["msg_type"] = "s" data["http_status"] = 201 data['to_url'] = request.argget.all('next') or get_config("login_manager", "LOGIN_IN_TO") return data # 用户名格式验证 s1, r1 = short_str_verifi(username, project="username") # 密码格式验证 s2, r2 = password_format_ver(password) if not s1: data = {'msg':r1, 'msg_type':"e", "http_status":422} elif mdb_user.db.user.find_one({"username": username}): # 是否存在用户名 data = {'msg': gettext("Name has been used"), 'msg_type': "w", "http_status": 403} elif not s2: data = {'msg': r2, 'msg_type': "e", "http_status": 400} return data elif password2 != password: # 检验两次密码 data = {'msg': gettext("The two passwords don't match"), 'msg_type': "e", "http_status": 400} if data: return data if email: # 邮件注册 # 邮箱格式验证 s, r = email_format_ver(email) if not s: data = {'msg':r, 'msg_type':"e", "http_status":422} elif mdb_user.db.user.find_one({"email": email}): # 邮箱是否注册过 data = {'msg': gettext("This email has been registered in the site oh, please login directly."), 'msg_type': "w", "http_status": 403} if data: return data # 检验验证码 r = verify_code(code=code, email=email) if not r: data = {'msg': gettext("Verification code error"), 'msg_type': "e", "http_status": 401} return data elif mobile_phone_number: # 手机注册 s, r = mobile_phone_format_ver(mobile_phone_number) if not s: data = {'msg': r, 'msg_type': "e", "http_status": 422} elif mdb_user.db.user.find_one({"mphone_num": mobile_phone_number}): # 手机是否注册过 data = {'msg': gettext("This number has been registered in the site oh, please login directly."), 'msg_type': "w", "http_status": 403} if data: return data # 检验验证码 r = verify_code(code=code, tel_number=True) if not r: data = {'msg': gettext("Verification code error"), 'msg_type': "e", "http_status": 401} return data if not data: # 用户基本信息 role_id = mdb_user.db.role.find_one({"default":{"$in":[True, 1]}})["_id"] user = user_model(username=username, email=email, mphone_num = mobile_phone_number, password=password, custom_domain=-1, role_id=str(role_id), active=True) r = mdb_user.db.user.insert_one(user) if r.inserted_id: if email: # 发送邮件 subject = gettext("Registration success notification") body = "Welcome to register <b>{}</b>.<br><a>{}</a> registered the account successfully.".format( get_config("site_config", "APP_NAME"), email ) data = {"title": subject, "body": body, "other_info": gettext("End"), } html = get_email_html(data) send_email(subject=subject, recipients=[email], html_msg=html) elif mobile_phone_number: # 发送短信 content = "[{}] Successful registration account.".format( get_config("site_config", "APP_NAME")) send_mobile_msg(mobile_phone_number, content) data = {'msg':gettext('Registered successfully'), 'to_url':'/sign-in', 'msg_type':'s',"http_status":201} else: data = {'msg': gettext('Data saved incorrectly, please try again'), 'msg_type': 'e', "http_status": 201} return data return data
def p_sign_in(username, password, code_url_obj, code, remember_me, use_jwt_auth=0): ''' 用户登录函数 :param adm: :return: ''' data = {} if current_user.is_authenticated and username in [current_user.username, current_user.email, current_user.mphone_num]: data['msg'] = gettext("Is logged in") data["msg_type"] = "s" data["http_status"] = 201 data['to_url'] = request.argget.all('next') or get_config("login_manager", "LOGIN_IN_TO") return data # name & pass s, r = email_format_ver(username) s2, r2 = mobile_phone_format_ver(username) if s: user = mdb_user.db.user.find_one({"email":username}) elif s2: user = mdb_user.db.user.find_one({"mphone_num": username}) else: user = mdb_user.db.user.find_one({"username":username}) if not user: data = {"msg":gettext("Account or password error"), "msg_type":"e", "http_status":401} return data user = User(user["_id"]) # 判断是否多次密码错误,是就要验证图片验证码 user_p = mdb_user.db.user_login_log.find_one({'user_id':user.str_id}) PW_WRONG_NUM_IMG_CODE = get_config("login_manager", "PW_WRONG_NUM_IMG_CODE") if user_p and 'pass_error' in user_p and user_p['pass_error'] >= PW_WRONG_NUM_IMG_CODE: # 图片验证码验证 r = verify_image_code(code_url_obj, code) if not r: data["open_img_verif_code"] = True data['msg'] = gettext("Verification code error") data["msg_type"] = "e" data["http_status"] = 401 return data # 密码验证 if user and user.verify_password(password) and not user.is_delete: if user.is_active: if use_jwt_auth: # 使用的时jwt验证 # 获取token jwt_auth = JwtAuth() data["auth_token"] = jwt_auth.get_login_token(user) client = "app" else: login_user(user, remember_me) client = "browser" # 记录登录日志 login_log(user, client) data['msg'] = gettext("Sign in success") data["msg_type"] = "s" data["http_status"] = 201 data["to_url"] = request.argget.all('next') or get_config("login_manager", "LOGIN_IN_TO") return data # 未激活 data['msg'] = gettext("Account is inactive or frozen") data["msg_type"] = "w" data["http_status"] = 401 else: # 密码错误 mdb_user.db.user_login_log.update_one({'user_id':user.str_id}, {"$inc":{"pass_error":1}}, upsert=True) # 判断是否多次密码错误 if user_p and 'pass_error' in user_p and user_p['pass_error'] >= PW_WRONG_NUM_IMG_CODE: # 图片验证码验证码 data["open_img_verif_code"] = True data['msg'] = gettext("Account or password error") data["msg_type"] = "e" data["http_status"] = 401 return data
def add_user(): email = request.argget.all('email') mobile_phone_number = str_to_num( request.argget.all('mobile_phone_number', 0)) username = request.argget.all('username', '').strip() password = request.argget.all('password', '').strip() password2 = request.argget.all('password2', '').strip() data = {} # 用户名格式验证 s1, r1 = short_str_verifi(username, project="username") # 密码格式验证 s2, r2 = password_format_ver(password) if not s1: data = {'msg': r1, 'msg_type': "e", "custom_status": 422} elif mdbs["user"].db.user.find_one({"username": username}): # 是否存在用户名 data = { 'msg': gettext("Name has been used"), 'msg_type': "w", "custom_status": 403 } elif not s2: data = {'msg': r2, 'msg_type': "e", "custom_status": 400} return data elif password2 != password: # 检验两次密码 data = { 'msg': gettext("The two passwords don't match"), 'msg_type': "e", "custom_status": 400 } if data: return data if email: # 邮件注册 # 邮箱格式验证 s, r = email_format_ver(email) if not s: data = {'msg': r, 'msg_type': "e", "custom_status": 422} elif mdbs["user"].db.user.find_one({"email": email}): # 邮箱是否注册过 data = { 'msg': gettext( "This email has been registered in the site oh, please login directly." ), 'msg_type': "w", "custom_status": 403 } if data: return data elif mobile_phone_number: # 手机注册 s, r = mobile_phone_format_ver(mobile_phone_number) if not s: data = {'msg': r, 'msg_type': "e", "custom_status": 422} elif mdbs["user"].db.user.find_one({"mphone_num": mobile_phone_number}): # 手机是否注册过 data = { 'msg': gettext( "This number has been registered in the site oh, please login directly." ), 'msg_type': "w", "custom_status": 403 } if data: return data if not data: # 用户基本信息 role_id = mdbs["user"].db.role.find_one( {"default": { "$in": [True, 1] }})["_id"] if not email: email = None if not mobile_phone_number: mobile_phone_number = None user = user_model(username=username, email=email, mphone_num=mobile_phone_number, password=password, custom_domain=-1, role_id=str(role_id), active=True, is_adm_add_user=True) r = insert_one_user(updata=user) if r.inserted_id: if email: # 发送邮件 subject = gettext("Registration success notification") body = [ gettext("Welcome to register {}.").format( get_config("site_config", "APP_NAME")), gettext("{} registered the account successfully.").format( email) ] data = { "title": subject, "body": body, "username": username, "site_url": get_config("site_config", "SITE_URL") } html = get_email_html(data) msg = { "subject": subject, "recipients": [email], "html_msg": html } send_email(msg=msg, ctype="nt") elif mobile_phone_number: # 发送短信 content = gettext( "[{}] Successful registration account.").format( get_config("site_config", "APP_NAME")) send_mobile_msg(mobile_phone_number, content) data = { 'msg': gettext('Added successfully'), 'msg_type': 's', "custom_status": 201 } return data
def user_edit(): """ 用户编辑 :return: """ tid = request.argget.all('id') role_id = request.argget.all('role_id') email = request.argget.all('email') password = request.argget.all('password') active = str_to_num(request.argget.all('active', 0)) s, r = arg_verify(reqargs=[("id", tid), ("role_id", role_id)], required=True) if not s: return r data = { 'msg': gettext("Update success"), 'msg_type': "s", "custom_status": 201 } if not email: email = None update_data = {'role_id': role_id, 'active': active, "email": email} user = get_one_user(user_id=str(tid)) if user: # 权限检查 current_user_role = mdbs["user"].db.role.find_one( {"_id": ObjectId(current_user.role_id)}) edit_user_role = mdbs["user"].db.role.find_one( {"_id": ObjectId(user["role_id"])}) if edit_user_role \ and get_num_digits(current_user_role["permissions"]) \ <= get_num_digits(edit_user_role["permissions"]): # 没有权限修改 data = { "msg_type": "w", "msg": gettext("No permission modification"), "custom_status": 401 } return data if email: # 邮件注册 # 邮箱格式验证 s, r = email_format_ver(email) if not s: data = {'msg': r, 'msg_type': "e", "custom_status": 422} return data elif mdbs["user"].db.user.find_one({ "email": email, "_id": { "$ne": ObjectId(tid) } }): # 邮箱是否注册过 data = { 'msg': gettext( "This email has been registered in the site oh, please login directly." ), 'msg_type': "w", "custom_status": 403 } return data if password: # 密码格式验证 s, r = password_format_ver(password) if not s: data = {'msg': r, 'msg_type': "e", "custom_status": 422} return data if password: password = generate_password_hash(password) update_data["password"] = password r = update_one_user(user_id=str(tid), updata={"$set": update_data}) if not r.modified_count: data = { 'msg': gettext("No changes"), 'msg_type': "w", "custom_status": 201 } return data