def before_request():
ignore_urls = app.config['IGNORE_URLS']
ignore_check_login_urls = app.config['IGNORE_CHECK_LOGIN_URLS']
path = request.path
# app.logger.debug(path)
# 登录前需要忽视的 URL
pattern = re.compile("|".join(ignore_check_login_urls))
if pattern.match(path):
return
# 登录后需要忽视的URL
pattern = re.compile("|".join(ignore_urls))
# 判断是否登录
user_info = check_login()
g.current_user = None
if user_info:
# 如果已经登录,则将用户信息存储到全局变量 g 中的 current_user
g.current_user = user_info
if pattern.match(path):
return redirect(UrlManager.build_url('/'))
if pattern.match(path):
return
# 如果没有登录,则重定向到登录页
if not user_info:
return redirect(UrlManager.build_url('/user/login'))
return
def before_request():
ignore_urls = app.config['IGNORE_URLS']
ignore_check_login_urls = app.config['IGNORE_CHECK_LOGIN_URLS']
path = request.path
# 如果是静态文件就不要查询用户信息了
pattern = re.compile('%s' % "|".join(ignore_check_login_urls))
if pattern.match(path):
return
if '/api' in path:
return
user_info = check_login()
g.current_user = None
if user_info:
g.current_user = user_info
# 加入日志
LogService.add_access_log()
pattern = re.compile('%s' % "|".join(ignore_urls))
if pattern.match(path):
return
if not user_info:
return redirect(UrlManager.build_url("/user/login"))
return
def info():
values = request.values
app.logger.info(values)
id = values['id'] if 'id' in values else None
if id is None:
return redirect(UrlManager.build_url("/account/index"))
user = User.query.get(id)
if user is None:
return redirect(UrlManager.build_url("/account/index"))
return render_template("account/info.html", data=user)
def before_request():
"""拦截器,登陆限制"""
ignore_urls = app.config['IGNORE_URLS']
ignore_check_login_urls = app.config['IGNORE_CHECK_LOGIN_URLS']
path = request.path
pattern = re.compile('%s' %
"|".join(ignore_check_login_urls)) # 不需要验证就能够登陆的静态页面
if pattern.match(path):
return
if "/api" in path:
return
user_info = check_login() # 登陆成功
g.current_user = None
if user_info:
g.current_user = user_info
# 加入访问日志
LogService.addAccessLog()
pattern = re.compile('%s' % "|".join(ignore_urls)) # login页面无重定向
if pattern.match(path):
return
if not user_info:
return redirect(UrlManager.build_url('/user/login'))
return
def login():
# 如果是POST请求,进行登录处理
if request.method == "POST":
# 实现登录功能
# 1、接收表单提交过来的数据
username = request.form['username'] # 接收的账号
password = request.form['password'] # 接收的密码
# 2、根据接收用户名到user数据表进行查询
user = User.query.filter_by(login_name=username, status=1).first()
# 查询一个不存在的用户名返回None
# 3、判断用户是否存在,如果存在,则进一步需要检测密码是否正确,如果密码检测通过,则登录成功
if user and check_password_hash(user.login_pwd, password):
# 登录成功,使用session保存id,同时重定向到首页
session['isLogged'] = 1
session['userid'] = user.id
session['username'] = user.login_name
return redirect(UrlManager.build_url("/"))
else:
# 登录失败,通过flash进行消息提示
flash("账户或密码不对!")
return render_template("login.html")
def info():
resp_data = {}
req = request.args
uid = int(req.get('id', 0))
reback_url = UrlManager.build_url('/account/index')
if uid < 1:
return redirect(reback_url)
info = User.query.filter_by(uid=uid).first()
if not info:
return redirect(reback_url)
resp_data['info'] = info
return ops_render("account/info.html", resp_data)
def info():
resp_data = {}
req = request.args
id = int(req.get('id', 0))
reback_url = UrlManager.build_url("/member/index")
if id < 1:
return redirect(reback_url)
info = Member.query.filter_by(id=id).first()
if not info:
return redirect(reback_url)
resp_data['info'] = info
resp_data['current'] = 'index'
return ops_render("member/info.html", resp_data)
def login():
"""
登录控制器处理
:return: 登录页面视图
"""
if request.method == "GET":
if g.current_user:
return redirect(UrlManager.build_url("/"))
return ops_render("user/login.html")
resp = {'code': 200, 'msg': '登录成功~~', 'data': {}}
req = request.values
login_name = req['login_name'] if 'login_name' in req else ''
login_pwd = req['login_pwd'] if 'login_pwd' in req else ''
if login_name is None or len(login_name) < 1:
resp['code'] = -1
resp['msg'] = "请输入正确的登录用户名~~"
return jsonify(resp)
if login_pwd is None or len(login_pwd) < 1:
resp['code'] = -1
resp['msg'] = "请输入正确的邮箱密码~~"
return jsonify(resp)
user_info = User.query.filter_by(login_name=login_name).first()
if not user_info:
resp['code'] = -1
resp['msg'] = "请输入正确的登录用户名和密码-1~~"
return jsonify(resp)
if user_info.login_pwd != UserService.generate_password(
login_pwd, user_info.login_salt):
resp['code'] = -1
resp['msg'] = "请输入正确的登录用户名和密码-2~~"
return jsonify(resp)
if user_info.status != 1:
resp['code'] = -1
resp['msg'] = "账号已被禁用,请联系管理员处理~~"
return jsonify(resp)
response = make_response(json.dumps({'code': 200, 'msg': '登录成功~~'}))
response.set_cookie(
app.config['AUTH_COOKIE_NAME'],
'%s#%s' % (UserService.generate_auth_code(user_info), user_info.uid),
60 * 60 * 24 * 120) # 保存120天
return response
def info():
resp_data = {}
req = request.args
uid = int(req.get('id', 0))
reback_url = UrlManager.build_url('/account/index')
if uid < 1:
return redirect(reback_url)
info = User.query.filter_by(uid=uid).first()
if not info:
return redirect(reback_url)
resp_data['info'] = info
error_log = AppAccessLog.query.filter_by(uid=uid).order_by(
AppAccessLog.created_time.desc()).limit(10).all()
resp_data['error_log'] = error_log
return ops_render("account/info.html", resp_data)
def info():
"""获取账号信息"""
resp_data = {}
req = request.args
uid = int(req.get('id', 0))
reback_url = UrlManager.build_url("/account/index")
if uid < 1:
return redirect(reback_url)
info = User.query.filter_by(uid=uid).first()
if not info:
return redirect(reback_url)
access_list = AppAccessLog.query.filter_by(uid=uid).order_by(AppAccessLog.id.desc()).limit(10).all()
resp_data['info'] = info
resp_data['access_list'] = access_list
return ops_render("account/info.html", resp_data)
def info():
resp_data = {}
req = request.values
id = int(req['id']) if 'id' in req else 0
reback_url = UrlManager.build_url("/finance/index")
if id < 1:
return redirect(reback_url)
pay_order_info = PayOrder.query.filter_by(id=id).first()
if not pay_order_info:
return redirect(reback_url)
member_info = Member.query.filter_by(id=pay_order_info.member_id).first()
if not member_info:
return redirect(reback_url)
order_item_list = PayOrderItem.query.filter_by(
pay_order_id=pay_order_info.id).all()
data_order_item_list = []
if order_item_list:
food_map = get_dict_filter_field(
Food, Food.id, "id", select_filter_obj(order_item_list, "food_id"))
for item in order_item_list:
tmp_food_info = food_map[item.food_id]
tmp_data = {
"quantity": item.quantity,
"price": item.price,
"name": tmp_food_info.name
}
data_order_item_list.append(tmp_data)
address_info = {}
if pay_order_info.express_info:
address_info = json.loads(pay_order_info.express_info)
resp_data['pay_order_info'] = pay_order_info
resp_data['pay_order_items'] = data_order_item_list
resp_data['member_info'] = member_info
resp_data['address_info'] = address_info
resp_data['current'] = 'index'
return ops_render("finance/pay_info.html", resp_data)
def info():
resp_data = {}
req = request.args
id = int(req.get("id", 0))
reback_url = UrlManager.build_url("/food/index")
if id < 1:
return redirect(reback_url)
info = Food.query.filter_by(id=id).first()
if not info:
return redirect(reback_url)
stock_change_list = FoodStockChangeLog.query.filter(FoodStockChangeLog.food_id == id) \
.order_by(FoodStockChangeLog.id.desc()).all()
resp_data['info'] = info
resp_data['stock_change_list'] = stock_change_list
resp_data['current'] = 'index'
return ops_render("food/info.html", resp_data)
def set():
if request.method == 'GET':
resp_data = {}
req = request.args
id = int(req.get('id', 0))
reback_url = UrlManager.build_url('/member/index')
if id < 1:
return redirect(reback_url)
info = Member.query.filter_by(id=id).first()
if not info:
return redirect(reback_url)
if info.status != 1:
return redirect(reback_url)
resp_data['info'] = info
resp_data['current'] = 'index'
return ops_render("member/set.html", resp_data)
resp = {'code': 200, 'msg': '操作成功', 'data': {}}
req = request.values
id = req['id'] if 'id' in req else 0
nickname = req['nickname'] if 'nickname' in req else ''
if nickname is None or len(nickname) < 1:
resp['code'] = -1
resp['msg'] = '请输入规范的姓名!'
return jsonify(resp)
member_info = Member.query.filter_by(id=id).first()
if not member_info:
resp['code'] = -1
resp['msg'] = '指定的会员不存在!'
return jsonify(resp)
member_info.nickname = nickname
member_info.updated_time = getCurrentDate()
db.session.add(member_info)
db.session.commit()
return jsonify(resp)
def info():
resp_data = {}
req = request.args
id = int(req.get("id", 0))
reback_url = UrlManager.build_url("/member/index")
if id < 1:
return redirect(reback_url)
info = Member.query.filter_by(id=id).first()
if not info:
return redirect(reback_url)
pay_order_list = PayOrder.query.filter_by(member_id=id).filter(PayOrder.status.in_([-8, 1])) \
.order_by(PayOrder.id.desc()).all()
comment_list = MemberComments.query.filter_by(member_id=id).order_by(
MemberComments.id.desc()).all()
resp_data['info'] = info
resp_data['pay_order_list'] = pay_order_list
resp_data['comment_list'] = comment_list
resp_data['current'] = 'index'
return ops_render("member/info.html", resp_data)
def login():
response = {"result": 0, "reason": "登录成功!", "data": {}}
if request.method == "GET":
# 判断全局变量g中的current_user是否为None
if g.current_user:
# 如果不为None,说明已经登录了,则重定向到后台首页
return redirect(UrlManager.build_url("/"))
return render_template("user/login.html")
login_name = request.values[
'login_name'] if 'login_name' in request.values else ''
login_pwd = request.values[
'login_pwd'] if 'login_pwd' in request.values else ''
# return "{}:{}".format(login_name, login_pwd)
user = User.query.filter_by(login_name=login_name).first()
# 判断是否登陆成功
if user and check_password_hash(user.login_pwd, login_pwd):
# 判断账户是否正常
if user.status == 0:
response['result'] = -1
response['reason'] = "此账户暂停使用,请联系管理员!"
return jsonify(response)
# 如果账户是正常的,则保存登录账号的ID到session里面
session['user_id'] = user.uid
session.permanent = True # 设置会话长期有效,默认有效期为31天
return jsonify(response)
else:
response['result'] = -1
response['reason'] = "账号或密码不对!"
return jsonify(response)
def logout():
response = make_response(redirect(UrlManager.build_url('/user/login')))
response.delete_cookie(app.config['AUTH_COOKIE_NAME'])
return response
def set():
if request.method == "GET":
resp_data = {}
req = request.args
id = int(req.get('id', 0))
info = Food.query.filter_by(id=id).first()
if info and info.status != 1:
return redirect(UrlManager.build_url('/food/index '))
cat_list = FoodCat.query.all()
resp_data['info'] = info
resp_data['cat_list'] = cat_list
resp_data['current'] = 'index'
return ops_render("food/set.html", resp_data)
resp = {'code': 200, 'msg': '操作成功!', 'data': {}}
req = request.values
id = int(req['id']) if 'id' in req else 0
cat_id = int(req['cat_id']) if 'cat_id' in req else 0
name = req['name'] if 'name' in req else ''
price = req['price'] if 'price' in req else ''
main_image = req['main_image'] if 'main_image' in req else ''
summary = req['summary'] if 'summary' in req else ''
stock = int(req['stock']) if 'stock' in req else ''
tags = req['tags'] if 'tags' in req else ''
price = Decimal(price).quantize(Decimal('0.00'))
if cat_id < 1:
resp['code'] = -1
resp['msg'] = '请选择分类'
return jsonify(resp)
if name is None or len(name) < 1:
resp['code'] = -1
resp['msg'] = '请输入符合规范的名称'
return jsonify(resp)
if price <= 0:
resp['code'] = -1
resp['msg'] = '请输入符合规范的售货价格'
return jsonify(resp)
if main_image is None or len(main_image) < 3:
resp['code'] = -1
resp['msg'] = '请上传封面图'
return jsonify(resp)
if summary is None or len(summary) < 3:
resp['code'] = -1
resp['msg'] = '请输入图片面熟,并不能少于10个字符'
return jsonify(resp)
if stock < 1:
resp['code'] = -1
resp['msg'] = '请输入符合规范的库存量'
return jsonify(resp)
if tags is None or len(tags) < 1:
resp['code'] = -1
resp['msg'] = '请输入图书,便于搜索'
return jsonify(resp)
food_info = Food.query.filter_by(id=id).first()
before_stock = 0
if food_info:
model_food = food_info
before_stock = model_food.stock
else:
model_food = Food()
model_food.status = 1
model_food.created_time = getCurrentDate()
model_food.cat_id = cat_id
model_food.name = name
model_food.price = price
model_food.main_image = main_image
model_food.summary = summary
model_food.stock = stock
model_food.tags = tags
model_food.updated_time = getCurrentDate()
db.session.add(model_food)
ret = db.session.commit()
model_stock_change = FoodStockChangeLog()
model_stock_change.food_id = model_food.id
model_stock_change.unit = int(stock) - int(before_stock)
model_stock_change.total_stock = stock
model_stock_change.note = ''
model_stock_change.created_time = getCurrentDate()
db.session.add(model_stock_change)
db.session.commit()
return jsonify(resp)
def logout():
session.clear()
return redirect(UrlManager.build_url("/user/login"))
def set():
if request.method == "GET":
resp_data = {}
req = request.args
id = int(req.get('id', 0))
info = Food.query.filter_by(id=id).first()
if info and info.status != 1:
return redirect(UrlManager.build_url("/food/index"))
cat_list = FoodCat.query.all()
resp_data['info'] = info
resp_data['cat_list'] = cat_list
resp_data['current'] = 'index'
return ops_render("food/set.html", resp_data)
resp = {'code': 200, 'msg': '操作成功~~', 'data': {}}
req = request.values
id = int(req['id']) if 'id' in req and req['id'] else 0
cat_id = int(req['cat_id']) if 'cat_id' in req else 0
name = req['name'] if 'name' in req else ''
price = req['price'] if 'price' in req else ''
main_image = req['main_image'] if 'main_image' in req else ''
summary = req['summary'] if 'summary' in req else ''
stock = int(req['stock']) if 'stock' in req else ''
tags = req['tags'] if 'tags' in req else ''
if cat_id < 1:
resp['code'] = -1
resp['msg'] = "全部分类~~"
return jsonify(resp)
if name is None or len(name) < 1:
resp['code'] = -1
resp['msg'] = "请输入符合规范的名称~~"
return jsonify(resp)
if not price or len(price) < 1:
resp['code'] = -1
resp['msg'] = "请输入符合规范的售卖价格~~"
return jsonify(resp)
price = Decimal(price).quantize(Decimal('0.00'))
if price <= 0:
resp['code'] = -1
resp['msg'] = "请输入符合规范的售卖价格~~"
return jsonify(resp)
if main_image is None or len(main_image) < 3:
resp['code'] = -1
resp['msg'] = "请上传封面图~~"
return jsonify(resp)
if summary is None or len(summary) < 3:
resp['code'] = -1
resp['msg'] = "请输入图书描述,并不能少于10个字符~~"
return jsonify(resp)
if stock < 1:
resp['code'] = -1
resp['msg'] = "请输入符合规范的库存量~~"
return jsonify(resp)
if tags is None or len(tags) < 1:
resp['code'] = -1
resp['msg'] = "请输入标签,便于搜索~~"
return jsonify(resp)
food_info = Food.query.filter_by(id=id).first()
before_stock = 0
if food_info:
model_food = food_info
before_stock = model_food.stock
else:
model_food = Food()
model_food.status = 1
model_food.created_time = get_current_date()
model_food.cat_id = cat_id
model_food.name = name
model_food.price = price
model_food.main_image = main_image
model_food.summary = summary
model_food.stock = stock
model_food.tags = tags
model_food.updated_time = get_current_date()
db.session.add(model_food)
db.session.commit()
FoodService.setStockChangeLog(model_food.id, int(stock) - int(before_stock), "后台修改")
return jsonify(resp)
