def login():
if request.method == 'GET':
return render_template('user/login.html')
resp_suc = {'code': 200, 'msg': '登录成功', "data": {}}
resp_err = {'code': -1, 'msg': '请输入正确的用户名和密码', "data": {}}
req = request.values
login_name = req['login_name'] if 'login_name' in req else ''
login_pwd = req['login_pwd'] if 'login_pwd' in req else ''
if login_name is None or len(login_name) < 1:
return jsonify(resp_err)
if login_pwd is None or len(login_pwd) < 1:
return jsonify(resp_err)
user_info = User.query.filter_by(login_name=login_name).first()
if not user_info:
return jsonify(resp_err)
if user_info.login_pwd != UserService.gene_pwd(pwd=login_pwd,
salt=user_info.login_salt):
return jsonify(resp_err)
response = make_response(json.dumps(resp_suc))
response.set_cookie(
app.config['AUTH_COOKIE_NAME'],
"%s#%s" % (UserService.gene_auth_code(user_info), user_info.uid))
return response
def reset_pwd():
if request.method == "GET":
return ops_render("user/reset_pwd.html", {"current": "reset-pwd"})
res = {"code": 200, "msg": "操作成功", "data": {}}
request_data = request.values
old_password = request_data["old_password"] if "old_password" in request_data else ""
new_password = request_data["new_password"] if "new_password" in request_data else ""
if not old_password or len(old_password) < 6:
res["code"] = -1
res["msg"] = "请输入不少于6位的新密码~~"
return jsonify(res)
if old_password == new_password:
res["code"] = -1
res["msg"] = "新密码不能与原密码相同~~"
return jsonify(res)
user_info = g.current_user
# 修改密码后更新user对象的加密字符串
user_info.login_pwd = UserService.gene_pwd(new_password, user_info.login_salt)
# 数据库更新
db.session.add(user_info)
db.session.commit()
# 更新新密码的cookie值,避免cookie验证不通过造成的页面退出,跳转到登录页面
response = make_response(json.dumps({"code": 200, "msg": "修改成功"}))
response.set_cookie(app.config["AUTH_COOKIE_NAME"],
f"{UserService.gene_auth_code(user_info)}#{user_info.uid}",
60 * 60 * 24 * 120) # 保存120天
return response
def resetPwd():
if request.method == 'GET':
return ops_render("user/reset_pwd.html")
resp = {'code': 200, 'msg': '操作成功', "data": {}}
req = request.values
old_password = req['old_password'] if 'old_password' in req else ''
new_password = req['new_password'] if 'new_password' in req else ''
if old_password is None or len(old_password) < 6:
resp['code'] = -1
resp['msg'] = '请输入正确的原密码'
return jsonify(resp)
if new_password is None or len(new_password) < 6:
resp['code'] = -1
resp['msg'] = '请输入不少于6位的新密码'
return jsonify(resp)
if old_password == new_password:
resp['code'] = -1
resp['msg'] = '新密码不能等于旧密码'
return jsonify(resp)
user_info = g.current_user
if user_info.login_pwd != UserService.gene_pwd(old_password,
user_info.login_salt):
resp['code'] = -1
resp['msg'] = '请输入正确的原密码'
return jsonify(resp)
user_info.login_pwd = UserService.gene_pwd(new_password,
user_info.login_salt)
db.session.add(user_info)
db.session.commit()
response = make_response(json.dumps(resp))
response.set_cookie(
app.config['AUTH_COOKIE_NAME'],
"%s#%s" % (UserService.gene_auth_code(user_info), user_info.uid))
return response
def login():
if request.method == "GET":
return ops_render("user/login.html")
res = {"code": None, "msg": "登录成功", "data": {}}
req = request.values
login_name = req["login_name"] if "login_name" in req else ""
login_pwd = req["login_pwd"] if "login_pwd" in req else ""
if login_name is None or len(login_name) < 1:
res["code"] = -1
res["msg"] = "请输入正确的用户名或密码"
return jsonify(res)
if login_pwd is None or len(login_pwd) < 1:
res["code"] = -1
res["msg"] = "请输入正确的用户名或密码"
return jsonify(res)
# 查询数据库记录,取第一条,返回一个对象
user_info = User.query.filter_by(login_name=login_name).first()
if not user_info:
res["code"] = -1
res["msg"] = "请输入正确的用户名或密码"
return jsonify(res)
# 将输入的密码传入加密方法与数据库加密数据对比
if user_info.login_pwd != UserService.gene_pwd(login_pwd, user_info.login_salt):
res["code"] = -1
res["msg"] = "请输入正确的用户名或密码"
return jsonify(res)
# 验证账户的状态是否有效
if user_info.status != 1:
res['code'] = -1
res['msg'] = "账号已被禁用,请联系管理员处理"
return jsonify(res)
response = make_response(json.dumps({"code": 200, "msg": "登录成功"}))
response.set_cookie(app.config["AUTH_COOKIE_NAME"],
f"{UserService.gene_auth_code(user_info)}#{user_info.uid}",
60 * 60 * 24 * 120) # 保存120天
return response
from common.libs.member.MemberService import MemberService
from common.libs.user.UserService import UserService
from common.models.member.Member import Member
print(UserService.gene_pwd('123456', "cF3JfH5FJfQ8B2Ba"))
import pip._internal.pep425tags
print(pip._internal.pep425tags.get_supported())
print('相关的会计法律制度#$会计账目#$原始凭证#$实际发生的经济业务事项\n#$'.replace('\n',
'').split("#$")[:-1])
member_info = Member.query.filter_by(id=2).first()
print(MemberService.geneAuthCode(member_info))
def set():
if request.method == 'GET':
val = request.values
uid = int(val['id']) if val.get('id', '') and val.get('id', '').isdigit() else 0
info = User.query.filter_by(uid=uid).first()
resp_data = {}
if info:
resp_data['info'] = info
else:
resp_data['info'] = None
return ops_render('account/set.html', resp_data)
resp = {'code': 200, 'msg': '操作成功', "data": {}}
req = request.values
uid = int(req['id']) if req.get('id', '') and req.get('id', '').isdigit() else 0
nickname = req['nickname'] if 'nickname' in req else ''
mobile = req['mobile'] if 'mobile' in req else ''
login_name = req['login_name'] if 'login_name' in req else ''
login_pwd = req['login_pwd'] if 'login_pwd' in req else ''
email = req['email'] if 'email' in req else ''
if nickname is None or len(nickname) < 2:
resp['code'] = -1
resp['msg'] = '请输入2位以上的用户名'
return jsonify(resp)
if mobile is None or len(mobile) < 11:
resp['code'] = -1
resp['msg'] = '请输入不少于11位的电话'
return jsonify(resp)
if login_name is None or len(nickname) < 2:
resp['code'] = -1
resp['msg'] = '请输入2位以上的登录名'
return jsonify(resp)
if login_pwd is None or len(login_pwd) < 6:
resp['code'] = -1
resp['msg'] = '请输入6位以上的密码'
return jsonify(resp)
if email is None or len(email) < 2:
resp['code'] = -1
resp['msg'] = '请输入正确的邮箱'
return jsonify(resp)
user_info = User.query.filter(User.uid != uid,User.login_name == login_name).first()
if user_info:
app.logger.info(uid)
app.logger.info(user_info)
resp['code'] = -1
resp['msg'] = '登录用户名已存在'
return jsonify(resp)
user_info = User.query.filter(User.uid == uid).first()
if not user_info:
user_info=User()
user_info.created_time = get_current_time()
user_info.login_salt = UserService.gene_salt()
user_info.login_pwd = UserService.gene_pwd(login_pwd, user_info.login_salt)
user_info.nickname = nickname
user_info.login_name = login_name
user_info.email = email
user_info.mobile = mobile
user_info.updated_time = get_current_time()
db.session.add(user_info)
db.session.commit()
return resp
def set_info():
default_pwd = "******"
if request.method == "GET":
res = {}
request_data = request.args # 只能回去get请求的参数
uid = int(request_data.get('id', 0))
user_info = None
if uid:
user_info = User.query.filter_by(uid=uid).first()
res['info'] = user_info
return ops_render('account/set.html', res)
res = {'code': 200, 'msg': '操作成功', 'data': {}}
# 获取请求传过来参数
request_data = request.values
uid = request_data['id'] if 'id' in request_data else ''
nickname = request_data['nickname'] if 'nickname' in request_data else ''
mobile = request_data['mobile'] if 'mobile' in request_data else ''
email = request_data['email'] if 'email' in request_data else ''
login_name = request_data[
'login_name'] if 'login_name' in request_data else ''
login_pwd = request_data['login_pwd'] if 'login_pwd' in request_data else ''
# 验证参数是否合法
if nickname is None or len(nickname) < 1:
res['code'] = -1
res['msg'] = "请输入符合规范的姓名~~"
return jsonify(res)
if mobile is None or len(mobile) < 1:
res['code'] = -1
res['msg'] = "请输入符合规范的手机号码~~"
return jsonify(res)
if email is None or len(email) < 1:
res['code'] = -1
res['msg'] = "请输入符合规范的邮箱~~"
return jsonify(res)
if login_name is None or len(login_name) < 1:
res['code'] = -1
res['msg'] = "请输入符合规范的登录用户名~~"
return jsonify(res)
if login_pwd is None or len(email) < 6:
res['code'] = -1
res['msg'] = "请输入符合规范的登录密码~~"
return jsonify(res)
# 验证登录名是否存在数据库其他用户信息里面,filter传入多个查询条件
has_in = User.query.filter(User.login_name == login_name,
User.uid != uid).first()
if has_in:
res['code'] = -1
res['msg'] = "该登录名已存在,请换一个试试~~"
return jsonify(res)
# 数据库验证后修改,filter_by传入单个查询条件
user_info = User.query.filter_by(uid=uid).first()
if user_info:
user_obj = user_info
else:
# 查询不到用户信息,说明为新增用户
user_obj = User()
user_obj.created_time = get_current_time()
user_obj.login_salt = UserService.get_salt()
user_obj.nickname = nickname
user_obj.mobile = mobile
user_obj.email = email
user_obj.login_name = login_name
if login_pwd != default_pwd:
# 说明修改了密码
user_obj.login_pwd = UserService.gene_pwd(login_pwd,
user_obj.login_salt)
user_obj.updated_time = get_current_time()
db.session.add(user_obj)
db.session.commit()
return jsonify(res)
