def setUp(self): """ Method called to prepare the test fixture """ self.newUser = Users() self.register = self.newUser.user_register("*****@*****.**", "mwaz", "password", "password") app.config['TESTING'] = True self.test_app = app.test_client()
async def login(request): if request.method == 'POST': username = request.form.get('username', '') password = request.form.get('password', '') #用户名和密码长度,类型等验证, pwd = Users().passwd(password) admin = Users.get(Users.phone == username, Users.password == pwd) if admin: keys = [ 'show_id', 'username', 'phone', 'is_admin', 'level', 'id', 'agent_id' ] cookies = admin.to_dict(keys) cookies_json = set_cookies(COOKIE_TOKEN, cookies) res = response.text(ujson.dumps({'login': '******', 'code': 1})) res.cookies['user'] = cookies_json res.cookies["user"]["max-age"] = 36000 return res else: res = response.text( ujson.dumps({ 'login': '******', 'code': 0, 'info': '登录失败:用户名或密码错误' })) return res else: return jinja.render("admin/login.html", request, message="")
async def user_list(request): """ 用户列表 :param request: :return: """ if request.method == 'GET': user_query = Users.select().filter(Users.deleted == 0) cookie = request.cookies.get("user") user = get_cookies(AGENT_COOKIE_TOKEN, cookie) username = user.get('username') is_admin = user.get('is_admin') kargs = {} kargs['username'] = username kargs['is_admin'] = is_admin kargs['id'] = request.args.get("id", "") kargs['phone'] = request.args.get("phone", "") kargs["username"] = request.args.get("username", "") kargs["level"] = request.args.get("level", "") kargs["agent_id"] = request.args.get("agent_id", "") kargs["is_admin"] = request.args.get("is_admin", "") query = UserService().user_list(**kargs) data = get_page_data(request, query) return jinja.render("admin/user-list.html", request, kargs=kargs, data=data, user_query=user_query) elif request.method == "POST": id = request.form.get("id") Users.update({Users.deleted: 1}).where(Users.id == id).execute() return text("已删除")
def init_user(): user = Users() user.username = "******" user.phone = "17830466355" user.is_admin = 1 user.level = 1 user.password = user.passwd("466355") user.save()
def user_register(prop_id=None): # If the user is already authenticated, redirect if current_user.is_authenticated: return redirect(url_for('index')) # Get the register user form form = RegisterForm() # Validate the form if submitted view post request if request.method == 'POST': email = form.email.data pswd = form.password.data confirm = form.password_confirm.data if form.validate_on_submit(): # Create user and update password user_datastore.create_user(email=email, password=pswd) db.session.commit() user = Users.check_user(email) # Complete the login and redirect to correct page login_user(user) if not prop_id: return redirect(url_for('index')) # Should be account page else: return redirect(url_for('prop', prop_id=prop_id)) # Check if the user email exists else: if Users.check_user(email): err_msg = 'An Account for this Email Already Exists!' # If the password doesn't match elif pswd != confirm: err_msg = 'Passwords Do Not Match!' # Catch for any other errors else: err_msg = 'Invalid Email!' # Return the template with the correct error message return render_template('user_register.html', prop_id=prop_id, register_user_form=form, err_msg=err_msg) # Render the template return render_template('user_register.html', prop_id=prop_id, register_user_form=form, err_msg=False)
def query_invite(self, user, **kargs): if user.get("is_admin", "") == True: query = Users.select().filter( Users.deleted == 0, Users.agent_id == kargs.get( "agent_id", "")).order_by(Users.create_time.desc()) else: query = Users.select().filter( Users.deleted == 0, Users.agent_id == user.get("id")).order_by( Users.create_time.desc()) if "username" in kargs and kargs.get('username').strip(): query = query.filter(username=kargs["username"]) if "user_id" in kargs and kargs.get('user_id').strip(): query = query.filter(id=kargs["user_id"]) return query
def login(): # auth = request.authorization # if not auth or not auth.username or not auth.password: # return jsonify(error="Invalid username or password was provided"), 200 # user = Users.query.filter_by(username=auth.username).first() # if user is None: # return jsonify(error='User does not exist'), 400 # if user.suspended is True: # return jsonify(message='Unable to login due to your account being suspended'), 401 # if user: # if bcrypt.checkpw(auth.password.encode('utf-8'), bytes(user.password)): # token = jwt.encode({'id': user.id, 'email': user.email}, os.getenv('JWT_KEY')) # return jsonify(message='Login successful', token=token.decode('UTF-8')), 200 # return jsonify(message='Unable to login, passwords did not match'), 400 data = request.get_json(force=True) if not data['username'] or not data['password']: return jsonify(message="The username or password you entered did not match our records. Are you sure you typed the correct credentials?"), 401 user = Users.select().where(Users.username==data['username']).get() if user is None: return jsonify(message='The username or password you entered did not match our records. Are you sure you typed the correct credentials?'), 401 if user.suspended is True: return jsonify(message='Unable to login due to your account being suspended. Learn more information at https://help.pebblo.org/accounts'), 401 if user: if bcrypt.checkpw(data['password'].encode('utf-8'), bytes(user.password)): token = jwt.encode({'id': user.id, 'email': user.email, 'exp': datetime.datetime.utcnow() + datetime.timedelta(days=7)}, os.getenv('JWT_KEY')) return jsonify(message='Login successful', token=token.decode('UTF-8')), 200 return jsonify(message='Unable to login, passwords did not match'), 401
def user_login(prop_id=None): # If the user is already authenticated, redirect if current_user.is_authenticated: return redirect(url_for('index')) # Get the login user form form = LoginForm() # Validate the form if submitted via post request if request.method == 'POST': if form.validate_on_submit(): email = form.email.data user = Users.check_user(email) # Complete the login and redirect to correct page login_user(user) if not prop_id: return redirect(url_for('index')) # Should be account page else: return redirect(url_for('prop', prop_id=prop_id)) # Return the failure message if form not validated else: err_msg = 'Invalid Email or Password!' return render_template('user_login.html', prop_id=prop_id, login_user_form=form, err_msg=err_msg) # Render the template return render_template('user_login.html', prop_id=prop_id, login_user_form=form, err_msg=False)
def signin(): """ Sign in an existing user """ form = SignInForm(request.form) next = request.args.get('next', '/') if request.method == 'POST' and form.validate(): email = form.email.data password = form.password.data if email: user = Users.get_one(email=email) if not user: form.email.errors = ['No such user or password'] else: if not user.check_password(password.encode()): form.email.errors = ['No such user or password'] else: login_user(user, remember=True) return redirect(form.next.data) # Not a POST or errors form.next.data = next context = {'form': form} content = render_template('signin.html', **context) return content
def on_get(self, req, resp, **args): ''' City Controller Get Request Method ''' # Returns users with specified city id if 'id' in args and ObjectId.is_valid(args['id']): resp.json = [i.to_json() for i in User.objects(city=args['id'])] # If ?id= is in url and value for id is valid ObjectId if 'id' in req.params and ObjectId.is_valid(req.params['id']): try: # Get document from db with specified id and respond in json resp.json = City.objects(id=req.params['id'])[0].to_json() # Id not in database? - display error except Exception: resp.status = falcon.HTTP_400 resp.json = { "message": "City id: %s not found in database!" % req.params['id'] } # Everything else just display all cities else: cities = [i.to_json() for i in City.objects] resp.json = cities
def on_post(self, req, resp): ''' Users Controller Post Request Method ''' try: user = User(avatar=req.json.get('avatar', ''), first_name=req.get_json('first_name'), last_name=req.get_json('last_name'), email=req.get_json('email'), password=req.get_json('password'), city=ObjectId(req.get_json('city'))) user.save() resp.json = user.to_json() except Exception as e: resp.status = falcon.HTTP_400 if hasattr(e, 'title') and hasattr(e, 'description'): resp.json = {"message": "%s - %s" % (e.title, e.description)}
def register(): if request.method == "POST": userName = request.form.get("username") userEmail = request.form.get("email").lower() userPassword = request.form.get("password") userConfirmPassword = request.form.get("confirmation") # Check lenght of password if len(userPassword) <= 5: return apology("Password is too short", 400) if checkUserInfo(userName, userEmail, userPassword, userConfirmPassword) == True: hashPassword = generate_password_hash(userPassword) newUser = Users(name=userName, email=userEmail, password=hashPassword) try: db.session.add(newUser) db.session.commit() session["user_id"] = newUser.id session["email"] = newUser.email return redirect("/") except IntegrityError as e: # Check if User already exist in DB by email # return errorhandler(e) alternative variant from server eror return apology("Email already exist", 400) else: return apology( checkUserInfo(userName, userEmail, userPassword, userConfirmPassword)) else: # GET return render_template("register.html")
def user_score_based_recommend(self, users, target_user): """ @data: data is a list of recommend contents's ids """ engine = UserScoreBasedRecommendEngine(self) data = engine.run(Users(users), User(target_user)) return data
def update_user(self, user_id, data): ''' 修改 :param show_id: :param data: :return: ''' user = Users.get(Users.id == user_id) if "username" in data and data.get("username").strip(): user.username = data.get("username") if "phone" in data and data.get("phone").strip(): user.phone = data.get("phone") if "password" in data and data.get("password").strip(): user.password = Users().passwd(data.get('password')) if "level" in data and data.get("level").strip(): user.level = data.get("level") user.save()
def user(user_id): user = Users.select().where(Users.id==user_id.id) return jsonify( id=user.id, username=user.username, avatar=user.avatar, bio=user.bio, vanity=user.vanity ), 200
def forgot(user_id): user = Users.select().where(Users.id==user_id.id) letters = string.ascii_lowercase+string.ascii_uppercase ran = ''.join(random.choice(letters) for i in range(7)) update = (Users .update(Users.email_code==ran) .where(Users.id==user_id.id) .execute()) return json.dumps({'message': 'Email Code generated https://pebblo.org/account/verify/{user.email_code}'})
def load_user(userid): """ Used by login to get a user " @param userid: User referenced in the database pass in by flask """ try: user = Users.get(userid) except: return None return user
def init_balance(): balance = Balance() balance.username = "******" balance.phone = "17830466355" balance.amount = 0 balance.commission = 0 user = Users().get(Users.phone == "17830466355") balance.user_id = user.id balance.save()
async def agent_info(request): ''' 个人信息展示 :param request: :return: ''' if request.method == 'GET': cookie = request.cookies.get("user") user = get_cookies(AGENT_COOKIE_TOKEN, cookie) user_id = user.get("id") query = Users().select().filter(Users.deleted == 0, Users.id == user_id) code = Users().get(id=user_id) invite_url = "http://{}/change_pwd/?user_code={}".format( request.host, code.user_code) return jinja.render("admin/user_info.html", request, data=query, invite_url=invite_url)
def render_template(self, view_filename, params=None): if not params: params = {} cookie_law = self.request.cookies.get("cookie_law") if cookie_law: params["cookies"] = True user = users.get_current_user() if user: params["user"] = user new_user = Users(email=user.email(), name="Test") new_user.put() params["logout_url"] = users.create_logout_url('/') else: params["login_url"] = users.create_login_url('/') template = jinja_env.get_template(view_filename) return self.response.out.write(template.render(params))
def user2(user_id): user = Users.select().where(Users.id==user_id.id) return jsonify( id=user.id, username=user.username, avatar=user.avatar, bio=user.bio, vanity=user.vanity, created_at=user.created_at, updated_at=user.updated_at ),
def get(self): topics = Topic.query( Topic.deleted == False, Topic.updated < datetime.datetime.now() - datetime.timedelta(hours=24)).fetch() users123 = Users.query().fetch() for user in users123: mail.send_mail(sender="*****@*****.**", to=user, subject="New topics", body="""New topic {0}""".format(topics))
def get_or_create_user(user_id): user = db_session.query(Users).filter_by(id=user_id).first() if not user: profile = line_bot_api.get_profile(user_id) user = Users(id=user_id, nick_name=profile.display_name, image_url=profile.picture_url) db_session.add(user) db_session.commit() return user
def query_pay_report(self, kargs, user_id): user = Users.get(Users.id == user_id) query = PayOrders.select().filter(PayOrders.deleted == 0) if not user.is_admin: query = query.filter(PayOrders.user_id == user_id) if kargs.get("out_trade_no", ""): query = query.filter( PayOrders.out_trade_no.contains(kargs["out_trade_no"])) if kargs.get("pay_trade_no", ""): query = query.filter( PayOrders.pay_trade_no.contains(kargs["pay_trade_no"])) query = query.order_by(PayOrders.create_time.desc()) return query
async def alipay_notify(request): if request.method=='POST': _data = request.form data={} for key in _data.keys(): data.update({key:_data.get(key)}) signature = data.pop("sign") # verify success = _alipay.verify(data, signature) if success and data["trade_status"] in ("TRADE_SUCCESS","TRADE_FINISHED"): invoice_amount = float(data['invoice_amount']) trade_no = data.get('out_trade_no') order = PayOrders.get(PayOrders.out_trade_no==trade_no) user_id = order.user_id if order.status==0: order.status = 1 order.save() old = Balance().get(Balance.user_id==user_id) Balance().update({"amount":old.amount+float(invoice_amount)}).where(Balance.user_id == user_id).execute() # 首次充值邀请加10元 if PayOrders().filter(PayOrders.user_id==user_id,PayOrders.status==1).count()==1: user = Users().get(Users.id == user_id) if user.agent_id !=0: detail = "你邀请ID为{}的首冲奖励".format(user_id) Commission().create(user_id=user.agent_id, from_user_id=user_id, once_amount=10, detail=detail) agent_old_balance = Balance.get(Balance.user_id == user.agent_id) Balance().update({Balance.commission: agent_old_balance.commission + 10}).where( Balance.user_id == user.agent_id).execute() return response.html("<html><center><h1>支付成功</h2></center></html>") else: return response.html("<html><center><h1>支付失败</h2></center></html>") else: data = dict(request.query_args) signature = data.pop("sign") success = _alipay.verify(data, signature) if success and data["trade_status"] in ("TRADE_SUCCESS","TRADE_FINISHED"): trade_no = data.get('out_trade_no') order = PayOrders.get(PayOrders.out_trade_no==trade_no) if order.status==0: order.status = 1 order.save() return response.html("<html><center><h1>支付成功</h2></center></html>") else: return response.html("<html><center><h1>支付失败</h2></center></html>")
async def user_update(request, show_id): ''' 信息修改 :param request: :return: ''' if request.method == 'GET': data = Users.select().filter(Users.show_id == show_id).get() data = model_to_dict(data) return jinja.render("admin/user-update.html", request, data=data) elif request.method == 'POST': data = request.form user_id = request.app.get_id_by_show_id(show_id) UserService().update_user(user_id, data) return text('修改完成')
def on_get(self, req, resp): ''' Users Controller Get Request Method ''' if 'id' in req.params and ObjectId.is_valid(req.params['id']): try: resp.json = User.objects(id=req.params['id'])[0].to_json() except Exception: resp.status = falcon.HTTP_400 resp.json = { "message": "User id: %s not found in database!" % req.params['id'] } else: users = [i.to_json() for i in User.objects] resp.json = users
def on_delete(self, req, resp): ''' Users Controller Delete Request Method ''' if 'id' in req.params and ObjectId.is_valid(req.params['id']): res = User.objects(id=req.params['id']).delete() if res == 1: resp.json = { "message": "User id: %s deleted successfully!" % req.params['id'] } else: resp.status = falcon.HTTP_400 resp.json = { "message": "User id: %s not in database!" % req.params['id'] }
def verify(user_id): user = Users.select().where(Users.id==user_id.id) letters = string.ascii_lowercase+string.ascii_uppercase ran = ''.join(random.choice(letters) for i in range(7)) if ran != user.email_code or not user.email_code: return json.dumps({'error': 'Email doesn\'t exist.'}) if not user: return json.dumps({'error': 'User doesn\'t exist.'}) if user.verified_email is not False: return json.dumps({'error': 'Email already verified.'}) update = (Users .update(verified_at=datetime.datetime.now()) .where(Users.email_code==user.email_code) .execute()) return json.dumps({'message': 'Email has been verified'})
def reset_token(token): """Router for reset password page.""" if current_user.is_authenticated: return redirect(url_for('home')) user = Users.verify_reset_token(token) if user is None: flash(f'Это недействительный или просроченный код!', 'warning') return redirect(url_for('reset_request')) form = ResetPasswordForm() # change password if form.validate_on_submit(): hashed_password = bcrypt.generate_password_hash( form.password.data).decode('utf-8') user.password = hashed_password db.session.commit() flash(f'Ваш пароль успешно изменен! Войдите в систему.', 'success') return redirect(url_for('login')) return render_template('reset_token.html', title='Изменение пароля', form=form)