def add_user():
data = request.get_json()
username = data.get("username")
password = data.get("password")
permission_dict = data.get("permission_dict")
data = {}
if username and password and permission_dict:
current_user = session.get("user")
if current_user != "root":
data["result"] = "fail"
data["errorinfo"] = "没有权限"
else:
password_md5_str = utils.get_md5(password)
result = dao.save_user(username, password_md5_str)
if result == 1:
u_id = dao.get_id_by_username(username)
if u_id:
total_num = len(permission_dict)
for k, v in permission_dict.items():
total_num -= dao.sava_permission(u_id, int(k), v)
if total_num != 0:
data["result"] = "fail"
data["errorinfo"] = "添加用户成功,但在添加权限时失败,请在修改权限页面重新添加权限"
else:
data["result"] = "success"
else:
abort(500)
else:
data["result"] = "fail"
data["errorinfo"] = "写入数据库时失败"
else:
data["result"] = "fail"
data["errorinfo"] = "提交的信息不完整"
return jsonify(data)
def login(request):
if request.session.get('is_login', None):
#如果已经登录,则直接跳转到首页
return redirect("/%s/index/" % MyappConfig.name)
if request.method == 'POST':
login_form = forms.UserForm(request.POST)
message = "请检查填写的内容!"
if login_form.is_valid():
username = login_form.cleaned_data['username']
password = login_form.cleaned_data['password']
try:
user = User.objects.get(name=username)
if user.password == get_md5(password):
request.session['is_login'] = True
request.session['user_id'] = user.id
request.session['user_name'] = user.name
return redirect("/%s/index/" % MyappConfig.name) #重定向到首页
else:
message = "密码不正确!"
except:
message = "用户不存在!"
login_form = forms.UserForm()
return render(request=request,
template_name="login.html",
context=locals())
def change_password():
username = request.form.get("username")
password = request.form.get("password")
new_password = request.form.get("new_password")
data = {}
if username and password and new_password:
current_user = session.get("user")
if current_user != "root" and current_user != username:
data["result"] = "fail"
data["errorinfo"] = "没有权限"
else:
if current_user != "root":
md5_str = dao.get_password(username)
new_md5_str = utils.get_md5(new_password)
if not md5_str:
data["result"] = "fail"
data["errorinfo"] = "此用户不存在"
elif not utils.check_password(password, md5_str):
data["result"] = "fail"
data["errorinfo"] = "密码错误"
elif md5_str == new_md5_str:
data["result"] = "fail"
data["errorinfo"] = "密码与原先一致"
else:
result = dao.update_password(username, new_md5_str)
if result == 1:
data["result"] = "success"
else:
data["result"] = "fail"
data["errorinfo"] = "修改未成功"
else:
md5_str = dao.get_password(username)
new_md5_str = utils.get_md5(new_password)
if not md5_str:
data["result"] = "fail"
data["errorinfo"] = "此用户不存在"
else:
result = dao.update_password(username, new_md5_str)
if result == 1:
data["result"] = "success"
else:
data["result"] = "fail"
data["errorinfo"] = "修改未成功"
else:
data["result"] = "fail"
data["errorinfo"] = "用户名或密码不能为空"
return jsonify(data)
def register(request):
#首先判断当前用户是否是登录状态,如果是登录状态跳转到首页
if request.session.get('is_login', None):
return redirect("/%s/index/" % MyappConfig.name)
if request.method == 'POST':
register_form = forms.RegisterForm(request.POST)
message = "请检查填写的内容"
if register_form.is_valid():
# other = register_form.cleaned_data['other']
# print(other)
username = register_form.cleaned_data['username']
password1 = register_form.cleaned_data['password1']
password2 = register_form.cleaned_data['password2']
email = register_form.cleaned_data['email']
sex = register_form.cleaned_data['sex']
if password1 == password2:
sample_name_user = User.objects.filter(name=username)
print(type(sample_name_user))
if not sample_name_user:
sample_email_user = User.objects.filter(email=email)
if not sample_email_user:
new_user = User.objects.create()
new_user.name = username
new_user.password = get_md5(password1)
new_user.email = email
new_user.sex = sex
new_user.save()
code = make_confirm_string(new_user) #创建确认码
send_email(email, code)
message = '请前往注册邮箱,进行邮件确认!'
app_name = MyappConfig.name
return render(request=request,
template_name="confirm.html",
context=locals())
else:
message = '该邮箱地址已被注册,请使用别的邮箱!'
else:
message = "用户已存在,请重新输入用户名"
else:
message = "用户名密码不一致"
register_form = forms.RegisterForm()
return render(request=request,
template_name="register.html",
context=locals())
def make_confirm_string(user):
now = datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S')
code = get_md5(user.name, now)
ConfirmString.objects.create(code=code, user=user)
return code