def get(self, request):
phone = request.GET.get("phone")
send_captcha = request.GET.get("captcha")
pageSate = int(request.GET.get("pageState"))
captcha = Captcha(request)
if not captcha.check(send_captcha):
message = "验证码错误"
print message
return shortcuts.error_response(message)
else:
# 号码存在
if CheckPhone(phone):
# 页面为找回
if pageSate == 1:
return SendMessageBefore(phone, request)
# 页面为注册
else:
message = "手机号已注册"
print message
return shortcuts.error_response(message)
# 号码不存在
else:
# 页面为注册
if pageSate == 0:
return SendMessageBefore(phone, request)
# 页面为找回0
else:
message = "用户不存在"
return shortcuts.error_response(message)
def post(self, request):
if request.user.is_authenticated:
return self.error(
"You have already logged in, are you kidding me? ")
data = request.data
captcha = Captcha(request)
if not captcha.check(data["captcha"]):
return self.error("Invalid captcha")
try:
user = User.objects.get(email__iexact=data["email"])
except User.DoesNotExist:
return self.error("User does not exist")
if user.reset_password_token_expire_time and 0 < int(
(user.reset_password_token_expire_time -
now()).total_seconds()) < 20 * 60:
return self.error(
"You can only reset password once per 20 minutes")
user.reset_password_token = rand_str()
user.reset_password_token_expire_time = now() + timedelta(minutes=20)
user.save()
render_data = {
"username":
user.username,
"website_name":
SysOptions.website_name,
"link":
f"{SysOptions.website_base_url}/reset-password/{user.reset_password_token}"
}
email_html = render_to_string("reset_password_email.html", render_data)
send_email_async.send(from_name=SysOptions.website_name_shortcut,
to_email=user.email,
to_name=user.username,
subject=f"Reset your password",
content=email_html)
return self.success("Succeeded")
def post(self, request):
"""
提交请求重置密码
---
request_serializer: ApplyResetPasswordSerializer
"""
serializer = ApplyResetPasswordSerializer(data=request.data)
if serializer.is_valid():
data = serializer.data
captcha = Captcha(request)
if not captcha.check(data["captcha"]):
return error_response(u"验证码错误")
try:
user = User.objects.get(email=data["email"])
except User.DoesNotExist:
return error_response(u"用户不存在")
if user.reset_password_token_create_time and (now() - user.reset_password_token_create_time).total_seconds() < 20 * 60:
return error_response(u"20分钟内只能找回一次密码")
user.reset_password_token = rand_str()
user.reset_password_token_create_time = now()
user.save()
email_template = codecs.open(settings.TEMPLATES[0]["DIRS"][0] + "utils/reset_password_email.html", "r", "utf-8").read()
email_template = email_template.replace("{{ username }}", user.username).\
replace("{{ website_name }}", settings.WEBSITE_INFO["website_name"]).\
replace("{{ link }}", request.scheme + "://" + request.META['HTTP_HOST'] + "/reset_password/t/" + user.reset_password_token)
send_email(settings.WEBSITE_INFO["website_name"],
user.email,
user.username,
settings.WEBSITE_INFO["website_name"] + u" 登录信息找回邮件",
email_template)
return success_response(u"邮件发送成功,请前往您的邮箱查收")
else:
return serializer_invalid_response(serializer)
def post(self, request):
"""
User register api
"""
if not SysOptions.allow_register:
return self.error("Register function has been disabled by admin")
data = request.data
data["username"] = data["username"].lower()
data["email"] = data["email"].lower()
if not data["sno"].isdigit():
return self.error("SNo be digital")
captcha = Captcha(request)
if not captcha.check(data["captcha"]):
return self.error("Invalid captcha")
if User.objects.filter(username=data["username"]).exists():
return self.error("Username already exists")
if User.objects.filter(email=data["email"]).exists():
return self.error("Email already exists")
if User.objects.filter(sno=data["sno"]).exists():
return self.error("Student ID already exists")
user = User.objects.create(username=data["username"],
email=data["email"],
sno=data["sno"])
user.set_password(data["password"])
user.save()
UserProfile.objects.create(user=user)
return self.success("Succeeded")
def post(self, request):
serializer = UserRegisterSerializer(data=request.POST)
if serializer.is_valid():
data = serializer.data
captcha = Captcha(request)
if not captcha.check(data["captcha"]):
return error_response(u"验证码错误")
try:
User.objects.get(username=data["username"])
return error_response(u"用户名已存在")
except User.DoesNotExist:
pass
try:
User.objects.get(email=data["email"])
return error_response(u"该邮箱已被注册,请换其他邮箱进行注册")
except User.DoesNotExist:
user = User.objects.create(username=data["username"],
email=data["email"])
user.set_password(data["password"])
user.save()
cart = Cart.objects.create() #初始化购物车
UserProfile.objects.create(user=user, cart=cart)
return success_response(u"注册成功!")
else:
return serializer_invalid_response(serializer)
def post(self, request):
"""
User register api
"""
if not SysOptions.allow_register:
return self.error("Register function has been disabled by admin")
data = request.data
data["username"] = data["username"].lower()
data["bj_username"] = data["bj_username"].strip()
data["hr_username"] = data["hr_username"].strip()
data["email"] = data["email"].lower()
captcha = Captcha(request)
if not captcha.check(data["captcha"]):
return self.error("Invalid captcha")
# 백준 체크
response = requests.get('https://www.acmicpc.net/user/' +
data["bj_username"])
if response.status_code != 200:
return self.error("Baekjoon username not found")
if User.objects.filter(username=data["username"]).exists():
return self.error("Username already exists")
if User.objects.filter(email=data["email"]).exists():
return self.error("Email already exists")
user = User.objects.create(username=data["username"],
email=data["email"])
user.set_password(data["password"])
user.save()
UserProfile.objects.create(user=user,
bj_username=data["bj_username"],
hr_username=data["hr_username"])
return self.success("Succeeded")
def post(self, request):
"""
User register api
"""
if not SysOptions.allow_register:
return self.error("Register function has been disabled by admin")
data = request.data
data["username"] = data["username"].lower()
data["email"] = data["email"].lower()
is_vip = False
if 'vipcode' in data and data['vipcode'] == '4088760021':
is_vip = True
captcha = Captcha(request)
if not captcha.check(data["captcha"]):
return self.error("Invalid captcha")
if User.objects.filter(username=data["username"]).exists():
return self.error("Username already exists")
if User.objects.filter(email=data["email"]).exists():
return self.error("Email already exists")
user = User.objects.create(username=data["username"],
email=data["email"],
is_vip=is_vip)
user.set_password(data["password"])
user.save()
UserProfile.objects.create(user=user)
return self.success("Succeeded")
def post(self, request):
data = request.data
# 判断验证码是否正确
captcha = Captcha(request)
if not captcha.check(data.get('captcha')):
return self.error("Invalid captcha")
# 判断用户名和邮箱是否存在
# 用户名和邮箱都保存小写
data['username'] = data['username'].lower()
data['email'] = request.data['email'].lower()
if User.objects.filter(username=data.get('username')).exists():
return self.error(msg="Username already exists")
if User.objects.filter(username=data.get('email')).exists():
return self.error(msg="Email already exists")
# 创建用户
user = User.objects.create(username=data['username'],
email=data['email'])
user.set_password(data['password'])
user.save()
# UserProfile.objects.create(user=user)
res = self.success("Succeeded")
return res
def post(self, request):
if request.user.is_authenticated():
return self.error("Вы уже вошли в систему, у вас всё норм? ")
data = request.data
captcha = Captcha(request)
if not captcha.check(data["captcha"]):
return self.error("Неверная капча")
try:
user = User.objects.get(email__iexact=data["email"])
except User.DoesNotExist:
return self.error("Пользователь не существует")
if user.reset_password_token_expire_time and 0 < int(
(user.reset_password_token_expire_time -
now()).total_seconds()) < 20 * 60:
return self.error(
"Вы можете сбросить пароль не больше раза за 20 минут")
user.reset_password_token = rand_str()
user.reset_password_token_expire_time = now() + timedelta(minutes=20)
user.save()
render_data = {
"username":
user.username,
"website_name":
SysOptions.website_name,
"link":
f"{SysOptions.website_base_url}/reset-password/{user.reset_password_token}"
}
email_html = render_to_string("reset_password_email.html", render_data)
send_email_async.delay(from_name=SysOptions.website_name_shortcut,
to_email=user.email,
to_name=user.username,
subject=f"Reset your password",
content=email_html)
return self.success("Успешно")
def post(self, request):
"""
提交请求重置密码
---
request_serializer: ApplyResetPasswordSerializer
"""
serializer = ApplyResetPasswordSerializer(data=request.data)
if serializer.is_valid():
data = serializer.data
captcha = Captcha(request)
if not captcha.check(data["captcha"]):
return error_response(u"验证码错误")
try:
user = User.objects.get(username=data["username"], email=data["email"])
except User.DoesNotExist:
return error_response(u"用户不存在")
if user.reset_password_token_create_time and (now() - user.reset_password_token_create_time).total_seconds() < 20 * 60:
return error_response(u"20分钟内只能找回一次密码")
user.reset_password_token = rand_str()
user.reset_password_token_create_time = now()
user.save()
email_template = codecs.open(settings.TEMPLATES[0]["DIRS"][0] + "utils/reset_password_email.html", "r", "utf-8").read()
email_template = email_template.replace("{{ username }}", user.username).\
replace("{{ website_name }}", settings.WEBSITE_INFO["website_name"]).\
replace("{{ link }}", request.scheme + "://" + request.META['HTTP_HOST'] + "/reset_password/?token=" + user.reset_password_token)
send_email(settings.WEBSITE_INFO["website_name"],
user.email,
user.username,
settings.WEBSITE_INFO["website_name"] + u" 密码找回邮件",
email_template)
return success_response(u"邮件发送成功")
else:
return serializer_invalid_response(serializer)
def post(self, request):
"""
用户注册json api接口
---
request_serializer: UserRegisterSerializer
"""
serializer = UserRegisterSerializer(data=request.data)
if serializer.is_valid():
data = serializer.data
captcha = Captcha(request)
if not captcha.check(data["captcha"]):
return error_response(u"验证码错误")
try:
User.objects.get(username=data["username"])
return error_response(u"用户名已存在")
except User.DoesNotExist:
pass
try:
User.objects.get(email=data["email"])
return error_response(u"该邮箱已被注册,请换其他邮箱进行注册")
# 兼容部分老数据,有邮箱重复的
except MultipleObjectsReturned:
return error_response(u"该邮箱已被注册,请换其他邮箱进行注册")
except User.DoesNotExist:
user = User.objects.create(username=data["username"],
real_name=data["real_name"],
email=data["email"])
user.set_password(data["password"])
user.save()
UserProfile.objects.create(user=user,
school=data["school"],
student_id=data["student_id"])
return success_response(u"注册成功!")
else:
return serializer_invalid_response(serializer)
def post(self, request):
"""
提交请求重置密码
---
request_serializer: ApplyResetPasswordSerializer
"""
serializer = ApplyResetPasswordSerializer(data=request.data)
if serializer.is_valid():
data = serializer.data
captcha = Captcha(request)
if not captcha.check(data["captcha"]):
return error_response(u"验证码错误")
try:
user = User.objects.get(username=data["username"], email=data["email"])
except User.DoesNotExist:
return error_response(u"用户不存在")
user.reset_password_token = rand_str()
user.save()
email_template = codecs.open(settings.TEMPLATES[0]["DIRS"][0] + "utils/reset_password_email.html", "r", "utf-8").read()
email_template = email_template.replace("{{ username }}", user.username).replace("{{ link }}", request.scheme + "://" + request.META['HTTP_HOST'] + "/reset_password/?token=" + user.reset_password_token)
send_email(user.email, user.username, u"qduoj 密码找回邮件", email_template)
return success_response(u"邮件发生成功")
else:
return serializer_invalid_response(serializer)
def post(self, request):
if request.user.is_authenticated():
return self.error("You have already logged in, are you kidding me? ")
data = request.data
captcha = Captcha(request)
if not captcha.check(data["captcha"]):
return self.error("Invalid captcha")
try:
user = User.objects.get(email__iexact=data["email"])
except User.DoesNotExist:
return self.error("User does not exist")
if user.reset_password_token_expire_time and 0 < int(
(user.reset_password_token_expire_time - now()).total_seconds()) < 20 * 60:
return self.error("You can only reset password once per 20 minutes")
user.reset_password_token = rand_str()
user.reset_password_token_expire_time = now() + timedelta(minutes=20)
user.save()
render_data = {
"username": user.username,
"website_name": SysOptions.website_name,
"link": f"{SysOptions.website_base_url}/reset-password/{user.reset_password_token}"
}
email_html = render_to_string("reset_password_email.html", render_data)
send_email_async.delay(from_name=SysOptions.website_name_shortcut,
to_email=user.email,
to_name=user.username,
subject=f"Reset your password",
content=email_html)
return self.success("Succeeded")
def post(self, request):
"""
用户注册json api接口
---
request_serializer: UserRegisterSerializer
"""
serializer = UserRegisterSerializer(data=request.data)
if serializer.is_valid():
data = serializer.data
captcha = Captcha(request)
if not captcha.check(data["captcha"]):
return error_response(u"验证码错误")
try:
User.objects.get(username=data["username"])
return error_response(u"用户名已存在")
except User.DoesNotExist:
pass
try:
User.objects.get(email=data["email"])
return error_response(u"该邮箱已被注册,请换其他邮箱进行注册")
except User.DoesNotExist:
user = User.objects.create(username=data["username"], real_name=data["real_name"],
email=data["email"])
user.set_password(data["password"])
user.save()
return success_response(u"注册成功!")
else:
return serializer_invalid_response(serializer)
def post(self, request):
serializer = ApplyResetPasswordSerializer(data=request.data)
if serializer.is_valid():
data = serializer.data
captcha = Captcha(request)
if not captcha.check(data["captcha"]):
return error_response(u"验证码错误")
try:
user = User.objects.get(email=data["email"])
except User.DoesNotExist:
return error_response(u"用户不存在")
rand_str_ = rand_str()
user.reset_password_token = rand_str_
user.reset_password_token_create_time = timezone.now()
user.save()
email_template = codecs.open(
settings.TEMPLATES[0]["DIRS"][0] +
"/account/reset_password_email.html", "r", "utf-8").read()
email_template = email_template.replace("{{ username }}", user.username). \
replace("{{ website_name }}", settings.WEBSITE_INFO["website_name"]). \
replace("{{ link }}", settings.WEBSITE_INFO["url"] + "/apply_reset_password/" +
user.reset_password_token)
send_email(settings.WEBSITE_INFO["website_name"], user.email,
user.username,
settings.WEBSITE_INFO["website_name"] + u" 登录信息找回邮件",
email_template)
return success_response(u"邮件发送成功,请前往您的邮箱查收")
else:
return serializer_invalid_response(serializer)
def post(self, request):
"""
用户登录json api接口
---
request_serializer: UserLoginSerializer
"""
serializer = UserLoginSerializer(data=request.data)
if serializer.is_valid():
data = serializer.data
if "captcha" not in data:
return error_response(u"请填写验证码!")
captcha = Captcha(request)
if not captcha.check(data["captcha"]):
return error_response(u"验证码错误")
user = auth.authenticate(username=data["username"], password=data["password"])
# 用户名或密码错误的话 返回None
if user:
auth.login(request, user)
return success_response(u"登录成功")
else:
return error_response(u"用户名或密码错误")
else:
return serializer_invalid_response(serializer)
def create_app():
app = Flask(__name__)
app.config.from_object(config)
app.register_blueprint(cms_bp)
app.register_blueprint(front_bp)
app.register_blueprint(common_bp)
app.register_blueprint(ueditor_bp)
mail.init_app(app)
db.init_app(app)
CSRFProtect(app)
Captcha.gene_graph_captcha()
return app
def post(self, request):
data = request.data
captcha = Captcha(request)
if not captcha.check(data["captcha"]):
return self.error("Invalid captcha")
try:
user = User.objects.get(reset_password_token=data["token"])
except User.DoesNotExist:
return self.error("Token does not exist")
if user.reset_password_token_expire_time < now():
return self.error("Token has expired")
user.reset_password_token = None
user.two_factor_auth = False
user.set_password(data["password"])
user.save()
return self.success("Succeeded")
def post(self, request):
data = request.data
captcha = Captcha(request)
if not captcha.check(data["captcha"]):
return self.error("Invalid captcha")
try:
user = User.objects.get(reset_password_token=data["token"])
except User.DoesNotExist:
return self.error("Token does not exist")
if user.reset_password_token_expire_time < now():
return self.error("Token has expired")
user.reset_password_token = None
user.two_factor_auth = False
user.set_password(data["password"])
user.save()
return self.success("Succeeded")
def sms_captcha():
'''
实现:
1. telephone
2. timestamp
3. md5(ts+telephone+salt)
:return:
'''
# 1. 申明验证表单验证对象
form = SMSCaptchaForm(request.form)
# 2. 通过验证
if form.validate():
# 2.1 拿到手机号
telephone = form.telephone.data
# 2.2 生成验证码
captcha = Captcha.gene_text(number=4)
print('发送的短信验证码是:', captcha)
# 2.3 发送验证码,成功时:
if alidayu.send_sms(telephone, code=captcha):
# ⚠️:这里将验证码保存在缓存服务器中
zlcache.set(telephone, captcha, timeout=60)
return restful.success()
# 发送验证码,失败时:
else:
return restful.params_error()
else:
return restful.params_error(message='参数错误!')
def post(self, request):
data = request.data
captcha = Captcha(request)
if not captcha.check(data["captcha"]):
return self.error("Неверная капча")
try:
user = User.objects.get(reset_password_token=data["token"])
except User.DoesNotExist:
return self.error("Токен не существует")
if user.reset_password_token_expire_time < now():
return self.error("Токен истёк")
user.reset_password_token = None
user.two_factor_auth = False
user.set_password(data["password"])
user.save()
return self.success("Успешно")
def house_invite(request, pk):
house = get_object_or_404(House, pk=pk)
if request.user.id != house.user.id:
raise Http404
captcha = Captcha()
if request.method == 'POST':
if 'email' not in request.POST:
return render(
request, 'houses/house_invite.html', {
'house': house,
'captcha': captcha,
'error': 'Please enter a valid email address'
})
else:
invitation = Invitation()
invitation.house = house
invitation.sender = request.user
invitation.target = request.POST['email']
invitation.save()
send_invite_email(request.POST['email'], invitation)
return redirect('house_detail', pk=pk)
return render(request, 'houses/house_invite.html', {
'house': house,
'captcha': captcha
})
def sms_captcha():
form = SMSCaptchaForm(request.form)
if form.validate():
telephone = form.telephone.data
code = Captcha.gene_text()
cache.set(key=telephone, value=code)
send_sms_captcha(telephone=telephone, message=code)
return restful.success(message='短信发送成功') #Celery 异步发送
def graph_captcha():
text, image = Captcha.gene_graph_captcha()
out = BytesIO()
image.save(out, 'png')
out.seek(0)
resp = make_response(out.read())
resp.content_type = 'image/png'
return resp
def post(self, request):
"""
User register api
"""
if not SysOptions.allow_register:
return self.error("Register function has been disabled by admin")
data = request.data
data["username"] = data["username"].lower()
data["email"] = data["email"].lower()
captcha = Captcha(request)
if not captcha.check(data["captcha"]):
return self.error("Invalid captcha")
if User.objects.filter(username=data["username"]).exists():
return self.error("Username already exists")
if not data["email"].endswith("@shanghaitech.edu.cn"):
return self.error("Email not in shanghaitech")
if User.objects.filter(email=data["email"]).exists():
return self.error("Email already exists")
user = User.objects.create(username=data["username"],
email=data["email"])
data["password"] = rand_str()
user.set_password(data["password"])
user.save()
UserProfile.objects.create(user=user)
user.reset_password_token = rand_str()
user.reset_password_token_expire_time = now() + timedelta(minutes=20)
user.save()
render_data = {
"username":
user.username,
"website_name":
SysOptions.website_name,
"link":
f"{SysOptions.website_base_url}/reset-password/{user.reset_password_token}"
}
email_html = render_to_string("reset_password_email.html", render_data)
send_email_async.send(from_name=SysOptions.website_name_shortcut,
to_email=user.email,
to_name=user.username,
subject=f"Reset your password",
content=email_html)
return self.success("Succeeded, 但是请找回密码:)")
def get_captcha():
text, image = Captcha.gene_graph_captcha()
memcaches.set(text.lower(), text.lower())
out = BytesIO()
image.save(out, 'png')
out.seek(0)
resp = make_response(out.read())
resp.content_type = 'image/png'
return resp
def sms_captcha():
telephone = request.args.get('telephone')
if not telephone:
return restful.parmaserror(message='请传入手机号码!')
captcha = Captcha.gene_text(number=4)
if alidayu.send_sms(telephone, code=captcha):
return restful.success()
else:
return restful.parmaserror(message='短信验证码发送失败!')
def graph_captcha():
text, image = Captcha.gene_graph_captcha()
zlcache.set(text, text)
out = BytesIO()
image.save(out, "png")
out.seek(0)
res = make_response(out.read())
res.content_type = "image/png"
return res
def graph_captcha():
text, image = Captcha.gene_code()
cache.set(key=text.lower(), value=text.lower())
out = BytesIO() #数据保存在内存中
image.save(out, 'png')
out.seek(0) #指针归0
resp = make_response(out.read())
resp.content_type = 'image/png'
return resp
def graph_captcha():
text, image = Captcha.gene_graph_captcha()
out = BytesIO()
image.save(out, 'png')
out.seek(0)
resp = make_response(out.read())
resp.content_type = 'image/png'
xcache.set(text.lower(),text.lower()) #图片验证码这里,不好设置一个唯一的key,索性直接也用验证码的值作为key
return resp
def graph_captcha():
text, image = Captcha.gene_graph_captcha()
mbcache.set(text.lower(), text.lower())
out = BytesIO() # 二进制流对象
image.save(out, 'png') # 保存在out中
out.seek(0) # 文件流的指针放在0位置
resp = make_response(out.read()) # 读出来
resp.content_type = 'image/png' # 指定数据类型
return resp
def graph_captcha():
text,image = Captcha.gene_grap_captcha()
xfcache.set(text.lower(),text.lower())
out = BytesIO()
image.save(out,'png') #指定格式为png
out.seek(0) #把指针指到开始位置
resp = make_response(out.read())
resp.content_type = 'image/png'
return resp
def graph_captcha():
text, image = Captcha.gene_graph_captcha()
mycache.set(text.lower(), text.lower())
out = BytesIO()
image.save(out, 'png')
out.seek(0)
resp = make_response(out.read())
resp.content_type = "image/png"
return resp
def graph_captcha():
text, image = Captcha.gene_graph_captcha()
zlcache.set(text.lower(), text.lower()) # 存储到memcached
out = BytesIO()
image.save(out, 'png')
out.seek(0) # 将文件指针设置为0
resp = make_response(out.read())
resp.content_type = 'image/png'
return resp
def post(self, request):
data = request.data
hide_id = False
if data.get("contest_id"):
try:
contest = Contest.objects.get(id=data["contest_id"],
visible=True)
except Contest.DoesNotExist:
return self.error("Contest doesn't exist.")
if contest.status == ContestStatus.CONTEST_ENDED:
return self.error("The contest have ended")
if not request.user.is_contest_admin(contest):
if contest.status == ContestStatus.CONTEST_NOT_START:
return self.error("Contest have not started")
user_ip = ipaddress.ip_address(request.session.get("ip"))
if contest.allowed_ip_ranges:
if not any(
user_ip in ipaddress.ip_network(cidr, strict=False)
for cidr in contest.allowed_ip_ranges):
return self.error(
"Your IP is not allowed in this contest")
if not contest.problem_details_permission(request.user):
hide_id = True
if data.get("captcha"):
if not Captcha(request).check(data["captcha"]):
return self.error("Invalid captcha")
error = self.throttling(request)
if error:
return self.error(error)
try:
problem = Problem.objects.get(id=data["problem_id"],
contest_id=data.get("contest_id"),
visible=True)
except Problem.DoesNotExist:
return self.error("Problem not exist")
if data["language"] not in problem.languages:
return self.error(
f"{data['language']} is now allowed in the problem")
submission = Submission.objects.create(
user_id=request.user.id,
username=request.user.username,
language=data["language"],
code=data["code"],
problem_id=problem.id,
ip=request.session["ip"],
contest_id=data.get("contest_id"))
# use this for debug
# JudgeDispatcher(submission.id, problem.id).judge()
judge_task.delay(submission.id, problem.id)
if hide_id:
return self.success()
else:
return self.success({"submission_id": submission.id})
def post(self, request):
serializer = ApplyResetPasswordSerializer(data=request.data)
if serializer.is_valid():
data = serializer.data
captcha = Captcha(request)
if not captcha.check(data["captcha"]):
return error_response(u"验证码错误")
try:
user = User.objects.get(username=data["username"], email=data["email"])
except User.DoesNotExist:
return error_response(u"用户不存在")
user.reset_password_token = rand_str()
user.save()
# todo
email_template = open(settings.TEMPLATES[0]["DIRS"][0] + "utils/reset_password_email.html", "r").read()
email_template.replace("{{ username }}", user.username).replace("{{ link }}", "/reset_password/?token=" + user.reset_password_token)
return success_response(u"邮件发生成功")
else:
return serializer_invalid_response(serializer)
def graph_captcha():
from utils import zlcache
text, image = Captcha.gene_graph_captcha()
zlcache.set(text.lower(), text.lower())
out = BytesIO()
image.save(out, 'png')
out.seek(0)
resp = make_response(out.read())
resp.content_type = 'image/png'
return resp
def post(self, request):
serializer = ResetPasswordSerializer(data=request.data)
if serializer.is_valid():
data = serializer.data
captcha = Captcha(request)
if not captcha.check(data["captcha"]):
return error_response(u"验证码错误")
try:
user = User.objects.get(reset_password_token=data["token"])
except User.DoesNotExist:
return error_response(u"token 不存在")
if (now() - user.reset_password_token_create_time).total_seconds() > 30 * 60:
return error_response(u"token 已经过期,请在30分钟内重置密码")
user.reset_password_token = None
user.set_password(data["password"])
user.save()
return success_response(u"密码重置成功")
else:
return serializer_invalid_response(serializer)
def post(self, request):
serializer = ResetPasswordSerializer(data=request.data)
if serializer.is_valid():
data = serializer.data
captcha = Captcha(request)
if not captcha.check(data["captcha"]):
return error_response(u"验证码错误")
try:
user = User.objects.get(reset_password_token=data["token"])
except User.DoesNotExist:
return error_response(u"token 不存在")
if (now() - user.reset_password_token_create_time).total_seconds() > 30 * 60:
return error_response(u"token 已经过期,请在30分钟内重置密码")
user.reset_password_token = None
user.set_password(data["password"])
user.save()
return success_response(u"密码重置成功")
else:
return serializer_invalid_response(serializer)
def post(self, request):
"""
User register api
"""
if not SysOptions.allow_register:
return self.error("Register function has been disabled by admin")
data = request.data
data["username"] = data["username"].lower()
data["email"] = data["email"].lower()
captcha = Captcha(request)
if not captcha.check(data["captcha"]):
return self.error("Invalid captcha")
if User.objects.filter(username=data["username"]).exists():
return self.error("Username already exists")
if User.objects.filter(email=data["email"]).exists():
return self.error("Email already exists")
user = User.objects.create(username=data["username"], email=data["email"])
user.set_password(data["password"])
user.save()
UserProfile.objects.create(user=user)
return self.success("Succeeded")
def post(self, request):
"""
用户修改密码json api接口
---
request_serializer: UserChangePasswordSerializer
"""
serializer = UserChangePasswordSerializer(data=request.data)
if serializer.is_valid():
data = serializer.data
captcha = Captcha(request)
if not captcha.check(data["captcha"]):
return error_response(u"验证码错误")
username = request.user.username
user = auth.authenticate(username=username, password=data["old_password"])
if user:
user.set_password(data["new_password"])
user.save()
return success_response(u"用户密码修改成功!")
else:
return error_response(u"密码不正确,请重新修改!")
else:
return serializer_invalid_response(serializer)
def post(self, request):
form = UserRegisterForm(request.POST)
if form.is_valid():
data = form.cleaned_data
captcha = Captcha(request)
if not captcha.check(data['captcha']):
return info_page(request, '验证码错误')
try:
Customer.objects.get(Username=data['Username'])
return info_page(request, '用户已经存在')
except Customer.DoesNotExist:
pass
try:
Customer.objects.get(Email=data['Email'])
return info_page(request, '该邮件已经注册')
except Customer.DoesNotExist:
pass
user = Customer.objects.create(Username=data['Username'], Email=data['Email'], Balance=0,
Telephone=data['Telephone'], Nickname=data['Nickname'], Password=data['Password'])
request.user = user
request.session['user_id'] = user.id
return info_page(request, "注册成功")
else:
return info_page(request, "数据格式不合法")
