def forget_password(request): if request.method == "POST": username = request.POST.get("username", "") try: User.objects.get(username=username) except: return TemplateResponse(request, "message.html", {"message": "noexistusername"}) else: user = User.objects.get(username=username) # 判断发送方式 if user.userprofile.phone: sending_type = "sms" elif user.userprofile.email: sending_type = "email" else: return TemplateResponse(request, "message.html", {"message": "nobinding"}) temp_password = generate_phone_code() temp_pwd_data, created = AccountTempPassword.objects.get_or_create( user=user, defaults={"temp_password": temp_password, "sending_type": sending_type} ) if not created: temp_pwd_data.sending_type = sending_type temp_pwd_data.save() if sending_type == "sms": return TemplateResponse(request, "message.html", {"message": "sendtophone"}) if sending_type == "email": return TemplateResponse(request, "message.html", {"message": "sendtoemail"}) return TemplateResponse(request, "accounts/forget_password.html")
def apply_phone_unbingding_ajax(request): # 申请手机解绑定 # 是否延时1min exist = UserBindingTemp.objects.filter(user=request.user, binding_type="phone").count() > 0 if exist: userbindingtemp = UserBindingTemp.objects.filter(user=request.user, binding_type="phone").order_by("-id")[0] create_time = userbindingtemp.created_time now = datetime.datetime.now() dt = datetime.timedelta(minutes=1) if (create_time + dt) > now: time = (now - create_time).total_seconds() time = 60 - int(time) return HttpResponse("time:" + str(time)) profile = request.user.get_profile() cphone = request.POST.get("phone", "") phone = profile.phone bindstatus = profile.phone_binding_status if cphone == phone and bindstatus == "bind": userkey = generate_phone_code() userbindingtemp, create = UserBindingTemp.objects.get_or_create( user=request.user, binding_address=phone, binding_type="phone", defaults={"key": userkey} ) if not create: userbindingtemp.key = userkey userbindingtemp.save() response = HttpResponse("success") else: response = HttpResponse("flush") return response
def apply_phone_bingding_ajax(request): # 申请手机绑定 # 1.收到手机号码(发送间歇1min) # 2.产生验证码 # 3.保存到UserBindingTemp phone = request.POST.get("phone", "") phone_re = re.compile(r"1\d{10}") match = phone_re.search(phone) if (not match.group()) or (len(phone) != 11): return HttpResponse("invalidate") # 是否有用户已经绑定,该手机号码 exist = UserProfile.objects.filter(phone=phone, phone_binding_status="bind").count() > 0 if exist: return HttpResponse("used") # 是否延时1min user_binding_temp = UserBindingTemp.objects.filter(user=request.user, binding_type="phone").order_by("-id") if user_binding_temp: userbindingtemp = user_binding_temp[0] create_time = userbindingtemp.created_time now = datetime.datetime.now() dt = datetime.timedelta(minutes=1) if (create_time + dt) > now: time = (now - create_time).total_seconds() time = 60 - int(time) return HttpResponse("time:" + str(time)) userkey = generate_phone_code() userbindingtemp, created = UserBindingTemp.objects.get_or_create( user=request.user, binding_type="phone", defaults={"binding_address": phone, "key": userkey} ) if not created: userbindingtemp.binding_address = phone userbindingtemp.key = userkey userbindingtemp.save() profile = request.user.get_profile() profile.phone = userbindingtemp.binding_address profile.phone_binding_status = "waitingbind" profile.save() response = HttpResponse("success") return response
def unbindContact(request, type): if request.method == "POST": value = request.POST["value"] uid = request.POST["uid"] try: user = User.objects.get(pk=uid) except Exception: raise myException(ERROR_BINDING_NO_USER) if type == "email": userkey = hashlib.md5(value).hexdigest() else: userkey = generate_phone_code() data = { "latest_status": { "email": user.userprofile.email, "email_binding_status": user.userprofile.email_binding_status, "phone": user.userprofile.phone, "phone_binding_status": user.userprofile.phone_binding_status, } } # 确定当前用户状态是已绑定 if (type == "email" and user.userprofile.email_binding_status != "bind") or ( type == "phone" and user.userprofile.phone_binding_status != "bind" ): raise myException(ERROR_UNBINDING, status=ERROR_STATUS_DIFFERENT_UNBINDED, data=data) # 确定app端的绑定信息是用户最新的绑定信息 if (type == "email" and user.userprofile.email != value) or ( type == "phone" and user.userprofile.phone != value ): raise myException(ERROR_UNBINDING, status=ERROR_STATUS_DIFFERENT_UNBINDED, data=data) # 发送验证码 binding_temp, created = UserBindingTemp.objects.get_or_create( user=user, binding_type=type, defaults={"binding_address": value, "key": userkey} ) if not created: binding_temp.binding_addres = value binding_temp.key = userkey binding_temp.save() data = { "latest_status": { "email": user.userprofile.email, "email_binding_status": user.userprofile.email_binding_status, "phone": user.userprofile.phone, "phone_binding_status": user.userprofile.phone_binding_status, } } return data
def forgetPassword(request): if request.method == "POST" and "value" in request.POST: value = request.POST["value"] if re_email.match(value): try: user = User.objects.get(userprofile__email=value, userprofile__email_binding_status="bind") except Exception: raise myException(ERROR_FORGETPASSWORD_NO_USER_BY_EMAIL) sending_type = "email" elif re_username.match(value): try: user = User.objects.get(username=value) except Exception: raise myException(ERROR_FORGETPASSWORD_NO_USER_BY_USERNAME) if user.userprofile.phone and user.userprofile.phone_binding_status == "bind": sending_type = "sms" value = user.userprofile.phone elif user.userprofile.email and user.userprofile.email_binding_status == "bind": sending_type = "email" value = user.userprofile.email else: raise myException(ERROR_FORGETPASSWORD_NO_USER_BY_USERNAME_NO_BINDING) elif re_phone.match(regPhoneNum(value)): try: user = User.objects.get(userprofile__phone=regPhoneNum(value), userprofile__phone_binding_status="bind") except Exception: raise myException(ERROR_FORGETPASSWORD_NO_USER_BY_SMS) sending_type = "sms" else: raise myException(ERROR_FORGETPASSWORD_NO_USER_BY_USERNAME) temp_password = generate_phone_code() temp_pwd_data, created = AccountTempPassword.objects.get_or_create( user=user, defaults={"temp_password": temp_password, "sending_type": sending_type} ) if not created: temp_pwd_data.sending_type = sending_type temp_pwd_data.save()
def bindContact(request, type): if request.method == "POST": value = request.POST["value"] uid = request.POST["uid"] try: user = User.objects.get(pk=uid) except Exception: raise myException(ERROR_BINDING_NO_USER) if type == "email": userkey = hashlib.md5("%s:%s" % (uid, value)).hexdigest() else: userkey = generate_phone_code() data = { "latest_status": { "email": user.userprofile.email, "email_binding_status": user.userprofile.email_binding_status, "phone": user.userprofile.phone, "phone_binding_status": user.userprofile.phone_binding_status, } } # 数据有效性验证 if type == "email" and not re_email.match(value): raise myException(ERROR_BINDING_INVAILID_EMAIL_FORMMAT) if type == "phone" and not re_phone.match(regPhoneNum(value)): raise myException(ERROR_BINDING_INVAILID_PHONE_FORMMAT) # 用户已经绑定了 if type == "email" and user.userprofile.email_binding_status == "bind": if user.userprofile.email == value: raise myException("", status=ERROR_STATUS_HAS_BINDED, data=data) else: raise myException( ERROR_BINDING_BY_EMAIL_DIFFERENT_BINDED, status=ERROR_STATUS_DIFFERENT_BINDED, data=data ) elif type == "phone" and user.userprofile.phone_binding_status == "bind": if user.userprofile.email == value: raise myException("", status=ERROR_STATUS_HAS_BINDED, data=data) else: raise myException( ERROR_BINDING_BY_PHONE_DIFFERENT_BINDED, status=ERROR_STATUS_DIFFERENT_BINDED, data=data ) # 被别人绑定 if ( type == "email" and UserProfile.objects.filter(email=value, email_binding_status="bind").exclude(user=user).count() != 0 ): raise myException( ERROR_BINDING_BY_EMAIL_HAS_BINDED_BY_OTHER, status=ERROR_STATUS_HAS_BINDED_BY_OTHER, data=data ) elif ( type == "phone" and UserProfile.objects.filter(phone=value, phone_binding_status="bind").exclude(user=user).count() != 0 ): raise myException( ERROR_BINDING_BY_PHONE_HAS_BINDED_BY_OTHER, status=ERROR_STATUS_HAS_BINDED_BY_OTHER, data=data ) if type == "phone": value = regPhoneNum(value) with transaction.commit_on_success(): profile = user.userprofile if type == "phone": profile.phone = value profile.phone_binding_status = "waitingbind" else: profile.email = value profile.email_binding_status = "waitingbind" profile.save() with transaction.commit_on_success(): binding_temp, created = UserBindingTemp.objects.get_or_create( user=user, binding_type=type, defaults={"binding_address": value, "key": userkey} ) if not created: binding_temp.binding_address = value binding_temp.key = userkey binding_temp.save() data = { "latest_status": { "email": user.userprofile.email, "email_binding_status": user.userprofile.email_binding_status, "phone": user.userprofile.phone, "phone_binding_status": user.userprofile.phone_binding_status, } } return data