def get(self): """ 获取用户列表 """ keyword = self.get_argument("kw", "") sort = intval(self.get_argument("sort", 0)) query = User.select() if keyword: query = query.where((User.name.contains(keyword)) | (User.mobile == keyword)) if sort == 2: query = query.order_by(User.name.desc()) else: query = query.order_by(User.id.desc()) users = self.paginate_query(query) self.render( "user/list.html", users=users, )
def get_members(self, limit=20, offset=0, role="", state=None): """ 获取俱乐部成员 """ q = User.select( User, TeamMember ).join( TeamMember, on=TeamMember.user ).where( TeamMember.team == self ) if role == "leader": q = q.where(TeamMember.role >= self.TeamRole.leader) elif role == "admin": q = q.where(TeamMember.role >= self.TeamRole.admin) if isinstance(state, int): q = q.where(TeamMember.state >= state) q = q.order_by( TeamMember.role.desc() ).offset(offset).limit(limit) users = [] for user in q: users.append(user) return users
def get(self, user_id): try: user = User.select(User, TeamMember).join( TeamMember, on=(TeamMember.user == User.id).alias("member")).where( TeamMember.team == self.current_team, TeamMember.user == user_id).get() except User.DoesNotExist: raise Http404() self.render("member/detail.html", user=user, groups=self.current_team.groups)
def get(self, order_no): # order = TeamOrder.get_or_404(user=self.current_user, # order_no=order_no) try: order = TeamOrder.select(TeamOrder, Activity)\ .join(Activity, on=(TeamOrder.activity_id == Activity.id) .alias("activity"))\ .where(TeamOrder.user == self.current_user, TeamOrder.order_no == order_no) user = User.select().where(User.id == self.current_user.id) team = Team.select() order_pf = prefetch(order, user, team).get() except TeamOrder.DoesNotExist: raise ApiException(404, "订单不存在") self.write(SecureOrderSerializer(instance=order_pf).data)
def validate_mobile(self, form): mobile = self.get_argument("mobile") verify_code = self.get_argument("verify_code") if not self.verify_mobile(mobile, verify_code): form.verify_code.errors = [ValidationError("验证码不正确")] return False if User.select().where( (User.mobile == mobile ) & (User.id != self.current_user.id) ).exists(): form.mobile.errors = [ValidationError("手机号已存在")] return False return True
def get_members(self, state=None): """ 获取活动成员列表 Args: state: 指定状态 Returns: Query """ q = User.select(User, ActivityMember).join( ActivityMember, on=ActivityMember.user).where(ActivityMember.activity == self) if state is not None: q = q.where(ActivityMember.state == state) q = q.order_by(ActivityMember.nickname.asc(), User.name.asc()) return q
def validate_mobile(self, field): if not is_mobile(field.data): raise ValidationError('手机号码格式不正确') if User.select().where(User.mobile == field.data).exists(): raise ValidationError('手机号码已存在')
def post(self): mobile = self.get_argument("mobile") action = self.get_argument("action") if not is_mobile(mobile): raise ArgumentError(400, "手机号码格式不正确") sent_times_key = "yiyun:mobile:%s:code_sent_times" % mobile if intval(self.redis.get(sent_times_key)) >= 5: raise ArgumentError(400, "你已重发5次,请稍后再试") # 有效期内发送相同的验证码 verify_code = random.randint(1000, 9999) is_registered = User.select().where(User.mobile == mobile).exists() self.logger.debug("send: %s to %s" % (verify_code, mobile)) if action == "register" and is_registered: raise ArgumentError(1020, "手机号码已注册", status_code=400) if action in ('register_or_login', 'register', 'login'): # 保存验证码 self.save_verify_code(mobile, verify_code) # 发短信 tasks.message.send_sms_verifycode(mobile, verify_code) self.write_success(is_registered=is_registered) elif action == "forgot": if not is_registered: raise ArgumentError(400, "手机号码没有注册") # 保存验证码 self.save_verify_code(mobile, verify_code) # 发短信 tasks.message.send_sms_verifycode(mobile, verify_code) self.write_success() elif action == "update_mobile": if not self.current_user: raise ArgumentError(403, "登录后才能修改手机号") if is_registered: raise ArgumentError(403, "该号码已经使用,请更换") # 保存验证码 self.save_verify_code(mobile, verify_code) # 发短信 tasks.message.send_sms_verifycode(mobile, verify_code) # 关联验证码与当前用户 self.redis.set( "ihealth:update_mobile:%s:verify_code:%s" % (mobile, verify_code), self.current_user.id) # 30分钟内有效 self.redis.expire( "ihealth:update_mobile:%s:verify_code:%s" % (mobile, verify_code), 1800) self.write_success() # 30分钟内最多发送5次验证码 sent_times = int(self.redis.incr(sent_times_key)) if sent_times == 1: self.redis.expire(sent_times_key, 1800)
def register_or_login(self, service, openid, access_token, expires_in, nickname, gender, head_url, auth_data): try: user = User.select().join( UserAuthData, on=(UserAuthData.user_id == User.id )).where((UserAuthData.service == service) & (UserAuthData.openid == openid)).get() except User.DoesNotExist: user = None if self.current_user: # 已绑定到其它账号 if user and user.id != self.current_user.id: raise ApiException( 403, "此%s账号已被其他用户使用" % UserAuthData.get_service_name(service)) # 已绑定到自己账号 elif user and user.id == self.current_user.id: UserAuthData.update( access_token=access_token, expires_in=expires_in, userinfo=auth_data).where( (UserAuthData.service == service) & (UserAuthData.user_id == user.id)).execute() # 已绑定其它账号 elif UserAuthData.select().where( (UserAuthData.service == service) & (UserAuthData.user_id == self.current_user.id) & (UserAuthData.openid != openid)).exists(): raise ApiException( 403, "你已绑定其他%s账号" % UserAuthData.get_service_name(service)) # 已登录执行绑定 else: UserAuthData.create(service=service, user_id=self.current_user.id, openid=openid, nickname=nickname, access_token=access_token, expires_in=expires_in, userinfo=auth_data) if self.device_id > 0: User.update(last_device_id=self.device_id).where( User.id == self.current_user.id).execute() self.write(self.create_session(self.current_user)) else: # 已注册用户直接登录 if user: update = {"last_login": datetime.now()} if self.device_id > 0: update["last_device_id"] = self.device_id User.update(**update).where(User.id == user.id).execute() UserAuthData.update( access_token=access_token, expires_in=expires_in, userinfo=auth_data).where( (UserAuthData.service == service) & (UserAuthData.user_id == user.id)).execute() # 未注册用户先注册 else: with self.db.transaction() as txn: if User.select().where(User.name == nickname).exists(): if nickname == "qzuser": name = "%s_%s" % (nickname, random.randint(100000, 999999)) else: name = "%s_%s" % (nickname, random.randint( 100, 999)) else: name = nickname user = User.create( name=name, gender=gender, mobile_verifyed=False, password=None, reg_device_id=self.device_id, last_device_id=self.device_id, last_login=datetime.now(), im_username=create_token(32).lower(), im_password=create_token(16), ) UserAuthData.create(service=service, user_id=user.id, openid=openid, nickname=nickname, access_token=access_token, expires_in=expires_in, userinfo=auth_data) # 将手机好加到 redis, 匹配好友需要 if user.mobile: self.redis.sadd('mobile:registered', user.mobile) # 从第三方下载头像 if head_url: tasks.user.update_avatar_by_url.delay( user.id, head_url) if user and self.device_id: Device.update(owner_id=user.id).where( Device.id == self.device_id).execute() self.write(self.create_session(user))
def post(self): mobile = self.validated_arguments['mobile'] action = self.validated_arguments['action'] sent_times_key = "yiyun:mobile:%s:code_sent_times" % mobile if intval(self.redis.get(sent_times_key)) >= 5: raise ApiException(400, "你已重发5次,请稍后再试") # 有效期内发送相同的验证码 verify_code = random.randint(1000, 9999) logging.debug('verify code for mobile[{0}]: {1}'.format( mobile, verify_code)) is_registered = User.select().where(User.mobile == mobile).exists() if action == "register" and is_registered: raise ApiException(1020, "手机号码已注册", status_code=400) if action in ('register_or_login', 'register', 'login'): # 保存验证码 self.save_verify_code(mobile, verify_code) # 发短信 if not self.settings["debug"]: tasks.message.send_sms_verifycode(mobile, verify_code) self.write_success(is_registered=is_registered) elif action == "forgot": if not is_registered: raise ApiException(400, "手机号码没有注册") # 保存验证码 self.save_verify_code(mobile, verify_code) # 发短信 tasks.message.send_sms_verifycode(mobile, verify_code) self.write_success() elif action == "update_mobile": if not self.current_user: raise ApiException(403, "登录后才能修改手机号") if is_registered: raise ApiException(403, "该号码已经使用,请更换") if self.current_user.password and \ not User.check_password(self.current_user.password, self.validated_arguments["password"]): raise ApiException(403, "密码不正确,不能修改手机号") # 保存验证码 self.save_verify_code(mobile, verify_code) # 发短信 tasks.message.send_sms_verifycode(mobile, verify_code) # 关联验证码与当前用户 self.redis.set( "yiyun:update_mobile:%s:verify_code:%s" % (mobile, verify_code), self.current_user.id) # 30分钟内有效 self.redis.expire( "yiyun:update_mobile:%s:verify_code:%s" % (mobile, verify_code), 1800) self.write_success() # 30分钟内最多发送5次验证码 sent_times = intval(self.redis.incr(sent_times_key)) if sent_times == 1: self.redis.expire(sent_times_key, 1800)