def out_chat(chat): """ 用户退出聊天界面,删除用户的sid :return: """ if not chat: return print('-----------------用户退出聊天页面----------------') print(chat) print(session.get('nickname')) print('-----------------end-------------------') user_id = session.get('id') # 获取聊天类型,若为1,则为单聊,组合聊天对象,设置用户聊天ID chat_sid_usertouserid_userid chat_obj_id = chat['chat_obj_id'] chat_type = chat.get('type') if chat_type not in [1, 2]: return if chat_type == 1: user_to_user = '******'.join(sorted([str(user_id), str(chat_obj_id)])) chat_key = 'chat_sid_%s_%s' % (user_to_user, user_id) # 否则聊天类型为群组,设置为群组加用户ID chat_sid_groupid_userid else: chat_key = 'chat_sid_%s_%s' % (chat_obj_id, user_id) redis_store.delete(chat_key)
def get_image_code(): """提供图片验证码 1.接受请求,获取uuid 2.生成图片验证码 3.使用UUID存储图片验证码内容到redis 4.返回图片验证码 """ # 1.接收请求,获取前端的uuid uuid = request.args.get('uuid') last_uuid = request.args.get('last_uuid') if not uuid: abort(403) # 2.生成验证码 name, text, image = captcha.generate_captcha() # 3. 使用UUID存储图片验证码内容到redis try: if last_uuid: # 上次的uuid若还存在,删除上次的uuid对应的记录 redis_store.delete('ImageCode:' + last_uuid) # 保存本次需要记录的验证码数据 redis_store.set('ImageCode:' + uuid, text, constants.IMAGE_CODE_REDIS_EXPIRES) except Exception as e: logging.error(e) return jsonify(errno=RET.DBERR, errmsg=u'保存验证码失败') # 4.返回图片验证码 response = make_response(image) response.headers['Content-Type'] = 'image/jpg' return response
def captcha_image(): """ 获取图片验证码 :return: """ # 获取参数 cur_id = request.args.get("cur_id") pre_id = request.args.get("pre_id") # 调用generate_captcha获取图片验证码编号,验证码值,图片(二进制) name, text, image_data = captcha.generate_captcha() # 3.将图片保存至redis try: # 参数1: key, 参数2: value, 参数3: 有效期 redis_store.set("image_code:%s" % cur_id, text.lower(), constants.IMAGE_CODE_REDIS_EXPIRES) # 4.判断是否有上一次的图片验证码 if pre_id: redis_store.delete("image_code:%s" % pre_id) except Exception as e: current_app.logger.error(e) return "图片验证码操作失败" # 5返回图片 response = make_response(image_data) response.headers["Content-Type"] = "image/png" return response
def put(self, id, d=None): """ :return """ if d: data = d else: data = request.get_json()['data'] #print(data) current_identity = import_user() try: # c = Instance.query.filter_by(name=name).first() # USE FOR QUERY BY NAME c = Instance.query.filter_by(id=id).first() lxdserver = Server.query.filter_by(name=c.location).first() if c and (c.id in current_identity.instances or current_identity.admin): app.logger.info('User: %s updating container %s state to %s', current_identity.username, c.name, data['action']) res = lgw.lxd_api_put(lxdserver, 'instances/' + c.name + '/state', data) # Delete redis cache redis_store.delete('server:' + lxdserver.name + ':instance:' + c.name + ':info') redis_store.delete('server:' + lxdserver.name + ':instance:' + c.name + ':state') #print(res.json()) return {'data': res.json()} else: api.abort(code=403, message='Unauthorized access') except: api.abort(code=404, message='Instance doesn\'t exists')
def register(): """ 1. 获取参数 2. 判断是否为空 3. 获取redis保存的短信验证码 4. 验证对比,并删除验证码 5. 将用户数据保存到数据库,并缓存到Session 6. 返回用户信息 :return: """ # 1.获取参数 手机号 密码 短信验证码 dict_json = request.get_json() if not dict_json: return jsonify(errno=RET.PARAMERR, errmsg='参数不完整') mobile = dict_json['mobile'] sms_code = dict_json['phonecode'] password = dict_json['password'] # 2. 判断是否参数为空 if not all([mobile, sms_code, password]): return jsonify(errno=RET.PARAMERR, errmsg='参数不完整') # 3.获取redis中保存的短信验证码 try: real_sms_code = redis_store.get('SMSCode_' + mobile) except Exception as e: logging.error(e) return jsonify(errno=RET.DBERR, errmsg='短信验证码读取异常') if not real_sms_code: return jsonify(errno=RET.DATAERR, errmsg='短信验证码已过期') # 4. 验证对比,并删除验证码 if real_sms_code != str(sms_code): return jsonify(errno=RET.DATAERR, errmsg='短信验证码无效') # 删除短信验证码 try: redis_store.delete('SMSCode_' + mobile) except Exception as e: logging.error(e) # 5. 将用户数据保存到数据库 new_user = User(mobile=mobile, name=mobile) new_user.password = password try: db.session.add(new_user) db.session.commit() except Exception as e: logging.error(e) db.session.rollback() return jsonify(errno=RET.DATAEXIST, errmsg='手机号已存在') # 缓存到session session['user_id'] = new_user.id session['mobile'] = mobile session['name'] = mobile # 返回用户信息 return jsonify(errno=RET.OK, errmsg='OK')
def guard(self): """check all links in the given url""" settings = get_project_settings() settings.setmodule(custom_settings) process = CrawlerProcess(settings) kwargs = { 'start_domain': self.real_domain, 'start_urls': [self.base_url], 'allow_domains': [], 'rules': ( Rule(LxmlLinkExtractor(allow=(), allow_domains=[self.real_domain]), callback='parse_obj', follow=True), Rule(LxmlLinkExtractor(allow=()), callback='parse_obj', follow=False), ) } # clear old record redis_store.delete('broken_links_%s' % (self.real_domain)) spider = Crawler(LinkSpider, settings) process.crawl(spider, **kwargs) process.start() res = spider.stats.get_stats() self.dump_links2db(res) return res
def delete(self, access_token): """DELETE /token/xxx :return: """ if not redis_store.exists(access_token): return {'message': 'access_token does not exist.'} redis_store.delete(access_token) return {'message': access_token + ' is deleted'}
def upload_house_pic(house_id): """ 上传房源图片 :param house_id: 房源id :return: """ # 1. 获取图片文件 image_file = request.files.get('house_image') if not image_file: return jsonify(errno=RET.PARAMERR, errmsg="未选择图片") # 2. 尝试查询房屋数据 try: house = House.query.filter_by(id=house_id).first() except Exception as e: logging.error(e) return jsonify(errno=RET.DBERR, errmsg='查询房屋数据失败') if not house: return jsonify(errno=RET.NODATA, errmsg='未查询到对应房屋') # 3. 使用七牛上传图片 image_data = image_file.read() try: image_name = storage(image_data) except Exception as e: logging.error(e) return jsonify(errno=RET.THIRDERR, errmsg="上传图片失败") # 4. 判断房屋是否有主图片,如果没有,则设置 if not house.index_image_url: house.index_image_url = image_name db.session.add(house) # 5. 生成房屋图片模型并保存至数据数据库 house_image = HouseImage() house_image.house_id = house_id house_image.url = image_name try: db.session.add(house_image) db.session.commit() except Exception as e: logging.error(e) db.session.rollback() return jsonify(errno=RET.DBERR, errmsg="保存房屋图片失败") # 删除缓存的前五房屋信息 try: redis_store.delete("home_page_house_info") except Exception as e: logging.error(e) db.session.rollback(e) return jsonify(errno=RET.DBERR, errmsg="删除首页房屋缓存失败") # 返回数据 image_url = constants.QINIU_DOMIN_PREFIX + image_name return jsonify(errno=RET.OK, errmsg='OK', data={'url': image_url})
def out_chat_list(): """ 退出聊天列表,清除用户sid :return: """ print('---------------用户退出聊天列表-----------------') print(session.get('nickname')) print('---------------end-----------------') user_id = session.get('id') chat_key = 'chat_list_sid_%s' % user_id redis_store.delete(chat_key)
def register_api(): '''用户注册''' # 接收 {"mobile": mobile,"password": passwd,"sms_code": phoneCode} data = json.loads(request.get_data()) # 字典类型 if data == None: return jsonify({"errcode": RET.DATAERR, "errmsg": "数据获取失败"}) mobile = data.get('mobile') password = data.get('password') sms_code = data.get('sms_code') if not all([mobile, password, sms_code]): return jsonify({"errcode": RET.DATAERR, "errmsg": "参数错误"}) # 检验 短信验证码 try: redis_sms_code = redis_store.get('SMSCode_' + mobile) except Exception as e: logging.error(e) return jsonify(errno=RET.DBERR, errmsg="查询数据异常") # 验证码过期 if redis_sms_code == '': return jsonify(errno=RET.DBERR, errmsg="短信验证码已经失效") # 在redis删除短信验证码 try: redis_store.delete('SMSCode_' + mobile) except Exception as e: logging.error(e) if redis_sms_code != sms_code: return jsonify(errno=RET.DBERR, errmsg="短信验证码输入不正确") #手机号和密码存入数据库 try: user = UserInfo(user_name=mobile, user_mobile=mobile, password=password) db.session.add(user) db.session.commit() except Exception as e: logging.error(e) db.session.rollback() return jsonify(errno=RET.DATAERR, errmsg="手机号已存在") # 保存登陆信息 # print(user.id) session['user_id'] = user.id session['name'] = mobile session['mobile'] = mobile return jsonify(errno=RET.OK, errmsg="保存成功")
def patch(self, id, d=None): """ Change instance name and config # use patch instead of put to set only selected config :param id: :param d: :return: instance data """ if d: data = d else: data = request.get_json()['data'] #print(data) current_identity = import_user() try: c = Instance.query.get(id) lxdserver = Server.query.filter_by(name=c.location).first() if c.name and (id in current_identity.instances or current_identity.admin): app.logger.info('User: %s updating container %s', current_identity.username, c.name) config = data['instance'] try: res = lgw.lxd_api_patch(lxdserver, 'instances/' + c.name, data=config) #print(res.text) #print(res.status_code) if res.status_code == 500: api.abort(code=500, message='Can\'t create instance') except Exception as e: api.abort(code=500, message='Can\'t create instance') # Delete redis cache redis_store.delete('server:' + lxdserver.name + ':instance:' + c.name + ':info') redis_store.delete('server:' + lxdserver.name + ':instance:' + c.name + ':state') else: api.abort(code=404, message='Instance doesn\'t exists') except: api.abort(code=404, message='Instance doesn\'t exists') return {'data': data}
def test_article_filter(): try: res = request.get_json() article_id = res.get('article_id') article_images = res.get('article_images') Logging.logger.info('request_args:{0}'.format(res)) if not article_id: return jsonify(errno=-1, errmsg='参数错误,请传入要查询的文章的article_id') article = Article.query.get(article_id) if not article: return jsonify(errno=-1, errmsg='参数错误,该文章不存在') docs = mongo_store.articles.find({'title': article.title}) doc = docs[0] article_dict = dict() content = doc.get('content') title = article.title.encode("utf-8") article_dict['title'] = title article_dict['content'] = content obj = SensitiveFilter() str11 = ''.join( [item.get('text') for item in content if item.get('text')]) text = {'content': str11} txt_data = obj.content_check(text) if txt_data.get('errcode') == 40001: redis_store.delete('access_token') txt_data = obj.content_check(text) Logging.logger.info('res_data:{0}'.format(txt_data)) APP_ID = '15791531' API_KEY = 'kajyVlP73XtSGBgoXDIHH5Za' SECRET_KEY = 'u2TClEW6LaHIIpRNdFcL2HIexcgG1ovC' client = AipImageCensor(APP_ID, API_KEY, SECRET_KEY) txt_resp = client.antiSpam(str11) Logging.logger.info('txt_resp:{0}'.format(txt_resp)) for img in article_images: img_resp = client.imageCensorUserDefined(img) print(img_resp) Logging.logger.info('img_resp:{0}'.format(img_resp)) # img_data = obj.img_check(img) # print img_data return jsonify(errno=0, errmsg="OK", data=txt_data) except Exception as e: Logging.logger.error('errmsg:{0}'.format(e)) return jsonify(errno=-1, errmsg='文章详情查询失败')
def test_valid_outbound_message(self): account, headers = self.get_headers() phone_number = PhoneNumber.query.filter(PhoneNumber.account_id == account.id).first() to_number = "1234567890" from_number = phone_number.number # remove key from redis redis_key = views.get_redis_key("STOP", from_number, to_number) redis_store.delete(redis_key) res = self.app.post(self.API_URL, headers=headers, data=json.dumps( {"from": from_number, "to": phone_number.number, "text": "DUMMY"} )) self.verify_valid_response(res)
def login(): try: ip_addr = request.headers['X-real-ip'] except: ip_addr = request.remote_addr form = LoginForm() if form.validate_on_submit(): form_data = form.data user = form.get_user() if user is None: flash('用户不存在') return redirect(url_for('auth.login')) if user.status == 0: flash('该账户已经被限制登录') return redirect(url_for('auth.login')) if not user.check_password(form_data['password']): flash('密码错误,请重试!') redis_store.incr('{}'.format(ip_addr), 1) redis_store.expire('{}'.format(ip_addr), 3600) return redirect(url_for('auth.login')) if 'code_text' in session and form_data['validate'].lower( ) != session['code_text'].lower(): flash(u'验证码错误!') return redirect(url_for('auth.login')) login_user(user, remember=form.remember_me.data) user.last_login = datetime.datetime.now() redis_store.delete('{}'.format(ip_addr)) url = requests.get('http://ip.taobao.com/service/getIpInfo.php?ip=%s' % ip_addr) data = url.json() user.ip_addr = ip_addr user.country = data['data']['country'] user.area = data['data']['area'] user.region = data['data']['region'] user.city = data['data']['city'] user.county = data['data']['county'] flash('欢迎回来,%s' % user.username) next_url = request.args.get('next') return redirect(next_url or url_for('public.index')) n_ip = redis_store.get('{}'.format(ip_addr)) pass_error_count = int(n_ip) if n_ip else None if not pass_error_count: try: session.pop('code_text') except: pass return render_template('auth/login.html', title='用户登录', form=form, pass_error_count=pass_error_count)
def test_invalid_from_message(self): account, headers = self.get_headers() phone_number = PhoneNumber.query.filter(PhoneNumber.account_id != account.id).first() to_number = "1234567890" from_number = phone_number.number # remove key from redis redis_key = views.get_redis_key("STOP", from_number, to_number) redis_store.delete(redis_key) res = self.app.post(self.API_URL, headers=headers, data=json.dumps( {"from": from_number, "to": phone_number.number, "text": "DUMMY"} )) assert res.status_code == 400 data = json.loads(res.data.decode()) assert data.get("error") == "from parameter not found"
def get_qr_func(page, scene): try: obj = Token() access_token = obj.get_access_token() url = "https://api.weixin.qq.com/wxa/getwxacodeunlimit?access_token=%s" % access_token page = parse.unquote(page) data = { "scene": scene, "page": page, "width": 430, "auto_color": False, "line_color": { "r": 0, "g": 0, "b": 0 }, "is_hyaline": True # Ture,透明色, Flase,显示底色 } r = requests.post(url, data=json.dumps(data)) if not r.content: return False else: try: json.loads(r.content) redis_store.delete('access_token') except Exception as e: doc = base64.b64encode(r.content) kw = {'imgdata': doc, 'filepath': 'gander_goose/dev/test2'} try: result = requests.post( url='http://api.max-digital.cn/Api/oss/baseUpload', data=kw) result = result.json() oss_url = result.get('oss_file_url') new_oss_url = oss_url.replace( 'maxpr.oss-cn-shanghai.aliyuncs.com', 'cdn.max-digital.cn') new_oss_url = new_oss_url.replace('http', 'https') Logging.logger.info('oss_url:{0}'.format(new_oss_url)) return new_oss_url except Exception as e: Logging.logger.error('errmsg:可能是max-api挂了,{0}'.format(e)) return False except Exception as e: Logging.logger.error('errmsg:{0}'.format(e)) return False
def logout(cls, token='', fb_id=''): """ """ if not all([token, fb_id]): raise custome_status.InvalidRequest( details='Bad request: Missing token or fb_id' ) # Invalidate the user token. stored_fb_id = redis_store.get(token) if not stored_fb_id or fb_id != stored_fb_id: raise custome_status.InvalidRequest( details='Bad request: Invalidate token' ) redis_store.delete(token) return {}
def sms_code(): """ 获取手机验证码 :return: """ try: dist_data = request.json if dist_data is None: return jsonify(status=RET.REQERR, errmsg="非法请求或请求次数受限") mobile = dist_data.get("mobile") image_code = dist_data.get("image_code") image_code_id = dist_data.get("image_code_id") if not mobile: return jsonify(status=RET.PARAMERR, errmsg="手机号为空") if not image_code: return jsonify(status=RET.PARAMERR, errmsg="图片验证码为空") if not image_code_id: return jsonify(status=RET.PARAMERR, errmsg="图片ID为空") if not common.check_mobile(mobile): return jsonify(status=RET.DATAERR, errmsg="手机号的格式错误") redis_img_code = redis_store.get("image_code:%s" % image_code_id) if redis_img_code is None: return jsonify(status=RET.DBERR, errmsg="数据错误,请联系管理员") if image_code.lower() != redis_img_code.lower().decode(): return jsonify(status=RET.DATAERR, errmsg="图片验证码填写错误") flag = redis_store.delete("image_code:%s" % image_code_id) if not flag: return jsonify(status=RET.DBERR, errmsg="操作数据库失败") # 生成一个随机短信验证码,判断验证码是否发送成功 verity_code = "%06d" % random.randint(0, 999999) if verity_code: redis_flag = redis_store.set("sms_code:%s" % mobile, verity_code, constants.SMS_CODE_REDIS_EXPIRES) print(verity_code) if redis_flag is False: return jsonify(status=RET.DBERR, errmsg="图片验证码保存到redis失败") # 10. 返回响应 return jsonify(status=RET.OK, errmsg="短信发送成功") except Exception as e: current_app.logger.error(e) return jsonify(status=RET.DBERR, errmsg="删除redis图片验证码失败")
def test_outbound_throttle(self): account, headers = self.get_headers() phone_number = PhoneNumber.query.filter(PhoneNumber.account_id == account.id).first() to_number = "1234567890" from_number = phone_number.number # remove key from redis redis_store.delete( views.get_redis_key("STOP", from_number, to_number), views.get_redis_key("FROM_THROTTLE", from_number) ) throttle = 5 # set throttle rate to 5 per 10 seconds throttle_time = 10 # set custom throttle rate app.config['SMS_THROTTLE_SECONDS'] = throttle_time app.config['SMS_THROTTLE_MAX_COUNT'] = throttle for i in range(throttle): # exhaust number of valid attempts res = self.app.post(self.API_URL, headers=headers, data=json.dumps( {"from": from_number, "to": phone_number.number, "text": "DUMMY"} )) self.verify_valid_response(res) # verify that request is being throttled res = self.app.post(self.API_URL, headers=headers, data=json.dumps( {"from": from_number, "to": phone_number.number, "text": "DUMMY"} )) assert res.status_code == 400 data = json.loads(res.data.decode()) assert data.get("error") == "limit reached for from {0}".format(from_number) # wait for throttle key to timeout time.sleep(throttle_time) # try again, should succeed res = self.app.post(self.API_URL, headers=headers, data=json.dumps( {"from": from_number, "to": phone_number.number, "text": "DUMMY"} )) self.verify_valid_response(res)
def set_order_comment(order_id): """ 评论订单 :param order_id: :return: """ # 获取参数&判断参数 params = request.get_json() comment = params.get('comment') if not comment: return jsonify(errno=RET.PARAMERR, errmsg='请输入评论内容') # 通过订单id查询出订单模型 try: wait_comment_order = Order.query.filter(Order.id == order_id, Order.status == "WAIT_COMMENT").first() wait_comment_house = wait_comment_order.house except Exception as e: logging.error(e) return jsonify(errno=RET.DBERR, errmsg='查询数据错误') # 更新数据 wait_comment_house.order_count += 1 wait_comment_order.status = "COMPLETE" wait_comment_order.comment = comment # 更新数据库 try: db.session.commit() except Exception as e: logging.error(e) db.session.rollback() return jsonify(errno=RET.DBERR, errmsg='更新数据库失败') # 删除redis中缓存的房屋详情信息,因为房屋详情信息已经更新 try: redis_store.delete('house_info_' + wait_comment_house.id) except Exception as e: logging.error(e) return jsonify(errno=RET.OK, errmsg='OK')
def delete(self, id): """ Delete instance :param id: :return status code """ populate_instances_table() current_identity = import_user() try: c = Instance.query.get(id) lxdserver = Server.query.filter_by(name=c.location).first() # print(c) except: api.abort(code=404, message='Instance doesn\'t exists') if id in current_identity.instances or current_identity.admin: app.logger.info('User: %s deleting container %s', current_identity.username, c.name) res = lgw.lxd_api_delete(lxdserver, 'instances/' + c.name) # print(res.status_code) if res.status_code == 400: api.abort(code=404, message='Instance is running') if res.status_code == 404: api.abort(code=404, message='Instance not found') if res.status_code == 202: db.session.delete(c) db.session.commit() return {}, 204 # Delete redis cache redis_store.delete('server:' + lxdserver.name + ':instance:' + c.name + ':info') redis_store.delete('server:' + lxdserver.name + ':instance:' + c.name + ':state') else: api.abort(code=404, message='Instance not found')
def clean_cache(data): for key in redis_store.hkeys('users'): if key[-8:] == data['BASE']: redis_store.hdel('users', key) # удаляет данные из таблицы users redis_store.delete( key ) # удаляет подробную информацию о настройках пользователе в базе 1С redis_store.hmset( data['BASE'], { 'period': '', 'PO': '', 'check_time': '', 'PNN': '', 'status': '0', 'cache': '' }) emit('server_response', { 'info': 'cache', 'data': data['BASE'] }, broadcast=True)
def check_msg_pwd(): try: sms_code_pwd = request.form.get("sms_code") register_mobile = request.form.get("register_mobile") if not sms_code_pwd: return jsonify(status=RET.PARAMERR, errmsg="手机验证码为空") if not register_mobile: return jsonify(status=RET.PARAMERR, errmsg="手机号为空") redis_flag = redis_store.get("sms_code:%s" % register_mobile).decode() if redis_flag != sms_code_pwd: return jsonify(status=RET.DBERR, errmsg="手机验证码错误,请重新输入") redis_store.delete("sms_code:%s" % register_mobile) return jsonify(status=RET.OK, errmsg="验证码验证成功") except Exception as e: current_app.logger.error(e) return jsonify(status=RET.DBERR, errmsg="数据错误,请联系管理员")
def test_valid_data(self): account, headers = self.get_headers() phone_number = PhoneNumber.query.first() from_number = "1234567890" to_number = phone_number.number # clear from redis redis_key = views.get_redis_key("STOP", from_number, to_number) redis_store.delete(redis_key) # test with dummy data res = self.app.post(self.API_URL, headers=headers, data=json.dumps( {"from": from_number, "to": phone_number.number, "text": "DUMMY"} )) self.verify_valid_response(res) assert redis_store.get(redis_key) is None # test with actual STOP data res = self.app.post(self.API_URL, headers=headers, data=json.dumps( {"from": from_number, "to": phone_number.number, "text": "STOP"} )) self.verify_valid_response(res) assert redis_store.get(redis_key)
def delete(self, name): """ Delete lxd server by name :return: data """ server = Server.query.filter_by(name=name).first() # delete server from redis DB app.logger.info('User: %s deleting server on %s', import_user().username, name) current_identity = import_user() if current_identity.admin: redis_store.delete('servers:' + server.name) database_instances_list = Instance.query.filter_by( location=server.name) for inst in database_instances_list: db.session.delete(inst) db.session.commit() db.session.delete(server) db.session.commit() return {}, 204 return {}, 500
def img_code(): """图片验证码""" # 前一次的img_code_id pre_code_id = request.args.get('pre') # 当前的img_code_id current_code_id = request.args.get('cur') # 生成图片验证码 # name-图片验证码的名字, text-图片验证码的文本, image-图片的二进制数据 name, txt, img = captcha.generate_captcha() try: # 把 txt 存入redis 把上一次存入的该用户 验证码删除 redis_store.delete("ImageCode_"+pre_code_id) redis_store.setex(name="ImageCode_"+current_code_id,time=constants.ImgCodeTime,value=txt) except Exception as e: logging.error(e) return jsonify(errno=RET.DBERR, errmsg="保存图片验证码失败") else: # 给前端返回img #print(img) response = make_response(img) # 设置传回给前端的内容数据是图片格式 response.headers["Content-Type"] = "image/jpg" return response
def login(): if current_user.is_active: return redirect(url_for("web.login+login_success")) form = LoginForm() if form.validate_on_submit(): csrf_token = session.get("csrf_token") server_code = redis_store.get(csrf_token) if server_code is None: flash("验证码失效,请从新登录") return redirect(url_for("web.login+login")) if server_code != form.verification.data.lower(): flash("验证码错误") return redirect(url_for("web.login+login")) user = User.query.filter_by(username=form.username.data).first() if user: redis_store.delete(csrf_token) if user.check_password(form.password.data): login_user(user) next = request.args.get("next") if next and next.startswith("/"): return redirect(next) return redirect(url_for("web.login+login_success")) else: flash("密码错误") return redirect(url_for("web.login+login")) else: flash("账号不存在") return redirect(url_for("web.login+login")) code = randon_code() redis_store.set(session.get("csrf_token"), code.lower(), ex=current_app.config.get("VERIFICATION_TIMEOUT", 300)) return render_template("login/login.html", form=form, code=code)
def register(): try: user_nick_name = request.json.get('user_nick_name') mobile = request.json.get('mobile') iphone_code = request.json.get('phonecode') password = request.json.get('password') password2 = request.json.get('password2') if not all([mobile, iphone_code, password, user_nick_name]): return jsonify(status=RET.PARAMERR, errmsg="参数不合法") if password != password2: return jsonify(status=RET.DATAERR, errmsg = "两次输入密码不正确") redis_sms_code = redis_store.get("sms_code:%s" % mobile).decode() if not redis_sms_code: return jsonify(status=RET.PARAMERR, errmsg="短信验证码已经过期") if iphone_code != redis_sms_code: return jsonify(status=RET.DATAERR, errmsg="短信验证码填写错误") flag_delete = redis_store.delete("sms_code:%s" % mobile) if not flag_delete: return jsonify(status=RET.DBERR, errmsg="短信验证码删除失败") user = User(name=user_nick_name, mobile=mobile, password= password, confirmed=True ) db.session.add(user) db.session.commit() login_flag = fork_login(mobile, password) if login_flag: return jsonify(status=RET.OK, errmsg="注册成功") else: return jsonify(status=RET.DBERR, errmsg="程序异常,请联系管理员") except Exception as e: current_app.logger.error(e) return jsonify(status=RET.DBERR, errmsg="程序异常,请联系管理员")
def update_service(service_id): req_json = request.get_json() fetched_service = dao_fetch_service_by_id(service_id) # Capture the status change here as Marshmallow changes this later service_going_live = fetched_service.restricted and not req_json.get( "restricted", True) message_limit_changed = fetched_service.message_limit != req_json.get( "message_limit", fetched_service.message_limit) current_data = dict(service_schema.dump(fetched_service).data.items()) current_data.update(request.get_json()) service = service_schema.load(current_data).data if "email_branding" in req_json: email_branding_id = req_json["email_branding"] service.email_branding = None if not email_branding_id else EmailBranding.query.get( email_branding_id) if "letter_branding" in req_json: letter_branding_id = req_json["letter_branding"] service.letter_branding = None if not letter_branding_id else LetterBranding.query.get( letter_branding_id) dao_update_service(service) if message_limit_changed: redis_store.delete(daily_limit_cache_key(service_id)) redis_store.delete(near_daily_limit_cache_key(service_id)) redis_store.delete(over_daily_limit_cache_key(service_id)) if not fetched_service.restricted: _warn_service_users_about_message_limit_changed( service_id, current_data) if service_going_live: _warn_services_users_about_going_live(service_id, current_data) try: # Two scenarios, if there is a user that has requested to go live, we will use that user # to create a user-service/contact-deal pair between notify and zendesk sell # If by any chance there is no tracked request to a user, notify will try to identify the user # that created the service and then create a user-service/contact-deal relationship if service.go_live_user_id: user = get_user_by_id(service.go_live_user_id) else: user = dao_fetch_service_creator(service.id) ZenDeskSell().send_go_live_service(service, user) except Exception as e: current_app.logger.exception(e) return jsonify(data=service_schema.dump(fetched_service).data), 200
def logout(): if 'loginusername' in session: redis_store.delete('loginusername:'******'loginusername']) session.pop('loginusername') return redirect(url_for('index'))
def SmsCode(): """短信验证码""" # 接收的数据格式 /api/v1.0/sms_code/ #data = json.loads(request.form.to_dict().keys()[0]) data = json.loads(request.get_data()) mobile = data.get("mobile") img_code_id = data.get('id') img_code_text = data.get('text') if not all([mobile, img_code_id, img_code_text]): return jsonify({"errcode": RET.DATAERR, "errmsg": "参数错误"}) # 检查数据正确性 if not all([mobile,img_code_id,img_code_text]): # 返回json格式 return jsonify({"errcode":RET.DATAERR,"errmsg":"数据错误"}) # 手机号格式校验 if not re.match(r"^1[34578]\d{9}$", mobile): return jsonify(errno=RET.PARAMERR, errmsg="手机号格式错误") # 检验图片验证码正确性 获取数据可能失败 try: redis_img_code = redis_store.get('ImageCode_'+img_code_id) except Exception as e: logging.error(e) return jsonify(errno=RET.DBERR, errmsg="查询数据异常") # 如果验证码已经过期 if redis_img_code == '': return jsonify(errno=RET.DBERR, errmsg="验证码已经失效") # 删除redis中的验证码 try: redis_store.delete("ImageCode_"+img_code_id) except Exception as e: logging.error(e) # 转大写 if img_code_text.upper() != redis_img_code: return jsonify(errno=RET.DATAERR,errmsg="图片验证码错误") # 检查该手机号是否已经注册 try: user = UserInfo.query.filter_by(user_mobile=mobile).first() except Exception as e: logging.error(e) return jsonify(errno=RET.DATAERR,errmsg='查询数据异常') if user: return jsonify(errno=RET.DATAEXIST,errmsg='该手机好已注册') # 0,1000000 的随机数 如果没有 6位 就在前面用 0 代替 sms_code = "%06d"%random.randint(0,1000000) # 存入redis try: redis_store.setex('SMSCode_'+mobile, constants.SMSCodeTime, sms_code) except Exception as e: logging.error(e) return jsonify(errno=RET.DATAERR,errmsg="保存短信验证码失败") # 发送短信验证码至手机 使用celery # mobile, [sms_code, constants.SMSCodeTime / 60], 1 把参数传给 delay() send_sms.delay(mobile, [sms_code, constants.SMSCodeTime / 60], 1) return jsonify(errno=RET.OK,errmsg="验证码发送成功")