def send_code(): """ 发送验证码 :return: """ data = {} account_type = request.argget.all('account_type', "email").strip() account = request.argget.all('account') exist_account = str_to_num(request.argget.all('exist_account', 0)) code = request.argget.all('code', '').strip() code_url_obj = json_to_pyseq(request.argget.all('code_url_obj', {})) s, r = arg_verify(reqargs=[("account_type", account_type)], only=["email", "mobile_phone"]) if not s: return r if account_type == "email": s, r = arg_verify(reqargs=[(gettext("Email"), account)], required=True) if not s: return r # 邮箱格式验证 r, s = email_format_ver(account) if not r: data = {'msg': s, 'msg_type': "e", "custom_status": 422} return data if exist_account: if not get_one_user(email=account): data = { 'msg': gettext("This account is not registered on this platform"), 'msg_type': "w", "custom_status": 400 } return data r, s = call_verification(code_url_obj, code) if not r: return s data = create_code_send(account=account, account_type=account_type) elif account_type == "mobile_phone": s, r = arg_verify(reqargs=[(gettext("Telephone number"), account)], required=True) if not s: return r # 移动号码格式格式验证 r, s = mobile_phone_format_ver(account) if not r: data = {'msg': s, 'msg_type': "e", "custom_status": 422} return data if exist_account: user_query = {"mphone_num": account} if not get_one_user(mphone_num=account): data = { 'msg': gettext("This account is not registered on this platform"), 'msg_type': "w", "custom_status": 400 } return data r, s = call_verification(code_url_obj, code) if not r: return s data = create_code_send(account=account, account_type=account_type) return data
def p_sign_in(username, password, code_url_obj, code, remember_me, use_jwt_auth=0): ''' 用户登录函数 :param adm: :return: ''' data = {} if current_user.is_authenticated and username in [current_user.username, current_user.email, current_user.mphone_num]: data['msg'] = gettext("Is logged in") data["msg_type"] = "s" data["http_status"] = 201 data['to_url'] = request.argget.all('next') or get_config("login_manager", "LOGIN_IN_TO") return data # name & pass s, r = email_format_ver(username) s2, r2 = mobile_phone_format_ver(username) if s: user = mdb_user.db.user.find_one({"email":username}) elif s2: user = mdb_user.db.user.find_one({"mphone_num": username}) else: user = mdb_user.db.user.find_one({"username":username}) if not user: data = {"msg":gettext("Account or password error"), "msg_type":"e", "http_status":401} return data user = User(user["_id"]) # 判断是否多次密码错误,是就要验证图片验证码 user_p = mdb_user.db.user_login_log.find_one({'user_id':user.str_id}) PW_WRONG_NUM_IMG_CODE = get_config("login_manager", "PW_WRONG_NUM_IMG_CODE") if user_p and 'pass_error' in user_p and user_p['pass_error'] >= PW_WRONG_NUM_IMG_CODE: # 图片验证码验证 r = verify_image_code(code_url_obj, code) if not r: data["open_img_verif_code"] = True data['msg'] = gettext("Verification code error") data["msg_type"] = "e" data["http_status"] = 401 return data # 密码验证 if user and user.verify_password(password) and not user.is_delete: if user.is_active: if use_jwt_auth: # 使用的时jwt验证 # 获取token jwt_auth = JwtAuth() data["auth_token"] = jwt_auth.get_login_token(user) client = "app" else: login_user(user, remember_me) client = "browser" # 记录登录日志 login_log(user, client) data['msg'] = gettext("Sign in success") data["msg_type"] = "s" data["http_status"] = 201 data["to_url"] = request.argget.all('next') or get_config("login_manager", "LOGIN_IN_TO") return data # 未激活 data['msg'] = gettext("Account is inactive or frozen") data["msg_type"] = "w" data["http_status"] = 401 else: # 密码错误 mdb_user.db.user_login_log.update_one({'user_id':user.str_id}, {"$inc":{"pass_error":1}}, upsert=True) # 判断是否多次密码错误 if user_p and 'pass_error' in user_p and user_p['pass_error'] >= PW_WRONG_NUM_IMG_CODE: # 图片验证码验证码 data["open_img_verif_code"] = True data['msg'] = gettext("Account or password error") data["msg_type"] = "e" data["http_status"] = 401 return data
def p_sign_up(username, password, password2, code, email=None, mobile_phone_number=None): ''' 普通用户注册函数 :return: ''' data = {} if current_user.is_authenticated: data['msg'] = gettext("Is logged in") data["msg_type"] = "s" data["http_status"] = 201 data['to_url'] = request.argget.all('next') or get_config("login_manager", "LOGIN_IN_TO") return data # 用户名格式验证 s1, r1 = short_str_verifi(username, project="username") # 密码格式验证 s2, r2 = password_format_ver(password) if not s1: data = {'msg':r1, 'msg_type':"e", "http_status":422} elif mdb_user.db.user.find_one({"username": username}): # 是否存在用户名 data = {'msg': gettext("Name has been used"), 'msg_type': "w", "http_status": 403} elif not s2: data = {'msg': r2, 'msg_type': "e", "http_status": 400} return data elif password2 != password: # 检验两次密码 data = {'msg': gettext("The two passwords don't match"), 'msg_type': "e", "http_status": 400} if data: return data if email: # 邮件注册 # 邮箱格式验证 s, r = email_format_ver(email) if not s: data = {'msg':r, 'msg_type':"e", "http_status":422} elif mdb_user.db.user.find_one({"email": email}): # 邮箱是否注册过 data = {'msg': gettext("This email has been registered in the site oh, please login directly."), 'msg_type': "w", "http_status": 403} if data: return data # 检验验证码 r = verify_code(code=code, email=email) if not r: data = {'msg': gettext("Verification code error"), 'msg_type': "e", "http_status": 401} return data elif mobile_phone_number: # 手机注册 s, r = mobile_phone_format_ver(mobile_phone_number) if not s: data = {'msg': r, 'msg_type': "e", "http_status": 422} elif mdb_user.db.user.find_one({"mphone_num": mobile_phone_number}): # 手机是否注册过 data = {'msg': gettext("This number has been registered in the site oh, please login directly."), 'msg_type': "w", "http_status": 403} if data: return data # 检验验证码 r = verify_code(code=code, tel_number=True) if not r: data = {'msg': gettext("Verification code error"), 'msg_type': "e", "http_status": 401} return data if not data: # 用户基本信息 role_id = mdb_user.db.role.find_one({"default":{"$in":[True, 1]}})["_id"] user = user_model(username=username, email=email, mphone_num = mobile_phone_number, password=password, custom_domain=-1, role_id=str(role_id), active=True) r = mdb_user.db.user.insert_one(user) if r.inserted_id: if email: # 发送邮件 subject = gettext("Registration success notification") body = "Welcome to register <b>{}</b>.<br><a>{}</a> registered the account successfully.".format( get_config("site_config", "APP_NAME"), email ) data = {"title": subject, "body": body, "other_info": gettext("End"), } html = get_email_html(data) send_email(subject=subject, recipients=[email], html_msg=html) elif mobile_phone_number: # 发送短信 content = "[{}] Successful registration account.".format( get_config("site_config", "APP_NAME")) send_mobile_msg(mobile_phone_number, content) data = {'msg':gettext('Registered successfully'), 'to_url':'/sign-in', 'msg_type':'s',"http_status":201} else: data = {'msg': gettext('Data saved incorrectly, please try again'), 'msg_type': 'e', "http_status": 201} return data return data
def add_user(): email = request.argget.all('email') mobile_phone_number = str_to_num( request.argget.all('mobile_phone_number', 0)) username = request.argget.all('username', '').strip() password = request.argget.all('password', '').strip() password2 = request.argget.all('password2', '').strip() data = {} # 用户名格式验证 s1, r1 = short_str_verifi(username, project="username") # 密码格式验证 s2, r2 = password_format_ver(password) if not s1: data = {'msg': r1, 'msg_type': "e", "custom_status": 422} elif mdbs["user"].db.user.find_one({"username": username}): # 是否存在用户名 data = { 'msg': gettext("Name has been used"), 'msg_type': "w", "custom_status": 403 } elif not s2: data = {'msg': r2, 'msg_type': "e", "custom_status": 400} return data elif password2 != password: # 检验两次密码 data = { 'msg': gettext("The two passwords don't match"), 'msg_type': "e", "custom_status": 400 } if data: return data if email: # 邮件注册 # 邮箱格式验证 s, r = email_format_ver(email) if not s: data = {'msg': r, 'msg_type': "e", "custom_status": 422} elif mdbs["user"].db.user.find_one({"email": email}): # 邮箱是否注册过 data = { 'msg': gettext( "This email has been registered in the site oh, please login directly." ), 'msg_type': "w", "custom_status": 403 } if data: return data elif mobile_phone_number: # 手机注册 s, r = mobile_phone_format_ver(mobile_phone_number) if not s: data = {'msg': r, 'msg_type': "e", "custom_status": 422} elif mdbs["user"].db.user.find_one({"mphone_num": mobile_phone_number}): # 手机是否注册过 data = { 'msg': gettext( "This number has been registered in the site oh, please login directly." ), 'msg_type': "w", "custom_status": 403 } if data: return data if not data: # 用户基本信息 role_id = mdbs["user"].db.role.find_one( {"default": { "$in": [True, 1] }})["_id"] if not email: email = None if not mobile_phone_number: mobile_phone_number = None user = user_model(username=username, email=email, mphone_num=mobile_phone_number, password=password, custom_domain=-1, role_id=str(role_id), active=True, is_adm_add_user=True) r = insert_one_user(updata=user) if r.inserted_id: if email: # 发送邮件 subject = gettext("Registration success notification") body = [ gettext("Welcome to register {}.").format( get_config("site_config", "APP_NAME")), gettext("{} registered the account successfully.").format( email) ] data = { "title": subject, "body": body, "username": username, "site_url": get_config("site_config", "SITE_URL") } html = get_email_html(data) msg = { "subject": subject, "recipients": [email], "html_msg": html } send_email(msg=msg, ctype="nt") elif mobile_phone_number: # 发送短信 content = gettext( "[{}] Successful registration account.").format( get_config("site_config", "APP_NAME")) send_mobile_msg(mobile_phone_number, content) data = { 'msg': gettext('Added successfully'), 'msg_type': 's', "custom_status": 201 } return data