def login():
if request.method == 'GET':
if g.current_user:
return redirect(UrlManager.buildUrl("/"))
return ops_render("user/login.html")
# POST请求
resp = {'code': 200, 'msg': '登录成功', 'data': {}}
req = request.values
login_name = req['login_name'] if 'login_name' in req else ''
login_pwd = req['login_pwd'] if 'login_pwd' in req else ''
if login_name is None or len(login_name) < 1:
resp['code'] = -1
resp['msg'] = "请输入正确的用户名"
return jsonify(resp)
if login_pwd is None or len(login_pwd) < 1:
resp['code'] = -1
resp['msg'] = "请输入正确的密码"
return jsonify(resp)
# 从数据库中取出user
user_info = User.query.filter_by(login_name=login_name).first()
if not user_info:
resp['code'] = -1
resp['msg'] = "用户不存在"
return jsonify(resp)
# 判断密码
if user_info.login_pwd != UserService.generatePwd(login_pwd,
user_info.login_salt):
resp['code'] = -1
resp['msg'] = "密码输入错误"
return jsonify(resp)
# 判断用户状态
if user_info.status != 1:
resp['code'] = -1
resp['msg'] = "用户已经被禁用,请联系管理员处理"
return jsonify(resp)
response = make_response(json.dumps({'code': 200, 'msg': '登录成功~~~'}))
# Cookie中存入的信息是user_info.uid,user_info
response.set_cookie(
app.config['AUTH_COOKIE_NAME'],
"%s@%s" % (UserService.generateAuthCode(user_info), user_info.uid),
60 * 60 * 24 * 15)
return response
def login():
if request.method == 'GET':
if g.current_user:
return redirect(U)
return ops_render('user/login.html')
resp = {
'code':200,
'msg':'登录成功!',
'data':{}
}
req = request.values
login_name = req['login_name']
login_pwd = req['login_pwd']
# 后端校检 不为空 长度不小于1
if login_name is None or len(login_name) < 1:
resp['code'] = -1
resp['msg'] = '请输入正确的用户名!'
return jsonify(resp)
if login_pwd is None or len(login_pwd) < 1:
resp['code'] = -1
resp['msg'] = '请输入正确的密码'
return jsonify(resp)
user_info = User.query.filter_by(login_name=login_name).first()
print(user_info)
if not user_info:
resp['code'] = -1
resp['msg'] = '用户名不存在'
return jsonify(resp)
if user_info.status != 1:
resp['code'] = -1
resp['msg'] = '账户已被禁用'
return jsonify(resp)
if user_info.login_pwd != UserService.generatePwd(login_pwd,user_info.login_salt):
resp['code'] = -1
resp['msg'] = '密码错误'
return jsonify(resp)
# 将用户信息存入到浏览器的cookie中
# json.dumps() 只能处理dict list类型,经过处理可以直接在浏览器使用
response = make_response(json.dumps({'code':200,'msg':'登录成功!'}))
# name value 过期时间
# value包括login_name login_pwd login_salt uid
response.set_cookie(app.config["AUTH_COOKIE_NAME"],'%s@%s'%(UserService.generateAuthCode(user_info),user_info.uid),60*60*24*5)
return response
def resetPwd():
if request.method == 'GET':
return ops_render("user/reset_pwd.html")
# POST请求
resp = {
'code':200,
'msg':'修改密码成功!',
'data':{}
}
req = request.values
old_password = req['old_password'] if 'old_password' in req else ''
new_password = req['new_password'] if 'new_password' in req else ''
if old_password is None or len(old_password) < 6:
resp['code'] = -1
resp['msg'] = '请输入不小于六位的旧密码'
return jsonify(resp)
if new_password is None or len(new_password) < 6:
resp['code'] = -1
resp['msg'] = '请输入不小于六位的新密码'
return jsonify(resp)
if old_password == new_password:
resp['code'] = -1
resp['msg'] = '新密码不能与旧密码一致'
return jsonify(resp)
user_info = g.current_user
# 演示账号的保护
# if user_info.uid == 1:
# pass
user_info.login_pwd = UserService.generatePwd(new_password,user_info.login_salt)
db.session.add(user_info)
db.session.commit()
# 修改cookie中的旧用户信息
response = make_response(json.dumps(resp))
response.set_cookie(app.config['AUTH_COOKIE_NAME'],'%s@%s' % (UserService.generateAuthCode(user_info),user_info.uid),60*60*24*2)
return response
def resetPwd():
if request.method == 'GET':
return ops_render('/user/reset_pwd.html')
#post
resp = {'code': 200, 'msg': '重置密码成功', 'data': {}}
#缓存
req = request.values
old_password = req['old_password'] if 'old_password' in req else ''
new_password = req['new_password'] if 'new_password' in req else ''
#校检
if old_password is None or len(old_password) < 6:
resp['code'] = -1
resp['msg'] = '请输入符合规范的原密码'
return jsonify(resp)
if new_password is None or len(new_password) < 6:
resp['code'] = -1
resp['msg'] = '请输入符合规范的新密码'
return jsonify(resp)
if new_password == old_password:
resp['code'] = -1
resp['msg'] = '原密码与新密码不能相同'
return jsonify(resp)
#获取用户信息,修改密码生成新的加密后的密码
user_info = g.current_user
user_info.login_pwd = UserService.generatePwd(new_password,
user_info.login_salt)
db.session.add(user_info)
db.session.commit()
#更新cookie中的旧密码
response = make_response(json.dumps(resp))
response.set_cookie(
app.config['AUTH_COOKIE_NAME'],
'%s@%s' % (UserService.generateAuthCode(user_info), user_info.uid),
60 * 60 * 24 * 5)
return response
def login():
if request.method == 'GET':
return render_template("user/login.html")
resp = {'code': 200, 'msg': '登录成功', 'data': {}}
req = request.values
login_name = req['login_name'] if 'login_name' in req else ''
login_pwd = req['login_pwd'] if 'login_pwd' in req else ''
if login_name is None or len(login_name) < 1:
resp['code'] = -1
resp['msg'] = "请输入正确的用户名"
return jsonify(resp)
if login_pwd is None or len(login_pwd) < 1:
resp['code'] = -1
resp['msg'] = "请输入正确的密码"
return jsonify(resp)
# 从数据库中取出user
user_info = User.query.filter_by(login_name=login_name).first()
if not user_info:
resp['code'] = -1
resp['msg'] = "用户不存在"
return jsonify(resp)
# 判断密码
if user_info.login_pwd != UserService.generatePwd(login_pwd,
user_info.login_salt):
resp['code'] = -1
resp['msg'] = "密码输入错误"
return jsonify(resp)
# 判断用户状态
if user_info.status != 1:
resp['code'] = -1
resp['msg'] = "用户已经被禁用,请联系管理员处理"
return jsonify(resp)
response = make_response(json.dumps({'code': 200, 'msg': '登录成功~~~'}))
# Cookie中存入的信息是user_info.uid,user_info
response.set_cookie(
"hmsc_1901C",
"%s@%s" % (UserService.genearteAuthCode(user_info), user_info.uid),
60 * 60 * 24 * 15)
return response
def resetPwd():
if request.method == "GET":
return ops_render("user/reset_pwd.html")
# POST请求
resp = {'code': 200, 'msg': '重置密码成功', 'data': {}}
req = request.values
old_password = req['old_password'] if 'old_password' in req else ''
new_password = req['new_password'] if 'new_password' in req else ''
if old_password is None or len(old_password) < 6:
resp['code'] = -1
resp['msg'] = "请输入符合规范的原密码"
return jsonify(resp)
if new_password is None or len(new_password) < 6:
resp['code'] = -1
resp['msg'] = "请输入符合规范的新密码"
return jsonify(resp)
if old_password == new_password:
resp['code'] = -1
resp['msg'] = "新密码和旧密码不能相同"
return jsonify(resp)
user_info = g.current_user
#演示账号的保护
# if user_info.uid == 1:
# pass
user_info.login_pwd = UserService.generatePwd(new_password,
user_info.login_salt)
db.session.add(user_info)
db.session.commit()
# 修改cookie中的旧用户信息
response = make_response(json.dumps(resp))
# Cookie中存入的信息是user_info.uid,user_info
response.set_cookie(
app.config['AUTH_COOKIE_NAME'],
"%s@%s" % (UserService.generateAuthCode(user_info), user_info.uid),
60 * 60 * 24 * 15)
return response
def resetPwd():
if request.method == "GET":
return ops_render("/user/reset_pwd.html")
# POST
resp = {"code": 200, "msg": "重置密码成功", "data": {}}
req = request.values
old_password = req['old_password'] if "old_password" in req else ''
new_password = req['new_password'] if "new_password" in req else ''
# 校检
if old_password is None or len(old_password) < 6:
resp['code'] = -1
resp['msg'] = "请输入符合规范的原密码"
return jsonify(resp)
if new_password is None or len(new_password) < 6:
resp['code'] = -1
resp['msg'] = "请输入符合规范的新密码"
return jsonify(resp)
if new_password == old_password:
resp['code'] = -1
resp['msg'] = "请输入与原密码不相同的新密码"
return jsonify(resp)
# 获取用户信息,修改密码为新密码生成的加密密码
user_info = g.current_user
user_info.login_pwd = UserService.generatePwd(new_password,
user_info.login_salt)
db.session.add(user_info)
db.session.commit()
# 更新cookie中的旧密码
response = make_response(json.dumps(resp))
response.set_cookie(
app.config['AUTH_COOKIE_NAME'],
"%s@%s" % (UserService.generateAuthCode(user_info), user_info.uid),
60 * 60 * 24 * 5)
return response
def set():
if request.method == "GET":
resp_data = {}
req = request.args
uid = int(req.get("id",0))
info = None
if uid:
info = User.query.filter_by(uid=uid).first()
resp_data['info'] = info
return ops_render("/account/set.html",resp_data)
# POST
resp = {
'code':200,
'msg':"操作成功",
'datat':{}
}
# 获取前端ajax传递的data
req = request.values
id = req['id'] if 'id' in req else 0
nickname = req['nickname'] if 'id' in req else ''
mobile = req['mobile'] if 'id' in req else ''
email = req['email'] if 'id' in req else ''
login_name = req['login_name'] if 'id' in req else ''
login_pwd = req['login_pwd'] if 'id' in req else ''
# 校检
if nickname is None or len(nickname) < 1:
resp['code'] = -1
resp['msg'] = "请输入规范的昵称"
return jsonify(resp)
if mobile is None or len(mobile) < 1:
resp['code'] = -1
resp['msg'] = "请输入规范的手机"
return jsonify(resp)
if email is None or len(email) < 1:
resp['code'] = -1
resp['msg'] = "请输入规范的邮箱"
return jsonify(resp)
if login_name is None or len(login_name) < 1:
resp['code'] = -1
resp['msg'] = "请输入规范的登录名"
return jsonify(resp)
if login_pwd is None or len(login_pwd) < 6:
resp['code'] = -1
resp['msg'] = "请输入规范的登录密码"
return jsonify(resp)
# 筛选
is_exits = User.query.filter(User.login_name == login_name,User.uid != id).first()
if is_exits:
resp['code'] = -1
resp['msg'] = "该登录名已经存在,请更换"
return jsonify(resp)
user_info = User.query.filter_by(uid=id).first()
if user_info:
model_user = user_info
else:
model_user = User()
# 插入格式化的时间
model_user.created_time = getCurrentDate()
# 生成16位的加密字符串
model_user.login_salt = UserService.generateSalt()
model_user.nickname = nickname
model_user.mobile = mobile
model_user.email = email
model_user.login_name = login_name
if user_info and user_info.uid == 1:
resp['code'] = -1
resp['msg'] = "该用户为Bruce"
return jsonify(resp)
model_user.login_pwd = UserService.generatePwd(login_pwd,model_user.login_salt)
# 插入格式化的时间
model_user.updated_time = getCurrentDate()
db.session.add(model_user)
db.session.commit()
return jsonify(resp)
def set():
if request.method == "GET":
resp_data = {}
req = request.args
uid = int(req.get("id", 0))
info = None
if uid:
info = User.query.filter_by(uid=uid).first()
resp_data['info'] = info
return ops_render('account/set.html', resp_data)
# POST 更新数据库
resp = {'code': 200, 'msg': "操作成功", 'data': {}}
# ajax 发送的数据
req = request.values
id = req['id'] if 'id' in req else 0
nickname = req['nickname'] if 'nickname' in req else ''
mobile = req['mobile'] if 'mobile' in req else ''
email = req['email'] if 'email' in req else ''
login_name = req['login_name'] if 'login_name' in req else ''
login_pwd = req['login_pwd'] if 'login_pwd' in req else ''
if nickname is None or len(nickname) < 1:
resp['code'] = -1
resp['msg'] = "请输入符合规范的昵称"
return jsonify(resp)
if mobile is None or len(mobile) < 1:
resp['code'] = -1
resp['msg'] = "请输入符合规范的手机号"
return jsonify(resp)
if email is None or len(email) < 1:
resp['code'] = -1
resp['msg'] = "请输入符合规范的邮箱"
return jsonify(resp)
if login_name is None or len(login_name) < 1:
resp['code'] = -1
resp['msg'] = "请输入符合规范的登录用户名"
return jsonify(resp)
if login_pwd is None or len(login_pwd) < 6:
resp['code'] = -1
resp['msg'] = "请输入符合规范的密码"
return jsonify(resp)
is_exsits = User.query.filter(User.login_name == login_name,
User.uid != id).first()
if is_exsits:
resp['code'] = -1
resp['msg'] = "该登录名已经存在,请更换"
return jsonify(resp)
user_info = User.query.filter_by(uid=id).first()
if user_info:
model_user = user_info
else:
model_user = User()
model_user.created_time = getCurrentDate()
model_user.login_salt = UserService.generateSalt()
model_user.nickname = nickname
model_user.mobile = mobile
model_user.email = email
model_user.uid = 4
model_user.avatar = 1
model_user.login_name = login_name
if user_info and user_info.uid == 1:
resp['code'] = -1
resp['msg'] = "该用户为Dws,不允许修改"
return jsonify(resp)
model_user.login_pwd = UserService.generatePwd(login_pwd,
model_user.login_salt)
model_user.updated_time = getCurrentDate()
db.session.add(model_user)
db.session.commit()
return jsonify(resp)
def set():
if request.method == "GET":
resp_data = {}
uid = int(request.args.get("id", 0))
info = None
if uid:
info = User.query.filter_by(uid=uid).first()
resp_data['info'] = info
return render_template("/account/set.html", **resp_data)
# POST
resp = {'code': 200, 'msg': '操作成功', 'data': {}}
req = request.values
id = req['id'] if 'id' in req else 0
nickname = req['nickname'] if 'nickname' in req else ""
mobile = req['mobile'] if 'mobile' in req else ""
email = req['email'] if 'email' in req else ""
login_name = req['login_name'] if 'login_name' in req else ""
login_pwd = req['login_pwd'] if 'login_pwd' in req else ""
# 校检
if nickname is None or len(nickname) < 1:
resp['code'] = -1
resp['msg'] = '请输入规范的昵称'
return jsonify(resp)
if mobile is None or len(mobile) < 1:
resp['code'] = -1
resp['msg'] = '请输入规范的手机号'
return jsonify(resp)
if email is None or len(email) < 1:
resp['code'] = -1
resp['msg'] = '请输入规范的邮箱'
return jsonify(resp)
if login_name is None or len(login_name) < 1:
resp['code'] = -1
resp['msg'] = '请输入规范的登录名'
return jsonify(resp)
if login_pwd is None or len(login_pwd) < 1:
resp['code'] = -1
resp['msg'] = '请输入规范的登陆密码'
return jsonify(resp)
# 筛选
is_exits = User.query.filter(User.login_name == login_name,
User.uid != id).first()
if is_exits:
resp['code'] = -1
resp['msg'] = '该用户名已存在,请重新输入'
return jsonify(resp)
# 根据前端a标签的id判断是修改还是创建
user_info = User.query.filter_by(uid=id).first()
if user_info:
model_user = user_info
else:
model_user = User()
# 插入格式化的时间
model_user.created_time = getCurrentDate()
# 生成16位的加密字符串
model_user.login_salt = UserService.generateSalt()
model_user.nickname = nickname
model_user.mobile = mobile
model_user.email = email
model_user.login_name = login_name
if user_info and user_info.uid == 1:
resp['code'] = -1
resp['msg'] = '该用户为Bruce'
return jsonify(resp)
model_user.login_pwd = UserService.generatePwd(login_pwd,
model_user.login_salt)
# 插入格式化时间
model_user.updated_time = getCurrentDate()
db.session.add(model_user)
db.session.commit()
return jsonify(resp)