def syncadinfo(self, tv, check=True):
if check:
url_suc = False
_server_localpath = self.server_localpath if tv.type == 0 else os.path.join(
HTDOCDIR, 'gif')
if tv.url:
ext = os.path.splitext(tv['url'])[1]
localpath = os.path.join(self._localsavepath,
md5(tv['url']) + str(ext))
logger.debug("download url:%s to file %s" %
(tv['url'], localpath))
#同步并下载文件
if self.fu.downfile(tv['url'], localpath, None, None):
pass
else:
#没有下载成功时的操作
logger.error("Failed to download url:%s to file %s" %
(tv.url, localpath))
if tv.url2:
ext = os.path.splitext(tv['url2'])[1]
localpath = os.path.join(self._localsavepath,
md5(tv['url2']) + str(ext))
logger.debug("download url2:%s to file %s" %
(tv['url2'], localpath))
#同步并下载文件
if self.fu.downfile(tv['url2'], localpath, None, None):
pass
else:
#没有下载成功时的操作
logger.error("Failed to download url2:%s to file %s" %
(tv['url2'], localpath))
pass
return True
def add_user(username, password):
admin_user = AdminUser(
username=username,
password=md5(password),
)
admin_user.save()
def add_user(username,
password,
age,
sex,
department,
position,
mobile,
emergency_contact,
email,
perm=None):
if perm in [auth_enums.ACADEMY, auth_enums.BUSINESS, auth_enums.CLUSTER]:
status = auth_enums.USER_STATUS_NORMAL
else:
status = auth_enums.USER_STATUS_CHECK
user = User(card_id=str(make_card_id()),
username=username,
password=md5(password),
age=age,
sex=sex,
department=department,
position=position,
mobile=mobile,
emergency_contact=emergency_contact,
email=email,
perm=perm,
status=status)
user.save()
def post(self, request, *args, **kwargs):
data = request.data
username = data.get('username')
if User.objects.filter(username=username).exists():
return Response({'code': 40002, 'detail': _(u'用户名已存在')})
email = data.get('email')
if User.objects.filter(email=email).exists():
return Response({'code': 40002, 'detail': _(u'邮箱已存在')})
password = data.get('password')
ecode = data.get('ecode')
ec = EmailEcode.objects.filter(email=email).first()
origin_ecode = ec.ecode if ec else ''
if ecode != origin_ecode:
return Response({'code': 40002, 'detail': _(u'邮箱验证码错误')})
user = User.objects.create_user(username, email, password)
user.token = md5('{0}{1}{2}'.format(username, random_number(6),
settings.SECRET_KEY))
user.save()
# 注册邀请记录
icode = data.get('icode')
if icode:
try:
uc = UserCode.objects.get(code=icode)
UserInvitationRecord.objects.create(user=user, inviter=uc.user)
except UserCode.DoesNotExist:
return Response({'code': 40002, 'detail': _(u'邀请码不存在')})
else:
UserInvitationRecord.objects.create(user=user)
user = authenticate(username=username, password=password)
login(request, user)
return Response(UserSerializer(user).data)
def send_messages(self, phones, messages):
if not isinstance(phones,
list) or len(phones) == 0 or len(phones) > 200:
return False, "phone list length invalid"
if len(messages) == 0 or len(messages) > 1000:
return False, "message length length invalid"
phones = [str(phone) for phone in phones]
data = {
"id": baiwu["client_id"],
"MD5_td_code": utils.md5(baiwu["password"] + baiwu["code"]),
"mobile": ",".join(phones),
"msg_content": messages,
"msg_id": "",
"ext": ""
}
headers = {
'content-type': 'application/x-www-form-urlencoded;charset=utf-8'
}
try:
rps = requests.post(baiwu["uri"], data=data, headers=headers)
error_code, msg = rps.status_code, str(rps.text)
if error_code == 200 and msg[:1] == "0":
return True, "success request:%s" % rps.text
return False, "fail request:%s" % rps.text
except:
return False, "fail request: connect failed"
def post(self, request, *args, **kwargs):
data = request.data
username = data.get('username')
password = data.get('password')
vcode = upper(data.get('vcode', ''))
device = app_device(request)
if not device:
device = username
dv = DeivceVcode.objects.filter(device=device).first()
origin_vcode = dv.vcode if dv else ''
if vcode == origin_vcode:
try:
user = User.objects.get(
Q(username=username) | Q(email=username))
user = authenticate(username=user.username, password=password)
if user:
user.token = md5('{0}{1}{2}'.format(
username, random_number(6), settings.SECRET_KEY))
user.save()
login(request, user)
return Response(UserSerializer(user).data)
else:
return Response({'code': 40001, 'detail': _(u'密码错误')})
except User.DoesNotExist:
return Response({'code': 40001, 'detail': _(u'用户名不存在')})
return Response({'code': 40001, 'detail': _(u'验证码错误')})
def send_messages(self, phones, messages):
if not isinstance(phones, list) or len(phones) == 0 or len(phones) > 200:
return False, "phone list length invalid"
if len(messages) == 0 or len(messages) > 1000:
return False, "message length length invalid"
phones = [str(phone) for phone in phones]
data = {
"id": baiwu["client_id"],
"MD5_td_code": utils.md5(baiwu["password"] + baiwu["code"]),
"mobile": ",".join(phones),
"msg_content": messages,
"msg_id": "",
"ext": ""
}
headers = {'content-type': 'application/x-www-form-urlencoded;charset=utf-8'}
try:
rps = requests.post(baiwu["uri"], data=data, headers=headers)
error_code, msg = rps.status_code, str(rps.text)
if error_code == 200 and msg[:1] == "0":
return True, "success request:%s" % rps.text
return False, "fail request:%s" % rps.text
except:
return False, "fail request: connect failed"
def make_code():
key = md5(str(random_number(8)))
code = upper(key[:4])
link_code = base64.b64encode(key)[:8]
if UserCode.objects.filter(code=code).exists() or UserCode.objects.filter(link_code=link_code).exists():
make_code()
return code, link_code
def decrypt(self):
if "sign" not in self.params or "stamp" not in self.params:
return {"error_code":80005, "msg":"parameter not enough"}
sign = self.params.pop("sign")
keys = sorted(self.params)
sign_str = "".join(["%s=%s" % (k,self.params[k]) for k in keys])
if md5(sign_str + "cloudwork") != sign:
return {"error_code":80006, "msg":"sign error"}
def login(request):
# 未登录用户执行以下登录操作
if request.method == 'POST':
result = {}
username = request.POST.get("username")
password = md5(request.POST.get("password"))
user_collection = db.user
user = user_collection.find_one({
'username': username,
'password': password
})
if user:
if user['role'] == '普通用户':
result = StatusCode.ACCESSERROR()
response = JsonResponse(result,
json_dumps_params={
'default': json_util.default,
'ensure_ascii': False
})
return response
token = md5(username + str(time.time()))
user['token'] = token
user_collection.update({
'username': username,
'password': password
}, user)
result = StatusCode.OK()
response = JsonResponse(result,
json_dumps_params={
'default': json_util.default,
'ensure_ascii': False
})
response.set_cookie("username", username, expires=60 * 60 * 2)
response.set_cookie("token", token, expires=60 * 60 * 2)
return response
else:
result = StatusCode.LOGINERROR()
response = JsonResponse(result,
json_dumps_params={
'default': json_util.default,
'ensure_ascii': False
})
return response
return render(request, 'login.html') # 跳转到登录页面
def post(self):
username = self.get_argument("username", "")
password = self.get_argument("password", "")
user = dao.get_user(username)
if not user or user.password != md5(password):
self.write(json.dumps({"status": "fail"}))
return
self.set_secure_cookie("user", "888")
self.write(json.dumps({"status": "ok"}))
def post(self):
log.debug('Login post')
username = self.get_argument('username')
password = self.get_argument('password')
user = dao.get_user_by_username(username)
if user and user.password == md5(password):
self.set_cookie('username', username)
self.write(json.dumps({'status': 'success'}))
else:
self.write(json.dumps({'status': 'fail', 'err_msg': u'用户名和密码不匹配'}))
def post(self):
username = self.get_argument("username", "")
password = self.get_argument("password", "")
user = dao.get_user(username)
if not user or user.password != md5(password):
self.write(json.dumps({"status": "fail"}))
return
self.set_secure_cookie("user", "888")
self.write(json.dumps({"status": "ok"}))
def syncadinfo(self, tv, check=True):
if check:
url_suc = False
_server_localpath = self.server_localpath if tv.type == 0 else os.path.join(
AppSet().ApachPath, 'gif')
if tv.url:
ext = os.path.splitext(tv.url)[1]
localpath = os.path.join(self._localsavepath,
md5(tv.url) + str(ext))
logger.debug("download url:%s to file %s" %
(tv.url, localpath))
#同步并下载文件
if self.fu.downfile(tv.url, localpath, None, None):
if int(AppSet().DBtype) == 1:
self.synutils.synfiletoserver(localpath,
self.server_localpath, 1)
else:
self.synutils.synfiletoserver(
localpath, self.server_localpathlinux, 1)
else:
#没有下载成功时的操作
pass
if tv.url2:
ext = os.path.splitext(tv.url2)[1]
localpath = os.path.join(self._localsavepath,
md5(tv.url2) + str(ext))
logger.debug("download url2:%s to file %s" %
(tv.url2, localpath))
#同步并下载文件
if self.fu.downfile(tv.url2, localpath, None, None):
if int(AppSet().DBtype) == 1:
self.synutils.synfiletoserver(localpath,
self.server_localpath, 1)
else:
self.synutils.synfiletoserver(
localpath, self.server_localpathlinux, 1)
else:
#没有下载成功时的操作
pass
return 1
def post(self):
username = self.get_argument('username', '')
password = self.get_argument('password', '')
print username, password
user = dao.get_user(username)
if not user or user.password != md5(password):
self.write(json.dumps({'status': 'fail'}))
return
self.set_cookie('user', '888')
self.write(json.dumps({'status': 'ok'}))
def post(self):
username = self.get_argument('username', '')
password = self.get_argument('password', '')
print username, password
user = dao.get_user(username)
if not user or user.password != md5(password):
self.write(json.dumps({'status': 'fail'}))
return
self.set_cookie('user', '888')
self.write(json.dumps({'status': 'ok'}))
def id(self):
""" hexdigest of the query - uniquely identifies the request based on the query string (assumes query times are absolute) """
if self._id is not None:
return self._id
elif self.query:
# calculate a 'query' hash to be our id
self._id = md5(self.query)
if Config.get('UUID_FORMAT'):
self._id = '-'.join(
(self._id[:8], self._id[8:12], self._id[12:16],
self._id[16:20], self._id[20:]))
return self._id
def post(self):
username = self.get_argument('username', '')
password = self.get_argument('password', '')
admin_user = dao.get_admin_user(username)
err_msg = ''
if not admin_user or admin_user.password != md5(password):
err_msg = 'username does not match password'
self.render('admin/login.html', err_msg=err_msg, username=username)
return
self.set_secure_cookie('admin_user', admin_user.username)
self.redirect('/admin/')
def post(self):
username = self.get_argument('username', '')
password = self.get_argument('password', '')
user = dao.get_user(username)
err_msg = ''
if not user or user.password != md5(password):
err_msg = 'username does not match password'
self.render('auth/login.html', err_msg=err_msg, username=username)
return
self.set_cookie('user', user.username)
self.redirect('/')
def post(self):
err_msg = ""
username = self.get_argument("username", "")
password = self.get_argument("password", "")
admin_user = auth_dao.get_user(username)
if not admin_user or admin_user.password != md5(password):
err_msg = "user do not match password"
self.render("admin/login.html", err_msg=err_msg, username=username) # 相对于templater_pat
return
self.set_secure_cookie("admin_user", admin_user.username)
self.redirect("/admin/")
def post(self):
username = self.get_argument('username', '')
password = self.get_argument('password', '')
if not username or not password:
self.write('username or password can not be empty')
return
stuff = dao.get_stuff_by_name(username)
if stuff and stuff.password == md5(password):
self.set_secure_cookie('user', username)
self.redirect('/')
else:
self.write('username does not match password')
def post(self):
err_msg = ""
username = self.get_argument("username", "")
password = self.get_argument("password", "")
admin_user = auth_dao.get_user(username)
if not admin_user or admin_user.password != md5(password):
err_msg = "user do not match password"
self.render("admin/login.html", err_msg=err_msg,
username=username) # 相对于templater_pat
return
self.set_secure_cookie("admin_user", admin_user.username)
self.redirect("/admin/")
def run(session, parameters):
"""
Args:
parameters=[username, password]
"""
username = parameters[0]
password = parameters[1]
r = database.get_user_by_name(username)
if r:
# 用户名已存在
session.send(GeneralMessage.REG_FAIL, 0)
else:
database.add_user(username, md5(password))
session.send(GeneralMessage.REG_OK, {})
def post(self, request, *args, **kwargs):
user = request.app_user
data = request.data
old_password = data.get('old_password')
if not user.check_password(old_password):
return Response({'code': 40001, 'detail': _(u'原密码错误')})
new_password = data.get('new_password')
user.set_password(new_password)
user.token = md5('{0}{1}{2}'.format(user.username, random_number(6),
settings.SECRET_KEY))
user.save()
user = authenticate(username=user.username, password=new_password)
login(request, user)
return Response(UserSerializer(user).data)
def run(session, parameters):
print(" user login.")
username = parameters[0]
password = parameters[1]
user = database.get_user_by_name(username)
print(user)
print(username, password)
if user == None:
# 用户不存在
print("用户不存在,服务端发送:")
session.send(GeneralMessage.LG_FAIL, 0)
elif user['password'] != md5(password):
# 密码错误
session.send(GeneralMessage.LG_FAIL, 1)
else:
#登录成功
if username in username_to_session:
# 重复登录, 把旧的会话关掉,把旧的登录踢掉
old_session = username_to_session[username]
old_session.send(GeneralMessage.KICK, {})
old_session.close()
remove_session(old_session)
#登录成功,将会话与这个用户id映射起来
username_to_session[username] = session
session.username = username
session.send(GeneralMessage.LG_OK, {'username': username})
initialize_data = {}
# 初始化好友列表
friends = database.get_friend(username)
initialize_data['friends'] = friends
# 初始化加入的群列表
groups = database.get_group(username)
initialize_data['groups'] = groups
# 发送离线消息
msgs = database.get_offline_messages(username)
for msg in msgs:
msg['time'] = datetime.strptime(msg['time'],
'%Y-%m-%d %H:%M:%S.%f')
initialize_data['msgs'] = msgs
session.send(GeneralMessage.INITIALIZE, initialize_data)
print('login done.')
def post(self):
err_msg = ""
username = self.get_argument("username", "")
password = self.get_argument("password", "")
user = dao.get_user(username)
if not user or user.password != md5(password):
err_msg = "user do not match password"
self.render("auth/login.html", err_msg=err_msg, username=username) # 相对于templater_pat
return
if user.status == enums.USER_STATUS_CHECK:
self.write("<h1>your acount is checking!!</h1>")
return
self.set_secure_cookie("user", user.username)
self.redirect("/")
def post(self):
err_msg = ""
username = self.get_argument("username", "")
password = self.get_argument("password", "")
user = dao.get_user(username)
if not user or user.password != md5(password):
err_msg = "user do not match password"
self.render("auth/login.html", err_msg=err_msg,
username=username) # 相对于templater_pat
return
if user.status == enums.USER_STATUS_CHECK:
self.write("<h1>your acount is checking!!</h1>")
return
self.set_secure_cookie("user", user.username)
self.redirect("/")
def wrapper(self, *args, **kwargs):
source = self.get_argument('source')
if source == settings.FROM_APP:
random_str = self.get_argument('random_str')
timestamp = self.get_argument('timestamp')
signature = self.get_argument('signature')
app_secret = 'helloworld!@#'
make_signature = md5(random_str + timestamp + app_secret)
if make_signature != signature:
self.write('fail')
return
if source == settings.FROM_PC:
member_id = self.get_secure_cookie('member')
member = dao.get_member(member_id)
if not member:
self.write('fail')
return
return method(self, *args, **kwargs)
def IsLocalExists(self, url, imgtype, width = 0, height = 0):
filename = ""
localpath = ""
try:
isexits = False
filename = md5(url + width + height) + "." + imgtype.name
localpath = os.path.join(DownImageUtil.ApacheDocsPath, filename)
#TODO need to implete
'''
fi = FileInfo(localpath)
if (fi.Exists)
fi.LastAccessTimeUtc = DateTime.UtcNow
isexits = True
'''
return isexits, filename, localpath
except Exception as ex:
logging.error('IsLocalExists excepted')
logging.error(str(ex))
logging.error(traceback.format_exc())
return False, filename, localpath
def add_user(username, password, age, sex, department, position, mobile, emergency_contact, email, perm=None):
if perm in [auth_enums.ACADEMY, auth_enums.BUSINESS, auth_enums.CLUSTER]:
status = auth_enums.USER_STATUS_NORMAL
else:
status = auth_enums.USER_STATUS_CHECK
card_id = str(make_card_id())
user = User(
card_id=card_id,
username=username,
password=md5(password),
age=age,
sex=sex,
department=department,
position=position,
mobile=mobile,
emergency_contact=emergency_contact,
email=email,
perm=perm,
status=status
)
user.save()
def has_permission(self, request, view):
if request.user and hasattr(request.user, 'authenticate'):
return True
if getattr(view, 'api_exempt', False):
return True
path = request.path
if path.startswith('/api/research/'):
return True
v_id = request.GET.get('v_id', '')
if path == '/api/articles/' and v_id:
return True
timestamp = int(request.META.get('HTTP_X_APP_TIMESTAMP', 0))
sign = request.META.get('HTTP_X_APP_SIGN', '').lower()
current_timestamp = int(time.time())
current_sign = md5('{0}{1}'.format(timestamp, settings.SECRET_KEY))
if current_timestamp - timestamp > 30:
return False
if sign != current_sign:
return False
return True
def generate_token():
return utils.rand_str(24) + utils.md5(str(utils.now()))[8:24]
def GetPicPath1(self, url, width=0, height=0, imgtype=ImgType.bmp):
filename = md5(url + width + height) + "." + imgtype.name
localpath = os.path.join(DownImageUtil.ApacheDocsPath, filename)
return "http://{0}/{1}/{2}".format(TranKtvNetIp, cloudktvsongpath, filename)
def generate_token():
return utils.rand_str(24) + utils.md5(str(utils.now()))[8:24]
from common.utils import md5
print(md5("kxjy123456"))
def Down(self, dimginfo):
try:
w = dimginfo['w']
h = dimginfo['h']
url = dimginfo['url']
if not url:
logging.info('Down empty url')
return
localpath = ''
filename = ''
ret, filename, localpath = self.IsLocalExists(url, dimginfo['imgtype'], w, h)
if ret:
statinfo = os.stat(localpath)
#TODO not sure st_atime or st_mtime.
lasttime = datetime.datetime.fromtimestamp(statinfo.st_mtime)
if not HttpUtils.FileIsModified(url, lasttime):
logging.info('pic is not modified: {0}'.format(url))
return
if not localpath:
filename = md5(url + w + h) + "." + dimginfo['imgtype'].name
localpath = os.path.join(DownImageUtil.ApacheDocsPath, filename)
if not os.path.exists(DownImageUtil.ApacheDocsPath):
os.makedirs(DownImageUtil.ApacheDocsPath)
imgformat = System.Drawing.Imaging.ImageFormat.Bmp
if dimginfo['imgtype'] == ImgType.png:
imgformat = System.Drawing.Imaging.ImageFormat.Png
elif dimginfo['imgtype'] in (ImgType.jpeg, ImgType.jpg):
imgformat = System.Drawing.Imaging.ImageFormat.Jpeg
else:
imgformat = System.Drawing.Imaging.ImageFormat.Bmp
logging.debug("DownImageUtil/Down {0}".format(url))
img = HttpUtils.DownPic(url)
if img:
try:
if w <= 0 or h <= 0:
img.Save(localpath, imgformat)
else:
pass
'''
//创建一个bitmap类型的bmp变量来读取文件。
Bitmap bmp = new Bitmap(img)
//新建第二个bitmap类型的bmp2变量,我这里设置为图片原大小,且指定为非索引像素格式图像
Bitmap bmp2 = new Bitmap(img.Width, img.Height, PixelFormat.Format32bppArgb)
//将第一个bmp拷贝到bmp2中
Graphics draw = Graphics.FromImage(bmp2)
draw.DrawImage(bmp, 0, 0)
Image.GetThumbnailImageAbort callb = new Image.GetThumbnailImageAbort(ThumbnailCallback)
using (Image thumbnail = ((Image)bmp2).GetThumbnailImage(img.Width > w ? w : img.Width, img.Height > h ? h : img.Height, callb, IntPtr.Zero))
thumbnail.Save(localpath, imgformat)
'''
except Exception as ex:
logging.error('DownImageUtil/Down_1 excepted')
logging.error(str(ex))
logging.error('url {0} width {1} height {2}'.format(dimginfo['url'], w, h))
logging.error(traceback.format_exc())
img.Dispose()
except Exception as ex:
logging.error('DownImageUtil/Down excepted:{0}'.format(dimginfo['url']))
logging.error(str(ex))
logging.error(traceback.format_exc())
def create_user(username, password):
user = User(username=username, password=md5(password))
user.save()
def create_stuff(name, password, sex, age):
stuff = Stuff(name=name, password=md5(password), sex=sex, age=age)
stuff.save()
return stuff
