def decorator(*args, **kwargs): length = { 'username': lambda value: 4 <= len(value) <= 20, 'password': lambda value: 4 <= len(value) <= 20, } babel = { 'username': _("Username"), 'password': _("Password"), 'email': _("Email"), 'captcha': _("Captcha") } keys.append('captcha') post_data = request.json for key in keys: if not post_data.get(key): msg = _('The %(key)s is required', key=babel[key]) return HTTP.BAD_REQUEST(message=msg) if not length.get(key, lambda value: True)(post_data[key]): msg = _( "The %(key)s's length must be between 4 to 20 characters", key=babel[key]) return HTTP.BAD_REQUEST(message=msg) captcha = post_data['captcha'] if captcha.lower() != session.pop('captcha', '00000').lower(): msg = _('The captcha is error') return HTTP.BAD_REQUEST(message=msg) return func(*args, **kwargs)
def post(self): request_data = request.data password = request_data.pop('password', '') content = request_data.pop('content', '') if not password or not content: return HTTP.BAD_REQUEST(message="params required.") ec = Encrypt(password, current_app.config['SECRET_KEY_SALT']) try: return HTTP.OK(data=ec.decrypt(content)) except InvalidToken: return HTTP.BAD_REQUEST(message="password is not correct")
def abort(self, key, value, message): if self._abort is not None: if callable(self._abort): return self._abort(key, value, message) return self._abort if not message: message = "{0} params error".format(key) return flask_abort(HTTP.BAD_REQUEST(message=message))
def decorator(*args, **kwargs): if req is not None: request_data = req else: request_data = request.data for key in keys: if not request_data.get(key): return HTTP.BAD_REQUEST(message='{0} required'.format(key)) return func(*args, **kwargs)
def post(self): data = request.data username = data['username'] password = data['password'] remember = data.pop('remember', True) user = User.query.filter_by(username=username).first() if not user or not user.check_password(password): return HTTP.BAD_REQUEST(message=_('Username or Password Error')) user.login(remember) return HTTP.OK(data={"username": user.username, "token": user.token})
def post(self): post_data = request.json username = post_data['username'] password = post_data['password'] email = post_data['email'] if User.query.filter_by(email=email).exists(): msg = _('The email has been registered') return HTTP.BAD_REQUEST(message=msg) if User.query.filter_by(username=username).exists(): msg = _('The username has been registered') return HTTP.BAD_REQUEST(message=msg) user = User(username=username, email=email) user.set_password(password) user.save() user.login(True) self.send_email(user) flash(_('An email has been sent to your.Please receive')) serializer = user.serializer() if hasattr( user, 'serializer') else Serializer(user, depth=1) return HTTP.OK(data=serializer.data)
def delete(self, bucket): data = request.data user = request.user bucket = user.buckets.filter_by( name=bucket).get_or_404("bucket not found") path = data["path"] filepath = bucket.get_root_path(path) if not filepath: msg = "{0} path not found" return HTTP.BAD_REQUEST(message=msg) filepath.delete() return HTTP.OK()
def put(self, bucket): data = request.data user = request.user bucket = user.buckets.filter_by( name=bucket).get_or_404("bucket not found") path = data["path"] filepath = bucket.get_root_path(path) if not filepath or filepath.is_root_path: msg = "{0} path not found" return HTTP.BAD_REQUEST(message=msg) action = data.get("action", "rename") if action not in ["rename", "move", "copy"]: return HTTP.BAD_REQUEST() if action == "rename": newname = data.get("newname") if not newname or newname == filepath.name: return HTTP.OK(message="filepath not change") serializer = FilePathSerializer(filepath.rename(newname)) return HTTP.OK(data=serializer.data) newpath = data.get("newpath") if not newpath: return HTTP.BAD_REQUEST(message="newpath is required") newfilepath = bucket.get_root_path(newpath) if not newfilepath: msg = "{0} path not found" return HTTP.BAD_REQUEST(message=msg) if action == "move": nfilepath = filepath.move(newfilepath) else: nfilepath = filepath.copy(newfilepath) serializer = FilePathSerializer(nfilepath) return HTTP.OK(data=serializer.data)
def post(self): post_data = request.json username = post_data['username'] password = post_data['password'] remember = post_data.pop('remember', True) user = User.query.filter_by(username=username).first() if not user or not user.check_password(password): msg = _('Username or Password Error') return HTTP.BAD_REQUEST(message=msg) user.login(remember) serializer = user.serializer() if hasattr( user, 'serializer') else Serializer(user, depth=1) return HTTP.OK(data=serializer.data)
def post(self): data = request.data name = data.get('name') description = data.get('description') if Bucket.query.filter_by(name=name).exists(): return HTTP.BAD_REQUEST(message="bucket is exists") bucket = Bucket(name=name) if description: bucket.description = description bucket.save() rep = BucketSerializer(bucket).data return HTTP.OK(data=rep)
def post(self): post_data = request.json email = post_data['email'] user = User.query.filter_by(email=email).first() if not user: msg = _('The email is error') return HTTP.BAD_REQUEST(message=msg) password = ''.join(sample(ascii_letters + digits, 8)) user.set_password(password) user.save() self.send_email(user, password) flash( _('An email has been sent to you.' 'Please receive and update your password in time')) return HTTP.OK()
def post(self): ''' 新建相册 ''' post_data = request.data user = request.user name = post_data.pop('name', None) description = post_data.pop('description', None) if name is None: return HTTP.BAD_REQUEST(message='相册名称不能为空') album = Album(name=name, user=user) if description is not None: album.description = description album.save() serializer = AlbumSerializer(album) return HTTP.OK(data=serializer.data)
def return_errors(form): for field, errors in form.errors.items(): data = (u"%s %s" % (getattr(form, field).label.text, errors[0])) break return HTTP.BAD_REQUEST(message="form validate fail.", data=data)
def post(self): if current_user.is_confirmed: return HTTP.BAD_REQUEST(message=_("user has been confirmed.")) self.send_email(current_user) return HTTP.OK( message=_('An email has been sent to your.Please receive'))
def post(self): ''' 上传图片 ''' user = request.user post_data = request.data album = post_data.pop('album', None) # 相册 if album is not None: album = Album.query.filter_by(id=album, user=user).first() if not album: default_album = Album.query.filter_by( name='default', user=user).first() if not default_album: default_album = Album(name='default', user=user) default_album.save() album = default_album images = request.files.getlist('images') t = datetime.now() # 将会保存到数据库中的路径 path = os.path.join(current_app.config['UPLOAD_FOLDER_PATH'], user.username, 'photo', t.strftime('%Y'), t.strftime('%m')) # 将会保存到磁盘中的路径 base_path = os.path.join(current_app.config['UPLOAD_FOLDER_ROOT'], path) if not os.path.exists(base_path): os.makedirs(base_path) success_images = [] fail_images = [] for image in images: if not file_is_allowed(image.filename): msg = '{name} 不允许的扩展'.format(name=image.filename) return HTTP.BAD_REQUEST(message=msg) name = '{name}.png'.format( name=str(int(time() * 1000)) + str(randint(10, 99))) # 计算sha-512值,避免重复保存 hash = gen_hash(image) if Image.query.filter_by(hash=hash, user=user).exists(): success_images.append(image.filename) continue # 保存到磁盘中 img_path = os.path.join(base_path, name) # http://stackoverflow.com/questions/42569942/calculate-md5-from-werkzeug-datastructures-filestorage-but-saving-the-object-as image.seek(0) image.save(img_path) # 保存到数据库中 img = Image( name=name, path=path, hash=hash, user=user, album=album) img.url = os.path.join(path, name) img.save() serializer = ImageSerializer(img) success_images.append(serializer.data) # 缩略图路径 thumb_path = os.path.join(current_app.config['UPLOAD_FOLDER_ROOT'], img_path.replace('photo', 'thumb')) # 展示图路径 show_path = os.path.join(current_app.config['UPLOAD_FOLDER_ROOT'], img_path.replace('photo', 'show')) t = Thread( target=self.gen_thumb_image, args=(img_path, thumb_path, 300)) t.setDaemon(True) t.start() t = Thread( target=self.gen_thumb_image, args=(img_path, show_path, 810)) t.setDaemon(True) t.start() return HTTP.OK(data={'success': success_images, 'fail': fail_images})