예제 #1
0
    def post(self):

        name = request.form.get('name')
        show_name = request.form.get('show_name')

        password = request.form.get('password')
        email = request.form.get('email')
        forget_password = request.form.get('forget_password')
        group_id = session.get('group_id')
        hash_pwd = creat_hash(password)
        if name and show_name and password and email:
            if name.isalnum():
                real_folder = '/' + name + datetime.now().strftime('%Y%m%d%H%M%f')
                vail_date = datetime.now() + timedelta(days=1500)
                os.mkdir(f'static/disk{real_folder}')
                if group_id:
                    user = Users(name, show_name, hash_pwd, forget_password, email, real_folder=real_folder,
                                 valid_date=vail_date, authority=2, user_group_id=group_id)
                else:
                    user = Users(name, show_name, hash_pwd, forget_password, email, real_folder=real_folder,
                                 valid_date=vail_date, authority=2)
                db.session.add(user)
                db.session.commit()
                return jsonify({'status': 'ok', 'msg': name})
            else:
                return jsonify({'status': 'error', 'msg': '抱歉用户名必须是字母或字母数字组合'})
        else:
            return jsonify({'status': 'error', 'msg': '获取的数据不完整,无法注册'})
예제 #2
0
 def post(self):
     save_password = True if request.form.get('save_password') else False
     name = request.form.get('name')
     password = request.form.get('password')
     if password and name:
         hash_pwd = creat_hash(password)
         check_user = db.session.query(Users).filter(Users.name == name, Users.password == hash_pwd).one_or_none()
         if check_user:
             if check_user.authority != 3:
                 session['show_name'] = check_user.show_name
                 session['name'] = check_user.name
                 session['user_id'] = check_user.id
                 login_time = str(time.time())
                 check_user.login_time = login_time
                 db.session.commit()
                 if save_password:
                     resp = make_response(redirect(url_for('manage.home')))
                     resp.set_cookie('user_name', check_user.name, expires=datetime.now() + timedelta(days=15))
                     resp.set_cookie('save_id', check_user.password, expires=datetime.now() + timedelta(days=15))
                     resp.set_cookie('login_time', login_time, expires=datetime.now() + timedelta(days=15))
                     return resp
                 resp = make_response(redirect(url_for('manage.home')))
                 resp.set_cookie('user_name', check_user.name)
                 resp.set_cookie('save_id', check_user.password)
                 resp.set_cookie('login_time', login_time)
                 return resp
             else:
                 return '您的账户处于封禁期,无法登陆!'
         else:
             flash('用户名和密码不匹配,请重新输入!')
             return render_template('admin/login.html')
     else:
         flash('用户名和密码必填,请输入!')
         return render_template('admin/login.html')
예제 #3
0
 def get(self):
     user_id = request.args.get('key')
     if user_id:
         user = db.session.query(Users).filter(Users.id == user_id).one_or_none()
         if user:
             if user.register_key == 'ok':
                 newpwd = creat_hash('666666')
                 user.password = newpwd
                 user.register_key = '0'
                 db.session.commit()
                 return redirect(url_for('.login'))
             else:
                 return '修改错误'
         else:
             return '修改错误'
예제 #4
0
    def post(self):
        check_user = check_login()
        if check_user is None:
            return redirect(url_for('admin.login'))
        if check_user == -1:
            return '抱歉您的账号过期,请联系管理员'

        user_id = session.get('user_id')
        username = db.session.query(Users).filter(Users.id == user_id).one_or_none()
        show_name = request.form.get('show_name')
        email = request.form.get('email')
        oldpwd = request.form.get('oldpwd')
        newpwd = request.form.get('newpwd')
        pwd = request.form.get('pwd')
        fgpwd = request.form.get('fgpwd')
        user_id = session.get('user_id')
        reg_key = request.form.get('reg_key')
        if show_name:
            if len(show_name) > 15:
                return jsonify({'status': 'error', 'msg': '用户名长度不能大于15个字符!'})
            else:
                if len(show_name) < 3:
                    return jsonify({'status': 'error', 'msg': '用户名长度不能小于3个字符!'})
                elif username.authority in [0, 1]:
                    user = db.session.query(Users).filter(Users.id == user_id).one_or_none()
                    user.show_name = show_name
                    db.session.commit()
                    return jsonify({'status': 'ok', 'msg': '用户名修改成功'})
                else:
                    return jsonify({'status': 'error', 'msg': '您无法修改用户名,如需修改请联系管理员'})
        elif email:
            if len(email) < 50:
                user = db.session.query(Users).filter(Users.id == user_id).one_or_none()
                keys = creat_hash(str(time.clock()))
                user.share_key = keys
                db.session.commit()
                urls = f'{WEB_URL}/admin/changeInfo/?uId={user_id}&email={email}&key={keys}'
                body = f'您正在使用易云提供的服务,修改邮箱请点击链接,如您没有进行此操作,请忽略此邮件: {urls}'
                try:
                    em = SendEmail()
                    # threading.Thread(target=em.Send, args=(email, 'yun cluod', body)).start()
                    em.Send(email, 'yun cluod', body)
                    return jsonify({'status': 'ok', 'msg': '请前往对应邮箱点击链接完成修改'})
                except Exception as e:
                    return jsonify({'status': 'error', 'msg': f'抱歉抱歉向目标邮箱发送邮件失败,code: {e}'})

            else:
                return jsonify({'status': 'error', 'msg': '抱歉邮箱字符长度不能大于50个字符!'})
        elif oldpwd and newpwd:
            haold = creat_hash(oldpwd)
            user = db.session.query(Users).filter(Users.id == user_id, Users.password == haold).one_or_none()
            if user:
                if len(newpwd) > 15:
                    return jsonify({'status': 'error', 'msg': '新密码长度不能大于15个字符!'})
                else:
                    if len(newpwd) < 3:
                        return jsonify({'status': 'error', 'msg': '新密码长度不能小于3个字符!'})
                    else:
                        hanew = creat_hash(newpwd)
                        user.password = hanew
                        db.session.commit()
                        return jsonify({'status': 'ok', 'msg': '密码修改成功'})
            else:
                return jsonify({'status': 'error', 'msg': '您输入的旧密码有误'})
        elif pwd and fgpwd:
            haold = creat_hash(pwd)
            user = db.session.query(Users).filter(Users.id == user_id, Users.password == haold).one_or_none()
            if user:
                if len(pwd) > 15:
                    return jsonify({'status': 'error', 'msg': '密保不能大于15个字符!'})
                else:
                    if len(pwd) < 3:
                        return jsonify({'status': 'error', 'msg': '密保不能小于3个字符!'})
                    else:
                        user.password_forget = fgpwd
                        db.session.commit()
                        return jsonify({'status': 'ok', 'msg': '密保修改成功'})
            else:
                return jsonify({'status': 'error', 'msg': '您输入的密码有误'})
        elif reg_key:
            user = db.session.query(Users).filter(Users.id == user_id).one_or_none()

            if user:
                key = creat_hash(user.name + str(time.time()))
                user.register_key = key
                db.session.commit()
                return jsonify({'status': 'ok', 'msg': key})
            else:
                return jsonify({'status': 'error', 'msg': 'failed'})
        else:
            user = db.session.query(Users).filter(Users.id == user_id).one_or_none()
            user.authority = 55
            db.session.commit()
            return {'status': 'error', 'msg': '系统判定您的操作非法!账户已被临时封禁'}