def register(): mobile = request.json.get('mobile') smscode = request.json.get('sms_code') password = request.json.get('password') if not all([mobile, smscode, password]): return jsonify(errno=RET.PARAMERR, errmsg='参数不全') try: redis_sms_code = redis_store.get('sms_' + mobile) if redis_sms_code.decode() == smscode: redis_store.delete('sms' + mobile) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg='redis错误') if not redis_sms_code: return jsonify(errno=RET.NODATA, errmsg='验证码过期') if redis_sms_code.decode() != smscode: return jsonify(errno=RET.DATAERR, errmsg='验证码不一致 ') user = User() user.mobile = mobile user.nick_name = mobile user.password = password try: db.session.add(user) db.session.commit() except Exception as e: current_app.logger.error(e) db.session.rollback() return jsonify(errno=RET.DBERR, errmsg='数据保存失败') session['user_id'] = user.id session['mobile'] = mobile session['nick_name'] = mobile return jsonify(errno=RET.OK, errmsg='注册成功')
def register(): '''注册:向用户表中添加一条数据''' # 1.接收 mobile = request.json.get('mobile') sms_request = request.json.get('smscode') password = request.json.get('password') # 2.验证 # 2.1非空 if not all([mobile, sms_request, password]): return jsonify(errno=RET.NODATA, errmsg='数据不完整') # 2.2获取短信验证码 sms_redis = redis_store.get(mobile) if sms_redis is None: return jsonify(errno=RET.NODATA, errmsg='短信验证码过期') # 2.3手机验证码是否正确 if sms_request != sms_redis.decode(): return jsonify(errno=RET.DATAERR, errmsg='验证码错误') # 3.处理:向表中添加数据 user = User() user.nick_name = mobile user.mobile = mobile user.password = password # user.pasword(pwd) db.session.add(user) db.session.commit() # 4.响应 return jsonify(errno=RET.OK, errmsg='')
def register(): mobile = request.json.get('mobile') smscode = request.json.get('smscode') password = request.json.get('password') if not all([mobile,smscode,password]): return jsonify(errno = RET.PARAMERR,errmsg = '请输入正确的参数') # 注册 # 获取到redis数据库里面的短信验证码 real_sms_code = redis_store.get('sms_code_' + mobile) if not real_sms_code: return jsonify(errno = RET.NODATA,errmsg = '短信验证码已经过期') if smscode != real_sms_code: return jsonify(errno = RET.PARAMERR,errmsg = '请输入正确的短信验证码') user = User() user.nick_name = mobile user.password = password user.mobile = mobile # 提交注册用户到数据库里面 db.session.add(user) db.session.commit() return jsonify(errno = RET.OK,errmsg = '注册成功')
def register(): """ 用户注册访问路径 用户点击注册按钮时 通过main.js中submit函数的ajax请求 """ user_info = request.json mobile = user_info.get('mobile') sms_code = user_info.get('sms_code') password = user_info.get('password') try: session_sms_code = redis_store.get('sms_code: %s' % mobile) if session_sms_code: if session_sms_code == sms_code: new_user = User() new_user.nick_name = mobile new_user.password = password new_user.mobile = mobile try: db.session.add(new_user) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg=error_map[RET.DBERR]) db.session.commit() return jsonify(errno=RET.OK, errmsg=error_map[RET.OK]) else: return jsonify(errno=RET.DATAERR, errmsg='手机验证码有误') else: return jsonify(errno=RET.DATAEXIST, errmsg='验证码信息已过期, 请重新获取') except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg=error_map[RET.DATAERR])
def register(): # 1.获取参数 # json_data = request.data # dict_data = json_data.loads(json_data) # 上面两句话可以写成一句话 # request.get_json() # request.json,等价于上面一句话 dict_data = request.json mobile = dict_data.get("mobile") sms_code = dict_data.get("sms_code") password = dict_data.get("password") # 2.校验参数,为空校验 if not all([mobile, sms_code, password]): return jsonify(errno=RET.PARAMERR, errmsg="参数不全") # 3.手机号格式校验 if not re.match("1[35789]\d{9}", mobile): return jsonify(errno=RET.DATAERR, errmsg="手机号格式不正确") # 4.根据手机号,去redis中取出短信验证码 try: redis_sms_code = redis_store.get("sms_code:%s" % mobile) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg="获取短信验证码异常") # 5.判断短信验证码是否过期 if not redis_sms_code: return jsonify(errno=RET.NODATA, errmsg="短信验证码已过期") # 6.删除redis的短信验证码 try: redis_store.delete("sms_code:%s" % mobile) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg="删除短信验证码异常") # 7.判断传入的短信验证码和redis中取出的是否一致 if sms_code != redis_sms_code: return jsonify(errno=RET.DATAERR, errmsg="短信验证码错误") # 8.创建用户对象,设置属性 user = User() user.nick_name = mobile user.mobile = mobile # user.password_hash = jiami(password) user.mobile = mobile # user.password_hash = password(password) user.mobile = mobile user.password = password # 9.保存用户到数据库mysql try: db.session.add(user) db.session.commit() except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg="用户注册失败") # 10.返回响应 return jsonify(errno=RET.OK, errmsg="注册成功")
def register(): mobile = request.json.get("mobile") password = request.json.get("password") smscode = request.json.get("smscode") print(smscode, "ddddddddddddddd") if not all([mobile, password, smscode]): return jsonify(erron=RET.NODATA, errmsg="信息不全") # 获得手机验证码 smscode_redis = redis_store.get(mobile) print(smscode_redis.decode()) if smscode_redis is None: return jsonify(erron=RET.NODATA, errmsg="没有手机验证吗过期") if smscode != smscode_redis.decode(): return jsonify(erron=RET.DATAERR, errmsg="手机验证码部正确") user = User() user.mobile = mobile user.nick_name = mobile user.password = password db.session.add(user) db.session.commit() return jsonify(erron=RET.OK, errmsg="")
def register(): # 注册 # 校验数据 mobile = request.json.get("mobile") sms_code = request.json.get("sms_code") password = request.json.get("password") if not all([mobile, sms_code, password]): return jsonify(errno=RET.PARAMERR, errmgs=error_map[RET.PARAMERR]) try: real_sms_code = sr.get("sms_code_id" + mobile) except BaseException as e: current_app.logger.info(e) return jsonify(errno=RET.DBERR, errmgs=error_map[RET.DBERR]) if real_sms_code != sms_code: return jsonify(errno=RET.PARAMERR, errmgs=error_map[RET.PARAMERR]) # 保存数据 try: user = User() user.mobile = mobile user.nick_name = mobile # user.password = generate_password_hash(password)# 这样为了加密密码,但是通常不用这种方法 user.password = password # 定义用户模型的时候对password属性使用计算型属性 db.session.add(user) db.session.commit() except BaseException as e: db.session.rollback() current_app.logger.info(e) return jsonify(errno=RET.DBERR, errmgs=error_map[RET.DBERR]) # 注册成功对用户的信息进行保存 session["user_id"] = user.id return jsonify(errno=RET.OK, errmsg=error_map[RET.OK])
def register(): """ 注册 :return: """ # 1、获取参数 param_dict = request.json mobile = param_dict.get("mobile", "") smscode = param_dict.get("smscode", "") password = param_dict.get("password", "") # 2、检验 # 参数是否齐全 if not all([mobile, smscode, password]): return jsonify(errno=RET.PARAMERR, errmsg="参数不全") # 短信验证码是否正确 try: # 获取短信验证码 real_sms_code = redis_store.get("SMS_" + mobile) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg="获取本地短信验证码失败!") if not real_sms_code: # 短息验证码过期 return jsonify(errno=RET.NODATA, errmsg="短信验证码失效") # 校验 real_sms_code = real_sms_code.decode() if smscode != real_sms_code: return jsonify(errno=RET.DATAERR, errmsg="短信验证码错误") # 删除短息验证码 try: redis_store.delete("SMS_" + mobile) except Exception as e: current_app.logger.error(e) # 3、保存数据 user = User() user.mobile = mobile user.nick_name = mobile # 在User模型中对密码加密处理 # hash_password = generate_password_hash(password) user.password = password db.session.add(user) try: db.session.commit() except Exception as e: db.session.rollback() # 回滚 current_app.logger.error(e) return jsonify(errno=RET.DATAERR, errmsg="保存数据失败") # 保持用户登录状态 session["user_id"] = user.id # session["nick_name"] = user.nick_name # session["mobile"] = user.mobile # 4、返回响应 return jsonify(errno=RET.OK, errmsg="OK")
def register(): """ 1.获取参数 2.校验参数,为空校验 3.手机号格式校验 4.根枯手机号,去redis中取出短信验证码 5.判断短信验证码是否过期 6.删除reids的短信验证码 7.判断传入的短信验证码和redis中取出的是否一致 8.创建用户对象,设置属性 9.保存用户到数据库mysql 10.返回响应 :return: """ # 1.获取参数 # json_data = request.data # dict_data = json.loads(json_data) dict_data = request.json # 2.校验参数,为空校验 mobile = dict_data.get("mobile") sms_code = dict_data.get("sms_code") password = dict_data.get("password") # 3.手机号格式校验 if not re.match("1[35789]\d{9}", mobile): return jsonify(errno=RET.PARAMERR, errmsg="手机号格式错误") # 4.根枯手机号,去redis中取出短信验证码 try: redis_sms_code = redis_store.get("sms_code:%s" % mobile) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg="获取短信验证码异常") # 5.判断短信验证码是否过期 if not redis_sms_code: return jsonify(error=RET.DBERR, errmsg="短信验证码已过期") # 6.删除reids的短信验证码 try: redis_store.delete("sms_code:%s" % mobile) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DATAERR, errmsg="删除短信验证码异常") # 7.判断传入的短信验证码和redis中取出的是否一致 if sms_code != redis_sms_code: return jsonify(error=RET.DATAERR, errmsg="验证码输入错误") # 8.创建用户对象,设置属性 user = User() user.nick_name = mobile # user.password_hash = password # 需要加密处理 user.password = password user.mobile = mobile # 9.保存用户到数据库mysql try: db.session.add(user) db.session.commit() except Exception as e: current_app.logger.error(e) db.session.rollback() return jsonify(errno=RET.DBERR, errmsg="注册用户失败") # 10.返回响应 return jsonify(errno=RET.OK, errmsg="注册成功")
def register(): """ 1.接收参数 mobile, smscode, password 2.整体校验参数的完整性 3.手机号格式是否正确 4.从redis中通过手机号取出真实的短信验证码 5.和用户输入的验证吗进行校验 6.初始化一个User()添加数据 7.session保持用户登录状态 8.返回响应 :return: """ # return jsonify(errno=RET.OK, errmsg="手机") # 1. dict_data = request.json mobile = dict_data.get("mobile") smscode = dict_data.get("smscode") password = dict_data.get("password") # 2. if not all([mobile, smscode, password]): return jsonify(errno=RET.PARAMERR, errmsg="参数不全") # 3. if not re.match(r"\d{6}", mobile): return jsonify(errno=RET.PARAMERR, errmsg="验证码格式正确") try: real_sms_code = redis_store.get("SMS_" + mobile) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg="数据库查询失败") if not real_sms_code: return jsonify(errno=RET.NODATA, errmsg="短信验证码已过期") if real_sms_code != smscode: return jsonify(errno=RET.DATAERR, errmsg="验证码输入错误") user = User() user.nick_name = mobile # user.password = password # user.password_hash = generate_password_hash(password) user.password = password user.mobile = mobile try: db.session.add(user) db.session.commit() except Exception as e: db.session.rollback() current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg="数据库保存失败") # 7. session["user_id"] = user.id return jsonify(errno=RET.OK, errmsg="注册成功")
def refister(): """注册提交""" """ 1、获取mobile smscode password 2、整体进行校验 3、mobile 正则 4、smscode 进行验证 5、初始化User对象 6、核心添加数据库信息 7、session保持状态 8、响应前端 :return: """ dict_data = request.json mobile = dict_data.get("mobile") smscode = dict_data.get("smscode") password = dict_data.get("password") # 1.整体校验 if not all([mobile, smscode, password]): return jsonify(errno=RET.PARAMERR, errmsg="参数错误") # 2.mobile手机号 正则校验 if not re.match(r"1[3456789]\d{9}", mobile): return jsonify(errno=RET.DATAERR, errmsg="手机号输入错误") try: redis_sms = redis_store.get(mobile) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg="数据库查询失败") # 3.判断数据查询是否存 if not redis_sms: return jsonify(errno=RET.NODATA, errmsg="短信验证码已经过期") # 4.短信验证码进行校验 if redis_sms != smscode: return jsonify(errno=RET.DATAERR, errmsg="用户输入短信验证码错误") # 5.初始化User对象,将用户信息添加数据库 user = User() user.nick_name = mobile user.password = password user.mobile = mobile try: db.session.add(user) db.session.commit() except Exception as e: db.session.rollback() current_app.logger.error(e) return jsonify(errno=RET.DATAERR, errmsg="数据保存失败") # 6.session保持状态 session["user_id"] = user.id # 7.返回前端响应 return jsonify(errno=RET.OK, errmsg="注册成功")
def register(): """ 1、接收参数 mobile smscode password 2、整体校验参数的完整性 3、手机号格式是否正确 4、从redis中通过手机号取出真是的短信验证码 5、和用户输入的验证码进行校验 6、初始化User()添加数据 7、session保持用户登录状态 8、返回响应 :return: """ # 1、接收参数 dict_data = request.json mobile = dict_data.get("mobile") smscode = dict_data.get("smscode") password = dict_data.get("password") # 2、整体校验参数的完整性 if not all([mobile, smscode, password]): return jsonify(errno=RET.PARAMERR, errmsg="参数不全") # 3、mobile 正则 if not re.match(r"1[35678]\d{9}", mobile): return jsonify(errno=RET.PARAMERR, errmsg="手机号的格式不正确") # 4、从redis中通过手机号取出真是的短信验证码 try: real_sms_code = redis_store.get("SMS_" + mobile) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg="数据库查询失败") if not real_sms_code: return jsonify(errno=RET.NODATA, errmsg="短信验证码已经过期") if real_sms_code != smscode: return jsonify(errno=RET.DATAERR, errmsg="验证码输入错误") # 核心逻辑 user = User() user.nick_name = "kk" + mobile user.mobile = mobile # 这是实例方法经过装饰器装饰,里面有哈希加密 user.password = password try: db.session.add(user) db.session.commit() except Exception as e: db.session.rollback() current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg="数据库保存失败") # 7、session保持用户登录状态 session["user_id"] = user.id return jsonify(errno=RET.OK, errmsg="注册成功")
def create_super_user(name,password): # 初始化管理员的数据 user = User() user.nick_name = name user.is_admin = True user.password = password # 提交到数据 db.session.add(user) db.session.commit()
def register(): """ register user to database we need three parmas mobile numble,sms code and password """ data = request.json # get mobile , sms code and password mobile = data.get('mobile') sms_code = data.get('smscode') password = data.get('password') # if not all params if not all([mobile, sms_code, password]): return jsonify(error=RET.PARAMERR, errmsg='参数不全') # get real sms code from redis try: real_sms_code = redis_store.get('SMS_' + mobile) except Exception as e: current_app.logger.error(e) return jsonify(error=RET.DATAERR, errmsg='获取短信验证码失败') # determine sms whether None if not real_sms_code: return jsonify(RET.NODATA, errmsg='短信验证码已过期') # verify sms code whether true or false if sms_code != real_sms_code.decode(): return jsonify(RET.DATAERR, errmsg='短信验证码错误') # verify true try: redis_store.delete('SMS_' + mobile) except Exception as e: current_app.logger.error(e) # init user model user = User() user.nick_name = mobile user.mobile = mobile # password encryption user.password = password # storage user try: db.session.add(user) db.session.commit() except Exception as e: db.session.rollback() current_app.logger.error(e) return jsonify(RET.DATAERR, errmsg='用户保存错误') # keep login in web clent session['user_id'] = user.id session['nick_name'] = user.nick_name session['mobile'] = user.mobile # return response return jsonify(error=RET.OK, errmsg='ok')
def register(): """注册 1.接收参数 mobile smscode password 2.整体校验参数的完整性 3.手机号正则验证 4.从redis中通过手机号取出真实的短信验证码 5.和用户输入的验证码进行校验 6.初始化一个User()对象,并添加数据 7.返回响应 """ # 1.接收参数 mobile smscode password dict_data = request.json mobile = dict_data.get("mobile") smscode = dict_data.get("smscode") password = dict_data.get("password") # 2.整体校验参数的完整性 if not all([mobile, smscode, password]): return jsonify(errno=RET.PARAMERR, errmsg="参数不全") # 3.手机号正则验证 if not re.match(r"1[35678]\d{9}", mobile): return jsonify(errno=RET.PARAMERR, errmsg="手机格式不正确") # 4.从redis中通过手机号取出真实的短信验证码 try: real_sms_code = redis_store.get("SMS_" + mobile) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg="数据库查询失败") # 5.和用户输入的验证码进行校验 if not real_sms_code: return jsonify(errno=RET.NODATA, errmsg="短信验证码已过期") if real_sms_code != smscode: return jsonify(errno=RET.DATAERR, errmsg="短信验证码输入不正确") # 核心代码:6.初始化一个User()对象,并添加数据 user = User() user.nick_name = mobile # user.password_hash = generate_password_hash(password) # 第一种方式为密码加密 user.password = password # 第二种方式调用models.py为密码加密 user.mobile = mobile try: db.session.add(user) db.session.commit() except Exception as e: db.session.rollback() current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg="数据库保存失败") # 7.session 保持用户登录状态 session["user_id"] = user.id # 8.给前端一个响应 return jsonify(errno=RET.OK, errmsg="注册成功")
def register(): """ 注册 1.获取参数 2.校验参数(是否为空,参数规则) 3.从redis中取出真实短信验证码 4.与用户输入的短信验证码对比,若不一致,返回验证码错误 5.如果一致,初始化User模型,并且赋值 6.将User模型添加到数据库 7.返回响应 :return: """ # 1.获取参数 params_dict = request.json mobile = params_dict['mobile'] sms_code = params_dict['smsCode'] password = params_dict['password'] # 2.校验参数(是否为空, 参数规则) if not all([mobile, sms_code, password]): return jsonify(errno=RET.PARAMERR, errmsg="参数错误") if not re.match('1[35678]\\d{9}', mobile): return jsonify(errno=RET.PARAMERR, errmsg="手机号格式错误") # 3.从redis中取出真实短信验证码 try: real_sms_code = redis_store.get("SMS_" + mobile) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.NODATA, errmsg="验证码过期") # 4.与用户输入的短信验证码对比, 若不一致, 返回验证码错误 if real_sms_code != sms_code: return jsonify(errno=RET.PARAMERR, errmsg="验证码错误") # 5.如果一致,初始化User模型,并且赋值 user = User() user.mobile = mobile user.nick_name = mobile user.password = password # 6.将User模型添加到数据库 try: db.session.add(user) db.session.commit() except Exception as e: db.session.rollback() current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg="数据保存失败") # 往session中保存数据表示当前已经登录 session["user_id"] = user.id session["mobile"] = user.mobile session["nick_name"] = user.nick_name # 7.响应 return jsonify(errno=RET.OK, errmsg="注册成功")
def register(): """ 1.获取参数 2.校验参数,为空校验 3.根据手机号取出redis,短信验证码 4.短信验证码,正确性判断 5.创建用户对象,设置属性 6.保存用户到数据库 7.返回响应 :return: """ # 1.获取参数 # json_data = request.data # dict_data = json.loads(json_data) #上面两句话,可以写成一句话, dict_data = request.get_json() #等价于request.json mobile = dict_data.get("mobile") sms_code = dict_data.get("sms_code") password = dict_data.get("password") # 2.校验参数,为空校验 if not all([mobile, sms_code, password]): return jsonify(errno=RET.PARAMERR, errmsg="参数不全") # 3.根据手机号取出redis,短信验证码,并判断有效期 try: redis_sms_code = redis_store.get("sms_code:%s" % mobile) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg="获取短信验证码失败") if not redis_sms_code: return jsonify(errno=RET.NODATA, errmsg="短信验证码已过期") # 4.短信验证码,正确性判断 if sms_code != redis_sms_code: return jsonify(errno=RET.DATAERR, errmsg="短信验证码填写错误") # 5.创建用户对象,设置属性 user = User() user.nick_name = mobile # user.password_hash = password #存储的是明文,不安全 user.password = password #密码加密 user.mobile = mobile # 6.保存用户到数据库 try: db.session.add(user) db.session.commit() except Exception as e: current_app.logger.error(e) db.session.rollback() return jsonify(errno=RET.DBERR, errmsg="注册失败") # 7.返回响应 return jsonify(errno=RET.OK, errmsg="注册成功")
def register(): """ 1. 获取参数和判断是否有值 2. 从redis中获取指定手机号对应的短信验证码的 3. 校验验证码 4. 初始化 user 模型,并设置数据并添加到数据库 5. 保存当前用户的状态 6. 返回注册的结果 :return: """ # 1,获取参数,校验参数 mobile = request.json.get('mobile') sms_code = request.json.get('smscode') password = request.json.get('password') print(sms_code) if not all([mobile, sms_code, password]): return jsonify(errno=RET.PARAMERR, errmsg='参数缺失') # 2.从redis中获取指定手机号对应的短信验证码的 try: # 从数据看获取的是二进制数据 real_sms_code = redis_store.get('SMS_' + mobile).decode() print(real_sms_code) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg='数据库查询失败') # 3.校验验证码 # 3.1判断是否过期 if not real_sms_code: return jsonify(errno=RET.NODATA, errmsg='验证码已过期') # 3.2判断验证码是否正确 if sms_code != real_sms_code: return jsonify(errno=RET.DATAERR, errmsg='短信验证码错误') # 3.3删除短信验证码 try: redis_store.delete('SMS_' + mobile) except Exception as e: current_app.logger.error(e) # 4. 初始化 user 模型,并设置数据并添加到数据库 user = User() user.nick_name = mobile user.mobile = mobile user.password = password # 4.1 保存到数据库 try: db.session.add(user) db.session.commit() except Exception as e: db.rollback() current_app.logger.error(e) return jsonify(errno=RET.DATAERR, errmsg='保存数据失败') # 5.保存当前用户的状态 session['user_id'] = user.id session['nick_name'] = user.nick_name session['mobile'] = user.mobile # 6.返回注册的结果 return jsonify(errno=RET.OK, errmsg='注册成功')
def login(): """ 用户登录 1.获取参数,mobile,password 2.检查参数的完整性 3.检查手机号的格式 4.根据手机号查询数据库,确认用户已注册 5.判断获取结果 6.调研模型类的密码检查函数,判断密码是否正确 7.保存用户的登陆时间;last_login 用来统计用户活跃数量 8.提交数据到mysql中 9.缓存用户信息 session['nike_name'] = user.nike 10.返回结果 :return: """ mobile = request.json.get('mobile') password = request.json.get('password') if not all([mobile,password]): return jsonify(error=RET.PARAMERR,errmsg='参数不完整') if not re.match(r'^1[3456789]/d{9}$',mobile): return jsonify(error=RET.PARAMERR,errmsg='手机格式不正确') try: user = User.query.filter_by(mobile=mobile).first() except Exception as e: current_app.logger.error(e) return jsonify(error=RET.DBERR,errmsg='查询失败') # if not user: # return jsonify(error=RET.DBERR,errmsg='用户输入错误') # # 使用模型类检查密码函数 # if not User.check_password(password): # return jsonify(error=RET.DBERR, errmsg='密码输入错误') # 为了防止恶意登录,不要提示用户和密码的具体错误 if user is None or not User.check_password(password): return jsonify(error=RET.DBERR, errmsg='用户或者密码输入错误') #保存用户登陆时间 user.last_login=datetime.now() # 提交数据库 user = User() try: db.session.add(user) db.session.commie() except Exception as e: current_app.logger.error(e) db.session.rollback() return jsonify(error=RET.DBERR, errmsg='提交数据失败') # 缓存用户信息 session['nike_name']= user.nick_name session['mobile']=mobile session['user_id'] = user.id return jsonify(error=RET.OK,errmsg='登录成功')
def register(): """ 1.接收参数:mobile,smscode,password 2.整体效验参数的完整性 3.手机号格式是否正确 4.从redis中通过手机号码取出真实的短信验证码 5.和用户输入的验证码比较 6.初始化User()添加数据 7.session保持用户登录状态 8.返回响应 :return: """ # 1 接收参数 dict_data = request.json mobile = dict_data.get("mobile") sms_code = dict_data.get("smscode") password = dict_data.get("password") # 2.整体效验参数的完整性 if not all([mobile, sms_code, password]): return jsonify(errno=RET.PARAMERR, errmsg="有参数为空") # 3.手机格式正确 if not re.match(r"1[35678][0-9]{9}$", mobile): return jsonify(errno=RET.DATAERR, errmsg="号码不符合") # 4.从redis中通过手机号码取出真实的短信验证码 try: real_sms_code = redis_store.get("SMS_" + mobile) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DATAERR, errmsg="获取本地验证码失败") if not real_sms_code: return jsonify(errno=RET.NODATA, errmsg="短信验证码过期") if sms_code != real_sms_code: return jsonify(errno=RET.DATAERR, errmsg="短信验证码不符合") # 删除短信验证码 try: redis_store.delete("SMS_" + mobile) except Exception as e: current_app.logger.error(e) # 5.初始化User()添加数据 user = User() user.nick_name = mobile # user.password_hash = password user.password = password # 暗密码 user.mobile = mobile try: db.session.add(user) db.session.commit() except Exception as e: db.session.rollback() current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg="数据库保持失败") # 7 session保持用户登录状态 session["user_id"] = user.id return jsonify(errno=RET.OK, errmsg="注册成功")
def register(): """用户注册""" # 1.获取参数(手机号,密码,短信验证码)并进行参数校验 # 2.获取redis中保存的短信验证码 # 3.对比短信验证码,如果一致 # 4.创建User对象并保存注册用户信息 # 5.将注册用户信息添加进数据库 # 6.返回应答,注册成功 # 1.获取参数(手机号,密码,短信验证码)并进行参数校验 req_dict = request.json if not req_dict: return jsonify(errno=RET.PARAMERR, errmsg="缺少参数") mobile = req_dict.get('mobile') sms_code = req_dict.get('sms_code') password = req_dict.get('password') if not all([mobile, sms_code, password]): return jsonify(errno=RET.PARAMERR, errmsg='参数不完整') if not re.match(r'^1[3578]\d{9}$', mobile): return jsonify(errno=RET.PARAMERR, errmsg='手机号格式不正确') # 2.获取redis中保存的短信验证码 try: real_sms_code = redis_store.get('smscode:%s' % mobile) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg='获取短信验证码失败') if not sms_code: return jsonify(errno=RET.NODATA, errmsg='短信验证码已过期') # 3.对比短信验证码,如果一致 if real_sms_code != sms_code: return jsonify(errno=RET.DATAERR, errmsg='短信验证码错误') # 4.创建User对象并保存注册用户信息 user = User() user.mobile = mobile user.nick_name = mobile user.password = password # 5.将注册用户信息添加进数据库 try: db.session.add(user) db.session.commit() except Exception as e: db.session.rollback() current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg='保存注册用户信息失败') # 6.返回应答,注册成功 return jsonify(errno=RET.OK, errmsg='注册成功')
def register(): """ 提交注册信息,后端获取mobile,sms_code,password, 进行数据校验:1数据完整性,2.手机号,3.短信验证码, 将数据保存到mysql数据库中,并保持登陆状态,返回响应 :return: """ # 1.获取参数 mobile = request.json.get("mobile") smscode = request.json.get("smscode") password = request.json.get("password") # 2.完整性验证 if not all ([mobile,smscode,password]): return jsonify(erron = RET.PARAMERR,errmsg="参数不完整") # 3.手机号校验 if not re.match(r"1[35678]\d{9}", mobile): return jsonify(erron=RET.PARAMERR, errmsg="手机号码错误") # 4.短信验证码校验,和存在数据库的相对比 # 取出数据库中的smscode: try: real_sms_code = redis_store.get("SMS_" + mobile) except Exception as e: current_app.logger.error(e) return jsonify(erron = RET.DBERR,errmsg="查询错误") if not real_sms_code: return jsonify(errno=RET.NODATA, errmsg="验证码过期") if real_sms_code != smscode: return jsonify(errno=RET.DATAERR, errmsg="验证码输入错误") # 5.保存用户注册信息到数据库 user = User() user.mobile = mobile user.nick_name = mobile # 哈希算法加密密码保存,在模型类中集成了哈希加密方法, # 使用property装饰器实现"对象.方法 = 值"的调用形式 user.password = password try: db.session.add(user) db.session.commit() except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg="数据库保存失败") # 6.保持用户登陆状态: session["user_id"] = user.id # 7.返回响应: return jsonify(errno=RET.OK, errmsg="注册成功")
def register(): ''' 1. 获取参数 2. 校验参数 3. 通过手机号码取出验证码 4. 判断验证码是否过期 5. 删除redis中的短信验证码 6. 判断验证码的正确性 7. 创建用户对象 8. 设置用户属性 9. 保存到数据库 10. 返回响应 :return: ''' dict_data = request.json mobile = dict_data.get('mobile') sms_code = dict_data.get('sms_code') password = dict_data.get('password') if not all([mobile, sms_code, password]): return jsonify(errno=RET.PARAMERR, errmsg="参数不全") try: redis_sms_code = redis_store.get('sms_code:%s' % mobile) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg="获取短信验证码异常") if not redis_sms_code: return jsonify(errno=RET.NODATA, errmsg="短信验证码已过期") try: redis_store.delete('sms_code:%s' % mobile) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg="删除短信验证码异常") if redis_sms_code != sms_code: return jsonify(errno=RET.DATAERR, errmsg="短信验证码错误") user = User() user.nick_name = mobile user.password = password user.mobile = mobile try: db.session.add(user) db.session.commit() except Exception as e: current_app.logger.error(e) db.session.rollback() return jsonify(errno=RET.DBERR, errmsg="用户注册失败") return jsonify(errno=RET.OK, errmsg="用户注册成功")
def register(): """用户注册,保存用户信息""" # 1. 获取参数和判断是否有值 data_dict = request.json mobile = data_dict.get("mobile") sms_code = data_dict.get("sms_code") password = data_dict.get("password") # agree = data_dict.get("agree") # 是否同意了注册条款 print([mobile, sms_code, password]) if not all([mobile, sms_code, password]): # 参数不全 return jsonify(errno=RET.PARAMERR, errmsg="参数不全") # 2. 从redis中获取指定手机号对应的短信验证码的 try: real_sms_code = redis_store.get("sms_code_" + mobile) if real_sms_code: real_sms_code = real_sms_code.decode() except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DATAERR, errmsg="获取短信验证码错误") if not real_sms_code: return jsonify(errno=RET.NODATA, errmsg="短信验证码过期了") # 3. 校验短信验证码 if real_sms_code != sms_code: return jsonify(errno=RET.PARAMERR, errmsg="短信验证码错误") # 4. 初始化 user 模型,并设置数据并添加到数据库 user = User() # 把用户提交过来的数据保存模型中 user.mobile = mobile user.nick_name = mobile user.password = password try: db.session.add(user) db.session.commit() except Exception as e: db.session.rollback() # 回滚事务 current_app.logger.error(e) # 数据保存错误 return jsonify(errno=RET.DATAERR, errmsg="数据保存错误") # 5. 保存当前用户的登陆状态,保存session中 session["mobile"] = mobile # session["nick_name"] = mobile #默认手机号是昵称 session["nick_name"] = user.nick_name #默认手机号是昵称 session["user_id"] = user.id # 6. 返回注册的结果 return jsonify(errno=RET.OK, errmsg="OK")
def register(): """ 1. 获取参数和判断是否有值 2. 从redis中获取指定手机号对应的短信验证码的 3. 校验验证码 4. 初始化 user 模型,并设置数据并添加到数据库 5. 保存当前用户的状态 6. 返回注册的结果 :return: """ json_data = request.json mobile = json_data.get('mobile') sms_code = json_data.get('smscode') password = json_data.get('password') if not all([mobile, sms_code, password]): return jsonify(errno=RET.PARAMERR, errmsg='参数不全') try: real_sms_code = redis_store.get('SMS_' + mobile) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg='获取本地验证码失败') if not real_sms_code: return jsonify(errno=RET.NODATA, errmsg='短息验证码过期') if sms_code != real_sms_code.decode(): return jsonify(errno=RET.DATAERR, errmsg='短信验证码错误') try: redis_store.delete('SMS_' + mobile) except Exception as e: current_app.logger.error(e) user = User() user.nick_name = mobile user.mobile = mobile user.password = password try: db.session.add(user) db.session.commit() except Exception as e: db.session.rollback() current_app.logger.error(e) return jsonify(errno=RET.DATAERR, errmsg='数据保存错误') session['user_id'] = user.id session['nick_name'] = user.nick_name session['mobile'] = user.mobile return jsonify(errno=RET.OK, errmsg='OK')
def index(): # 新闻分类设置 """ 从数据库中查出分类名 添加进data字典中 :return: """ news_cly = Category.query.all() news_cly_list = [cly_name.to_dict() for cly_name in news_cly] print(news_cly_list) # 排行榜设计 """ 从数据库中查出排行前六的列表 将列表对象转化为字典 发送给前端展示 :return: """ try: news_list = News.query.order_by(News.clicks.desc()).limit( constants.CLICK_RANK_MAX_NEWS) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg="数据库查询排行失败") news_hot = [news.to_basic_dict() for news in news_list] print("新闻排行:%s" % news_hot) # 设置首页右上角用户名显示 """ 使用session中的user_id来判断用户是否登录 :return: """ user_id = session.get("user_id") user = None if user_id: try: user = User().query.get(user_id) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg="数据库查询错误") # 将列表中的数据库对象转换为字典 user = user.to_dict() if user else None # 定义字典向前端模板发送 data = { "user_info": user, "news_hot": news_hot, "news_cly_list": news_cly_list } return render_template("news/index.html", data=data)
def reigster(): """ 注册 """ # 1,判断参数是否有值 mobile = request.json.get('mobile') smscode = request.json.get('smscode') password = request.json.get('password') if not all([mobile, smscode, password]): return jsonify(error=RET.PARAMERR, errmsg="参数不全") # 2, 从redis中获取指定手机号对应的短信验证码的 try: real_sms_code = redis_client.get('SMS_' + mobile) except Exception as e: current_app.logger.error(e) return jsonify(error=RET.DBERR, errmsg="获取本地验证码失败") if not real_sms_code: return jsonify(errno=RET.NODATA, errmsg="短信验证码过期") # 3, 校验验证码 if smscode != real_sms_code: return jsonify(errno=RET.DATAERR, errmsg="短信验证码错误") # 删除 try: redis_client.delete('SMS_' + mobile) except Exception as e: current_app.logger.error(e) user = User() user.mobile = mobile user.nick_name = mobile user.password = password try: db.session.add(user) db.session.commit() except Exception as e: db.session.rollback() current_app.logger.error(e) return jsonify(errno=RET.DATAERR, errmsg="数据保存错误") # 5. 保存用户登录状态 session.user_id = user.id session.nick_name= user.nick_name session.mobile = user.mobile # 6, 返回注册结果 return jsonify(errno=RET.OK, errmsg="OK")
def register(): """ 1.接受到的参数 2.整体校验 3.手机号格式验证 4.从redis中取出短信验证码 5.和用户输入的验证码对比 6.初始化User添加数据 7.session保持用户登录状态 8.返回响应 :return: """ dict_data = request.json mobile = dict_data.get("mobile") smscode = dict_data.get("smscode") password = dict_data.get("password") if not all([mobile, smscode, password]): return jsonify(errno=RET.PARAMERR, errmsg="参数不全") if not re.match(r"1[35678]\d{9}", mobile): return jsonify(errno=RET.PARAMERR, errmsg="手机号格式不正确") try: real_sms_code = redis_store.get("SMS_" + mobile) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg="数据库查询短信验证码错误") if not real_sms_code: return jsonify(errno=RET.NODATA, errmsg="duan信验证码过期") if smscode != real_sms_code: return jsonify(erron=RET.DATAERR, errmsg="短信验证码错误") # 核心逻辑 user = User() user.nick_name = mobile user.password = password user.mobile = mobile try: db.session.add(user) db.session.commit() except Exception as e: db.session.rollback() current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg="数据库保存失败") # 设置用户登录状态 session["user_id"] = user.id return jsonify(errno=RET.OK, errmsg="注册成功")
def register(): # 获取参数 dict_data = request.json mobile = dict_data.get("mobile") sms_code = dict_data.get("sms_code") password = dict_data.get("password") # 校验参数是否为空 if not all([mobile, sms_code, password]): return jsonify(errno=RET.PARAMERR, errmsg="参数不全") # 手机号格式校验 if not re.match("1[35789]\d{9}", mobile): return jsonify(errno=RET.DATAERR, errmsg="手机号格式错误") # 根据手机号,去redis中去除短信验证码 try: redis_sms_code = redis_store.get("sms_code:%s" % mobile) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg="获取短信验证码异常") # 判断短信验证码时候否过期 if not redis_sms_code: return jsonify(errno=RET.NODATA, errmsg="短信验证码已过期") # 删除redis的短信验证码 try: redis_store.delete("sms_code:%s" % mobile) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg="删除短信验证码异常") # 判断传入的短信验证码和redis中取出的是否一致 if redis_sms_code != sms_code: return jsonify(errno=RET.DATAERR, errmsg="验证码填写有误") # 创建用户对象,设置属性 user = User() user.nick_name = mobile user.mobile = mobile # user.password_hash = password user.password = password # 保存用户到数据库mysql try: db.session.add(user) db.session.commit() except Exception as e: current_app.logger.error(e) db.session.rollback() return jsonify(errno=RET.DBERR, errmsg="注册失败") # 返回响应 return jsonify(errno=RET.OK, errmsg="注册成功")
def register(): mobile = request.json.get('mobile') sms_code = request.json.get('sms_code') password = request.json.get('password') if not all([mobile, sms_code, password]): return jsonify(errno=RET.PARAMERR, errmsg='参数缺失') if not re.match(r'1[3456789]\d{9}$', mobile): return jsonify(errno=RET.PARAMERR, errmsg='手机号格式错误') try: real_sms_code = redis_store.get('SMSCode_' + mobile) except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg='查询数据库失败') if not real_sms_code: return jsonify(errno=RET.NODATA, errmsg='短信验证码已过期') if real_sms_code != str(sms_code): return jsonify(errno=RET.DATAERR, errmsg='短信验证码错误') try: redis_store.delete('SMSCode_' + mobile) except Exception as e: current_app.logger.error(e) try: user = User.query.filter_by(mobile=mobile).first() except Exception as e: current_app.logger.error(e) return jsonify(errno=RET.DBERR, errmsg='查询用户信息失败') else: if user: return jsonify(errno=RET.DATAERR, errmsg='手机号以注册') user = User() user.mobile = mobile user.nick_name = mobile # 调用了模型类中的密码加密方法,generate_password_hash方法,werkzeug提供的 user.password = password # 提交用户数据到mysql 数据库 try: db.session.add(user) db.session.commit() except Exception as e: current_app.logger.error(e) db.session.rollback() return jsonify(errno=RET.DATAERR, errmsg='保存用户信息失败') session['user_id'] = user.id session['mobile'] = mobile session['nick_name'] = mobile return jsonify(errno=RET.OK, errmsg='注册成功')
def home(request): # initialize context context = {} context.update(csrf(request)) items = Item.objects.order_by('id').reverse() shown_items = [] context['items'] = items if not 'lastDay' in globals(): global lastDay lastDay = date.today() #lastTime = time.time() # cleanup loop that should run once every three days today = date.today() if (today - lastDay).days >= 0: #if (time.time()-lastTime) > : lastDay = today #lastTime = time.time() cleanCounts() #remove items older than 90 days for i in items: if (today-i.sub_date).days >= 90: # remove item user = User.objects.filter(items__id__exact=i.id)[0] user.items.remove(i) user.save() if i.picture.name: default_storage.delete(i.picture.name) i.delete() # should we requery? items = Item.objects.order_by('id').reverse() if 'options' in request.session: context['options'] = request.session['options'] #print "options: " + str(request.session['options']) request.session['options'] = 0 else: context['options'] = 0 form = SubmitForm(request.POST, request.FILES) context['form'] = form if 'auth' not in request.session or request.session['auth'] is False: context['must_log_in'] = True # My Items tab if 'auth' in request.session and request.session['auth'] is True: # get netid, look up in database, return items myitems = Item.objects.filter(student__email__exact=request.session['netid'] + '@princeton.edu') context['myitems'] = myitems if request.method == 'POST': # Login request if request.POST.get('login_request'): return login(request) # Users can't claim items without logging in if 'auth' not in request.session: return login(request) # Resolve items if request.POST.get('resolved'): getid = request.POST.get('resolved') itemlist = Item.objects.filter(id = getid) if itemlist: # remove item user = User.objects.filter(email=request.session['netid']+'@princeton.edu')[0] user.items.remove(itemlist[0]) user.save() if itemlist[0].picture.name: default_storage.delete(itemlist[0].picture.name) itemlist[0].delete() # requery myitems and items #myitems = Item.objects.filter(student__email__exact=request.session['netid'] + '@princeton.edu') #context['myitems'] = myitems #items = Item.objects.order_by('id').reverse() #context['items'] = items return HttpResponseRedirect('../thanks') # main functionality of submit page if request.POST.get('submit_request'): em = request.session['netid']+'@princeton.edu' ulist = User.objects.filter(email=em) if not ulist: u = User(email=em) u.claim_count = 0 u.submit_count = 0 u.save() else: u = ulist[0] valid_date = True if request.POST.get('event_date') != '': submitted = str(request.POST.get('event_date')) realtime = str(datetime.datetime.now()) subfields = submitted.split('-') realfields = realtime.split(' ')[0].split('-') for i in range(len(subfields)): if int(subfields[i]) > int(realfields[i]): valid_date = False # if this user's been submitting too much, redirect back to home with the "sorry" modal popup if u.submit_count >= 5: context['options'] = 5 return HttpResponseRedirect('../thanks') # if the form's valid... elif form.is_valid() and valid_date: cd = form.cleaned_data now = datetime.datetime.now() x = False if (cd['status'] == 'Lost'): x = True i = Item(status=x, category=cd['category'], desc=cd['desc'], student=u, sub_date = now, location=cd['location'], picture=cd['picture'], event_date = cd['event_date'], name = cd['name'], claimed=False) i.save() u.items.add(i) if cd['picture'] is not None: path = os.path.join(settings.MEDIA_ROOT, i.picture.url) tn = Image.open(path) tn.thumbnail((230, 230), Image.ANTIALIAS) tn.save(path) request.session['options'] = 1 #return render_to_response('submit_thanks.html', context) return HttpResponseRedirect('../thanks') # reload home page and submit modal with error messages else: errors = {} context['errors'] = errors cd = form.cleaned_data if not 'event_date' in cd or valid_date is False: errors['event_date'] = "Invalid date" if not request.POST.get('status', ''): errors['status'] = "This field is required" if not request.POST.get('desc', ''): errors['desc'] = "This field is required" if not request.POST.get('name', ''): errors['name'] = "This field is required" return render_to_response('home.html', context)#, context_instance=RequestContext(request)) # Claiming an item else: status = request.POST.get('status') em = request.session['netid']+'@princeton.edu' if User.objects.filter(email=em): u = User.objects.get(email=em) else: # if user not in database u = User(email=em) u.claim_count = 0 u.submit_count = 0 u.save() queryuser = request.session['netid'] + '@princeton.edu' iden = request.POST.get('identity') u.claim_count += 1 u.save() queryitem = Item.objects.get(id=iden) #queryitem.claimed = True #queryitem.save() if (u.claim_count > 3): request.session['options'] = 4 elif status == True: # means it's a lost item message = 'Your lost item (%s) was recently found on the Princeton Lost and Found app by %s. ' % (queryitem.name, u) message += 'Please get in touch with him/her to work out the logistics of returning your item.' recipients = [ queryitem.student.email ] send_mail('Your Lost Item was Found!', message, '*****@*****.**', recipients) request.session['options'] = 2 else: message = 'The item you found (%s) was recently claimed on the Princeton Lost and Found app by %s. ' % (queryitem.name, u) message += 'Please get in touch with him/her to work out the logistics of returning the item.' recipients = [ str(queryitem.student.email) ] send_mail('An Item You Found was Claimed', message, '*****@*****.**', recipients) message = 'The item you claimed (%s) was posted by user %s. ' % (queryitem.name, queryitem.student.email) message += 'Please get in touch with him/her to work out the logistics of returning the item.' recipients = [ em ] send_mail('You Claimed an Item', message, '*****@*****.**', recipients) request.session['options'] = 3 return HttpResponseRedirect('../thanks') return render_to_response('home.html', context)