예제 #1
0
def api_create_game(request,*,process,stagename,story,chose,refstoryid,author):
    check_admin(request)
    #若无 stagename 则不创建stage
    tagid=next_id()
    if not story or not story.strip():
        raise APIValueError("story",'story cannot be empty.')
    if not process or not process.strip():
        raise APIValueError('process','process cannot be empty.')
    if not chose or not chose.strip():
        raise APIValueError('chose','chose cannot be empty.')
    if not refstoryid or not refstoryid.strip():
        raise APIValueError('refstoryid','refstoryid cannot be empty.')
    
    story = Story(tagid = tagid,process=process.strip(),story=story.strip(),author=author.strip())
    storyid =yield from Story.findbycolumnname("tagid",'00151272809336730536a55a20d4b01b4853c53a08639f2000')
    # print(storyid.id)
    yield from story.save()
    l_chose = chose.split("#")
    l_refstoryid = refstoryid.split("#")
    for c in l_chose:
        i=0
        tagid = next_id()
        choose = Chose(tagid=tagid,storyid=storyid.id,choose = c)
        yield from choose.save()
        chooseid= yield from Chose.findbycolumnname("tagid",tagid)
        refstory = refStory(tagid = next_id(),chooseid=chooseid.id,refstoryid=l_refstoryid[i])
        i=i+1
        yield from refstory.save()
    return story
예제 #2
0
def blog_id(id):
    if request.method == 'POST':
        comment_content = request.form['comment_content']
        comment_name = request.form['comment_name']
        comment = Comment(id=next_id(),
                          blog_id=id,
                          user_id='guest',
                          user_name=comment_name,
                          user_image='',
                          content=comment_content,
                          created_at=time.time())
        comment.save()
        image = common.create_avatar_by_name(comment_name)
        user = User(id=next_id(),
                    email='',
                    passwd='',
                    admin=0,
                    name=comment_name,
                    image=image,
                    created_at=time.time())
        mylog.info(image)
        # TODO 先使用name来进行判定是否唯一,后期希望能够使用email来判断是否唯一
        _user = User.find_all('name= ?', [comment_name])
        if len(_user) == 0:
            user.save()
        flash('comment and new user had been saved successfully!')

    blog = Blog.find(id)
    md_text = highlight.parse2markdown(blog.content)
    blog.html_content = md_text
    comments = Comment.find_all('blog_id= ?', [id])
    return render_template('blogdetail.html', blog=blog, comments=comments)
예제 #3
0
async def send_message(loop):
    producer = AIOKafkaProducer(
        loop=loop,
        bootstrap_servers=configs.kafka.bootstrap_servers,
        acks='all',
        value_serializer=serializer)
    md5 = list()
    await producer.start()
    try:
        for i in range(10000):
            uid = next_id()
            sha1_passwd = '%s:%s' % (uid, 'test_123456%s' % i)
            passwd = hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest()
            user_name = 'test_name%s' % i
            email = '*****@*****.**' % i
            image = 'http://www.gravatar.com/avatar/%s?d=mm&s=120' % hashlib.md5(
                email.encode('utf-8')).hexdigest()
            admin = 0
            await producer.send("my-topic",
                                key=b'user',
                                value=make_user_message(
                                    uid, passwd, user_name, email, image,
                                    admin))
            md5.append(
                hashlib.md5((''.join(
                    [uid, passwd, user_name, email, image,
                     str(admin)])).encode('utf-8')).hexdigest())

            blog_id = next_id()
            title = 'Test blog %s' % i
            summary = 'This is summary.'
            content = 'This is content......'
            await producer.send("my-topic",
                                key=b'blog',
                                value=make_blog_message(
                                    blog_id, uid, user_name, image, title,
                                    summary, content))
            md5.append(
                hashlib.md5((''.join(
                    [blog_id, uid, user_name, image, title, summary,
                     content])).encode('utf-8')).hexdigest())

            comment_id = next_id()
            await producer.send("my-topic",
                                key=b'comment',
                                value=make_comment_message(
                                    comment_id, blog_id, uid, user_name, image,
                                    content))
            md5.append(
                hashlib.md5((''.join(
                    [comment_id, blog_id, uid, user_name, image,
                     content])).encode('utf-8')).hexdigest())
    except Exception:
        raise
    finally:
        await producer.stop()
    return md5
예제 #4
0
def api_contract_new(*, userid, contractid):
    'add contract'
    if not userid:
        raise APIValueError('userid')
    if not contractid:
        raise APIValueError('contractid')
    fromid = next_id()
    fcontract = Contract(id=fromid, userid=userid, contractid=contractid)
    fres = yield from fcontract.save()
    toid = next_id()
    tcontract = Contract(id=toid, userid=contractid, contractid=userid)
    tres = yield from tcontract.save()
    return {'fres': fres, 'tres': tres}
예제 #5
0
async def api_register_user(*, email, name, passwd):
    uid = next_id()
    sha1_passwd = '%s:%s' % (uid, passwd)

    # 创建一个用户(密码是通过sha1加密保存)
    user = User(id=uid,
                name=name.strip(),
                email=email,
                passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(),
                image='http://www.gravatar.com/avatar/%s?d=mm&s=120' %
                hashlib.md5(email.encode('utf-8')).hexdigest())

    # 保存这个用户到数据库用户表
    await user.save()
    logging.info('save user OK')
    # 构建返回信息
    r = web.Response()
    # 添加cookie
    r.set_cookie(COOKIE_NAME,
                 user2cookie(user, 86400),
                 max_age=86400,
                 httponly=True)
    # 只把要返回的实例的密码改成'******',库里的密码依然是正确的,以保证真实的密码不会因返回而暴漏
    user.passwd = '******'
    # 返回的是json数据,所以设置content-type为json的
    r.content_type = 'application/json'
    # 把对象转换成json格式返回
    r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')

    return r
예제 #6
0
async def api_register_user(*, email, name, passwd):
    if not name or not name.strip():
        raise APIValueError('name')
    if not email or not _RE_EMAIL.match(email):
        raise APIValueError('email')
    if not passwd or not _RE_SHA1.match(passwd):
        raise APIValueError('passwd')
    users = await User.findAll('email=?', [email])
    if len(users) > 0:
        raise APIError('register:failed', 'email', 'Email is already in use.')
    uid = next_id()
    sha1_passwd = '%s:%s' % (uid, passwd)
    user = User(id=uid,
                name=name.strip(),
                email=email,
                passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(),
                image='http://www.gravatar.com/avatar/%s?d=mm&s=120' %
                hashlib.md5(email.encode('utf-8')).hexdigest())
    await user.save()
    # make session cookie:
    r = web.Response()
    r.set_cookie(COOKIE_NAME,
                 user2cookie(user, 86400),
                 max_age=86400,
                 httponly=True)
    user.passwd = '******'
    r.content_type = 'application/json'
    r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
    return r
예제 #7
0
def api_register_users(*, email, name, passwd):
    logging.info('in api_register_users')
    if not name or not name.strip():
        raise APIValueError('name')
    if not email or not _RE_EMAIL.match(email):
        raise APIValueError('email')
    if not passwd or not _RE_SHA1.match(passwd):
        raise APIValueError('passwd')
    users = yield from User.findAll('email=?', [email])  #检查该email是否已经注册过
    #    logging.info('find users who have the email')
    if len(users) > 0:
        raise APIError('register:failed', 'email', 'Email is already in use.')
    uid = next_id()  # 该email没注册过,则生成id,加密密码并完成注册,存到mysql的users表中
    sha1_passwd = '%s:%s' % (uid, passwd)
    user = User(id=uid,
                name=name.strip(),
                email=email,
                passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(),
                image='http://www.gravatar.com/avatar/%s?d=mm&s=120' %
                hashlib.md5(email.encode('utf-8')).hexdigest())
    yield from user.save()

    # make session cookie:为该user生成cookie
    r = web.Response()
    r.set_cookie(COOKIE_NAME,
                 user2cookie(user, 86400),
                 max_age=86400,
                 httponly=True)
    user.passwd = '******'
    r.content_type = 'application/json'
    r.body = json.dumps(user, ensure_ascii=False).encode(
        'utf-8')  #将user对象转换成json格式的字符串 ,并存在response对象的body中返回
    return r
예제 #8
0
def api_register_user(*, email, name, passwd):
    #判断name是否为空:
    if not name or not name.strip():
        raise APIValueError('name')
    #判断email是否为空及是否满足email格式:
    if not email or not _RE_EMAIL.match(email):
        raise APIValueError('email')
    #判断password首付为空及是否满足password格式:
    if not passwd or not _RE_SHA1.match(passwd):
        raise APIValueError('passwd')
    #数据中查询对应的email信息:
    users = yield from User.findAll('email=?', [email])
    #判断查询结果是否存在,若存在则返回异常提示邮件已存在:
    if len(users) > 0:
        raise APIError('register:failed', 'email', 'Email is already in use.')
    #生成唯一ID:
    uid = next_id()
    #重构唯一ID和password成新的字符串:
    sha1_passwd = '%s:%s' % (uid, passwd)
    #构建用户对象信息:
    #hashlib.sha1().hexdigest():取得SHA1哈希摘要算法的摘要值。
    user = User(id=uid, name=name.strip(), email=email, passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(), image='http://www.gravatar.com/avatar/%s?d=mm&s=120' % hashlib.md5(email.encode('utf-8')).hexdigest())
    #将用户信息存储到数据库:
    yield from user.save()
    # make session cookie:
    #构造session cookie信息:
    r = web.Response()
    #aiohttp.web.StreamResponse().set_cookie():设置cookie的方法。
    r.set_cookie(COOKIE_NAME, user2cookie(user, 86400), max_age=86400, httponly=True)   #max_age:定义cookie的有效期(秒);
    user.passwd = '******'
    r.content_type = 'application/json'
    #以json格式序列化响应信息; ensure_ascii默认为True,非ASCII字符也进行转义。如果为False,这些字符将保持原样。
    r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
    return r
예제 #9
0
def api_register_user(*, email, name, passwd):
    if not name or not name.strip():
        raise APIValueError('name')
    if not email or not RE_EMAIL.match(email):
        raise APIValueError('email')
    if not passwd or not RE_SHA1.match(passwd):
        raise APIValueError('password')

    # 要求邮箱是唯一的
    users = yield from User.findAll('email=?', [email])
    if len(users) > 0:
        raise APIError('register:faild', 'email', 'Email is already in use')
    
    # 生成当前注册用户唯一的uid
    uid = next_id()
    sha1_passwd = '%s:%s' %(uid, passwd)
    
    # 创建一个用户并保存
    user = User(id=uid, name=name.strip(), email=email, passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(), 
        image='http://www.gravatar.com/avatar/%s?d=mm&s=120' % hashlib.md5(email.encode('utf-8')).hexdigest())
    yield from user.save()
    logging.info('save user: %s ok' % name)

    # 构建返回信息
    r = web.Response()
    # 添加cookie
    r.set_cookie(COOKIE_NAME, user2cookie(user, 86400), max_age=86400, httponly=True)
    user.passwd = '******'
    # 设置返回的数据格式是json
    r.content_type = 'application/json'
    r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
    return r
예제 #10
0
def api_register_user(*, email, name, passwd):
    if not name or not name.strip():
        raise APIValueError('name')
    if not email or not _RE_EMAIL.match(email):
        raise APIValueError('email')
    if not passwd or not _RE_SHA1.match(passwd):
        raise APIValueError('passwd')

    users = yield from User.findAll('email=?', [email])
    if len(users) > 0:
        raise APIValueError('refister failed.', 'email',
                            'email is ready in use')
    logging, info("register user: name:%s email:%s passwd:%s" %
                  (name, email, passwd))
    uid = next_id()
    sha1_passwd = '%s:%s' % (uid, passwd)
    img_str = 'http://www.gravatar.com/avatar/%s?d=mm&s=120'
    user = User(id=uid,
                name=name.strip(),
                email=email,
                passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(),
                image=img_str % hashlib.md5(email.encode('utf-8')).hexdigest())
    yield from user.save()
    r = web.Response()
    r.set_cookie(COOKIE_NAME,
                 user2cookie(user, 86400),
                 max_age=86400,
                 httponly=True)
    user.passwd = '********'
    r.content_type = 'application/json'
    r.body = json.dumps(user, ensure_ascii=failed).encode('utf-8')
    return r
예제 #11
0
async def register_user(*, email, name, passwrd):
    if not name or not name.strip():
        raise APIValueError('name')
    if not email or not _RE_EMAIL.match(email):
        raise APIValueError('email')
    if not passwrd:
        raise APIValueError('passwrd')
    users = await User.findAllOrMany('email=?', [email])
    if len(users) > 0:
        raise APIValueError('register:failed', 'email',
                            'email is already in case.')
    uid = next_id()
    sha1_passwrd = '%s:%s' % (uid, passwrd)
    user = User(id=uid,
                name=name.strip(),
                email=email,
                passwrd=hashlib.sha1(sha1_passwrd.encode('utf-8')).hexdigest(),
                image='about:blank')
    await user.save()
    logging.debug('保存用户...')
    #make session cookie:
    r = web.Response()
    r.set_cookie(COOKIE_NAME,
                 user2cookie(user, 86400),
                 max_age=86400,
                 httponly=True)
    user.passwrd = '********'
    r.content_type = 'application/json'
    r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
    return r
예제 #12
0
async def api_register_user(*, name, email, passwd):
    if not name or not name.strip():
        raise APIValueError('name')
    if not email or not _RE_EMAIL.match(email):
        raise APIValueError('email')
    if not passwd or not _RE_SHA1.match(passwd):
        raise APIValueError('passwd')
    users = await User.findAll('email=?', [email])
    # 判断邮箱是否已被注册
    if len(users) > 0:
        raise APIError('register: failed', 'email', 'Email is already in use.')
    # 计算密码SHA1散列值需要用到uid,故手动调用next_id
    uid = next_id()
    # 数据库保存uid+密码的SHA1散列值数据
    sha1_passwd = '%s:%s' % (uid, passwd)
    user = User(
        id=uid,
        name=name.strip(),
        email=email,
        passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(),
        # Gravatar是一个第三方头像服务商,能把头像和邮件地址相关联。用户可以到http://www.gravatar.com注册并上传头像。
        # 也可以通过直接在http://www.gravatar.com/avatar/地址后面加上邮箱的MD5散列值获取默认头像。
        image='http://www.gravatar.com/avatar/%s?d=mm&s=120' %
        hashlib.md5(email.encode('utf-8')).hexdigest())
    await user.save()
    # 制作cookie返回
    r = web.Response()
    r.set_cookie(COOKIE_NAME,
                 user2cookie(user, 86400),
                 max_age=86400,
                 httponly=True)
    user.passwd = '******'  # 在上下文环境中掩盖user对象的passwd字段,并不影响数据库中passwd字段
    r.content_type = 'application/json'
    r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
    return r
예제 #13
0
def api_register_user(*, email, name, password):
    if not name or not name.strip():
        raise APIValueError('name')
    if not email or not _RE_EMAIL.match(email):
        raise APIValueError('email')
    if not password or not _RE_SHA1.match(password):
        raise APIValueError('password')
    users = yield from User.findAll('email=?', [email])
    if len(users) > 0:
        raise APIError('register failed!', 'email', 'Email is already in use')
    uid = next_id()
    sha1_passwd = '%s:%s' % (uid, password)
    admin = False
    if email == '*****@*****.**':
        admin = True

    user = User(id=uid, name=name.strip(), password=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(),
                image='http://www.gravatar.com/avatar/%s?d=mm&s=120' % hashlib.md5(email.encode('utf-8')).hexdigest(),
                admin=admin)
    yield from user.save()
    logging.info('save user ok.')
    # 构建返回信息
    r = web.Response()
    r.set_cookie(_COOKIE_NAME, user2cookie(user, 86400), max_age=86400, httponly=True)
    # 把要返回的实例的密码改成‘******’,这样数据库中的密码是正确的,并保证真实的密码不会因返回而泄露
    user.password = '******'
    r.content_type = 'application/json;charset:utf-8'
    r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
    return r
예제 #14
0
def api_register_user(*, email, name, passwd):
    #检查注册信息合法性
    if not name or not name.strip():
        raise APIValueError('name')
    if not email or not _RE_EMAIL.match(email):
        raise APIValueError('email')
    if not passwd or not _RE_SHA1.match(passwd):
        raise APIValueError('passwd')
    #根据email查找用户是否已存在
    users = yield from User.findAll('email=?', [email])
    if len(users) > 0:
        raise APIError('register:failed', 'email', '该邮箱已被注册')
    #若注册信息合法,生成唯一id
    uid = next_id()
    #对密码进行加密后,将用户信息存入数据库
    sha1_passwd = '%s:%s' % (uid, passwd)
    user = User(id=uid, name=name.strip(), email=email, passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(), image='http://www.gravatar.com/avatar/%s?d=mm&s=120' % hashlib.md5(email.encode('utf-8')).hexdigest())
    yield from user.save()
    r = web.Response()
    #设置cookie
    r.set_cookie(COOKIE_NAME, user2cookie(user, 86400), max_age=86400, httponly=True)
    user.passed = '******'
    r.content_type = 'application/json'
    #返回json数据,ensure_ascii=False,即非ASCII字符将保持原样,不进行转义
    r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
    return r
예제 #15
0
def api_register_authenticate(*, username, password):
    if not username:
        raise APIValueError('username', 'Invalid username')
    if not password or not _RE_SHA1.match(password):
        raise APIValueError('password', 'Invalid password')
#     users = yield from User.findAll('username=?', username)
#     if len(users)> 0:
#         raise APIError('register:failed', 'email', 'Email is already in use.')

    users = yield from User.findAll('username=?', username)

    if len(users) > 0:
        raise APIError('register:failed', 'username',
                       'Username is already in use.')

    uid = next_id()
    sha1_passwd = '%s:%s' % (uid, password)

    user = User(id=uid,
                username=username.strip(),
                password=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest())
    yield from user.save()
    r = web.Response()
    r.set_cookie(COOKIE_NAME,
                 user2cookie(user, 86400),
                 max_age=86400,
                 httponly=True)

    user.password = '******'

    r.content_type = 'application/json'
    r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
    return r
예제 #16
0
def api_register_user(*, email, name, passwd):
    logging.info("register info:%s, %s, %s" % (name, email, passwd))
    if not name or not name.strip():
        raise APIValueError("name")
    if not email or not _RE_EMAIL.match(email):
        raise APIValueError("email")
    if not passwd or not _RE_SHA1.match(passwd):
        raise APIValueError("passwd")
    users = yield from User.findall("email=?", [email])
    if users and len(users) > 0:
        raise APIError("register:failed", "email", "Email already in use.")
    uid = next_id()
    sha1_passwd = "%s:%s" % (uid, passwd)
    user = User(id=uid,
                name=name.strip(),
                email=email,
                passwd=hashlib.sha1(sha1_passwd.encode("utf-8")).hexdigest(),
                image="http://www.gravatar.com/avatar/%s?d=mm&s=120" %
                hashlib.md5(email.encode("utf-8")).hexdigest())
    yield from user.save()
    r = web.Response()
    r.set_cookie(COOKIE_NAME,
                 user2cookie(user, 86400),
                 max_age=86400,
                 httponly=True)
    user.passwd = "******"
    r.content_type = "application/json"
    r.body = json.dumps(user, ensure_ascii=False).encode("utf-8")
    return r
예제 #17
0
def save_blog():
    id = next_id()
    user_id = 'admin'
    user_name = 'fantianwen'
    file = request.files['blog_image']
    file.filename = change_file_name(file.filename, id)
    user_image = file.filename
    name = request.form['blog_title']
    summary = request.form['blog_summary']
    content = request.form['blog_content']
    category = request.form['blog_category']
    created_at = time.time()
    year = common.get_year(created_at)
    month = common.get_month(created_at)
    day = common.get_day(created_at)
    if file and allowed_file(file.filename):
        filename = secure_filename(file.filename)
        file.save(os.path.join(app.config['UPLOAD_FOLDER'], filename))
    blog = Blog(id=id,
                user_id=user_id,
                user_name=user_name,
                user_image=user_image,
                name=name,
                summary=summary,
                content=content,
                category=category,
                created_at=created_at,
                year=year,
                month=month,
                day=day)
    blog.save()
    flash('保存成功')
    return render_template('/welcome.html')
예제 #18
0
def manage_update_user(request, *, id, upfile):
    check_admin(request)
    print("filename:%s" % upfile.filename)
    f = upfile.file
    save_name = next_id() + os.path.splitext(upfile.filename)[1]
    url = '/static/umeditor/images/' + save_name
    store_path = os.path.join(get_cur_dir(),
                              'static\\umeditor\\images\\' + save_name)
    print("cur dir:%s, store path:%s" % (get_cur_dir(), store_path))
    if f:
        image = open(store_path, "w+b")
        image.write(f.read())
        image.close()

    user = yield from User.find(id)
    if len(user) == 0:
        raise APIResourceNotFoundError("user was not found.")
    user.image = url
    yield from user.update()

    blogs = yield from Blog.findall("user_id=?", id)
    for blog in blogs:
        blog.user_image = user.image
        yield from blog.update()
    comments = yield from Comment.findall("user_id=?", id)
    for comment in comments:
        comment.user_image = user.image
        yield from comment.update()
    return None
예제 #19
0
async def api_register_user(*,name,email,passwd):
    if not name or not name.strip():#如果名字是空格或没有返错
        raise APIValueError('name')
    if not email or not _RE_EMAIL.match(email):
        raise APIValueError('email')
    if not passwd and not _RE_SHA1.match(passwd):
        raise APIValueError('password')
    users = await User.findAll(where='email=?', args=[email])# 查询邮箱是否已注册,查看ORM框架源码
    if len(users) > 0:
        raise APIError('register:failed','email','Email is already in use.')

    # 接下来就是注册到数据库上,具体看会ORM框架中的models源码
    # 这里用来注册数据库表id不是使用Use类中的默认id生成,而是调到外部来,原因是后面的密码存储摘要算法时,会把id使用上。
    uid = next_id()
    sha1_passwd = '%s:%s' % (uid, passwd)
    user = User(id=uid, name=name.strip(), email=email, passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(), image='http://www.gravatar.com/avatar/%s?d=mm&s=120' % hashlib.md5(email.encode('utf-8')).hexdigest())#
    await user.save()

    #制作cookie返回返回浏览器客户端
    r = web.Response()
    r.set_cookie(COOKIE_NAME, user2cookie(user, 86400), max_age=86400, httponly=True)
    user.passwd = '******'  # 掩盖passwd
    r.content_type = 'application/json'
    r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
    return r
예제 #20
0
async def api_register_user(*, email, name, passwd):
    """kw var : email, name, passwd"""
    if not email or not _reEmail.match(email):  #判断该邮箱是否符合自己的规范
        raise APIValueError('email')
    if not name or not name.strip():  # 移除字符串头尾的空格
        raise APIValueError(
            'name'
        )  #如果名字是空格或没有返错,这里感觉not name可以省去,因为在web框架中的RequsetHandler已经验证过一遍了
    if not passwd or not _reSha1.match(passwd):
        raise APIValueError('passwd')
    users = await User.findAll('email=?', [email]
                               )  # 对应 where, args 参数 #查询邮箱是否已注册,查看ORM框架源码
    if len(users) > 0:
        raise APIError('注册失败', email, '邮箱已经被使用')
    uid = next_id()  #随机生成一个主键
    sha1Passwd = '%s:%s' % (uid, passwd)  #进行密码加密 ,密码再加密
    user = User(id=uid,
                email=email,
                passwd=hashlib.sha1(sha1Passwd.encode('utf-8')).hexdigest(),
                name=name.strip(),
                image='about:blank')
    await user.save()  #进行注册
    # cookie的制作
    r = web.Response()  #设置cookie
    r.set_cookie(COOKIE_NAME,
                 user2cookie(user, 86400),
                 max_age=86400,
                 httponly=True)  # httponly指定JS不能获取COOKIE
    user.passwd = '******'  # 清理内存中的passwd
    r.content_type = 'application/json'
    r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')  # 转换成JSON格式
    return r
예제 #21
0
async def api_register_user(*, name, email, password, image):
	if not name or not name.strip():
		raise APIValueError('name')
	if not email or not _RE_EMAIL.match(email):
		raise APIValueError('email')
	if not password or not _RE_SHA1.match(password):
		raise APIValueError('password')
	users = await User.findAll('email=?', [email])
	# 判断邮箱是否已被注册
	if len(users)>0:
		raise APIError('register: failed', 'email', 'Email is already in use.')
	uid=next_id()
	user = User(
		id=uid,
		name=name.strip(), 
		email=email, 
		password=password,
		# Gravatar是一个第三方头像服务商,能把头像和邮件地址相关联。用户可以到http://www.gravatar.com注册并上传头像。
		# 也可以通过直接在http://www.gravatar.com/avatar/地址后面加上邮箱的MD5散列值获取默认头像。
		image=image
	)
	#保存注册用户
	await user.save()
	# 制作cookie返回
	r = web.Response()
	r.set_cookie(COOKIE_NAME, user2cookie(user, 86400), max_age=86400, httponly=True)
	user.password = '******' # 在上下文环境中掩盖user对象的password字段,并不影响数据库中password字段
	r.content_type = 'application/json'
	r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
	return r
예제 #22
0
def api_register_user(*, email, name, passwd):

    if not name or not name.strip():
        raise APIValueError('name')
    if not email or not _RE_EMAIL.match(email):
        raise APIValueError('email')
    if not passwd or not _RE_SHA1.match(passwd):
        raise APIValueError('passwd')

    uid = next_id()

    sha1_passwd = '%s:%s' % (uid, passwd)
    user = User(id=uid,
                name=name.strip(),
                email=email,
                passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(),
                image='http://www.gravatar.com/avatar/%s?d=mm&s=120' %
                hashlib.md5(email.encode('utf-8')).hexdigest())

    # 保存注册的用户信息
    yield from user.save()

    # 组织session cookie
    r = web.Response()
    r.set_cookie(COOKIE_NAME,
                 user2cookie(user, 86400),
                 max_age=86400,
                 httponly=True)
    user.passwd = '******'
    r.content_type = 'application/json;charset=utf-8'
    r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
    return r
예제 #23
0
async def api_register_user(*, email, name, passwd):
    if not name or not name.strip():
        raise APIValueError('name')
    if not email or not _RE_EMAIL.match(email):
        raise APIValueError('email')
    if not passwd or not _RE_SHA1.match(passwd):
        raise APIValueError('passwd')
    users = await User.findAll('email=?', [email])
    if len(users) > 0:
        raise APIError('register:failed', 'email', 'Email is already in user.')
    uid = next_id()
    sha1_passwd = '%s:%s' % (uid, passwd)
    user = User(
        id=uid,
        name=name.strip(),
        email=email,
        passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(),
        image=
        'https://avatars3.githubusercontent.com/u/8428950?s=460&u=6b4aabf88ef78f759f12672b5cd57e06a2234389&v=4'
    )
    await user.save()
    r = web.Response()
    r.set_cookie(COOKIE_NAME,
                 user2cookie(user, 86400),
                 max_age=86400,
                 httponly=True)
    user.passwd = '******'
    r.content_type = 'application/json'
    r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
    return r
예제 #24
0
파일: handlers.py 프로젝트: lyf1134/hustapp 
async def api_create_comment(request, *, user, content):  #新建系统消息
    check_admin(request)
    if not user or not user.strip():
        raise APIValueError('user', 'user cannot be empty.')
    if not content or not content.strip():
        raise APIValueError('content', 'content cannot be empty.')
    uid = next_id()
    if user == '*':
        users = await User.findAll(orderBy='created_at desc')
        for item in users:
            item.message += '#%s' % uid
            await item.update()
    else:
        users = await User.findAll('name=?', [user])
        if len(users) == 0:
            raise APIValueError('user', 'user do not exit.')
        users[0].message += '#%s' % uid
        await users[0].update()
    comment = Comment(id=uid,
                      xinxi_id='0',
                      ku=user,
                      user_id='0',
                      user_name='admin',
                      user_image=' ',
                      content=content.strip())
    await comment.save()
    return comment
예제 #25
0
파일: handlers.py 프로젝트: lyf1134/hustapp 
async def api_register_user(*, school_num, name, passwd):
    if not name or not name.strip():
        raise APIValueError('name')
    if not school_num or not _RE_NUM.match(school_num):
        raise APIValueError('school_num')
    if not passwd or not _RE_SHA1.match(passwd):
        raise APIValueError('passwd')
    users = await User.findAll('school_num=?', [school_num])
    if len(users) > 0:
        raise APIError(4, 'register:failed', 'school_num',
                       'School_num is already in use.')
    uid = next_id()
    sha1_passwd = '%s:%s' % (uid, passwd)
    user = User(id=uid,
                name=name.strip(),
                school_num=school_num,
                passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(),
                image='http://www.gravatar.com/avatar/%s?d=mm&s=120' %
                hashlib.md5(school_num.encode('utf-8')).hexdigest())
    await user.save()
    # make session cookie:
    r = web.Response()
    r.set_cookie(COOKIE_NAME,
                 usertocookie(user, 86400),
                 max_age=86400,
                 httponly=True)  #存cookie
    user.passwd = '******'
    r.content_type = 'application/json'
    r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
    #print(r.body)
    return r
예제 #26
0
파일: handlers.py 프로젝트: daihaovigg/web 
def mymanage_create_blog():
    return {
        '__template__': 'mymanage_blog_edit.html',
        'id': '',
        'new_id': next_id(),
        'action': '/myapi/blogs'
    }
예제 #27
0
def api_register_user(*, email, name, password):
    if not name or not name.strip():
        raise APIValueError('name')
    if not email or not _RE_EMAIL.match(email):
        raise APIValueError('email')
    if not password or not _RE_SHA256.match(password):
        raise APIValueError('password')

    users = yield from User.find_all('email=?', [email])
    if len(users) > 0:
        raise APIError('Register failed', 'email', 'Email is already in use.')

    uid = next_id()
    sha1_password = '******'.format(uid, password)
    logger.info('register password:{}, sha1_password:{}'.format(
        password, sha1_password))
    user = User(
        id=uid,
        name=name.strip(),
        email=email,
        password=hashlib.sha1(sha1_password.encode('utf-8')).hexdigest(),
        image='http://www.gravatar.com/avatar/{}?d=identicon&s=120'.format(
            hashlib.md5(name.encode('utf-8')).hexdigest()))
    yield from user.save()

    r = web.Response()
    r.set_cookie(COOKIE_NAME,
                 user2cookie(user, 86400),
                 max_age=86400,
                 httponly=True)
    user.password = '******' * 8
    r.content_type = 'application/json'
    r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
    return r
예제 #28
0
파일: handlers.py 프로젝트: daihaovigg/web 
def api_register_user(*, email, name, passwd,img_uuid):
    if not name or not name.strip():
        raise APIValueError('name')
    if not email or not _RE_EMAIL.match(email):
        raise APIValueError('email')
    if not passwd or not _RE_SHA1.match(passwd):
        raise APIValueError('passwd')
    users = yield from User.findAll('email=?', [email])
    if len(users) > 0:
        raise APIValueError('email', 'Email is already in use.')
    users = yield from User.findAll('name=?', [name])
    if len(users) > 0:
        raise APIValueError('name', 'name is already in use.')
    uid = next_id()
    sha1_passwd = '%s:%s' % (uid, passwd)
    img_path="/static/HeadImg/"
    img_path=img_path+img_uuid
    img_path=img_path+".jpg"

    path=os.path.abspath('.')
    path=os.path.join(path,"static")
    path=os.path.join(path,"HeadImg")
    path=os.path.join(path,"%s.jpg" % img_uuid)
    if not os.path.exists(path):
        img_path="/static/img/default.jpg"
    user = User(id=uid, name=name.strip(), email=email, passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(), image=img_path)
    yield from user.save()
    # make session cookie:
    r = web.Response()
    r.set_cookie(COOKIE_NAME, user2cookie(user, 86400), max_age=86400, httponly=True)
    user.passwd = '******'
    r.content_type = 'application/json'
    r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
    return r
예제 #29
0
async def api_register_user(*, email, name, passwd):
    # 对客户端传递过来的参数进行校验
    # strip()函数用于出去字符串两端的空格
    if not name or not name.strip():
        raise APIValueError('name')
    if not email or not _RE_EMAIL.match(email):
        raise APIValueError('email')
    if not passwd or not _RE_SHA1.match(passwd):
        raise APIValueError('passwd')

    # 该邮箱是否已注册
    users = await User.findAll('email=?', [email])  # 根据email条件查找该邮箱是否已经注册
    if len(users) > 0:
        raise APIError('register:failed', 'email', 'Email is already in use.')

    uid = next_id()
    # 数据库中存储的passwd是经过SHA1计算后的40位Hash字符串,所以服务器端并不知道用户的原始口令。
    sha1_passwd = '%s:%s' % (uid, passwd)  # 利用uid和用户提交的密码混合,作为sha1_passwd
    user = User(id=uid, name=name.strip(), email=email, passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(),
                image='http://www.gravatar.com/avatar/%s?d=mm&s=120' % hashlib.md5(email.encode('utf-8')).hexdigest())
    # 将用户保存到数据库中
    await user.save()

    # make session cookie:
    r = web.Response()
    # 86400秒为24小时
    # 设置cookie
    r.set_cookie(COOKIE_NAME, user2cookie(user, 86400), max_age=86400, httponly=True)
    user.passwd = '********'
    r.content_type = 'application/json'
    r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
    return r
예제 #30
0
def api_register_user(*, email, name, passwd):
    if not name or not name.strip():
        raise APIValueError('name')
    if not email or not _RE_EMAIL.match * email:
        raise APIValueError('email')
    if not passwd or not _RE_SHA1.match(passwd):
        raise APIValueError('passwd')
    users = yield from User.findAll('email=?', [email])
    if len(users) > 0:
        raise APIValueError('register: failed', 'email',
                            'Email is already in user.')
    uid = next_id()
    sha1_passwd = '%s: %s' % (uid, passwd)
    user = User(id=uid,
                name=name.strip(),
                email=email,
                passwd=hashlib.sha1(sha1_passwd))
    yield from user.save()
    # make session cookie:
    r = web.Response()
    r.set_cookie(COOKIE_NAME,
                 user2cookie(user, 86400),
                 max_age=86400,
                 httponly=True)
    user.passwd = '******'
    r.content_type = 'application/json'
    r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
    return r
예제 #31
0
async def API_UserRegister(*, email, name, passwd):
    if not name or not name.strip():
        raise APIValueError('name')
    if not email or not _RE_EMAIL.match(email):
        raise APIValueError('email')
    if not passwd or not _RE_SHA1.match(passwd):
        raise APIValueError('passwd')

    users = await User.findAll('email = ?', [email])
    if len(users) > 0:
        raise APIError('register:failed', 'email', 'Email is already in use.')
    uid = next_id()

    sha1_passwd = '%s:%s' % (uid, passwd)

    user = User(
        id      = uid,
        name    = name.strip(),
        email   = email,
        passwd  = hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(),
        image   = r'E:\Study\Git\Python\myPython3WebApp\www\static\img\user.png'
    )
    await user.save()

    #make session cookie:
    r = web.Response()
    r.set_cookie(COOKIE_NAME, user2cookie(user, 86400), max_age=86400, httponly=True)
    user.passwd = '******'
    r.content_type = 'application/json'
    r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
    return r
예제 #32
0
파일: handlers.py 프로젝트: Singhoy/aioweb 
async def api_register_user(*, email, name, pwd):
    if not name or not name.strip():
        raise APIValueError("name")
    if not email or not _RE_EMAIL.match(email):
        raise APIValueError("email")
    if not pwd or not _RE_SHA1.match(pwd):
        raise APIValueError("password")
    users = await User.find_all("email=?", [email])
    if len(users) > 0:
        raise APIError("register: failed", "email", "Email is already in use.")
    uid = next_id()
    sha1_pwd = f"{uid}:{pwd}"
    user = User(
        id=uid,
        name=name.strip(),
        email=email,
        pwd=hashlib.sha1(sha1_pwd.encode("utf-8")).hexdigest(),
        image=
        f"http://www.gravatar.com/avatar/{hashlib.md5(email.encode('utf-8')).hexdigest()}?d=mm&s=120"
    )
    await user.save()
    # 生成session
    r = web.Response()
    r.set_cookie(COOKIE_NAME,
                 user2cookie(user, _COOKIE_TIMEOUT),
                 max_age=_SESSION_TIMEOUT,
                 httponly="True")
    user.pwd = "123123"
    r.content_type = "application/json"
    r.body = json.dumps(user, ensure_ascii=False).encode("utf-8")
    return r
예제 #33
0
def api_register_user(*, email, name, password):
    if not name or not name.strip():
        raise APIValueError("name")
    if not email or not _RE_EMAIL.match(email):
        raise APIValueError("email")
    if not password or not _RE_SHA1.match(password):
        raise APIValueError("password")
    users = yield from User.findAll("email=?", [email])
    if len(users) > 0:
        raise APIError("register:failed", "email", "Email is already in use.")
    uid = next_id()
    sha1_password = "******" % (uid, password)
    user = User(
        id=uid,
        name=name.strip(),
        email=email,
        password=hashlib.sha1(sha1_password.encode("utf-8")).hexdigest(),
        image="/static/img/user.png",
    )
    yield from user.save()
    r = web.Response()
    r.set_cookie(COOKIE_NAME, user2cookie(user, 86400), max_age=86400, httponly=True)
    user.password = "******"
    r.content_type = "application/json"
    r.body = json.dumps(user, ensure_ascii=False).encode("utf-8")
    return r
예제 #34
0
async def api_register_user(*, email, name, passwd):
    """ 用户注册api """
    if not name or not name.strip():
        raise APIValueError('name')
    if not email or not Glo._RE_EMAIL.match(email):
        raise APIValueError('email')
    if not passwd or not Glo._RE_SHA1.match(passwd):
        raise APIValueError('passwd')
    users = await User.findAll('email=?', [email])
    if len(users) > 0:
        raise APIError('register:failed', 'email', 'Email is alrealy used.')
    uid = next_id()
    sha1_passwd = '{}:{}'.format(uid, passwd)
    user = User(
        id=uid,
        name=name.strip(),
        email=email,
        passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(),
        image=Glo.get_avatar(hashlib.md5(email.encode('utf-8')).hexdigest())
    )
    await user.save()
    # make session cookie
    r = web.Response()
    r.set_cookie(
        Glo._COOKIE_NAME,
        Glo.user2cookie(user, 86400),
        max_age=86400,
        httponly=True
    )
    user.passwd = '****'
    r.content_type = 'application/json'
    r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
    return r
예제 #35
0
async def api_register_user(*, email, name, passwd):
	if not name or not name.strip():
		raise APIValueError('name')
	if not email or not _RE_EMAIL.match(email):
		raise APIValueError('passwd')
	if not passwd or not _RE_SHA1.match(passwd):
		raise APIValueError('passwd')
	users = await User.findAll('email = ?', [email])
	if len(users) > 0:
		raise APIError('register:failed', 'email', 'Email is already in use.')
		uid = next_id()
		sha1_passwd = '%s:%s' % (uid, passwd)
		user = User(id = uid, name = name.strip(), email = email, passwd = hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(), image = 'http://www.gravatar.com/avatar/%s?d=mm&s=120' % hashlib.md5(email.encode('utf-8')).hexdigest())
		await user.save()
		#制作会话cookie:
		r = web.Response()
		r.set_cookie(COOKIE_NAME, user2cookie(user, 86400), max_age = 86400, httponly = True)
		user.passwd = '******'
		r.content_type = 'application/json'
		r.body = json.dumps(user, ensure_ascii = False).encode('utf-8')
		return r


# @get('/api/users')
# async def api_get_users(*, page = '1'):
# 	# page_index = get_page_index(page)
# 	# num = await User.findNumber('c**t(id)')
# 	# p = Page(num, page_index)
# 	# if num == 0:
# 	# 	return dict(page = p, users = ())
# 	users = await User.findAll(orderBy = 'created_at desc')
# 	for u in users:
# 		u.passwd = '******'
# 	return dict( users = users)
예제 #36
0
async def api_register_user(*, email, name, passwd):
    if not name or not name.strip():
        raise APIValueError('name')
    if not email or not _RE_EMAIL.match(email):
        raise APIValueError('email')
    if not passwd or not _RE_SHA1.match(passwd):
        raise APIValueError('password')

    users = await User.findAll('email=?', [email])
    if len(users) > 0:
        raise APIError('register failed', 'email', 'Email is already in use')

    uid = next_id()
    sha1_passwd = '%s:%s' % (uid, passwd)
    passwd = hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest()
    image = 'http://www.gravatar.com/avatar/%s?d=mm&s=120' % hashlib.md5(
        email.encode('utf-8')).hexdigest()
    user = User(uid=uid,
                name=name.strip(),
                email=email,
                passwd=passwd,
                image=image)
    await user.save()
    # make session in cookie
    r = web.Response()
    r.set_cookie(COOKIE_NAME,
                 user2cookie(user, 86400),
                 max_age=86400,
                 httponly=True)
    user.passwd = '********'
    r.content_type = 'application/json'
    r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
    return r
예제 #37
0
async def apiCreateUser(*, name, email, passwd):
    '''用户注册'''
    # 输入验证
    if name is None or not name.strip():
        raise APIValueError('name', 'invalid name')
    if email is None or not _reEmail.match(email):
        raise APIValueError('email', 'invalid email')
    if passwd is None or not _reSha1.match(passwd):
        raise APIValueError('passwd', 'invalid password')
    users = await User.findAll('email=?', [email])
    if len(users) > 0:
        raise APIError('register failed', 'email', 'Email is already in use')
    # password 加密
    uid = next_id()
    sha1Passwd = '%s:%s' % (uid, passwd)
    u = User(id=uid,
             email=email,
             passwd=hashlib.sha1(sha1Passwd.encode('utf-8')).hexdigest(),
             name=name,
             image='http://www.gravatar.com/avatar/%s?s=120' %
             hashlib.md5(email.encode('utf-8')).hexdigest())
    await u.save()
    # session
    resp = web.Response()
    resp.set_cookie(COOKIE_NAME,
                    user2cookie(u, 86400),
                    max_age=86400,
                    httponly=True)
    u.passwd = '******'
    resp.content_type = 'application/json'
    resp.body = json.dumps(u, ensure_ascii=False).encode('utf-8')
    return resp
예제 #38
0
async def api_register_user(*, email, name, passwd):
    if not name or not name.strip():
        raise APIValueError('name')
    if not email or not _RE_EMAIL.match(email):
        raise APIValueError('email')
    if not passwd or not _RE_SHA1.match(passwd):
        raise APIValueError('passwd')
    d = dict()
    d['email'] = email
    users = await User.findAll(**d)
    if len(users) > 0:
        raise APIError('register:failed', 'email', 'Email is already in use.')
    uid = next_id()
    sha1_passwd = '%s:%s' % (uid, passwd)
    user = User(id=uid,
                name=name.strip(),
                email=email,
                passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(),
                image='about:blank')
    await user.save()
    # make session cookie:
    r = web.Response()
    r.set_cookie(COOKIE_NAME,
                 user2cookie(user, 86400),
                 max_age=86400,
                 httponly=True)
    r.content_type = 'text/plain;charset=utf-8'
    r.body = 'register:success'.encode('utf-8')
    return r
예제 #39
0
async def api_register_user(*, email, name, passwd):
	'''
	Store user register info
	'''
	if not name or not name.strip():
		raise APIValueError('name')
	if not email or not _RE_EMAIL.match(email):
		raise APIValueError('email')
	if not passwd or not _RE_SHA1.match(passwd):
		raise APIValueError('passwd')
	users = await User.findAll('email=?', [email])
	if len(users) > 0:
		raise APIError('register:failed', 'email', 'Email is already in use.')
	users = await User.findAll('name=?', [name])
	if len(users) > 0:
		raise APIError('register:failed', 'name', 'Username is already in use.')
	uid = next_id()
	sha1_passwd = '%s:%s' % (uid, passwd)
	# hashlib.sha1().hexdigest():取得SHA1哈希摘要算法的摘要值。
	# 用户口令是客户端传递的经过SHA1计算后的40位Hash字符串,所以服务器端并不知道用户的原始口令
	user = User(id=uid, name=name.strip(), email=email, passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(), image='http://www.gravatar.com/avatar/%s?d=mm&s=120' % hashlib.md5(email.encode('utf-8')).hexdigest())
	await user.save()
	# make session cookie
	r = web.Response()
	r.set_cookie(COOKIE_NAME, user2cookie(user, 86400), max_age=86400, httponly=True)
	user.passwd = '******'
	r.content_type = 'application/json'
	# 以json格式序列化响应信息; ensure_ascii默认为True,非ASCII字符也进行转义。如果为False,这些字符将保持原样。
	r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
	return r
예제 #40
0
async def api_register_user(*, email, name, password):
    if not name or not name.strip():
        raise APIValueError('name')
    if not email or not _RE_EMAIL.match(email):
        raise APIValueError('email')
    if not password or not _RE_SHA1.match(password):
        raise APIValueError('password')
    users = await User.find_all('email=?', [email])
    if len(users) > 0:
        raise APIError('register: failed', 'email', 'Email is already in use')
    uid = next_id()
    sha1_password = '******' % (uid, password)
    user = User(id=uid,
                name=name.strip(),
                email=email,
                password=hashlib.sha1(
                    sha1_password.encode('utf-8')).hexdigest(),
                image='blank:about')
    await user.save()
    ret = web.Response()
    ret.set_cookie(COOKIE_NAME,
                   user2cookie(user, 86400),
                   max_age=86400,
                   httponly=True)
    user.password = '******'
    ret.content_type = 'application/json'
    ret.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
    return ret
예제 #41
0
파일: handlers.py 프로젝트: zero530/fb4u 
def api_register_fbuser(*, email, name, passwd, number, birthday):
    if not name or not name.strip():
        raise APIValueError('name')
    if not email or not _RE_EMAIL.match(email):
        raise APIValueError('email')
    if not passwd or not _RE_SHA1.match(passwd):
        raise APIValueError('passwd')
    if not number.isdigit():
        raise APIValueError('number should > 0')
 	#if not birthday:
     #   raise APIValueError('birthday') 
    print("number:" + number)
    #validation user          
    fbusers = yield from FBUser.findAll('email=?', [email])
    if len(fbusers) > 0:
        raise APIError('register:failed', 'email', 'Email is already in use.')

    uid = next_id()
    sha1_passwd = '%s:%s' % (uid, passwd)

    fbuser = FBUser(id=uid, name=name.strip(), email=email, passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(), number=number, birthday=birthday.strip())
    yield from fbuser.save()

    # make session cookie:
    r = web.Response()
    r.set_cookie(COOKIE_NAME, user2cookie(fbuser, 86400), max_age=86400, httponly=True)
    fbuser.passwd = '******'
    r.content_type = 'application/json'
    r.body = json.dumps(fbuser, cls=CJsonEncoder, ensure_ascii=False).encode('utf-8')
    return r
예제 #42
0
def api_register_user():
    uid = next_id()
    sha1_passwd = '%s:%s' % (uid, request.json['passwd'])
    user = User(id=uid, name=request.json['name'].strip(), email=request.json['email'], passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest())
    db.session.add(user)
    db.session.commit()
    r=jsonify({'db':'1'})
    r.set_cookie(COOKIE_NAME, user2cookie(user, 86400), max_age=86400, httponly=True)
    r.content_type = 'application/json;charset=utf-8'
    return r
예제 #43
0
def api_create_comments(id, request, *, content):
    user = request.__user__
    if user is None:
        raise APIPermissionError('content')
    if not content or not content.strip():
        raise APIValueError('content')
    blog = yield from Blog.find(id)
    if blog is None:
        raise APIResourceNotFoundError('Blog')
    comment = Comment(id=next_id(), user_id=user.id, user_name=user.name, image=user.image, content=content.strip())
    yield from comment.save()
    return comment
예제 #44
0
파일: app.py 프로젝트: fantianwen/web_blog 
def blog_id(id):
    if request.method == 'POST':
        comment_content = request.form['comment_content']
        comment_name = request.form['comment_name']
        comment = Comment(id=next_id(), blog_id=id, user_id='guest', user_name=comment_name,
                          user_image='',
                          content=comment_content, created_at=time.time())
        comment.save()
        image = common.create_avatar_by_name(comment_name)
        user = User(id=next_id(), email='', passwd='', admin=0, name=comment_name,
                    image=image,
                    created_at=time.time())
        mylog.info(image)
        # TODO 先使用name来进行判定是否唯一,后期希望能够使用email来判断是否唯一
        _user = User.find_all('name= ?', [comment_name])
        if len(_user) == 0:
            user.save()
        flash('comment and new user had been saved successfully!')

    blog = Blog.find(id)
    md_text = highlight.parse2markdown(blog.content)
    blog.html_content = md_text
    comments = Comment.find_all('blog_id= ?', [id])
    return render_template('blogdetail.html', blog=blog, comments=comments)
예제 #45
0
def api_register_user(*, email, name, passwd):
    logging.info('api_register_user...')
    #判断name是否存在,且是否'\n','\r','\t',' '这种特殊字符
    if not name or not name.strip():
        raise APIValueError('name')
    #判断email是否存在,且符合格式
    if not email or not _RE_EMAIL.match(email):
        logging.info('email api_register_user...')
        raise APIValueError('email')
    #判断passwd是否存在,且是否符合格式
    if not passwd  or not _RE_SHA1.match(passwd):
        logging.info('passwd api_register_user...')
        raise APIValueError('passwd')

    #查一下库里是否有相同的email地址,如果有的话提示用户email已经被注册过
    users = yield from User.findAll('email=?', [email])
    if len(users) > 0:
        raise APIError('register:failed', 'email', 'Email is already in use')

    #生成一个当前要注册的用户的唯一uid
    uid = next_id()
    #构建shal_passwd
    sha1_passwd = '%s:%s' % (uid, passwd)

    admin = False
    if email == '*****@*****.**':
            admin = True

    #创建一个用户,密码通过sha1加密保存
    user = User(id=uid, name=name.strip(), email=email, passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(), image='http://www.gravatar.com/avatar/%s?d=mm&s=120' % hashlib.md5(email.encode(    'utf-8')).hexdigest(), admin=admin)

    #保存这个用户到数据库用户表
    yield from user.save()
    logging.info('save user OK')
    #构建返回信息
    r = web.Response()
    #添加cookie
    r.set_cookie(COOKIE_NAME, user2cookie(user, 86400), max_age=86400, httponly=True)
    #只把要返回的实例的密码改成‘******’,库里的密码依然是真实的,以保证真实的密码不会因返回而暴露
    user.passwd = '******'
    #返回的是json数据,所以设置content-type为json的
    r.content_type = 'application/json'
    #把对象转换成json格式返回
    r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
    return r
예제 #46
0
파일: handlers.py 프로젝트: theJian/plogger 
async def api_register_user(*, email, name, passwd):
    if not email and not name and not passwd:
        raise Exception('missing arguments for register')
    if not _RE_EMAIL.match(email):
        raise Exception('illegal email')
    if not _RE_SHA1.match(passwd):
        raise Exception('illegal passwd')
    users = await User.findAll('email=?', [email])
    if len(users) > 0:
        raise Exception('email existed')
    uid = next_id()
    sha1_passwd = '%s:%s' % (uid , passwd)
    user = User(id=uid, email=email, name=name.strip(), passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(), image="blank:about", created_at=time.time())
    await user.save()
    r = web.Response()
    r.set_cookie(COOKIE_NAME, user2cookie(user, 60*60*24), max_age=60*60*24, httponly=True)
    user.passwd = '******'
    r.content_type = 'application/json'
    r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
    return r
예제 #47
0
def api_register_user(*, email, name, passwd):
    if not name or not name.strip():
        raise APIValueError('name')
    if not email or not _RE_EMAIL.match(email):
        raise APIValueError('email')
    if not passwd or not _RE_SHA1.match(passwd):
        raise APIValueError('passwd')
    users = yield from User.findAll('email=?', email)
    if len(users) > 0:
        raise APIError('register failed', 'email', 'Email is already in use.')
    uid = next_id()
    sha1_passwd = '%s:%s' % (uid, passwd)
    user = User(id=uid, name=name.strip(), email=email, passwd=hashlib.sha1(sha1_passwd.encode()).hexdigest(),
                # image='http://www.gravatar.com/acatar/%s?d=mm&s=120' % hashlib.md5(email.encode()).hexdigest())
                image='/static/img/user.png', admin=True)
    yield from user.save()
    r = web.Response()
    r.content_type = 'application/json'
    r.body = json.dumps(user, ensure_ascii=False).encode()
    return r
예제 #48
0
def api_register(*, email, name, passwd):
    if not name or not name.strip():
        raise APIValueError('name')
    if not email or not _RE_EMAIL.match(email):
        raise APIValueError('email')
    if not passwd or not _RE_SHA1.match(passwd):
        raise APIValueError('passwd')
    users = yield from User.findAll('email=?', [email])
    if len(users) > 0:
        raise APIError('register:failed', 'email', 'Email is already in use.')
    uid = next_id()
    sha1_passwd = '%s:%s' % (uid, passwd)
    user = User(id=uid, name=name.strip(), email=email, passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(), groups='001449655503983177fbe60d9744c9d99c77ed1a7612acd000')
    yield from user.save()
    r = web.Response()
    r.set_cookie(COOKIE_NAME, user2cookie(user, MAX_AGE), max_age=MAX_AGE, httponly=True)
    user.passwd = '******'
    r.content_type = 'application/json'
    r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
    return(r)
예제 #49
0
def api_register_user(*, email, name, passwd):
    """
    save in table: USER
    登录之后,可以增加邮箱激活模块,邮件激活。
    """
    logging.info("......................")
    if not name or not name.strip():
        raise APIValueError("name")
    if not email or not _RE_EMAIL.match(email):
        raise APIValueError("email")
    if not passwd or not _RE_SHA1.match(passwd):
        raise APIValueError("passwd")
    users = yield from User.findAll('email=?', [email])
    if len(users) > 0:
        raise APIError('register:failed', 'email', 'Email is already in use.')
    uid = next_id()
    sha1_passwd = '%s:%s' % (uid, passwd)
    # 创建用户对象, 其中密码并不是用户输入的密码,而是经过复杂处理后的保密字符串
    # sha1(secure hash algorithm),是一种不可逆的安全算法.
    # hexdigest()函数将hash对象转换成16进制表示的字符串
    # md5是另一种安全算法
    # Gravatar(Globally Recognized Avatar)是一项用于提供在全球范围内使用的头像服务。
    # 便可以在其他任何支持Gravatar的博客、论坛等地方使用它。此处image就是一个根据用户email生成的头像
    user = User(
        id=uid,
        name=name.strip(),
        email=email,
        passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(),
        # image="http://www.gravatar.com/avatar/%s?d=mm&s=120" % hashlib.md5(email.encode('utf-8')).hexdigest(),
        image="about:blank"
    )
    yield from user.save()
    # 此处的cookie:网站为了辨别用户身份而储存在用户本地终端的数据
    # http协议是一种无状态的协议,即服务器并不知道用户上一次做了什么.服务器通过cookie跟踪用户状态。
    r = web.Response()
    r.set_cookie(COOKIE_NAME, user2cookie(user, 86400), max_age=86400, httponly=True)  # 86400s=24h
    # 修改密码的外部显示为* ?
    user.passwd = '*****'
    r.content_type = 'application/json'
    r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
    return r
예제 #50
0
def api_register_user(*,email, name, passwd):
    if not name or not name.strip():
        raise APIValueError("name")
    if not email or not _RE_EMAIL.match(email):
        raise APIValueError("email")
    if not passwd or not _RE_SHA1.match(passwd):
        raise APIValueError("passwd")
    users = yield from User.findAll('email=?', [email]) # mysql parameters are listed in list
    if len(users) > 0:
        raise APIError('register:failed', 'email', 'Email is already in use.')
    uid = next_id()
    sha1_passwd = '%s:%s' % (uid, passwd)
    user = User(id=uid, name=name.strip(), email=email, passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(), image="http://www.gravatar.com/avatar/%s?d=mm&s=120" % hashlib.md5(email.encode('utf-8')).hexdigest())
    yield from user.save()
    # make session cookie
    r = web.Response()
    r.set_cookie(COOKIE_NAME, user2cookie(user, 86400), max_age=86400, httponly=True)
    user.passwd = '*****'
    r.content_type = 'application/json'
    r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
    return r
예제 #51
0
async def api_register_user(*, email, name, passwd):
    if not name or not name.strip():
        raise APIValueError('name')
    if not email or not _RE_EMAIL.match(email):
        raise APIValueError('email')
    if not passwd or not _RE_SHA1.match(passwd):
        raise APIValueError('passwd')
    users = await User.findAll('email=?', [email])
    if len(users) > 0:
        raise APIError('register:failed', 'email', 'Email is already in use.')
    uid = next_id()
    sha1_passwd = '%s:%s' % (uid, passwd)
    user = User(id=uid, name=name.strip(), email=email, passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(), image='https://www.funnypica.com/wp-content/uploads/2015/05/TOP-50-Beautiful-Girls-Girl-25-of-50.jpg')
    await user.save()
    # make session cookie:
    r = web.Response()
    r.set_cookie(COOKIE_NAME, user2cookie(user, 86400), max_age=86400, httponly=True)
    user.passwd = '******'
    r.content_type = 'application/json'
    r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
    return r
예제 #52
0
파일: handlers.py 프로젝트: COREENE/python 
def api_register_user(*, email, name, passwd):
    # 判断name是否存在,且是否只是'\n', '\r',  '\t',  ' ',这种特殊字符
    if not name or not name.strip():
        raise APIValueError('name')
    # 判断email和passwd是否存在,且是否符合规定的正则表达式
    if not email or not _RE_EMAIL.match(email):
        raise APIValueError('email')
    if not passwd or not _RE_SHA1.match(passwd):
        raise APIValueError('passwd')
    # 查一下库里是否有相同的email地址,如果有的话提示用户email已经被注册过    
    users = yield from User.findAll('email=?', [email])
    if len(users) > 0:
        raise APIError('register:failed', 'email', 'Email is already in use.')
    # 生成一个当前要注册用户的唯一uid    
    uid = next_id()
    # 构建shal_passwd
    sha1_passwd = '%s:%s' % (uid, passwd)

    admin = False
    if email == '*****@*****.**':
        admin = True

    # 创建一个用户
    # 用户口令是客户端传递的经过SHA1计算后的40位Hash字符串,所以服务器端并不知道用户的原始口令
    user = User(id=uid, name=name.strip(), email=email, passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(), 
        image='http://www.gravatar.com/avatar/%s?d=mm&s=120' % hashlib.md5(email.encode('utf-8')).hexdigest())
    # 保存这个用户到数据库用户表
    yield from user.save()
    logging.info('save user OK')

    # make session cookie:
    r = web.Response()
    r.set_cookie(COOKIE_NAME, user2cookie(user, 86400), max_age=86400, httponly=True)
    # 只把要返回的实例的密码改成'******',库里的密码依然是正确的,以保证真实的密码不会因返回而暴漏
    user.passwd = '******'
    # 返回的是json数据,所以设置content-type为json的
    r.content_type = 'application/json'
    # 把对象转换成json格式返回   
    r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
    return r
예제 #53
0
async def api_register_user(*, email, name, passwd):
    if not name or not name.strip():
        raise APIValueError('name')
    if not email or not _RE_EMAIL.match(email):
        # 判断email是否存在,且是否符合规定的正则表达式
        raise APIError('email')
    if not passwd or not _RE_SHA1.match(passwd):
        raise APIError('passwd')

    users = await User.findAll('email=?', [email])
    # 查一下库里是否有相同的email地址,如果有的话提示用户email已经被注册过
    if len(users):
        raise APIError('register:failed', 'email', 'Email is already in use.')

    uid = next_id()
    # 生成一个当前要注册用户的唯一uid
    sha1_passwd = '%s:%s' % (uid, passwd)

    admin = False
    if email == _ADMIN_EMAIL:
        admin = True

    # 创建一个用户(密码是通过sha1加密保存)
    user = User(id=uid, name=name.strip(), email=email, passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(),
                image='http://www.gravatar.com/avatar/%s?d=mm&s=120' % hashlib.md5(email.encode('utf-8')).hexdigest(),
                admin=admin)
    # 注意数据库中存储的passwd是经过SHA1计算后的40位Hash字符串,所以服务器端并不知道用户的原始口令。

    await user.save()
    # 保存这个用户到数据库用户表
    logger.info('save user OK')
    r = web.Response()
    # 构建返回信息
    r.set_cookie(COOKIE_NAME, user2cookie(user, 86400), max_age=86400, httponly=True)
    # 86400代表24小时
    user.passwd = '******'
    # 只把要返回的实例的密码改成'******',库里的密码依然是正确的,以保证真实的密码不会因返回而暴漏
    r.content_type = 'application/json'
    r.body = json.dumps(user, ensure_ascii=False, default=lambda o: o.__dict__).encode('utf-8')
    return r
예제 #54
0
파일: handlers.py 프로젝트: Joe-Blake/Blog 
def api_register_user(*,name, email, passwd): # 注册信息包括用户名,邮箱与密码
    # 验证输入的正确性
    if not name or not name.strip():
        raise APIValueError("name")
    if not email or not _RE_EMAIL.match(email):
        raise APIValueError("email")
    if not passwd or not _RE_SHA1.match(passwd):
        raise APIValueError("passwd")
    # 在数据库里查看是否已存在该email
    users = yield from User.findAll('email=?', [email]) # mysql parameters are listed in list
    if len(users) > 0: # findAll的结果不为0,说明数据库已存在同名email,抛出异常报错
        raise APIError('register:failed', 'email', 'Email is already in use.')

    # 数据库内无相应的email信息,说明是第一次注册
    uid = next_id() # 利用当前时间与随机生成的uuid生成user id
    sha1_passwd = '%s:%s' % (uid, passwd) # 将user id与密码的组合赋给sha1_passwd变量
    # 创建用户对象, 其中密码并不是用户输入的密码,而是经过复杂处理后的保密字符串
    # unicode对象在进行哈希运算之前必须先编码
    # sha1(secure hash algorithm),是一种不可逆的安全算法.这在一定程度上保证了安全性,因为用户密码只有用户一个人知道
    # hexdigest()函数将hash对象转换成16进制表示的字符串
    # md5是另一种安全算法
    # Gravatar(Globally Recognized Avatar)是一项用于提供在全球范围内使用的头像服务。只要在Gravatar的服务器上上传了你自己的头像,便可以在其他任何支持Gravatar的博客、论坛等地方使用它。此处image就是一个根据用户email生成的头像
    user = User(id=uid, name=name.strip(), email=email, passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(), image="http://www.gravatar.com/avatar/%s?d=mm&s=120" % hashlib.md5(email.encode('utf-8')).hexdigest())
    yield from user.save() # 将用户信息储存到数据库中,save()方法封装的实际是数据库的insert操作

    # 这其实还是一个handler,因此需要返回response. 此时返回的response是带有cookie的响应
    r = web.Response()
    # 刚创建的的用户设置cookiei(网站为了辨别用户身份而储存在用户本地终端的数据)
    # http协议是一种无状态的协议,即服务器并不知道用户上一次做了什么.
    # 因此服务器可以通过设置或读取Cookies中包含信息,借此维护用户跟服务器会话中的状态
    # user2cookie设置的是cookie的值
    # max_age是cookie的最大存活周期,单位是秒.当时间结束时,客户端将抛弃该cookie.之后需要重新登录
    r.set_cookie(COOKIE_NAME, user2cookie(user, 600), max_age=600, httponly=True)  # 设置cookie最大存会时间为10min
    # r.set_cookie(COOKIE_NAME, user2cookie(user, 86400), max_age=86400, httponly=True)  #86400s=24h
    user.passwd = '*****' # 修改密码的外部显示为*
    # 设置content_type,将在data_factory中间件中继续处理
    r.content_type = 'application/json'
    # json.dumps方法将对象序列化为json格式
    r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
    return r
예제 #55
0
def api_register_user(*, email, name, passwd):
    # strip():去除多余空格
    if not name or not name.strip():
        raise APIValueError('name')
    if not email or not _RE_EMAIL.match(email):
        raise APIValueError('email')
    if not passwd or not _RE_SHA1.match(passwd):
        raise APIValueError('passwd')
    users = yield from User.find_all('email=?', [email])
    if len(users) > 0:
        raise APIError('register failed', 'email', 'Email is already in use.')
    uid = next_id()
    # 密码以sha1形式保存在数据库(uid:passwd)=> sha1
    sha1_passwd = '%s:%s' % (uid, passwd)
    user = User(id=uid, name=name.strip(), email=email, passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(),
                image='http://www.gravatar.com/avatar/%s?d=mm&s=120' % hashlib.md5(email.encode('utf-8')).hexdigest())
    yield from user.save()
    r = web.Response()
    r.set_cookie(COOKIE_NAME, user2cookie(user, 86400), max_age=86400, httponly=True)
    r.content_type = 'application/json'
    r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
    return r
예제 #56
0
파일: handlers.py 프로젝트: GreenLim/PyBlog 
def api_register_user(*, email, name, passwd):
	if not name or not name.strip():
		raise APIValueError('name')
	if not email or not _RE_EMAIL.match(email):
		raise APIValueError('email')
	if not passwd or not _RE_SHA1.match(passwd):
		raise APIValueError('passwd')
	users = yield from User.findAll('email=?', [email])
	logging.info('valid pass')
	if len(users) > 0:
		raise APIValueError('register:failed', 'email', 'Email is already in use.')
	uid = next_id()
	sha1_passwd = '%s:%s' % (uid, passwd)
	user = User(id = uid, name = name.strip(), email = email, passwd = hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(), image = '')
	yield from user.save()
	# make session cookie:
	r = web.Response()
	r.set_cookie(COOKIE_NAME, user2cookie(user, 86400), max_age = 86400, httponly = True)
	user.passwd = '******'
	r.content_type = 'application/json'
	r.body = json.dumps(user, ensure_ascii = False).encode('utf-8')
	return r
예제 #57
0
def test(*,objectid,qrcontent):
    nextId=next_id()
    arr=yield from queryQrObjectId(objectid)
    rows=0
    if len(arr)>0:
       ##update
       logging.info("update objectid() %s" % objectid) 
       q=arr[0]
       q["qrcontent"]=qrcontent
       rows=yield from q.update()
    else:
       ##insert
       q=QrTable(objectid=objectid,qrindex=nextId,qrcontent=qrcontent)
       logging.info("insert qrindex() %s" % nextId)
       rows= yield from q.save()
       
    if rows!=1:
       return dict(errCode=False,content="")
    else:
       arr=yield from queryQrObjectId(objectid)
       qOBJ=arr[0]
       return dict(errCode=True,content=qrindexUrl(qOBJ))
예제 #58
0
def api_post_users(*,email,name,passwd): 
    if not name or not name.strip():
        raise APIValueError('name')
    if not email or not _RE_EMAIL.match(email):
        raise APIValueError('email')
    if not passwd or not _RE_PASSWD_SHA1.match(passwd):
        raise APIValueError('password')
    users=yield from User.findAll('email=?',[email])#this ,I have implemented this?
    if len(users)>0:
        raise APIError('register:failed','email','same email was already used')
    uid=next_id()
    password_sha1='%s:%s' % (uid,passwd)
    user=User(id=uid,name=name.strip(),email=email,passwd=hashlib.sha1(password_sha1.encode('utf-8')).hexdigest() , image='12345')
    yield from user.save()
    
    #make session cookies
    r=web.Response()
    #r.set_cookie(COOKIE_NAME,user2cookie(user,86400),max_age=86400,httponly=True)
    user.passwd='******'
    r.content_type='application/json'
    r.body=json.dumps(user, ensure_ascii=False).encode('utf-8')
    return r
예제 #59
0
파일: app.py 프로젝트: fantianwen/web_blog 
def save_blog():
    id = next_id()
    user_id = 'admin'
    user_name = 'fantianwen'
    file = request.files['blog_image']
    file.filename = change_file_name(file.filename, id)
    user_image = file.filename
    name = request.form['blog_title']
    summary = request.form['blog_summary']
    content = request.form['blog_content']
    category = request.form['blog_category']
    created_at = time.time()
    year = common.get_year(created_at)
    month = common.get_month(created_at)
    day = common.get_day(created_at)
    if file and allowed_file(file.filename):
        filename = secure_filename(file.filename)
        file.save(os.path.join(app.config['UPLOAD_FOLDER'], filename))
    blog = Blog(id=id, user_id=user_id, user_name=user_name, user_image=user_image, name=name, summary=summary,
                content=content, category=category, created_at=created_at, year=year, month=month, day=day)
    blog.save()
    flash('保存成功')
    return render_template('/welcome.html')
예제 #60
0
def api_register_user(*, email, name, passwd):
    if not name or not name.strip():
        raise APIValueError('name')
    if not email or not _RE_EMAIL.match(email):
        raise APIValueError('email')
    if not passwd or not _RE_SHA1.match(passwd):
        raise APIValueError('passwd')
    users = yield from User.findAll('email=?', [email])
    if len(users) > 0:
        raise APIError('register:failed', 'email', 'Email is already in use.')
    uid = next_id()
    sha1_passwd = '%s:%s' % (uid, passwd)
    #user = User(id=uid, name=name.strip(), email=email, passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(), image='../timg.jpg')
    user = User(id=uid, name=name.strip(), email=email, passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(), image='http://www.gravatar.com/avatar/%s?d=mm&s=120' % hashlib.md5(email.encode('utf-8')).hexdigest())
    #user = User(id=uid, name=name.strip(), email=email, passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest(), image='http://img.cyol.com/img/news/attachement/jpg/site2/20160811/IMG0071cc19945f42092995120.jpg')
    yield from user.save()
    # make session cookie:
    r = web.Response()
    r.set_cookie(COOKIE_NAME, user2cookie(user, 86400), max_age=86400, httponly=True)
    user.passwd = '******'
    r.content_type = 'application/json'
    r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
    return r