def POST(self, inputs=None):
if not inputs: inputs = sh.inputs()
assert(inputs.get('email', '').strip())
assert(inputs.get('password', ''))
uc = sh.ctrl('User')
model = sh.model('User')
action = sh.getEnv('REQUEST_URI').partition('?')[0].strip('/')
if action == 'login':
if not uc.validate(inputs.email, inputs.password):
return sh.page.user.Login('您输入的用户名或密码不对, 请重新输入', inputs.email)
user = model.getByEmail(inputs.email)
if user.dead == 'yes':
return sh.alert('登录失败,你已被列入黑名单,请联系管理员')
uc.login(user, inputs.get('remember_me', '') == 'on')
# 获得打开login页面时url中指定的referer
referer = sh.getUrlParams(sh.getEnv('HTTP_REFERER')).get('referer', None)
if referer:
return sh.redirect(referer)
elif sh.inputs().get('referer', None):
return sh.redirect(sh.inputs().get('referer', None))
else:
return sh.redirect('/')
def POST(self, inputs=None):
if not inputs: inputs = sh.inputs()
assert(inputs.get('email', '').strip())
assert(inputs.get('password', ''))
uc = sh.ctrl('User')
model = sh.model('User')
action = sh.getEnv('REQUEST_URI').partition('?')[0].strip('/')
if action == 'login':
if not uc.validate(inputs.email, inputs.password):
return sh.page.user.Login('您输入的用户名或密码不对, 请重新输入', inputs.email)
user = model.getByEmail(inputs.email)
if user.dead == 'yes':
return sh.alert('登录失败,你已被列入黑名单,请联系管理员')
uc.login(user, inputs.get('remember_me', '') == 'on')
# 获得打开login页面时url中指定的referer
referer = sh.getUrlParams(sh.getEnv('HTTP_REFERER')).get('referer', None)
if referer:
return sh.redirect(referer)
elif sh.inputs().get('referer', None):
return sh.redirect(sh.inputs().get('referer', None))
else:
return sh.alert('登录成功. 欢迎回来!')
def GET(self):
action = sh.getEnv('REQUEST_URI').partition('?')[0].strip('/')
if action == 'login':
return sh.page.user.Login()
if action == 'logout':
sh.ctrl('User').logout()
return sh.redirect('/')
def GET(self):
action = sh.getEnv('REQUEST_URI').partition('?')[0].strip('/')
if action == 'admin/login':
return sh.editor_nobase.user.Login()
if action == 'admin/logout':
sh.ctrl('AdminUser').logout()
return sh.redirect('/')
def GET(self):
action = sh.getEnv('REQUEST_URI').partition('?')[0].strip('/')
if action == 'login':
return sh.page.user.Login()
if action == 'logout':
sh.ctrl('User').logout()
return sh.redirect('/')
def GET(self):
action = sh.getEnv('REQUEST_URI').partition('?')[0].strip('/')
if action == 'admin/login':
return sh.editor_nobase.user.Login()
if action == 'admin/logout':
sh.ctrl('AdminUser').logout()
return sh.redirect('/')
def POST(self):
if not sh.session.is_login:
return sh.redirectToLogin()
user_model = sh.model('User')
user = user_model.get(sh.session.id)
inputs = sh.inputs()
assert inputs.get('action', '')
if inputs.action == 'upload':
if inputs.get('image_file', ''):
self.savePortrait(sh.session.id, inputs.image_file)
return sh.redirect('/accounts/portrait')
elif inputs.action == 'crop':
if not user.image:
return sh.alert('请先上传头像')
assert int(float(inputs.get('region_width', '0'))) > 0
assert int(float(inputs.get('region_height', '0'))) > 0
real_width, real_height = sh.imageSize(user.image.url) # 图片的真实宽高
crop = inputs.crop
region_width = int(float(inputs.region_width)) # 选择区域的宽度
region_height = int(float(inputs.region_height)) # 选择区域的高度
start_x = int(crop.split()[0]) # 选中的起始位置
start_y = int(crop.split()[1])
region_x = int(crop.split()[2]) # 选中的宽度
region_y = int(crop.split()[3]) # 选中的高度
# convert 裁剪区域
region = '%dx%d+%d+%d' % (region_x * real_width / region_width,
region_y * real_height / region_height,
real_width * start_x / region_width,
real_height * start_y / region_height)
path = sh.urlToPath(user.image.url)
os.system('convert %s -crop %s %s' %
(path, region, path + '.crop'))
user_model.update(sh.session.id, {'crop': crop})
# 删除以前裁剪图片的各种尺寸副本
os.system('rm %s.crop_*' % path)
return sh.redirect('/accounts')
def POST(self):
if not sh.session.is_login:
return sh.redirectToLogin()
user_model = sh.model('User')
user = user_model.get(sh.session.id)
inputs = sh.inputs()
assert inputs.get('action', '')
if inputs.action == 'upload':
if inputs.get('image_file', ''):
self.savePortrait(sh.session.id, inputs.image_file)
return sh.redirect('/accounts/portrait')
elif inputs.action == 'crop':
if not user.image:
return sh.alert('请先上传头像')
assert int(float(inputs.get('region_width', '0'))) > 0
assert int(float(inputs.get('region_height', '0'))) > 0
real_width, real_height = sh.imageSize(user.image.url) # 图片的真实宽高
crop = inputs.crop
region_width = int(float(inputs.region_width)) # 选择区域的宽度
region_height = int(float(inputs.region_height)) # 选择区域的高度
start_x = int(crop.split()[0]) # 选中的起始位置
start_y = int(crop.split()[1])
region_x = int(crop.split()[2])# 选中的宽度
region_y = int(crop.split()[3]) # 选中的高度
# convert 裁剪区域
region = '%dx%d+%d+%d' % (region_x * real_width / region_width,
region_y * real_height / region_height,
real_width * start_x / region_width,
real_height * start_y / region_height)
path = sh.urlToPath(user.image.url)
os.system('convert %s -crop %s %s' % (path, region, path+'.crop'))
user_model.update(sh.session.id, {'crop': crop})
# 删除以前裁剪图片的各种尺寸副本
os.system('rm %s.crop_*' % path)
return sh.redirect('/accounts')
def POST(self, inputs=None):
if not inputs: inputs = web.input()
assert(inputs.get('email', '').strip())
assert(inputs.get('password', ''))
uc = sh.ctrl('AdminUser')
model = sh.model('AdminUser')
action = sh.getEnv('REQUEST_URI').partition('?')[0].strip('/')
if action == 'admin/login':
if not uc.validate(inputs.email, inputs.password):
return sh.editor.user.Login('密码不对', inputs.email)
user = model.getByEmail(inputs.email)
uc.login(user)
return sh.redirect('/admin')
def POST(self, inputs=None):
if not inputs: inputs = web.input()
assert (inputs.get('email', '').strip())
assert (inputs.get('password', ''))
uc = sh.ctrl('AdminUser')
model = sh.model('AdminUser')
action = sh.getEnv('REQUEST_URI').partition('?')[0].strip('/')
if action == 'admin/login':
if not uc.validate(inputs.email, inputs.password):
return sh.editor_nobase.user.Login('密码不对', inputs.email)
user = model.getByEmail(inputs.email)
uc.login(user)
return sh.redirect('/admin')
def validate(handler):
request_path = sh.getEnv('REQUEST_URI').partition('?')[0]
is_login = sh.session.get('is_login', False)
is_admin = sh.session.get('is_admin', False)
method = sh.getEnv('REQUEST_METHOD')
# 禁止未登录用户访问REQUIRE_LOGIN_URL中的地址
if not is_login and request_path in REQUIRE_LOGIN_URL:
return sh.redirectToLogin()
# 禁止非admin用户访问admin页面
if not is_admin and request_path.startswith('/admin') and request_path != '/admin/login':
return sh.redirect('/admin/login')
return handler()
def validate(handler):
request_path = sh.getEnv('REQUEST_URI').partition('?')[0]
is_login = sh.session.get('is_login', False)
is_admin = sh.session.get('is_admin', False)
method = sh.getEnv('REQUEST_METHOD')
# 禁止未登录用户访问REQUIRE_LOGIN_URL中的地址
if not is_login and request_path in REQUIRE_LOGIN_URL:
return sh.redirectToLogin()
# 禁止非admin用户访问admin页面
if not is_admin and request_path.startswith(
'/admin') and request_path != '/admin/login':
return sh.redirect('/admin/login')
return handler()
def login(self, Userid):
exists_user = sh.model('User').get(Userid)
assert exists_user, u'用户不存在'
sh.ctrl('User').login(exists_user, self.REMEMBER_ME)
return sh.redirect('/')
def redirectToRegister(self, access_token, state, error=''):
return sh.redirect(
'/oauth/register?access_token=%s&state=%s&error=%s' %
(access_token, state, sh.quote(error)))
def login(self, Userid):
exists_user = sh.model("User").get(Userid)
assert exists_user, u"用户不存在"
sh.ctrl("User").login(exists_user, self.REMEMBER_ME)
return sh.redirect("/")
def redirectToRegister(self, access_token, state, error=""):
return sh.redirect("/oauth/register?access_token=%s&state=%s&error=%s" % (access_token, state, sh.quote(error)))
