def create_user(post_data): ''' Create the user. The code used if `False`. 11: standsfor invalid username. 21: standsfor invalide E-mail. 91: standsfor unkown reson. ''' out_dic = {'success': False, 'code': '00'} if not tools.check_username_valid(post_data['user_name']): out_dic['code'] = '11' return out_dic if not tools.check_email_valid(post_data['user_email']): out_dic['code'] = '21' return out_dic try: TabMember.create(uid=tools.get_uuid(), user_name=post_data['user_name'], user_pass=tools.md5(post_data['user_pass']), user_email=post_data['user_email'], role=post_data.get('role', '1000'), time_create=tools.timestamp(), time_update=tools.timestamp(), time_reset_passwd=tools.timestamp(), time_login=tools.timestamp(), time_email=tools.timestamp()) out_dic['success'] = True except: out_dic['code'] = '91' return out_dic
def create_user(post_data): out_dic = {'success': False, 'code': '00'} if tools.check_username_valid(post_data['user_name']): pass else: out_dic['code'] = '11' return out_dic if tools.check_email_valid(post_data['user_email']): pass else: out_dic['code'] = '21' return out_dic if 'role' in post_data: role = post_data['role'] else: role = '1000' TabMember.create(uid=tools.get_uuid(), user_name=post_data['user_name'], user_pass=tools.md5(post_data['user_pass']), user_email=post_data['user_email'], role=role, time_create=tools.timestamp(), time_update=tools.timestamp(), time_reset_passwd=tools.timestamp(), time_login=tools.timestamp(), time_email=tools.timestamp()) out_dic['success'] = True return out_dic
def insert_data(self, post_data): if '/' in post_data['user_name'][0]: return False if ':' in post_data['user_name'][0]: return False if len(post_data['user_name'][0]) < 5 or len(post_data['user_name'][0]) > 20: return False if '\\' in post_data['user_name'][0]: return False if '#' in post_data['user_name'][0]: return False if '+' in post_data['user_name'][0]: return False if "'" in post_data['user_name'][0]: return False if '"' in post_data['user_name'][0]: return False if '(' in post_data['user_name'][0]: return False if ')' in post_data['user_name'][0]: return False if ' ' in post_data['user_name'][0]: return False try: CabMember.create(uid=tools.get_uuid(), user_name=post_data['user_name'][0], user_pass=tools.md5(post_data['user_pass'][0]), user_email=post_data['user_email'][0], privilege='10000', reset_passwd_timestamp=0, ) return True except: return False
def test_update_pass(self): self.add_mess() post_data = {'user_pass': '******'} self.uu.update_pass(self.uid, post_data['user_pass']) tt = self.uu.get_by_uid(self.uid) assert tt.user_pass == tools.md5(post_data['user_pass']) self.tearDown()
def check_user(self, u_name, u_pass): tt = CabMember.select().where(CabMember.user_name == u_name).count() if tt == 0: return -1 a = CabMember.get(user_name=u_name) if a.user_pass == tools.md5(u_pass): return 1 return 0
def check_user(user_id, u_pass): tt = g_Member.select().where(g_Member.uid == user_id).count() if tt == 0: return -1 a = g_Member.get(uid=user_id) if a.user_pass == tools.md5(u_pass): return 1 return 0
def check_user_by_name(user_id, u_pass): tt = TabMember.select().where(TabMember.user_name == user_id).count() if tt == 0: return -1 a = TabMember.get(user_name=user_id) if a.user_pass == tools.md5(u_pass): return 1 return 0
def update_pass(user_id, newpass): out_dic = {'success': False, 'code': '00'} entry = g_Member.update(user_pass=tools.md5(newpass)).where( g_Member.uid == user_id) entry.execute() out_dic['success'] = True return out_dic
def check_user(user_id, u_pass): ''' Checking the password by user's ID. ''' user_count = TabMember.select().where(TabMember.uid == user_id).count() if user_count == 0: return -1 the_user = TabMember.get(uid=user_id) if the_user.user_pass == tools.md5(u_pass): return 1 return 0
def check_user_by_name(user_name, u_pass): ''' Checking the password by user's name. ''' tt = TabMember.select().where(TabMember.user_name == user_name).count() if tt == 0: return -1 a = TabMember.get(user_name=user_name) if a.user_pass == tools.md5(u_pass): return 1 return 0
def check_user_by_name(user_name, u_pass): ''' Checking the password by user's name. ''' the_query = TabMember.select().where(TabMember.user_name == user_name) if the_query.count() == 0: return -1 the_user = the_query.get() if the_user.user_pass == tools.md5(u_pass): return 1 return 0
def create_user(post_data, extinfo=None): ''' Create the user. The code used if `False`. 11: invalid username. 21: invalide E-mail. 31: E-mail exists.. 91: unkown reason. ''' out_dic = {'success': False, 'code': '00'} if post_data['user_name'].startswith('_'): ''' the user_name startwith with ``_``, ONLY used for inner, not for login. ''' pass elif not tools.check_username_valid(post_data['user_name']): out_dic['code'] = '11' return out_dic if not tools.check_email_valid(post_data['user_email']): out_dic['code'] = '21' return out_dic if MUser.get_by_email(post_data['user_email']): out_dic['code'] = '31' return out_dic if extinfo is None: extinfo = {} try: TabMember.create( uid=tools.get_uuid(), user_name=post_data['user_name'], user_pass=tools.md5(post_data['user_pass']), user_email=post_data['user_email'], role='1000', # ‘1000' as default role. time_create=tools.timestamp(), time_update=tools.timestamp(), time_reset_passwd=tools.timestamp(), time_login=tools.timestamp(), time_email=tools.timestamp(), extinfo=extinfo, ) out_dic['success'] = True except Exception as err: print(repr(err)) out_dic['code'] = '91' return out_dic
def update_pass(user_id, newpass): ''' Update the password of a user. ''' out_dic = {'success': False, 'code': '00'} entry = TabMember.update(user_pass=tools.md5(newpass)).where(TabMember.uid == user_id) entry.execute() out_dic['success'] = True return out_dic
def reset_password(self): ''' Do reset password :return: ''' post_data = self.get_post_data() if 'email' in post_data: userinfo = MUser.get_by_email(post_data['email']) if tools.timestamp() - userinfo.time_reset_passwd < 70: self.set_status(400) kwd = { 'info': '两次重置密码时间应该大于1分钟', 'link': '/user/reset-password', } self.render('misc/html/404.html', kwd=kwd, userinfo=self.userinfo) return False if userinfo: timestamp = tools.timestamp() passwd = userinfo.user_pass username = userinfo.user_name hash_str = tools.md5(username + str(timestamp) + passwd) url_reset = '{0}/user/reset-passwd?u={1}&t={2}&p={3}'.format( config.SITE_CFG['site_url'], username, timestamp, hash_str) email_cnt = '''<div>请查看下面的信息,并<span style="color:red">谨慎操作</span>:</div> <div>您在"{0}"网站({1})申请了密码重置,如果确定要进行密码重置,请打开下面链接:</div> <div><a href={2}>{2}</a></div> <div>如果无法确定本信息的有效性,请忽略本邮件。</div>'''.format(config.SMTP_CFG['name'], config.SITE_CFG['site_url'], url_reset) if send_mail([userinfo.user_email], "{0}|密码重置".format(config.SMTP_CFG['name']), email_cnt): MUser.update_time_reset_passwd(username, timestamp) self.set_status(200) logger.info('password has been reset.') return True else: self.set_status(400) return False else: self.set_status(400) return False else: self.set_status(400) return False
def check_user(user_id, u_pass): ''' Checking the password by user's ID. :param user_id: :param u_pass: :return: ''' tt = TabMember.select().where(TabMember.uid == user_id).count() if tt == 0: return -1 a = TabMember.get(uid=user_id) if a.user_pass == tools.md5(u_pass): return 1 return 0
def gen_passwd(self): ''' reseting password :return: ''' post_data = self.get_post_data() userinfo = MUser.get_by_name(post_data['u']) sub_timestamp = int(post_data['t']) cur_timestamp = tools.timestamp() if cur_timestamp - sub_timestamp < 600 and cur_timestamp > sub_timestamp: pass else: kwd = { 'info': '密码重置已超时!', 'link': '/user/reset-password', } self.set_status(400) self.render('misc/html/404.html', kwd=kwd, userinfo=self.userinfo) hash_str = tools.md5(userinfo.user_name + post_data['t'] + userinfo.user_pass) if hash_str == post_data['p']: pass else: kwd = { 'info': '密码重置验证出错!', 'link': '/user/reset-password', } self.set_status(400) self.render( 'misc/html/404.html', kwd=kwd, userinfo=self.userinfo, ) new_passwd = tools.get_uu8d() MUser.update_pass(userinfo.uid, new_passwd) kwd = { 'user_name': userinfo.user_name, 'new_pass': new_passwd, } self.render( 'user/user_show_pass.html', cfg=config.CMS_CFG, kwd=kwd, userinfo=self.userinfo, )
def reset_password(self): post_data = {} for key in self.request.arguments: post_data[key] = self.get_arguments(key) if 'email' in post_data: userinfo = self.muser.get_by_email(post_data['email'][0]) if tools.timestamp() - userinfo.time_reset_passwd < 70: self.set_status(400) kwd = { 'info': '两次重置密码时间应该大于1分钟', } self.render('html/404.html', kwd=kwd, userinfo=self.userinfo) return False if userinfo: timestamp = tools.timestamp() passwd = userinfo.user_pass username = userinfo.user_name hash_str = tools.md5(username + str(timestamp) + passwd) url_reset = '{0}/user/reset-passwd?u={1}&t={2}&p={3}'.format( config.site_url, username, timestamp, hash_str) email_cnt = ''' <div>请查看下面的信息,并<span style="color:red">谨慎操作</span>:</div> <div>您在"{0}"网站({1})申请了密码重置,如果确定要进行密码重置,请打开下面链接:</div> <div><a href={2}>{2}</a></div> <div>如果无法确定本信息的有效性,请忽略本邮件。</div> '''.format(config.smtp_cfg['name'], config.site_url, url_reset) if send_mail([userinfo.user_email], "{0}|密码重置".format(config.smtp_cfg['name']), email_cnt): self.muser.update_time_reset_passwd(username, timestamp) self.set_status(200) return True else: self.set_status(400) return False else: self.set_status(400) return False else: self.set_status(400) return False
def gen_passwd(self): post_data = {} for key in self.request.arguments: post_data[key] = self.get_arguments(key) userinfo = self.muser.get_by_name(post_data['u'][0]) sub_timestamp = int(post_data['t'][0]) cur_timestamp = tools.timestamp() if cur_timestamp - sub_timestamp < 600 and cur_timestamp > sub_timestamp: pass else: kwd = { 'info': '密码重置已超时!', } self.set_status(400) self.render('html/404.html', kwd=kwd, userinfo=self.userinfo) hash_str = tools.md5(userinfo.user_name + post_data['t'][0] + userinfo.user_pass) if hash_str == post_data['p'][0]: pass else: kwd = { 'info': '密码重置验证出错!', } self.set_status(400) self.render( 'html/404.html', kwd=kwd, userinfo=self.userinfo, ) new_passwd = tools.get_uu8d() self.muser.update_pass(userinfo.user_name, new_passwd) kwd = { 'user_name': userinfo.user_name, 'new_pass': new_passwd, } self.render( 'user/{0}/show_pass.html'.format(self.tmpl_router), cfg=config.cfg, kwd=kwd, userinfo=self.userinfo, )
def reset_password(self): post_data = {} for key in self.request.arguments: post_data[key] = self.get_arguments(key) if 'email' in post_data: userinfo = self.muser.get_by_email(post_data['email'][0]) if tools.timestamp() - userinfo.reset_passwd_timestamp < 70: self.set_status(400) kwd = { 'info': '两次重置密码时间应该大于1分钟', } self.render('html/404.html', kwd=kwd, userinfo = self.userinfo) return False if userinfo: timestamp = tools.timestamp() passwd = userinfo.user_pass username = userinfo.user_name hash_str = tools.md5(username + str(timestamp) + passwd) url_reset = '{0}/user/reset-passwd?u={1}&t={2}&p={3}'.format(config.site_url, username, timestamp, hash_str) email_cnt = ''' <div>请查看下面的信息,并<span style="color:red">谨慎操作</span>:</div> <div>您在"{0}"网站({1})申请了密码重置,如果确定要进行密码重置,请打开下面链接:</div> <div><a href={2}>{2}</a></div> <div>如果无法确定本信息的有效性,请忽略本邮件。</div> '''.format(config.site_name, config.site_url, url_reset) if send_mail([userinfo.user_email], "{0}|密码重置".format(config.site_name), email_cnt): self.muser.update_reset_passwd_timestamp(username, timestamp) self.set_status(200) return True else: self.set_status(400) return False else: self.set_status(400) return False else: self.set_status(400) return False
def gen_passwd(self): post_data = {} for key in self.request.arguments: post_data[key] = self.get_arguments(key) userinfo = self.muser.get_by_id(post_data['u'][0]) sub_timestamp = int(post_data['t'][0]) cur_timestamp = tools.timestamp() if cur_timestamp - sub_timestamp < 600 and cur_timestamp > sub_timestamp: pass else: kwd = { 'info': '密码重置已超时!', } self.set_status(400) self.render('html/404.html', kwd=kwd, userinfo = self.userinfo) hash_str = tools.md5(userinfo.user_name + post_data['t'][0] + userinfo.user_pass) if hash_str == post_data['p'][0]: pass else: kwd = { 'info': '密码重置验证出错!', } self.set_status(400) self.render('html/404.html', kwd=kwd, userinfo = self.userinfo,) new_passwd = tools.get_uu8d() self.muser.update_pass(userinfo.user_name, new_passwd) kwd = { 'user_name': userinfo.user_name, 'new_pass': new_passwd, } self.render('{0}/{1}/show_pass.html'.format(self.tmpl_name, self.tmpl_router), cfg = config.cfg, kwd=kwd, userinfo = self.userinfo,)
def create_user(post_data): ''' Create the user. The code used if `False`. 11: standsfor invalid username. 21: standsfor invalide E-mail. 91: standsfor unkown reson. ''' out_dic = {'success': False, 'code': '00'} if post_data['user_name'].startswith('_'): ''' the user_name startwith with ``_``, ONLY used for inner, not for login. ''' pass elif not tools.check_username_valid(post_data['user_name']): out_dic['code'] = '11' return out_dic if not tools.check_email_valid(post_data['user_email']): out_dic['code'] = '21' return out_dic try: TabMember.create( uid=tools.get_uuid(), user_name=post_data['user_name'], user_pass=tools.md5(post_data['user_pass']), user_email=post_data['user_email'], role='1000', # ‘1000' as default role. time_create=tools.timestamp(), time_update=tools.timestamp(), time_reset_passwd=tools.timestamp(), time_login=tools.timestamp(), time_email=tools.timestamp()) out_dic['success'] = True except: out_dic['code'] = '91' return out_dic
def insert_data(self, post_data): if '/' in post_data['user_name'][0]: return False if ':' in post_data['user_name'][0]: return False if len(post_data['user_name'][0]) < 5 or len( post_data['user_name'][0]) > 20: return False if '\\' in post_data['user_name'][0]: return False if '#' in post_data['user_name'][0]: return False if '+' in post_data['user_name'][0]: return False if "'" in post_data['user_name'][0]: return False if '"' in post_data['user_name'][0]: return False if '(' in post_data['user_name'][0]: return False if ')' in post_data['user_name'][0]: return False if ' ' in post_data['user_name'][0]: return False try: CabMember.create( uid=tools.get_uuid(), user_name=post_data['user_name'][0], user_pass=tools.md5(post_data['user_pass'][0]), user_email=post_data['user_email'][0], privilege='10000', reset_passwd_timestamp=0, ) return True except: return False
def update_pass(self, u_name, newpass): entry = CabMember.update(user_pass=tools.md5(newpass), ).where( CabMember.user_name == u_name) entry.execute() return entry
def update_pass(self, u_name, newpass): entry = CabMember.update( user_pass=tools.md5(newpass), ).where(CabMember.user_name == u_name) entry.execute() return entry