def post(self):
parse = reqparse.RequestParser()
parse.add_argument('img',
dest='photo',
type=FileStorage,
required=True,
help='必须提供图片',
location='files')
parse.add_argument('token', type=str, required=True, help='必须提供token')
args = parse.parse_args()
token = args.get('token')
uFile: FileStorage = args.get('photo')
newFileName = str(uuid.uuid4()).replace('-', '')
newFileName += '.' + uFile.filename.split('.')[-1]
uFile.save(os.path.join(settings.Config.MEDIA_DIR, newFileName))
uFile.close()
id = session.get(token)
print('哈哈', id)
user = dao.getById(User, id)
user.photo_2 = newFileName
dao.save(user)
return {
'static': '200',
'msg': '上传成功',
'path': '/static/uploads/' + newFileName
}
def get(self):
# 从请求参数中获取opt和token参数值
# 如果opt 为active ,则从redis缓存中查询token对应的user.id
# 再通过 user.id查询数据库中用户, 最后更新用户的is_active状态为True
args = self.parser.parse_args()
opt = args.get('opt')
if opt == 'active':
activeParser = self.parser.copy()
activeParser.add_argument('token',
required=True,
help='必须提供激活的token')
args = activeParser.parse_args() # 验证请求参数
token = args.get('token')
# 进一步处理
user_id = App.ext.cache.get(token)
if user_id:
# 查询用户,并设置用户激活状态
user = dao.getById(User, user_id)
user.is_active = True
dao.save(user)
return {'msg': user.nickName + '用户激活成功!'}
else:
# 重新申请激活
reactive_url = request.host_url + 'account/?opt=reactive'
return {'msg': '本次激活已过期,需要重新申请激活:' + reactive_url}
elif opt == 'login':
return self.login()
elif opt == 'reactive':
return self.reactive()
elif opt == 'logout':
return self.logout()
def sendMail(uId):
try:
import manage
except:
pass
global manage
with manage.app.test_request_context():
u = dao.getById(User, uId)
print('查到的用户', u)
# helper.sendMail(u)
token = getToken()
# 将token设置到redis缓存中
App.ext.cache.set(token, u.id, timeout=10 * 60) # 允许10分钟内来激活用户
active_url = request.host_url + 'account/?opt=active&token=' + token
print(active_url)
# 发送邮件
msg = Message(subject='Tpp用户激活',
recipients=[u.email],
sender='*****@*****.**')
msg.html = render_template('msg.html', username=u.name, active_url=active_url)
try:
print(msg.html)
App.ext.mail.send(msg)
print('邮件已发送')
except Exception as e:
print(e)
print('邮件发送失败')
def sendMail(uId, url):
try:
import manage
except:
pass
global manage
with manage.app.test_request_context():
u = dao.getById(User, uId)
print('查到的用户', u)
# helper.sendMail(u)
token = getToken()
# 将token设置到redis缓存中
App.ext.cache.set(token, u.id, timeout=10 * 60) # 允许10分钟内来激活用户
active_url = url + 'account/?opt=active&token=' + token
print(active_url)
# 发送邮件
msg = Message(subject='Tpp用户激活',
recipients=[u.email],
sender='*****@*****.**')
# msg.html = render_template('msg.html', username=u.name, active_url=active_url)
msg.html = "<h1>{} 注册成功!</h1><h3>请先<a href={}>激活</a>注册账号</h3> <h2>或者复制地址到浏览器: {}</h2>" \
.format(u.name, active_url, active_url)
try:
print(msg.html)
App.ext.mail.send(msg)
print('邮件已发送')
except Exception as e:
print(e)
print('邮件发送失败')
def get(self):
args = self.parser.parse_args()
opt = args.get('opt')
if opt == 'active':
activeParser = self.parser.copy()
activeParser.add_argument('token', required=True, help='必须提供激活的token')
args = activeParser.parse_args() # 验证请求参数
token = args.get('token')
# 进一步处理
user_id = App.ext.cache.get(token)
if user_id:
user = dao.getById(User, user_id)
user.is_active = True
save(user)
App.ext.cache.clear()
return {'msg': '{}用户激活成功'.format(user.name)}
else:
reactive_url = request.host_url + 'account?opt=reactive'
return {'msg': '验证码已经过期' + reactive_url}
elif opt == 'login':
return self.login()
elif opt == 'reactive':
return self.reactive()
elif opt == 'logout':
return self.logout()
elif opt == 'modifyPasswd':
return self.modifyPasswd()
def sendMail(uId, url):
with manage.app.test_request_context():
u = dao.getById(User, uId)
print('查到的用户', u)
token = md5_crypt(str(uuid.uuid4()))
# 将token设置到redis缓存中
App.ext.cache.set(token, u.id, timeout=10 * 60) # 允许10分钟内来激活用户
print('toke', token)
print('id', u.id)
active_url = url + 'account/?opt=active&token=' + token
print('路径', active_url)
# 发送邮件
msg = Message(subject='淘票票用户激活',
recipients=[u.email],
sender='*****@*****.**')
msg.html = "<h1>{} 注册成功!</h1><h3>请先<a href={}>激活</a>注册账号</h3> <h2>或者复制地址到浏览器: {}</h2>".format(
u.name, active_url, active_url)
try:
print(msg.html)
App.ext.mail.send(msg)
print('邮件已发送')
except Exception as e:
print(e)
print('邮件发送失败')
def get(self):
# 从请求参数中获取opt和token参数值
# 如果opt 为active ,则从redis缓存中查询token对应的user.id
# 再通过 user.id查询数据库中用户, 最后更新用户的is_active状态为True
args = self.parser.parse_args()
opt = args.get('opt')
if opt == 'active':
activeParse = self.parser.copy()
activeParse.add_argument('token', required=True, help='没有提供TOKEN')
args = activeParse.parse_args()
token = args.get('token')
id = App.ext.cache.get(token)
print('------', id, token)
if id:
user = dao.getById(User, id)
user.is_active = True
dao.save(user)
#清除缓存
App.ext.cache.clear()
print('用户id', id)
return {'msg': ' 恭喜您的{}用户激活成功!'.format(user.name)}
else:
#cache过时了,申请用户激活
reactive_url = request.host_url + 'account/?opt=reactive'
return {'msg': '验证超时,请重新激活' + reactive_url}
elif opt == 'login':
return self.login()
elif opt == 'reactive':
return self.reactive()
elif opt == 'loginout':
return self.loginout()
return {'msg': '404'}
def delete(self):
mid = request.args.get('mid')
movie = dao.getById(Movies, mid)
if not movie:
return {'msg': '你要删除的影片资源不存在!'}
dao.delete(movie)
return {'msg': '删除成功'}
def wrapper(*args, **kwargs):
print('-check login--')
token = request.args.get('token')
user_id = session.get(token)
if not user_id:
return {'msg': '用户必须先登录'}
loginUser = dao.getById(User, user_id)
if loginUser.rights & qx == qx:
return fun(*args, **kwargs)
else:
qxObj = dao.query(Qx).filter(Qx.right == qx).first()
return {'msg': '用户没有 {} 权限'.format(qxObj.name)}
def action(*args, **kwargs):
#获取用户的token,{token:id},从request中传来的
token = request.args.get('token')
u_id = session.get(token)
if not u_id:
return {'msg': '请先登录'}
user: User = dao.getById(User, u_id)
# 用户要执行什么操作
opt = dao.query(Qx).filter(Qx.right == caozuo).first()
# 拿用户的权限和settings中的权限值做&操作
if not user.reghts & caozuo == caozuo:
return {'msg': '对不起您不具备{}权限'.format(opt.name)}
return fn(*args, **kwargs)
def loginout(self):
loginoutParser = self.parser.copy()
loginoutParser.add_argument('token',
required=True,
help='退出用户必须提供token')
args = loginoutParser.parse_args() #验证数据
token = args.get('token')
userid = session.get(token)
if not userid:
return {'msg': '用户未登录,请先登录'}
user = dao.getById(User, userid)
if not user:
return {'status': 400, 'msg': 'token无效,退出失败'}
session.pop(token) #从session字典中删除token
return {'status': 200, 'msg': '退出成功'}
def logout(self):
myParser = self.parser.copy()
myParser.add_argument('token', required=True, help='用户退出必须提供token参数')
args = myParser.parse_args()
token = args.get('token')
user_id = session.get(token)
if not user_id:
return {'status': 701, 'msg': '用户未登录,请先登录!'}
u = dao.getById(User, user_id)
if not u:
return {'status': 702, 'msg': '用户退出失败,token无效!'}
session.pop(token) # 从session中删除token
return {'status': 200, 'msg': '退出成功!'}
def delete(self):
mid = request.args.get('mid')
# #从session中获取登录用户的token
# user_id = session.get(request.args.get('token'))
# if not user_id:
# return {'msg':'请先登录'}
# loginUser:User = dao.getById(User,user_id)
#
# #删除影片功能
# if loginUser.reghts & QX.DELETE_QX ==QX.DELETE_QX:
# #当前用户有删除权限
movie = dao.getById(Movies, mid)
if not movie:
return {'msg': '电影不存在'}
dao.delete(movie)
return {'msg': '删除成功'}
def sendMail(uId,active_url):
with manage.app.test_request_context():
u = dao.getById(User, uId)
token = getToken()
App.ext.cache.set(token, u.id, timeout=60 * 10)
active_url = active_url + token
msg = Message(subject='淘票票用户激活', recipients=[u.email])
msg.html = render_template('msg.html', username=u.name, active_url=active_url)
try:
App.ext.mail.send(msg)
print('邮件已发送')
except Exception as e:
print('邮件发送失败')
def post(self):
args = self.parser.parse_args()
uFile: FileStorage = args['img']
newFileName = str(uuid4()).replace('-', '')
newFileName += '.' + uFile.filename.split('.')[-1]
id = session.get(args['token'])
user = dao.getById(User, id)
uFile.save(os.path.join(settings.MEDIA_DIR, newFileName))
uFile.close()
user.photo1 = '/static/uploads/' + newFileName
dao.save(user)
return {
'msg': '上传成功!',
'path': '/static/uploads/{}'.format(newFileName)
}