def tpl_params():
"""模板公共变量
Returns:
dict -- 网页底部变量
"""
populars = Article.populars(6)
footer_address = sys_config('footer_address', ['title', 'value'])
telephone = sys_config('telephone', ['title', 'value'])
fax = sys_config('fax', ['title', 'value'])
email = sys_config('email', ['title', 'value'])
site_name = sys_config('site_name')
params = {
'footer_address': footer_address,
'telephone': telephone,
'fax': fax,
'email': email,
'populars_left': populars[:3],
'populars_right': populars[3:],
'site_name': site_name,
'ad_thumb_prefix': '',
'article_thumb_prefix': '',
'app_name': 'home',
}
return params
def get(self, *args, **kwargs):
"""
关于我们
"""
field = ['title', 'subtitle', 'value']
about_us_a = sys_config('about_us_a', field)
about_us_b = sys_config('about_us_b', field)
# teams = get_teams({'limit':8})
query = "SELECT `id`, `title`, `description`, `name`, `avatar` FROM `home_team` WHERE `status`=1 ORDER BY `order` ASC LIMIT 8"
session = Connector.get_session()
# print('session', type(session),session)
teams = session.get('master').execute(query).fetchall()
# print('teams', type(teams),teams)
about_us_b['value'] = about_us_b['value'].replace("\n\n",
"\n").replace(
"\n", "<br/>")
params = {
'about_us_a': about_us_a,
'about_us_b': about_us_b,
'teams': teams,
'new_right': {},
'flatpage': {
'title': '关于我们',
},
}
# 合并字典
params.update(tpl_params())
self.render_html('singlepage/about.htm', **params)
def admin_init(xsrf_token):
rsa_encrypt = sys_config('login_pwd_rsa_encrypt')
public_key = sys_config('login_rsa_pub_key')
return {
'rsa_encrypt': int(rsa_encrypt),
'public_key': public_key,
'xsrf_token': xsrf_token,
}
def login_post(self, *args, **kwargs):
username = self.get_argument('username', '')
password = self.get_argument('password', '')
code = self.get_argument('code', '')
# print('login_post self.request.arguments ', type(self.request.arguments), self.request.arguments)
if not username:
post_data = self.request.body.decode('utf-8')
try:
post_data = json_decode(post_data)
username = post_data.get('username', '')
password = post_data.get('password', '')
code = post_data.get('code', '')
except Exception as e:
pass
# print('login_post data ', type(post_data), post_data)
# print('login_post ', self.request.headers)
if not username or not password:
raise JsonError('参数必须')
test_verify_switch = sys_config('test_verify_switch')
test_verify_switch = 1 if test_verify_switch else 0
if int(test_verify_switch) == 1:
if self.__invalid_img_captcha(code):
raise JsonError('验证码错误')
rsa_encrypt = sys_config('login_pwd_rsa_encrypt')
if int(rsa_encrypt) == 1:
private_key = sys_config('login_rsa_priv_key')
password = RSAEncrypter.decrypt(password, private_key)
if password == False:
raise JsonError('密码错误')
user = AdminUser.Q.filter(AdminUser.username == username).first()
if user is None:
raise JsonError('用户名或者密码错误')
if check_password(password, user.password) is not True:
raise JsonError('用户名或者密码错误')
if int(user.status) == 0:
raise JsonError('用户被“禁用”,请联系客服')
AdminUserService.login_success(user, self)
self.clear_cookie(settings.valid_code_key)
data = {
'username': user.username,
'last_login_at': user.last_login_at,
'login_count': user.login_count,
'is_superadmin': self.super_role(),
'token': 'token'
}
return self.success('成功', data=data)
def get(self, *args, **kwargs):
next = self.get_argument('next', '')
if self.current_user:
next = next if next else '/member/index'
self.redirect(next)
params = {
'public_key': sys_config('login_rsa_pub_key'),
'rsa_encrypt': sys_config('login_pwd_rsa_encrypt'),
'next': next,
'message': '',
}
# self.show(self.get_template_path())
self.render('passport/login.html', **params)
def get(self, *args, **kwargs):
"""Home首页
"""
user_id = self.current_user.get('id')
member = Member.Q.filter(Member.id==user_id).first()
data_info = member.as_dict()
params = {
'member': member,
'data_info': data_info,
'public_key': sys_config('login_rsa_pub_key'),
'rsa_encrypt': sys_config('login_pwd_rsa_encrypt'),
'active': {'set':'layui-this'},
}
self.render('member/set.html', **params)
def unlock_user(user_id, password):
is_rsa = sys_config('login_pwd_rsa_encrypt')
if int(is_rsa) == 1:
private_key = sys_config('login_rsa_priv_key')
try:
password = RSAEncrypter.decrypt(password, private_key)
except Exception as e:
raise JsonError(msg='签名失败', code=11)
user = AdminUser.Q.filter(AdminUser.id == user_id).first()
if user is None:
raise JsonError('用户信息出错')
if check_password(password, user.password) == False:
raise JsonError('密码错误')
return True
def case_list_get(self, *args, **kwargs):
params = tpl_params()
params['index_welcome'] = sys_config('index_welcome', ['title', 'value'])
params['friendlinks'] = FriendlinkService.get_list({'status': 1})
params['index_banner'] = AdvertisingService.list_for_category('index_banner', 3)
params['index_square'] = AdvertisingService.list_for_category('index_square', 4)
self.render('goods_list.htm', **params)
def update(user_id, param, rsa_encrypt=0):
"""
保存用户数据
:param user: 用户数据字典
:param rsa_encrypt:
:param user_id:
:return:
"""
columns = [i for (i, _) in AdminUser.__table__.columns.items()]
param = {k: v for k, v in param.items() if k in columns}
if 'updated_at' in columns:
param['updated_at'] = utime.timestamp(3)
if 'username' in param.keys():
if param['username']:
if AdminUserService.check_username(param['username'], user_id):
raise JsonError('名称已被占用')
else:
del param['username']
if 'password' in param.keys():
if param['password']:
if settings.login_pwd_rsa_encrypt and int(
rsa_encrypt) == 1 and len(param['password']) > 4:
private_key = sys_config('login_rsa_priv_key')
param['password'] = RSAEncrypter.decrypt(
param['password'], private_key)
param['password'] = make_password(param['password'])
else:
del param['password']
if 'email' in param.keys():
if param['email']:
if AdminUserService.check_email(param['email'], user_id):
raise JsonError('邮箱已被占用')
else:
param['email'] = None
if 'mobile' in param.keys():
if param['mobile']:
if AdminUserService.check_mobile(param['mobile'], user_id):
raise JsonError('电话号码已被占用')
else:
param['mobile'] = None
try:
if user_id:
AdminUser.Update.filter(AdminUser.id == user_id).update(param)
else:
obj = AdminUser(**param)
AdminUser.session.add(obj)
except Exception as e:
raise e
else:
AdminUser.session.commit()
return True
def index_get(self, *args, **kwargs):
"""首页
"""
params = tpl_params()
params['index_welcome'] = sys_config('index_welcome', ['title', 'value'])
params['friendlinks'] = FriendlinkService.get_list({'status': 1})
params['index_banner'] = AdvertisingService.list_for_category('index_banner', 3)
params['index_square'] = AdvertisingService.list_for_category('index_square', 4)
params['index_goods'] = GoodsService.list_most_importance(4)
self.render('index.htm', **params)
def activate_email(self, email):
"""激活邮箱发送邮件功能
"""
if not Func.is_email(email):
return self.error('Email格式不正确')
user_id = self.current_user.get('id')
member = Member.Q.filter(Member.id==user_id).first()
if member.email_activated:
return self.error('已经激活了,请不要重复操作')
token = self.get_secure_cookie(settings.token_key)
if token:
return self.error('邮件已发送,10分钟后重试')
self.success()
subject = '[%s]激活邮件' % sys_config('site_name')
token = Func.uuid32()
action_url = sys_config('site_url') + '/member/activate.html?token=' + token
localnow = Func.local_now() + datetime.timedelta(minutes=10)
params = {
'username': member.username,
'expires': str(localnow),
'action_url': action_url,
'action_tips': '立即激活邮箱',
}
tmpl = 'common/email_content.html'
content = self.render_string(tmpl, **params)
# print('content', content)
Func.sendmail({'to_addr': email, 'subject':subject, 'content': content})
save = {
'token':token,
'account': email,
'username': member.username,
'action':'email_reset_pwd',
}
expires = time.mktime(localnow.timetuple())
self.set_secure_cookie(settings.token_key, str(save), expires=expires)
return
def email_reset_pwd(self, email):
"""使用Email充值密码发送邮件功能
"""
if not Func.is_email(email):
return self.error('Email格式不正确')
token = self.get_secure_cookie(settings.token_key)
if token:
return self.error('邮件已发送,30分钟后重试')
member = Member.Q.filter(Member.email==email).first()
if member is None:
return self.error('账户没有注册')
if member.status==0:
return self.error('账户被禁用')
self.success()
subject = '[%s]找回密码' % sys_config('site_name')
token = Func.uuid32()
action_url = sys_config('site_url') + '/passport/forget.html?token=' + token
localnow = Func.local_now() + datetime.timedelta(minutes=30)
params = {
'username': member.username,
'expires': str(localnow),
'action_url': action_url,
'action_tips': '立即重置密码',
}
tmpl = 'common/email_content.html'
content = self.render_string(tmpl, **params)
# print('content', content)
Func.sendmail({'to_addr': email, 'subject':subject, 'content': content})
save = {
'token':token,
'account': email,
'username': member.username,
'action':'email_reset_pwd',
}
expires = time.mktime(localnow.timetuple())
self.set_secure_cookie(settings.token_key, str(save), expires=expires)
return
def get(self, *args, **kwargs):
token = self.get_argument('token', None)
token2 = self.get_secure_cookie(settings.token_key)
params = {
'public_key': sys_config('login_rsa_pub_key'),
'rsa_encrypt': sys_config('login_pwd_rsa_encrypt'),
'token': token,
'reset_pwd': '1',
}
# print("token2: ", token2)
if token and token2:
token2 = str(token2, encoding='utf-8')
token2 = token2.replace('\'', '"')
token2 = json_decode(token2)
action = token2.get('action', '')
account = token2.get('account', '')
if token2.get('token', '')==token:
params['reset_pwd'] = '2'
params['username'] = token2.get('username', '')
self.render('passport/forget.html', **params)
def get(self, *args, **kwargs):
"""
联系我们
"""
contact = sys_config('contact', ['title', 'subtitle', 'value'])
params = {
'contact': contact,
'flatpage': {
'title': '联系我们',
},
'csrf_input': self.xsrf_form_html(),
} # 合并字典
params.update(tpl_params())
self.render_html('singlepage/contact.htm', **params)
def get(self, *args, **kwargs):
next = self.get_argument('next', '')
referrer = self.get_argument('referrer', '')
# print(aes_encrypt('de001cb8f0404944994e14f20bf76a02', prefix=''))
params = {
'public_key': sys_config('login_rsa_pub_key'),
'rsa_encrypt': sys_config('login_pwd_rsa_encrypt'),
'next': next,
'referrer_name': '',
'ref_user_id': '',
}
if referrer:
ref_info = {}
try:
ref_user_id = aes_decrypt(referrer, prefix='')
ref_info = Member.get_info(ref_user_id, 'username')
params['referrer_name'] = ref_info.get('username', '')
params['ref_user_id'] = ref_user_id
except Exception as e:
pass
# self.show('home/login')
self.render('passport/register.html', **params)
def get(self, *args, **kwargs):
"""首页
"""
# ad_list = get_ad(position='index_banner') # 名称中包含 "abc"的人
ad_list = []
welcome = sys_config('index_welcome', ['title', 'value'])
offer = sys_config('index_what_we_offer', ['title', 'value'])
new_right = sys_config('index_new_right_img', ['title', 'value'])
slogan = sys_config('index_slogan', ['title', 'value'])
services_1 = sys_config('index_services_1', ['title', 'value'])
services_2 = sys_config('index_services_2', ['title', 'value'])
services_3 = sys_config('index_services_3', ['title', 'value'])
# 公司动态
# company_news = get_article(category='company_news', options={'limit': 2, 'order': '-publish_date'})
company_news = []
params = {}
params['category'] = 'activity'
params['per_page'] = 3
news_obj = Article.lists(params)
print('news_obj ', type(news_obj), news_obj.items)
if news_obj and news_obj.items:
for item in news_obj.items:
company_news.append(item)
# 产品展示
# products = get_article(category='products', options={'get_list': True, 'order': '-publish_date', 'limit': 8})
products = []
params = {
'ad_list': ad_list,
'welcome': welcome,
'offer': offer,
'new_right': new_right,
'products_left': products[:4],
'products_right': products[4:],
'slogan': slogan,
'services_1': services_1,
'services_2': services_2,
'services_3': services_3,
'company_news': company_news,
}
# 合并字典
params.update(tpl_params())
self.render_html('index.htm', **params)
def post(self, *args, **kwargs):
"""重置密码
"""
user_id = self.current_user.get('id')
next = self.get_argument('next', '')
nowpass = self.get_argument('nowpass', None)
password = self.get_argument('password', None)
repass = self.get_argument('repass', '')
rsa_encrypt = self.get_argument('rsa_encrypt', 0)
if settings.login_pwd_rsa_encrypt and int(rsa_encrypt)==1 and len(password)>10:
private_key = sys_config('login_rsa_priv_key')
nowpass = RSAEncrypter.decrypt(nowpass, private_key)
password = RSAEncrypter.decrypt(password, private_key)
repass = RSAEncrypter.decrypt(repass, private_key)
if not nowpass:
return self.error('当前密码不能够为空')
if not password:
return self.error('新密码不能为空')
if repass!=password:
msg = '两次输入的密码不一致,请重新输入'
msg = "%s, %s" %(password, repass)
return self.error(msg)
member = Member.Q.filter(Member.id==user_id).first()
if int(member.status)==0:
return self.error('用户被“禁用”,请联系客服')
if check_password(nowpass, member.password) is not True:
return self.error('当前密码错误')
params = {
'password': make_password(password),
'status': 1,
}
Member.Update.filter(Member.id==user_id).update(params)
Member.session.commit()
return self.success(next=next)
def post(self, *args, **kwargs):
next = self.get_argument('next', '')
account = self.get_argument('account', None)
password = self.get_argument('password', '')
rsa_encrypt = self.get_argument('rsa_encrypt', 0)
code = self.get_argument('code', '')
_ = self.locale.translate
if self.invalid_img_captcha(code):
return self.error(_('验证码错误'))
if settings.login_pwd_rsa_encrypt and int(rsa_encrypt)==1 and len(password)>10:
private_key = sys_config('login_rsa_priv_key')
password = RSAEncrypter.decrypt(password, private_key)
if not account:
return self.error('账号不能够为空')
if Func.is_mobile(account):
member = Member.Q.filter(Member.mobile==account).first()
elif Func.is_email(account):
member = Member.Q.filter(Member.email==account).first()
else:
member = Member.Q.filter(Member.username==account).first()
if member is None:
return self.error('用户名或者密码错误')
if int(member.status)==0:
return self.error('用户被“禁用”,请联系客服')
if check_password(password, member.password) is not True:
return self.error('用户名或者密码错误')
Member.login_success(member, self)
self.clear_cookie(settings.valid_code_key)
return self.success(next=next)
def change_pwd(password, rsa_encrypt, admin_id):
"""
修改密码
:param password:
:param rsa_encrypt:
:param admin_id:
:return:
"""
admin = AdminUser.Q.filter(AdminUser.id == admin_id).first()
if admin is None:
raise JsonError('参数无效')
if password:
if int(rsa_encrypt) == 1 and password:
private_key = sys_config('login_rsa_priv_key')
password = RSAEncrypter.decrypt(password, private_key)
password = make_password(password)
else:
raise JsonError('参数无效')
AdminUser.Update.filter(AdminUser.id==admin_id)\
.update({'password':password})
AdminUser.session.commit()
return True
def tpl_params():
"""模板公共变量
Returns:
dict -- 网页底部变量
"""
working_time = sys_config('working_time', ['title', 'value'])
company_hotline = sys_config('company_hotline', ['title', 'value'])
company_email = sys_config('company_email', ['title', 'value'])
copyright = sys_config('copyright', ['title', 'value'])
site_name = sys_config('site_name')
site_logo = sys_config('site_logo')
params = {
'working_time': working_time,
'company_hotline': company_hotline,
'company_email': company_email,
'site_name': site_name,
'site_logo': site_logo,
'copyright': copyright,
'utime': utime,
}
return params
def post(self, *args, **kwargs):
next = self.get_argument('next', '')
email = self.get_argument('email', None)
mobile = self.get_argument('mobile', None)
username = self.get_argument('username', None)
sex = self.get_argument('sex', None)
password = self.get_argument('password', None)
repass = self.get_argument('repass', '')
rsa_encrypt = self.get_argument('rsa_encrypt', 0)
ref_user_id = self.get_argument('ref_user_id', '')
code = self.get_argument('code', '')
_ = self.locale.translate
if self.invalid_img_captcha(code):
return self.error(_('验证码错误'))
if not email:
return self.error('Email不能为空')
if not password:
return self.error('密码不能为空')
if settings.login_pwd_rsa_encrypt and int(rsa_encrypt)==1 and len(password)>10:
private_key = sys_config('login_rsa_priv_key')
password = RSAEncrypter.decrypt(password, private_key)
repass = RSAEncrypter.decrypt(repass, private_key)
if repass!=password:
msg = '两次输入的密码不一致,请重新输入'
msg = "%s, %s" %(password, repass)
return self.error(msg)
count = Member.Q.filter(Member.username==username).count()
if count>0:
return self.error('用户名已被占用')
client = 'web'
params = {
'username': username,
'password': make_password(password),
'status': 1,
'avatar': 'image/default_avatar.jpg',
'reg_ip': self.request.remote_ip,
'reg_client': client,
}
if email:
params['email'] = email
count = Member.Q.filter(Member.email==email).count()
if count>0:
return self.error('Email已被占用')
if mobile:
if not Func.mobile(mobile):
return self.error('电话号码格式有误')
params['mobile'] = mobile
count = Member.Q.filter(User.mobile==mobile).count()
if count>0:
return self.error('电话号码已被占用')
if sex:
params['sex'] = sex
if ref_user_id:
params['ref_user_id'] = ref_user_id
(code, member) = Member.register(params)
if code==0:
Member.login_success(member, self, client=client)
return self.success(next=next)
else:
return self.error(member)
def post(self, *args, **kwargs):
"""重置密码
"""
token = self.get_argument('token', None)
next = self.get_argument('next', '')
password = self.get_argument('password', None)
repass = self.get_argument('repass', '')
rsa_encrypt = self.get_argument('rsa_encrypt', 0)
code = self.get_argument('code', '')
_ = self.locale.translate
if self.invalid_img_captcha(code):
return self.error(_('验证码错误'))
token2 = self.get_secure_cookie(settings.token_key)
if not(token and token2):
return self.error('Token不存在或已经过期')
token2 = str(token2, encoding='utf-8')
token2 = token2.replace('\'', '"')
token2 = json_decode(token2)
action = token2.get('action', '')
account = token2.get('account', '')
# print('token2 ', token2.get('token', ''), token)
if token2.get('token', '')!=token:
return self.error('Token不匹配')
if not password:
return self.error('新密码不能为空')
if settings.login_pwd_rsa_encrypt and int(rsa_encrypt)==1 and len(password)>10:
private_key = sys_config('login_rsa_priv_key')
password = RSAEncrypter.decrypt(password, private_key)
repass = RSAEncrypter.decrypt(repass, private_key)
if repass!=password:
msg = '两次输入的密码不一致,请重新输入'
msg = "%s, %s" %(password, repass)
return self.error(msg)
member = None
if action=='email_reset_pwd':
member = Member.Q.filter(Member.email==account).first()
else:
return self.error('不支持的action')
if member is None:
return self.error('用户不存在')
if int(member.status)==0:
return self.error('用户被“禁用”,请联系客服')
user_id = member.id
params = {
'password': make_password(password),
}
Member.Update.filter(Member.id==user_id).update(params)
Member.session.commit()
params = {
'user_id': user_id,
'account': account,
'action': 'email_reset_pwd',
'ip': self.request.remote_ip,
'client': 'web',
}
MemberOperationLog.add_log(params)
self.clear_cookie(settings.token_key)
return self.success(next=next)
