def check(req=None, delete=False):
# 输入校验
if not req:
return False
if not (('id' in req) and ('answer' in req)):
return False
# 提取记录
_id = req['id']
db = getSession()
veri = db.query(Verification).filter(Verification.id == _id).first()
if not veri:
return False
# 检查时效
timestamp = veri.timestamp
passed_time = int(str(time.time()).replace('.', '')[0:13]) - int(timestamp)
passed_time = int(passed_time / 1000 / 60)
if passed_time > 5:
return False
# 检查答案
if str(veri.answer) != str(req['answer']):
return False
# 验证成功,删除验证码
db.delete(veri)
db.commit()
db.close()
return True
def check(req=None,delete=False):
if not req:
return False
# 檢查參數是否齊全
if not(('id' in req) and ('answer' in req)):
return False
# 查找驗證碼記錄
_id = req['id']
db = getSession()
veri = db.query(Verification).filter(Verification.id == _id).first()
if not veri:
return False
# 檢查驗證碼是否過期
timestamp = veri.timestamp
passed_time = int(str(time.time()).replace('.','')[0:13]) - int(timestamp)
passed_time = int(passed_time/1000/60)
if passed_time > 5:
return False
# 檢查驗證碼是否正確
if str(veri.answer) != str(req['answer']):
return False
if delete:
# 刪除數據
db.delete(veri)
db.commit()
# 通過驗證
return True
def history_json():
auth = request.args.get('auth')
user_id = auth.split('->')[0]
password = auth.split('->')[1]
db = getSession()
user = db.query(User).filter(User.id == user_id).first()
print(user)
if not(user.password == password):
abort(401)
db.delete(user)
db.commit()
history = db.query(Article).filter(Article.user_id == user_id).all()
print(history)
print('删除历史')
if not history:
pass
else:
print('删除日记')
for i in history:
db.delete(i)
db.commit()
return jsonify({
'ok': True,
'message': '再会'
})
def get():
number_list = ['0','1','2','3','4','5','6','7','8','9']
num1 = random.choice(number_list)
num2 = random.choice(number_list)
operators = ['+','-','*']
opt = random.choice(operators)
question = num1+opt+num2
answer = eval(num1+opt+num2)
timestamp = int(str(time.time()).replace('.','')[0:13])
_id = string_to_md5(timestamp,mix=True)
print(time.strftime('%Y-%m-%d %H:%M:%S',time.localtime(timestamp)))
# write to database
db = getSession()
veri = Verification(id=_id,timestamp=timestamp,question=question,answer=answer)
db.add(veri)
db.commit()
return jsonify({
'ok':True,
'data':{
'id':_id,
'timestamp':timestamp,
'answer':answer,
'question':question
}
})
def get():
# 准备一个随机问题
number_list = ['0', '1', '2', '3', '4', '5', '6', '7', '8', '9']
num1 = random.choice(number_list)
num2 = random.choice(number_list)
operators = ['+', '-', '*']
opt = random.choice(operators)
# 准备一条验证记录
timestamp = int(str(time.time()).replace('.', '')[0:13])
_id = string_to_md5(timestamp, mix=True)
question = num1 + opt + num2
answer = eval(num1 + opt + num2)
# 写入记录到数据库
db = getSession()
veri = Verification(id=_id,
timestamp=timestamp,
question=question,
answer=answer)
db.add(veri)
db.commit()
db.close()
# 启动另外一个线程来清理过期验证码
Thread(target=clean).start()
# 返回生成记录的唯一标识
return jsonify({'ok': True, 'data': {'id': _id}})
def history():
auth = request.json['auth']
user_id = auth.split('->')[0]
db = getSession()
# 提取用户记录
history = db.query(Article.id, Article.timestamp, Article.content).filter(
Article.user_id == user_id).order_by(Article.timestamp.desc()).all()
if not history:
return jsonify({
'ok': False,
}), 404
return jsonify({'ok': True, 'data': {'history': history}})
def clean():
try:
db = getSession()
timenow = int(str(time.time()).replace('.', '')[0:13])
overdue = db.query(Verification).filter(
(timenow - Verification.timestamp) > 300000).all()
for i in overdue:
db.delete(i)
db.commit()
db.close()
# print('过期验证码清理完成')
return True
except:
return False
def getImg(*args, **kwargs):
# 校验输入
if '_id' in kwargs:
_id = kwargs['_id']
# 查询记录
db = getSession()
veri = db.query(Verification).filter(Verification.id == _id).first()
db.close()
if not veri:
return jsonify({'ok': False, 'message': '该记录已失效'})
# 调用字符转图片函数生成验证码的图片并返回
return send_file(text_to_png(veri.question + '='),
mimetype='image/png')
else:
return jsonify({'ok': False, 'message': '参数错误'})
def use():
if request.method == 'OPTIONS':
return ''
req = request.json
# print(req)
# 檢查參數是否齊全
if not(('id' in req) and ('answer' in req)):
return jsonify({
'ok':False,
'message':'不要非法侵入本站喔。'
})
# 查找驗證碼記錄
_id = req['id']
db = getSession()
veri = db.query(Verification).filter(Verification.id == _id).first()
if not veri:
return jsonify({
'ok':False,
'message':'該驗證碼不存在。'
})
# 檢查驗證碼是否過期
timestamp = veri.timestamp
passed_time = int(str(time.time()).replace('.','')[0:13]) - int(timestamp)
passed_time = int(passed_time/1000/60)
# print (passed_time)
if passed_time > 5:
return jsonify({
'ok':False,
'message':'{0}分鍾過去了,你需要重新請求驗證碼。'.format(passed_time)
})
# 檢查驗證碼是否正確
# print(veri.answer,req['answer'])
if str(veri.answer) != str(req['answer']):
return jsonify({
'ok':False,
'message':'驗證失敗,請檢查輸入。'
})
# 通過驗證
return jsonify({
'ok':True,
'message':'驗證通過。'
})
def history_json():
auth = request.args.get('auth')
user_id = auth.split('->')[0]
db = getSession()
history = db.query(Article.id, Article.timestamp, Article.content).filter(
Article.user_id == user_id).order_by(Article.timestamp.desc()).all()
if not history:
abort(404)
# print (history)
s = bytes(json.dumps(history), encoding="utf8")
f = BytesIO()
f.write(s)
f.seek(0)
return send_file(f,
cache_timeout=600,
mimetype='application/octet-stream',
as_attachment=True,
attachment_filename='history.json')
def save():
# 校验输入
auth = request.json['auth']
user_id = auth.split('->')[0]
content = None
try:
content = request.json['content']
except:
abort(400)
if len(content) > 200:
return jsonify({'ok': False, 'message': '字数超过限定'}), 500
db = getSession()
# 新建
def new():
_id = string_to_md5(user_id, mix=True)
arti = Article(id=_id,
user_id=user_id,
timestamp=int(str(time.time()).replace('.', '')[0:13]),
content=content)
db.add(arti)
db.commit()
return jsonify({'ok': True})
# 提取用户最新记录
latest = db.query(Article).filter(Article.user_id == user_id).order_by(
Article.timestamp.desc()).first()
if not latest:
return new()
# 最新一条记录是否今天,如果不是今天就新建。
if timestamp_to_yymmdd(latest.timestamp) != timestamp_to_yymmdd():
return new()
# 如果是同一天就更新
else:
latest.content = content
db.commit()
return jsonify({'ok': True})
def check_auth(auth):
_id = None
_hash = None
try:
_id = auth.split('->')[0]
_hash = auth.split('->')[1]
except:
return False
if _id and _hash:
db = getSession()
is_user = db.query(User).filter(User.id == _id).first()
if not is_user:
return False
elif not (is_user.password == _hash):
return False
else:
return True
else:
return False
def history_upload():
# 校验输入
auth = request.json['auth']
user_id = auth.split('->')[0]
history = None
try:
history = request.json['history']
except:
abort(400)
db = getSession()
# 新建
def new(item):
_id = item[0]
_timestamp = item[1]
_content = item[2]
arti = Article(id=_id,
user_id=user_id,
timestamp=_timestamp,
content=_content)
db.add(arti)
db.commit()
for i in history:
if len(i[2]) > 200:
return jsonify({'ok': False, 'message': '字数超过限定'}), 400
else:
# 尝试提取记录
article = db.query(Article).filter(Article.user_id == user_id,
Article.id == i[0]).first()
if not article:
try:
new(i)
except:
return jsonify({'ok': False, 'message': '无法跨账户导入'}), 500
else:
continue
return jsonify({'ok': True})
def login():
# 校验输入
data = None
try:
data = request.json
if not check_item_in_dict(['id', 'answer', 'mail', 'password', 'timestamp'], data):
return jsonify({
'ok': False,
'message': '参数错误'
}), 500
except:
return jsonify({
'ok': False,
'message': '非法请求'
}), 400
# 查询记录
db = getSession()
_id = string_to_md5(data['mail'], mix=False)
# 检查用户是否存在
is_user = db.query(User).filter(User.id == _id).first()
if not is_user:
return jsonify({
'ok': False,
'message': '该邮箱尚未注册'
})
# 检查密码是否正确
password = string_to_md5(data['password'])
if (password != is_user.password):
return jsonify({
'ok': False,
'message': '密码错误'
})
return jsonify({
'ok': True,
'data': {
'auth': is_user.id + '->' + is_user.password
}
})
def signup():
# 校验输入
data = None
try:
data = request.json
if not check_item_in_dict(['id', 'answer', 'mail', 'password', 'timestamp'], data):
return jsonify({
'ok': False,
'message': '参数错误'
}), 500
except:
return jsonify({
'ok': False,
'message': '非法请求'
}), 400
db = getSession()
_id = string_to_md5(data['mail'], mix=False)
is_user = db.query(User.mail).filter(User.id == _id).first()
if is_user:
return jsonify({
'ok': False,
'message': '该邮箱已注册'
})
# 新建记录
try:
mail = data['mail']
password = string_to_md5(data['password'])
name = data['mail'].split('@')[0]
user = User(id=_id, mail=mail, password=password, name=name, config='')
db.add(user)
db.commit()
return jsonify({
'ok': True
})
except:
return jsonify({
'ok': False,
'message': '预料之外的错误'
})
def reset_password():
# 校验输入
data = None
try:
data = request.json
if not check_item_in_dict(['id', 'answer', 'mail', 'password', 'timestamp', 'code'], data):
return jsonify({
'ok': False,
'message': '参数错误'
}), 500
except:
return jsonify({
'ok': False,
'message': '非法请求'
}), 400
db = getSession()
_id = string_to_md5(data['mail'], mix=False)
is_user = db.query(User).filter(User.id == _id).first()
if not is_user:
return jsonify({
'ok': False,
'message': '该邮箱尚未注册'
})
# 更新密码记录
if is_user.password == data['code']:
password = string_to_md5(data['password'])
is_user.password = password
db.commit()
return jsonify({
'ok': True
})
else:
return jsonify({
'ok': False,
'message': '校验码已失效'
})
def today():
auth = request.json['auth']
user_id = auth.split('->')[0]
db = getSession()
# 提取用户最新记录
latest = db.query(Article).filter(Article.user_id == user_id).order_by(
Article.timestamp.desc()).first()
if not latest:
abort(404)
# 最新一条记录是否今天,如果不是今天就返回空内容。
if timestamp_to_yymmdd(latest.timestamp) != timestamp_to_yymmdd():
abort(404)
# 最新一条记录以存在,且记录时间是今天时,返回该记录内容
return jsonify({
'ok': True,
'data': {
'content': latest.content,
'timestamp': latest.timestamp
}
})
def get_password_reset_code():
# 校验输入
data = None
try:
data = request.json
if not check_item_in_dict(['id', 'answer', 'mail'], data):
return jsonify({
'ok': False,
'message': '参数错误'
}), 500
except:
return jsonify({
'ok': False,
'message': '非法请求'
}), 400
db = getSession()
_id = string_to_md5(data['mail'], mix=False)
is_user = db.query(User).filter(User.id == _id).first()
if not is_user:
return jsonify({
'ok': False,
'message': '该邮箱尚未注册'
})
# 准备数据
reset_link = '{}#/forget?mail={}&code={}'.format(
config.app['web_addr'], is_user.mail, is_user.password)
content = render_template('reset_password.html',
link=reset_link, name=is_user.name)
subject = '重置梗概轻日记的密码'
# 启动新线程来发送邮件
Thread(target=mail.send, args=(
{'name': is_user.name, 'mail': is_user.mail}, content, subject)).start()
return jsonify({
'ok': True
})
