Exemplo n.º 1
0
def change_pwd():
    req_data = None
    if request.headers['Content-Type'].startswith('application/json'):
        req_data = request.get_json()
    if req_data is None:
        return jsonify({'code': 9000, 'msg': '请上传json数据,且参数必须按api接口标准给定'})
    token = req_data.get('token', None)
    if token is None:
        return jsonify({'code': 202, 'msg': '没有登录,请先登录'})
    if bool(cache.check_token(token)):
        user_id = cache.get_token_user_id(token)
        pwd = dao.select_pwd(user_id)
        pwd1 = pwd['password']
        oldpwd = req_data['oldpwd']
        newpwd = req_data['newpwd']
        once_newpwd = req_data['once_newpwd']
        if check_password(oldpwd, pwd1):
            if newpwd == once_newpwd:
                m_new_password = make_password(str(newpwd))
                new_password = dao.update_pwd(m_new_password, user_id)
                if new_password:
                    return jsonify({'code': 200, 'msg': '修改成功'})
            else:
                return jsonify({'code': 201, 'msg': '两次输入密码不一致'})
        else:
            return jsonify({'code': 202, 'msg': '原密码错误'})
    else:
        return jsonify({"msg": "token值错误或者过期,请先登录"})
Exemplo n.º 2
0
def code_login():
    r_data = request.get_json()
    if r_data:
        phone = r_data['phone']
        pwd = r_data['pwd']
        #判断接受的数据是否为空
        if all((phone, pwd)):
            u_password = UserDao().get_pwd('u_tel',phone)
            if check_password(pwd,u_password):
                user_id = UserDao().get_id('u_tel',phone)
                print(user_id)
                if user_id is not None:
                    token = uuid.uuid4().hex
                    save_token(token, user_id)
                    data = UserDao().get_profile(user_id)
                    return jsonify({
                        'code': 200,
                        'msg': '登录成功,欢迎使用MT外卖品台',
                        'token': token,
                        'data': data
                    })
    return jsonify({
        "code": 207,
        "msg": "手机号或者密码错误,请重新输入"
    })
Exemplo n.º 3
0
 def login_pwd(self, u_phone, u_auth_string):
     sql = "select * from users where u_phone=%s"
     user_profile = self.query(sql, u_phone)
     id, auth_str = (user_profile[0].get('id'),
                     user_profile[0].get('u_auth_string'))
     if check_password(u_auth_string, auth_str):
         return user_profile
     api_logger.warn('用户 %s 的口令不正确' % u_phone)
     return [{'code': '303', 'msg': '用户口令不正确'}]
Exemplo n.º 4
0
    def login_str(self, phone, login_auth_str):
        user_data = self.login_data(phone)  # 获取用户表中的用户id和口令
        if user_data:
            user_id, auth_str = (user_data[0].get('id'),
                                 user_data[0].get('login_auth_str'))

            if check_password(login_auth_str, auth_str):
                # 验证成功
                return True
            # api_logger.warn('用户 %s 的口令不正确' % phone)
            return False
Exemplo n.º 5
0
def to_lend():
    req_data = None
    api_logger.info(request.headers)
    if request.headers['Content-Type'].startswith('application/json'):
        req_data = request.get_json()
    if req_data is None:
        api_logger.warn('%s 请求参数未上传-json' % request.remote_addr)
        return jsonify({'code': 9000, 'msg': '请上传json数据,且参数必须按api接口标准给定'})

    api_logger.debug(req_data)
    if all((req_data.get('token', False), req_data.get('product_id', False),
            req_data.get('lendMoney',
                         False), req_data.get('lendpassword', False))):
        datas = {}
        token = req_data.get('token')
        datas['user_id'] = get_token_user_id(token)
        datas['product_id'] = req_data.get('product_id')
        datas['lendTime'] = datetime.now()
        user = dao.query_user(datas['user_id'])[0]
        datas['lendUserTel'] = user['userName']
        datas['lendMoney'] = req_data.get('lendMoney')
        datas['is_past'] = '0'
        user_id = datas['user_id']
        user_cart = dao.query_user_cart(user_id)
        cartid = user_cart['card_id']
        card = dao.query_cart(cartid)
        cardPwd = card['cardPwd']
        lendpassword = req_data.get('lendpassword')
        if check_password(lendpassword, cardPwd):
            if float(datas['lendMoney']) < float(user['zyMoney']):

                if dao.lend_save(**datas):
                    zyMoney = float(user['zyMoney']) - float(
                        datas['lendMoney'])

                    dao.update_user_zymoney(zyMoney, user_id)

                    return jsonify({'code': 200, 'msg': "成功借出"})
                else:
                    return jsonify({'code': 201, 'msg': "出借失败"})
            else:
                return jsonify({'code': 203, 'msg': '账户余额不足请先充值'})
        else:
            return jsonify({"code": 205, "msg": '密码输入错误'})

    else:
        return jsonify({'code': 204, 'msg': '输入参数不全,参数必须按api接口标准给定'})
Exemplo n.º 6
0
    def login(self, login_name, login_auth_str):
        sql = 'select id, login_auth_str from app_user_2 ' \
              'where login_name=%s and activated=%s'
        user_data = self.query(sql, login_name, 1)

        if user_data:
            user_id, auth_str = (user_data[0].get('id'),
                                 user_data[0].get('login_auth_str'))

            if check_password(login_auth_str, auth_str):
                # 验证成功
                user_profile = self.get_profile(user_id)
                if user_profile is None:
                    return {'user_id': user_id, 'nick_name': login_name}

                return user_profile
            api_logger.warn('用户 %s 的口令不正确' % login_name)
            raise Exception('用户 %s 的口令不正确' % login_name)
        else:
            api_logger.warn('查无此用户 %s' % login_name)
            raise Exception('查无此用户 %s' % login_name)
Exemplo n.º 7
0
    def login(self, userTel, password):  #输入用户名密码
        sql = 'select id, password from wklc_users ' \
              'where userTel=%s'
        user_data = self.query(sql, userTel)  #返回用户对象

        if user_data:
            #得到用户id和密码
            user_id, auth_str = (user_data[0].get('id'),
                                 user_data[0].get('password'))
            #验证用户名密码是否正确
            print(user_id)
            if check_password(password, auth_str):
                # 验证成功获取详细信息
                user_profile = self.get_profile(user_id)
                if user_profile is None:
                    return {'user_id': user_id, 'userTel': userTel}
                #返回用户详细信息
                return user_profile
            api_logger.warn('用户 %s 的口令不正确' % userTel)
            raise Exception('用户 %s 的口令不正确' % userTel)
        else:
            api_logger.warn('查无此用户 %s' % userTel)
            raise Exception('查无此用户 %s' % userTel)
Exemplo n.º 8
0
    def pay_order(self, user_id, order_id, pay_pwd):  # 订单支付
        sql1 = "select pay_pwd,balance from yl_user where id=%s"  # 查询密码和余额
        sql2 = "select o_price,o_status from orders where o_id=%s"  # 查询订单总价,订单状态
        sql3 = "update yl_user set balance=balance - %s where id=%s"  # 付款
        sql4 = "select o_goods_id,o_med_num from order_detail where o_order_id=%s"  # 查询订单中药品id,药品数量
        sql5 = "update medicine set med_stock=med_stock - %s where id=%s"  # 更改药品库存
        sql6 = "update orders set o_status=1  where o_id=%s"  # 改变订单状态

        db_pay_pwd = self.query(sql1, user_id)[0]["pay_pwd"]
        balance = self.query(sql1, user_id)[0]["balance"]
        o_price = self.query(sql2, order_id)[0]["o_price"]
        if self.query(sql2, order_id)[0]["o_status"]:
            return "订单状态有误,支付失败"
        if not check_password(pay_pwd, db_pay_pwd):
            return "支付密码输入错误,请重新输入"
        if not o_price <= balance:
            return "余额不足请充值"
        self.query(sql6, order_id)
        self.query(sql3, o_price, user_id)
        data = self.query(sql4, order_id)
        for i in data:
            self.query(sql5, i["o_med_num"], i["o_goods_id"])
        return {"o_status": 1}
Exemplo n.º 9
0
def recharge():
    req_data = None
    api_logger.info(request.headers)
    if request.headers['Content-Type'].startswith('application/json'):
        req_data = request.get_json()
    if req_data is None:
        api_logger.warn('%s 请求参数未上传-json' % request.remote_addr)
        return jsonify({
            'code': 9000,
            'msg': '请上传json数据,且参数必须按api接口标准给定'
        })

    api_logger.debug(req_data)

    # 验证上传的必须的数据是否存在
    if all((req_data.get('token', False),
            req_data.get('number', False),
            req_data.get('cardPassword', False))):
        user_id = get_token_user_id(req_data.get('token'))
        if user_id:
            user = dao.query_user(user_id)
            number = req_data['number']
            user_card = dao.user_card(user_id)
            if user_card:
                card_id = user_card["card_id"]
                card = dao.query_card(card_id)
                cardPassword = str(req_data.get('cardPassword'))
                card_pwd = card['cardPwd']
                if check_password(cardPassword, card_pwd):
                    cardMoney =card['cardMoney']
                    number = float(number)
                    if number < cardMoney:
                        cardMoney=card['cardMoney']-number
                        dao.update_card_money(cardMoney,card_id)
                        zyMoney = user['zyMoney']+number
                        dao.update_user_zymoney(zyMoney,user_id)
                        return jsonify({
                            'code':200,
                            'msg':'成功充值%s'%(number)
                        })


                    else:
                        return jsonify({
                           'code':201,
                            'msg':'银行卡中余额不足'
                        })
                else:
                    return jsonify({
                        'code':204,
                        'msg':"支付密码输入错误"
                    })
            else:
                return jsonify({
                    'code':203,
                    'msg':'用户还未绑卡'
                })
        else:
            return jsonify({
                'code':202,
                'msg':'用户未登录'
            })
    else:
        return jsonify({
            'code':201,
            'msg':'传入参数不有误'
        })