def send(): # 获得用户名 # 通过用户名获得用户id form = request.form.to_dict() name = form['username'] # log('username', name) u = User.one(username=name) # u = current_user() # 生成token token = str(uuid.uuid4()) # 普通存对应关系 # csrf_tokens[token] = u.id id = u.id # 存对应关系 cache.set(token, id) # 发送邮件 # log('csrf_tokens', csrf_tokens) receiver: User = User.one(id=u.id) # reset_link = 'http://localhost:3000/reset/edit?token={}'.format(token) reset_link = 'http://49.235.39.6/reset/edit?token={}'.format(token) content = '点击链接重置密码:{}\n'.format(reset_link, ) send_mail( subject='重置密码', author=admin_mail, to=receiver.email, content=content, ) return render_template('login.html')
def replied_topic(user_id): # O(k)+O(m*n) # rs = Reply.all(user_id=user_id) # ts = [] # for r in rs: # t = Topic.one(id=r.topic_id) # ts.append(t) # return ts # # sql = """ # select * from topic # join reply on reply.topic_id=topic.id # where reply.user_id=1 # """ k = 'replied_topic_{}'.format(user_id) if cache.exists(k): v = cache.get(k) ts = json.loads(v) return ts else: rs = Reply.all(user_id=user_id) ts = [] for r in rs: t = Topic.one(id=r.topic_id) ts.append(t) v = json.dumps([t.json() for t in ts]) cache.set(k, v) return ts
def created_topic(user_id): k = 'created_topic_{}'.format(user_id) if cache.exists(k): v = cache.get(k) ts = json.loads(v) ts = [Topic(**t) for t in ts] return ts else: ts = Topic.all(user_id=user_id) v = json.dumps([t.json() for t in ts]) cache.set(k, v) return ts
def authenticate(): form = request.form u = User.validate_login(form) if u is None: return redirect(url_for('login.login')) else: session_id = str(uuid.uuid4()) k = 'sessions_{}'.format(session_id) v = u.id cache.set(k, v) session['session_id'] = session_id # 设置 cookie 有效期为 永久 session.permanent = True return redirect(url_for('topic.index'))
def login(): form = request.form u = User.validate_login(form) if u is None: return redirect(url_for('.index')) else: session_id = str(uuid.uuid4()) key = 'session_id_{}'.format(session_id) log('index login key <{}> user_id <{}>'.format(key, u.id)) cache.set(key, u.id) redirect_to_index = redirect(url_for('topic.index')) response = current_app.make_response(redirect_to_index) response.set_cookie('session_id', value=session_id) return response
def send(): username = request.form.get('username', '') user = User.one(username=username) token = str(uuid.uuid4()) k = 'csrf_tokens_{}'.format(token) v = user.id cache.set(k, v) title = 'reset password' content = 'http://localhost:3000/reset/view?token=' + token sender_id = 100 receiver_id = user.id Message.send(title, content, sender_id, receiver_id) return redirect(url_for('login.login'))
def login(): form = request.form u = User.validate_login(form) if u is None: return redirect(url_for('.index')) else: # 将session 存写入 redis session_id = str(uuid.uuid4()) key = 'session_id_{}'.format(session_id) cache.set(key, u.id) # 设置header中set-cookie字段 并指定跳转路由 redirect_to_index = redirect(url_for('topic.index')) response = current_app.make_response(redirect_to_index) response.set_cookie('session_id', value=session_id) # 转到 topic.index 页面 return response
def send(): form = request.form.to_dict() username = form['username'] u = User.one(username=username) if u is not None: token = str(uuid.uuid4()) cache.set(token, u.id) cache.expire(token, 1800) title = '来自 {} 的密码找回信件'.format(u.username) content = 'http://www.corgist.xyz/reset/view?token={}'.format(token) Messages.send(title=title, content=content, sender_id=1, receiver_id=u.id) else: abort(404) return redirect(url_for('.index'))
def replied_topic(user_id): k = 'replied_topic_{}'.format(user_id) if cache.exists(k): v = cache.get(k) ts = json.loads(v) return ts else: rs = Reply.all(user_id=user_id) ts = [] for r in rs: t = Topic.one(id=r.topic_id) ts.append(t) v = json.dumps([t.json() for t in ts]) cache.set(k, v) return ts
def login(): form = request.form u = User.validate_login(form) if u is None: log('账号或密码错误,登录失败!') return redirect(url_for('.index')) else: # flask session 改为 redis 存储的session session_id = str(uuid.uuid4()) key = 'session_id_{}'.format(session_id) cache.set(key, u.id) redirect_to_index = redirect(url_for('topic.index')) response = current_app.make_response(redirect_to_index) response.set_cookie('session_id', value=session_id, max_age=3600) return response
def reset(): """ 找回密码 """ username = request.form['username'] u = User.one(username=username) token = str(uuid.uuid4()) cache.set(token, u.id, ex=3600) content = '{}/reset/view?token={}'.format(secret.dns, token) Messages.send(title='找回密码', content=content, sender_id=u.id, receiver_id=u.id) return redirect(url_for('.index'))
def login(): form = request.form u = Admin.validate_login(form) log('login u', u) if u is None: return redirect(url_for('.index')) else: # session 中写入 user_id session_id = str(uuid.uuid4()) key = 'admin_session_id_{}'.format(session_id) log('index login key <{}> admin_id <{}>'.format(key, u.id)) cache.set(key, u.id) redirect_to_index = redirect(url_for('admin.index')) response = current_app.make_response(redirect_to_index) response.set_cookie('admin_session_id', value=session_id) # 转到 topic.index 页面 return response
def send_mail(): form = request.form.to_dict() username = form.get('username') u = User.one(username=username) email = form.get('email') if email == u.email: token = str(uuid.uuid4()) cache.set(token, u.id) Messages.send( title='reset password', content='https://yivocs.cn/reset/view?token={}'.format(token), sender_id=u.id, receiver_id=u.id) return redirect(url_for('index.index')) else: return redirect('404')
def replied_topic(user_id): # 避免ORM的n+1问题 k = 'replied_topic_{}'.format(user_id) if cache.exists(k): v = cache.get(k) ts = json.loads(v, object_hook=topichook) return ts else: # 调用SQLAlchemy join拼接table;filter查询;order_by排序;desc()倒序 # 解决ORM的n+1问题 ts = Topic.query.join(Reply, Reply.topic_id == Topic.id)\ .filter(Reply.user_id == user_id)\ .order_by(Reply.created_time.desc())\ .all() # rs = Reply.all(user_id=user_id) # ts = [] # for r in rs: # t = Topic.one(id=r.topic_id) # ts.append(t) # ts = sorted(ts, key=lambda x: x.updated_time, reverse=True) v = json.dumps([t.json() for t in ts]) cache.set(k, v) return ts
def send(): # 获得用户名 # 通过用户名获得用户id form = request.form.to_dict() name = form['username'] # log('username', name) u = User.one(username=name) # u = current_user() # 生成token token = str(uuid.uuid4()) # csrf_tokens[token] = u.id id = u.id cache.set(token, id) # 发送邮件 # log('csrf_tokens', csrf_tokens) receiver: User = User.one(id=u.id) send_mail( subject='修改密码', author=admin_mail, to=receiver.email, content='{}\r\nhttps://www.treasutre.xyz/reset/edit?token={}'.format( u.username, token), ) return render_template('login.html')