def login(stuid,password):
s=requests.Session()
encode = md5(stuid + md5(password)[:30].upper() + '10611')[:30].upper()
res =s.post(Manager.jww_url + '/_data/index_login.aspx', data={
'__VIEWSTATEGENERATOR': 'CAA0A5A7',
'Sel_Type': 'STU',
'txt_dsdsdsdjkjkjc': stuid,
'efdfdfuuyyuuckjg': encode
}, headers=headers)
if "正在加载权限数据" in res.text:
return s
else:
raise LoginException()
def create_user(name, email, password, superuser=True):
user_role = Role.query.filter(Role.name == 'user').one()
roles = []
roles.append(user_role)
verify_token = None
token_expire = None
active = 1
if superuser:
super_user_role = Role.query.filter(Role.name == 'superuser').one()
roles.append(super_user_role)
else:
active = 0
token_expire = int(time.time()) + 3600 * 24
verify_token = md5(email + str(token_expire) +
app.config['SECRET_KEY'])
user = User(name=name,
email=email,
password=encrypt_password(password),
roles=roles,
verify_token=verify_token,
token_expire=token_expire,
active=active,
status=u'正常',
created_at=now_datetime())
db.add(user)
db.commit()
return user
def login(request):
if request.method == 'GET':
form = LoginForm()
return render(request,'login.html',{'form':form})
else:
form = LoginForm(request.POST)
if form.is_valid():
# form.cleaned_data#{"username":"******",'password':'******'}
form.cleaned_data['password'] = md5(form.cleaned_data['password'])
# user=models.UserInfo.objects.filter(**form.cleaned_data).first()
user = UserInfo.objects.filter(**form.cleaned_data).first()
print(user,"user")
if user:
###将用户信息方session
# permissions_list = user.role.
# print(permissions_list, "###################")
#request.session[settings.USER_SESSION_KEY] ={'id':user.pk,'username':user.username}
# permissions_list= user.role.fiter(permission__id__isnull=False).values().distinct()
# 当前用户的所有权限
init_permissions(user,request)
return redirect('/user/')
else:
form.add_error("password","用户名或密码错误")
return render(request,'login.html',{'form':form})
def get(self, *args, **kwargs):
# config = {
# 'host':'127.0.0.1',
# 'port':3306,
# 'user':'******',
# 'password':'******',
# 'database':'blogdb',
# 'charset':'utf8',
# }
# connection = pymysql.connect(**config)
# cursor = connection.cursor()
try:
username = self.get_query_argument('username')
password = self.get_query_argument('password')
# pwd = md5(password)
# params = (username,pwd)
# sql = 'select count(*) from tb_user where user_name=%s and user_password=%s'
# cursor.execute(sql,params)
# result = cursor.fetchone()
# if result[0]:
# self.redirect('/')
# else:
# self.redirect('/loginpage?loginfail')
except Exception as e:
print(e)
dbutil = self.application.db # RequestHandler实例的application
pwd = md5(password)
result = dbutil.isLoginSuccess(username, pwd)
if result: # True 用户名密码正确 False用户名密码不正确
self.redirect('/blog')
else:
self.redirect('/?login=fail')
def add_user(request):
if request.method == "GET":
form = UserModelForm()
# return render(request,"add_host.html",{'form':form})
return render(request, "add_user.html", {'form': form})
else:
form = UserModelForm(request.POST)
if form.is_valid():
form.cleaned_data['password'] = md5(form.cleaned_data['password'])
# print(form.cleaned_data)
form.save()
username = form.cleaned_data['username']
pwd = md5(form.cleaned_data['password'])
UserInfo.objects.filter(username=username).update(password=pwd)
return redirect("/user/")
return render(request, "add_user.html", {'form': form})
def post(self, *args, **kwargs):
#1 获取客户端提交的内容
name = self.get_argument('username')
password = self.get_argument('password')
city = self.get_argument('city')
avatar = self.request.files.get('avatar', None)
#2 判断内容的有效性(判空)
if name and password and city:
#3 处理头像图片,获得存储头像图片的名称
avatar_file = None #头像图片存储的名称
if avatar:
file = avatar[0] #httpFile对象
avatar_file = str(time.time()) + file.filename
avatar_body = file.body
writer = open('mystatic/images/{}'.format(avatar_file), 'wb')
writer.write(avatar_body)
writer.close()
# 4 写入数据库
pwd = md5(password)
# params = (name,pwd,city,avatar_file)
# config={
# 'host':'127.0.0.1',
# 'port':3306,
# 'user':'******',
# 'password':'******',
# 'database':'blogdb',
# 'charset':'utf8'
# }
# try:
# connection = pymysql.connect(**config)
# cursor = connection.cursor()
# sql='insert into ' \
# 'tb_user(user_name,user_password,user_city,user_avatar)' \
# ' values(%s,%s,%s,%s)'
# cursor.execute(sql,params)
# cursor.connection.commit()#提交修改
# self.redirect('/')
try:
dbutil = DBUtil()
params = dict(name=name,
password=pwd,
city=city,
avatar_file=avatar_file)
dbutil.saveuser(**params)
self.redirect('/')
#5 处理错误
except Exception as e:
print(e)
#(1062, "Duplicate entry 'abc' for key 'user_name'")
if avatar_file:
if exists('mystatic/images/' + avatar_file):
remove('mystatics/images/' + avatar_file)
self.redirect('/register?regsit=dberror&error=dbfail')
else:
self.redirect('/register?regist=fail&error=reinput')
def isLoginSuccess(self, name, password):
sql='select count(*) ' \
'from tb_user ' \
'where user_name=%s and user_password=%s'
pwd = md5(password)
params = (name, pwd)
self.cursor.execute(sql, params)
result = self.cursor.fetchone() #(0,) (1,)
if result[0]:
return True
else:
return False
def users_add(request):
username = request.session[settings.USER_SESSION_KEY]['username']
if request.method=='GET':
form= UserInfoModelsForm()
return render(request,"add_user.html",{"form":form,"username":username})
else:
form=UserInfoModelsForm(data=request.POST)
if form.is_valid():
form.instance.password=md5(form.instance.password)
obj=form.save()
return redirect("/users/")
return render(request,"add_user.html",{'form': form,"username":username})
def reg(request):
if request.method=="GET":
form = RegForm()
return render(request, 'reg.html', locals())
else:
form = RegForm(request.POST)
if form.is_valid():
form.cleaned_data['password'] = md5(form.cleaned_data['password'])
print("form.cleaned_data==::",form.cleaned_data["username"])
username=form.cleaned_data["username"]
password=form.cleaned_data["password"]
user = models.UserInfo.objects.create(username=username,password=password)
return redirect("/login/")
return render(request, 'reg.html', locals())
return redirect("/reg/")
def get(self, *args, **kwargs):
try:
username = self.get_query_argument('username')
password = self.get_query_argument('password')
except Exception as e:
print(e,'aaaaaaa')
dbutil = self.application.db # RequestHandler实例的application
pwd = md5(password)
result = dbutil.isLoginSuccess(username, pwd)
print('sss',result)
if result: # True用户名密码正确 False用户名密码不正确
s = Session(self)
s['isLogin'] = True
self.redirect('/blog')
else:
self.redirect('/login')
def edit_user(request, nid):
obj = UserInfo.objects.filter(id=nid).first()
if not obj:
return HttpResponse('数据不存在')
if request.method == "GET":
form = UserModelForm(instance=obj)
return render(request, 'edit_host.html', {"form": form})
else:
form = UserModelForm(data=request.POST, instance=obj)
if form.is_valid():
pwd = md5(form.cleaned_data['password'])
form.save()
print(form.cleaned_data)
UserInfo.objects.filter(id=nid).update(password=pwd)
return redirect('/user/')
return render(request, 'edit_user.html', {'form': form})
def users_edit(request,nid):
obj = models.UserInfo.objects.filter(id=nid).first()
username = request.session[settings.USER_SESSION_KEY]['username']
if not obj:
return HttpResponse("用户不存在!")
if request.method == "GET":
print("nid:", nid)
form = UserInfoModelsForm(instance=obj)
return render(request, "edit_user.html", {"form": form, "username": username})
else:
form = UserInfoModelsForm(data=request.POST, instance=obj)
if form.is_valid():
form.instance.password = md5(form.instance.password)
form.save()
return redirect("/users/")
return render(request, "edit_user.html", {"form": form, "username": username})
def send_active_mail(self):
with app.app_context():
print 'send active mail to ' + self.email
email = self.email
username = self.name
active_token = md5(email + str(self.token_expire) +
app.config['SECRET_KEY'])
msg = MailMessage(u"DOTA电影天堂-欢迎-请验证邮箱地址",
sender=u"DOTA电影天堂用户注册<*****@*****.**>",
recipients=[email])
token = base64.b64encode(active_token)
domain = app.config['SITE_DOMAIN']
url = domain + '/signup_active?user='******'&token=' + token
msg.html = '<h1 style="text-align:center"><a href="'+domain\
+'" target="_blank"><img src="'+domain+'/static/img/logo.png"></h1><p><a href="'+url+'">'+url+'</a></p>'
thread = Thread(target=send_async_email, args=[app, mail, msg])
thread.start()
return True
def login(request):
if request.method == 'GET':
form = LoginForm()
return render(request, 'login.html', {'form': form})
else:
form = LoginForm(request.POST)
if form.is_valid():
# form.cleaned_data#{"username":"******",'password':'******'}
form.cleaned_data['password'] = md5(form.cleaned_data['password'])
user = UserInfo.objects.filter(**form.cleaned_data).first()
# print(user,"登录用户")
if user:
###将用户信息放session
init_permissions(user, request)
return redirect('/index/')
else:
form.add_error("password", "用户名或密码错误")
return render(request, 'login.html', {'form': form})
def login(request):
if request.method == "GET":
form = LoginForm()
return render(request,'login.html',{'form':form})
else:
form = LoginForm(request.POST)
if form.is_valid():
# form.cleaned_data # {'username':'******','password':'******'}
# models.UserInfo.objects.filter(username=form.cleaned_data['user'],password=form.cleaned_data['pwd'])
# models.UserInfo.objects.filter(**{'username':'******','password':123})
form.cleaned_data['password'] = md5(form.cleaned_data['password'])
user = models.UserInfo.objects.filter(**form.cleaned_data).first()
if user:
# 将用户信息放置到session中
request.session[settings.USER_SESSION_KEY] = {'id':user.pk,'username':user.username }
return redirect('/index/')
else:
form.add_error('password', '用户名或密码错误')
return render(request, 'login.html',{'form':form})
def post(self, request, *args, **kwargs):
results = {
'code': 1000,
}
try:
user = request.data.get('username')
pwd = request.data.get('password')
user_obj = UserInfo.objects.get(username=user,
password=pwd) # 取不到和取多个都会报错
if not user_obj:
results['code'] = 1001
results['error'] = '用户名或密码错误'
return Response(results)
token = md5(user)
UserToken.objects.update_or_create(user=user_obj,
defaults={'token': token})
results['token'] = token
except Exception as e:
results['code'] = 1003
return Response(results)
def login(request):
if request.method=='GET':
form=LoginForm()
return render(request,"login.html",{"form":form})
else:
form=LoginForm(request.POST)
if form.is_valid():
form.cleaned_data["password"]=md5(form.cleaned_data["password"])
print("form.cleaned_data:",form.cleaned_data)
user = models.UserInfo.objects.filter(**form.cleaned_data).first()
if user:
#写入session
request.session[settings.USER_SESSION_KEY]={'id': user.pk, 'username': user.username}
# 权限初始化
init_permission(user, request)
return redirect("/hosts/")
else:
form.add_error('password', '用户名或密码错误')
return render(request, 'login.html', {'form': form})
def login(request):
if request.method == "GET":
form = LoginForm()
return render(request, "login.html", {"form": form})
else:
# 将接收到的数据,传给LoginForm()类 通过form 验证;
form = LoginForm(request.POST)
# 通过 form 验证后,form 为True
if form.is_valid():
# 通过form验证的数据 存放在 cleaned_data 中
# form.cleaned_data
# 通过自定义 md5 模块验证密码
form.cleaned_data["password"] = md5(form.cleaned_data["password"])
# 通过 **form.cleaned_data 可以将 数据依照字典形式获取 filter({"username":zhangsan,"password":1234})
userinfo = models.UserInfo.objects.filter(
**form.cleaned_data).first() # 拿取第一个对象值
# 如果userinfo 中有数据,即表示验证成功
if userinfo:
# 将 用户信息 放置到 session 中
request.session[settings.USER_SESSION_KEY] = {
"id": userinfo.pk,
"username": userinfo.username
}
# 重定向 页面
return redirect("/index/")
else:
# 用户验证失败
form.add_error("password", "用户名或密码错误")
# 存放错误信息 form.errors
# 将 form 清洗过的 数据直接返回给 html 模板
return render(request, "login.html", {"form": form})
def post(self, request, *args, **kwargs):
msg = BaseResponse()
form = LoginForm(data=request.POST)
print(form)
if form.is_valid():
username = request.POST.get("username")
password = request.POST.get("password")
password = md5(password)
username = UserInfo.objects.filter(username=username,
password=password).first()
if not username:
msg.status = False
msg.error = {}
msg.error["username"] = "******"
return HttpResponse(json.dumps(msg.__dict__))
else:
init_permission.init_permission(request, username)
return HttpResponse(json.dumps(msg.__dict__))
else:
msg.status = False
msg.error = form.errors
return HttpResponse(json.dumps(msg.__dict__))
def post(self, request, *args, **kwargs):
self.dispatch
ret = {'code': 1000, 'msg': None}
try:
# 需要以form-data的方式提交
name = request._request.POST.get('name')
pwd = request._request.POST.get('pwd')
instance = User.objects.filter(name=name,
pwd=pwd).first() # User object (1),
print(type(instance)) # <class 'app.models.User'>,加不加all()结果一样
print(instance) # User object (1),加不加all()结果一样
if not instance:
ret['code'] = 1001
ret['msg'] = '用户名或密码错误'
else:
token = md5(name=name)
UserToken.objects.update_or_create(user=instance,
defaults={'token': token})
ret['token'] = token
except Exception as e:
ret['code'] = 1001
ret['msg'] = '请求异常'
return JsonResponse(ret)
# if re.match(r"^(?:[0-9]{1,3}\.){3}[0-9]{1,3}$", "272.168,1,1"):
# print("IP vaild")
# else:
# print("IP invaild")
# #精确的匹配给定的字符串是否是IP地址
# if re.match(r"^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", "223.168.1.1"):
# print("IP vaild")
# else:
# print("IP invaild")
# #简单的从长文本中提取中提取ip地址
# string_ip = "os-version (MRO) : name: CentOS Linux release 7.1.1503 (Core); uname: 3.10.0-229.el7.x86_64; distro: centos; major: 7; minor: 1"
# <<<<<<< HEAD
from utils.md5 import md5
print(md5("123456"))
# =======
# group = re.search(r'name:(.*?)\(Core\);.+?uname:(.*?);',string_ip,re.M)
# if group:
# group.group(1)
# group.group(2)
#
# print(group.group(1),group.group(2))
#
# result = re.findall(r"\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b", string_ip)
# if result:
# print(result)
# else:
# print("re cannot find ip")
# >>>>>>> b1cc5598b900d92fbe397df900ac24f95c099074
