Exemplo n.º 1
0
    def POST(self):
        d = {k: v.strip() for k, v in self.req.input().iteritems()}

        if d.get('mobile'):
            checkcode = d.get('mobile', '')
            if not re.match(MOBILE_PATTERN, checkcode):
                raise ParamError('手机号码不合法')

        elif d.get('email'):
            checkcode = d.get('email', '')
            if not re.match(EMAIL_PATTERN, checkcode):
                raise ParamError('邮箱不合法')

        else:
            raise ParamError('参数错误')

        code = d.get('code', '')
        if not code:
            raise ParamError('验证码为空')

        # 验证验证码
        if check_smscode(code, checkcode):
            return self.write(success({}))

        raise ParamError('验证码错误')
Exemplo n.º 2
0
    def POST(self):
        params = {k: str(v).strip() for k, v in self.req.input().iteritems()}
        passwd = params.get("password", '')
        code = params.get("code", '')
        if not passwd:
            raise ParamError("缺少password参数")

        userid = self.user.userid
        uinfo = get_userinfo(userid)
        mobile = uinfo.get("mobile")

        if code and not check_smscode(code, mobile, 1):
            raise ParamError('验证码错误')

        with get_connection("qf_core") as conn:
            row = conn.select_one("extra_mchinfo",
                                  where={"userid": userid},
                                  fields="count(1) as count")
            now = time.strftime(DATETIME_FMT)
            values = {
                "userid": userid,
                "manage_password": enc_password(passwd),
                "ctime": now
            }
            try:
                if row['count']:
                    del values['userid'], values['ctime']
                    conn.update("extra_mchinfo",
                                values=values,
                                where={"userid": userid})
                else:
                    conn.insert("extra_mchinfo", values=values)
                return self.write(success(data={}))
            except:
                raise DBError("数据更新失败")
Exemplo n.º 3
0
    def POST(self):
        params = self.req.input()
        userid = int(self.user.userid)

        new_username = params.get('new_username', '').strip()
        if not new_username:
            raise ParamError('新账号不能为空')

        # 验证grant_code
        grant_code = params.get('grant_code') or ''
        self.check_grant_code(userid, grant_code)

        # 验证verify_code
        verify_code = params.get('verify_code') or ''
        if not check_smscode(verify_code, new_username, mode=1):
            raise ParamError('验证信息错误')

        # 验证新账号是否被占用
        with get_connection_exception('qf_core') as db:
            new_user = db.select_one('auth_user',
                                     where={'username': new_username})
        if new_user:
            raise ParamError('新账号已经被占用')

        # apollo接口修改username
        try:
            apcli_ex('changeUsername', userid, new_username)
        except ApolloException as e:
            raise ThirdError(e.respmsg)

        # 将现有设备踢下线
        kick_user(userid, mode='all')

        return success({})
Exemplo n.º 4
0
    def username_mchnt(self):
        '''商户预注册'''
        d = {k: v.strip() for k, v in self.req.input().iteritems()}
        self.req.inputjson()['password'] = '******'
        # 验证用户名
        username = d.get('username', '')
        if not username:
            raise ParamError('用户名为空')

        # 验证验证码
        code = d.get('code', '')
        if not check_smscode(code, username):
            raise ParamError('验证码错误')

        # 验证是否注册
        if UserUtil.check_profile(**{'auth_user.username': username}):
            raise ParamError('商户已经注册')

        # 获取userid
        user = None
        with get_connection('qf_core') as db:
            user = db.select_one('auth_user',
                                 where={'mobile': username},
                                 fields='id, password')
            log.debug(user)
        if user:
            if (user['password'] and not check_password(
                    d.get('password', ''), user['password'])):
                raise SessionError('该账号已经设置密码')
            return d['username'], user['id']
        return d['username'], None
Exemplo n.º 5
0
    def get_userprofile(self):
        params = self.req.input()
        sls_user = None
        if not re_mobile.match(params.get('username', '')):
            raise ParamError('请用手机号注册')
        user = check_user(params['username'])
        if user['is_signup']:
            raise ParamError('该用户已经注册,请更换手机号')

        if not 6 <= len(params.get('password', '')) <= 20:
            raise ParamError('密码需在6-20位')

        shopname = remove_emoji(params.get('shopname', ''))
        if not shopname:
            raise ParamError('店名不能为空')

        if 'saleman_mobile' in params:
            saleman_mobile = params.get('saleman_mobile', '')
            if not saleman_mobile:
                raise ParamError('推荐人手机号不能为空')
            else:
                sls_user = apcli.user_by_mobile(saleman_mobile)

        else:
            # 签约宝登录信息
            if self.check_login():
                sls_user = apcli.user_by_id(self.user.userid)
                usercates = {i['code'] for i in sls_user.get('userCates', [])}
                if 'saleman' in usercates:
                    saleman_mobile = sls_user.get('mobile', '')
                    if not saleman_mobile:
                        raise ParamError('推荐人手机号不能为空')

        if not sls_user:
            raise ParamError('推荐人身份错误')
        sls_usercates = {i['code'] for i in sls_user.get('userCates', [])}
        if 'saleman' not in sls_usercates:
            raise ParamError('推荐人手机号码错误')
        groupid = sls_user['groupid']
        self._sls_user = sls_user

        # 调解接口商户不验证验证码
        if (not ('code' not in params and self.check_ip())
                and not check_smscode(params.get('code', ''),
                                      params['username'], 1)):
            raise ParamError('验证码错误')

        p = {}
        p['mobile'] = params['username']
        p['password'] = params['password']
        p['shopname'] = shopname
        p['groupid'] = groupid
        p['userCates'] = [UserCate(code='bigmerchant', name='大商户')]

        return UserProfile(user=User(**p))
Exemplo n.º 6
0
    def check_mchnt(self, data):
        ''' 注册成为商户

        来源分为: 商户平台(bigmchnt), 签约宝(salesman), 商户app(mchnt)

        1. 都需要验证验证码

        2. 只允许指定来源的的商户成为业务员

        '''
        # 验证验证码
        code = data.get('code')
        if not code:
            raise ParamError('验证码不能为空')
        if not check_smscode(code, data['username'], 1):
            raise ParamError('验证码错误')

        # 注册来源
        src = self.get_src()

        # 业务员手机号
        check_sls_user = False
        saleman_mobile = data.get('saleman_mobile')
        if saleman_mobile:
            sls_user = apcli.user_by_mobile(saleman_mobile) or {}
            check_sls_user = True

        # 签约宝登录信息
        elif self.check_login():
            sls_user = apcli.user_by_id(self.user.userid)
            check_sls_user = True
            self._qd_login = True

        if src == 'salesman':
            self._data['src'] = '签约宝'

        if not check_sls_user: return

        # 推荐人信息
        sls_usercates = {i['code'] for i in sls_user.get('userCates', [])}
        if not ({'saleman', 'qudao'} & sls_usercates):
            raise ValueError('推荐人手机号码错误')
        self._data['groupid'] = sls_user['groupid']
        if 'qudao' in sls_usercates:
            allow_sm_signup_src = getattr(config, 'ALLOW_SM_SIGNUP_SRC',
                                          ['mchnt', 'salesman'])
            if src in allow_sm_signup_src:
                self._data['cate'] = 'saleman'
                self._data['src'] = self._data['src'] + '-业务员注册'
                self._data['saleman_uid'] = sls_user['uid']

        elif 'saleman' in sls_usercates:
            self._data['saleman_uid'] = sls_user['uid']
            self._data['cate'] = 'mchnt'
Exemplo n.º 7
0
    def check_grant_code(self, userid, code):
        # 通过什么方式验证
        mode = self.req.input().get('mode', 'mobile')

        if mode == 'mobile':
            user = apcli_ex('findUserBriefById', userid)
            if not user:
                raise ParamError('商户不存在')

            if not check_smscode(code, user.username, mode=1):
                raise ParamError('验证信息错误')
        else:
            user = apcli_ex('findUserByid', userid)
            if not user:
                raise ParamError('商户不存在')

            if (user.idnumber or '').upper() != code.upper():
                raise ParamError('身份证验证失败')
Exemplo n.º 8
0
    def POST(self):
        self.req.inputjson()['password'] = '******'
        data = self.validator.data

        change_user = data['username'] or data['mobile']

        # 重置密码
        if data['mode'] == 'reset':
            if not data['code']:
                raise ParamError('验证码不能为空')

            if not change_user:
                raise ParamError('修改账号不能为空')
            # 验证验证码
            if not check_smscode(data['code'], change_user, 1):
                raise ParamError('验证码错误')

            userid = self.get_userid(change_user)

        # 修改密码
        else:
            if self.check_login():
                if data['src'] == 'big-submchnt':
                    userid = self.get_userid(change_user)
                    self.check_link(int(self.user.userid), userid)
                else:
                    userid = int(self.user.userid)
            else:
                raise SessionError('商户未登录')

        # 调用apollo修改密码
        apcli('changePwd', userid, data['password'])

        # 剔除所有正在登陆的商户
        kick_user(userid, mode='not_opuser')

        # 将商户从名单剔除
        self.kick_sign_tag(userid)

        return self.write(success({}))