def get(self, *args, **kwargs):
request_service = RequestService()
user_info_service = UserInfoService()
zone_service = ZoneService()
user_id = self.get_query_argument('userId', None)
callback = self.get_body_argument('callback', None)
if user_id:
user_id = utils.val_to_int(user_id)
result = dict()
if user_id:
if not user_id:
user_id = self.current_user
if user_id:
remain_request = request_service.get_remain_request(self.request.remote_ip, user_id)
if remain_request < 0:
yield gen.sleep(3)
if remain_request > -5:
is_me = (user_id == self.current_user)
user, code = user_info_service.get_user(user_id)
zone, code = zone_service.get_owned_zone_ids(user_id)
if user:
session_service = SessionService()
avatar = session_service.get_session(self.session_id, 'avatar')
if not avatar:
avatar = random.choice(USER_AVATAR_LIST)
session_service.set_session(self.session_id, 'avatar', avatar)
result['isMe'] = is_me
result['user'] = {
'userId': user_id,
'account': user.get('user').zone_source_account,
'nickname': user.get('user').zone_source_nickname,
'qq': user.get('user').zone_source_qq,
'avatar': avatar
}
else:
yield gen.sleep(10)
code = system_code.SERVER_ERROR
else:
code = system_code.PARAM_ERROR
else:
code = system_code.PARAM_ERROR
if callback:
self.render_jsonp(callback, result, code)
else:
self.render_json(result, code)
return
class BaseWebsiteHandler(tornado.web.RequestHandler):
# session_id
__session_id = None
__device_id = None
__user_info_service = None
__session_service = None
def initialize(self):
self.__admin_user_info_service = AdminUserInfoService()
self.__session_service = SessionService()
self.__set_session()
self.__set_header()
def __set_header(self):
ALLOW_ORIGIN = [
'http://127.0.0.1:3000', # me
'http://192.168.2.97:3000', # me
'http://192.168.2.97' # nginx
]
self.set_header('Access-Control-Allow-Methods', 'POST, PUT, GET, OPTIONS, DELETE')
origin = self.request.headers.get('Origin')
if origin in ALLOW_ORIGIN:
self.set_header('Access-Control-Allow-Origin', origin)
self.set_header('Access-Control-Allow-Credentials', 'true')
self.set_header(
'Access-Control-Allow-Headers',
'Origin, X-Requested-With, Content-Type, Accept, client_id, uuid, Authorization'
)
# self.set_header('Content-Type', 'application/json; charset="utf-8"')
self.set_header('Content-Type', 'text/html; charset="utf-8"')
self.set_header('Server', 'HuaduServer')
self.set_header('Cache-Control', 'private')
self.set_header('Version', 'v1.0')
def __set_session(self):
"""
初始化session
:return:
"""
self.__session_id = self.get_secure_cookie('session_id')
if not self.__session_id:
self.__session_id = self.__session_service.generage_session_id()
self.set_secure_cookie('session_id', self.__session_id, expires_days=None, httponly=True)
@property
def session_id(self):
if self.__session_id is None:
self.__set_session()
return self.__session_id
@property
def device_id(self):
if self.__device_id is None:
self.__device_id = self.request.headers.get('deviceId', None)
return self.__device_id
def render_json(self, data=None, code=0, message=''):
if message == '':
message = system_code.MSG.get(code, system_code.MSG.get(system_code.SERVER_ERROR))
result = {
'data': data if data else None,
'code': code,
'message': message
}
self.write(json.dumps(result, ensure_ascii=False))
def render_jsonp(self, callback, data=None, code=0, message=''):
if message == '':
message = system_code.MSG.get(code, system_code.MSG.get(system_code.SERVER_ERROR))
result = {
'data': data if data else None,
'code': code,
'message': message
}
result = '%s(%s)' % (str(callback), json.dumps(result, ensure_ascii=False))
self.write(result)
def get_current_user(self):
user_id = self.__session_service.get_session(self.session_id, 'user_id')
token = self.get_secure_cookie("token_id")
user_id = self.__admin_user_info_service.get_current_user(
self.session_id,
user_id,
token
)
if user_id:
return user_id
else:
return None
def render(self, template_name, **kwargs):
request_time = ''
if self.request.request_time():
request_time = self.request.request_time() * 1000
request_time = int(request_time)
request_time = str(request_time) + 'ms'
if self.current_user:
super(BaseWebsiteHandler, self).render(
template_name,
admin_user_id=self.current_user,
request_time=request_time,
xsrf_form_html=self.xsrf_form_html,
int=val_to_int,
reverse_url=self.reverse_url,
static_url=self.static_url,
image_base_url=IMAGE_BASE_URL,
**kwargs
)
else:
super(BaseWebsiteHandler, self).render(
template_name,
request_time=request_time,
image_base_url=IMAGE_BASE_URL,
int=val_to_int,
reverse_url=self.reverse_url,
xsrf_form_html=self.xsrf_form_html,
static_url=self.static_url,
**kwargs
)
class VerificationCodeService(Service):
__session_service = None
def __init__(self):
super(Service, self).__init__()
self.__session_service = SessionService()
@classmethod
def generate_verification_code(cls, number=6):
"""
生成指定位数验证码
:param number: 位数
:return:
"""
return ''.join([
random.choice(string.digits + string.ascii_letters)
for x in range(number)
])
def check_verification_code(self, session_id, code):
"""
验证图形验证码
:param session_id:
:param code:
:return:
"""
sms_code = self.__session_service.get_session(session_id, SMS_CODE)
if sms_code and code.lower() == sms_code.lower():
return True
else:
return False
def get_verification_code_image(self, session_id):
code = self.generate_verification_code(4)
self.__session_service.set_session(session_id, SMS_CODE, code)
sms_times = self.__session_service.set_incr_session(
session_id, SMS_TIMES)
if sms_times > 100:
return False
else:
return self.generate_verify_image(code)
# 生成验证码接口
def generate_verify_image(
self,
code_str,
size=(124, 66),
img_type="GIF",
mode="RGB",
bg_color=(255, 255, 255),
fg_color=(0, 0, 255),
font_size=18,
font_type="./yule/service/verification/DejaVuSans.ttf",
draw_lines=True,
n_line=(1, 2),
draw_points=True,
point_chance=2):
"""
生成验证码图片
:param size: 图片的大小,格式(宽,高),默认为(124, 66)
:param code_str: 验证码字符
"""
width, height = size
img = Image.new(mode, size, bg_color)
draw = ImageDraw.Draw(img)
def create_lines():
line_num = random.randint(*n_line)
for i in range(line_num):
begin = (random.randint(0,
size[0]), random.randint(0, size[1]))
end = (random.randint(0, size[0]), random.randint(0, size[1]))
draw.line([begin, end], fill=(0, 0, 0))
def create_points():
chance = min(100, max(0, int(point_chance)))
for w in xrange(width):
for h in xrange(height):
tmp = random.randint(0, 100)
if tmp > 100 - chance:
draw.point((w, h), fill=(0, 0, 0))
def create_strs():
c_chars = code_str
strs = ' %s ' % ' '.join(c_chars)
font = ImageFont.truetype(font_type, font_size)
font_width, font_height = font.getsize(strs)
draw.text(((width - font_width) / 3, (height - font_height) / 3),
strs,
font=font,
fill=fg_color)
return ''.join(c_chars)
if draw_lines:
create_lines()
if draw_points:
create_points()
strs = create_strs()
params = [
1 - float(random.randint(1, 2)) / 100, 0, 0, 0,
1 - float(random.randint(1, 10)) / 100,
float(random.randint(1, 2)) / 500, 0.001,
float(random.randint(1, 2)) / 500
]
img = img.transform(size, Image.PERSPECTIVE, params)
img = img.filter(ImageFilter.EDGE_ENHANCE_MORE)
mstream = StringIO.StringIO()
img.save(mstream, img_type)
return mstream, strs
class SmsService(Service):
__session_service = None
def __init__(self):
super(Service, self).__init__()
self.__session_service = SessionService()
@classmethod
def generate_verification_code(cls, number=6):
"""
生成指定位数验证码
:param number: 位数
:return:
"""
return ''.join([random.choice(string.digits) for x in range(number)])
@gen.coroutine
def send_verification_code(self, phone, sms_type, session_id):
"""
:param phone: 手机号
:param sms_type: 短信类型
:param session_id: session id
:return:
"""
if sms_type == TYPE_REGISTER:
result = yield self.__register(session_id, phone)
elif sms_type == TYPE_RESETPASS:
result = False
else:
result = False
raise gen.Return(result)
def check_verification_code(self, session_id, phone, code):
"""
验证短信
:param session_id:
:param phone:
:param code:
:return:
"""
sms_code = self.__session_service.get_session(session_id, SMS_CODE)
mobile_num = self.__session_service.get_session(
session_id, SMS_MOBILE_NUM)
if sms_code and mobile_num and phone == mobile_num and code == sms_code:
return True
else:
return False
@gen.coroutine
def send_sms_to_aliyun(self, sms_param, mobile, sms_template=None):
"""
通过阿里服务发送短信
:param sms_param: 验证码参数
:param mobile: 手机号
:param sms_template: 短信模板
:return:
"""
if not all([sms_param, mobile, sms_template]):
raise gen.Return(False)
url = 'http://gw.api.taobao.com/router/rest'
data = {
'method': 'alibaba.aliqin.fc.sms.num.send',
'app_key': '23266160',
'timestamp': datetime.strftime(datetime.now(),
"%Y-%m-%d %H:%M:%S"),
'v': '2.0',
'sign_method': 'hmac',
'format': 'json',
'sms_type': 'normal',
'sms_free_sign_name': u'第一弹',
'sms_param': json.dumps(sms_param),
'rec_num': mobile,
'sms_template_code': sms_template,
}
# 计算签名
all_arguments = []
for key in data:
all_arguments.append(key + data[key])
all_arguments.sort()
# 中文排序的问题,待解决
sign_str = ''.join(all_arguments)
# sign_str.replace('sms_free_sign_name', 'sms_free_sign_name第一弹')
sig = hmac.new('a7acc795929dd5d8486d4140969d96d6',
sign_str.encode('utf-8'), hashlib.md5).hexdigest()
sig = sig.upper()
data['sign'] = sig
data['sms_free_sign_name'] = '第一弹' # 不然后面会有编码问题
result = False
body = urllib.urlencode(data)
response_body = yield http.send_http_request(url,
method="POST",
body=body)
if not response_body.get('error_response'):
if response_body['alibaba_aliqin_fc_sms_num_send_response'][
'result']['success']:
result = True
raise gen.Return(result)
@gen.coroutine
def __register(self, session_id, phone):
code = self.generate_verification_code(6)
self.__session_service.set_session(session_id, SMS_CODE, code)
self.__session_service.set_session(session_id, SMS_MOBILE_NUM, phone)
sms_times = self.__session_service.set_incr_session(
session_id, SMS_TIMES)
if sms_times > 10:
raise gen.Return(False)
else:
sms_param = {'code': code}
result = yield self.send_sms_to_aliyun(sms_param, phone,
SMS_TEMPLATE_78700021)
raise gen.Return(result)