def login(): form = MyForm.MyForm_login() form.name.label = '用户名:' form.password.label = '密码:' user = request.cookies.get('user') if user: Incr = Redis.incr('%s_Incr' % user) else: Incr = 0 if form.submit.data: if form.name.data and form.password.data: user = form.name.data pw = form.password.data Key_Incr = '%s_Incr' % user Key_Lock = '%s_lock' % user try: if Incr >= 30: raise flash('该帐号异常登陆,已被锁定3分钟!') if Incr >= 5: if form.code.data: if str(form.code.data) != str(session['verify_code']): raise flash('输入验证码错误!') else: raise flash('请输入验证码,看不清点击验证码刷新!') va_p = db_op.idc_users.query.filter( and_(db_op.idc_users.name == user, db_op.idc_users.passwd == Md5.Md5_make(pw))).first() produce.Async_log(user, request.url) if va_p: URL = url_for('index.index') if pw == app.config.get('INIT_OP_PASSWORD'): URL = url_for('pw.pw') flash('请修改初始密码!') timestamp = None if form.remember_me.data: timestamp = check.timestamp(7) ID = produce.Produce(length=24, chars=string.hexdigits) app_resp = make_response(redirect(URL)) app_resp.set_cookie('user', user, expires=timestamp) app_resp.set_cookie('ID', ID, expires=timestamp) Redis.set('OP_ID_%s' % user, ID) Redis.delete(Key_Lock) Redis.delete(Key_Incr) return app_resp else: Redis.incr(Key_Incr) if Incr >= 30: Redis.set(Key_Lock, 'True') Redis.expire(Key_Incr, 60) Redis.expire(Key_Lock, 180) flash('用户名或者密码错误!') URL = url_for('login.login') app_resp = make_response(redirect(URL)) app_resp.set_cookie('user', user) return app_resp except Exception as e: if 'old' not in str(e): flash(str(e)) return render_template('login.html', form=form, verify_incr=Incr)
def login(): form = MyForm.MyForm_login() form.name.label = '用户名:' form.password.label = '密码:' ym = time.strftime('%Y', time.localtime()) if form.submit.data: if form.name.data and form.password.data: user = form.name.data pw = form.password.data try: Key_Incr = '%s_Incr' % user Key_Lock = 'Lock_login_%s' % user if Redis.exists(Key_Incr): Incr = int(Redis.get(Key_Incr)) else: Incr = 1 if Redis.exists(Key_Lock): raise flash('该帐号异常登陆,已被锁定1分钟!') va_p = db_op.idc_users.query.filter( and_(db_op.idc_users.name == user, db_op.idc_users.passwd == Md5.Md5_make(pw))).first() produce.Async_log(user, request.url) if va_p: URL = url_for('index.index') if pw == app.config.get('INIT_OP_PASSWORD'): URL = url_for('pw.pw') flash('请修改初始密码!') timestamp = None if form.remember_me.data: timestamp = check.timestamp(7) ID = produce.Produce(length=24, chars=string.hexdigits) app_resp = make_response(redirect(URL)) app_resp.set_cookie('user', user, expires=timestamp) app_resp.set_cookie('ID', ID, expires=timestamp) Redis.set('OP_ID_%s' % user, ID) return app_resp else: Redis.set(Key_Incr, Incr + 1) if Incr >= 11: Redis.incr(Key_Lock, 'True') Redis.expire(Key_Lock, 60) flash('用户名或者密码错误,还有%s次机会重试!' % (10 - int(Incr))) URL = url_for('login.login') app_resp = make_response(redirect(URL)) app_resp.set_cookie('user', user) return app_resp except Exception as e: if 'old' not in str(e): flash(str(e)) return render_template('login.html', form=form, ym=ym)