def generate_reset_password_token(handler, user_id): db = get_db() operator = handler.get_current_user() s = SQL(db) _time_now = tp_timestamp_sec() # 0. query user's email by user_id err = s.select_from('user', ['email'], alt_name='u').where( 'u.id={user_id}'.format(user_id=user_id)).query() if err != TPE_OK: return err, None, None if len(s.recorder) == 0: return TPE_DATABASE, None, None email = s.recorder[0].email # 1. clean all timed out tokens. s.reset().delete_from('user_rpt').where( 'create_time<{}'.format(_time_now - 24 * 60 * 60)).exec() # 2. find out if this user already have a token. err = s.reset().select_from('user_rpt', ['id'], alt_name='u').where( 'u.user_id={}'.format(user_id)).query() if err != TPE_OK: return err, None, None token = tp_generate_random(16) if len(s.recorder) == 0: sql = 'INSERT INTO `{dbtp}user_rpt` (user_id, token, create_time) VALUES ' \ '({user_id}, "{token}", {create_time});' \ ''.format(dbtp=db.table_prefix, user_id=user_id, token=token, create_time=_time_now) db_ret = db.exec(sql) if not db_ret: return TPE_DATABASE, None, None else: sql = 'UPDATE `{dbtp}user_rpt` SET token="{token}", create_time={create_time} WHERE user_id={user_id};' \ ''.format(dbtp=db.table_prefix, token=token, create_time=_time_now, user_id=user_id) db_ret = db.exec(sql) if not db_ret: return TPE_DATABASE, None, None # syslog.sys_log(operator, handler.request.remote_ip, TPE_OK, "为用户 {} 手动重置了密码".format(name)) return TPE_OK, email, token
def generate_reset_password_token(handler, user_id): db = get_db() operator = handler.get_current_user() s = SQL(db) _time_now = tp_timestamp_utc_now() # 0. query user's email by user_id err = s.select_from('user', ['email'], alt_name='u').where('u.id={user_id}'.format(user_id=user_id)).query() if err != TPE_OK: return err, None, None if len(s.recorder) == 0: return TPE_DATABASE, None, None email = s.recorder[0].email # 1. clean all timed out tokens. s.reset().delete_from('user_rpt').where('create_time<{}'.format(_time_now - 24 * 60 * 60)).exec() # 2. find out if this user already have a token. err = s.reset().select_from('user_rpt', ['id'], alt_name='u').where('u.user_id={}'.format(user_id)).query() if err != TPE_OK: return err, None, None token = tp_generate_random(16) if len(s.recorder) == 0: sql = 'INSERT INTO `{dbtp}user_rpt` (user_id, token, create_time) VALUES ' \ '({user_id}, "{token}", {create_time});' \ ''.format(dbtp=db.table_prefix, user_id=user_id, token=token, create_time=_time_now) db_ret = db.exec(sql) if not db_ret: return TPE_DATABASE, None, None else: sql = 'UPDATE `{dbtp}user_rpt` SET token="{token}", create_time={create_time} WHERE user_id={user_id};' \ ''.format(dbtp=db.table_prefix, token=token, create_time=_time_now, user_id=user_id) db_ret = db.exec(sql) if not db_ret: return TPE_DATABASE, None, None # syslog.sys_log(operator, handler.request.remote_ip, TPE_OK, "为用户 {} 手动重置了密码".format(name)) return TPE_OK, email, token
def init(self, path_app_root, path_data): log.initialize() asyncio.set_event_loop_policy(tornado.platform.asyncio.AnyThreadEventLoopPolicy()) cfg = tp_cfg() cfg.app_path = path_app_root cfg.static_path = os.path.join(path_app_root, 'static') cfg.template_path = os.path.join(path_app_root, 'view') cfg.res_path = os.path.join(path_app_root, 'res') cfg.data_path = path_data cfg.cfg_path = os.path.join(path_data, 'etc') cfg.log_path = os.path.join(path_data, 'log') self._cfg_file = os.path.join(cfg.cfg_path, 'web.ini') if not cfg.load(self._cfg_file): return False cfg.random_exit_uri = '/exit_{}'.format(tp_generate_random(16)) return True