def get(self, *args, **kwargs):
id = self.get_argument('id', None)
menu_list = AdminMenu.children(status=1)
user = User.Q.filter(User.id == id).first()
user.mobile = user.mobile if user.mobile else ''
user.email = user.email if user.email else ''
data_info = user.as_dict()
# SysLogger.debug(data_info)
try:
data_info['permission'] = json.loads(user.permission)
except Exception as e:
data_info['permission'] = []
params = {
'user': user,
'role_option': Role.option_html(user.role_id),
'menu_list': menu_list,
'data_info': data_info,
'public_key': sys_config('sys_login_rsa_pub_key'),
'rsa_encrypt': sys_config('login_pwd_rsa_encrypt'),
}
self.render('user/edit.html', **params)
def get(self, *args, **kwargs):
role_id = settings.DEFAULT_ROLE_ID
menu_list = AdminMenu.children(status=1)
params = {
'status': 1,
'role_id': role_id,
'username': '',
'mobile': '',
'email': '',
}
user = User(**params)
data_info = user.as_dict()
try:
data_info['permission'] = json.loads(user.permission)
except Exception as e:
data_info['permission'] = []
params = {
'user': user,
'role_option': Role.option_html(role_id),
'menu_list': menu_list,
'data_info': data_info,
'public_key': sys_config('sys_login_rsa_pub_key'),
'rsa_encrypt': sys_config('login_pwd_rsa_encrypt'),
}
self.render('user/add.html', **params)
def get(self, *args, **kwargs):
next = self.get_argument('next', '')
params = {
'public_key': sys_config('sys_login_rsa_pub_key'),
'rsa_encrypt': sys_config('login_pwd_rsa_encrypt'),
'next': next,
'message': '',
}
self.render('passport/login.html', **params)
def get(self, *args, **kwargs):
uuid = self.current_user.get('uuid', None)
user = Member.Q.filter(Member.uuid == uuid).first()
data_info = user.as_dict()
params = {
'user': user,
'data_info': data_info,
'public_key': sys_config('sys_login_rsa_pub_key'),
'rsa_encrypt': sys_config('login_pwd_rsa_encrypt'),
}
self.render('member/info.html', **params)
def get(self, *args, **kwargs):
next = self.get_argument('next', '')
if self.current_user:
next = next if next else '/member/index'
self.redirect(next)
params = {
'public_key': sys_config('sys_login_rsa_pub_key'),
'rsa_encrypt': sys_config('login_pwd_rsa_encrypt'),
'next': next,
'message': '',
}
# self.show(self.get_template_path())
self.render('passport/login.html', **params)
def get(self, *args, **kwargs):
menu_list = AdminMenu.children(status=1)
member = Member(status=1, deleted=0)
data_info = member.as_dict()
params = {
'member': member,
'menu_list': menu_list,
'data_info': data_info,
'public_key': sys_config('sys_login_rsa_pub_key'),
'rsa_encrypt': sys_config('login_pwd_rsa_encrypt'),
}
self.render('member/add.html', **params)
def post(self, *args, **kwargs):
next = self.get_argument('next', '')
account = self.get_argument('account', None)
password = self.get_argument('password', '')
rsa_encrypt = self.get_argument('rsa_encrypt', 0)
if settings.login_pwd_rsa_encrypt and int(
rsa_encrypt) == 1 and len(password) > 10:
private_key = sys_config('sys_login_rsa_priv_key')
password = RSAEncrypter.decrypt(password, private_key)
if not account:
return self.error('账号不能够为空')
if Func.is_mobile(account):
member = Member.Q.filter(Member.mobile == account).first()
elif Func.is_email(account):
member = Member.Q.filter(Member.email == account).first()
else:
member = Member.Q.filter(Member.username == account).first()
if member is None:
return self.error('用户名或者密码错误')
if int(member.status) == 0:
return self.error('用户被“禁用”,请联系客服')
if check_password(password, member.password) is not True:
return self.error('用户名或者密码错误')
Member.login_success(member, self)
self.clear_cookie(valid_code_key)
return self.success(next=next)
def get(self, *args, **kwargs):
"""Home首页
"""
user_id = self.current_user.get('id')
member = Member.Q.filter(Member.id == user_id).first()
data_info = member.as_dict()
params = {
'member': member,
'data_info': data_info,
'public_key': sys_config('sys_login_rsa_pub_key'),
'rsa_encrypt': sys_config('login_pwd_rsa_encrypt'),
'active': {
'set': 'layui-this'
},
}
self.render('member/set.html', **params)
def get(self, *args, **kwargs):
uuid = self.get_argument('uuid', None)
menu_list = AdminMenu.children(status=1)
member = Member.Q.filter(Member.uuid == uuid).first()
data_info = member.as_dict()
params = {
'member': member,
'menu_list': menu_list,
'data_info': data_info,
'public_key': sys_config('sys_login_rsa_pub_key'),
'rsa_encrypt': sys_config('login_pwd_rsa_encrypt'),
}
self.render('member/edit.html', **params)
def post(self, *args, **kwargs):
username = self.get_argument('username')
next = self.get_argument('next', '')
password = self.get_argument('password', '')
rsa_encrypt = self.get_argument('rsa_encrypt', 0)
code = self.get_argument('code', '')
_ = self.locale.translate
if self.invalid_img_captcha(code):
return self.error(_('验证码错误'))
if settings.login_pwd_rsa_encrypt and int(
rsa_encrypt) == 1 and len(password) > 10:
private_key = sys_config('sys_login_rsa_priv_key')
password = RSAEncrypter.decrypt(password, private_key)
user = User.Q.filter(User.username == username).first()
if user is None:
return self.error('用户名或者密码错误')
if check_password(password, user.password) is not True:
return self.error('用户名或者密码错误')
if int(user.status) == 0:
return self.error('用户被“禁用”,请联系客服')
User.login_success(user, self)
self.clear_cookie(settings.valid_code_key)
return self.success(next=next)
def email_reset_pwd(self, email):
"""使用Email充值密码发送邮件功能
"""
if not Func.is_email(email):
return self.error('Email格式不正确')
token = self.get_secure_cookie(settings.token_key)
if token:
return self.error('邮件已发送,30分钟后重试')
member = Member.Q.filter(Member.email == email).first()
if member is None:
return self.error('账户没有注册')
if member.status == 0:
return self.error('账户被禁用')
self.success()
subject = '[%s]找回密码' % sys_config('site_name')
token = Func.uuid32()
action_url = sys_config(
'site_url') + '/passport/forget.html?token=' + token
localnow = Func.local_now() + datetime.timedelta(minutes=30)
params = {
'username': member.username,
'expires': str(localnow),
'action_url': action_url,
'action_tips': '立即重置密码',
}
tmpl = 'common/email_content.html'
content = self.render_string(tmpl, **params)
# print('content', content)
Func.sendmail({
'to_addr': email,
'subject': subject,
'content': content
})
save = {
'token': token,
'account': email,
'username': member.username,
'action': 'email_reset_pwd',
}
expires = time.mktime(localnow.timetuple())
self.set_secure_cookie(settings.token_key, str(save), expires=expires)
return
def activate_email(self, email):
"""激活邮箱发送邮件功能
"""
if not Func.is_email(email):
return self.error('Email格式不正确')
user_id = self.current_user.get('id')
member = Member.Q.filter(Member.id == user_id).first()
if member.email_activated:
return self.error('已经激活了,请不要重复操作')
token = self.get_secure_cookie(settings.token_key)
if token:
return self.error('邮件已发送,10分钟后重试')
self.success()
subject = '[%s]激活邮件' % sys_config('site_name')
token = Func.uuid32()
action_url = sys_config(
'site_url') + '/member/activate.html?token=' + token
localnow = Func.local_now() + datetime.timedelta(minutes=10)
params = {
'username': member.username,
'expires': str(localnow),
'action_url': action_url,
'action_tips': '立即激活邮箱',
}
tmpl = 'common/email_content.html'
content = self.render_string(tmpl, **params)
# print('content', content)
Func.sendmail({
'to_addr': email,
'subject': subject,
'content': content
})
save = {
'token': token,
'account': email,
'username': member.username,
'action': 'email_reset_pwd',
}
expires = time.mktime(localnow.timetuple())
self.set_secure_cookie(settings.token_key, str(save), expires=expires)
return
def post(self, *args, **kwargs):
next = self.get_argument('next', '')
email = self.get_argument('email', None)
mobile = self.get_argument('mobile', None)
username = self.get_argument('username', None)
sex = self.get_argument('sex', None)
password = self.get_argument('password', None)
repass = self.get_argument('repass', '')
rsa_encrypt = self.get_argument('rsa_encrypt', 0)
ref_user_id = self.get_argument('ref_user_id', '')
if settings.login_pwd_rsa_encrypt and int(
rsa_encrypt) == 1 and len(password) > 10:
private_key = sys_config('sys_login_rsa_priv_key')
password = RSAEncrypter.decrypt(password, private_key)
repass = RSAEncrypter.decrypt(repass, private_key)
if not username:
return self.error('用户名不能为空')
if not password:
return self.error('密码不能为空')
if repass != password:
msg = '两次输入的密码不一致,请重新输入'
msg = "%s, %s" % (password, repass)
return self.error(msg)
count = Member.Q.filter(Member.username == username).count()
if count > 0:
return self.error('用户名已被占用')
client = 'web'
params = {
'username': username,
'password': make_password(password),
'status': 1,
'avatar': 'image/default_avatar.jpg',
'register_ip': self.request.remote_ip,
'register_client': client,
}
if email:
params['email'] = email
count = Member.Q.filter(Member.email == email).count()
if count > 0:
return self.error('Email已被占用')
if mobile:
params['mobile'] = mobile
count = Member.Q.filter(User.mobile == mobile).count()
if count > 0:
return self.error('电话号码已被占用')
if sex:
params['sex'] = sex
if ref_user_id:
params['ref_user_id'] = ref_user_id
member = Member.register(params)
Member.login_success(member, self, client=client)
return self.success(next=next)
def post(self, *args, **kwargs):
id = self.get_argument('id', None)
params = self.params()
params['status'] = params.get('status', 0)
if not id:
return self.error('用户ID不能为空')
username = params.get('username', None)
if username:
count = Member.Q.filter(Member.id != id).filter(
Member.username == username).count()
if count > 0:
return self.error('用户名已被占用')
mobile = params.get('mobile', None)
params.pop('mobile', None)
if mobile:
params['mobile'] = mobile
if Func.is_mobile(mobile):
count = Member.Q.filter(Member.id != id).filter(
Member.mobile == mobile).count()
if count > 0:
return self.error('电话号码已被占用')
email = params.get('email', None)
params.pop('email', None)
if email:
params['email'] = email
if Func.is_email(email):
count = Member.Q.filter(Member.id != id).filter(
Member.email == email).count()
if count > 0:
return self.error('Email已被占用')
password = params.get('password', None)
params.pop('password', None)
if password:
rsa_encrypt = params.get('rsa_encrypt', 0)
if settings.login_pwd_rsa_encrypt and int(
rsa_encrypt) == 1 and len(password) > 10:
private_key = sys_config('sys_login_rsa_priv_key')
# print('password: '******'password'] = make_password(password)
params.pop('_xsrf', None)
params.pop('rsa_encrypt', None)
Member.Q.filter(Member.id == id).update(params)
Member.session.commit()
# update member cache info
member = Member.Q.filter(Member.id == id).first()
cache_key = member.cache_info(self)
return self.success(data=params)
def post(self, *args, **kwargs):
role_id = self.get_argument('role_id', None)
uuid = self.get_argument('uuid', None)
username = self.get_argument('username', None)
password = self.get_argument('password', None)
rsa_encrypt = self.get_argument('rsa_encrypt', 0)
email = self.get_argument('email', None)
mobile = self.get_argument('mobile', None)
status = self.get_argument('status', 0)
permission = self.get_body_arguments('permission[]')
email = None if email == 'None' else email
mobile = None if mobile == 'None' else mobile
if not uuid:
return self.error('用户ID不能为空')
user = {
'status': status,
}
if username:
user['username'] = username
count = User.Q.filter(User.uuid != uuid).filter(
User.username == username).count()
if count > 0:
return self.error('用户名已被占用')
if password:
if settings.login_pwd_rsa_encrypt and int(
rsa_encrypt) == 1 and len(password) > 10:
private_key = sys_config('sys_login_rsa_priv_key')
password = RSAEncrypter.decrypt(password, private_key)
user['password'] = make_password(password)
if mobile:
user['mobile'] = mobile
count = User.Q.filter(User.uuid != uuid).filter(
User.mobile == mobile).count()
if count > 0:
return self.error('电话号码已被占用')
if email:
user['email'] = email
count = User.Q.filter(User.uuid != uuid).filter(
User.email == email).count()
if count > 0:
return self.error('Email已被占用')
if permission:
user['permission'] = json.dumps(permission)
if role_id:
user['role_id'] = role_id
User.Q.filter(User.uuid == uuid).update(user)
User.session.commit()
return self.success(data=user)
def get(self, *args, **kwargs):
role_id = '6b0642103a1749949a07f4139574ead9'
menu_list = AdminMenu.children(status=1)
user = User(status=1, role_id=role_id)
data_info = user.as_dict()
try:
data_info['permission'] = json.loads(user.permission)
except Exception as e:
data_info['permission'] = []
params = {
'user': user,
'role_option': Role.option_html(role_id),
'menu_list': menu_list,
'data_info': data_info,
'public_key': sys_config('sys_login_rsa_pub_key'),
'rsa_encrypt': sys_config('login_pwd_rsa_encrypt'),
}
self.render('user/add.html', **params)
def get(self, *args, **kwargs):
token = self.get_argument('token', None)
token2 = self.get_secure_cookie(settings.token_key)
params = {
'public_key': sys_config('sys_login_rsa_pub_key'),
'rsa_encrypt': sys_config('login_pwd_rsa_encrypt'),
'token': token,
'reset_pwd': '1',
}
# print("token2: ", token2)
if token and token2:
token2 = str(token2, encoding='utf-8')
token2 = token2.replace('\'', '"')
token2 = json_decode(token2)
action = token2.get('action', '')
account = token2.get('account', '')
if token2.get('token', '') == token:
params['reset_pwd'] = '2'
params['username'] = token2.get('username', '')
self.render('passport/forget.html', **params)
def post(self, *args, **kwargs):
role_id = self.get_argument('role_id', None)
username = self.get_argument('username', None)
password = self.get_argument('password', None)
rsa_encrypt = self.get_argument('rsa_encrypt', None)
email = self.get_argument('email', None)
mobile = self.get_argument('mobile', None)
status = self.get_argument('status', 1)
permission = self.get_body_arguments('permission')
role_id = int(role_id)
if not username:
return self.error('用户名不能为空')
if not password:
return self.error('密码不能为空')
if username:
count = User.Q.filter(User.username == username).count()
if count > 0:
return self.error('用户名已被占用')
if settings.login_pwd_rsa_encrypt and int(
rsa_encrypt) == 1 and len(password) > 10:
private_key = sys_config('sys_login_rsa_priv_key')
password = RSAEncrypter.decrypt(password, private_key)
params = {
'username': username,
'password': make_password(password),
'status': status,
}
if role_id:
params['role_id'] = role_id
if mobile:
params['mobile'] = mobile
count = User.Q.filter(User.mobile == mobile).count()
if count > 0:
return self.error('电话号码已被占用')
if email:
params['email'] = email
count = User.Q.filter(User.email == email).count()
if count > 0:
return self.error('Email已被占用')
user = User(**params)
User.session.add(user)
User.session.commit()
return self.success()
def get(self, *args, **kwargs):
next = self.get_argument('next', '')
referrer = self.get_argument('referrer', '')
# print(aes_encrypt('de001cb8f0404944994e14f20bf76a02', prefix=''))
params = {
'public_key': sys_config('sys_login_rsa_pub_key'),
'rsa_encrypt': sys_config('login_pwd_rsa_encrypt'),
'next': next,
'referrer_name': '',
'ref_user_id': '',
}
if referrer:
ref_info = {}
try:
ref_user_id = aes_decrypt(referrer, prefix='')
ref_info = Member.get_info(ref_user_id, 'username')
params['referrer_name'] = ref_info.get('username', '')
params['ref_user_id'] = ref_user_id
except Exception as e:
pass
# self.show('home/login')
self.render('passport/register.html', **params)
def post(self, *args, **kwargs):
"""重置密码
"""
user_id = self.current_user.get('id')
next = self.get_argument('next', '')
nowpass = self.get_argument('nowpass', None)
password = self.get_argument('password', None)
repass = self.get_argument('repass', '')
rsa_encrypt = self.get_argument('rsa_encrypt', 0)
if settings.login_pwd_rsa_encrypt and int(
rsa_encrypt) == 1 and len(password) > 10:
private_key = sys_config('sys_login_rsa_priv_key')
nowpass = RSAEncrypter.decrypt(nowpass, private_key)
password = RSAEncrypter.decrypt(password, private_key)
repass = RSAEncrypter.decrypt(repass, private_key)
if not nowpass:
return self.error('当前密码不能够为空')
if not password:
return self.error('新密码不能为空')
if repass != password:
msg = '两次输入的密码不一致,请重新输入'
msg = "%s, %s" % (password, repass)
return self.error(msg)
member = Member.Q.filter(Member.id == user_id).first()
if int(member.status) == 0:
return self.error('用户被“禁用”,请联系客服')
if check_password(nowpass, member.password) is not True:
return self.error('当前密码错误')
params = {
'password': make_password(password),
'status': 1,
}
Member.Q.filter(Member.id == user_id).update(params)
Member.session.commit()
return self.success(next=next)
def post(self, *args, **kwargs):
params = self.params()
params['status'] = params.get('status', 0)
if not params.get('username', None):
return self.error('用户名不能为空')
if not params.get('password', None):
return self.error('密码不能为空')
count = Member.Q.filter(Member.username == params['username']).count()
if count > 0:
return self.error('用户名已被占用')
if Func.is_mobile(params.get('mobile', '')):
count = Member.Q.filter(Member.mobile == params['mobile']).count()
if count > 0:
return self.error('电话号码已被占用', data=params)
if Func.is_email(params.get('email', '')):
count = Member.Q.filter(Member.email == params['email']).count()
if count > 0:
return self.error('Email已被占用')
password = params.get('password')
rsa_encrypt = params.get('rsa_encrypt', 0)
if settings.login_pwd_rsa_encrypt and int(
rsa_encrypt) == 1 and len(password) > 10:
private_key = sys_config('sys_login_rsa_priv_key')
password = RSAEncrypter.decrypt(password, private_key)
params['password'] = make_password(password)
params.pop('_xsrf', None)
params.pop('rsa_encrypt', None)
params['uuid'] = Func.uuid32()
member = Member(**params)
Member.session.add(member)
Member.session.commit()
return self.success(data=member.as_dict())
def post(self, *args, **kwargs):
username = self.get_argument('username', None)
password = self.get_argument('password', None)
rsa_encrypt = self.get_argument('rsa_encrypt', 0)
email = self.get_argument('email', None)
mobile = self.get_argument('mobile', None)
uuid = self.current_user.get('uuid', None)
user = {}
if username:
user['username'] = username
count = Member.Q.filter(Member.uuid != uuid).filter(
Member.username == username).count()
if count > 0:
return self.error('用户名已被占用')
if password:
if settings.login_pwd_rsa_encrypt and int(
rsa_encrypt) == 1 and len(password) > 10:
private_key = sys_config('sys_login_rsa_priv_key')
password = RSAEncrypter.decrypt(password, private_key)
user['password'] = make_password(password)
if mobile:
user['mobile'] = mobile
count = Member.Q.filter(Member.uuid != uuid).filter(
Member.mobile == mobile).count()
if count > 0:
return self.error('电话号码已被占用')
if email:
user['email'] = email
count = Member.Q.filter(Member.uuid != uuid).filter(
Member.email == email).count()
if count > 0:
return self.error('Email已被占用')
Member.Q.filter(Member.uuid == uuid).update(user)
Member.session.commit()
return self.success(data=user)
def post(self, *args, **kwargs):
"""重置密码
"""
token = self.get_argument('token', None)
next = self.get_argument('next', '')
password = self.get_argument('password', None)
repass = self.get_argument('repass', '')
rsa_encrypt = self.get_argument('rsa_encrypt', 0)
code = self.get_argument('code', '')
_ = self.locale.translate
if self.invalid_img_captcha(code):
return self.error(_('验证码错误'))
token2 = self.get_secure_cookie(settings.token_key)
if not (token and token2):
return self.error('Token不存在或已经过期')
token2 = str(token2, encoding='utf-8')
token2 = token2.replace('\'', '"')
token2 = json_decode(token2)
action = token2.get('action', '')
account = token2.get('account', '')
# print('token2 ', token2.get('token', ''), token)
if token2.get('token', '') != token:
return self.error('Token不匹配')
if not password:
return self.error('新密码不能为空')
if settings.login_pwd_rsa_encrypt and int(
rsa_encrypt) == 1 and len(password) > 10:
private_key = sys_config('sys_login_rsa_priv_key')
password = RSAEncrypter.decrypt(password, private_key)
repass = RSAEncrypter.decrypt(repass, private_key)
if repass != password:
msg = '两次输入的密码不一致,请重新输入'
msg = "%s, %s" % (password, repass)
return self.error(msg)
member = None
if action == 'email_reset_pwd':
member = Member.Q.filter(Member.email == account).first()
else:
return self.error('不支持的action')
if member is None:
return self.error('用户不存在')
if int(member.status) == 0:
return self.error('用户被“禁用”,请联系客服')
user_id = member.id
params = {
'password': make_password(password),
}
Member.Q.filter(Member.id == user_id).update(params)
Member.session.commit()
params = {
'user_id': user_id,
'account': account,
'action': 'email_reset_pwd',
'ip': self.request.remote_ip,
'client': 'web',
}
MemberOperationLog.add_log(params)
self.clear_cookie(settings.token_key)
return self.success(next=next)
