def user_register(): """ Register an user """ if 'user' in session: return redirect('/dashboard/') form = RegisterUserForm(csrf_enabled=False) if form.validate_on_submit(): name = form.name.data email = form.email.data password = form.password.data user = User() result = user.find_one({'email': email}) if result is None: data = { 'name': name, 'email': email, 'password': bcrypt.hashpw(password, bcrypt.gensalt()), 'is_active':True } id = user.insert(data) return auth.login(id=id, active=data['is_active']) else: flash('El correo esta registrado, prueba con otro', 'error') return render_template('users/register.html', form=form)
def post(self, request, *args, **kwargs): print "post received" data = request.DATA print "data received" try: print "trying to get data" fb_id = data['fb_id'] oauth = data['oauth'] email = data['email'] except KeyError: error = {'error': "Invalid request"} return Response(error, status=status.HTTP_400_BAD_REQUEST) print "trying to get User" try: user = User(fb_id=fb_id, email=email) user.save() except Exception: content = {'content': 'account already exists'} return Response(content, status=status.HTTP_200_OK) print("starting redis queue") django_rq.enqueue(run_queue, fb_id, oauth, email, user) print("redis queue started") return Response(status=status.HTTP_201_CREATED)
def decorated_view(*args, **kwargs): user = User.query(User.username == g.user).get() if not user: return redirect(url_for('login', next=request.url)) elif not user.is_admin_user(): return redirect(url_for('login', next=request.url)) return f(*args, **kwargs)
def post(self, uk): user_data = self.get_data() user_data['deviceid'] = "test-test-test" user = User() user.from_dict(user_data) user.generate_secret() user.generate_avatar_path() if user.save(): self.set_status(201) self.set_header('Location', user.get_link()) else: raise HTTPError(500, 'Save avatar user info error.') self.finish()
def createuser(): '''Creates a new user for the website.''' name = prompt('Username') raw_pwd = prompt_pass('Password') confirm_pwd = prompt_pass('Confirm Password') user = User() data = MultiDict(dict(name=name, raw_pwd=raw_pwd, confirm_pwd=confirm_pwd)) form = SignupForm(data, obj=user, csrf_enabled=False) if form.validate(): form.populate_obj(user) user.save() print('User was successfully created.') else: for field, errors in form.errors.iteritems(): field_text = getattr(form, field).label.text for error in errors: print('[Error] {0}: {1}'.format(field_text, error))
def user_join(): if request.method == 'POST': email = request.form['email'] password = request.form['password'] name = request.form['name'] user = User(email=email, password=generate_password_hash(password), name=name) db.session.add(user) db.session.commit()
def login(): app = current_app._get_current_object() form = LoginForm() if form.validate_on_submit(): if form.name.data == app.config[ 'ADMIN_USER'] and form.password.data == app.config['ADMIN_PWD']: login_user(User(app.config['ADMIN_USER'])) return redirect(request.args.get('next') or url_for('home.index')) else: flash(u'无效的用户名或密码') return render_template('login.html', form=form)
def createSuperUser(): from apps.models import User, Role from apps.forms import checkEmail, checkUsername, checkPassword # 从数据库绑定admin id role_admin = Role.select(Role.id).where(Role.name == "admin").get().id if not role_admin: return ("必须先在Role表中创建管理员角色") email = click.prompt("请输入邮箱") checkEmail(email) name = click.prompt("请输入用户名") checkUsername(name) password = click.prompt("请输入密码", hide_input=True, confirmation_prompt=True) checkPassword(password) password = User.generalPassword(password) User.create(email=email, name=name, password=password, sex=User.sex.choices.unknown, role_id=role_admin, signature="I am super admin") print("成功创建超级管理员账户;%s" % name)
def matkul_update(matkul_id): matkul = MataKuliah.get(MataKuliah.id == matkul_id) form = MataKuliahForm(request.form, obj=matkul) form.dosen.choices = get_dosen() form.action = url_for('admin:matkul:update', matkul_id=matkul.id) if form.validate_on_submit(): form.populate_obj(matkul) matkul.dosen = User.get(User.id == form.dosen.data) matkul.save() flash('Sukses memperbarui mata kuliah') return redirect(url_for('admin:matkul:list')) return render_template('admin/matkul/update.html', form=form)
def matkul_create(): form = MataKuliahForm(request.form) form.dosen.choices = get_dosen() form.action = url_for('admin:matkul:create') if form.validate_on_submit(): matkul = MataKuliah() form.populate_obj(matkul) matkul.dosen = User.get(User.id == form.dosen.data) matkul.save() flash('Sukses menambah mata kuliah') return redirect(url_for('admin:matkul:list')) return render_template('admin/matkul/create.html', form=form)
def register(): form = RegisterForm(csrf_enabled=False) if request.method == 'POST' and form.validate_on_submit(): info = User.create_user(form) if info == 'OK': flash(u'您注册成功!') return redirect(url_for('main.login')) elif info == 'REPRAT': flash(u'您注册的用户名已经存在!') elif info == 'FAIL': flash(u'您注册失败!') return render_template('register.html', form=form, title=u'欢迎注册')
def user_delete(user_id): if g.user and g.user.level.name == 'admin': try: user = User.get(User.id == user_id) except User.DoesNotExist: flash('Tidak bisa menghapus user', 'error') return redirect(url_for('admin:user:list')) if user: user.delete_instance(True) return redirect(url_for('admin:user:list')) else: return redirect(url_for('login'))
def setUpClass(cls): # start Firefox try: cls.client = webdriver.Firefox() except: pass # skip these tests if the browser could not be started if cls.client: # create the application cls.app = create_app('testing') cls.app_context = cls.app.app_context() cls.app_context.push() # suppress logging to keep unittest output clean import logging logger = logging.getLogger('werkzeug') logger.setLevel("ERROR") # create the database and populate with some fake data db.create_all() Role.insert_roles() User.generate_fake(10) Post.generate_fake(10) # add an administrator user admin_role = Role.query.filter_by(permissions=0xff).first() admin = User(email='*****@*****.**', username='******', password='******', role=admin_role, confirmed=True) db.session.add(admin) db.session.commit() # start the Flask server in a thread threading.Thread(target=cls.app.run).start() # give the server a second to ensure it is up time.sleep(1)
def create_user(): """User registration in the system.""" try: data = request.json first_name = request.json['first_name'] last_name = request.json['last_name'] email = request.json['email'] password = request.json['password'] user_info = User.query.filter_by(email=email).first() print(user_info) if user_info: message = "User already exits" code = 400 else: password = generate_password_hash(password) user = User() user.first_name = first_name user.last_name = last_name user.email = email user.password = password db.session.add(user) db.session.commit() message = "User create successfully" code = 200 except Exception as error: return jsonify({'message': str(error)}), 400 return jsonify({'message': message}), code
def register(): if session.get('username'): return redirect(url_for('index')) form = RegistrationForm() if form.validate_on_submit(): user_id = User.objects.count() user_id += 1 email = form.email.data password = form.password.data first_name = form.first_name.data last_name = form.last_name.data user = User(user_id=user_id, email=email, first_name=first_name, last_name=last_name) user.set_password(password) user.save() flash("You are successfully registered", "success") return redirect(url_for('index')) return render_template("register.html", title="Register", form=form, register=True)
def user_join(): form = joinForm() if request.method == 'POST': if form.validate_on_submit(): user = User(user_nick=form.user_nick.data, password=generate_password_hash(form.password.data), email=form.email.data) db.session.add(user) #user에 add SQL문 db.session.commit() #user datatabase에 올림 flash(u'시너지 회원이 된 것을 축하드립니다.', 'success') return redirect(url_for('show_home')) return render_template('User/join.html', form=form)
def user_join(): form = JoinForm() if form.validate_on_submit(): user = User( email = form.email.data, password = generate_password_hash(form.password.data), name = form.name.data, birthday = form.birthday.data ) year=datetime.date.today().strftime("%Y") user.age = int(year)-int(user.birthday.year) +1 db.session.add(user) db.session.commit() session.permanent = True session['user_email'] = user.email session['user_name'] = user.name return redirect(url_for('index')) else: return render_template("login.html", form = form, joinModalOn='True')
def register(): form = RegisterFrom() if form.validate_on_submit(): u = User( username=form.username.data, password=form.password.data, email=form.email.data, ) db.session.add(u) db.session.commit() # 生产一个加密字符串,保存该用户注册成功后的信息 token = u.generate_token() # 发送一封邮箱 send_mail(u.email, subject='账户激活', template='email/activate', username=u.username, token=token) # print(u.email) return redirect(url_for('users.login')) return render_template('users/register.html', form=form)
def verify_password(email_or_token, password): if email_or_token == '': return False if password == '': g.current_user = User.verify_auth_token(email_or_token) g.token_used = True return g.current_user is not None user = User.query.filter_by(email=email_or_token).first() if not user: return False g.current_user = user g.token_used = False return user.verify_password(password)
def login(): form = LoginForm() if form.validate_on_submit(): user = User.query.filter_by(username=form.username.data).first() if user is not None: flag = User.verity_password(form.password.data, user.password_hash) if flag: login_user(user, form.remember_me.data) return redirect( request.args.get('next') or url_for("admin.index")) flash('无效的用户名或者密码') return render_template("login.html", form=form)
def test_invalid_confirmation_token(self): u1 = User(password='******') u2 = User(password='******') db.session.add(u1) db.session.add(u2) db.session.commit() token = u1.generate_confirmation_token() self.assertFalse(u2.confirm(token))
def put(self): """ 修改账户密码 :return: """ data = request.json account = data.get('account') old_password = data.get('oldPassword') new_password = data.get('newPassword') sure_password = data.get('surePassword') _data = User.query.filter(User.account == account).first() if not _data: return jsonify({"code": 400, "msg": "账户不存在"}) if not User.hash_password(old_password): return jsonify({'msg': '旧密码错误', 'code': 400}) if not new_password: return jsonify({'msg': '新密码不能为空', 'code': 400}) if new_password != sure_password: return jsonify({'msg': '新密码和确认密码不一致', 'code': 400}) User.password_hash = User.hash_password(new_password) db.session.add() db.session.commit() return jsonify({'msg': '密码修改成功', 'code': 200})
def login(): """ :params: str :user_name :params: str :password :return: """ input_json = request.json res = Response() try: if input_json and input_json['user_name']: user = User.filter(User.user_name == input_json['user_name']).first() if not user: res.Code = 400 res.Message = 'username password do not match' return jsonify(res.object_to_dict()) password = input_json['password'] if isinstance(password, str): password = bytes(password, 'utf-8') user_password = bytes(user.password, 'utf-8') if len(user.password) < 16: # 检查是不是 bcrypt 保存的密码 考虑到可能会直接操作数据库进行user信息的写入 user.password = bcrypt.hashpw(user_password, bcrypt.gensalt()) is_valid = bcrypt.checkpw(password, user.password) else: is_valid = bcrypt.checkpw(password, user_password) if not is_valid: logging.info('%s %s login failed', user.user_name, user.id) res.Code = 400 res.Message = 'username password do not match' return jsonify(res.object_to_dict()) logging.info('%s %s login successed', user.user_name, user.id) user.last_login_at = datetime.now() user.save() res.Code = 200 res.Message = "login success" res.Result = { 'jwt': encode_auth_token(user.id, user.account_id) } else: res.Code = 400 res.Message = "no user name" return jsonify(res.object_to_dict()) except Exception as e: logging.info("user %s login error. %s", input_json['user_name'], e) res.Code = 500 res.Message = 'Internal service error' return jsonify(res.object_to_dict())
def test_unconfirmed_account(self): # add an unconfirmed user r = Role.query.filter_by(name='User').first() self.assertIsNotNone(r) u = User(email='*****@*****.**', password='******', confirmed=False, role=r) db.session.add(u) db.session.commit() # get list of posts with the unconfirmed account response = self.client.get( url_for('api.get_posts'), headers=self.get_api_headers('*****@*****.**', 'cat')) self.assertTrue(response.status_code == 403)
def register(): form = RegisterForm() if form.validate_on_submit(): user = User(username=form.username.data, email=form.email.data.lower(), password=form.password.data) try: db.session.add(user) db.session.commit() except: db.session.rollback() flash('注册失败,请重试') return render_template('auth/register.html', form=form) token = user.generate_confirmation_token() send_mail(user.email, '激活账号', 'mail/confirm', user=user, token=token, email=user.email) flash('一封确认邮件已经发送到您的邮箱,请及时激活账号!') return redirect(url_for('main.index')) return render_template('auth/register.html', form=form)
def blog(): if request.method == "POST": username = request.form["username"] title = request.form["title"] email = request.form["email"] content = request.form["content"] user = User(username, title, email, content) db.session.add(user) db.session.commit() return redirect(url_for("index")) return redirect(url_for("about"))
def test_bad_auth(self): # add a user r = Role.query.filter_by(name='User').first() self.assertIsNotNone(r) u = User(email='*****@*****.**', password='******', confirmed=True, role=r) db.session.add(u) db.session.commit() # authenticate with bad password response = self.client.get( url_for('api.get_posts'), headers=self.get_api_headers('*****@*****.**', 'dog')) self.assertTrue(response.status_code == 401)
def register(): form = RegisterForm() if form.validate_on_submit(): data = form.data user = User(name=data["name"], pwd=generate_password_hash(data["pwd"]), email=data["email"], phone=data["phone"], uuid=uuid.uuid4().hex) db.session.add(user) db.session.commit() flash("注册成功,请登录!", "ok") return redirect(url_for("home.login")) return render_template("home/register.html", form=form)
def signup(): if request.method == "POST": username = request.form["username"] email = request.form["email"] password = request.form["password"] user = User(username, email, password) db.session.add(user) db.session.commit() return render_template("signup.html") else: return render_template("signup.html")
def test_invalid_email_change_token(self): u1 = User(email='*****@*****.**', password='******') u2 = User(email='*****@*****.**', password='******') db.session.add(u1) db.session.add(u2) db.session.commit() token = u1.generate_email_change_token('*****@*****.**') self.assertFalse(u2.change_email(token)) self.assertTrue(u2.email == '*****@*****.**')
def user_update(user_id): user = User.get(User.id == user_id) form = UserForm(request.form, obj=user) form.action = url_for('admin:user:update', user_id=user.id) form.level.choices = get_level() form.level.data = user.level.id form.profile.jenis_kelamin.data = user.profile.jenis_kelamin if form.validate_on_submit(): form.populate_obj(user) user.level = Level.get(Level.id == form.level.data) user.profile.nama = form.profile.nama.data user.profile.save() user.save() return redirect(url_for('admin:user:list')) return render_template('admin/user/update.html', form=form, user=user)
def test_users(self): # add two users r = Role.query.filter_by(name='User').first() self.assertIsNotNone(r) u1 = User(email='*****@*****.**', username='******', password='******', confirmed=True, role=r) u2 = User(email='*****@*****.**', username='******', password='******', confirmed=True, role=r) db.session.add_all([u1, u2]) db.session.commit() # get users response = self.client.get( url_for('api.get_user', id=u1.id), headers=self.get_api_headers('*****@*****.**', 'dog')) self.assertTrue(response.status_code == 200) json_response = json.loads(response.data.decode('utf-8')) self.assertTrue(json_response['username'] == 'john') response = self.client.get( url_for('api.get_user', id=u2.id), headers=self.get_api_headers('*****@*****.**', 'dog')) self.assertTrue(response.status_code == 200) json_response = json.loads(response.data.decode('utf-8')) self.assertTrue(json_response['username'] == 'susan')
def join(): if request.method == 'GET': return render_template('join.html') if request.method == 'POST': user_exist = None user_exist = User.query(User.username == request.form['username']).get() print user_exist user = User( username=request.form['username'], password=generate_password_hash(request.form['password']), email=request.form['email'] ) exist = False if not user_exist: user_create_result = user.put() logging.info(user_create_result) flash(u'회원가입을 하였습니다.', 'success') return redirect(url_for('home')) else: flash(u'중복되는 아이디가 존재합니다.', 'danger') return redirect(url_for('join'))
def post(self): """ 修改添加用户 :return: """ account = request.json.get('account') username = request.json.get('username') password = request.json.get('password') new_password = request.json.get('new_password') user_id = request.json.get('id') if user_id: old_data = User.query.filter_by(id=user_id).first() if User.query.filter_by(username=username).first( ) and username != old_data.username: return jsonify({'msg': '名字已存在', 'code': 400}) elif User.query.filter_by( account=account).first() and account != old_data.account: return jsonify({'msg': '账号已存在', 'code': 400}) if new_password: if not password: return jsonify({"code": 400, "msg": "密码不能为空"}) else: old_data.password = password old_data.username = username db.session.commit() return jsonify({"code": 200, "msg": "修改成功"}) else: if account is None or password is None or username is None: return jsonify({'code': 400, "msg": "账户密码不能为空"}) if User.query.filter_by(account=account).first() is not None: return jsonify({'code': 400, "msg": "账户已存在"}) user = User(account=account, username=username) user.hash_password(password) db.session.add(user) db.session.commit() return jsonify({'code': 200, "msg": "账户添加成功"})
def user_login(): """ Login an user """ if 'user' in session: return redirect('/dashboard') form = LoginUserForm(csrf_enabled=False) if form.validate_on_submit(): email = form.email.data password = form.password.data user = User() result = user.find_one({'email': email}) if result is not None: if bcrypt.hashpw(password, result['password']) == result['password']: return auth.login(id=result['_id'], active=result['is_active']) else: flash('Password incorrecto', 'error') else: flash('El usuario no existe', 'error') return render_template('users/login.html', form=form)
def user_regist(): form = RegistForm() if form.validate_on_submit(): # 查看用户名是否已经存在 user_name = form.user_name.data user_x = User.query.filter_by(name=user_name).first() if user_x: flash("用户名已经存在!", category='err') return render_template('user_regist.html', form=form) user_x = User.query.filter_by(email=form.user_email.data).first() if user_x: flash("邮箱已经被注册过!", category='err') return render_template('user_regist.html', form=form) user_x = User.query.filter_by(phone=form.user_phone.data).first() if user_x: flash("手机号已经被注册过!", category='err') return render_template('user_regist.html', form=form) # 如果用户不存在,创建一个用户类的实例 user = User() user.name = form.user_name.data user.pwd = generate_password_hash(form.user_pwd.data) user.email = form.user_email.data user.phone = form.user_phone.data user.jianjie = form.user_jianjie.data user.uuid = str(uuid.uuid4().hex)[0:10] # 给每个用户分配一个10个字符的身份标识符 filestorage = request.files["user_face"] user.face = secure_filename_with_uuid(filestorage.filename) # 保存用户头像文件,执行插入操作 try: photosSet.save(storage=filestorage, folder=user.name, name=user.face) db.session.add(user) db.session.commit() flash("用户注册成功!", category='ok') return redirect(url_for("user_login", username=user.name)) except UploadNotAllowed: flash("头像文件格式不对!", category='err') return render_template('user_regist.html', form=form) return render_template('user_regist.html', form=form)
def user_signup(): if request.method == 'POST': user_data = request.form user = User(email=user_data['email'], password=generate_password_hash(user_data['password']), name=user_data['name'], join_date=kstime(9)) db.session.add(user) db.session.commit() flash(u'가입이 완료 되었습니다.', 'success') return redirect(url_for('article_list')) #if GET return render_template('user/join.html', form=form, active_tab='user_join')
def user_join(): form = JoinForm() if request.method == 'POST': user = User(email=form.email.data, password=generate_password_hash(form.password.data), name=form.name.data) db.session.add(user) db.session.commit() flash(u'가입이 승인되었습니다. 비밀번호는 암호화되어 저장되어 관리자도 알 수 없습니다.', 'success') return redirect(url_for('article_list')) else: flash(u'비밀코드가 맞지 않습니다. 관리자에게 문의하세요.', 'danger') return render_template('user/join.html', form=form, active_tab='user_join')
def test_gravatar(self): u = User(email='*****@*****.**', password='******') with self.app.test_request_context('/'): gravatar = u.gravatar() gravatar_256 = u.gravatar(size=256) gravatar_pg = u.gravatar(rating='pg') gravatar_retro = u.gravatar(default='retro') with self.app.test_request_context('/', base_url='https://example.com'): gravatar_ssl = u.gravatar() self.assertTrue('http://www.gravatar.com/avatar/' + 'd4c74594d841139328695756648b6bd6'in gravatar) self.assertTrue('s=256' in gravatar_256) self.assertTrue('r=pg' in gravatar_pg) self.assertTrue('d=retro' in gravatar_retro) self.assertTrue('https://secure.gravatar.com/avatar/' + 'd4c74594d841139328695756648b6bd6' in gravatar_ssl)
def login(): if session.get('username'): return redirect(url_for('index')) form = LoginForm() if form.validate_on_submit(): email = form.email.data password = form.password.data user = User.objects(email=email).first() if user and user.get_password(password): flash(f"{user.first_name} You are logged in successfully!!!", "success") session['user_id'] = user.user_id session['username'] = user.first_name return redirect(url_for('index')) else: flash("Something went wrong!", "danger") return render_template("login.html", form=form, title="Log In", login=True)
def login(): form = LoginForm(request.form) if form.validate_on_submit(): email = form.email.data password = form.password.data try: user = User.get(User.email == email) if user and user.check_password(password): session['user_id'] = user.id session.permanent = True return redirect(url_for('home')) else: flash('Email atau password salah', 'error') return render_template('login.html', form=form) except User.DoesNotExist: flash('Email atau password salah', 'error') return render_template('login.html', form=form) return render_template('login.html', form=form)
def verify_code(): # 验证手机号和验证码 phone = request.form.get('phone') msg_code = request.form.get('msg_code') print(phone) # 校验参数是否为空 if not all([phone, msg_code]): return jsonify(phone=phone, msg_code=msg_code, msg='有参数为空') # 校验手机号码是否合法 if not re.match(r'1[3456789]\d{9}', phone): return jsonify(msg='手机号码不合法') # 校验验证码是否一致 try: # 取到是bytes类型 save_code = redis_store.get('msg_%s' % phone).decode() print(save_code) if save_code == msg_code: print('与本地一致') else: return jsonify(err_msg='msg_code error') except Exception as e: logging.error(e) return jsonify(msg='redis error') # 如果不存在则创建用户 user_obj = User.query.filter_by(phone=phone).first() try: if user_obj: print('用户已存在') else: print('用户不存在则创建') user_obj = User(phone=phone) db.session.add(user_obj) db.session.commit() except Exception as e: print(e) db.session.rollback() return jsonify(msg='mysql error') # 添加到session,也就是存在不存在都登录 session['user_id'] = user_obj.id session['user_phone'] = phone # 响应 return jsonify(msg='ok')
def user_create(): form = UserForm(request.form) form.action = url_for('admin:user:create') form.level.choices = get_level() if form.validate_on_submit(): user = User() user.email = form.email.data user.password = form.password.data user.no_induk = form.no_induk.data level = Level.get(Level.id == form.level.data) jenkel = form.profile.jenis_kelamin.data nama = form.profile.nama.data profile = Profile.create(nama=nama, jenis_kelamin=jenkel) user.level = level user.profile = profile user.save() return redirect(url_for('admin:user:list')) if form.errors: print form.errors return render_template('admin/user/create.html', form=form)
def post(self, phn): user = User() data = self.get_data() user.from_dict(data) # after the phone set in user.generate_avatar_path() if user.save(): self.set_status(201) self.set_header('Location', user.get_link()) msg = self.message("Created Success.") else: self.set_status(400) msg = self.message("name,phone,password field are required.") self.render_json(msg)
def bill_add(bill_request, user_id): bill_type = bill_request.get('type', '') bill_amount = bill_request.get('amount', '') bill_create_time = bill_request.get('create_time', '') bill_remark = bill_request.get('remark', '') consumption_type = ConsumptionType(id=bill_type) user = User(id=user_id) if bill_type and bill_amount and bill_create_time and bill_remark: bill = Bill(amount=float(bill_amount), create_time=bill_create_time, remark=bill_remark, is_delete=False, type=consumption_type, user=user) try: bill.save() except ValueError: return u'数据存储异常,请联系管理员' return u'1'
def home(): dosens = (User.select(User, MataKuliah) .join(MataKuliah) .join(Level, JOIN.LEFT_OUTER, on=(User.level == Level.id)) .join(Tugas, JOIN.LEFT_OUTER, on=(Tugas.mata_kuliah == MataKuliah.id)) .join(Profile, on=(User.profile == Profile.id)) .group_by(User) .where(Level.name == 'dosen') .order_by(Profile.nama.asc())) dosen_id = request.args.get('dosen_id', None) if dosen_id: dosen = dosens.filter(User.id == dosen_id).get() else: dosen = dosens.first() dosen_id = dosen.id posts = Post.select().order_by(Post.id.desc()) user = g.user return render_template('mhs/home.html', dosen=dosen, dosens=dosens, posts=posts, dosen_id=dosen_id)
def update_info(user_id): if not g.user.id == user_id: return abort(401) user = User.select().join(Profile).where(User.id == user_id).get() form = UpdateInfoForm(request.form, obj=user) form.action = url_for('update-info', user_id=user_id) if form.validate_on_submit(): user.profile.nama = form.profile.nama.data user.profile.no_telpon = form.profile.no_telpon.data user.profile.tanggal_lahir = form.profile.tanggal_lahir.data user.profile.alamat = form.profile.alamat.data path = get_user_media_path(user) phile = request.files['profile-image'] if phile: path = os.path.join(path, secure_filename(phile.filename)) phile.save(path) user.profile.image = url_for('media', filepath=path) user.profile.save() user.save() return redirect(url_for('mhs:home')) return render_template('update_info.html', form=form, user=user)
def login(): if request.method == 'GET': return render_template('login.html') if request.method == 'POST': user = User.query(User.username == request.form['username']).get() if user: if user.check_password(request.form['password']): session['logged_in'] = True if user.is_superuser: session['is_superuser'] = True session['user'] = request.form['username'] flash(u'로그인 하였습니다.', 'success') return redirect(url_for('home')) else: flash(u'잘못된 비밀번호 입니다.', 'danger') return redirect(url_for('home')) else: flash(u'사용자가 존재하지 않습니다.', 'danger') return redirect(url_for('home'))
def current_user(): user = None if 'user_id' in session: user_id = session['user_id'] user = User.get(User.id == user_id) return user
def get_dosen(): level = Level.select().where(Level.name == 'dosen') users = [(user.id, user.profile.nama) for user in User.select().where(User.level == level)] return users
def _on_auth(self, outer_user): if not outer_user: raise HTTPError(500, "Douban auth failed.") auth_id = "%s_%s" % (Auth.DOUBAN, outer_user['access_token']['douban_user_id']) auth = Auth.query.get(auth_id) user = User.query.get_by_userkey(self.get_secure_cookie('userkey', None)) or auth and auth.user self.clear_cookie('userkey') # create or update the user if user is None and auth is None: did = self.get_secure_cookie('uid', None) self.clear_cookie('uid') if not did: raise HTTPError(500, "Douban auth failed.") # user data user_data = {} user_data['userkey'] = auth_id user_data['name'] = outer_user['name'] user_data['avatar'] = outer_user['avatar'] user_data['brief'] = outer_user['brief'] user_data['deviceid'] = did user = User() user.from_dict(user_data) user.generate_secret() if not user.save(): raise HTTPError(500, 'Save auth user info error.') # auth data auth_data = {} auth_data['site_label'] = Auth.DOUBAN auth_data['access_token'] = outer_user['access_token']['key'] auth_data['access_secret'] = outer_user['access_token']['secret'] auth_data['expired'] = outer_user['expired'] auth_data['user_id'] = user.id auth_data['site_user_id'] = auth_id # create or update the auth if auth is None: auth = Auth() auth.from_dict(auth_data) if not auth.save(): raise HTTPError(500, "Failed auth with douban account.") # send to douban #sns_data = { # 'token': auth.access_token, # 'secret': auth.access_secret, # 'label': auth.DOUBAN, # 'content': u"我正在使用乐帮,乐帮是一款基于LBS的帮助应用, 旨在让你在有困难时能更容易地得到帮助。请关注乐帮小站http://site.douban.com/135015/" # } #http_client = httpclient.HTTPClient() #try: # http_client.fetch( # options.mquri, # body="queue=snspost&value=%s" % self.json(sns_data), # method='POST', # ) #except httpclient.HTTPError, e: # pass self.render_json(auth.user.user2dict4auth() if auth.user.id>0 else {}) self.finish()
def user_list(): users = User.select() _level = request.args.get('level', None) if _level: users = users.join(Level).where(Level.name == _level) return object_list('admin/user/list.html', users, 'users', paginate_by=10)