def post(self, **kwargs): """密码登录 --- tags: - 登录、注册 parameters: - name: phone in: body type: string required: true - name: password in: body type: string required: true - name: verify_code in: body type: string required: true - name: uuid in: body type: string required: true responses: 200: description: A list of colors (may be filtered by palette) examples: response: {"data": {"access_token": "xxx"}, "message": "成功"} """ phone = kwargs.get("phone") password = kwargs.get("password") verify_code = kwargs.get("verify_code") unique_id = kwargs.get("uuid") if not valid_phone(phone): return json_response(message="无效的手机号", status=403) elif len(verify_code) != 4 or not verify_code.isdigit(): return {"msg": "验证码格式错误"} verify_code_redis = redis_0.get("verify_code:" + unique_id) if not verify_code_redis: return json_response(message="验证码过期,请重新获取", status=403) else: if verify_code != verify_code_redis.decode(): return json_response(message="验证码错误", status=403) else: user = User.query.filter_by(phone=phone).first() if not user: return json_response(message="用户不存在", status=404) if not user.salt: return json_response(message="您输入的密码有误,请重新输入", status=401) password_hashed = bcrypt.hashpw(password.encode(), user.salt.encode()) if password_hashed != user.password.encode(): return json_response(message="您输入的密码有误,请重新输入", status=401) access_token = create_access_token(identity=user.id) return json_response({ "access_token": access_token, }, message="成功")
def post(self, org_id, **kwargs): """组织员工 --- tags: - 组织部门雇员 parameters: - name: org_id in: url type: string required: true description: 组织ID - name: phone in: body type: string required: true description: 员工手机号 - name: department_id_list in: body type: array required: false description: 部门ID列表 - name: job_title in: body type: string required: true description: 员工岗位 - name: superior_id in: body type: string required: true description: 直属人ID - name: role_id_list in: body type: array required: false description: 角色ID列表 - name: is_able in: body type: int required: false description: 是否启用,可以不传,默认为禁用 responses: status: description: 返回的状态码信息 examples: response: {'data': null, 'status': {422: '手机号非法', 404: '没有找到直属人', 200: '发送短信通知加入或者通知邀请', 500: '加入失败', 409: '已存在该组织'}} """ phone = kwargs['phone'] department_id_list = kwargs.get('department_id_list') job_title = kwargs['job_title'] superior_id = kwargs.get('superior_id') role_id_list = kwargs.get('role_id_list') is_able = kwargs.get('is_able') current_user_obj = get_current_user() is_phone = valid_phone(phone) if not is_phone: return json_response(None, message='手机号非法', status=422) superior_obj = None if superior_id: superior_obj = OrgStaff.query.filter( OrgStaff.id == superior_id, OrgStaff.org_id == org_id).first() if not superior_obj: return json_response(None, message='直属人未找到', status=404) org_obj = Organization.query.get_or_404(org_id) user_obj = User.query.filter(User.phone == phone).first() if user_obj: user_id = user_obj.id org_staff_obj = OrgStaff.query.filter( OrgStaff.org_id == org_id, OrgStaff.user_id == user_obj.id).first() if org_staff_obj: return json_response(None, message='该人员已存在当前组织', status=409) else: temp_user_id = generate_uuid() temp_user_obj = User( id=temp_user_id, phone=phone, nickname=config['system']['USER_DISABLE_NICKNAME_PREFIX'] + phone[-4:], create_time=time.time(), is_invite_status=1) temp_user_info_obj = UserInfo(user_id=temp_user_id, ) org_req_obj = OrgRequest(sender_id=current_user_obj.id, message='邀请您到我们的组织', create_time=time.time(), org_id=org_id) db.session.add_all( [temp_user_obj, temp_user_info_obj, org_req_obj]) user_id = temp_user_id # try: # 未注册的用户 发短信通知邀请 # send_sms(generate_uuid(), phone, "山泉", "SMS_152655055", {'code': f'www.xx.com/xx'}) staff_uuid = generate_uuid() # 已注册 发短信通知,直接拉进来 org_staff_obj = OrgStaff( id=staff_uuid, user_id=user_id, job_title=job_title, is_able=is_able if is_able in [0, 1] else 0, superior_id=superior_obj.id if superior_obj else None, org_id=org_id) db.session.add(org_staff_obj) if department_id_list: for dep in department_id_list: org_dep_obj = OrgDepartmentStaff(org_department_id=dep, staff_id=staff_uuid) db.session.add(org_dep_obj) if role_id_list: for role in role_id_list: staff_role_obj = OrgStaffRole(staff_id=staff_uuid, org_role_config_id=role) db.session.add(staff_role_obj) message_obj = Message( title='邀请信息', content=f'{current_user_obj.nickname}邀请您加入组织:{org_obj.name}', send_time=time.time(), message_type=4, # 邀请消息 organization_id=org_obj.id, user_id=user_obj.id) db.session.add(message_obj) try: db.session.commit() return json_response(None, message='加入成功,将以短信形式通知该员工', status=200) except Exception as e: _ = e db.session.rollback() return json_response(None, message=f'加入失败,{e}', status=500)
def post(self, **kwargs): """手机号 密码 注册 --- tags: - 登录、注册 parameters: - name: phone in: body type: string required: true description: 手机号 - name: verify_code in: body type: string required: true description: 图片验证码 - name: password in: body type: string required: true description: 密码 - name: again_password in: body type: string required: true description: 再次输入密码 - name: uuid in: body type: string required: true description: 验证码的uuid responses: 200: description: 成功 examples: response: {"message": "ok"} 403: description: 失败 examples: response: {"message": ["无效的手机号", "验证码格式错误", "两次密码输入不一致", "密码最少需要八位", "验证码过期,请重新获取", "验证码错误"]} 409: description: 手机号已注册 500: description: 注册失败 代码有问题 """ phone = kwargs['phone'] password = kwargs['password'] again_password = kwargs['again_password'] verify_code = kwargs['verify_code'] unique_id = kwargs['uuid'] password, again_password = password.replace( " ", ""), again_password.replace(" ", "") if not valid_phone(phone): return json_response(message="无效的手机号", status=403) elif len(verify_code) != 4 or not verify_code.isdigit(): return json_response(message="验证码格式错误", status=403) if password != again_password: return json_response(message="两次密码输入不一致", status=403) if len(password) < 8: return json_response(message="密码最少需要八位", status=403) verify_code_redis = redis_0.get("verify_code:" + unique_id) if not verify_code_redis: return json_response(message="验证码过期,请重新获取", status=403) else: if verify_code != verify_code_redis.decode(): return json_response(message="验证码错误", status=403) else: user = User.query.filter_by(phone=phone).first() if user: return json_response(message="该手机号已注册", status=409) else: try: salt = bcrypt.gensalt() new_password = bcrypt.hashpw(password.encode(), salt) user = User(phone=phone, password=new_password.decode(), salt=salt.decode(), nickname=config['system'] ['USER_DISABLE_NICKNAME_PREFIX'] + phone[-4:], create_time=time.time()) db.session.add(user) db.session.commit() return json_response(None, message='注册成功', status=200) except Exception as e: _ = e db.session.rollback() return json_response(None, message=f'注册失败{_}', status=500)
def post(self, **kwargs): """用户名 密码 注册 --- tags: - 登录、注册 parameters: - name: phone in: body type: string required: false description: 手机号 - name: username in: body type: string required: true description: 用户名 - name: password in: body type: string required: true description: 密码 """ phone = kwargs.get('phone', None) username = kwargs.get('username') password = kwargs.get('password') if phone and not valid_phone(phone): return json_response(message="无效的手机号", status=403) elif len(username) < 4: return json_response(message="用户名不能小于三位", status=403) if len(password) < 8: return json_response(message="密码最少需要八位", status=403) if phone: user = User.query.filter_by(phone=phone).first() if user: return json_response(message="该手机号已注册", status=409) user = User.query.filter_by(username=username).first() if user: return json_response(message="该用户名已注册", status=409)\ try: salt = bcrypt.gensalt() new_password = bcrypt.hashpw(password.encode(), salt) user_id = generate_uuid() user = User( id=user_id, phone=phone, username=username, password=new_password.decode(), salt=salt.decode(), nickname=username, create_time=time.time() ) user_info = UserInfo( user_id=user_id, head_url=Conf.get("DEFAULT_HEAD_IMAGE", ""), signature="这个人很懒,什么都没留下" ) db.session.add_all([user, user_info]) db.session.commit() return json_response(None, message='注册成功', status=200) except Exception as e: _ = e db.session.rollback() return json_response(None, message=f'注册失败{_}', status=500)