def test_validate_phone(self): phone = '18618193877' r = validate_phone(phone) self.assertEqual(r, errors.err_ok) phone = '186181938771' r = validate_phone(phone) self.assertEqual(r, errors.err_invalid_phone_number) phone = '1861819381' r = validate_phone(phone) self.assertEqual(r, errors.err_invalid_phone_number)
def validate_mobile(self, field): if errors.err_ok != validate_phone(field.data): raise validators.StopValidation(message=u'手机号错误') user = Account.get_by_alias(field.data) if user and not user.need_verify(): raise validators.StopValidation(message=u'手机号已被注册 试试直接登录吧')
def validate_reset_password_asker(alias): if not alias: raise AccountAliasValidationError() reg_type = get_reg_type_from_alias(alias) if reg_type == ACCOUNT_REG_TYPE.EMAIL: if validate_email(alias) != errors.err_ok: raise UnsupportedAliasError() if alias.strip().endswith(INSECURE_EMAIL_DOMAINS): raise InsecureEmailError() elif reg_type == ACCOUNT_REG_TYPE.MOBILE: if validate_phone(alias) != errors.err_ok: raise UnsupportedAliasError() else: raise UnsupportedAliasError() user = Account.get_by_alias(alias) if not user: raise AccountNotFoundError() if user.status != ACCOUNT_STATUS.NORMAL: raise AccountInactiveError() return reg_type
def feedback(): error = '' contact = None content = None if request.method == 'POST': contact = request.form.get('contact') content = request.form.get('content') referer = request.environ.get('HTTP_REFERER') if not contact: return jsonify(r=False) if not content: return jsonify(r=False) if (validate_value_len(contact, MAX_FEEDBACK_CONTACT_LEN) != errors.err_ok or validate_value_len( content, MAX_FEEDBACK_CONTENT_LEN) != errors.err_ok): error = errors.err_value_too_long if (validate_email(contact) != errors.err_ok and validate_phone(contact) != errors.err_ok): error = errors.err_invalid_default_values if not error: content = escape(content) # FIXME hidden danger of XSS here # The user's content should be store into database directly, # and displaying under the protection of Mako autoescape. content += u' [来源:%s]' % referer Feedback.add(contact, content) return jsonify(r=True) return jsonify(r=False, error=error)
def _validated(self, value): value = value.strip() result = validate_phone(value) if result == err_invalid_phone_number: raise ValidationError('该手机号无效,请修改后重试') if result != err_ok: raise ValueError(result) return value
def pre_bind(mobile, is_send_sms=True): user = Account.get_by_alias(mobile) if validate_phone(mobile) != errors.err_ok: raise BindError(u'非法的手机号') if user and user.is_normal_account(): raise BindError(u'手机号已被使用') request_bind(g.user.id, mobile, is_send_sms) return True
def register(): mobile = request.form.get('mobile') error = validate_phone(mobile) code = request.cookies.get(INVITER_KEY) if error != errors.err_ok: return redirect(url_for('.invite', inviter=code)) user = Account.get_by_alias(mobile) if user and not user.need_verify(): return redirect(url_for('.login', inviter=code)) return render_template('invite/register.html', mobile=mobile)
def validate_alias(self, field): reg_type = get_reg_type_from_alias(field.data) if not reg_type: raise validators.StopValidation(message=u'手机号或邮箱错误') if reg_type == ACCOUNT_REG_TYPE.EMAIL: if not errors.err_ok == validate_email(field.data): raise validators.StopValidation(message=u'邮箱错误') elif reg_type == ACCOUNT_REG_TYPE.MOBILE: if not errors.err_ok == validate_phone(field.data): return validators.StopValidation(message=u'手机号错误')
def validate_mobile(self, field): mobile = field.data error = validate_phone(mobile) if error != errors.err_ok: raise validators.ValidationError(u'无效的手机号码') ip_limiter.raise_for_exceeded( key=request.remote_addr, message=u'{granularity}内只能发起{amount}次注册,请稍后再试') if not Account.get_by_alias(mobile): raise validators.ValidationError(u'修改手机号后请重新获取验证码') ip_limiter.hit(request.remote_addr)
def feedback(): error = '' contact = None content = None if request.method == 'POST': contact = request.form.get('contact') content = request.form.get('content') if (validate_value_len(contact, MAX_FEEDBACK_CONTACT_LEN) != errors.err_ok or validate_value_len( content, MAX_FEEDBACK_CONTENT_LEN) != errors.err_ok): error = errors.err_value_too_long if (validate_email(contact) != errors.err_ok and validate_phone(contact) != errors.err_ok): error = errors.err_invalid_default_values if not error: Feedback.add(contact, escape(content)) return redirect('/feedback') context = dict(error=error, contact=contact, content=content) return render_template('about/feedback.html', **context)
def confirm_bind(): if not g.user: return jsonify(r=False, error=u'登录会话已过期,请重新登录') if g.user.mobile: return jsonify(r=False, error=u'您已经绑定了手机号,无需再次绑定') mobile = request.form.get('mobile') code = request.form.get('code') if validate_phone(mobile) != errors.err_ok: return jsonify(r=False, error=u'无效的手机号') try: verify_bind(g.user.id, code) confirm_mobile_bind(g.user.id, mobile) except BindError as e: return jsonify(r=False, error=e.args[0]) else: log_binding(g.user.id, request, mobile) return jsonify(r=True)
def create(cls, mobile, sms_kind, user_id=None, **sms_args): """为已注册用户发送短信""" assert isinstance(sms_kind, ShortMessageKind) if validate_phone(mobile) != errors.err_ok: raise ValueError(u'invalid mobile %s' % mobile) if sms_kind.need_verify: if not (user_id and Account.get(user_id)): raise ValueError(u'unable to verify user %s' % user_id) v = Verify.add(user_id, sms_kind.verify_type, sms_kind.verify_delta) sms_args.update(verify_code=v.code) sms = cls(uuid4().hex) # simply check formatting sms_kind.content.format(**sms_args) sms.update_props_items({ u'receiver_mobile': mobile, u'sms_kind_id': sms_kind.id_, u'sms_args': sms_args }) return sms
def get_user(username, password, *args, **kwargs): rsyslog.send(u'login request, user id:%s, pass:%s' % (username, password), tag='apiv1') if errors.err_ok not in [ validate_email(username), validate_phone(username) ]: rsyslog.send(u'login validation error, user id:%s, pass:%s' % (username, password), tag='apiv1') return account = Account.get_by_alias(username) account_id = account.id_ if account else 0 rsyslog.send(u'login account info, user id:%s, account id:%s' % (username, account_id), tag='apiv1') if not account: return if not account.is_normal_account(): return if not account.verify_password(password): return return account
def validate_phone(self, field): error = validate_phone(field.data) if error != errors.err_ok: raise ValidationError(u'无效的手机号')
def __call__(self, form, field): message = field.gettext(self.message) error = validate_phone(field.data) if error != errors.err_ok: raise wtforms.validators.ValidationError(message)
def get_reg_type_from_alias(alias): # only support mobile/email parse if validate_phone(alias) == errors.err_ok: return ACCOUNT_REG_TYPE.MOBILE elif validate_email(alias) == errors.err_ok: return ACCOUNT_REG_TYPE.EMAIL