def decorator(*args, **kwargs):
length = {
'username': lambda value: 4 <= len(value) <= 20,
'password': lambda value: 4 <= len(value) <= 20,
}
babel = {
'username': _("Username"),
'password': _("Password"),
'email': _("Email"),
'captcha': _("Captcha")
}
keys.append('captcha')
post_data = request.json
for key in keys:
if not post_data.get(key):
msg = _('The %(key)s is required', key=babel[key])
return HTTP.BAD_REQUEST(message=msg)
if not length.get(key, lambda value: True)(post_data[key]):
msg = _(
"The %(key)s's length must be between 4 to 20 characters",
key=babel[key])
return HTTP.BAD_REQUEST(message=msg)
captcha = post_data['captcha']
if captcha.lower() != session.pop('captcha', '00000').lower():
msg = _('The captcha is error')
return HTTP.BAD_REQUEST(message=msg)
return func(*args, **kwargs)
def post(self):
request_data = request.data
password = request_data.pop('password', '')
content = request_data.pop('content', '')
if not password or not content:
return HTTP.BAD_REQUEST(message="params required.")
ec = Encrypt(password, current_app.config['SECRET_KEY_SALT'])
try:
return HTTP.OK(data=ec.decrypt(content))
except InvalidToken:
return HTTP.BAD_REQUEST(message="password is not correct")
def abort(self, key, value, message):
if self._abort is not None:
if callable(self._abort):
return self._abort(key, value, message)
return self._abort
if not message:
message = "{0} params error".format(key)
return flask_abort(HTTP.BAD_REQUEST(message=message))
def decorator(*args, **kwargs):
if req is not None:
request_data = req
else:
request_data = request.data
for key in keys:
if not request_data.get(key):
return HTTP.BAD_REQUEST(message='{0} required'.format(key))
return func(*args, **kwargs)
def post(self):
data = request.data
username = data['username']
password = data['password']
remember = data.pop('remember', True)
user = User.query.filter_by(username=username).first()
if not user or not user.check_password(password):
return HTTP.BAD_REQUEST(message=_('Username or Password Error'))
user.login(remember)
return HTTP.OK(data={"username": user.username, "token": user.token})
def post(self):
post_data = request.json
username = post_data['username']
password = post_data['password']
email = post_data['email']
if User.query.filter_by(email=email).exists():
msg = _('The email has been registered')
return HTTP.BAD_REQUEST(message=msg)
if User.query.filter_by(username=username).exists():
msg = _('The username has been registered')
return HTTP.BAD_REQUEST(message=msg)
user = User(username=username, email=email)
user.set_password(password)
user.save()
user.login(True)
self.send_email(user)
flash(_('An email has been sent to your.Please receive'))
serializer = user.serializer() if hasattr(
user, 'serializer') else Serializer(user, depth=1)
return HTTP.OK(data=serializer.data)
def delete(self, bucket):
data = request.data
user = request.user
bucket = user.buckets.filter_by(
name=bucket).get_or_404("bucket not found")
path = data["path"]
filepath = bucket.get_root_path(path)
if not filepath:
msg = "{0} path not found"
return HTTP.BAD_REQUEST(message=msg)
filepath.delete()
return HTTP.OK()
def put(self, bucket):
data = request.data
user = request.user
bucket = user.buckets.filter_by(
name=bucket).get_or_404("bucket not found")
path = data["path"]
filepath = bucket.get_root_path(path)
if not filepath or filepath.is_root_path:
msg = "{0} path not found"
return HTTP.BAD_REQUEST(message=msg)
action = data.get("action", "rename")
if action not in ["rename", "move", "copy"]:
return HTTP.BAD_REQUEST()
if action == "rename":
newname = data.get("newname")
if not newname or newname == filepath.name:
return HTTP.OK(message="filepath not change")
serializer = FilePathSerializer(filepath.rename(newname))
return HTTP.OK(data=serializer.data)
newpath = data.get("newpath")
if not newpath:
return HTTP.BAD_REQUEST(message="newpath is required")
newfilepath = bucket.get_root_path(newpath)
if not newfilepath:
msg = "{0} path not found"
return HTTP.BAD_REQUEST(message=msg)
if action == "move":
nfilepath = filepath.move(newfilepath)
else:
nfilepath = filepath.copy(newfilepath)
serializer = FilePathSerializer(nfilepath)
return HTTP.OK(data=serializer.data)
def post(self):
post_data = request.json
username = post_data['username']
password = post_data['password']
remember = post_data.pop('remember', True)
user = User.query.filter_by(username=username).first()
if not user or not user.check_password(password):
msg = _('Username or Password Error')
return HTTP.BAD_REQUEST(message=msg)
user.login(remember)
serializer = user.serializer() if hasattr(
user, 'serializer') else Serializer(user, depth=1)
return HTTP.OK(data=serializer.data)
def post(self):
data = request.data
name = data.get('name')
description = data.get('description')
if Bucket.query.filter_by(name=name).exists():
return HTTP.BAD_REQUEST(message="bucket is exists")
bucket = Bucket(name=name)
if description:
bucket.description = description
bucket.save()
rep = BucketSerializer(bucket).data
return HTTP.OK(data=rep)
def post(self):
post_data = request.json
email = post_data['email']
user = User.query.filter_by(email=email).first()
if not user:
msg = _('The email is error')
return HTTP.BAD_REQUEST(message=msg)
password = ''.join(sample(ascii_letters + digits, 8))
user.set_password(password)
user.save()
self.send_email(user, password)
flash(
_('An email has been sent to you.'
'Please receive and update your password in time'))
return HTTP.OK()
def post(self):
'''
新建相册
'''
post_data = request.data
user = request.user
name = post_data.pop('name', None)
description = post_data.pop('description', None)
if name is None:
return HTTP.BAD_REQUEST(message='相册名称不能为空')
album = Album(name=name, user=user)
if description is not None:
album.description = description
album.save()
serializer = AlbumSerializer(album)
return HTTP.OK(data=serializer.data)
def return_errors(form):
for field, errors in form.errors.items():
data = (u"%s %s" % (getattr(form, field).label.text, errors[0]))
break
return HTTP.BAD_REQUEST(message="form validate fail.", data=data)
def post(self):
if current_user.is_confirmed:
return HTTP.BAD_REQUEST(message=_("user has been confirmed."))
self.send_email(current_user)
return HTTP.OK(
message=_('An email has been sent to your.Please receive'))
def post(self):
'''
上传图片
'''
user = request.user
post_data = request.data
album = post_data.pop('album', None)
# 相册
if album is not None:
album = Album.query.filter_by(id=album, user=user).first()
if not album:
default_album = Album.query.filter_by(
name='default', user=user).first()
if not default_album:
default_album = Album(name='default', user=user)
default_album.save()
album = default_album
images = request.files.getlist('images')
t = datetime.now()
# 将会保存到数据库中的路径
path = os.path.join(current_app.config['UPLOAD_FOLDER_PATH'],
user.username, 'photo', t.strftime('%Y'),
t.strftime('%m'))
# 将会保存到磁盘中的路径
base_path = os.path.join(current_app.config['UPLOAD_FOLDER_ROOT'],
path)
if not os.path.exists(base_path):
os.makedirs(base_path)
success_images = []
fail_images = []
for image in images:
if not file_is_allowed(image.filename):
msg = '{name} 不允许的扩展'.format(name=image.filename)
return HTTP.BAD_REQUEST(message=msg)
name = '{name}.png'.format(
name=str(int(time() * 1000)) + str(randint(10, 99)))
# 计算sha-512值,避免重复保存
hash = gen_hash(image)
if Image.query.filter_by(hash=hash, user=user).exists():
success_images.append(image.filename)
continue
# 保存到磁盘中
img_path = os.path.join(base_path, name)
# http://stackoverflow.com/questions/42569942/calculate-md5-from-werkzeug-datastructures-filestorage-but-saving-the-object-as
image.seek(0)
image.save(img_path)
# 保存到数据库中
img = Image(
name=name, path=path, hash=hash, user=user, album=album)
img.url = os.path.join(path, name)
img.save()
serializer = ImageSerializer(img)
success_images.append(serializer.data)
# 缩略图路径
thumb_path = os.path.join(current_app.config['UPLOAD_FOLDER_ROOT'],
img_path.replace('photo', 'thumb'))
# 展示图路径
show_path = os.path.join(current_app.config['UPLOAD_FOLDER_ROOT'],
img_path.replace('photo', 'show'))
t = Thread(
target=self.gen_thumb_image, args=(img_path, thumb_path, 300))
t.setDaemon(True)
t.start()
t = Thread(
target=self.gen_thumb_image, args=(img_path, show_path, 810))
t.setDaemon(True)
t.start()
return HTTP.OK(data={'success': success_images, 'fail': fail_images})