def post(self): username = self.validated_arguments['username'] verify_code = self.validated_arguments['verify_code'] new_password = self.validated_arguments['new_password'] if is_mobile(username): if not self.verify_mobile(username, verify_code): raise ApiException(400, "验证码错误,请重新输入") user = User.get_or_none(mobile=username) if not user: raise ApiException(400, "手机号还没有注册") User.update(password=User.create_password(new_password)).where( User.id == user.id).execute() elif username.find("@") > 0: user = User.get_or_none(email=username) if not user: raise ApiException(400, "邮箱还没有注册") User.update(password=User.create_password(new_password)).where( User.id == user.id).execute() else: raise ApiException(400, "用户名格式有误,请填写手机号或电子邮箱") self.write_success()
def post(self): username = self.validated_arguments['username'].lower() password = self.validated_arguments['password'] if len(username) == 0 or len(password) == 0: raise ApiException(400, "用户名和密码不能为空") fail_times_key = "yiyun:user:%s:login_fail_times" % username if intval(self.redis.get(fail_times_key)) >= 5: raise ApiException(403, "密码错误次数太多,请休息10分钟再试") if is_mobile(username): user = User.get_or_none(mobile=username) elif username.find('@') > 0: user = User.get_or_none(email=username) else: raise ApiException(400, "用户名格式不正确,请填写手机号或电子邮箱") if not password or not user \ or not User.check_password(user.password, password): fail_times = intval(self.redis.incr(fail_times_key)) if fail_times == 1: self.redis.expire(fail_times_key, 600) raise ApiException(403, "密码有误,如果没有设置密码请使用手机号找回密码") # 重试次数归零 self.redis.delete(fail_times_key) if not user.is_active(): raise ApiException(403, "你的账户不可用,无法登录") update = {"last_login": datetime.now()} if self.device_id > 0: update["last_device_id"] = self.device_id User.update(**update).where(User.id == user.id).execute() if user and self.device_id: Device.update(owner_id=user.id).where( Device.id == self.device_id).execute() self.write(self.create_session(user))
def __init__(self, *args, **kwargs): super(CreateActivityFrom, self).__init__(*args, **kwargs) obj = kwargs.get("obj", None) team = kwargs.get("team", None) if not isinstance(team, Team): raise AssertionError("must a team") if obj and obj.province: province = obj.province else: province = self.province.choices[0][0] if province: self.city.choices = ChinaCity.get_cities(province) leaders = team.get_members(role="leader") leaders.insert(0, User.get_or_none(id=team.owner_id)) if leaders: self.leader.choices = [(str(user.id), user.name or user.mobile) for user in leaders] groups = team.groups if groups: self.allow_groups.choices = [(str(group.id), group.name) for group in groups]
def validate_email_existed(form): user = User.get_or_none(email=form.new_email.data) if user: form.new_email.errors.append('邮箱已存在') return False else: return True
def post(self): form = LoginVerifyCodeForm(self.arguments) fail = False if form.validate() and self.validate_verify_code(form): user = User.get_or_none(mobile=self.get_argument("mobile")) if user: remember_me = self.get_argument("remember", "off") if remember_me == "on": expires_days = 30 else: expires_days = None self.login(user, expires_days) team = Team.get_or_none(owner_id=user.id) if team is None: self.redirect(self.reverse_url("club_create")) return if team.state == 0: self.redirect(self.reverse_url("club_wait_approve")) return if self.next_url: self.redirect(self.next_url) else: self.redirect(self.reverse_url("club_home")) return fail = True self.render("login-by-sms.html", form=form, fail=fail)
def post(self): email = self.validated_arguments['email'] if email.find("@") <= 0: raise ApiException(400, "电子邮箱格式有误") user = User.get_or_none(email=email) if not user: raise ApiException(404, "你还没有注册或用户名有误") verify_code = self.redis.get("yiyun:email:verify_code:%s" % email) if not verify_code: verify_code = random.randint(1000, 9999) # 验证码两小时内有效 self.redis.set("yiyun:email:verify_code:%s" % email, verify_code) self.redis.expire("yiyun:email:verify_code:%s" % email, 3600 * 24) # 发送验证邮件 tasks.user.send_forgot_email.delay(user.name or email, email, verify_code) self.write_success()
def post(self): mobile = self.validated_arguments['mobile'] verify_code = self.validated_arguments['verify_code'] if not self.verify_mobile(mobile, verify_code): raise ApiException(400, "验证码错误,请重新输入") user = User.get_or_none(mobile=mobile) if not user: with self.db.transaction() as txn: user = User.create( mobile=mobile, mobile_verifyed=True, reg_device_id=self.device_id, last_device_id=self.device_id, last_login=datetime.now(), ) else: update = {"last_login": datetime.now()} if self.device_id > 0: update["last_device_id"] = self.device_id User.update(**update).where(User.id == user.id).execute() if user and self.device_id: User.update_device(user.id, self.device_id) self.write(self.create_session(user))
def have_user(cls, name: str) -> User: """ 检查用户是否存在,如果存在返回用户实例,否则返回None Args: name: email or mobile """ if is_mobile(name): data = {"mobile": name} elif is_email(name): data = {"email": name} else: return None return User.get_or_none(**data)
def get_current_user(self): user = self.get_secure_cookie("club_session") if not user: return None try: userinfo = json.loads(user.decode("utf-8")) if userinfo and userinfo.get("id", None): user = User.get_or_none(id=userinfo['id']) if user is not None: return user except: return None
def owner(self): return User.get_or_none(id=self.owner_id)