示例#1
0
文件: views.py 项目: cash2one/Plog
def article_detail(post_id):
    post = Post.get_post(post_id)
    if not post or not post.post_id or post.status != 'published':
        abort(404)
    author = User(user_id=post.author_id)
    comment_form = CommentForm()
    return render_template('article.html',
                           post=post,
                           author=author,
                           comment_form=comment_form)
示例#2
0
文件: __init__.py 项目: cash2one/Plog
def verify_password(username, password):
    authorization = request.headers.get('Authorization', '').split(' ')
    bearer = authorization[1] if len(authorization) > 1 else ''
    if bearer:
        g.current_user = User.verify_access_token(bearer)
        g.token_used = True
        return g.current_user is not None
    if username == '':
        g.current_user = AnonymousUser()
        return True
    user = User(username=username)
    if not user or not user.user_id:
        return False
    g.current_user = user
    g.token_used = False
    return user.verify_password(password)
示例#3
0
文件: token.py 项目: cash2one/Plog
def grant_token():
    username = request.form.get('username') or request.args.get('username')
    password = request.form.get('password') or request.args.get('password')
    if not username or not password:
        # parameters are invalid
        return value_error(u"无效的用户名或密码")
    try:
        user = User(name=username)
        if user and user.verify_password(password):
            # ajax response
            # 生成 token
            tokens = user.generate_access_token()
            tokens.update(success=1, message=u'登录成功')
            response = jsonify(tokens)
            response.status_code = 200
            return response
        else:
            return value_error(u"用户名或密码错误")
    except:
        return action_failed(u'查找用户失败')
示例#4
0
def find_pass():
    """ 找回密码页面 """
    form = FindPassForm()
    email = None
    if form.validate_on_submit():
        email = form.email.data
        form.email.data = ''
        user = User(email=email)
        if user and user.user_id:
            token = user.generate_reset_token(expiration=600)
            send_mail(email,
                      Setting.get_setting('blog_name', 'Plog') + u'找回您的密码',
                      'auth/emails/find_pass',
                      username=user.nickname or user.name,
                      blogname=Setting.get_setting('blog_name', 'Plog'),
                      token=token)
            message = u"我们已经发送一封密码重置邮件至您提供的邮箱, 请登录你的邮箱点击密码重置链接设置你的账户新密码"
        else:
            message = u"您提供的邮箱不存在, 请重新提交"
        return render_template('utils/pure.html',
                               message=message,
                               title=u"找回密码")  # TODO post redirect
    return render_template('auth/find_pass.html', form=form)