def get(self, *args, **kwargs): id = self.get_argument('id', None) menu_list = AdminMenu.children(status=1) user = User.Q.filter(User.id == id).first() user.mobile = user.mobile if user.mobile else '' user.email = user.email if user.email else '' data_info = user.as_dict() # SysLogger.debug(data_info) try: data_info['permission'] = json.loads(user.permission) except Exception as e: data_info['permission'] = [] params = { 'user': user, 'role_option': Role.option_html(user.role_id), 'menu_list': menu_list, 'data_info': data_info, 'public_key': sys_config('sys_login_rsa_pub_key'), 'rsa_encrypt': sys_config('login_pwd_rsa_encrypt'), } self.render('user/edit.html', **params)
def get(self, *args, **kwargs): role_id = settings.DEFAULT_ROLE_ID menu_list = AdminMenu.children(status=1) params = { 'status': 1, 'role_id': role_id, 'username': '', 'mobile': '', 'email': '', } user = User(**params) data_info = user.as_dict() try: data_info['permission'] = json.loads(user.permission) except Exception as e: data_info['permission'] = [] params = { 'user': user, 'role_option': Role.option_html(role_id), 'menu_list': menu_list, 'data_info': data_info, 'public_key': sys_config('sys_login_rsa_pub_key'), 'rsa_encrypt': sys_config('login_pwd_rsa_encrypt'), } self.render('user/add.html', **params)
def get(self, *args, **kwargs): next = self.get_argument('next', '') params = { 'public_key': sys_config('sys_login_rsa_pub_key'), 'rsa_encrypt': sys_config('login_pwd_rsa_encrypt'), 'next': next, 'message': '', } self.render('passport/login.html', **params)
def get(self, *args, **kwargs): uuid = self.current_user.get('uuid', None) user = Member.Q.filter(Member.uuid == uuid).first() data_info = user.as_dict() params = { 'user': user, 'data_info': data_info, 'public_key': sys_config('sys_login_rsa_pub_key'), 'rsa_encrypt': sys_config('login_pwd_rsa_encrypt'), } self.render('member/info.html', **params)
def get(self, *args, **kwargs): next = self.get_argument('next', '') if self.current_user: next = next if next else '/member/index' self.redirect(next) params = { 'public_key': sys_config('sys_login_rsa_pub_key'), 'rsa_encrypt': sys_config('login_pwd_rsa_encrypt'), 'next': next, 'message': '', } # self.show(self.get_template_path()) self.render('passport/login.html', **params)
def get(self, *args, **kwargs): menu_list = AdminMenu.children(status=1) member = Member(status=1, deleted=0) data_info = member.as_dict() params = { 'member': member, 'menu_list': menu_list, 'data_info': data_info, 'public_key': sys_config('sys_login_rsa_pub_key'), 'rsa_encrypt': sys_config('login_pwd_rsa_encrypt'), } self.render('member/add.html', **params)
def post(self, *args, **kwargs): next = self.get_argument('next', '') account = self.get_argument('account', None) password = self.get_argument('password', '') rsa_encrypt = self.get_argument('rsa_encrypt', 0) if settings.login_pwd_rsa_encrypt and int( rsa_encrypt) == 1 and len(password) > 10: private_key = sys_config('sys_login_rsa_priv_key') password = RSAEncrypter.decrypt(password, private_key) if not account: return self.error('账号不能够为空') if Func.is_mobile(account): member = Member.Q.filter(Member.mobile == account).first() elif Func.is_email(account): member = Member.Q.filter(Member.email == account).first() else: member = Member.Q.filter(Member.username == account).first() if member is None: return self.error('用户名或者密码错误') if int(member.status) == 0: return self.error('用户被“禁用”,请联系客服') if check_password(password, member.password) is not True: return self.error('用户名或者密码错误') Member.login_success(member, self) self.clear_cookie(valid_code_key) return self.success(next=next)
def get(self, *args, **kwargs): """Home首页 """ user_id = self.current_user.get('id') member = Member.Q.filter(Member.id == user_id).first() data_info = member.as_dict() params = { 'member': member, 'data_info': data_info, 'public_key': sys_config('sys_login_rsa_pub_key'), 'rsa_encrypt': sys_config('login_pwd_rsa_encrypt'), 'active': { 'set': 'layui-this' }, } self.render('member/set.html', **params)
def get(self, *args, **kwargs): uuid = self.get_argument('uuid', None) menu_list = AdminMenu.children(status=1) member = Member.Q.filter(Member.uuid == uuid).first() data_info = member.as_dict() params = { 'member': member, 'menu_list': menu_list, 'data_info': data_info, 'public_key': sys_config('sys_login_rsa_pub_key'), 'rsa_encrypt': sys_config('login_pwd_rsa_encrypt'), } self.render('member/edit.html', **params)
def post(self, *args, **kwargs): username = self.get_argument('username') next = self.get_argument('next', '') password = self.get_argument('password', '') rsa_encrypt = self.get_argument('rsa_encrypt', 0) code = self.get_argument('code', '') _ = self.locale.translate if self.invalid_img_captcha(code): return self.error(_('验证码错误')) if settings.login_pwd_rsa_encrypt and int( rsa_encrypt) == 1 and len(password) > 10: private_key = sys_config('sys_login_rsa_priv_key') password = RSAEncrypter.decrypt(password, private_key) user = User.Q.filter(User.username == username).first() if user is None: return self.error('用户名或者密码错误') if check_password(password, user.password) is not True: return self.error('用户名或者密码错误') if int(user.status) == 0: return self.error('用户被“禁用”,请联系客服') User.login_success(user, self) self.clear_cookie(settings.valid_code_key) return self.success(next=next)
def email_reset_pwd(self, email): """使用Email充值密码发送邮件功能 """ if not Func.is_email(email): return self.error('Email格式不正确') token = self.get_secure_cookie(settings.token_key) if token: return self.error('邮件已发送,30分钟后重试') member = Member.Q.filter(Member.email == email).first() if member is None: return self.error('账户没有注册') if member.status == 0: return self.error('账户被禁用') self.success() subject = '[%s]找回密码' % sys_config('site_name') token = Func.uuid32() action_url = sys_config( 'site_url') + '/passport/forget.html?token=' + token localnow = Func.local_now() + datetime.timedelta(minutes=30) params = { 'username': member.username, 'expires': str(localnow), 'action_url': action_url, 'action_tips': '立即重置密码', } tmpl = 'common/email_content.html' content = self.render_string(tmpl, **params) # print('content', content) Func.sendmail({ 'to_addr': email, 'subject': subject, 'content': content }) save = { 'token': token, 'account': email, 'username': member.username, 'action': 'email_reset_pwd', } expires = time.mktime(localnow.timetuple()) self.set_secure_cookie(settings.token_key, str(save), expires=expires) return
def activate_email(self, email): """激活邮箱发送邮件功能 """ if not Func.is_email(email): return self.error('Email格式不正确') user_id = self.current_user.get('id') member = Member.Q.filter(Member.id == user_id).first() if member.email_activated: return self.error('已经激活了,请不要重复操作') token = self.get_secure_cookie(settings.token_key) if token: return self.error('邮件已发送,10分钟后重试') self.success() subject = '[%s]激活邮件' % sys_config('site_name') token = Func.uuid32() action_url = sys_config( 'site_url') + '/member/activate.html?token=' + token localnow = Func.local_now() + datetime.timedelta(minutes=10) params = { 'username': member.username, 'expires': str(localnow), 'action_url': action_url, 'action_tips': '立即激活邮箱', } tmpl = 'common/email_content.html' content = self.render_string(tmpl, **params) # print('content', content) Func.sendmail({ 'to_addr': email, 'subject': subject, 'content': content }) save = { 'token': token, 'account': email, 'username': member.username, 'action': 'email_reset_pwd', } expires = time.mktime(localnow.timetuple()) self.set_secure_cookie(settings.token_key, str(save), expires=expires) return
def post(self, *args, **kwargs): next = self.get_argument('next', '') email = self.get_argument('email', None) mobile = self.get_argument('mobile', None) username = self.get_argument('username', None) sex = self.get_argument('sex', None) password = self.get_argument('password', None) repass = self.get_argument('repass', '') rsa_encrypt = self.get_argument('rsa_encrypt', 0) ref_user_id = self.get_argument('ref_user_id', '') if settings.login_pwd_rsa_encrypt and int( rsa_encrypt) == 1 and len(password) > 10: private_key = sys_config('sys_login_rsa_priv_key') password = RSAEncrypter.decrypt(password, private_key) repass = RSAEncrypter.decrypt(repass, private_key) if not username: return self.error('用户名不能为空') if not password: return self.error('密码不能为空') if repass != password: msg = '两次输入的密码不一致,请重新输入' msg = "%s, %s" % (password, repass) return self.error(msg) count = Member.Q.filter(Member.username == username).count() if count > 0: return self.error('用户名已被占用') client = 'web' params = { 'username': username, 'password': make_password(password), 'status': 1, 'avatar': 'image/default_avatar.jpg', 'register_ip': self.request.remote_ip, 'register_client': client, } if email: params['email'] = email count = Member.Q.filter(Member.email == email).count() if count > 0: return self.error('Email已被占用') if mobile: params['mobile'] = mobile count = Member.Q.filter(User.mobile == mobile).count() if count > 0: return self.error('电话号码已被占用') if sex: params['sex'] = sex if ref_user_id: params['ref_user_id'] = ref_user_id member = Member.register(params) Member.login_success(member, self, client=client) return self.success(next=next)
def post(self, *args, **kwargs): id = self.get_argument('id', None) params = self.params() params['status'] = params.get('status', 0) if not id: return self.error('用户ID不能为空') username = params.get('username', None) if username: count = Member.Q.filter(Member.id != id).filter( Member.username == username).count() if count > 0: return self.error('用户名已被占用') mobile = params.get('mobile', None) params.pop('mobile', None) if mobile: params['mobile'] = mobile if Func.is_mobile(mobile): count = Member.Q.filter(Member.id != id).filter( Member.mobile == mobile).count() if count > 0: return self.error('电话号码已被占用') email = params.get('email', None) params.pop('email', None) if email: params['email'] = email if Func.is_email(email): count = Member.Q.filter(Member.id != id).filter( Member.email == email).count() if count > 0: return self.error('Email已被占用') password = params.get('password', None) params.pop('password', None) if password: rsa_encrypt = params.get('rsa_encrypt', 0) if settings.login_pwd_rsa_encrypt and int( rsa_encrypt) == 1 and len(password) > 10: private_key = sys_config('sys_login_rsa_priv_key') # print('password: '******'password'] = make_password(password) params.pop('_xsrf', None) params.pop('rsa_encrypt', None) Member.Q.filter(Member.id == id).update(params) Member.session.commit() # update member cache info member = Member.Q.filter(Member.id == id).first() cache_key = member.cache_info(self) return self.success(data=params)
def post(self, *args, **kwargs): role_id = self.get_argument('role_id', None) uuid = self.get_argument('uuid', None) username = self.get_argument('username', None) password = self.get_argument('password', None) rsa_encrypt = self.get_argument('rsa_encrypt', 0) email = self.get_argument('email', None) mobile = self.get_argument('mobile', None) status = self.get_argument('status', 0) permission = self.get_body_arguments('permission[]') email = None if email == 'None' else email mobile = None if mobile == 'None' else mobile if not uuid: return self.error('用户ID不能为空') user = { 'status': status, } if username: user['username'] = username count = User.Q.filter(User.uuid != uuid).filter( User.username == username).count() if count > 0: return self.error('用户名已被占用') if password: if settings.login_pwd_rsa_encrypt and int( rsa_encrypt) == 1 and len(password) > 10: private_key = sys_config('sys_login_rsa_priv_key') password = RSAEncrypter.decrypt(password, private_key) user['password'] = make_password(password) if mobile: user['mobile'] = mobile count = User.Q.filter(User.uuid != uuid).filter( User.mobile == mobile).count() if count > 0: return self.error('电话号码已被占用') if email: user['email'] = email count = User.Q.filter(User.uuid != uuid).filter( User.email == email).count() if count > 0: return self.error('Email已被占用') if permission: user['permission'] = json.dumps(permission) if role_id: user['role_id'] = role_id User.Q.filter(User.uuid == uuid).update(user) User.session.commit() return self.success(data=user)
def get(self, *args, **kwargs): role_id = '6b0642103a1749949a07f4139574ead9' menu_list = AdminMenu.children(status=1) user = User(status=1, role_id=role_id) data_info = user.as_dict() try: data_info['permission'] = json.loads(user.permission) except Exception as e: data_info['permission'] = [] params = { 'user': user, 'role_option': Role.option_html(role_id), 'menu_list': menu_list, 'data_info': data_info, 'public_key': sys_config('sys_login_rsa_pub_key'), 'rsa_encrypt': sys_config('login_pwd_rsa_encrypt'), } self.render('user/add.html', **params)
def get(self, *args, **kwargs): token = self.get_argument('token', None) token2 = self.get_secure_cookie(settings.token_key) params = { 'public_key': sys_config('sys_login_rsa_pub_key'), 'rsa_encrypt': sys_config('login_pwd_rsa_encrypt'), 'token': token, 'reset_pwd': '1', } # print("token2: ", token2) if token and token2: token2 = str(token2, encoding='utf-8') token2 = token2.replace('\'', '"') token2 = json_decode(token2) action = token2.get('action', '') account = token2.get('account', '') if token2.get('token', '') == token: params['reset_pwd'] = '2' params['username'] = token2.get('username', '') self.render('passport/forget.html', **params)
def post(self, *args, **kwargs): role_id = self.get_argument('role_id', None) username = self.get_argument('username', None) password = self.get_argument('password', None) rsa_encrypt = self.get_argument('rsa_encrypt', None) email = self.get_argument('email', None) mobile = self.get_argument('mobile', None) status = self.get_argument('status', 1) permission = self.get_body_arguments('permission') role_id = int(role_id) if not username: return self.error('用户名不能为空') if not password: return self.error('密码不能为空') if username: count = User.Q.filter(User.username == username).count() if count > 0: return self.error('用户名已被占用') if settings.login_pwd_rsa_encrypt and int( rsa_encrypt) == 1 and len(password) > 10: private_key = sys_config('sys_login_rsa_priv_key') password = RSAEncrypter.decrypt(password, private_key) params = { 'username': username, 'password': make_password(password), 'status': status, } if role_id: params['role_id'] = role_id if mobile: params['mobile'] = mobile count = User.Q.filter(User.mobile == mobile).count() if count > 0: return self.error('电话号码已被占用') if email: params['email'] = email count = User.Q.filter(User.email == email).count() if count > 0: return self.error('Email已被占用') user = User(**params) User.session.add(user) User.session.commit() return self.success()
def get(self, *args, **kwargs): next = self.get_argument('next', '') referrer = self.get_argument('referrer', '') # print(aes_encrypt('de001cb8f0404944994e14f20bf76a02', prefix='')) params = { 'public_key': sys_config('sys_login_rsa_pub_key'), 'rsa_encrypt': sys_config('login_pwd_rsa_encrypt'), 'next': next, 'referrer_name': '', 'ref_user_id': '', } if referrer: ref_info = {} try: ref_user_id = aes_decrypt(referrer, prefix='') ref_info = Member.get_info(ref_user_id, 'username') params['referrer_name'] = ref_info.get('username', '') params['ref_user_id'] = ref_user_id except Exception as e: pass # self.show('home/login') self.render('passport/register.html', **params)
def post(self, *args, **kwargs): """重置密码 """ user_id = self.current_user.get('id') next = self.get_argument('next', '') nowpass = self.get_argument('nowpass', None) password = self.get_argument('password', None) repass = self.get_argument('repass', '') rsa_encrypt = self.get_argument('rsa_encrypt', 0) if settings.login_pwd_rsa_encrypt and int( rsa_encrypt) == 1 and len(password) > 10: private_key = sys_config('sys_login_rsa_priv_key') nowpass = RSAEncrypter.decrypt(nowpass, private_key) password = RSAEncrypter.decrypt(password, private_key) repass = RSAEncrypter.decrypt(repass, private_key) if not nowpass: return self.error('当前密码不能够为空') if not password: return self.error('新密码不能为空') if repass != password: msg = '两次输入的密码不一致,请重新输入' msg = "%s, %s" % (password, repass) return self.error(msg) member = Member.Q.filter(Member.id == user_id).first() if int(member.status) == 0: return self.error('用户被“禁用”,请联系客服') if check_password(nowpass, member.password) is not True: return self.error('当前密码错误') params = { 'password': make_password(password), 'status': 1, } Member.Q.filter(Member.id == user_id).update(params) Member.session.commit() return self.success(next=next)
def post(self, *args, **kwargs): params = self.params() params['status'] = params.get('status', 0) if not params.get('username', None): return self.error('用户名不能为空') if not params.get('password', None): return self.error('密码不能为空') count = Member.Q.filter(Member.username == params['username']).count() if count > 0: return self.error('用户名已被占用') if Func.is_mobile(params.get('mobile', '')): count = Member.Q.filter(Member.mobile == params['mobile']).count() if count > 0: return self.error('电话号码已被占用', data=params) if Func.is_email(params.get('email', '')): count = Member.Q.filter(Member.email == params['email']).count() if count > 0: return self.error('Email已被占用') password = params.get('password') rsa_encrypt = params.get('rsa_encrypt', 0) if settings.login_pwd_rsa_encrypt and int( rsa_encrypt) == 1 and len(password) > 10: private_key = sys_config('sys_login_rsa_priv_key') password = RSAEncrypter.decrypt(password, private_key) params['password'] = make_password(password) params.pop('_xsrf', None) params.pop('rsa_encrypt', None) params['uuid'] = Func.uuid32() member = Member(**params) Member.session.add(member) Member.session.commit() return self.success(data=member.as_dict())
def post(self, *args, **kwargs): username = self.get_argument('username', None) password = self.get_argument('password', None) rsa_encrypt = self.get_argument('rsa_encrypt', 0) email = self.get_argument('email', None) mobile = self.get_argument('mobile', None) uuid = self.current_user.get('uuid', None) user = {} if username: user['username'] = username count = Member.Q.filter(Member.uuid != uuid).filter( Member.username == username).count() if count > 0: return self.error('用户名已被占用') if password: if settings.login_pwd_rsa_encrypt and int( rsa_encrypt) == 1 and len(password) > 10: private_key = sys_config('sys_login_rsa_priv_key') password = RSAEncrypter.decrypt(password, private_key) user['password'] = make_password(password) if mobile: user['mobile'] = mobile count = Member.Q.filter(Member.uuid != uuid).filter( Member.mobile == mobile).count() if count > 0: return self.error('电话号码已被占用') if email: user['email'] = email count = Member.Q.filter(Member.uuid != uuid).filter( Member.email == email).count() if count > 0: return self.error('Email已被占用') Member.Q.filter(Member.uuid == uuid).update(user) Member.session.commit() return self.success(data=user)
def post(self, *args, **kwargs): """重置密码 """ token = self.get_argument('token', None) next = self.get_argument('next', '') password = self.get_argument('password', None) repass = self.get_argument('repass', '') rsa_encrypt = self.get_argument('rsa_encrypt', 0) code = self.get_argument('code', '') _ = self.locale.translate if self.invalid_img_captcha(code): return self.error(_('验证码错误')) token2 = self.get_secure_cookie(settings.token_key) if not (token and token2): return self.error('Token不存在或已经过期') token2 = str(token2, encoding='utf-8') token2 = token2.replace('\'', '"') token2 = json_decode(token2) action = token2.get('action', '') account = token2.get('account', '') # print('token2 ', token2.get('token', ''), token) if token2.get('token', '') != token: return self.error('Token不匹配') if not password: return self.error('新密码不能为空') if settings.login_pwd_rsa_encrypt and int( rsa_encrypt) == 1 and len(password) > 10: private_key = sys_config('sys_login_rsa_priv_key') password = RSAEncrypter.decrypt(password, private_key) repass = RSAEncrypter.decrypt(repass, private_key) if repass != password: msg = '两次输入的密码不一致,请重新输入' msg = "%s, %s" % (password, repass) return self.error(msg) member = None if action == 'email_reset_pwd': member = Member.Q.filter(Member.email == account).first() else: return self.error('不支持的action') if member is None: return self.error('用户不存在') if int(member.status) == 0: return self.error('用户被“禁用”,请联系客服') user_id = member.id params = { 'password': make_password(password), } Member.Q.filter(Member.id == user_id).update(params) Member.session.commit() params = { 'user_id': user_id, 'account': account, 'action': 'email_reset_pwd', 'ip': self.request.remote_ip, 'client': 'web', } MemberOperationLog.add_log(params) self.clear_cookie(settings.token_key) return self.success(next=next)