def post(self, **kwargs):
"""密码登录
---
tags:
- 登录、注册
parameters:
- name: phone
in: body
type: string
required: true
- name: password
in: body
type: string
required: true
- name: verify_code
in: body
type: string
required: true
- name: uuid
in: body
type: string
required: true
responses:
200:
description: A list of colors (may be filtered by palette)
examples:
response: {"data": {"access_token": "xxx"}, "message": "成功"}
"""
phone = kwargs.get("phone")
password = kwargs.get("password")
verify_code = kwargs.get("verify_code")
unique_id = kwargs.get("uuid")
if not valid_phone(phone):
return json_response(message="无效的手机号", status=403)
elif len(verify_code) != 4 or not verify_code.isdigit():
return {"msg": "验证码格式错误"}
verify_code_redis = redis_0.get("verify_code:" + unique_id)
if not verify_code_redis:
return json_response(message="验证码过期,请重新获取", status=403)
else:
if verify_code != verify_code_redis.decode():
return json_response(message="验证码错误", status=403)
else:
user = User.query.filter_by(phone=phone).first()
if not user:
return json_response(message="用户不存在", status=404)
if not user.salt:
return json_response(message="您输入的密码有误,请重新输入", status=401)
password_hashed = bcrypt.hashpw(password.encode(),
user.salt.encode())
if password_hashed != user.password.encode():
return json_response(message="您输入的密码有误,请重新输入", status=401)
access_token = create_access_token(identity=user.id)
return json_response({
"access_token": access_token,
},
message="成功")
def post(self, org_id, **kwargs):
"""组织员工
---
tags:
- 组织部门雇员
parameters:
- name: org_id
in: url
type: string
required: true
description: 组织ID
- name: phone
in: body
type: string
required: true
description: 员工手机号
- name: department_id_list
in: body
type: array
required: false
description: 部门ID列表
- name: job_title
in: body
type: string
required: true
description: 员工岗位
- name: superior_id
in: body
type: string
required: true
description: 直属人ID
- name: role_id_list
in: body
type: array
required: false
description: 角色ID列表
- name: is_able
in: body
type: int
required: false
description: 是否启用,可以不传,默认为禁用
responses:
status:
description: 返回的状态码信息
examples:
response: {'data': null, 'status': {422: '手机号非法', 404: '没有找到直属人', 200: '发送短信通知加入或者通知邀请', 500: '加入失败', 409: '已存在该组织'}}
"""
phone = kwargs['phone']
department_id_list = kwargs.get('department_id_list')
job_title = kwargs['job_title']
superior_id = kwargs.get('superior_id')
role_id_list = kwargs.get('role_id_list')
is_able = kwargs.get('is_able')
current_user_obj = get_current_user()
is_phone = valid_phone(phone)
if not is_phone:
return json_response(None, message='手机号非法', status=422)
superior_obj = None
if superior_id:
superior_obj = OrgStaff.query.filter(
OrgStaff.id == superior_id, OrgStaff.org_id == org_id).first()
if not superior_obj:
return json_response(None, message='直属人未找到', status=404)
org_obj = Organization.query.get_or_404(org_id)
user_obj = User.query.filter(User.phone == phone).first()
if user_obj:
user_id = user_obj.id
org_staff_obj = OrgStaff.query.filter(
OrgStaff.org_id == org_id,
OrgStaff.user_id == user_obj.id).first()
if org_staff_obj:
return json_response(None, message='该人员已存在当前组织', status=409)
else:
temp_user_id = generate_uuid()
temp_user_obj = User(
id=temp_user_id,
phone=phone,
nickname=config['system']['USER_DISABLE_NICKNAME_PREFIX'] +
phone[-4:],
create_time=time.time(),
is_invite_status=1)
temp_user_info_obj = UserInfo(user_id=temp_user_id, )
org_req_obj = OrgRequest(sender_id=current_user_obj.id,
message='邀请您到我们的组织',
create_time=time.time(),
org_id=org_id)
db.session.add_all(
[temp_user_obj, temp_user_info_obj, org_req_obj])
user_id = temp_user_id
# try:
# 未注册的用户 发短信通知邀请
# send_sms(generate_uuid(), phone, "山泉", "SMS_152655055", {'code': f'www.xx.com/xx'})
staff_uuid = generate_uuid()
# 已注册 发短信通知,直接拉进来
org_staff_obj = OrgStaff(
id=staff_uuid,
user_id=user_id,
job_title=job_title,
is_able=is_able if is_able in [0, 1] else 0,
superior_id=superior_obj.id if superior_obj else None,
org_id=org_id)
db.session.add(org_staff_obj)
if department_id_list:
for dep in department_id_list:
org_dep_obj = OrgDepartmentStaff(org_department_id=dep,
staff_id=staff_uuid)
db.session.add(org_dep_obj)
if role_id_list:
for role in role_id_list:
staff_role_obj = OrgStaffRole(staff_id=staff_uuid,
org_role_config_id=role)
db.session.add(staff_role_obj)
message_obj = Message(
title='邀请信息',
content=f'{current_user_obj.nickname}邀请您加入组织:{org_obj.name}',
send_time=time.time(),
message_type=4, # 邀请消息
organization_id=org_obj.id,
user_id=user_obj.id)
db.session.add(message_obj)
try:
db.session.commit()
return json_response(None, message='加入成功,将以短信形式通知该员工', status=200)
except Exception as e:
_ = e
db.session.rollback()
return json_response(None, message=f'加入失败,{e}', status=500)
def post(self, **kwargs):
"""手机号 密码 注册
---
tags:
- 登录、注册
parameters:
- name: phone
in: body
type: string
required: true
description: 手机号
- name: verify_code
in: body
type: string
required: true
description: 图片验证码
- name: password
in: body
type: string
required: true
description: 密码
- name: again_password
in: body
type: string
required: true
description: 再次输入密码
- name: uuid
in: body
type: string
required: true
description: 验证码的uuid
responses:
200:
description: 成功
examples:
response: {"message": "ok"}
403:
description: 失败
examples:
response: {"message": ["无效的手机号", "验证码格式错误", "两次密码输入不一致", "密码最少需要八位", "验证码过期,请重新获取", "验证码错误"]}
409:
description: 手机号已注册
500:
description: 注册失败 代码有问题
"""
phone = kwargs['phone']
password = kwargs['password']
again_password = kwargs['again_password']
verify_code = kwargs['verify_code']
unique_id = kwargs['uuid']
password, again_password = password.replace(
" ", ""), again_password.replace(" ", "")
if not valid_phone(phone):
return json_response(message="无效的手机号", status=403)
elif len(verify_code) != 4 or not verify_code.isdigit():
return json_response(message="验证码格式错误", status=403)
if password != again_password:
return json_response(message="两次密码输入不一致", status=403)
if len(password) < 8:
return json_response(message="密码最少需要八位", status=403)
verify_code_redis = redis_0.get("verify_code:" + unique_id)
if not verify_code_redis:
return json_response(message="验证码过期,请重新获取", status=403)
else:
if verify_code != verify_code_redis.decode():
return json_response(message="验证码错误", status=403)
else:
user = User.query.filter_by(phone=phone).first()
if user:
return json_response(message="该手机号已注册", status=409)
else:
try:
salt = bcrypt.gensalt()
new_password = bcrypt.hashpw(password.encode(), salt)
user = User(phone=phone,
password=new_password.decode(),
salt=salt.decode(),
nickname=config['system']
['USER_DISABLE_NICKNAME_PREFIX'] +
phone[-4:],
create_time=time.time())
db.session.add(user)
db.session.commit()
return json_response(None, message='注册成功', status=200)
except Exception as e:
_ = e
db.session.rollback()
return json_response(None,
message=f'注册失败{_}',
status=500)
def post(self, **kwargs):
"""用户名 密码 注册
---
tags:
- 登录、注册
parameters:
- name: phone
in: body
type: string
required: false
description: 手机号
- name: username
in: body
type: string
required: true
description: 用户名
- name: password
in: body
type: string
required: true
description: 密码
"""
phone = kwargs.get('phone', None)
username = kwargs.get('username')
password = kwargs.get('password')
if phone and not valid_phone(phone):
return json_response(message="无效的手机号", status=403)
elif len(username) < 4:
return json_response(message="用户名不能小于三位", status=403)
if len(password) < 8:
return json_response(message="密码最少需要八位", status=403)
if phone:
user = User.query.filter_by(phone=phone).first()
if user:
return json_response(message="该手机号已注册", status=409)
user = User.query.filter_by(username=username).first()
if user:
return json_response(message="该用户名已注册", status=409)\
try:
salt = bcrypt.gensalt()
new_password = bcrypt.hashpw(password.encode(), salt)
user_id = generate_uuid()
user = User(
id=user_id,
phone=phone,
username=username,
password=new_password.decode(),
salt=salt.decode(),
nickname=username,
create_time=time.time()
)
user_info = UserInfo(
user_id=user_id,
head_url=Conf.get("DEFAULT_HEAD_IMAGE", ""),
signature="这个人很懒,什么都没留下"
)
db.session.add_all([user, user_info])
db.session.commit()
return json_response(None, message='注册成功', status=200)
except Exception as e:
_ = e
db.session.rollback()
return json_response(None, message=f'注册失败{_}', status=500)