def require_reset_password():
"""
请求重设密码
参数:
{
"identifier":"用户识别符"
}
返回:
{
"code":0,//非0表示调用成功
"message":"qwq"//code非0的时候表示错误信息
}
"""
if config.USE_PHONE_WHEN_REGISTER_AND_RESETPASSWD:
return make_response(-1, message="当前不使用邮箱验证密码")
import uuid
if db.session.query(User).filter(
User.email == request.form["identifier"]).count() > 1:
return make_response(-1, message="此邮箱对应多个用户,请使用用户名进行操作")
query = db.session.query(User).filter(
or_(User.email == request.form["identifier"],
User.username == request.form["identifier"]))
if query.count() == 0:
return make_response(-1, message="用户名或邮箱错误")
user: User = query.one()
from common.aes import encrypt
from common.datatypes import PasswordResetToken, load_from_json
from config import AUTH_PASSWORD, AUTH_TOKEN, RESET_PASSWORD_EXPIRE_SECONDS
from time import time
from urllib.parse import quote_plus
raw_json = PasswordResetToken(user.id,
int(time()) + RESET_PASSWORD_EXPIRE_SECONDS,
AUTH_TOKEN).as_json()
# print(raw_json)
to_send_token = encrypt(config.AUTH_PASSWORD, raw_json)
# print("raw token", to_send_token)
to_send_token = quote_plus(quote_plus(to_send_token))
# print(to_send_token)
# user.reset_token = str(uuid.uuid1())
from utils import send_mail
try:
send_mail(
config.RESET_PASSWORD_EMAIL.format(reset_token=to_send_token),
"重置密码", user.email)
except Exception as ex:
import traceback
return make_response(-1, message=traceback.format_exc())
return make_response(0, message="重置密码的邮件已经发送到您邮箱的垃圾箱,请注意查收")
def update_profile():
"""
更新个人信息
{
"uid":"用户ID",
"data":{
"username":"******",
"email":"电子邮件",
"description":"个人简介",
"changePassword":"******",
"newPassword":"******",
"banned":"是否已封禁",
"rawAdmin":"是否是原始管理员",
"permissions":[新的权限列表],
"permission_group":"新的权限组"
}
}
{
"code":0,"message":"qwq"
}
"""
import re
if not session.get("uid"):
return make_response(-1, message="请先登录")
operator: User = User.by_id(session.get("uid"))
user: User = User.by_id(request.form["uid"])
if user.id != operator.id and not permission_manager.has_permission(
operator.id, "user.manage"):
return make_response(-1, message="你无权进行此操作")
data: dict = decode_json(request.form["data"])
regex = re.compile(config.USERNAME_REGEX)
if not regex.search(data["username"]):
return make_response(-1,
message="用户名必须符合以下正则表达式: {}".format(
config.USERNAME_REGEX))
if not re.compile(r"(.+)@(.+)").search(data["email"]):
return make_response(-1, message="请输入合法的邮箱")
if not permission_manager.has_permission(operator.id, "permission.manage"):
if data["permission_group"] != user.permission_group:
return make_response(-1, message="你没有权限更改用户所属权限组")
if set(data["permissions"]) != set(user.permissions):
return make_response(-1, message="你没有权限更改用户权限")
user.permission_group = data["permission_group"]
if db.session.query(PermissionGroup.id).filter(
PermissionGroup.id == user.permission_group).one_or_none() is None:
return make_response(-1, message="非法权限组ID")
user.permissions = data["permissions"]
# 移除缓存
from main import redis_connection_pool
from redis import Redis
client = Redis(connection_pool=redis_connection_pool)
client.delete(f"hj2-perm-{user.id}")
user.username = data["username"]
user.description = data["description"]
if data["changePassword"]:
user.password = data["newPassword"]
import time
user.force_logout_before = int(time.time())
if data["banned"] != user.banned and not permission_manager.has_permission(
operator.id, "user.manage"):
return make_response(-1, message="你没有权限封禁/解封此用户")
user.banned = data["banned"]
if user.email != data["email"]:
# 注册不需要邮箱验证的话,改邮箱也不需要
if config.REQUIRE_REGISTER_AUTH and not permission_manager.has_permission(
session.get("uid"), "user.manage"):
db.session.commit()
from common.aes import encrypt
from config import AUTH_PASSWORD, AUTH_TOKEN, CHANGE_EMAIL_EXPIRE_SECONDS
from urllib.parse import quote_plus
from common.datatypes import EmailChangeToken
import time
data = EmailChangeToken(uid=user.id,
new_email=data["email"],
token=AUTH_TOKEN,
expire_after=int(time.time()) +
CHANGE_EMAIL_EXPIRE_SECONDS)
print("raw", encrypt(AUTH_PASSWORD, data.as_json()))
encoded_data = quote_plus(
quote_plus(encrypt(AUTH_PASSWORD, data.as_json())))
send_mail(
config.CHANGE_EMAIL_AUTH_EMAIL.format(
change_token=encoded_data), "更改邮箱", data.new_email)
print("encoded", encoded_data)
return make_response(0, message="数据已经更改成功。请前往新邮箱中点击确认。")
else:
user.email = data["email"]
db.session.commit()
# 检查邮箱相关
return make_response(0, message="操作完成")
def register():
"""
注册账号
参数:
username:str 用户名
email:str 邮箱
password:str 密码
返回:
{
"code":0,//非0表示调用成功
"message":"qwq"//code非0的时候表示错误信息
}
"""
if session.get("uid") is not None:
return make_response(-1, message="你已经登录了!")
import re
import utils
if re.match(config.USERNAME_REGEX, request.form["username"]) is None:
return make_response(-1,
message="用户名必须满足以下正则表达式:" + config.USERNAME_REGEX)
# if config.REQUIRE_REGISTER_AUTH:
# user = db.session.query(User).filter(
# User.username == request.form["username"])
# if user.count():
# user: User = user.one()
# next_query = db.session.query(User).filter(
# User.email == request.form["email"])
# if next_query.count() != 0 and next_query.one().username != request.form["username"]:
# return make_response(-1, message="此邮箱已被使用")
# if user.auth_token != "":
# import uuid
# user.auth_token = str(uuid.uuid1())
# send_mail(config.REGISTER_AUTH_EMAIL.format(
# auth_token=user.auth_token), "验证邮件", request.form["email"])
# user.email = request.form["email"]
# db.session.commit()
# return make_response(-1, message=f"验证邮件已经发送到您的新邮箱{request.form['email']}")
query = db.session.query(User).filter(
or_(User.email == request.form["email"],
User.username == request.form["username"]))
if query.count():
return make_response(-1, message="此用户名或邮箱已被用于注册账号")
from datetime import datetime
# import uuid
if config.REQUIRE_REGISTER_AUTH:
# 需要邮箱验证
from config import AUTH_PASSWORD, AUTH_TOKEN, REGISTER_EMAIL_AUTH_EXPIRE_SECONDS
from common.aes import encrypt, decrypt
from common.datatypes import load_from_json, RegisterToken
from urllib.parse import quote_plus
import time
data = RegisterToken(username=request.form["username"],
email=request.form["email"],
password=request.form["password"],
expire_after=int(time.time()) +
REGISTER_EMAIL_AUTH_EXPIRE_SECONDS,
token=AUTH_TOKEN)
encoded_token = encrypt(AUTH_PASSWORD, data.as_json())
# user.auth_token = str(uuid.uuid1())
print("token", encoded_token)
send_mail(config.REGISTER_AUTH_EMAIL.format(auth_token=encoded_token),
"验证邮件", request.form["email"])
# db.session.add(user)
# db.session.commit()
return make_response(-1, message="验证邮件已经发送到您邮箱的垃圾箱,请注意查收")
else:
# 不需要验证
user = User(username=request.form["username"],
email=request.form["email"],
password=request.form["password"],
register_time=datetime.now())
db.session.add(user)
db.session.commit()
session.permanment = True
session["uid"] = user.id
import time
session["login_time"] = str(int(time.time()))
return make_response(0)
def register():
"""
注册账号
参数:
username:str 用户名
email:str 邮箱
password:str 密码
返回:
{
"code":0,//非0表示调用成功
"message":"qwq"//code非0的时候表示错误信息
}
"""
if config.DISABLE_REGISTER:
return make_response(-1, message="注册已停用")
if config.USE_PHONE_WHEN_REGISTER_AND_RESETPASSWD:
return make_response(-1, message="当前不使用邮箱注册")
if session.get("uid") is not None:
return make_response(-1, message="你已经登录了!")
import re
import utils
if re.match(config.USERNAME_REGEX, request.form["username"]) is None:
return make_response(-1,
message="用户名必须满足以下正则表达式:" + config.USERNAME_REGEX)
query = db.session.query(User).filter(
User.username == request.form["username"])
if query.count():
return make_response(-1, message="此用户名或邮箱已被用于注册账号")
from datetime import datetime
# import uuid
hasher = argon2.PasswordHasher()
password_hash = hasher.hash(request.form["password"])
if config.REQUIRE_REGISTER_AUTH:
# 需要邮箱验证
from config import AUTH_PASSWORD, AUTH_TOKEN, REGISTER_EMAIL_AUTH_EXPIRE_SECONDS
from common.aes import encrypt, decrypt
from common.datatypes import load_from_json, RegisterToken
from urllib.parse import quote_plus
import time
data = RegisterToken(username=request.form["username"],
email=request.form["email"],
password=password_hash,
expire_after=int(time.time()) +
REGISTER_EMAIL_AUTH_EXPIRE_SECONDS,
token=AUTH_TOKEN)
encoded_token = encrypt(AUTH_PASSWORD, data.as_json())
# user.auth_token = str(uuid.uuid1())
print("token", encoded_token)
send_mail(
config.REGISTER_AUTH_EMAIL.format(
auth_token=quote_plus(quote_plus(encoded_token))), "验证邮件",
request.form["email"])
# db.session.add(user)
# db.session.commit()
return make_response(-1, message="验证邮件已经发送到您邮箱的垃圾箱,请注意查收")
else:
# 不需要验证
user = User(username=request.form["username"],
email=request.form["email"],
password=password_hash,
register_time=datetime.now())
db.session.add(user)
db.session.commit()
session.permanment = True
session["uid"] = user.id
import time
session["login_time"] = str(int(time.time()))
return make_response(0)