def forget_passwd(): error = Error(0, '人生需要目标,有了目标才有奋斗的方向!') forget_info = request.json email = forget_info.get('email') passwd = forget_info.get('password') verify = forget_info.get('verify') if not (email and verify): error.err_code = 9 error.err_msg = "参数为空" return error.make_json_response() user = User.get_user_by_email(email) if user is None: error.err_code = 9 error.err_msg = '该邮箱填写错误' new_veri_code = redis_client.get(email) if new_veri_code is None: error.err_code = 9 error.err_msg = '请获取邮箱验证码' return error.make_json_response() if str(new_veri_code, encoding='utf-8') != str(verify): error.err_code = 9 error.err_msg = '该验证码错误,请尝试重新获取' return error.make_json_response() passwd = render_password(passwd) acc = {'password': passwd} add_status = User.update_user(user.id, acc) if add_status: return error.make_json_response() else: error.err_code = 0 error.err_msg = "修改成功" return error.make_json_response()
def post(self): id = request.form.get('id') pw = request.form.get('pw') if User.objects(id=id): return '', 204 else: User(id=id, pw=pw).save() return '', 201
def post(self): id = str(current_identity) title = request.form.get('title') content = request.form.get('content') PostCol(title=title, content=content, author=User(id, User.objects(id=id).first().pw)).save() return '', 201
def test_create_user(self): """ Create user in db Should: return save user in db """ user = User(username='******', email="*****@*****.**", password="******", provider="Tutubo") user.save() fresh_user = User.objects().first() assert fresh_user.username == 'oli' assert fresh_user.email == '*****@*****.**' assert fresh_user.password == '123' assert fresh_user.provider == 'Tutubo'
def api_update(): error = Error(0, 'success') access_token = request.headers.get("Access-Token") uid = redis_client.get(access_token) if not uid: error.err_msg = 9 error.err_code = 'access token 为空' return error.make_json_response() user = User.get_user_by_id(int(uid)) if user.id != 1: error.err_code = 9 error.err_msg = '该用户暂无此权限,请联系管理员。' return error.make_json_response() update_info = request.json if request.json else None docs_id = update_info.get('docs_id') if docs_id is None: error.err_code = 9 error.err_msg = '缺少参数。' return error.make_json_response() docs_id = update_info.pop("docs_id") parameter = json.dumps(update_info.get('parameter')) update_info['parameter'] = parameter re_info = json.dumps(update_info.get('re_info')) update_info['re_info'] = re_info update_status = ApiDocs.update_docs(docs_id, update_info) if update_status: return error.make_json_response() error.err_code = 9 error.err_msg = '更新失败,请重试。' return error.make_json_response()
def post(self): """ Add a new image for the caller user """ current_user = User.find_by_username(get_jwt_identity()['username']) current_dir = "{}{}/".format(image_save_path, current_user.id) if not os.path.exists(current_dir): os.makedirs(current_dir, exist_ok=True) data = request.get_json() image = base64.b64decode(data['image']) timestamp = calendar.timegm(time.gmtime()) image_name = str(timestamp) + ".jpg" current_path = "{}/{}".format(current_dir, image_name) with open(current_path, 'wb') as f: f.write(image) custom_link = "{}/images/{}/{}".format(server_url, current_user.id, image_name) return custom_response(200, "Image saved", custom_link)
def get(self, id): """ Return all the calories for the specified user """ current_user = User.find_by_username(get_jwt_identity()['username']) if current_user.is_admin() or current_user.has_child(id): user = User.query.filter_by(id=id).first() if user is None: return custom_response( 404, "User {} not found".format(id) ) calories = Calorie.query.with_parent(user).all() calories = list_to_array(calories) return custom_response( 200, "{} calories".format(user.username), calories ) else: return custom_response( 401, "Permission denied. User {} not a child".format(id) )
def audience_add(): error = Error(0, '关注成功') token = request.headers.get("Access-Token") if not token: error.err_code = 9 error.err_msg = "token is None" return error.make_json_response() uid = verify_token(token) if uid is None: error.err_code = 9 error.err_msg = "token error" return error.make_json_response() user = User.get_user_by_id(uid) if user is None: error.err_code = 9 error.err_msg = "登陆时间已过期,请重启登陆" return error.make_json_response() json_data = request.json by_uid = json_data.get('by_uid') status = json_data.get('status') if json_data.get('status') else 1 if not all([by_uid]): error.err_code = 9 error.err_msg = "提交数据缺失,请确认后重新提交." return error.make_json_response() audience_data = {'by_uid': by_uid, 'status': status, 'uid': uid} add_status = Audience.add(audience_data) if add_status is True: return error.make_json_response() error.err_code = 9 error.err_msg = '关注失败,请重新关注.' return error.make_json_response()
def get(self): """ Return the information for the caller user """ user = User.find_by_username(get_jwt_identity()['username']) return custom_response(200, "User {}".format(user.username), user.to_dict())
def get(self): """ Return all the steps for the caller user """ current_user = User.find_by_username(get_jwt_identity()['username']) steps = Step.query.with_parent(current_user).all() steps = list_to_array(steps) return custom_response(200, "Your steps", steps)
def get(self): """ Return all activities for the caller user """ current_user = User.find_by_username(get_jwt_identity()['username']) activities = Activity.query.with_parent(current_user).all() activities = list_to_array(activities) return custom_response(200, "Your activities", activities)
def get(self): """ Return all the meters for the caller user """ current_user = User.find_by_username(get_jwt_identity()['username']) meters = Meter.query.with_parent(current_user).all() meters = list_to_array(meters) return custom_response(200, "Your meters", meters)
def get(self): """ Return all the heart rates for the caller user """ current_user = User.find_by_username(get_jwt_identity()['username']) heart_rates = HeartRate.query.with_parent(current_user).all() heart_rates = list_to_array(heart_rates) return custom_response(200, "Your heart rates", heart_rates)
def account_register(): if request.method == 'POST': error = Error(0, '人生需要目标,有了目标才有奋斗的方向!') info = request.json if info is None: error.err_code = 9 error.err_msg = "参数为空1" return error.make_json_response() name = info.get('name') pass_word = info.get('password') # phone = info.get('phone') email = info.get('email') # verification = request.form.get('verify') verification = info.get('verify') # 验证码 if not (name and pass_word and email and verification): error.err_code = 9 error.err_msg = "参数为空2" return error.make_json_response() check_name = User.get_user_by_name(name) if check_name: error.err_code = 8 error.err_msg = "该用户名已存在" return error.make_json_response() acc = { 'name': name, 'password': pass_word, 'email': email, 'status': 1 } new_verification = redis_client.get(email) if new_verification is None: error.err_code = 3 error.err_msg = '请获取邮箱验证码' return error.make_json_response() if str(verification) != str(new_verification, encoding='utf-8'): error.err_code = 4 error.err_msg = '该验证码错误,请尝试重新获取' return error.make_json_response() add_status = User.add_user(acc) if add_status: return error.make_json_response() else: error.err_code = 5 error.err_msg = "创建失败" return error.make_json_response()
def get(self): """ Return all the personal info for the caller user """ current_user = User.find_by_username(get_jwt_identity()['username']) personal_info = PersonalInfo.query.with_parent(current_user).order_by( PersonalInfo.timestamp.desc()).all() personal_info = list_to_array(personal_info) return custom_response(200, "Your personal info", personal_info)
def get(self): """ Return all the children for the caller user """ current_user = User.find_by_username(get_jwt_identity()['username']) children = current_user.family_members.all() children = list_to_array(children) return custom_response(200, "{}'s children".format(current_user.username), children)
def decorated_function(*args, **kwargs): user = get_jwt_identity() current_user = User.find_by_username(user["username"]) if not current_user: return {'message': "Permission denied. User not found"}, 401 if current_user.role > access_level: return {'message': "Permission denied."}, 401 return f(*args, **kwargs)
async def get_all_user_by_lang(self, lang_id: int) -> List[User]: sql = f""" {User.__select__} where "lang_id" = $1 """ return [ User(**acc) for acc in await self.connection.fetch( sql, lang_id, ) ]
def user_oauth_login(): body = request.get_json() if (not body or not OAUTH_FIELD in body.keys()): return error_response(400, 'Cant verify login credentials') try: idinfo = id_token.verify_oauth2_token( body['idToken'], requests.Request()) if not app.config['TESTING'] else { 'email': body['idToken'] } email = idinfo['email'] user = User.objects(email=email) if not user: username = email.split('@')[0] username = "******" + username photo = body['photoURL'] if 'photoURL' in body else None user = User(email=email, profile_pic=photo, username=username, provider="Google").save() else: user = user[0] if user.is_blocked: return error_response(401, "User is blocked") token = jwt.encode( { 'email': user.email, 'exp': datetime.datetime.utcnow() + datetime.timedelta(days=7) }, app.config['SECRET_KEY'], algorithm=ENCODING_ALGORITHM) return jsonify({ 'token': token.decode('UTF-8'), "user": user.serialize() }) except ValueError as err: return error_response(401, 'Cant verify Google credentials ' + str(err))
def put(self): """ Update the information of the caller user """ user = User.find_by_username(get_jwt_identity()['username']) new_user = request.get_json() user.full_name = new_user['full_name'] user.date_of_birth = new_user['date_of_birth'] user.gender = new_user['gender'] user.update() return custom_response(200, "Your information was updated", user.to_dict())
def change_target(cls, target_id: int, uid: int): target = DB.session.query(cls).filter(cls.target_id == target_id, cls.status == 0).one_or_none() if target.id != uid: return False challenge_gold = target.challenge_gold gold_type = target.gold_type target_id = target.id if target.insist_day + 1 >= target.number_of_days: target.status = 1 target.end_time = timemac.today() DB.session.commit() # 挑战成功: 缺少给用户加金币,或者退还钱逻辑. 还需要在user表中 对积分或者rmb 进行修改. user = User.get_user_by_id(uid) user.update_time = timemac.today() if gold_type == 1: #1:金额 2:积分 待rmb与积分表建完,再完善逻辑. user.money = user.money + challenge_gold DB.session.commit() temp = { 'uid': user.id, 'money': user.money, 'type': 1, 'status': 1, 'target_id': target_id, 'create_time': timemac.today(), 'source_info': 1 } add_status = Money_Detail.add_money_detail(temp) if add_status is False: return False return True elif gold_type == 2: user.money = user.integral + target.challenge_gold DB.session.commit() temp = { 'uid': user.id, 'money': user.money, 'type': 1, 'status': 1, 'target_id': target_id, 'create_time': timemac.today(), 'source_info': 1 } add_status = Integral_Detail.add_integral_detail(temp) if add_status is False: return False return True else: return False else: target.insist_day = target.insist_day + 1 DB.session.commint() return True
def post(self): """ Add a new activity for the caller user """ current_user = User.find_by_username(get_jwt_identity()['username']) activity = request.get_json() new_activity = Activity(name=activity['name'], datetime=activity['datetime'], duration=activity['duration'], user=current_user) new_activity.save() return custom_response(200, "Activity added", new_activity.id)
def get(self): """ Return all the calories for the caller user """ current_user = User.find_by_username(get_jwt_identity()['username']) calories = Calorie.query.with_parent(current_user).all() calories = list_to_array(calories) return custom_response( 200, "Your calories", calories )
def get(self, user, image): """ Return the image requested """ current_user = User.find_by_username(get_jwt_identity()['username']) if current_user.id != user: return custom_response(401, "Permission denied") current_dir = "{}{}".format(image_save_path, user) return send_from_directory(current_dir, image)
def createUser(): try: data = request.form for key in getModelKeys(User): if not key in data: raise AssertionError(f'Property {key} is missing') user = User(email=data['email']) user.setPassword(data['password']) session.add(user) session.commit() session.refresh(user) return jsonify(user=JSONEncoder(user)), 201 except AssertionError as err: return jsonify({"message": str(err)}), 400 except Exception as err: print(err) return jsonify({"message": str(err)}), 500
def delete(self, id): """ Delete an activity by its id """ current_user = User.find_by_username(get_jwt_identity()['username']) activity = Activity.query.with_parent(current_user).filter_by( id=id).first() if activity is None: return custom_response(404, "Activity with id {} not found".format(id)) activity.delete() return custom_response(200, "Activity {} deleted".format(id))
def account_login(): if request.method == 'POST': json_info = request.json email = json_info.get('email') password = json_info.get("password") if not email or not password: return jsonify({"error": 1, "msg": "用户名或密码为空"}) if type(User.check(email, password)) is str: return jsonify({"error": 1, "msg": "用户名或密码错误"}) else: user = User.get_user_by_email(email) if user.status == 0 or user.status == '0': return jsonify({"error": 2, "msg": "该用户未激活,请联系管理员"}) from itsdangerous import TimedJSONWebSignatureSerializer as Serializer s = Serializer(b'flag_nb_no_1') token = s.dumps({'id': str(user.id)}) redis_client.set(token, user.id, ex=24 * 3600) return jsonify({ "error": 0, "msg": "登陆成功", "token": str(token, 'utf-8') })
def post(self): """ Refresh token """ current_user = User.find_by_username(get_jwt_identity()['username']) tmp_user = current_user.to_dict() tmp_user.update({ 'access_token': create_access_token(create_identity(current_user), expires_delta=False), 'refresh_token': create_refresh_token(create_identity(current_user)) }) return custom_response(200, 'Access token refreshed', tmp_user)
def sign_add(): error = Error(0, '签到成功') token = request.headers.get("Access-Token") if not token: error.err_code = 9 error.err_msg = "token is None" return error.make_json_response() uid = verify_token(token) if uid is None: error.err_code = 9 error.err_msg = "token error" return error.make_json_response() user = User.get_user_by_id(uid) if user is None: error.err_code = 9 error.err_msg = "登陆时间已过期,请重启登陆" return error.make_json_response() json_data = request.json target_name = json_data.get('target_name') if json_data.get('target_name') else None target_id = json_data.get('target_id') content = json_data.get('content') if json_data.get('content') else None img = request.files.get('img') insist_day = json_data.get('insist_day') if json_data.get('insist_day') else 0 status = json_data.get('status') if json_data.get('status') else 1 if not all([target_id, img]): error.err_code = 9 error.err_msg = "提交数据缺失,请确认后重新提交." return error.make_json_response() target = Target_Info.change_target(target_id, uid) if target is False: error.err_code = 9 error.err_msg = '提交参数错误!,请确认后重新提交!' return error.make_json_response() sign_data = { 'target_name': target_name, 'target_id': target_id, 'content': content, 'img': img, 'insist_day': insist_day, 'status': status, 'uid': uid } add_status = Sign.add(sign_data) if add_status is True: return error.make_json_response() error.err_code = 9 error.err_msg = '签到失败,请重新提交!' return error.make_json_response()
def post(self): """ Create new user session """ body = request.get_json() user = User.find_by_username(body['username']) if not user: return custom_response( 401, 'User {} doesn\'t exist'.format(body['username'])) if User.verify_hash(body['password'], user.password): tmp_user = user.to_dict() tmp_user.update({ 'access_token': create_access_token(create_identity(user), expires_delta=False), 'refresh_token': create_refresh_token(create_identity(user)) }) return custom_response(200, 'Logged in as {}'.format(user.username), tmp_user) else: return custom_response(401, 'Username or password wrong')