def new_user():
data = json.loads(redisdb.get(request.cookies["token"]))
otpkey = data["OTP_key"]
user_id = request.form["s_id"]
user_auth = request.form["auth"]
otp_passwd = request.form["otppassword"]
otp_checker = pyotp.TOTP(otpkey)
if otp_checker.verify(otp_passwd):
user_otp_key = pyotp.random_base32()
user_salt = str(uuid.uuid4())
md5 = hashlib.md5()
new_random_password = random_password()
md5.update(f"{new_random_password}{user_salt}".encode("utf-8"))
md5_passwd = md5.hexdigest()
try:
sql = f"INSERT INTO admin values (%s,%s,%s,{int(user_auth)},%s)"
mysqldb.execute(sql,
(user_id, md5_passwd, user_salt, user_otp_key))
mysqlconn.commit()
return json.dumps({
"state": "success",
"password": new_random_password
})
except Exception as e:
print(e)
return json.dumps({"state": "fail", "message": "该用户已存在"})
return json.dumps({"state": "fail", "message": "动态密码错误或超时"})
def send_private_message():
operator = json.loads(redisdb.get(request.cookies["token"]))
qid = request.form["qid"]
message = request.form["message"]
#print(qid,message)
sql = "SELECT * FROM message WHERE sender=%s"
data = mysqldb.execute(sql, (qid))
if data > 0:
sql = "SELECT * FROM message WHERE sender=%s and res='none'"
state = mysqldb.execute(sql, (qid))
#print(state)
if state > 0:
sql = "UPDATE message SET res='ignore',res_time=NOW(),res_user_id=%s WHERE res='none' and sender=%s"
mysqldb.execute(sql, (operator["id"], qid))
sql = "UPDATE message SET res=%s WHERE sender=%s ORDER BY send_time DESC LIMIT 1"
mysqldb.execute(sql, (message, qid))
else:
uid = str(uuid.uuid4())
sql = "INSERT INTO message values(%s,%s,NOW(),'Dialogue_Detail_None',%s,%s,NOW())"
mysqldb.execute(sql, (uid, qid, message, operator["id"]))
data = {"qid": qid, "message": message}
res = requests.post(
"http://127.0.0.1:5000/API/send_private_message.json",
data).json()
#print(res)
if res["state"] == "success":
mysqlconn.commit()
return json.dumps({"state": "success", "message": ""})
else:
return json.dumps({"state": "fail", "message": "系统出错"})
else:
return json.dumps({"state": "fail", "message": "无留言可以回复"})
def reset_by_admin():
target_id = request.form["s_id"]
newpassword = request.form["newpassword"]
otppassword = request.form["otppassword"]
data = json.loads(redisdb.get(request.cookies["token"]))
otp_key = data["OTP_key"]
sql = "SELECT * FROM admin where id = %s"
mysqldb.execute(sql, (target_id))
user_data = mysqldb.fetchall()[0]
otp_checker = pyotp.TOTP(otp_key)
#print(otp_checker.now(),otppassword)
if otp_checker.verify(otppassword):
md5 = hashlib.md5()
md5.update(f"{newpassword}{user_data[2]}".encode("utf-8"))
md5_passwd = md5.hexdigest()
try:
sql = "UPDATE admin SET password=%s WHERE id=%s"
mysqldb.execute(sql, (md5_passwd, target_id))
mysqlconn.commit()
return "success"
except Exception as e:
print(e)
return "fail"
else:
return "fail"
def handle(context, bot):
message = context["message"]
qid = context["sender"]["user_id"]
if not (qid in white_list):
message_id = str(uuid.uuid4())
sql = "INSERT INTO message(message_id, sender, send_time, detail, res)values (%s,%s,NOW(),%s,'none')"
mysqldb.execute(sql, (message_id, qid, message))
mysqlconn.commit()
def group_add():
group_id = request.form["group_id"]
bname = request.form["bname"]
#print(group_id,bname)
sql = "INSERT INTO `group` VALUES (%s,%s)"
try:
mysqldb.execute(sql, (group_id, bname))
mysqlconn.commit()
except Exception as e:
return json.dumps({"state": "fail", "message": "error"})
return json.dumps({"state": "success", "info": "成功"})
def group(context):
mysqlconn.ping(reconnect=True)
sql = "INSERT INTO service_log (time, type, target) VALUES (NOW(),'groupMessage',%s)"
mysqldb.execute(
sql,
(f"group:{context['group_id']};person:{context['sender']['user_id']}"))
mysqlconn.commit()
try:
respond_group(groupMessageHandles, groupMessageHandle_init_data,
context, bot)
except Exception as e:
traceback.print_exc()
error_data = traceback.format_exc()
sql = "INSERT INTO error_log (time, error_detail) VALUES (NOW(),%s)"
mysqldb.execute(sql, (pymysql.escape_string(error_data)))
mysqlconn.commit()
def private(context):
mysqlconn.ping(reconnect=True)
#logger
sql = "INSERT INTO service_log (time, type, target) VALUES (NOW(),'privateMessage',%s)"
mysqldb.execute(sql, (f"person:{context['sender']['user_id']}"))
mysqlconn.commit()
try:
state = respond_private(privateMessageHandles, context, bot)
if not state:
take_message_handle(context, bot)
except Exception as e:
bot.send(context, "服务器发生内部错误,请稍后重试")
traceback.print_exc()
error_data = traceback.format_exc()
sql = "INSERT INTO error_log (time, error_detail) VALUES (NOW(),%s)"
mysqldb.execute(sql, (pymysql.escape_string(error_data)))
mysqlconn.commit()
redisdb.delete(context["sender"]["user_id"])
def private_group_state():
gid = request.form["group_id"]
if gid == "all":
gid = "*"
plugin_name = request.form["plugin_name"]
state = int(request.form["state"])
if state == 0:
bstate = "启用"
elif state == 1:
bstate = "停用"
#print(gid,plugin_name,state)
if gid == "*" and state == 0:
#print("a")
sql = "DELETE FROM group_message_plugin_activate WHERE plugin_name = %s"
mysqldb.execute(sql, (plugin_name))
sql = "INSERT INTO group_message_plugin_activate values(%s,%s)"
mysqldb.execute(sql, (gid, plugin_name))
mysqlconn.commit()
return json.dumps({"state": "success", "bstate": bstate})
elif gid == "*" and state == 1:
#print("b")
sql = "DELETE FROM group_message_plugin_activate WHERE plugin_name = %s"
mysqldb.execute(sql, (plugin_name))
mysqlconn.commit()
return json.dumps({"state": "success", "bstate": bstate})
elif state == 0:
sql = 'SELECT * FROM group_message_plugin_activate WHERE (plugin_name = %s and g_id = "*")'
exist = mysqldb.execute(sql, (plugin_name))
if exist > 0:
#print("c")
return json.dumps({"state": "success", "bstate": "已全局打开"})
else:
#print("d")
sql = 'SELECT * FROM group_message_plugin_activate WHERE (plugin_name = %s and g_id = %s)'
exist = mysqldb.execute(sql, (plugin_name, gid))
if exist > 0:
return json.dumps({"state": "success", "bstate": bstate})
sql = "INSERT INTO group_message_plugin_activate values(%s,%s)"
mysqldb.execute(sql, (gid, plugin_name))
mysqlconn.commit()
return json.dumps({"state": "success", "bstate": bstate})
else:
sql = 'SELECT * FROM group_message_plugin_activate WHERE (plugin_name = %s and g_id = "*")'
exist = mysqldb.execute(sql, (plugin_name))
if exist > 0:
#print("e")
return json.dumps({"state": "success", "bstate": "已全局打开,请在全局中设置"})
else:
#print("f")
sql = "DELETE FROM group_message_plugin_activate WHERE (plugin_name = %s and g_id = %s) "
mysqldb.execute(sql, (plugin_name, gid))
mysqlconn.commit()
return json.dumps({"state": "success", "bstate": bstate})
def reset_by_user():
oldpassword = request.form["oldpassword"]
newpassword = request.form["newpassword"]
data = json.loads(redisdb.get(request.cookies["token"]))
user_id = data["id"]
sql = "SELECT * FROM admin where id = %s"
mysqldb.execute(sql, (user_id))
user_data = mysqldb.fetchall()[0]
if check(user_data, oldpassword):
md5 = hashlib.md5()
md5.update(f"{newpassword}{user_data[2]}".encode("utf-8"))
md5_passwd = md5.hexdigest()
try:
sql = "UPDATE admin SET password=%s WHERE id=%s"
mysqldb.execute(sql, (md5_passwd, user_id))
mysqlconn.commit()
return json.dumps({"state": "success", "message": "修改成功"})
except Exception as e:
return json.dumps({"state": "fail", "message": "服务器异常"})
else:
return json.dumps({"state": "fail", "message": "密码有误"})
def private_plugin_state():
plugin_name = request.form["plugin_name"]
state = int(request.form["state"])
if state == 0:
bstate = "启用"
elif state == 1:
bstate = "临时停用"
else:
bstate = "永久停用"
#print(plugin_name,state)
sql = f"UPDATE private_message_plugin SET active={int(state)} WHERE plugin_name=%s"
try:
#print(sql)
state = mysqldb.execute(sql, (plugin_name))
if state == 1:
mysqlconn.commit()
else:
return json.dumps({"state": "fail", "message": "无内容修改"})
except Exception as e:
return json.dumps({"state": "fail", "message": "服务器异常"})
return json.dumps({"state": "success", "bstate": bstate})
def handle_group_increase(context):
mysqlconn.ping(reconnect=True)
sql = 'INSERT INTO service_log (time, type, target) VALUES (NOW(),"groupMumReq",%s)'
mysqldb.execute(
sql, (f'group:{context["user_id"]};person:{context["group_id"]}'))
mysqlconn.commit()
def handle_request(context):
mysqlconn.ping(reconnect=True)
sql = 'INSERT INTO service_log (time, type, target) VALUES (NOW(),"groupMumAdd",%s)'
mysqldb.execute(sql, (f'group:{context["group_id"]}'))
mysqlconn.commit()
def handle_request(context):
mysqlconn.ping(reconnect=True)
sql = 'INSERT INTO service_log (time, type, target) VALUES (NOW(),"friendAdd",%s)'
mysqldb.execute(sql, (f'person:{context["user_id"]}'))
mysqlconn.commit()
return {"approve": True}
