def pcvalidate(request):
if request.method == "POST":
gt = GeetestLib(pc_geetest_id, pc_geetest_key)
challenge = request.POST.get(gt.FN_CHALLENGE, '')
validate = request.POST.get(gt.FN_VALIDATE, '')
seccode = request.POST.get(gt.FN_SECCODE, '')
status = request.session[gt.GT_STATUS_SESSION_KEY]
user_id = request.session["user_id"]
if status:
result = gt.success_validate(challenge, validate, seccode, user_id)
else:
result = gt.failback_validate(challenge, validate, seccode)
result = "<html><body><h1>登录成功</h1></body></html>" if result else "<html><body><h1>登录失败</h1></body></html>"
return HttpResponse(result)
return HttpResponse("error")
def __call__(self, form, field):
gt = GeetestLib(self.captcha_id, self.private_key)
challenge = request.form[gt.FN_CHALLENGE]
validate = request.form[gt.FN_VALIDATE]
seccode = request.form[gt.FN_SECCODE]
status = session[gt.GT_STATUS_SESSION_KEY]
user_id = session["random_id"]
if status:
result = gt.success_validate(challenge, validate, seccode, user_id)
else:
result = gt.failback_validate(challenge, validate, seccode)
result = True if result else False
if not result:
raise ValidationError()
return result
def mobileajax_validate(request):
if request.method == "POST":
gt = GeetestLib(mobile_geetest_id, mobile_geetest_key)
challenge = request.POST.get(gt.FN_CHALLENGE, '')
validate = request.POST.get(gt.FN_VALIDATE, '')
seccode = request.POST.get(gt.FN_SECCODE, '')
status = request.session[gt.GT_STATUS_SESSION_KEY]
user_id = request.session["user_id"]
if status:
result = gt.success_validate(challenge, validate, seccode, user_id)
else:
result = gt.failback_validate(challenge, validate, seccode)
result = {"status": "success"} if result else {"status": "fail"}
return HttpResponse(json.dumps(result))
return HttpResponse("error")
def register(request):
if request.method == "POST":
ret = {
'status': None,
'msg': '',
}
username = request.POST.get("username")
password = request.POST.get("password")
gt = GeetestLib(pc_geetest_id, pc_geetest_key)
challenge = request.POST.get(gt.FN_CHALLENGE, '')
validate = request.POST.get(gt.FN_VALIDATE, '')
seccode = request.POST.get(gt.FN_SECCODE, '')
status = request.session[gt.GT_STATUS_SESSION_KEY]
user_id = request.session["user_id"]
if status:
result = gt.success_validate(challenge, validate, seccode, user_id)
else:
result = gt.failback_validate(challenge, validate, seccode)
if result:
# 验证码正确
# 利用auth模块做用户名和密码的校验
user = auth.authenticate(username=username, password=password)
if user:
# 用户名密码正确
# 给用户做登录
auth.login(request, user) # 将登录用户赋值给 request.user
ret["msg"] = "/index/"
else:
# 用户名密码错误
ret["status"] = 1
ret["msg"] = "用户名或密码错误!"
else:
ret["status"] = 1
ret["msg"] = "验证码错误"
return JsonResponse(ret)
else:
user = request.session.get('user', None)
if user == None:
return render(request, "register.html")
else:
return redirect('/')
def wrapper(r, *args, **kwargs):
gt = GeetestLib(geetest_id, geetest_key)
challenge = r.d.geetest_challenge
validate = r.d.geetest_validate
seccode = r.d.geetest_seccode
status = r.session[gt.GT_STATUS_SESSION_KEY]
user_id = r.session["user_id"]
if status:
result = gt.success_validate(challenge, validate, seccode,
user_id)
else:
result = gt.failback_validate(challenge, validate, seccode)
if result:
return func(r, *args, **kwargs)
else:
raise AuthError.GEETEST_VALIDATE
def dispatch(self, request, *args, **kwargs):
if request.method == "POST":
gt = GeetestLib(settings.GEE_CAPTCHA_ID, settings.GEE_PRIVATE_KEY)
challenge = request.POST.get(gt.FN_CHALLENGE, '')
validate = request.POST.get(gt.FN_VALIDATE, '')
seccode = request.POST.get(gt.FN_SECCODE, '')
status = request.session.get(gt.GT_STATUS_SESSION_KEY)
user_id = request.session.get("gee_user_id")
if status:
result = gt.success_validate(challenge, validate, seccode,
user_id)
else:
result = gt.failback_validate(challenge, validate, seccode)
if not result:
raise PermissionDenied('请正确滑动解锁')
return super().dispatch(request, *args, **kwargs)
def login(request):
"""
# 登录视图
:param request:
:return:
"""
# if request.is_ajax(): # 如果是AJAX请求
if request.method == "POST":
# 初始化一个给AJAX返回的数据
ret = {"status": 0, "msg": ""}
# 从提交过来的数据中 取到用户名和密码
username = request.POST.get("username")
pwd = request.POST.get("password")
# 获取极验 滑动验证码相关的参数
gt = GeetestLib(pc_geetest_id, pc_geetest_key)
challenge = request.POST.get(gt.FN_CHALLENGE, '')
validate = request.POST.get(gt.FN_VALIDATE, '')
seccode = request.POST.get(gt.FN_SECCODE, '')
status = request.session[gt.GT_STATUS_SESSION_KEY]
user_id = request.session["user_id"]
if status:
result = gt.success_validate(challenge, validate, seccode, user_id)
else:
result = gt.failback_validate(challenge, validate, seccode)
if result:
# 验证码正确
# 利用auth模块做用户名和密码的校验
user = auth.authenticate(username=username, password=pwd)
if user:
# 用户名密码正确
# 给用户做登录
auth.login(request, user)
ret["msg"] = "/index/"
else:
# 用户名密码错误
ret["status"] = 1
ret["msg"] = "用户名或密码错误!"
else:
ret["status"] = 1
ret["msg"] = "验证码错误"
print(ret)
return JsonResponse(ret)
return render(request, "login2.html")
def post(self, request):
gt = GeetestLib(user_config.GEETEST_ID, user_config.GEETEST_KEY)
# 获取前端传来的登录信息
en_username = request.POST.get("username") # 加密的登录账号
en_password = request.POST.get("password") # 加密的登录账号
secret_key = request.POST.get("key") # 加密的登录账号
remember = request.POST.get("remember") # 加密的登录账号
# 前端传来的geetest的参数
challenge = request.POST.get(gt.FN_CHALLENGE, "")
validate = request.POST.get(gt.FN_VALIDATE, "")
seccode = request.POST.get(gt.FN_SECCODE, "")
status = request.session[gt.GT_STATUS_SESSION_KEY]
user_id = request.session["user_id"]
# 判断滑动验证码是否登录成功
if status:
result = gt.success_validate(challenge, validate, seccode, user_id)
else:
result = gt.failback_validate(challenge, validate, seccode)
# 滑动验证码校验成功后校验用户登录信息
if result:
# 解密用户名和登录密码
decrypt = DeAesCrypt(secret_key, "Pkcs7")
de_username = decrypt.decrypt_aes(en_username)
de_password = decrypt.decrypt_aes(en_password)
login_info = {
"username": de_username,
"password": de_password,
"remember": remember,
}
form = LoginForm(login_info, request=request)
if form.is_valid():
return to_json_data(errno=Code.OK, errmsg="登录成功")
else:
err_str = error_message(form)
return to_json_data(errno=Code.PARAMERR, errmsg=err_str)
else:
return to_json_data(errno=Code.LOGINERR, errmsg="验证校验失败")
def mobile_ajax_validate():
gt = GeetestLib(mobile_geetest_id, mobile_geetest_key)
challenge = request.form[gt.FN_CHALLENGE]
validate = request.form[gt.FN_VALIDATE]
seccode = request.form[gt.FN_SECCODE]
status = session[gt.GT_STATUS_SESSION_KEY]
user_id = session["user_id"]
if status:
result = gt.success_validate(challenge,
validate,
seccode,
user_id,
data='',
userinfo='')
else:
result = gt.failback_validate(challenge, validate, seccode)
result = {"status": "success"} if result else {"status": "fail"}
return json.dumps(result)
def geetest_post_validate(request):
gt = GeetestLib(settings.GEETEST_ID, settings.GEETEST_KEY)
challenge = request.POST.get(gt.FN_CHALLENGE, '')
validate = request.POST.get(gt.FN_VALIDATE, '')
seccode = request.POST.get(gt.FN_SECCODE, '')
status = request.session[gt.GT_STATUS_SESSION_KEY]
if status:
result = gt.success_validate(challenge, validate, seccode)
else:
result = gt.failback_validate(challenge, validate, seccode)
return result
# f**k check permission
# if request.user.is_authenticated():
# 针对已经登录验证的用户
# else:
# 对匿名用户
def post(self):
gt = GeetestLib(mobile_geetest_id, mobile_geetest_key)
challenge = self.get_argument(gt.FN_CHALLENGE, "")
validate = self.get_argument(gt.FN_VALIDATE, "")
seccode = self.get_argument(gt.FN_SECCODE, "")
status = self.session[gt.GT_STATUS_SESSION_KEY]
user_id = self.session["user_id"]
if status:
result = gt.success_validate(challenge, validate, seccode, user_id)
else:
result = gt.failback_validate(challenge, validate, seccode)
self.session["user_id"] = user_id
result = result = {
"status": "success"
} if result else {
"status": "fail"
}
self.write(json.dumps(result))
def post(self):
try:
gt = GeetestLib(GT_ID, GT_KEY)
challenge = self.get_argument(gt.FN_CHALLENGE, "")
validate = self.get_argument(gt.FN_VALIDATE, "")
seccode = self.get_argument(gt.FN_SECCODE, "")
status = int(self.session[gt.GT_STATUS_SESSION_KEY])
user_id = self.session["user_id"]
if status:
verify_res = gt.success_validate(challenge, validate, seccode, user_id)
else:
verify_res = gt.failback_validate(challenge, validate, seccode)
self.session["user_id"] = user_id
if verify_res:
email = self.get_argument("email")
password = self.get_argument("password")
if email and password:
password = make_password(password)
student_coll = BaseMotor().client[MongoBasicInfoDb][STUDENTS]
stu_doc = yield student_coll.find_one({"user_email": email})
if not stu_doc:
msg = '账户不存在,请重新输入或前往注册!'
self.render("front/front_signin.html", msg=msg,action_url = '/signin')
else:
pwd = stu_doc['password']
if password == pwd:
self.session['current_email'] = stu_doc['user_email']
self.session['role'] = stu_doc['role']
self.session['username'] = stu_doc['user_name'] if stu_doc['user_name'] != '' else stu_doc['user_email']
self.redirect("/")
else:
msg = '密码错误,请重新输入!'
self.render("front/front_signin.html", msg=msg, action_url='/signin')
else:
msg = '邮箱或密码值获取错误,请重新输入!'
self.render("front/front_signin.html", msg=msg ,action_url = '/signin')
else:
msg = '验证码验证失败,请重新验证!'
self.render("front/front_signin.html",msg=msg ,action_url = '/signin')
except Exception as e:
print e
logging.exception(e)
self.render("front/front_signin.html", msg=e,action_url = '/signin')
def login(request):
# 如果是post方法
if request.method == "POST":
ret = {"status": 0, "msg": ""} # 初始化一个给AJAX返回的数据
username = request.POST.get("username")
password = request.POST.get("password")
# 获取极验,滑动验证码相关参数
gt = GeetestLib(pc_geetest_id, pc_geetest_key)
challenge = request.POST.get(gt.FN_CHALLENGE, '')
validate = request.POST.get(gt.FN_VALIDATE, '')
seccode = request.POST.get(gt.FN_SECCODE, '')
status = request.session[gt.GT_STATUS_SESSION_KEY]
user_id = request.session["user_id"]
if status:
result = gt.success_validate(challenge, validate, seccode, user_id)
else:
result = gt.failback_validate(challenge, validate, seccode)
if result:
# 验证码正确
# 利用auth模块做用户名和密码的校验
user = auth.authenticate(username=username, password=password)
response = HttpResponse()
if user:
auth.login(request, user) # 将登陆用户注入request.user
ret["msg"] = "/index/"
else:
# 用户名密码错误
ret["status"] = 1
ret["msg"] = "用户名或密码错误!"
else:
ret["status"] = 2
ret["msg"] = "验证码错误"
return JsonResponse(ret)
# 如果是get方法
else:
if 'login' in request.COOKIES:
login = request.get_signed_cookie('login', salt='hello').split(',')
username = login[0]
password = login[1]
return render(request, "login.html", {
"username": username,
"password": password
})
return render(request, "login.html")
def login(request):
"""
处理登录接口,使用极验滑动验证码登陆
:param request:
:return:
"""
if request.method == "POST":
ret = {"statys": 0, "msg": ""}
username = request.POST.get("username")
password = request.POST.get("password")
# 获取极验 极验验证码相关的参数
gt = GeetestLib(pc_geetest_id, pc_geetest_key)
challenge = request.POST.get(gt.FN_CHALLENGE, '')
validate = request.POST.get(gt.FN_VALIDATE, '')
seccode = request.POST.get(gt.FN_SECCODE, '')
status = request.session[gt.GT_STATUS_SESSION_KEY]
user_id = request.session["user_id"]
valid_code = request.POST.get("valid_code")
print(valid_code)
print("用户输入的验证码".center(120, "="))
if status:
result = gt.success_validate(challenge, validate, seccode, user_id)
else:
result = gt.failback_validate(challenge, validate, seccode)
if result:
user = auth.authenticate(username=username, password=password)
if user:
auth.login(request, user)
ret["msg"] = "/blog/"
else:
ret["status"] = 1
ret["msg"] = "用户名或密码错误"
else:
ret["status"] = 1
ret["msg"] = "验证码错误"
return JsonResponse(ret)
return render(request, "blog/login.html")
def login(request):
if request.method == "POST":
# 初始化一个字典用于给ajax请求返回数据
ret = {'status': 0, 'msg': ''}
# 从请求中获取到用户名和密码
username = request.POST.get('username')
password = request.POST.get('password')
# 获取极验活动验证码相关参数
gt = GeetestLib(settings.PC_GEETEST_ID, settings.PC_GEETEST_KEY)
challenge = request.POST.get(gt.FN_CHALLENGE, '')
validate = request.POST.get(gt.FN_VALIDATE, '')
seccode = request.POST.get(gt.FN_SECCODE, '')
status = request.session[gt.GT_STATUS_SESSION_KEY]
user_id = request.session["user_id"]
if status:
result = gt.success_validate(challenge, validate, seccode, user_id)
else:
result = gt.failback_validate(challenge, validate, seccode)
if result:
# 如果极验返回的这个result是有内容的,说明验证码验证成功,接下来验证用户个人账号信息
user = models.User.objects.filter(username=username, password=busybox.get_rand_str(password)).first()
if user:
# 用户名密码正确,给用户做登录,将用户的session信息保存到django_session信息中(其实就是数据库中)
request.session['user'] = {
'userid': user.uid,
'name': user.username,
'nickname': user.nickname,
}
# 设置完session以后让用户redirect到根目录
ret['msg'] = "/"
else:
# 当查不到这个用户的时候基本就是用户名或者密码错误了。
ret['status'] = 1
ret['msg'] = "用户名或密码错误"
else:
# 如果验证码验证失败,那么返回错误信息
ret['status'] = 1
ret['msg'] = '验证码错误'
return JsonResponse(ret)
def validate_capthca():
session['vote'] = 0
gt = GeetestLib(captcha_id, private_key)
challenge = request.form[gt.FN_CHALLENGE]
validate = request.form[gt.FN_VALIDATE]
seccode = request.form[gt.FN_SECCODE]
status = session[gt.GT_STATUS_SESSION_KEY]
user_id = session["user_id"]
session['refer'] = request.referrer
if status:
result = gt.success_validate(challenge, validate, seccode, user_id)
else:
result = gt.failback_validate(challenge, validate, seccode)
result = "success" if result else "fail"
if result == "success":
session['vote'] = 1
return redirect(session['refer'])
else:
flash("验证码错误!")
return redirect(session['refer'])
def _ajax_validate_captcha(request):
gt = GeetestLib(captcha_id, private_key)
form = load_resp(request.body, GeeForm)
if form is None:
return HttpResponseBadRequest(json.dumps({"message": "Bad request"}))
if not form.is_valid():
return HttpResponseBadRequest(
json.dumps({"message": form.errors.as_json()}))
status = request.session[gt.GT_STATUS_SESSION_KEY]
user_id = request.session[GEETEST_UID_NAME]
challenge = form.cleaned_data[gt.FN_CHALLENGE]
validate = form.cleaned_data[gt.FN_VALIDATE]
seccode = form.cleaned_data[gt.FN_SECCODE]
if status:
result = gt.success_validate(challenge, validate, seccode, user_id)
else:
result = gt.failback_validate(challenge, validate, seccode)
if result:
set_geetest_passed(request)
return HttpResponse(json.dumps({"message": "成功"}))
return HttpResponseBadRequest(json.dumps({"message": "验证码错误"}))
def login(request):
if request.method == 'GET':
return render(request, 'login.html')
else:
gt = GeetestLib(pc_geetest_id, pc_geetest_key)
challenge = request.POST.get(gt.FN_CHALLENGE, '')
validate = request.POST.get(gt.FN_VALIDATE, '')
seccode = request.POST.get(gt.FN_SECCODE, '')
status = request.session[gt.GT_STATUS_SESSION_KEY]
u = request.POST.get('username')
pwd = request.POST.get('password')
user = authenticate(username=u, password=pwd)
if status:
result = gt.success_validate(challenge, validate, seccode)
else:
result = gt.failback_validate(challenge, validate, seccode)
if user:
auth.login(request, user) #将登录赋值给user
return redirect('index.html')
else:
return render(request, 'login.html', {'msg': '用户名或密码错误'})
def login(request):
# if request.is_ajax(): # 如果是AJAX请求
if request.method == "POST":
# 初始化一个给AJAX返回的数据
ret = {"status": 0, "msg": ""}
username = request.POST.get('username')
password = request.POST.get('password')
gt = GeetestLib(pc_geetest_id, pc_geetest_key)
challenge = request.POST.get(gt.FN_CHALLENGE, '')
validate = request.POST.get(gt.FN_VALIDATE, '')
seccode = request.POST.get(gt.FN_SECCODE, '')
status = request.session[gt.GT_STATUS_SESSION_KEY]
user_id = request.session["user_id"]
if status:
result = gt.success_validate(challenge, validate, seccode, user_id)
else:
result = gt.failback_validate(challenge, validate, seccode)
if result:
# 验证码正确
# 利用auth模块做用户名和密码的校验
user = auth.authenticate(request,
username=username,
password=password)
if user:
# 用户名密码正确
# 登录
auth.login(request, user)
ret['msg'] = '/index/'
else:
# 用户名密码错误
ret["status"] = 1
ret['msg'] = "用户名或密码错误"
else:
# 验证码不正确
ret["status"] = 1
ret['msg'] = "验证码错误"
return JsonResponse(ret)
return render(request, 'login2.html')
def index():
global updata_time, all_count, valid_count, spider_status_list
if request.method == 'POST':
gt = GeetestLib(geetest_id, geetest_key)
challenge = request.form[gt.FN_CHALLENGE]
validate = request.form[gt.FN_VALIDATE]
seccode = request.form[gt.FN_SECCODE]
status = session[gt.GT_STATUS_SESSION_KEY]
user_id = session["user_id"]
#获取数据
url = request.values.get('url')
name = request.values.get('name')
type = request.values.get('type')
if status:
result = gt.success_validate(challenge, validate, seccode, user_id)
else:
result = gt.failback_validate(challenge, validate, seccode)
if result:
#成功验证
if not name:
#生成随机6位
pool = string.ascii_letters + string.digits
key = []
key = random.sample(pool, 6)
keys = "".join(key)
name = keys
check = filter(url, name, type)
if '通过检查' in check:
info = short_url(url, name, type)
if '成功' in info:
return jsonify({"code": 200, "info": name})
else:
return jsonify({"code": 403, "info": info})
else:
return jsonify({"code": 403, "info": check})
else:
return jsonify({"code": 403, "info": "滑动验证未通过"})
else:
return render_template('index.html')
def login(request):
# next_url = request.GET.get('next', None)
# print(next_url)
# next = '<input type="text" id="next" name="next" style="display: none" value=%s>' % next_url
if request.method == 'POST':
# 初始化一个给AJAX返回的数据 默认返回错误响应
ret = {'status': -1, 'msg': None}
username = request.POST.get('username')
password = request.POST.get('password')
next = request.GET.get('next')
# 获取极验 滑动验证码相关的参数
gt = GeetestLib(pc_geetest_id, pc_geetest_key)
challenge = request.POST.get(gt.FN_CHALLENGE, '')
validate = request.POST.get(gt.FN_VALIDATE, '')
seccode = request.POST.get(gt.FN_SECCODE, '')
status = request.session[gt.GT_STATUS_SESSION_KEY]
user_id = request.session['user_id']
if status:
result = gt.success_validate(challenge, validate, seccode, user_id)
else:
result = gt.failback_validate(challenge, validate, seccode)
if result:
# 验证码通过
# 使用auth模块认证
user_obj = auth.authenticate(username=username, password=password)
if user_obj:
auth.login(request, user_obj)
ret['status'] = '0'
ret['msg'] = next if next else '/%s/' % request.user.blog.site
else:
# 用户名不存在或密码错误
ret['msg'] = '用户名不存在或密码错误'
else:
ret['status'] = -2
ret['msg'] = '验证码错误'
return JsonResponse(ret)
return render(request, 'login.html')
def login(request):
#if request is ajax #如果是ajax请求
# if request.method =="POST":
if request.is_ajax():
#初始化一个给AJAX返回的数据 Ajax请求返回一个字典
ret = {"status": 0, "msg": ""}
#从提交过来的数中 取到用户名和密码
username = request.POST.get('username')
pwd = request.POST.get("password")
#获取极验验证码验证的相关参数
gt = GeetestLib(pc_geetest_id, pc_geetest_key)
challenge = request.POST.get(gt.FN_CHALLENGE, '')
validate = request.POST.get(gt.FN_VALIDATE, '')
seccode = request.POST.get(gt.FN_SECCODE, '')
status = request.session[gt.GT_STATUS_SESSION_KEY]
user_id = request.session["user_id"]
if status:
result = gt.success_validate(challenge, validate, seccode, user_id)
else:
result = gt.failback_validate(challenge, validate, seccode)
if result:
user = auth.authenticate(username=username, password=pwd)
if user:
auth.login(request, user) #将user赋值给request
ret['status'] = username
ret['msg'] = "/index/"
else:
ret['msg'] = "用户名或密码错误!"
else:
ret['msg'] = "验证码错误"
return JsonResponse(ret)
else:
return render(request, "login2.html")
def login(request):
back_msg = {'user': None, 'msg': None}
if request.is_ajax():
name = request.POST.get('username')
pwd = request.POST.get('password')
gt = GeetestLib(pc_geetest_id, pc_geetest_key)
challenge = request.POST.get(gt.FN_CHALLENGE, '')
validate = request.POST.get(gt.FN_VALIDATE, '')
seccode = request.POST.get(gt.FN_SECCODE, '')
status = request.session[gt.GT_STATUS_SESSION_KEY]
user_id = request.session["user_id"]
# code = request.POST.get('code')
# if code.upper() == request.session['code'].upper():
user = auth.authenticate(request, username=name, password=pwd)
# user=models.UserInfo.objects.filter(username=ss,password=33).first()
if status:
result = gt.success_validate(challenge, validate, seccode, user_id)
else:
result = gt.failback_validate(challenge, validate, seccode)
if result:
# 在auth模块注册
print(user)
if user:
auth.login(request, user)
back_msg['user'] = name
back_msg['msg'] = '/index/'
# data=json.dumps(back_msg)
return JsonResponse(back_msg)
else:
back_msg['msg'] = '用户名或密码错误'
return JsonResponse(back_msg)
# else:
# back_msg['msg'] = '验证码错误'
# return JsonResponse(back_msg)
return render(request, 'login.html')
def login(request):
# if request.is_ajax(): # 如果是AJAX請求
if request.method == "POST":
# 初始化一個給AJAX返回的數據
ret = {"status": 0, "msg": ""}
username = request.POST.get("username")
pwd = request.POST.get("password")
# 獲取極驗 滑動驗證碼相關的參數
gt = GeetestLib(pc_geetest_id, pc_geetest_key)
challenge = request.POST.get(gt.FN_CHALLENGE, '')
validate = request.POST.get(gt.FN_VALIDATE, '')
seccode = request.POST.get(gt.FN_SECCODE, '')
status = request.session[gt.GT_STATUS_SESSION_KEY]
user_id = request.session["user_id"]
if status:
result = gt.success_validate(challenge, validate, seccode, user_id)
else:
result = gt.failback_validate(challenge, validate, seccode)
if result:
# 驗證碼正確
# 利用auth模塊做驗證碼和密碼的校驗
user = auth.authenticate(username=username, password=pwd)
if user:
# 用戶名和密碼正確
# 給用戶做登錄
auth.login(request, user) # 將登錄用戶賦值給 request.user
ret["msg"] = "/index/"
else:
# 用戶名或密碼錯誤
ret["status"] = 1
ret["msg"] = "用戶名或密碼錯誤!"
else:
ret["status"] = 1
ret["msg"] = "驗證碼錯誤!"
return JsonResponse(ret)
return render(request, "login2.html")
def post(self, request):
back_dic = {'code': 100, 'msg': ''}
# 从客户端拿数据
username = request.POST.get('username') # 从正确数据中获得用户名
# request.POST.get('username') # 或者从request.POST中获得姓名
password = request.POST.get('password')
# 获取极验滑动验证码相关的参数
gt = GeetestLib(pc_geetest_id, pc_geetest_key)
challenge = request.POST.get(gt.FN_CHALLENGE, '')
validate = request.POST.get(gt.FN_VALIDATE, '')
seccode = request.POST.get(gt.FN_SECCODE, '')
status = request.session[gt.GT_STATUS_SESSION_KEY]
user_id = request.session["user_id"]
if status:
result = gt.success_validate(challenge, validate, seccode, user_id)
else:
result = gt.failback_validate(challenge, validate, seccode)
if result:
user_obj = auth.authenticate(username=username, password=password)
if user_obj:
# 登录成功就记录当前登录状态
auth.login(request, user_obj)
log = Userlog()
log.ip = request.META['REMOTE_ADDR']
log.user = request.user
log.add_time = datetime.utcnow()
log.save()
back_dic['msg'] = "登录成功"
back_dic['url'] = '/index/'
else:
back_dic['code'] = 101
back_dic['msg'] = "用户名或密码错误"
else:
back_dic['code'] = 102
back_dic['msg'] = "验证码错误"
return JsonResponse(back_dic)
def validate_capthca():
if request.method == "POST":
gt = GeetestLib(captcha_id, private_key)
challenge = request.form[gt.FN_CHALLENGE]
validate = request.form[gt.FN_VALIDATE]
seccode = request.form[gt.FN_SECCODE]
status = session[gt.GT_STATUS_SESSION_KEY]
user_id = session.get("user_id", None)
if status:
result = gt.success_validate(challenge, validate, seccode, user_id)
else:
result = gt.failback_validate(challenge, validate, seccode)
if result:
# 验证安全,完成登录
_user = redis_store.get("pre_login")
if _user:
session["logged_in"] = _user
# 验证安全,完成添加留言
_body = redis_store.hgetall("pre_add_msg")
if _body:
title = _body.get("title")
message = _body.get("message")
user = User.query.filter_by(
username=session["logged_in"]).first()
msg = Message(title=title, body=message, user=user)
db.session.add(msg)
db.session.commit()
return redirect("/")
else:
return redirect("/login")
return render_template("validate.html")
def slide_login(request):
login_obj = LoginForm()
if request.method == "POST":
res = {'code': 0}
gt = GeetestLib(pc_geetest_id, pc_geetest_key)
challenge = request.POST.get(gt.FN_CHALLENGE, '')
validate = request.POST.get(gt.FN_VALIDATE, '')
seccode = request.POST.get(gt.FN_SECCODE, '')
status = request.session[gt.GT_STATUS_SESSION_KEY]
user_id = request.session["user_id"]
username = request.POST.get('username')
pwd = request.POST.get('password')
if status:
result = gt.success_validate(challenge, validate, seccode, user_id)
else:
result = gt.failback_validate(challenge, validate, seccode)
if result:
user = auth.authenticate(username=username, password=pwd)
login_obj = LoginForm(request.POST)
login_obj.is_valid()
if user:
# 用户名和密码正确
auth.login(request, user)
else:
# 用户名和密码错误
res['code'] = 1
res['err_msg'] = '用户名或者密码错误'
else:
# 滑动验证码验证失败
res = {'code': 2}
res = {'err_msg': '验证码不正确'}
# result = {"status": "success"} if result else {"status": "fail"}
return JsonResponse(res)
return render(request, 'login.html', {'login_obj': login_obj})
def submit(user_id, dummy=None):
if request.method != 'POST':
return render_template('submit.html', user_id=user_id)
gt = GeetestLib(pc_geetest_id, pc_geetest_key)
challenge = request.form[gt.FN_CHALLENGE]
validate = request.form[gt.FN_VALIDATE]
seccode = request.form[gt.FN_SECCODE]
status = session.get(gt.GT_STATUS_SESSION_KEY, None)
if status:
success = gt.success_validate(challenge, validate, seccode, user_id)
del session[gt.GT_STATUS_SESSION_KEY]
else:
success = False
if not success:
flash("验证失败")
return render_template('submit.html', user_id=user_id)
url = request.form.get('url', '').strip()
if len(url) == 0:
flash("内容为空")
return render_template('submit.html', user_id=user_id)
url_pattern = url_for('.base_path', user_id=user_id, _external=True)
if not url.startswith(url_pattern):
flash("URL必须以{}为开头".format(url_pattern))
return render_template('submit.html', user_id=user_id)
ret = spawn_chrome(user_id, url_pattern, url, request.headers['Host'], app)
if ret is None:
flash("Jumbo已经看过你提交的链接了.")
return redirect(url_for('.home', user_id=user_id))
app.logger.exception(ret)
flash("Unexpected error occurred")
return render_template('submit.html', user_id=user_id)
def login(request):
if request.method == "POST":
# 初始化登录状态字典
ret = {'status': False, 'mes': None}
# 获取极验所需验证信息
gt = GeetestLib(pc_geetest_id, pc_geetest_key)
challenge = request.POST.get(gt.FN_CHALLENGE, '')
validate = request.POST.get(gt.FN_VALIDATE, '')
seccode = request.POST.get(gt.FN_SECCODE, '')
status = request.session[gt.GT_STATUS_SESSION_KEY]
user_id = request.session["user_id"]
# 判断验证码是否正确
if status:
result = gt.success_validate(challenge, validate, seccode, user_id)
else:
result = gt.failback_validate(challenge, validate, seccode)
# 如果验证码正确,获取用户数据
if result:
# print(request.POST.get('username'))
# print(request.POST.get('userpass'))
userinfo = myforms.Login(request.POST)
# 通过校验
if userinfo.is_valid():
request.session['login_user_name'] = userinfo.cleaned_data[
'username']
ret['status'] = True
ret['mes'] = '/index/'
else:
ret['mes'] = userinfo.errors
# print(ret)
return HttpResponse(json.dumps(ret))
elif request.method == 'GET':
form_obj = myforms.Login()
return render(request, 'login.html', {'forms_obj': form_obj})
def login(request):
# 初始化一个给AJAX返回的数据
ret = {"status": 0, "msg": ""}
if request.method == "POST":
next = request.POST.get("next")
print(next)
user = request.POST.get("username")
pwd = request.POST.get("password")
# 获取极验 验证码相关的参数
gt = GeetestLib(pc_geetest_id, pc_geetest_key)
challenge = request.POST.get(gt.FN_CHALLENGE, '')
validate = request.POST.get(gt.FN_VALIDATE, '')
seccode = request.POST.get(gt.FN_SECCODE, '')
status = request.session[gt.GT_STATUS_SESSION_KEY]
user_id = request.session["user_id"]
if status:
result = gt.success_validate(challenge, validate, seccode, user_id)
else:
result = gt.failback_validate(challenge, validate, seccode)
if result:
# 判断用户名密码是否正确
user = auth.authenticate(username=user, password=pwd)
if user:
# 将登陆的用户封装到request.user
auth.login(request, user)
if next:
ret["msg"] = next
else:
ret["msg"] = "/index/"
else:
ret["status"] = 1
ret["msg"] = "用户名或密码错误"
else:
ret["status"] = 1
ret["msg"] = "验证码错误"
return JsonResponse(ret)
return render(request, "login.html")
