def post(self):
name = request.form.get('name')
show_name = request.form.get('show_name')
password = request.form.get('password')
email = request.form.get('email')
forget_password = request.form.get('forget_password')
group_id = session.get('group_id')
hash_pwd = creat_hash(password)
if name and show_name and password and email:
if name.isalnum():
real_folder = '/' + name + datetime.now().strftime('%Y%m%d%H%M%f')
vail_date = datetime.now() + timedelta(days=1500)
os.mkdir(f'static/disk{real_folder}')
if group_id:
user = Users(name, show_name, hash_pwd, forget_password, email, real_folder=real_folder,
valid_date=vail_date, authority=2, user_group_id=group_id)
else:
user = Users(name, show_name, hash_pwd, forget_password, email, real_folder=real_folder,
valid_date=vail_date, authority=2)
db.session.add(user)
db.session.commit()
return jsonify({'status': 'ok', 'msg': name})
else:
return jsonify({'status': 'error', 'msg': '抱歉用户名必须是字母或字母数字组合'})
else:
return jsonify({'status': 'error', 'msg': '获取的数据不完整,无法注册'})
def post(self):
save_password = True if request.form.get('save_password') else False
name = request.form.get('name')
password = request.form.get('password')
if password and name:
hash_pwd = creat_hash(password)
check_user = db.session.query(Users).filter(Users.name == name, Users.password == hash_pwd).one_or_none()
if check_user:
if check_user.authority != 3:
session['show_name'] = check_user.show_name
session['name'] = check_user.name
session['user_id'] = check_user.id
login_time = str(time.time())
check_user.login_time = login_time
db.session.commit()
if save_password:
resp = make_response(redirect(url_for('manage.home')))
resp.set_cookie('user_name', check_user.name, expires=datetime.now() + timedelta(days=15))
resp.set_cookie('save_id', check_user.password, expires=datetime.now() + timedelta(days=15))
resp.set_cookie('login_time', login_time, expires=datetime.now() + timedelta(days=15))
return resp
resp = make_response(redirect(url_for('manage.home')))
resp.set_cookie('user_name', check_user.name)
resp.set_cookie('save_id', check_user.password)
resp.set_cookie('login_time', login_time)
return resp
else:
return '您的账户处于封禁期,无法登陆!'
else:
flash('用户名和密码不匹配,请重新输入!')
return render_template('admin/login.html')
else:
flash('用户名和密码必填,请输入!')
return render_template('admin/login.html')
def get(self):
user_id = request.args.get('key')
if user_id:
user = db.session.query(Users).filter(Users.id == user_id).one_or_none()
if user:
if user.register_key == 'ok':
newpwd = creat_hash('666666')
user.password = newpwd
user.register_key = '0'
db.session.commit()
return redirect(url_for('.login'))
else:
return '修改错误'
else:
return '修改错误'
def post(self):
check_user = check_login()
if check_user is None:
return redirect(url_for('admin.login'))
if check_user == -1:
return '抱歉您的账号过期,请联系管理员'
user_id = session.get('user_id')
username = db.session.query(Users).filter(Users.id == user_id).one_or_none()
show_name = request.form.get('show_name')
email = request.form.get('email')
oldpwd = request.form.get('oldpwd')
newpwd = request.form.get('newpwd')
pwd = request.form.get('pwd')
fgpwd = request.form.get('fgpwd')
user_id = session.get('user_id')
reg_key = request.form.get('reg_key')
if show_name:
if len(show_name) > 15:
return jsonify({'status': 'error', 'msg': '用户名长度不能大于15个字符!'})
else:
if len(show_name) < 3:
return jsonify({'status': 'error', 'msg': '用户名长度不能小于3个字符!'})
elif username.authority in [0, 1]:
user = db.session.query(Users).filter(Users.id == user_id).one_or_none()
user.show_name = show_name
db.session.commit()
return jsonify({'status': 'ok', 'msg': '用户名修改成功'})
else:
return jsonify({'status': 'error', 'msg': '您无法修改用户名,如需修改请联系管理员'})
elif email:
if len(email) < 50:
user = db.session.query(Users).filter(Users.id == user_id).one_or_none()
keys = creat_hash(str(time.clock()))
user.share_key = keys
db.session.commit()
urls = f'{WEB_URL}/admin/changeInfo/?uId={user_id}&email={email}&key={keys}'
body = f'您正在使用易云提供的服务,修改邮箱请点击链接,如您没有进行此操作,请忽略此邮件: {urls}'
try:
em = SendEmail()
# threading.Thread(target=em.Send, args=(email, 'yun cluod', body)).start()
em.Send(email, 'yun cluod', body)
return jsonify({'status': 'ok', 'msg': '请前往对应邮箱点击链接完成修改'})
except Exception as e:
return jsonify({'status': 'error', 'msg': f'抱歉抱歉向目标邮箱发送邮件失败,code: {e}'})
else:
return jsonify({'status': 'error', 'msg': '抱歉邮箱字符长度不能大于50个字符!'})
elif oldpwd and newpwd:
haold = creat_hash(oldpwd)
user = db.session.query(Users).filter(Users.id == user_id, Users.password == haold).one_or_none()
if user:
if len(newpwd) > 15:
return jsonify({'status': 'error', 'msg': '新密码长度不能大于15个字符!'})
else:
if len(newpwd) < 3:
return jsonify({'status': 'error', 'msg': '新密码长度不能小于3个字符!'})
else:
hanew = creat_hash(newpwd)
user.password = hanew
db.session.commit()
return jsonify({'status': 'ok', 'msg': '密码修改成功'})
else:
return jsonify({'status': 'error', 'msg': '您输入的旧密码有误'})
elif pwd and fgpwd:
haold = creat_hash(pwd)
user = db.session.query(Users).filter(Users.id == user_id, Users.password == haold).one_or_none()
if user:
if len(pwd) > 15:
return jsonify({'status': 'error', 'msg': '密保不能大于15个字符!'})
else:
if len(pwd) < 3:
return jsonify({'status': 'error', 'msg': '密保不能小于3个字符!'})
else:
user.password_forget = fgpwd
db.session.commit()
return jsonify({'status': 'ok', 'msg': '密保修改成功'})
else:
return jsonify({'status': 'error', 'msg': '您输入的密码有误'})
elif reg_key:
user = db.session.query(Users).filter(Users.id == user_id).one_or_none()
if user:
key = creat_hash(user.name + str(time.time()))
user.register_key = key
db.session.commit()
return jsonify({'status': 'ok', 'msg': key})
else:
return jsonify({'status': 'error', 'msg': 'failed'})
else:
user = db.session.query(Users).filter(Users.id == user_id).one_or_none()
user.authority = 55
db.session.commit()
return {'status': 'error', 'msg': '系统判定您的操作非法!账户已被临时封禁'}