def pic_info():
"""
修改头像页面
:return: 'POST'=json
"""
user = g.user
if not user:
return redirect('/')
if request.method == 'GET':
data = {'user': user.to_dict()}
return render_template('news/user_pic_info.html', data=data)
elif request.method == 'POST':
# 获取参数
try:
avatar = request.files.get('avatar').read()
except Exception as e:
current_app.logger.error(e)
return jsonify(errno=RET.DATAERR, errmsg='数据错误')
# 上传图片
try:
url = storage(avatar)
except Exception as e:
current_app.logger.error(e)
return jsonify(errno=RET.THIRDERR, errmsg='上传失败')
# 将url保存到数据库
user.avatar_url = url
db_commit(db)
data = {'avatar_url': constants.QINIU_DOMIN_PREFIX + url}
return jsonify(errno=RET.OK, errmsg='上传成功', data=data)
def pass_info():
"""
修改密码页面
:return: 'POST'=json
"""
user = g.user
if not user:
return redirect('/')
if request.method == 'GET':
return render_template('news/user_pass_info.html')
elif request.method == 'POST':
# 获取参数
resp = request.json
old_password = resp.get('old_password')
new_password = resp.get('new_password')
# 校验参数
if not all(['old_password', 'new_password']):
return jsonify(errno=RET.PARAMERR, errmsg='参数不全')
# 校验密码
if user.check_password(old_password):
user.password = new_password
else:
return jsonify(errno=RET.PWDERR, errmsg='密码错误')
db_commit(db)
# 密码修改成功后,修改session中的信息
session['id'] = user.id
session['password'] = user.password_hash
return jsonify(errno=RET.OK, errmsg='密码修改成功')
def do_edit():
"""
确认审核:accept/reject
:return: json
"""
# 接收参数
resp = request.form
news_id = resp.get("news_id")
title = resp.get("title")
digest = resp.get("digest")
content = resp.get("content")
index_image = request.files.get("index_image")
category_id = resp.get("category_id")
# 校验参数
if not all([news_id, title, digest, content, category_id]):
return jsonify(errno=RET.PARAMERR, errmsg="参数错误")
try:
news_id = int(news_id)
category_id = int(category_id)
except Exception as e:
current_app.logger.error(e)
return jsonify(errno=RET.PARAMERR, errmsg="参数错误")
# 查询新闻
news = News
try:
news = News.query.get(news_id)
except Exception as e:
current_app.logger.error(e)
if not news:
return jsonify(errno=RET.NODATA, errmsg="未查询到数据")
if index_image:
try:
index_image = index_image.read()
key = storage(index_image)
except Exception as e:
current_app.logger.error(e)
return jsonify(errno=RET.THIRDERR, errmsg='图片上传错误')
news.index_image_url = constants.QINIU_DOMIN_PREFIX + key
news.title = title
news.digest = digest
news.category_id = category_id
news.content = content
news.update_time = datetime.datetime.now()
db_commit(db)
return jsonify(errno=RET.OK, errmsg='操作成功')
def category_edit():
"""
新闻分类管理
:return:
"""
if request.method == 'GET':
try:
categories = Category.query.filter(Category.id != 1).all()
except Exception as e:
current_app.logger.error(e)
return redirect(url_for('admin.index'))
data = {'categories': categories}
return render_template('admin/news_type.html', data=data)
elif request.method == 'POST':
# 接收参数
resp = request.json
category_id = resp.get('id')
category_name = resp.get('name')
if not category_name:
return jsonify(errno=RET.PARAMERR, errmsg='参数错误')
if category_id:
try:
category_id = int(category_id)
except Exception as e:
current_app.logger.error(e)
return jsonify(errno=RET.PARAMERR, errmsg='参数错误')
try:
category = Category.query.get(category_id)
except Exception as e:
current_app.logger.error(e)
return jsonify(errno=RET.DBERR, errmsg='数据库错误')
if category:
category.name = category_name
else:
return jsonify(errno=RET.NODATA, errmsg='数据错误')
else:
category = Category()
category.name = category_name
db.session.add(category)
db_commit(db)
return jsonify(errno=RET.OK, errmsg='操作成功')
def register():
"""
点击注册实现验证并注册
:return:
"""
# 获取参数和判断是否有值
resp = request.json
mobile = resp.get('mobile')
sms_code = resp.get('sms_code')
password = resp.get('password')
if not all([mobile, sms_code, password]):
return jsonify(errno=RET.PARAMERR, errmsg='参数不全')
# 从Redis中获取指定手机号对应的短信验证码的
try:
real_sms_code = redis_store.get('SMSCode_' + mobile)
except Exception as e:
current_app.logger.error(e)
return jsonify(errno=RET.DATAERR, errmsg='查询失败')
# 判断验证码是否过期
if not real_sms_code:
return jsonify(errno=RET.NODATA, errmsg='验证码已失效')
# 校验验证码
if sms_code != real_sms_code:
return jsonify(errno=RET.DATAERR, errmsg='验证码错误')
# 初始化user模型,并设置数据并添加到数据库
user = User()
user.mobile = mobile
user.nick_name = mobile
user.create_time = datetime.now()
user.last_login = datetime.now()
# 设置password属性会自动设置password_hash
user.password = password
# 保存当前用户的状态
db.session.add(user)
db_commit(db)
# 保存用户登录状态
session['id'] = user.id
session['password'] = user.password_hash
session['is_admin'] = user.is_admin
# 返回注册的结果
return jsonify(errno=RET.OK, errmsg='注册成功')
def make_review():
"""
确认审核:accept/reject
:return: json
"""
# 接收参数
resp = request.json
news_id = resp.get('news_id')
action = resp.get('action')
reason = resp.get('reason')
# 校验参数
if not all([news_id, action]):
return jsonify(errno=RET.PARAMERR, errmsg='参数错误')
if action not in ['accept', 'reject']:
return jsonify(errno=RET.PARAMERR, errmsg='参数错误')
try:
news_id = int(news_id)
except Exception as e:
current_app.logger.error(e)
return jsonify(errno=RET.PARAMERR, errmsg='参数错误')
# 根据news_id查询新闻
try:
news = News.query.get(news_id)
except Exception as e:
current_app.logger.error(e)
return jsonify(errno=RET.DBERR, errmsg='查询错误')
if not news:
return jsonify(errno=RET.NODATA, errmsg='新闻不存在')
if news.status != 1:
return redirect(url_for('admin.news_review'))
if action == 'accept':
news.status = 0
elif action == 'reject':
if not reason:
jsonify(errno=RET.PARAMERR, errmsg='参数错误')
else:
news.status = -1
news.reason = reason
db_commit(db)
return jsonify(errno=RET.OK, errmsg='操作成功')
def news_comment():
"""
评论新闻
:return: json
"""
# 判断是否登录
user = g.user
if not user:
return jsonify(errno=RET.SESSIONERR, errmsg='用户未登录')
# 获取参数
resp = request.json
news_id = resp.get('news_id')
comment_info = resp.get('comment')
parent_id = resp.get('parent_id')
# 校验参数
if not all([news_id, comment_info]):
return jsonify(errno=RET.PARAMERR, errmsg='参数错误')
# 根据新闻id查询新闻,校验是否存在
get_news(news_id)
# 初始化评论模型
comment = Comment()
comment.user_id = user.id
comment.news_id = news_id
comment.content = comment_info
if parent_id:
try:
parent_id = int(parent_id)
except Exception as e:
current_app.logger.error(e)
return jsonify(errno=RET.PARAMERR, errmsg='参数错误')
comment.parent_id = parent_id
# 将数据添加到数据库
db.session.add(comment)
db_commit(db)
data = comment.to_dict()
return jsonify(errno=RET.OK, errmsg='评论成功', data=data)
def login():
"""
登录功能逻辑
:return:
"""
# 获取参数和判断是否有值
resp = request.json
mobile = resp.get('mobile')
password = resp.get('password')
if not all([mobile, password]):
return jsonify(errno=RET.PARAMERR, errmsg='参数不全')
# 判断手机号是否合法
if not re.match(r'^1[3456789]\d{9}$', mobile):
return jsonify(errno=RET.DATAERR, errmsg='用户不存在')
# 从数据库查询出指定的用户
try:
user = User.query.filter(User.mobile == mobile).first()
except Exception as e:
current_app.logger.error(e)
return jsonify(errno=RET.DBERR, errmsg='查询失败')
# 判断用户是否存在
if not user:
return jsonify(errno=RET.NODATA, errmsg='用户不存在')
# 校验密码
if not user.check_password(password):
return jsonify(errno=RET.PWDERR, errmsg='用户名或密码错误')
# 保存用户登录状态
session['id'] = user.id
session['password'] = user.password_hash
session['is_admin'] = user.is_admin
# 记录用户最后一次登录时间 # FIXME: 逻辑需要修正
user.last_login = datetime.now()
db_commit(db)
return jsonify(errno=RET.OK, errmsg='登陆成功')
def followed_user():
"""
关注与取消关注
:return:
"""
# 判断登录
user = g.user
if not user:
return jsonify(errno=RET.SESSIONERR, errmsg="未登录")
# 获取参数
author_id = request.json.get("user_id")
action = request.json.get("action")
# 校验参数
if not all([author_id, action]):
return jsonify(errno=RET.PARAMERR, errmsg="参数错误")
if action not in ("follow", "unfollow"):
return jsonify(errno=RET.PARAMERR, errmsg="参数错误")
# 查询作者
try:
author = User.query.get(author_id)
except Exception as e:
current_app.logger.error(e)
return jsonify(errno=RET.DBERR, errmsg="数据库错误")
if not author:
return jsonify(errno=RET.NODATA, errmsg="数据错误")
if action == "follow" and author not in user.followed:
user.followed.append(author)
elif action == "unfollow" and author in user.followed:
user.followed.remove(author)
else:
return jsonify(errno=RET.DATAEXIST, errmsg='错误的操作')
db_commit(db)
return jsonify(errno=RET.OK, errmsg="操作成功")
def base_info():
"""
修改个人信息页面
:return: 'POST'=json
"""
user = g.user
if not user:
return redirect('/')
if request.method == 'GET':
data = {'user': user.to_dict()}
return render_template('news/user_base_info.html', data=data)
elif request.method == 'POST':
# 获取参数
resp = request.json
nick_name = resp.get('nick_name')
signature = resp.get('signature')
gender = resp.get('gender')
# 校验参数
if not all([nick_name, signature, gender]):
return jsonify(errno=RET.PARAMERR, errmsg='参数不全')
if len(nick_name) > 32 or len(signature) > 128 or gender not in [
'MAN', 'WOMAN'
]:
return jsonify(errno=RET.PARAMERR, errmsg='参数错误')
user.nick_name = nick_name
user.signature = signature
user.gender = gender
db_commit(db)
return jsonify(errno=RET.OK, errmsg='更新成功')
def news_collect():
"""
收藏和取消收藏
:return: json
"""
# 判断是否登录
user = g.user
if not user:
return jsonify(errno=RET.SESSIONERR, errmsg='用户未登录')
# 获取参数
resp = request.json
news_id = resp.get('news_id')
action = resp.get('action')
# 校验参数
if not all([news_id, action]):
return jsonify(errno=RET.PARAMERR, errmsg='参数不全')
if action not in ['collect', 'cancel_collect']:
return jsonify(errno=RET.PARAMERR, errmsg='参数错误')
# 根据新闻id查询新闻
news = get_news(news_id)
# 代码执行到此说明用户已经登录,且新闻存在
if action == 'cancel_collect' and news in user.collection_news:
user.collection_news.remove(news)
elif action == 'collect' and news not in user.collection_news:
user.collection_news.append(news)
else:
return jsonify(errno=RET.DATAEXIST, errmsg='错误的操作')
db_commit(db)
return jsonify(errno=RET.OK, errmsg='收藏成功')
def news_release():
"""
用户中心发布新闻页
:return: 'POST'=json
"""
if request.method == 'GET':
# 查询新闻种类
categories = list()
try:
categories = Category.query.filter(Category.id != 1).all()
except Exception as e:
current_app.logger.error(e)
category_dict_li = list()
for item in categories:
category_dict_li.append(item.to_dict())
data = {'categories': category_dict_li}
return render_template('news/user_news_release.html', data=data)
elif request.method == 'POST':
# 校验登录
user = g.user
if not user:
return redirect('/')
# 获取参数
resp = request.form
title = resp.get('title')
category_id = resp.get('category_id')
digest = resp.get('digest')
index_image = request.files.get('index_image')
content = resp.get('content')
# 校验参数
if not all([title, category_id, digest, index_image, content]):
return jsonify(errno=RET.PARAMERR, errmsg='参数不全')
try:
category_id = int(category_id)
except Exception as e:
current_app.logger.error(e)
return jsonify(errno=RET.PARAMERR, errmsg='参数错误')
if len(title) > 256 or len(digest) > 512:
return jsonify(errno=RET.PARAMERR, errmsg='参数错误')
# 读取图片, 存入七牛
try:
index_image = index_image.read()
index_image_url = constants.QINIU_DOMIN_PREFIX + storage(
index_image)
except Exception as e:
current_app.logger.error(e)
return jsonify(errno=RET.THIRDERR, errmsg='上传图片错误')
# 初始化新闻对象
news = News()
news.title = title
news.category_id = category_id
news.digest = digest
news.index_image_url = index_image_url
news.content = content
news.source = '个人发布'
news.user_id = user.id
news.status = 1
# 将对象保存到数据库
db.session.add(news)
db_commit(db)
return jsonify(errno=RET.OK, errmsg='新闻发布成功等待审核')
def comment_like():
"""
点赞和取消点赞功能
:return: json
"""
# 校验用户是否登录
user = g.user
if not user:
return jsonify(errno=RET.SESSIONERR, errmsg='用户未登录')
# 获取参数
resp = request.json
comment_id = resp.get('comment_id')
action = resp.get('action')
# 校验参数
if not all([comment_id, action]):
return jsonify(errno=RET.PARAMERR, errmsg='参数不全')
if action not in ['add', 'remove']:
return jsonify(errno=RET.PARAMERR, errmsg='参数错误')
try:
comment_id = int(comment_id)
except Exception as e:
current_app.logger.error(e)
return jsonify(errno=RET.PARAMERR, errmsg='参数错误')
# 根据comment_id查询评论,校验是否存在
comment = None
try:
comment = Comment.query.get(comment_id)
except Exception as e:
current_app.logger.error(e)
if not comment:
return jsonify(errno=RET.NODATA, errmsg='评论不存在')
# 代码执行到此说明用户登录,且评论存在
# 查询当前评论是否被当前用户点攒
try:
comment_like = CommentLike.query.filter(
CommentLike.user_id == user.id,
CommentLike.comment_id == comment_id).first()
except Exception as e:
current_app.logger.error(e)
return jsonify(errno=RET.DBERR, errmsg='查询错误')
if action == 'add' and not comment_like:
# 生成点攒
new_comment_like = CommentLike()
new_comment_like.user_id = user.id
new_comment_like.comment_id = comment_id
db.session.add(new_comment_like)
# 点赞数+1
comment.like_count += 1
elif action == 'remove' and comment_like:
# 删除点攒
db.session.delete(comment_like)
# 点赞数-1
comment.like_count -= 1
else:
return jsonify(errno=RET.DATAEXIST, errmsg='错误的操作')
db_commit(db)
return jsonify(errno=RET.OK, errmsg="操作成功")