def register():
"""
注册
:param: username 账号
:param: password 密码
:param: confirm 重复密码
:param: email 邮箱
:param: nickname 昵称
:param: gender 性别
:return:
"""
if request.method == 'GET':
return render_template('auth/register.html')
username = request.form.get('username', '').strip()
password = request.form.get('password', '').strip()
confirm = request.form.get('confirm', '').strip()
nickname = request.form.get('nickname', '').strip()
email = request.form.get('email', '').strip()
gender = request.form.get('gender', '').strip()
code, msg = check_register_params(username, password, confirm, nickname,
email, gender)
if not code:
return jsonify(success=False, error=msg)
User.register(username=username,
password=password,
nickname=nickname,
email=email,
gender=gender)
return jsonify(success=True)
def register():
validated_data = User.validate_user(request.form)
if validated_data:
user = user_schema.dump(request.form)
create_user = User.register_user(user.data)
if create_user:
flash('User successfully added', 'success')
return redirect('/')
flash('There has been an error', 'error')
return redirect('/')
def login():
validated_data = User.validate_login_data(request.form)
if validated_data:
user = user_schema.dump(request.form)
result = User.login_user(user.data)
if result:
session['userid'] = result.id
return redirect('/dashboard')
flash('You could not be logged in', 'error')
return redirect('/')
def edit_user(id):
if 'userid' not in session:
return redirect('/')
user = User.query.get(id)
if user.id != session['userid']:
flash('You cannot edit this user', 'error')
return redirect('/users/id')
if request.method == 'POST':
data = user_schema.dump(request.form)
User.update_user(data.data)
flash('Updated', 'success')
return render_template('user_profile.html', user=user, edit=True)
def post(self):
args = req_parser(*register_args)
if User.objects(email_id=args['email_id']).first():
abort(409, message="'{0}' already exists".format(args['email_id']))
user = User(email_id=args['email_id'],
first_name=args['first_name'],
last_name=args['last_name'],
password=args['password'],
phone_num=args['phone_num'],
company_name=args['company_name'])
user.save()
return jsonify({"message": "registered successfully"})
def login():
"""
登录
:param: username 账号
:param: password 密码
:param: remember 记住
:return:
"""
if request.method == 'GET':
return render_template('auth/login.html')
username = request.form.get('username', '').strip()
password = request.form.get('password', '').strip()
remember = request.form.get('remember', '').strip()
remember = True if remember else False
code, msg = check_login_params(username, password)
if not code:
return jsonify(success=False, error=msg)
user = User.get_user_by_username(username)
if not user:
return jsonify(success=False, error='账户或密码不正确')
if not user.validate_password(password):
return jsonify(success=False, error='账户或密码不正确')
login_user(user, remember) # 登录
identity_changed.send(current_app._get_current_object(),
identity=Identity(user.id)) # 发送信号,载入用户权限
return jsonify(success=True,
url=request.args.get('next') or url_for('index.index'))
def put(self):
args = req_parser(*otp_verify_args)
user = User.objects(email_id=args['user_id']).first()
if user and user.otp == args['otp']:
user.update(verified=True)
return jsonify({"message": "success"})
else:
abort(404, message="user not found/invalid OTP")
def get(self, urlsafe):
try:
user_id = URLSafeSerializer(secretKey).loads(urlsafe)
except BadSignature:
abort(404)
user = User.objects(email_id=user_id).first()
user.update(verified=True)
return jsonify({"message": "success"})
def check_register_params(username, password, confirm, nickname, email,
gender):
"""
检查注册参数
:param: username 账号
:param: password 密码
:param: confirm 重复密码
:param: email 邮箱
:param: nickname 昵称
:param: gender 性别
:return:
"""
if not regex_username(username):
return False, '账号是6-20位字母或者数字'
user = User.get_user_by_username(username)
if user:
return False, '账户【{0}】已存在'.format(username)
if not regex_password(password):
return False, '密码是6-20位字母和数字的组合'
if password != confirm:
return False, '两次输入的密码不一致'
if not regex_nickname(nickname):
return False, '昵称是1-10位中文、字母或者数字'
user = User.get_user_by_nickname(nickname)
if user:
return False, '昵称【{0}】已存在'.format(nickname)
if not regex_email(email):
return False, '邮箱格式不正确'
user = User.get_user_by_email(email)
if user:
return False, '邮箱【{0}】已被使用'.format(email)
if gender not in [MALE, FEMALE]:
return False, '请选择性别'
return True, None
def get(self):
user = User.objects(email_id=current_identity.username).first()
if user.verified:
return jsonify({
"id": user.email_id,
"modified_date": str(user.date_modified)
})
else:
return abort(401, message="please verify the account")
def as_dict(self):
return {
'id': self.id,
'name': self.name,
'desc': self.desc,
'creator_id': self.creator_id,
'creator': User.get_username(self.creator_id),
'created_at': format_datetime(self.created_at, '%Y-%m-%d'),
'members': self.members
}
def post(self):
args = req_parser(*otp_generate_args)
user = User.objects(email_id=args['user_id']).first()
if user and user.email_id == args['user_id']:
otp = generate_otp()
user.update(otp=otp)
sms_client = twilioSMSUtil(twilioAccountSid, twilioToken,
twilioFromNumber, user.phone_num)
return jsonify(sms_client.send_sms(OTPTemplate, otp=otp))
else:
abort(404)
def post(self):
args = req_parser(*otp_generate_args)
user = User.objects(email_id=args['user_id']).first()
if user and user.email_id == args['user_id']:
otp = generate_otp()
user.update(otp=otp)
mail = emailUtil(emailHost, subjectForOTPEmail, fromEmailForOTP,
[user.email_id], emailPort, emailPassword)
mail.send_mail(mail.message(OTPTemplate, otp=otp))
return jsonify({"message": "success"})
else:
return abort(404, message="user not registered")
def post(self):
args = req_parser(*link_generate_args)
user = User.objects(email_id=args['user_id']).first()
if user and user.email_id == args['user_id']:
payload = URLSafeSerializer(secretKey).dumps(user.email_id)
sms_client = twilioSMSUtil(twilioAccountSid, twilioToken,
twilioFromNumber, user.phone_num)
return jsonify(
sms_client.send_sms(LinkTemplate,
domain=request.url_root,
payload=payload))
else:
abort(404)
def post(self):
args = req_parser(*link_generate_args)
user = User.objects(email_id=args['user_id']).first()
if user and user.email_id == args['user_id']:
payload = URLSafeSerializer(secretKey).dumps(user.email_id)
mail = emailUtil(emailHost, subjectForOTPEmail, fromEmailForOTP,
[user.email_id], emailPort, emailPassword)
mail.send_mail(
mail.message(LinkTemplate,
domain=request.url_root,
payload=payload))
return jsonify({"message": "success"})
else:
return abort(404, message="user not registered")
def add_user(user: List) -> bool:
session = session_factory()
# check for duplicate email
if get_user_by_email(user[2]):
print(f'This email already exists')
return True
new_user = User(f_name=user[0], l_name=user[1], email=user[2])
session.add(new_user)
session.commit()
session.close()
return True
def identity(payload):
user_id = payload['identity']
user = User.objects(email_id=user_id).first()
return user_auth(user.email_id, user.password)
def check_email():
email_exists = User.email_taken(request.form['email'])
if email_exists['available']:
return {'code': 'text-success', 'message': 'Email available'}
return {'code': 'text-danger', 'message': email_exists['message']}
def authenticate(username, password):
user = User.objects(email_id=username).first()
if user and safe_str_cmp(user.password.encode('utf-8'),
password.encode('utf-8')):
return user_auth(user.email_id, user.password)
def run():
for u in User.objects(deleted_at=None):
print u.id, u.nickname
def func4():
return [u.nickname for u in User.objects(deleted_at=None)]