def check_user(): name = request.form.get('name', '') password = request.form.get('password', '') user = User.get_by_name(name) or User.get_by_email(name) if not (user and user.check_password(password)): return jsonify({'message': 'no'}), 403 return jsonify({'message': 'yes'}), 200
def init_global_vars(): g.user = None if 'id' in session: g.user = User.get(session['id']) g.redir = request.args.get('redirect', '') g.start = request.args.get('start', type=int, default=0) g.limit = request.args.get('limit', type=int, default=20)
def sudo(): user_id = request.form['user_id'] user = User.get(user_id) if not user: return jsonify({'message': 'not found'}), 404 user.sudo() return jsonify({'message': 'ok'}), 200
def get_user(user_id): u = User.get(user_id) if not u: return {}, 404 user = request.oauth.user private = bool(user.privilege) or user.id == user_id return u.to_dict(private=private), 200
def send_emails(): with app.app_context(): users, total = User.list_users() for u in users: if u.id: if not u.send_doc_email(): print '!!! sending doc email error !!!' else: print 'uid error' print 'all emails have been sent.'
def delete_user(): user_id = request.form['user_id'] user = User.get(user_id) if not user: return jsonify({'message': 'not found'}), 404 pubkey = RSAKey.get_by_user_id(user_id) if pubkey: pubkey.delete() user.delete() return jsonify({'message': 'ok'}), 200
def login(): if request.method == 'GET': if not g.user: return render_template('/login.html') return redirect(url_for('ui.index')) name = request.form['name'] password = request.form['password'] if not (name and password): flash(u'你有些忘记填了', 'error') return render_template('/login.html') u = User.get_by_name(name) or User.get_by_email(name) if not (u and u.check_password(password)): flash(u'密码错了, 或者你就不存在啊', 'error') return render_template('/login.html') login_user(u) redir = request.values.get('redirect', url_for('ui.index')) return redirect(redir)
def register(): if request.method == 'GET': return render_template('/register.html') name = request.form['name'] email = request.form['email'] password = request.form['password'] real_name = request.form['real_name'] if not (name and email and password and real_name): flash(u'你有些忘记填了', 'error') return render_template('/register.html') u = User.create(name, email, password, real_name) if not u: flash(u'已经存在, 登录去吧', 'error') return render_template('/register.html') return redirect(url_for('admin.index'))
def forget_password(): if request.method == 'GET': return render_template('/forget_password.html', email='') email = request.form['email'] user = User.get_by_email(email) if not user: flash(u'没这个人啊', 'error') return render_template('/forget_password.html', email='') message = Message( subject=u'重置内网 OPENID 密码', sender=MAIL_USERNAME, recipients=[email] ) message.html = render_template('/email/reset_password.html', user=user) mail.send(message) return render_template('/forget_password.html', email=email)
def edit(uid): u = User.get(uid) if not u: abort(403) if request.method == 'GET': return render_template('/admin_edit.html', user=u) name = request.form['name'] email = request.form['email'] password = request.form['password'] real_name = request.form['real_name'] if not (name and email and real_name): flash(u'你有些忘记填了', 'error') return render_template('/admin_edit.html', user=u.id) u.edit(name, email, password, real_name) return redirect(url_for('admin.index'))
def reset_password(token): user = User.get_by_token(token) if not user: flash(u'没有这个人啊', 'error') return render_template('/reset_password.html', token=token) if request.method == 'GET': return render_template('/reset_password.html', token=token) password = request.form['password'] confirm_password = request.form['confirm_password'] if password != confirm_password: flash(u'两次输入不对, 你是鱼么这么快就忘记了', 'error') return render_template('/reset_password.html', token=token) user.set_password(password) user.refresh_token() login_user(user) return redirect(url_for('ui.index'))
def index(): admin = request.args.get('admin') users, total = User.list_users(admin=admin, start=g.start, limit=g.limit) return render_template('/admin.html', users=users, total=total, endpoint='admin.index', admin=admin)
def get_token(): name = request.form['name'] user = User.get_by_name(name) if user: return user.token, 200 return '', 400
def get_users(): users, _ = User.list_users(g.start, g.limit) private = bool(request.oauth.user.privilege) return [u.to_dict(private=private) for u in users if u], 200