def send():
# 获得用户名
# 通过用户名获得用户id
form = request.form.to_dict()
name = form['username']
# log('username', name)
u = User.one(username=name)
# u = current_user()
# 生成token
token = str(uuid.uuid4())
# 普通存对应关系
# csrf_tokens[token] = u.id
id = u.id
# 存对应关系
cache.set(token, id)
# 发送邮件
# log('csrf_tokens', csrf_tokens)
receiver: User = User.one(id=u.id)
# reset_link = 'http://localhost:3000/reset/edit?token={}'.format(token)
reset_link = 'http://49.235.39.6/reset/edit?token={}'.format(token)
content = '点击链接重置密码:{}\n'.format(reset_link, )
send_mail(
subject='重置密码',
author=admin_mail,
to=receiver.email,
content=content,
)
return render_template('login.html')
def replied_topic(user_id):
# O(k)+O(m*n)
# rs = Reply.all(user_id=user_id)
# ts = []
# for r in rs:
# t = Topic.one(id=r.topic_id)
# ts.append(t)
# return ts
#
# sql = """
# select * from topic
# join reply on reply.topic_id=topic.id
# where reply.user_id=1
# """
k = 'replied_topic_{}'.format(user_id)
if cache.exists(k):
v = cache.get(k)
ts = json.loads(v)
return ts
else:
rs = Reply.all(user_id=user_id)
ts = []
for r in rs:
t = Topic.one(id=r.topic_id)
ts.append(t)
v = json.dumps([t.json() for t in ts])
cache.set(k, v)
return ts
def created_topic(user_id):
k = 'created_topic_{}'.format(user_id)
if cache.exists(k):
v = cache.get(k)
ts = json.loads(v)
ts = [Topic(**t) for t in ts]
return ts
else:
ts = Topic.all(user_id=user_id)
v = json.dumps([t.json() for t in ts])
cache.set(k, v)
return ts
def authenticate():
form = request.form
u = User.validate_login(form)
if u is None:
return redirect(url_for('login.login'))
else:
session_id = str(uuid.uuid4())
k = 'sessions_{}'.format(session_id)
v = u.id
cache.set(k, v)
session['session_id'] = session_id
# 设置 cookie 有效期为 永久
session.permanent = True
return redirect(url_for('topic.index'))
def login():
form = request.form
u = User.validate_login(form)
if u is None:
return redirect(url_for('.index'))
else:
session_id = str(uuid.uuid4())
key = 'session_id_{}'.format(session_id)
log('index login key <{}> user_id <{}>'.format(key, u.id))
cache.set(key, u.id)
redirect_to_index = redirect(url_for('topic.index'))
response = current_app.make_response(redirect_to_index)
response.set_cookie('session_id', value=session_id)
return response
def send():
username = request.form.get('username', '')
user = User.one(username=username)
token = str(uuid.uuid4())
k = 'csrf_tokens_{}'.format(token)
v = user.id
cache.set(k, v)
title = 'reset password'
content = 'http://localhost:3000/reset/view?token=' + token
sender_id = 100
receiver_id = user.id
Message.send(title, content, sender_id, receiver_id)
return redirect(url_for('login.login'))
def login():
form = request.form
u = User.validate_login(form)
if u is None:
return redirect(url_for('.index'))
else:
# 将session 存写入 redis
session_id = str(uuid.uuid4())
key = 'session_id_{}'.format(session_id)
cache.set(key, u.id)
# 设置header中set-cookie字段 并指定跳转路由
redirect_to_index = redirect(url_for('topic.index'))
response = current_app.make_response(redirect_to_index)
response.set_cookie('session_id', value=session_id)
# 转到 topic.index 页面
return response
def send():
form = request.form.to_dict()
username = form['username']
u = User.one(username=username)
if u is not None:
token = str(uuid.uuid4())
cache.set(token, u.id)
cache.expire(token, 1800)
title = '来自 {} 的密码找回信件'.format(u.username)
content = 'http://www.corgist.xyz/reset/view?token={}'.format(token)
Messages.send(title=title,
content=content,
sender_id=1,
receiver_id=u.id)
else:
abort(404)
return redirect(url_for('.index'))
def replied_topic(user_id):
k = 'replied_topic_{}'.format(user_id)
if cache.exists(k):
v = cache.get(k)
ts = json.loads(v)
return ts
else:
rs = Reply.all(user_id=user_id)
ts = []
for r in rs:
t = Topic.one(id=r.topic_id)
ts.append(t)
v = json.dumps([t.json() for t in ts])
cache.set(k, v)
return ts
def login():
form = request.form
u = User.validate_login(form)
if u is None:
log('账号或密码错误,登录失败!')
return redirect(url_for('.index'))
else:
# flask session 改为 redis 存储的session
session_id = str(uuid.uuid4())
key = 'session_id_{}'.format(session_id)
cache.set(key, u.id)
redirect_to_index = redirect(url_for('topic.index'))
response = current_app.make_response(redirect_to_index)
response.set_cookie('session_id', value=session_id, max_age=3600)
return response
def reset():
"""
找回密码
"""
username = request.form['username']
u = User.one(username=username)
token = str(uuid.uuid4())
cache.set(token, u.id, ex=3600)
content = '{}/reset/view?token={}'.format(secret.dns, token)
Messages.send(title='找回密码',
content=content,
sender_id=u.id,
receiver_id=u.id)
return redirect(url_for('.index'))
def login():
form = request.form
u = Admin.validate_login(form)
log('login u', u)
if u is None:
return redirect(url_for('.index'))
else:
# session 中写入 user_id
session_id = str(uuid.uuid4())
key = 'admin_session_id_{}'.format(session_id)
log('index login key <{}> admin_id <{}>'.format(key, u.id))
cache.set(key, u.id)
redirect_to_index = redirect(url_for('admin.index'))
response = current_app.make_response(redirect_to_index)
response.set_cookie('admin_session_id', value=session_id)
# 转到 topic.index 页面
return response
def send_mail():
form = request.form.to_dict()
username = form.get('username')
u = User.one(username=username)
email = form.get('email')
if email == u.email:
token = str(uuid.uuid4())
cache.set(token, u.id)
Messages.send(
title='reset password',
content='https://yivocs.cn/reset/view?token={}'.format(token),
sender_id=u.id,
receiver_id=u.id)
return redirect(url_for('index.index'))
else:
return redirect('404')
def replied_topic(user_id):
# 避免ORM的n+1问题
k = 'replied_topic_{}'.format(user_id)
if cache.exists(k):
v = cache.get(k)
ts = json.loads(v, object_hook=topichook)
return ts
else:
# 调用SQLAlchemy join拼接table;filter查询;order_by排序;desc()倒序
# 解决ORM的n+1问题
ts = Topic.query.join(Reply, Reply.topic_id == Topic.id)\
.filter(Reply.user_id == user_id)\
.order_by(Reply.created_time.desc())\
.all()
# rs = Reply.all(user_id=user_id)
# ts = []
# for r in rs:
# t = Topic.one(id=r.topic_id)
# ts.append(t)
# ts = sorted(ts, key=lambda x: x.updated_time, reverse=True)
v = json.dumps([t.json() for t in ts])
cache.set(k, v)
return ts
def send():
# 获得用户名
# 通过用户名获得用户id
form = request.form.to_dict()
name = form['username']
# log('username', name)
u = User.one(username=name)
# u = current_user()
# 生成token
token = str(uuid.uuid4())
# csrf_tokens[token] = u.id
id = u.id
cache.set(token, id)
# 发送邮件
# log('csrf_tokens', csrf_tokens)
receiver: User = User.one(id=u.id)
send_mail(
subject='修改密码',
author=admin_mail,
to=receiver.email,
content='{}\r\nhttps://www.treasutre.xyz/reset/edit?token={}'.format(
u.username, token),
)
return render_template('login.html')
