def post(self): post_data = self.request.body try: data = json.loads(post_data) except (TypeError, ValueError): self.write_response({}, 0, '参数格式错误') return try: action = data.get("action", None) if not action: self.write_response({}, 0, _err='没有相应的操作方法!') elif action == 'reset_pwd': email = self.get_session('current_email') if not email: self.write_response({},0,'账户获取出错,无法修改密码!') return try: old_password = data.get('old_password',None) new_password = data.get('new_password',None) repeat_password = data.get('repeat_password',None) if not(old_password and new_password and repeat_password): self.write_response({},0,'获取密码信息出错!') return front_user_coll = BaseMotor().client[MongoBasicInfoDb][STUDENTS] front_user_doc = yield front_user_coll.find_one({'user_email': email}) password = front_user_doc['password'] if not password: self.write_response({}, 0, '密码验证获取错误!') return if not front_user_doc: self.write_response({}, 0, '此邮箱账户未注册使用!') return if make_password(old_password) != password: self.write_response({},0,'原密码错误!无法修改密码!') return if new_password != repeat_password: self.write_response({},0,'两次密码输入不一致,无法修改密码') res = front_user_coll.update_one({'user_email': email},{ '$set':{ '{0}'.format('password'):make_password(new_password) } }) if not res: self.write_response({},0,'密码修改失败!') self.write_response({}) except Exception as e: logging.exception(e) else: pass except Exception as e: logging.exception(e)
def post(self): post_data = self.request.body try: data = json.loads(post_data) except (TypeError, ValueError): self.write_response({}, 0, '参数格式错误') return action = data.get('action', None) if not action: self.write_response({}, 0, '获取操作失败!') return if action == 'reset_pwd': email = self.get_session("current_email") old_password = data.get('old_password', None) new_password = data.get('new_password', None) repeat_password = data.get('repeat_password', None) if not (old_password and new_password and repeat_password): self.write_response({}, 0, '获取密码出错!') return if not email: self.write_response({}, 0, '账户信息异常!') return try: cms_user = CmsUser(email=email) old_password = make_password(old_password) new_password = make_password(new_password) repeat_password = make_password(repeat_password) if new_password != repeat_password: self.write_response({}, 0, '两次密码输入不一致!') return if old_password == cms_user._password: res = CmsUser(email=email, raw_password=new_password) if res.reset_pwd: self.write_response({}) return else: self.write_response({}, 0, '密码修改失败!') return else: self.write_response({}, 0, '原密码错误,无法修改!') return except Exception as e: logging.exception(e) self.write_response({}, 0, '数据库查询发生异常!')
def post(self): try: gt = GeetestLib(GT_ID, GT_KEY) challenge = self.get_argument(gt.FN_CHALLENGE, "") validate = self.get_argument(gt.FN_VALIDATE, "") seccode = self.get_argument(gt.FN_SECCODE, "") status = int(self.session[gt.GT_STATUS_SESSION_KEY]) user_id = self.session["user_id"] if status: verify_res = gt.success_validate(challenge, validate, seccode, user_id) else: verify_res = gt.failback_validate(challenge, validate, seccode) self.session["user_id"] = user_id if verify_res: email = self.get_argument("email") password = self.get_argument("password") if email and password: password = make_password(password) student_coll = BaseMotor().client[MongoBasicInfoDb][STUDENTS] stu_doc = yield student_coll.find_one({"user_email": email}) if not stu_doc: msg = '账户不存在,请重新输入或前往注册!' self.render("front/front_signin.html", msg=msg,action_url = '/signin') else: pwd = stu_doc['password'] if password == pwd: self.session['current_email'] = stu_doc['user_email'] self.session['role'] = stu_doc['role'] self.session['username'] = stu_doc['user_name'] if stu_doc['user_name'] != '' else stu_doc['user_email'] self.redirect("/") else: msg = '密码错误,请重新输入!' self.render("front/front_signin.html", msg=msg, action_url='/signin') else: msg = '邮箱或密码值获取错误,请重新输入!' self.render("front/front_signin.html", msg=msg ,action_url = '/signin') else: msg = '验证码验证失败,请重新验证!' self.render("front/front_signin.html",msg=msg ,action_url = '/signin') except Exception as e: print e logging.exception(e) self.render("front/front_signin.html", msg=e,action_url = '/signin')
def post(self): try: post_data = self.request.body try: data = json.loads(post_data) except (TypeError, ValueError): self.write_response({}, 0, '参数格式错误') return action = data.get('action', None) if not action: self.write_response({}, 0, '获取操作失败!') return if action == 'ban': email = data.get('email', None) if not email: self.write_response({}, 0, '邮箱账户获取出错!') return try: cms = CmsUser(email=email, new_status=False) if cms.ban_cms_user: self.write_response({}) return else: self.write_response({}, 0, '禁用失败!') return except Exception as e: logging.exception(e) elif action == 'start_use': email = data.get('email', None) if not email: self.write_response({}, 0, '邮箱账户获取出错!') return try: cms = CmsUser(email=email, new_status=True) if cms.ban_cms_user: self.write_response({}) return else: self.write_response({}, 0, '启用失败!') return except Exception as e: logging.exception(e) elif action == 'add': email = data.get('email', None) password = data.get('password', None) tel = data.get('tel', None) permission = data.get('permission', None) username = data.get('username', None) if not (email and password and tel and permission and username): self.write_response({}, 0, '缺少用户信息!') return role = '' if permission == 'admin': role = u'管理' elif permission == 'student': role = u'学生' else: role = u'老师' # 学生用户 insert_doc = { "_id": email, "status": True, "password": make_password(password), "avator": "", "create_time": int(time.time()), "permission": permission, "tel": tel, "role": role, "user_name": username, "user_email": email } if permission != 'student': try: cms_coll = BaseMotor( ).client[MongoBasicInfoDb][CMS_USER] cms_doc = yield cms_coll.find_one( {'user_email': email}) if not cms_doc: res = cms_coll.insert_one(insert_doc) if not res: self.write_response({}, 0, '用户添加失败!') return else: self.write_response({}) return else: self.write_response({}, 0, '邮箱账户已存在!') return except Exception as e: logging.exception(e) #学生用户 else: try: stu_coll = BaseMotor( ).client[MongoBasicInfoDb][STUDENTS] stu_doc = yield stu_coll.find_one({'email': email}) if not stu_doc: insert_doc["stu_num"] = "" res = stu_coll.insert_one(insert_doc) if not res: self.write_response({}, 0, '用户添加失败!') else: self.write_response({}) else: self.write_response({}, 0, '邮箱账户已存在!') return except Exception as e: logging.exception(e) except Exception as e: logging.exception(e) self.write_response(response='', _status=0, _err='系统异常') return
def post(self): post_data = self.request.body try: post_data = json.loads(post_data) except (TypeError, ValueError): self.write_response({}, 0, '参数格式错误') return try: action = post_data.get("action",None) if not action: self.write_response({},0,_err='没有相应的操作方法!') elif action == 'retrieve_password': email = post_data.get("email", None) if email: subject = '计算机组成与结构教学网站邮箱找回密码服务验证!' captcha = get_captcha(4) self.conn.set("email_captcha", captcha) body = "温馨提示:尊敬的用户,您好!我们的工作人员是不会向您索要邮箱验证码,请务将验证码告诉他人,以免您的账户信息泄漏!\n您的邮箱验证码是:【" + captcha + "】10分钟内有效!" try: message = send_email(self, subject=subject, body=body, to_email=email) has_send = self.get_session('has_send_email') if not has_send: self.session['has_send_email'] = email message.send() self.write_response({}) except Exception as e: print e self.render("front/front_forgetpwd.html", msg=e, action_url='/forgetpwd') else: self.render("front/front_forgetpwd.html", msg='邮箱帐号异常!', action_url='/forgetpwd') elif action == 'verify': email = post_data.get("email", None) captcha = post_data.get("captcha",None) cache_captcha = self.conn.get("email_captcha") if not (cache_captcha and captcha): self.write_response({},0,'缺少邮箱验证码信息!') return if not email: self.write_response({},0,'缺少邮箱帐号信息!') return try: front_user_coll = BaseMotor().client[MongoBasicInfoDb][STUDENTS] front_user_doc = front_user_coll.find_one({'user_email':email}) if not front_user_doc: self.write_response({},0,'此邮箱账户未注册使用!') return else: if cache_captcha.lower() == captcha.lower(): self.write_response({}) return else: self.write_response({},0,'邮箱验证码错误!') return except Exception as e: logging.exception(e) elif action == 'save': email = post_data.get("email", None) password = post_data.get("password", None) repeat_password = post_data.get("repeat_password",None) if not email: self.write_response({},0,'缺少邮箱帐号信息!') return if not (password and repeat_password): self.write_response({},0,'密码获取错误!') return try: front_user_coll = BaseMotor().client[MongoBasicInfoDb][STUDENTS] front_user_doc = front_user_coll.find_one({'user_email':email}) if not front_user_doc: self.write_response({},0,'此邮箱账户未注册使用!') return else: if password == repeat_password: res = front_user_coll.update_one({'user_email':email},{ '$set':{ '{0}'.format('password'):make_password(password) } }) if res: self.write_response({}) else: self.write_response({},0,'密码找回失败!') else: self.write_response({},0,'两次密码输入不一致!') return except Exception as e: logging.exception(e) else: pass except Exception as e: logging.exception(e) print e
def post(self): post_data = self.request.body try: post_data = json.loads(post_data) except (TypeError, ValueError): self.write_response({}, 0, '参数格式错误') return try: action = post_data.get("action",None) if not action: self.write_response({},0,_err='没有相应的操作方法!') elif action == 'send_email': email = post_data.get("email", None) if email: subject = '计算机组成与结构教学网站邮箱注册服务验证!' captcha = get_captcha(4) self.conn.set("email_captcha",captcha) body = "温馨提示:尊敬的用户,您好!我们的工作人员是不会向您索要邮箱验证码,请务将验证码告诉他人,以免您的账户信息泄漏!\n您的邮箱验证码是:【"+captcha+"】10分钟内有效!" try: message = send_email(self,subject=subject,body=body,to_email=email) has_send = self.get_session('has_send_email') if not has_send: self.session['has_send_email'] = email message.send() self.write_response({}) except Exception as e: print e self.render("front/front_regist.html", msg=e, action_url='/regist') else: self.render("front/front_regist.html", msg='邮箱帐号异常!', action_url='/regist') elif action == 'regist': email = post_data.get("email",None) password = post_data.get("password",None) captcha = post_data.get("captcha",None) if not (email and password and captcha): self.write_response({},0,_err='值获取错误!') cache_captcha = self.conn.get("email_captcha") if cache_captcha.lower() == captcha: password = make_password(password) try: user_coll = BaseMotor().client[MongoBasicInfoDb][STUDENTS] user_doc = yield user_coll.find_one({"user_email": email}) if not user_doc: try: document = { "_id": email, "status": True, "password": password, "avator": "", "create_time": int(time.time()), "permission": "student", "tel": "", "role": "学生", "user_name": "", "user_email": email, "stu_num": "" } res = user_coll.insert(document) if not res: self.write_response({},0,_err='更新数据库出错!') else: self.write_response({}) except Exception as e: print e self.render("front/front_regist.html", msg=e, action_url='/regist') else: self.render("front/front_regist.html", msg='账户已存在,请直接登录!', action_url='/regist') except Exception as e: print e self.write_response({},0,_err='数据库连接异常!') else: self.render("front/front_regist.html", msg='验证码输入不一致!', action_url='/regist') except Exception as e: self.write_response({},0)
def set_password(self,raw_password): if not raw_password: return None self.password = hashers.make_password(raw_password,self.email) self.save()
def post(self): next_url = self.get_argument('next', '/cms/') try: gt = GeetestLib(GT_ID, GT_KEY) challenge = self.get_argument(gt.FN_CHALLENGE, "") validate = self.get_argument(gt.FN_VALIDATE, "") seccode = self.get_argument(gt.FN_SECCODE, "") status = int(self.session[gt.GT_STATUS_SESSION_KEY]) user_id = self.session["user_id"] password = self.get_argument('password') password = make_password(password) if status: verify_res = gt.success_validate(challenge, validate, seccode, user_id) else: verify_res = gt.failback_validate(challenge, validate, seccode) self.session["user_id"] = user_id if verify_res: try: user_email = self.get_argument('user_email') cms_user_coll = BaseMotor( ).client[MongoBasicInfoDb][CMS_USER] cms_user_doc = yield cms_user_coll.find_one( {"_id": user_email}) if not cms_user_doc: self.render("cms/user_login.html", msg="账户不存在", next_url=next_url) else: pwd = cms_user_doc['password'] status = cms_user_doc['status'] if status == bool(False): self.render("cms/user_login.html", msg="此用户已被禁用", next_url=next_url) if pwd == password: self.session['current_email'] = user_email self.session['role'] = cms_user_doc['role'] self.session['permission'] = cms_user_doc[ 'permission'] self.session['username'] = cms_user_doc[ 'user_name'] self.set_secure_cookie("user", user_email + cms_user_doc['role'], expires_days=1) self.redirect(next_url) else: msg = "此账号密码有误,请重新输入!" self.render("cms/user_login.html", msg=msg, next_url=next_url) except Exception as e: logging.exception(e) msg = "账户出现异常!" self.render("cms/user_login.html", msg=msg, next_url=next_url) else: msg = '验证码验证失败,请重新验证' self.render("cms/user_login.html", msg=msg, next_url=next_url) except Exception as e: logging.exception(e) msg = '验证码参数获取异常,请稍后重试' self.render("cms/user_login.html", msg=msg, next_url=next_url)