def post(self): """Send captcha to user's phone through sms. """ status = ErrorCode.SUCCESS try: mobile = self.get_argument('mobile','') captcha = ''.join(random.choice(string.digits) for x in range(6)) ios_captcha_sms = SMSCode.SMS_IOS_CAPTCHA % (captcha) ret = SMSHelper.send(mobile, ios_captcha_sms) ret = DotDict(json_decode(ret)) if ret.status == ErrorCode.SUCCESS: logging.info("[CLIENT] passenger get sms captcha: %s successfully, mobile: %s", captcha, mobile) captcha_key = get_captcha_key(mobile) self.redis.setvalue(captcha_key, captcha, UWEB.SMS_CAPTCHA_INTERVAL) else: status = ErrorCode.SERVER_BUSY logging.error("[CLIENT] passenger get sms captcha failed, mobile: %s", mobile) self.write_ret(status) except Exception as e: logging.exception("[CLIENT] passenger get sms captcha failed, mobile: %s. Exception: %s", mobile, e.args) status = ErrorCode.SERVER_BUSY self.write_ret(status)
def post(self): try: pid = self.get_argument('pid') iosid = self.get_argument('iosid') mobile = self.get_argument('mobile') cid = self.get_argument('cid') captcha = self.get_argument('captcha') logging.info("[CLIENT] passenger bind mobile request pid : %s, mobile : %s, cid: %s, iosid: %s, captcha: %s", pid, mobile, cid, iosid, captcha) except Exception as e: status = ErrorCode.ILLEGAL_DATA_FORMAT self.write_ret(status) return try: status = ErrorCode.FAILED captcha_key = get_captcha_key(mobile) redis_captcha = self.redis.get(captcha_key) if redis_captcha: if captcha == redis_captcha: #1.find corp's passenger is exist or not passenger = self.db.get("SELECT pid " " FROM T_PASSENGER" " WHERE mobile = %s" " AND cid = %s", mobile, cid) print passenger #2.if no passenger,bind mobile else remind passenger if passenger: if passenger.pid == '': self.db.execute("UPDATE T_PASSENGER " " SET pid = %s ," " iosid = %s" " WHERE mobile = %s " " AND cid = %s ", pid, iosid, mobile, cid) status = ErrorCode.SUCCESS else: status = ErrorCode.PASSENGER_EXIST logging.error("[CLIENT] passenger bind mobile failed. mobile: %s, captcha: %s, Message: %s", mobile, captcha, ErrorCode.ERROR_MESSAGE[status]) else: status = ErrorCode.WRONG_CAPTCHA logging.error("[CLIENT] passenger bind mobile failed. mobile: %s, captcha: %s, Message: %s", mobile, captcha, ErrorCode.ERROR_MESSAGE[status]) else: status = ErrorCode.NO_CAPTCHA logging.error("[CLIENT] passenger bind mobile failed. mobile: %s, captcha: %s, Message: %s", mobile, captcha, ErrorCode.ERROR_MESSAGE[status]) self.write_ret(status) except Exception as e: logging.exception("[CLIENT] passenger bind mobile failed. mobile: %s. Exception: %s", pid, e.args) status = ErrorCode.SERVER_BUSY self.write_ret(status)
def post(self): """Generate a captcha for retrieving the password.""" status = ErrorCode.SUCCESS try: data = DotDict(json_decode(self.request.body)) umobile = data.mobile captcha_psd = data.captcha_psd logging.info("[UWEB] Get captcha request: %s", data) except Exception as e: status = ErrorCode.ILLEGAL_DATA_FORMAT logging.exception("[UWEB] Invalid data format. body: %s, Exception: %s", self.request.body, e.args) self.write_ret(status) return try: status = self.check_privilege(umobile) if status != ErrorCode.SUCCESS: logging.error("[UWEB] User: %s is just for test, has no right to access the function.", umobile) self.write_ret(status) return captchahash = self.get_secure_cookie("captchahash_password") m = hashlib.md5() m.update(captcha_psd.lower()) m.update(UWEB.HASH_SALT) hash_ = m.hexdigest() if hash_.lower() != captchahash.lower(): status = ErrorCode.WRONG_CAPTCHA_IMAGE logging.info("[UWEB] Come from browser, captcha-check failed.") self.write_ret(status) return user = self.db.get("SELECT mobile" " FROM T_USER" " WHERE mobile = %s" " LIMIT 1", umobile) if user: remote_ip = self.request.remote_ip remote_ip_key = "register_remote_ip:%s" % remote_ip umobile_key = "register_umobile:%s" % umobile remote_ip_times = self.redis.getvalue(remote_ip_key) umobile_times = self.redis.getvalue(umobile_key) if remote_ip_times is None: remote_ip_times = 0 if umobile_times is None: umobile_times = 0 logging.info("[UWEB] Register. umobile: %s, umobile_times: %s, remote_ip: %s, remote_ip_times: %s", umobile, umobile_times, remote_ip, remote_ip_times) #NOTE: In current day, the same remote_ip allows 10 times, the umobile, 3 times current_time = int(time.time()) date = get_date_from_utc(current_time) year, month, day = date.year, date.month, date.day start_time_, end_time_ = start_end_of_day(year=year, month=month, day=day) if umobile_times >= 3: # <= 3 is ok status = ErrorCode.REGISTER_EXCESS if remote_ip_times >= 10: # <= 10 is ok status = ErrorCode.REGISTER_EXCESS if status == ErrorCode.REGISTER_EXCESS: body = u'管理员您好:检测到频繁注册,请查看. umobile: %s, umobile_times: %s, remote_ip: %s, remote_ip_times: %s' % ( umobile, umobile_times, remote_ip, remote_ip_times) notify_maintainer(self.db, self.redis, body, 'password') self.write_ret(status) return captcha = ''.join(random.choice(string.digits) for x in range(4)) getcaptcha_sms = SMSCode.SMS_CAPTCHA % (captcha) ret = SMSHelper.send(umobile, getcaptcha_sms) ret = DotDict(json_decode(ret)) if ret.status == ErrorCode.SUCCESS: logging.info("[UWEB] user uid: %s get captcha success, the captcha: %s", umobile, captcha) captcha_key = get_captcha_key(umobile) self.redis.setvalue(captcha_key, captcha, UWEB.SMS_CAPTCHA_INTERVAL) self.redis.set(umobile_key, umobile_times+1) self.redis.expireat(umobile_key, end_time_) self.redis.set(remote_ip_key, remote_ip_times+1) self.redis.expireat(remote_ip_key, end_time_) else: status = ErrorCode.SERVER_BUSY logging.error("[UWEB] user uid: %s get captcha failed.", umobile) else: status = ErrorCode.USER_NOT_ORDERED logging.error("[UWEB] user uid: %s does not exist, get captcha failed.", umobile) self.write_ret(status) except Exception as e: logging.exception("[UWEB] user uid: %s retrieve password failed. Exception: %s", umobile, e.args) status = ErrorCode.SERVER_BUSY self.write_ret(status)
def get(self): """Send captcha to user's phone through sms. """ status = ErrorCode.SUCCESS try: umobile = self.get_argument('umobile', '') tmobile = self.get_argument('tmobile', '') remote_ip = self.request.remote_ip captcha_image = self.get_argument('captcha_img', '') captchahash = self.get_secure_cookie("captchahash_image") logging.info("[UWEB] Get captcha-sms request. umobile:%s, tmobile: %s, captcha_img: %s", umobile, tmobile, captcha_image) m = hashlib.md5() m.update(captcha_image.lower()) m.update(UWEB.HASH_SALT) hash_ = m.hexdigest() if hash_.lower() != captchahash.lower(): status = ErrorCode.WRONG_CAPTCHA_IMAGE logging.info( "[UWEB] Come from browser, captcha-check failed.") self.write_ret(status) return # check tmobile is whitelist or not white_list = check_zs_phone(tmobile, self.db) if not white_list: logging.info("[UWEB] %s is not whitelist", tmobile) status = ErrorCode.MOBILE_NOT_ORDERED message = ErrorCode.ERROR_MESSAGE[status] % tmobile self.write_ret(status, message=message) return # NOTE: check times remote_ip_key = "register_remote_ip:%s" % remote_ip umobile_key = "register_umobile:%s" % umobile remote_ip_times = self.redis.getvalue(remote_ip_key) umobile_times = self.redis.getvalue(umobile_key) if remote_ip_times is None: remote_ip_times = 0 if umobile_times is None: umobile_times = 0 logging.info("[UWEB] Register. umobile: %s, umobile_times: %s, remote_ip: %s, remote_ip_times: %s", umobile, umobile_times, remote_ip, remote_ip_times) # NOTE: In current day, the same remote_ip allows 10 times, the # umobile, 3 times current_time = int(time.time()) date = get_date_from_utc(current_time) year, month, day = date.year, date.month, date.day start_time_, end_time_ = start_end_of_day( year=year, month=month, day=day) if umobile_times >= 3: # <= 3 is ok status = ErrorCode.REGISTER_EXCESS if remote_ip_times >= 10: # <= 10 is ok status = ErrorCode.REGISTER_EXCESS if status == ErrorCode.REGISTER_EXCESS: body = u'管理员您好:检测到频繁注册,请查看. umobile: %s, umobile_times: %s, remote_ip: %s, remote_ip_times: %s' % ( umobile, umobile_times, remote_ip, remote_ip_times) notify_maintainer(self.db, self.redis, body, 'register') self.write_ret(status) return psd = ''.join(random.choice(string.digits) for x in range(4)) captcha_sms = SMSCode.SMS_REG % (psd) ret = SMSHelper.send(umobile, captcha_sms) ret = DotDict(json_decode(ret)) if ret.status == ErrorCode.SUCCESS: logging.info("[UWEB] Get sms captcha successfully. umobile: %s, captcha: %s.", umobile, psd) captcha_key = get_captcha_key(umobile) self.redis.setvalue( captcha_key, psd, UWEB.SMS_CAPTCHA_INTERVAL) self.redis.set(umobile_key, umobile_times + 1) self.redis.expireat(umobile_key, end_time_) self.redis.set(remote_ip_key, remote_ip_times + 1) self.redis.expireat(remote_ip_key, end_time_) else: status = ErrorCode.SERVER_BUSY logging.error( "[UWEB] Get sms captcha failed. umobile: %s.", umobile) self.write_ret(status) except Exception as e: logging.exception("[UWEB] Get sms captcha failed. umobile:%s. Exception: %s", umobile, e.args) status = ErrorCode.SERVER_BUSY self.write_ret(status)
def post(self): """Regist a pair of umobile and tmobile. """ status = ErrorCode.SUCCESS try: data = DotDict(json_decode(self.request.body)) logging.info("[UWEB] Register request: %s", data) umobile = data.umobile tmobile = data.tmobile captcha = data.captcha except Exception as e: status = ErrorCode.ILLEGAL_DATA_FORMAT logging.exception("[UWEB] Invalid data format. Exception: %s", e.args) self.write_ret(status) return try: # check tmobile is whitelist or not white_list = check_zs_phone(tmobile, self.db) if not white_list: logging.info("[UWEB] Mobile is not whitelist. tmobile: %s.", tmobile) status = ErrorCode.MOBILE_NOT_ORDERED message = ErrorCode.ERROR_MESSAGE[status] % tmobile self.write_ret(status, message=message) return captcha_key = get_captcha_key(umobile) captcha_old = self.redis.get(captcha_key) if captcha_old: if captcha == str(captcha_old): terminal = QueryHelper.get_terminal_by_tmobile( tmobile, self.db) if terminal: if terminal.service_status == UWEB.SERVICE_STATUS.TO_BE_UNBIND: # delete to_be_unbind terminal! delete_terminal(terminal.tid, self.db, self.redis) else: status = ErrorCode.TERMINAL_ORDERED logging.info("[UWEB] Regist failed. umobile: %s, tmobile: %s Message: %s", umobile, tmobile, ErrorCode.ERROR_MESSAGE[status]) self.write_ret(status) return register_sms = SMSCode.SMS_REGISTER % (umobile, tmobile) ret = SMSHelper.send_to_terminal(tmobile, register_sms) ret = DotDict(json_decode(ret)) if ret.status == ErrorCode.SUCCESS: logging.info("[UWEB] Regist successfully. umobile: %s, tmobile: %s ", umobile, tmobile) self.redis.delete(captcha_key) else: status = ErrorCode.REGISTER_FAILED logging.error("[UWEB] Regist failed. umobile: %s, tmobile: %s. Message: %s", umobile, tmobile, ErrorCode.ERROR_MESSAGE[status]) else: status = ErrorCode.WRONG_CAPTCHA logging.error("[UWEB] Regist failed. umobile: %s, captcha: %s, captcha_old: %s, Message: %s", umobile, captcha, captcha_old, ErrorCode.ERROR_MESSAGE[status]) else: status = ErrorCode.NO_CAPTCHA logging.error("[UWEB] Register failed. umobile: %s, captcha: %s, Message: %s", umobile, captcha, ErrorCode.ERROR_MESSAGE[status]) self.write_ret(status) except Exception as e: logging.exception("[UWEB] Register failed. umobile: %s tmobile: %s , Exception: %s", umobile, tmobile, e.args) status = ErrorCode.REGISTER_FAILED self.write_ret(status)
def post(self): """Retrieve the password.""" status = ErrorCode.SUCCESS try: data = DotDict(json_decode(self.request.body)) umobile = data.mobile captcha_psd = data.get('captcha_psd','') captchahash = self.get_secure_cookie("captchahash_password") logging.info("[UWEB] Corp retrieve password request: %s", data) except Exception as e: status = ErrorCode.ILLEGAL_DATA_FORMAT logging.exception("[UWEB] Invalid data format. body: %s, Exception: %s", self.request.body, e.args) self.write_ret(status) return try: # check the umobile whether belongs to guandong is_guandong = check_gd_phone(umobile) if is_guandong: pass else: logging.info("[UWEB] Mobile is not come from GuanDong, reject it.") status = ErrorCode.UMOBILE_REGISTER_EXCESS self.write_ret(status) return #NOTE: check captcha-sms for brower from_brower = False if self.request.headers.get('User-Agent',None): user_agent = self.request.headers.get('User-Agent').lower() if re.search('darwin', user_agent): # Ios client logging.info("[UWEB] Come from IOS client, do not check captcha-image, User-Agent: %s", user_agent) from_brower = False else: logging.info("[UWEB] Come from browser, check captcha-image, User-Agent: %s", user_agent) from_brower = True else: # Android client from_brower = False logging.info("[UWEB] Come from Android client, do not check captcha-image") if from_brower: m = hashlib.md5() m.update(captcha_psd.lower()) m.update(UWEB.HASH_SALT) hash_ = m.hexdigest() if hash_.lower() != captchahash.lower(): status = ErrorCode.WRONG_CAPTCHA_IMAGE logging.info("[UWEB] Come from browser, captcha-check failed.") self.write_ret(status) return user = self.db.get("SELECT mobile" " FROM T_CORP" " WHERE cid = %s" " LIMIT 1", umobile) if not user: user = self.db.get("SELECT mobile" " FROM T_OPERATOR" " WHERE oid = %s" " LIMIT 1", umobile) if user: remote_ip = self.request.remote_ip remote_ip_key = "register_remote_ip:%s" % remote_ip umobile_key = "register_umobile:%s" % umobile remote_ip_times = self.redis.getvalue(remote_ip_key) umobile_times = self.redis.getvalue(umobile_key) if remote_ip_times is None: remote_ip_times = 0 if umobile_times is None: umobile_times = 0 logging.info("[UWEB] Register. umobile: %s, umobile_times: %s, remote_ip: %s, remote_ip_times: %s", umobile, umobile_times, remote_ip, remote_ip_times) #NOTE: In current day, the same remote_ip allows 10 times, the umobile, 3 times current_time = int(time.time()) date = get_date_from_utc(current_time) year, month, day = date.year, date.month, date.day start_time_, end_time_ = start_end_of_day(year=year, month=month, day=day) if umobile_times >= 3: # <= 3 is ok status = ErrorCode.REGISTER_EXCESS if remote_ip_times >= 10: # <= 10 is ok status = ErrorCode.REGISTER_EXCESS if status == ErrorCode.REGISTER_EXCESS: body = u'管理员您好:检测到频繁注册,请查看. umobile: %s, umobile_times: %s, remote_ip: %s, remote_ip_times: %s' % ( umobile, umobile_times, remote_ip, remote_ip_times) notify_maintainer(self.db, self.redis, body, 'password') self.write_ret(status) return captcha = ''.join(random.choice(string.digits) for x in range(4)) getcaptcha_sms = SMSCode.SMS_CAPTCHA % (captcha) ret = SMSHelper.send(umobile, getcaptcha_sms) ret = DotDict(json_decode(ret)) if ret.status == ErrorCode.SUCCESS: logging.info("[UWEB] corp mobile: %s get captcha success, the captcha: %s", umobile, captcha) captcha_key = get_captcha_key(umobile) self.redis.setvalue(captcha_key, captcha, UWEB.SMS_CAPTCHA_INTERVAL) self.redis.set(umobile_key, umobile_times+1) self.redis.expireat(umobile_key, end_time_) self.redis.set(remote_ip_key, remote_ip_times+1) self.redis.expireat(remote_ip_key, end_time_) else: status = ErrorCode.SERVER_BUSY logging.error("[UWEB] Get captcha failed. corp mobile: %s", umobile) else: logging.error("[UWEB] Get captcha failed. corp mobile: %s does not exist.", umobile) status = ErrorCode.USER_NOT_ORDERED self.write_ret(status) except Exception as e: logging.exception("[UWEB] Get captcha failed. corp mobile: %s, Exception: %s", umobile, e.args) status = ErrorCode.SERVER_BUSY self.write_ret(status)
def post(self): """Retrieve the password.""" status = ErrorCode.SUCCESS try: data = DotDict(json_decode(self.request.body)) mobile = data.mobile captcha = data.get('captcha','') logging.info("[UWEB] User retrieve password request: %s", data) except Exception as e: status = ErrorCode.ILLEGAL_DATA_FORMAT self.write_ret(status) return try: status = self.check_privilege(data.mobile) if status != ErrorCode.SUCCESS: logging.error("[UWEB] User: %s is just for test," " has no right to access the function.", data.mobile) self.write_ret(status) return psd = get_psd() user = QueryHelper.get_user_by_mobile(mobile, self.db) if user: psd_info = dict(user_id=mobile, user_type=UWEB.USER_TYPE.PERSON, password=psd) if not captcha: # old version update_password(psd_info, self.db, self.redis) retrieve_password_sms = SMSCode.SMS_RETRIEVE_PASSWORD % (psd) ret = SMSHelper.send(mobile, retrieve_password_sms) ret = DotDict(json_decode(ret)) if ret.status == ErrorCode.SUCCESS: logging.info("[UWEB] user uid: %s retrieve password success, " " the new passwrod: %s", mobile, psd) else: status = ErrorCode.SERVER_BUSY logging.error("[UWEB] user uid: %s retrieve password failed.", mobile) else: # new version captcha_key = get_captcha_key(mobile) captcha_old = self.redis.get(captcha_key) if captcha_old: if captcha == str(captcha_old): update_password(psd_info, self.db, self.redis) retrieve_password_sms = SMSCode.SMS_RETRIEVE_PASSWORD % (psd) ret = SMSHelper.send(mobile, retrieve_password_sms) ret = DotDict(json_decode(ret)) if ret.status == ErrorCode.SUCCESS: logging.info("[UWEB] user uid: %s retrieve password success, " " the new passwrod: %s", mobile, psd) else: status = ErrorCode.SERVER_BUSY logging.error("[UWEB] user uid: %s retrieve password failed.", mobile) else: status = ErrorCode.WRONG_CAPTCHA logging.error("mobile: %s retrieve password failed. " " captcha: %s, captcha_old: %s, Message: %s", mobile, captcha, captcha_old, ErrorCode.ERROR_MESSAGE[status]) else: status = ErrorCode.NO_CAPTCHA logging.error("mobile: %s retrieve password failed. captcha: %s, Message: %s", mobile, captcha, ErrorCode.ERROR_MESSAGE[status]) else: status = ErrorCode.USER_NOT_ORDERED logging.error("[UWEB] umobile: %s does not exist, retrieve password failed.", mobile) self.write_ret(status) except Exception as e: logging.exception("[UWEB] user uid: %s retrieve password failed. Exception: %s", mobile, e.args) status = ErrorCode.SERVER_BUSY self.write_ret(status)
def post(self): """Retrieve the password.""" status = ErrorCode.SUCCESS try: data = DotDict(json_decode(self.request.body)) mobile = data.mobile captcha = data.get('captcha','') logging.info("[UWEB] corp retrieve password request: %s", data) except Exception as e: status = ErrorCode.ILLEGAL_DATA_FORMAT self.write_ret(status) return try: status = ErrorCode.SUCCESS psd = get_psd() user = QueryHelper.get_corp_by_cid(mobile, self.db) if user: # corp psd_info = dict(user_id=mobile, user_type=UWEB.USER_TYPE.CORP, password=psd) if not captcha: # old version update_password(psd_info, self.db, self.redis) else: # new version captcha_key = get_captcha_key(mobile) captcha_old = self.redis.get(captcha_key) if captcha_old: if captcha == str(captcha_old): update_password(psd_info, self.db, self.redis) else: status = ErrorCode.WRONG_CAPTCHA logging.error("[UWEB] Crop retrieve password failed." " mobile: %s, captcha: %s, captcha_old: %s, Message: %s", mobile, captcha, captcha_old, ErrorCode.ERROR_MESSAGE[status]) else: status = ErrorCode.NO_CAPTCHA logging.error("[UWEB] Corp retrieve password failed. " " mobile: %s, captcha: %s, Message: %s", mobile, captcha, ErrorCode.ERROR_MESSAGE[status]) else: user = QueryHelper.get_operator_by_oid(mobile, self.db) if user: # operator psd_info = dict(user_id=mobile, user_type=UWEB.USER_TYPE.OPERATOR, password=psd) if not captcha: # old version update_password(psd_info, self.db, self.redis) else: # new version captcha_key = get_captcha_key(mobile) captcha_old = self.redis.get(captcha_key) if captcha_old: if captcha == str(captcha_old): update_password(psd_info, self.db, self.redis) else: status = ErrorCode.WRONG_CAPTCHA logging.error("[UWEB] Operator retrieve password failed. " " mobile: %s, captcha: %s, captcha_old: %s, Message: %s", mobile, captcha, captcha_old, ErrorCode.ERROR_MESSAGE[status]) else: status = ErrorCode.NO_CAPTCHA logging.error("[UWEB] Operator retrieve password failed. " " mobile: %s, captcha: %s, Message: %s", mobile, captcha, ErrorCode.ERROR_MESSAGE[status]) else: status = ErrorCode.USER_NOT_ORDERED logging.error("[UWEB] Operator does not exist, retrieve password failed. mobile: %s", mobile) if status == ErrorCode.SUCCESS: retrieve_password_sms = SMSCode.SMS_RETRIEVE_PASSWORD % (psd) ret = SMSHelper.send(mobile, retrieve_password_sms) ret = DotDict(json_decode(ret)) if ret.status == ErrorCode.SUCCESS: logging.info("[UWEB] Corp retrieve password success, " " mobile: %s, the new passwrod: %s", mobile, psd) else: status = ErrorCode.SERVER_BUSY logging.error("[UWEB] Corp retrieve password failed. mobile: %s", mobile) self.write_ret(status) except Exception as e: logging.exception("[UWEB] Corp retrieve password failed. mobile: %s, Exception: %s", mobile, e.args) status = ErrorCode.SERVER_BUSY self.write_ret(status)