import os from quart import Quart, render_template, request, session, redirect, url_for,jsonify,send_file from quart_sqlalchemy import SQLAlchemy from quart_session import Session from web.common.utils import generate_captcha,login_required from myutils.ConfigManager import myCongif from core.DBManager import mDBM from . import api from web.common.errors import handle_error @api.route('/user/code',methods=['GET']) async def user_get_code(): #获取验证码 captcha_text, buffer = generate_captcha() print(captcha_text) session['captcha'] = captcha_text # 记录验证码? return await send_file(buffer, mimetype='image/png') @api.route('/user/login',methods=['POST']) async def user_login(): #用户登录 username = (await request.form)['username'] password = (await request.form)['password'] captcha = (await request.form)['captcha'] if captcha != session.get('captcha'): #验证码验证过后,需要失效 #? return '验证码错误', 400 #比对用户名和密码 strsql = f"select password from user where username = '{username}'" db_password = mDBM.do_select(strsql,1) if db_password: if db_password[0] == password: #后续需要对密码进行MD5加默 print("登录成功") session['user'] = username return redirect(url_for('main.get_html', html='实时预览.html')) return '用户名或密码错误', 400 @api.route('/user/userinfo',methods=['GET']) @login_required async def user_info(): #获取用户列表 strsql = "select username,status,people,tellnum from user;"; data = mDBM.do_select(strsql) if data: user_list = [{"username": user[0], "status": user[1], "people":user[2],"tellnum":user[3]} for user in data] return jsonify(user_list) else: return jsonify(0) @api.route('/user/adduser',methods=['POST']) @login_required async def user_adduser(): #新增用户 username = (await request.form)['username'] people = (await request.form)['people'] tellnum = (await request.form)['tellnum'] strsql = f"select username from user where username = '{username}';" data = mDBM.do_select(strsql) if data: reStatus = 0 reMsg = '用户名重复,请重新输入!' else: strsql = (f"INSERT INTO user (username ,password ,status,people,tellnum ) VALUES " f"('{username}','{myCongif.get_data("pw")}',1,'{people}','{tellnum}');") ret = mDBM.do_sql(strsql) if ret == True: reStatus = 1 reMsg = '添加用户成功' else: reStatus = 0 reMsg = '添加用户异常,请联系管理员处理!' return jsonify({'status':reStatus,'msg':reMsg}) @api.route('/user/passwd',methods=['POST']) @login_required async def user_change_passwd(): #重置密码 username = (await request.form)['username'] strsql = f"update user set password='{myCongif.get_data("pw")}' where username='{username}';" ret = mDBM.do_sql(strsql) if ret == True: reStatus = 1 reMsg = '重置密码成功' else: reStatus = 0 reMsg = '重置密码失败,请联系管理员处理!' return jsonify({'status':reStatus,'msg':reMsg}) @api.route('/user/changeuser',methods=['POST']) @login_required async def user_change_user_info(): #修改用户信息 username = (await request.form)['username'] people = (await request.form)['people'] tellnum = (await request.form)['tellnum'] strsql = f"update user set people='{people}',tellnum='{tellnum}' where username='{username}';" ret = mDBM.do_sql(strsql) if ret == True: reStatus = 1 reMsg = '修改用户信息成功' else: reStatus = 0 reMsg = '修改失败,请联系管理员处理!' return jsonify({'status': reStatus, 'msg': reMsg}) @api.route('/user/', methods=['GET']) async def get_user(user_id): try: user = user_id if user: return jsonify(user) else: return jsonify({'error': 'User not found'}), 404 except Exception as e: return handle_error(e)