import os import hashlib from quart import Quart, render_template, request, session, redirect, url_for,jsonify,send_file,flash from quart_sqlalchemy import SQLAlchemy from quart_session import Session from web.common.utils import generate_captcha,login_required from myutils.ConfigManager import myCongif from . import api from web.common.errors import handle_error @api.route('/user/code',methods=['GET']) async def user_get_code(): #获取验证码 captcha_text, buffer = generate_captcha() print(captcha_text) session['captcha'] = captcha_text # 记录验证码? return await send_file(buffer, mimetype='image/png') @api.route('/user/login',methods=['POST']) async def user_login(): #用户登录 try: form = await request.form username = form['username'] password = form['password'] captcha = form['captcha'] except Exception as e: await flash('请求数据格式错误', 'error') return redirect(url_for('main.login')) #return jsonify({'error': '请求数据格式错误'}), 400 if captcha != session.get('captcha'): # 验证码验证过后,需要失效 session.pop('captcha', None) await flash('验证码错误', 'error') return redirect(url_for('main.login')) #return jsonify({'error': '验证码错误'}), 400 #return 'captcha error!', 400 #比对用户名和密码 strsql = f"select password from user where username = '{username}'" db_password = mDBM.do_select(strsql,1) passwd_md5 = get_md5(password) if db_password: if db_password[0] == passwd_md5: #后续需要对密码进行MD5加默 print("登录成功") session['user'] = username return redirect(url_for('main.get_html', html='view_main.html')) await flash('用户名或密码错误', 'error') return redirect(url_for('main.login')) @api.route('/user/userinfo',methods=['GET']) @login_required async def user_info(): #获取用户列表 strsql = "select username,status,people,tellnum from user;"; data = mDBM.do_select(strsql) if data: user_list = [{"username": user[0], "status": user[1], "people":user[2],"tellnum":user[3]} for user in data] return jsonify(user_list) else: return jsonify(0) @api.route('/user/adduser',methods=['POST']) @login_required async def user_adduser(): #新增用户 username = (await request.form)['username'] people = (await request.form)['people'] tellnum = (await request.form)['tellnum'] strsql = f"select username from user where username = '{username}';" password = myCongif.get_data('pw') data = mDBM.do_select(strsql) if data: reStatus = 0 reMsg = '用户名重复,请重新输入!' else: strsql = (f"INSERT INTO user (username ,password ,status,people,tellnum ) VALUES " f"('{username}','{password}',1,'{people}','{tellnum}');") ret = mDBM.do_sql(strsql) if ret == True: reStatus = 1 reMsg = '添加用户成功' else: reStatus = 0 reMsg = '添加用户异常,请联系管理员处理!' return jsonify({'status':reStatus,'msg':reMsg}) @api.route('/user/passwd',methods=['POST']) @login_required async def user_change_passwd(): #修改密码 json_data = await request.get_json() oldpasswd = json_data.get('oldpasswd') newpasswd = json_data.get('newpasswd') old_md5= get_md5(oldpasswd) print(old_md5) strsql = f"select id from user where password='{old_md5}';" data = mDBM.do_select(strsql,1) reStatus = 0 if data: new_md5 = get_md5(newpasswd) strsql = f"update user set password = '{new_md5}' where password = '{old_md5}';" ret = mDBM.do_sql(strsql) if ret: reStatus = 1 reMsg = '修改密码成功' else: reMsg = '修改密码失败,请联系技术支持!' else: reMsg = '原密码错误,请确认!' return jsonify({'status':reStatus,'msg':reMsg}) @api.route('/user/changeuser',methods=['POST']) @login_required async def user_change_user_info(): #修改用户信息 username = (await request.form)['username'] people = (await request.form)['people'] tellnum = (await request.form)['tellnum'] strsql = f"update user set people='{people}',tellnum='{tellnum}' where username='{username}';" ret = mDBM.do_sql(strsql) if ret == True: reStatus = 1 reMsg = '修改用户信息成功' else: reStatus = 0 reMsg = '修改失败,请联系管理员处理!' return jsonify({'status': reStatus, 'msg': reMsg}) @api.route('/user/', methods=['GET']) async def get_user(user_id): try: user = user_id if user: return jsonify(user) else: return jsonify({'error': 'User not found'}), 404 except Exception as e: return handle_error(e) def get_md5(value): md5 = hashlib.md5() # 创建一个md5对象 md5.update(value.encode('utf-8')) # 使用utf-8编码更新待计算的字符串 return md5.hexdigest() # 返回十六进制的MD5值