You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
143 lines
5.1 KiB
143 lines
5.1 KiB
import os
|
|
import hashlib
|
|
from quart import Quart, render_template, request, session, redirect, url_for,jsonify,send_file,flash
|
|
from quart_sqlalchemy import SQLAlchemy
|
|
from quart_session import Session
|
|
from web.common.utils import generate_captcha,login_required
|
|
from myutils.ConfigManager import myCongif
|
|
from . import api
|
|
from web.common.errors import handle_error
|
|
|
|
|
|
@api.route('/user/code',methods=['GET'])
|
|
async def user_get_code(): #获取验证码
|
|
captcha_text, buffer = generate_captcha()
|
|
print(captcha_text)
|
|
session['captcha'] = captcha_text # 记录验证码?
|
|
return await send_file(buffer, mimetype='image/png')
|
|
|
|
|
|
@api.route('/user/login',methods=['POST'])
|
|
async def user_login(): #用户登录
|
|
try:
|
|
form = await request.form
|
|
username = form['username']
|
|
password = form['password']
|
|
captcha = form['captcha']
|
|
except Exception as e:
|
|
await flash('请求数据格式错误', 'error')
|
|
return redirect(url_for('main.login'))
|
|
#return jsonify({'error': '请求数据格式错误'}), 400
|
|
|
|
if captcha != session.get('captcha'):
|
|
# 验证码验证过后,需要失效
|
|
session.pop('captcha', None)
|
|
await flash('验证码错误', 'error')
|
|
return redirect(url_for('main.login'))
|
|
#return jsonify({'error': '验证码错误'}), 400
|
|
#return 'captcha error!', 400
|
|
#比对用户名和密码
|
|
strsql = f"select password from user where username = '{username}'"
|
|
db_password = mDBM.do_select(strsql,1)
|
|
passwd_md5 = get_md5(password)
|
|
if db_password:
|
|
if db_password[0] == passwd_md5: #后续需要对密码进行MD5加默
|
|
print("登录成功")
|
|
session['user'] = username
|
|
return redirect(url_for('main.get_html', html='view_main.html'))
|
|
await flash('用户名或密码错误', 'error')
|
|
return redirect(url_for('main.login'))
|
|
|
|
@api.route('/user/userinfo',methods=['GET'])
|
|
@login_required
|
|
async def user_info(): #获取用户列表
|
|
strsql = "select username,status,people,tellnum from user;";
|
|
data = mDBM.do_select(strsql)
|
|
if data:
|
|
user_list = [{"username": user[0], "status": user[1],
|
|
"people":user[2],"tellnum":user[3]} for user in data]
|
|
return jsonify(user_list)
|
|
else:
|
|
return jsonify(0)
|
|
|
|
|
|
@api.route('/user/adduser',methods=['POST'])
|
|
@login_required
|
|
async def user_adduser(): #新增用户
|
|
username = (await request.form)['username']
|
|
people = (await request.form)['people']
|
|
tellnum = (await request.form)['tellnum']
|
|
strsql = f"select username from user where username = '{username}';"
|
|
password = myCongif.get_data('pw')
|
|
data = mDBM.do_select(strsql)
|
|
if data:
|
|
reStatus = 0
|
|
reMsg = '用户名重复,请重新输入!'
|
|
else:
|
|
strsql = (f"INSERT INTO user (username ,password ,status,people,tellnum ) VALUES "
|
|
f"('{username}','{password}',1,'{people}','{tellnum}');")
|
|
ret = mDBM.do_sql(strsql)
|
|
if ret == True:
|
|
reStatus = 1
|
|
reMsg = '添加用户成功'
|
|
else:
|
|
reStatus = 0
|
|
reMsg = '添加用户异常,请联系管理员处理!'
|
|
return jsonify({'status':reStatus,'msg':reMsg})
|
|
|
|
@api.route('/user/passwd',methods=['POST'])
|
|
@login_required
|
|
async def user_change_passwd(): #修改密码
|
|
json_data = await request.get_json()
|
|
oldpasswd = json_data.get('oldpasswd')
|
|
newpasswd = json_data.get('newpasswd')
|
|
old_md5= get_md5(oldpasswd)
|
|
print(old_md5)
|
|
strsql = f"select id from user where password='{old_md5}';"
|
|
data = mDBM.do_select(strsql,1)
|
|
reStatus = 0
|
|
if data:
|
|
new_md5 = get_md5(newpasswd)
|
|
strsql = f"update user set password = '{new_md5}' where password = '{old_md5}';"
|
|
ret = mDBM.do_sql(strsql)
|
|
if ret:
|
|
reStatus = 1
|
|
reMsg = '修改密码成功'
|
|
else:
|
|
reMsg = '修改密码失败,请联系技术支持!'
|
|
else:
|
|
reMsg = '原密码错误,请确认!'
|
|
return jsonify({'status':reStatus,'msg':reMsg})
|
|
|
|
|
|
@api.route('/user/changeuser',methods=['POST'])
|
|
@login_required
|
|
async def user_change_user_info(): #修改用户信息
|
|
username = (await request.form)['username']
|
|
people = (await request.form)['people']
|
|
tellnum = (await request.form)['tellnum']
|
|
strsql = f"update user set people='{people}',tellnum='{tellnum}' where username='{username}';"
|
|
ret = mDBM.do_sql(strsql)
|
|
if ret == True:
|
|
reStatus = 1
|
|
reMsg = '修改用户信息成功'
|
|
else:
|
|
reStatus = 0
|
|
reMsg = '修改失败,请联系管理员处理!'
|
|
return jsonify({'status': reStatus, 'msg': reMsg})
|
|
|
|
@api.route('/user/<int:user_id>', methods=['GET'])
|
|
async def get_user(user_id):
|
|
try:
|
|
user = user_id
|
|
if user:
|
|
return jsonify(user)
|
|
else:
|
|
return jsonify({'error': 'User not found'}), 404
|
|
except Exception as e:
|
|
return handle_error(e)
|
|
|
|
def get_md5(value):
|
|
md5 = hashlib.md5() # 创建一个md5对象
|
|
md5.update(value.encode('utf-8')) # 使用utf-8编码更新待计算的字符串
|
|
return md5.hexdigest() # 返回十六进制的MD5值
|