2022-01-11 15:12:08 +08:00
|
|
|
|
import json
|
2022-01-25 16:48:42 +08:00
|
|
|
|
import os
|
2022-01-10 05:22:25 +08:00
|
|
|
|
import time
|
2022-01-11 07:13:28 +08:00
|
|
|
|
import random
|
2022-01-10 05:22:25 +08:00
|
|
|
|
|
2022-01-11 15:12:08 +08:00
|
|
|
|
import requests
|
2022-01-11 17:36:31 +08:00
|
|
|
|
from werkzeug.security import generate_password_hash, check_password_hash
|
2022-01-10 05:22:25 +08:00
|
|
|
|
|
2022-02-11 11:24:28 +08:00
|
|
|
|
|
|
|
|
|
|
from user.user_auth import create_token
|
|
|
|
|
|
from user.user_utils import check_mail_fmt, check_pwd_fmt, decrypt_data
|
2022-01-27 17:28:49 +08:00
|
|
|
|
from user.user_db import INSERT_DATA, FIND_DATA, UPSERT_DATA, DELETE_DATA, FIND_DATA_PAGE, UPDATE_INFO
|
2022-01-10 05:22:25 +08:00
|
|
|
|
|
|
|
|
|
|
|
2022-01-25 16:48:42 +08:00
|
|
|
|
def create_user_impl(email, name, pwd, role):
|
2022-01-10 05:22:25 +08:00
|
|
|
|
"""
|
2022-01-10 18:07:02 +08:00
|
|
|
|
创建新用户流程
|
2022-01-10 05:22:25 +08:00
|
|
|
|
Parameters:
|
2022-01-11 07:13:28 +08:00
|
|
|
|
email str 邮箱
|
|
|
|
|
|
name str 姓名
|
|
|
|
|
|
pwd str 密码
|
|
|
|
|
|
role str 角色
|
2022-01-10 05:22:25 +08:00
|
|
|
|
Returns:
|
2022-01-11 07:13:28 +08:00
|
|
|
|
执行成功 bool True
|
|
|
|
|
|
执行失败 str 异常信息
|
2022-01-10 05:22:25 +08:00
|
|
|
|
"""
|
2022-01-11 07:13:28 +08:00
|
|
|
|
def check_params():
|
|
|
|
|
|
"""
|
|
|
|
|
|
参数检查
|
|
|
|
|
|
"""
|
2022-01-25 16:48:42 +08:00
|
|
|
|
roles = ['admin', 'developer', 'analysts', 'manager', 'guest']
|
2022-01-11 07:13:28 +08:00
|
|
|
|
if role not in roles:
|
|
|
|
|
|
return "用户角色异常"
|
2022-01-10 05:22:25 +08:00
|
|
|
|
|
2022-01-11 07:13:28 +08:00
|
|
|
|
if not check_mail_fmt(email):
|
|
|
|
|
|
return "邮箱格式错误"
|
2022-01-10 05:22:25 +08:00
|
|
|
|
|
2022-01-11 07:13:28 +08:00
|
|
|
|
if not check_pwd_fmt(pwd):
|
|
|
|
|
|
return "密码格式错误"
|
2022-01-10 18:07:02 +08:00
|
|
|
|
|
2022-01-26 15:07:18 +08:00
|
|
|
|
if len(FIND_DATA("用户", "用户信息", {"email": email})) > 0:
|
2022-01-11 07:13:28 +08:00
|
|
|
|
return "邮箱已被注册"
|
|
|
|
|
|
|
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
|
|
def gen_new_uid():
|
|
|
|
|
|
"""
|
|
|
|
|
|
生成新的用户ID,如果该ID存在,则重新生成
|
|
|
|
|
|
Returns:
|
|
|
|
|
|
生成的用户ID
|
|
|
|
|
|
"""
|
|
|
|
|
|
|
|
|
|
|
|
def make_id(num):
|
|
|
|
|
|
"""
|
|
|
|
|
|
随机生成字符串
|
|
|
|
|
|
"""
|
|
|
|
|
|
choices = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'
|
|
|
|
|
|
salt = ''
|
|
|
|
|
|
for i in range(num):
|
|
|
|
|
|
salt += random.choice(choices)
|
|
|
|
|
|
return salt
|
|
|
|
|
|
|
|
|
|
|
|
def gen_id():
|
|
|
|
|
|
"""
|
|
|
|
|
|
生成新ID,
|
|
|
|
|
|
检查新ID是否存在,如果存在则继续生成新ID
|
|
|
|
|
|
若新ID可使用,返回新ID
|
|
|
|
|
|
"""
|
|
|
|
|
|
new_id = make_id(8)
|
2022-01-26 15:07:18 +08:00
|
|
|
|
case = FIND_DATA("用户", "用户信息", {"企业ID": new_id}) is []
|
2022-01-11 07:13:28 +08:00
|
|
|
|
while case:
|
|
|
|
|
|
new_id = make_id(8)
|
|
|
|
|
|
return new_id
|
|
|
|
|
|
|
|
|
|
|
|
return gen_id()
|
|
|
|
|
|
|
2022-01-25 16:48:42 +08:00
|
|
|
|
def start_impl():
|
2022-01-11 07:13:28 +08:00
|
|
|
|
"""
|
|
|
|
|
|
执行流程
|
|
|
|
|
|
"""
|
|
|
|
|
|
check_param_result = check_params()
|
|
|
|
|
|
if check_param_result is not True:
|
|
|
|
|
|
return check_param_result
|
|
|
|
|
|
|
|
|
|
|
|
user = dict()
|
|
|
|
|
|
user['UID'] = gen_new_uid()
|
|
|
|
|
|
user['email'] = email
|
|
|
|
|
|
user['name'] = name
|
|
|
|
|
|
user['pwd'] = generate_password_hash(decrypt_data(encrypt_msg=pwd))
|
|
|
|
|
|
user['status'] = 'normal'
|
|
|
|
|
|
user['role'] = role
|
|
|
|
|
|
user['create_time'] = time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())
|
|
|
|
|
|
|
2022-01-26 15:07:18 +08:00
|
|
|
|
INSERT_DATA("用户", "用户信息", user)
|
2022-01-11 07:13:28 +08:00
|
|
|
|
|
|
|
|
|
|
return True
|
|
|
|
|
|
|
2022-01-25 16:48:42 +08:00
|
|
|
|
return start_impl()
|
2022-01-11 15:12:08 +08:00
|
|
|
|
|
|
|
|
|
|
|
2022-01-25 16:48:42 +08:00
|
|
|
|
def login_impl(email, pwd, vcode):
|
2022-01-26 15:07:18 +08:00
|
|
|
|
user_info = FIND_DATA('用户', '用户信息', {"email": email})
|
2022-01-11 17:36:31 +08:00
|
|
|
|
|
|
|
|
|
|
def check_email():
|
2022-02-08 10:14:37 +08:00
|
|
|
|
if not user_info:
|
2022-01-11 17:36:31 +08:00
|
|
|
|
return "不存在该邮箱"
|
|
|
|
|
|
if not check_mail_fmt(email):
|
|
|
|
|
|
return "邮箱格式错误"
|
|
|
|
|
|
return True
|
|
|
|
|
|
|
2022-03-11 14:58:43 +08:00
|
|
|
|
def check_disable():
|
|
|
|
|
|
if user_info[0]['status'] != 'normal':
|
|
|
|
|
|
return "账户已禁用"
|
|
|
|
|
|
return True
|
|
|
|
|
|
|
2022-01-25 16:48:42 +08:00
|
|
|
|
def check_vcode():
|
2022-01-26 15:07:18 +08:00
|
|
|
|
records = FIND_DATA("用户", "验证记录", {"email": email})
|
2022-01-25 16:48:42 +08:00
|
|
|
|
|
|
|
|
|
|
if len(records) == 0:
|
|
|
|
|
|
return "无验证信息"
|
|
|
|
|
|
|
|
|
|
|
|
if records[0]['vcode'] != vcode:
|
|
|
|
|
|
return "验证码错误"
|
|
|
|
|
|
|
|
|
|
|
|
if time.time() - records[0]['timestamp'] > 300:
|
|
|
|
|
|
return "验证码过期"
|
|
|
|
|
|
|
2022-01-26 15:07:18 +08:00
|
|
|
|
DELETE_DATA("用户", "验证记录", {"email": email})
|
2022-01-25 16:48:42 +08:00
|
|
|
|
|
|
|
|
|
|
return True
|
|
|
|
|
|
|
2022-01-11 17:36:31 +08:00
|
|
|
|
def check_pwd():
|
|
|
|
|
|
hash_pwd = user_info[0]['pwd']
|
|
|
|
|
|
try:
|
|
|
|
|
|
if not check_password_hash(hash_pwd, decrypt_data(encrypt_msg=pwd)):
|
|
|
|
|
|
return "密码错误"
|
|
|
|
|
|
except Exception:
|
|
|
|
|
|
return "密码错误"
|
|
|
|
|
|
return True
|
|
|
|
|
|
|
2022-01-25 16:48:42 +08:00
|
|
|
|
def make_menus():
|
2022-01-11 17:36:31 +08:00
|
|
|
|
role = user_info[0]['role']
|
2022-01-25 16:48:42 +08:00
|
|
|
|
|
|
|
|
|
|
with open(os.path.abspath(os.path.dirname(__file__)+'/static/menus.json'), "r", encoding='utf-8') as f:
|
|
|
|
|
|
duties = json.load(f)
|
|
|
|
|
|
|
2022-01-26 15:27:30 +08:00
|
|
|
|
return duties[role]
|
2022-01-11 17:36:31 +08:00
|
|
|
|
|
2022-01-25 16:48:42 +08:00
|
|
|
|
def make_session_id():
|
|
|
|
|
|
choices = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'
|
|
|
|
|
|
session_id = ''
|
|
|
|
|
|
for i in range(4):
|
|
|
|
|
|
session_id += random.choice(choices)
|
2022-01-26 15:07:18 +08:00
|
|
|
|
UPSERT_DATA("用户", "token记录", {"UID": user_info[0]['UID']}, {"session_id": session_id})
|
2022-01-25 16:48:42 +08:00
|
|
|
|
return session_id
|
|
|
|
|
|
|
|
|
|
|
|
def make_result_data():
|
2022-01-11 17:36:31 +08:00
|
|
|
|
res_data = dict()
|
2022-03-11 11:23:22 +08:00
|
|
|
|
res_data['name'] = user_info[0]["name"]
|
2022-01-25 16:48:42 +08:00
|
|
|
|
res_data['token'] = create_token(make_session_id())
|
|
|
|
|
|
res_data['menus'] = make_menus()
|
2022-01-11 17:36:31 +08:00
|
|
|
|
return res_data
|
|
|
|
|
|
|
2022-01-25 16:48:42 +08:00
|
|
|
|
def start_impl():
|
|
|
|
|
|
result = check_email()
|
|
|
|
|
|
if result is not True:
|
|
|
|
|
|
return result
|
2022-01-11 17:36:31 +08:00
|
|
|
|
|
2022-03-11 14:58:43 +08:00
|
|
|
|
result = check_disable()
|
|
|
|
|
|
if result is not True:
|
|
|
|
|
|
return result
|
|
|
|
|
|
|
2022-01-25 16:48:42 +08:00
|
|
|
|
result = check_pwd()
|
|
|
|
|
|
if result is not True:
|
|
|
|
|
|
return result
|
|
|
|
|
|
|
|
|
|
|
|
result = check_vcode()
|
|
|
|
|
|
if result is not True:
|
|
|
|
|
|
return result
|
2022-01-11 17:36:31 +08:00
|
|
|
|
|
2022-01-25 16:48:42 +08:00
|
|
|
|
return make_result_data()
|
2022-01-11 17:36:31 +08:00
|
|
|
|
|
2022-01-25 16:48:42 +08:00
|
|
|
|
return start_impl()
|
2022-01-11 15:12:08 +08:00
|
|
|
|
|
|
|
|
|
|
|
2022-01-26 15:07:18 +08:00
|
|
|
|
def send_vcode_to_user_impl(email):
|
2022-01-11 15:12:08 +08:00
|
|
|
|
|
|
|
|
|
|
def check_param():
|
|
|
|
|
|
if not check_mail_fmt(email):
|
|
|
|
|
|
return "邮箱格式错误"
|
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
|
|
def gen_vcode():
|
|
|
|
|
|
choices = '0123456789'
|
|
|
|
|
|
salt = ''
|
|
|
|
|
|
for i in range(6):
|
|
|
|
|
|
salt += random.choice(choices)
|
|
|
|
|
|
return salt
|
|
|
|
|
|
|
|
|
|
|
|
def send_email():
|
|
|
|
|
|
email_api = 'http://116.63.130.34:30001'
|
|
|
|
|
|
vcode = gen_vcode()
|
|
|
|
|
|
timestamp = round(time.time())
|
|
|
|
|
|
headers = {"Content-Type": "application/json;charset=UTF-8"}
|
|
|
|
|
|
data = {"title": "【远东资信】{}".format("登录验证码"),
|
|
|
|
|
|
"sender": 'fecribd@fecr.com.cn',
|
|
|
|
|
|
"recipients": [email],
|
|
|
|
|
|
"msg_body": "您{}的验证码为 【{}】,5分钟内有效。".format("登录", vcode)}
|
|
|
|
|
|
requests.post(url=email_api + '/send_mail', headers=headers, data=json.dumps(data))
|
2022-01-26 15:07:18 +08:00
|
|
|
|
UPSERT_DATA('用户', '验证记录', {"email": email}, {"vcode": vcode, "timestamp": timestamp})
|
2022-01-11 15:12:08 +08:00
|
|
|
|
return True
|
|
|
|
|
|
|
2022-01-26 15:07:18 +08:00
|
|
|
|
def start_impl():
|
2022-01-11 15:12:08 +08:00
|
|
|
|
res = check_param()
|
|
|
|
|
|
if res is not True:
|
|
|
|
|
|
return res
|
|
|
|
|
|
|
|
|
|
|
|
res = send_email()
|
|
|
|
|
|
if res is not True:
|
|
|
|
|
|
return res
|
|
|
|
|
|
|
|
|
|
|
|
return True
|
|
|
|
|
|
|
2022-01-26 15:07:18 +08:00
|
|
|
|
return start_impl()
|
|
|
|
|
|
|
|
|
|
|
|
|
2022-01-27 17:28:49 +08:00
|
|
|
|
def list_user_impl(criteria, skip, limit):
|
2022-01-26 15:07:18 +08:00
|
|
|
|
"""
|
2022-01-27 17:28:49 +08:00
|
|
|
|
查询用户列表
|
|
|
|
|
|
Parameters:
|
|
|
|
|
|
criteria str 查询条件
|
|
|
|
|
|
Returns:
|
|
|
|
|
|
查询成功 list 用户列表
|
2022-01-26 15:07:18 +08:00
|
|
|
|
"""
|
2022-01-27 17:28:49 +08:00
|
|
|
|
def uid_query():
|
|
|
|
|
|
"""
|
|
|
|
|
|
uid查询
|
|
|
|
|
|
"""
|
|
|
|
|
|
result = FIND_DATA_PAGE("用户", "用户信息", {"UID": criteria}, skip, limit)
|
|
|
|
|
|
return result
|
2022-01-26 15:07:18 +08:00
|
|
|
|
|
2022-01-27 17:28:49 +08:00
|
|
|
|
def email_query():
|
|
|
|
|
|
"""
|
2022-01-28 10:57:02 +08:00
|
|
|
|
email查询
|
2022-01-27 17:28:49 +08:00
|
|
|
|
"""
|
|
|
|
|
|
result = FIND_DATA_PAGE("用户", "用户信息", {"email": criteria}, skip, limit)
|
|
|
|
|
|
return result
|
|
|
|
|
|
|
|
|
|
|
|
def name_query():
|
|
|
|
|
|
"""
|
|
|
|
|
|
name查询
|
|
|
|
|
|
"""
|
|
|
|
|
|
result = FIND_DATA_PAGE("用户", "用户信息", {"name": criteria}, skip, limit)
|
|
|
|
|
|
return result
|
2022-01-26 15:07:18 +08:00
|
|
|
|
|
2022-01-27 17:28:49 +08:00
|
|
|
|
def status_query():
|
|
|
|
|
|
"""
|
|
|
|
|
|
status查询
|
|
|
|
|
|
"""
|
|
|
|
|
|
result = FIND_DATA_PAGE("用户", "用户信息", {"status": criteria}, skip, limit)
|
|
|
|
|
|
return result
|
|
|
|
|
|
|
|
|
|
|
|
def role_query():
|
|
|
|
|
|
"""
|
|
|
|
|
|
role查询
|
|
|
|
|
|
"""
|
|
|
|
|
|
result = FIND_DATA_PAGE("用户", "用户信息", {"role": criteria}, skip, limit)
|
|
|
|
|
|
return result
|
|
|
|
|
|
|
|
|
|
|
|
def empty_query():
|
|
|
|
|
|
"""
|
|
|
|
|
|
空值查询
|
|
|
|
|
|
"""
|
|
|
|
|
|
result = FIND_DATA_PAGE("用户", "用户信息", {}, skip, limit)
|
|
|
|
|
|
return result
|
|
|
|
|
|
|
|
|
|
|
|
if criteria:
|
|
|
|
|
|
record = uid_query()
|
|
|
|
|
|
if len(record['data']) == 0:
|
|
|
|
|
|
record = email_query()
|
|
|
|
|
|
if len(record['data']) == 0:
|
|
|
|
|
|
record = name_query()
|
|
|
|
|
|
if len(record['data']) == 0:
|
|
|
|
|
|
record = status_query()
|
|
|
|
|
|
if len(record['data']) == 0:
|
|
|
|
|
|
record = role_query()
|
|
|
|
|
|
else:
|
|
|
|
|
|
record = empty_query()
|
|
|
|
|
|
|
|
|
|
|
|
return record
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def disable_user_impl(uid):
|
2022-01-26 15:07:18 +08:00
|
|
|
|
"""
|
|
|
|
|
|
禁用用户
|
|
|
|
|
|
"""
|
2022-01-27 17:28:49 +08:00
|
|
|
|
result = UPDATE_INFO("用户", "用户信息", {"UID": uid}, {"status": "disable"})
|
|
|
|
|
|
return result
|
2022-01-26 15:07:18 +08:00
|
|
|
|
|
|
|
|
|
|
|
2022-01-28 10:57:02 +08:00
|
|
|
|
def delete_user_impl(uid):
|
2022-01-26 15:07:18 +08:00
|
|
|
|
"""
|
|
|
|
|
|
删除用户
|
|
|
|
|
|
"""
|
2022-01-28 10:57:02 +08:00
|
|
|
|
result = DELETE_DATA("用户", "用户信息", {"UID": uid})
|
|
|
|
|
|
return result
|
2022-01-26 15:07:18 +08:00
|
|
|
|
|
|
|
|
|
|
|
2022-01-28 10:57:02 +08:00
|
|
|
|
def manage_role_of_user_impl(uid, role):
|
2022-01-26 15:07:18 +08:00
|
|
|
|
"""
|
|
|
|
|
|
管理用户角色
|
|
|
|
|
|
"""
|
2022-01-28 10:57:02 +08:00
|
|
|
|
result = UPDATE_INFO("用户", "用户信息", {"UID": uid}, {"role": role})
|
|
|
|
|
|
return result
|
