Skip to content

M
mancheng
Commit 0765685d by dong
Options

fix20220303

parent 8541f928
Showing with 877 additions and 843 deletions
apps/__init__.py
......@@ -90,7 +90,7 @@ def creat_app(config_name):
# 注册蓝图,推迟导入,防止循环嵌套
from apps.view_index import api_attract # 招商驾驶舱
# from apps.user_pc import api_user
from apps.view_user import api_user
from apps.view_atlas import api_atlas
from apps.view_radar import api_radar
from apps.view_map import api_map
......@@ -100,7 +100,7 @@ def creat_app(config_name):
# from apps.inves_manage import api_manage
# from apps.view_mobile import api_mobile
# app.register_blueprint(api_user, url_prefix='/api/user')
app.register_blueprint(api_user, url_prefix='/api/user')
app.register_blueprint(api_radar, url_prefix='/api/radar') # 产业招商雷达
app.register_blueprint(api_atlas, url_prefix='/api/atlas') # 产业现状图谱
app.register_blueprint(api_map, url_prefix='/api/map') # 产业招商地图
......
apps/models.py
......@@ -713,246 +713,6 @@ class Induzone(db.Model):
upper_district = db.Column(db.String(255), doc='上级行政区', comment='上级行政区') # 所在开发区
# 项目列表
# class Item(db.Model):
# __tablename_ = "item"
#
# id = db.Column(db.Integer, primary_key=True, autoincrement=True) # 项目id
# build_date = db.Column(db.DateTime) # 成立时间
# company_name = db.Column(db.String(255)) # 项目企业
# admin = db.Column(db.String(255)) # 企业联系人
# mobile = db.Column(db.String(255)) # 企业联系人联系电话
# email = db.Column(db.String(255)) # 企业联系邮箱
#
# name = db.Column(db.String(255)) # 项目名称
# store = db.Column(db.DateTime) # 项目入库时间
# product = db.Column(db.String(255)) # 生产产品
# industry = db.Column(db.String(255)) # 所在行业
# indu_id = db.Column(db.Integer) # 所在行业id
# invest = db.Column(db.Float) # 投资额(亿元)
# # invest = db.Column(db.String(32)) # 投资额(万元)
# invest_id = db.Column(db.Integer) # 投资额id
#
# area = db.Column(db.String(255)) # 占地面积
# value = db.Column(db.Float) # 预计产值(万)
# tax = db.Column(db.Float) # 预计税收(万)
#
# unit = db.Column(db.String(255)) # 项目所在机构、单位、局
# section = db.Column(db.String(255)) # 项目所在部门
# link = db.Column(db.String(255)) # 对接人(手动填充,非创建者也可以)
# link_mobile = db.Column(db.String(255)) # 对接人的联系方式
# user_id = db.Column(db.Integer) # 项目创建人id
#
# level = db.Column(db.String(255)) # 项目的级别
# level_id = db.Column(db.Integer) # 项目级别id
# stage = db.Column(db.String(255)) # 项目的进度
# stage_id = db.Column(db.Integer) # 项目进度id
#
# status = db.Column(db.String(255)) # 项目上报状态
# belong = db.Column(db.Integer) # 是否为太原市投促局项目 1是,2否
# share = db.Column(db.String(255)) # 共享人
# unit_up = db.Column(db.String(255)) # 被上报局
#
# main_introduce = db.Column(db.Text) # 项目主体介绍
# invest_introduce = db.Column(db.Text) # 投资项目介绍
# build_introduce = db.Column(db.Text) # 项目建设内容
# encomy = db.Column(db.Text) # 项目的经济效益
# policy = db.Column(db.Text) # 项目政策需求
# question = db.Column(db.Text) # 项目进展及存在的问题
#
#
# # 项目阶段表
# class Trends(BaseModel, db.Model):
# __tablename__ = "trends"
#
# id = db.Column(db.Integer, primary_key=True, autoincrement=True)
# stage = db.Column(db.String(255)) # 项目的阶段
# unit = db.Column(db.String(255)) # 主导机构
# user = db.Column(db.String(255)) # 更新人
# item_id = db.Column(db.Integer, db.ForeignKey("item.id")) # 项目ID
# item = db.relationship('Item', backref=db.backref('trends')) # 外键联系
#
#
# # 招商资源管理项目文件
# class File(BaseModel, db.Model):
# __tablename__ = "file"
#
# id = db.Column(db.Integer, primary_key=True, autoincrement=True)
# name = db.Column(db.String(255)) # 上传文件名
# file_size = db.Column(db.String(255)) # 文件大小
# uploader = db.Column(db.String(255)) # 上传人
# url = db.Column(db.String(255)) # url
# item_id = db.Column(db.Integer, db.ForeignKey("item.id")) # 项目ID
# item = db.relationship('Item', backref=db.backref('file')) # 外键联系
#
#
# # 政府机构之间的上下级统筹
# followers = db.Table('followers',
# db.Column('follower_id', db.Integer, db.ForeignKey('government.id'), primary_key=True),
# db.Column('followed_id', db.Integer, db.ForeignKey('government.id'), primary_key=True)
# )
#
#
# # 政府机构表(自关联多对多)
# class Government(db.Model):
# __tablename__ = "government"
# # 基本信息
# id = db.Column(db.Integer, primary_key=True, autoincrement=True)
# pnums = db.Column(db.Integer) # 人数
# charge = db.Column(db.String(255)) # 机构负责人
# charge_phone = db.Column(db.String(255)) # 负责人电话
# function = db.Column(db.Text) # 部门职能
# name = db.Column(db.String(255), nullable=False, view_index=True) # 政府机构单位名称
# # followed 我的下级,管制谁,followers 我的上级,谁管制我
# followed = db.relationship('Government', secondary=followers, primaryjoin=(followers.c.follower_id == id),
# secondaryjoin=(followers.c.followed_id == id),
# backref=db.backref('followers', lazy='dynamic'), lazy='dynamic')
#
#
# # 政府部门(政府-部门 一对多)
# class Section(db.Model):
# __tablename__ = "section"
# # 基本信息
# id = db.Column(db.Integer, primary_key=True, autoincrement=True)
# pnums = db.Column(db.Integer) # 人数
# charge = db.Column(db.String(255)) # 部门负责人
# charge_phone = db.Column(db.String(255)) # 负责人电话
# function = db.Column(db.Text) # 部门职能
# name = db.Column(db.String(255), nullable=False) # 政府机构部门名称
# # gid = db.Column(db.Integer) # 政府id
# goverment_id = db.Column(db.Integer, db.ForeignKey("government.id"))
# goverment = db.relationship('Government', backref=db.backref('sections')) # 政府1-N部门
#
#
# # 政府组(政府1-N部门1-N组)
# class Group(db.Model):
# __tablename__ = "group"
# # 基本信息
# id = db.Column(db.Integer, primary_key=True, autoincrement=True)
# pnums = db.Column(db.Integer) # 人数
# charge = db.Column(db.String(255)) # 组负责人
# charge_phone = db.Column(db.String(255)) # 负责人电话
# function = db.Column(db.Text) # 部门职能
# name = db.Column(db.String(255), nullable=False) # 政府机构部门下组的名称
# # sid = db.Column(db.Integer) # 部门id
# section_id = db.Column(db.Integer, db.ForeignKey("section.id"))
# section = db.relationship('Section', backref=db.backref('groups')) # 部门1-N组
#
#
# # 用户关注行业,多-多
# class UserIndustry(BaseModel, db.Model):
# __tablename__ = "user_industry"
#
# user_id = db.Column(db.Integer, db.ForeignKey("user.id"), primary_key=True)
# industry_id = db.Column(db.Integer, db.ForeignKey("industry.id"), primary_key=True)
#
#
# # #用户关注公司,多-多
# class UserCompany(BaseModel, db.Model):
# __tablename__ = "user_company"
#
# user_id = db.Column(db.Integer, db.ForeignKey("user.id"), primary_key=True)
# company_id = db.Column(db.Integer, db.ForeignKey("company.id"), primary_key=True)
#
#
# # #用户关注公司,多-多
# class UserEnterprise(BaseModel, db.Model):
# __tablename__ = "user_enterprise"
#
# user_id = db.Column(db.Integer, db.ForeignKey("user.id"), primary_key=True)
# enterprise_id = db.Column(db.Integer, db.ForeignKey("enterprise.id"), primary_key=True)
#
#
# 用户
class User(BaseModel, db.Model):
__tablename__ = "user"
__table_args__ = ({'comment': '用户信息表'}) # 添加表注释
# 基本信息
id = db.Column(db.Integer, primary_key=True, autoincrement=True) # 用户编号
name = db.Column(db.String(32), unique=True) # 用户名
password_hash = db.Column(db.String(128)) # 加密的密码
real_name = db.Column(db.String(32)) # 姓名
age = db.Column(db.Integer) # 年龄
sex = db.Column(db.Integer) # 性别,男1女2
mobile = db.Column(db.String(11), unique=True) # 手机号
email = db.Column(db.String(20)) # 邮箱
# 个人中心的信息
function = db.Column(db.Text) # 工作职能 ---个人中心
flag = db.Column(db.Integer) # 普通1,政府2
status = db.Column(db.Integer) # 通过1,在审2,驳回3
# bused = db.Column(db.Integer) # 账户有无组织
# 政府信息
position = db.Column(db.String(128)) # 现任职务(职务)
unit = db.Column(db.String(128)) # 现任工作机构、单位(政府机构,局)
section = db.Column(db.String(128)) # 所在部门(部门)
group = db.Column(db.String(128)) # 所在组
level = db.Column(db.String(128)) # 职级(职级) 跟role_id对应
leader = db.Column(db.String(32)) # 领导(直属领导)
# 三方登陆唯一标识
# 微信
vxopenid = db.Column(db.String(128), unique=True) # 微信openid
vxunionid = db.Column(db.String(128), unique=True) # 微信unionid
# 角色(职级配置)
role_id = db.Column(db.Integer, db.ForeignKey("role.id"))
role = db.relationship("Role", backref=db.backref("users"))
# # 钉钉
# ddopenid = db.Column(db.String(128)) # 钉钉openid
# ddunionid = db.Column(db.String(128)) # 钉钉unionid
# dddingid = db.Column(db.String(128)) # 钉钉dingid
# 用户关注行业(图谱)
# industry = db.relationship("Industry", secondary="user_industry", backref=db.backref('bindustry'))
# 用户关注太原企业
# company = db.relationship("Company", secondary="user_company", backref=db.backref("bcompany"))
# 用户关注全国企业
# enterprise = db.relationship("Enterprise", secondary="user_enterprise", backref=db.backref("benterprise"))
@property
def password(self):
# 设置为只写的方式
# return self.password_hash
raise AttributeError('这个属性只能设置,不能读取')
@password.setter
def password(self, value):
self.password_hash = generate_password_hash(value)
def check_password(self, password):
'''检验密码的正确性,传入参数为用户登录时填写的密码'''
return check_password_hash(self.password_hash, password)
# 生成token
@staticmethod
def create_token(user_id):
"""
生成token,生成方式( 内部配置的私钥+有效期+用户的id )
:param user_id: 用户id
:return:
"""
# 第一个参数是内部的私钥,写在配置里,第二个参数是有效期(秒)
s = Serializer(Config.SECRET_KEY, expires_in=Config.TOKEN_EXPIRATION)
# 接收用户id转换与编码
token = s.dumps({"id": user_id}).decode('ascii')
print(token)
return token
# 角色(职位,职级)
class Role(BaseModel, db.Model):
__tablename__ = "role"
__table_args__ = ({'comment': '用户角色表'}) # 添加表注释
id = db.Column(db.Integer, primary_key=True, autoincrement=True) # 企业
role_name = db.Column(db.String(255), unique=True) # 角色名
role = db.Column(db.String(10), unique=True) # 权限值 000000 0位位职级123,后面为权限01
info = db.Column(db.String(255)) # 权限说明
# 创新资源-高等院校(985,211,本科,高职专高)
class College(db.Model):
__tablename_ = "college"
......@@ -1140,6 +900,250 @@ class SearchList(BaseModel, db.Model):
user_id = db.Column(db.Integer, db.ForeignKey("user.id"), doc='用户id', comment='用户id')
section = db.relationship('User', backref=db.backref('searchlist')) # 用户-搜索
# 用户
class User(BaseModel, db.Model):
__tablename__ = "user"
__table_args__ = ({'comment': '用户信息表'}) # 添加表注释
# 基本信息
id = db.Column(db.Integer, primary_key=True, autoincrement=True, comment='用户编号')
name = db.Column(db.String(32), unique=True, comment='用户名')
password_hash = db.Column(db.String(128), comment='加密的密码')
real_name = db.Column(db.String(32), comment='姓名')
age = db.Column(db.Integer, comment='年龄')
sex = db.Column(db.Integer, comment='性别,男1女2')
mobile = db.Column(db.String(11), unique=True, comment='手机号')
email = db.Column(db.String(20), comment='邮箱')
# 个人中心的信息
function = db.Column(db.Text, comment='工作职能 ---个人中心')
flag = db.Column(db.Integer, comment='普通1,政府2')
# status = db.Column(db.Integer, comment='通过1,在审2,驳回3')
status = db.Column(db.Integer, comment='0禁止,1在用')
# bused = db.Column(db.Integer) # 账户有无组织
# 政府信息
position = db.Column(db.String(30), comment='现任职务(职务)')
belong_organization = db.Column(db.String(30), comment='现任工作机构、单位(政府机构,局)')
is_organization_manager = db.Column(db.Integer, comment='是否是机构负责人')
charge_organization = db.Column(db.String(30), comment='是机构负责人的话,所负责的机构')
belong_department = db.Column(db.String(30), comment='所在部门(部门)')
is_department_manager = db.Column(db.Integer, comment='是否是部门负责人')
# charge_department = db.Column(db.String(30)) # 是部门负责人的话,所负责的部门
group = db.Column(db.String(30), comment='所在组')
level = db.Column(db.String(30), comment='职级(职级) 跟role_id对应')
leader = db.Column(db.String(32), comment='领导(直属领导)')
# 三方登陆唯一标识
# 微信
vxopenid = db.Column(db.String(128), unique=True, comment='微信openid')
vxunionid = db.Column(db.String(128), unique=True, comment='微信unionid')
# 角色(职级配置)
role_id = db.Column(db.Integer, db.ForeignKey("role.id"), comment='角色id')
role = db.relationship("Role", backref=db.backref("users"))
# # 钉钉
# ddopenid = db.Column(db.String(128)) # 钉钉openid
# ddunionid = db.Column(db.String(128)) # 钉钉unionid
# dddingid = db.Column(db.String(128)) # 钉钉dingid
# 用户关注行业(图谱)
# industry = db.relationship("Industry", secondary="user_industry", backref=db.backref('bindustry'))
# 用户关注太原企业
# company = db.relationship("Company", secondary="user_company", backref=db.backref("bcompany"))
# 用户关注全国企业
# enterprise = db.relationship("Enterprise", secondary="user_enterprise", backref=db.backref("benterprise"))
@property
def password(self):
# 设置为只写的方式
# return self.password_hash
raise AttributeError('这个属性只能设置,不能读取')
@password.setter
def password(self, value):
self.password_hash = generate_password_hash(value)
def check_password(self, password):
'''检验密码的正确性,传入参数为用户登录时填写的密码'''
return check_password_hash(self.password_hash, password)
# 生成token
@staticmethod
def create_token(user_id):
"""
生成token,生成方式( 内部配置的私钥+有效期+用户的id )
:param user_id: 用户id
:return:
"""
# 第一个参数是内部的私钥,写在配置里,第二个参数是有效期(秒)
s = Serializer(Config.SECRET_KEY, expires_in=Config.TOKEN_EXPIRATION)
# 接收用户id转换与编码
token = s.dumps({"id": user_id}).decode('ascii')
print(token)
return token
# 角色(职位,职级)
class Role(BaseModel, db.Model):
__tablename__ = "role"
__table_args__ = ({'comment': '用户角色表'}) # 添加表注释
id = db.Column(db.Integer, primary_key=True, autoincrement=True, comment='企业')
role_name = db.Column(db.String(255), unique=True, comment='角色名')
role = db.Column(db.String(10), unique=True, comment='权限值 000000 0位位职级123,后面为权限01')
info = db.Column(db.String(255), comment='权限说明')
# 项目列表
# class Item(db.Model):
# __tablename_ = "item"
#
# id = db.Column(db.Integer, primary_key=True, autoincrement=True) # 项目id
# build_date = db.Column(db.DateTime) # 成立时间
# company_name = db.Column(db.String(255)) # 项目企业
# admin = db.Column(db.String(255)) # 企业联系人
# mobile = db.Column(db.String(255)) # 企业联系人联系电话
# email = db.Column(db.String(255)) # 企业联系邮箱
#
# name = db.Column(db.String(255)) # 项目名称
# store = db.Column(db.DateTime) # 项目入库时间
# product = db.Column(db.String(255)) # 生产产品
# industry = db.Column(db.String(255)) # 所在行业
# indu_id = db.Column(db.Integer) # 所在行业id
# invest = db.Column(db.Float) # 投资额(亿元)
# # invest = db.Column(db.String(32)) # 投资额(万元)
# invest_id = db.Column(db.Integer) # 投资额id
#
# area = db.Column(db.String(255)) # 占地面积
# value = db.Column(db.Float) # 预计产值(万)
# tax = db.Column(db.Float) # 预计税收(万)
#
# unit = db.Column(db.String(255)) # 项目所在机构、单位、局
# section = db.Column(db.String(255)) # 项目所在部门
# link = db.Column(db.String(255)) # 对接人(手动填充,非创建者也可以)
# link_mobile = db.Column(db.String(255)) # 对接人的联系方式
# user_id = db.Column(db.Integer) # 项目创建人id
#
# level = db.Column(db.String(255)) # 项目的级别
# level_id = db.Column(db.Integer) # 项目级别id
# stage = db.Column(db.String(255)) # 项目的进度
# stage_id = db.Column(db.Integer) # 项目进度id
#
# status = db.Column(db.String(255)) # 项目上报状态
# belong = db.Column(db.Integer) # 是否为太原市投促局项目 1是,2否
# share = db.Column(db.String(255)) # 共享人
# unit_up = db.Column(db.String(255)) # 被上报局
#
# main_introduce = db.Column(db.Text) # 项目主体介绍
# invest_introduce = db.Column(db.Text) # 投资项目介绍
# build_introduce = db.Column(db.Text) # 项目建设内容
# encomy = db.Column(db.Text) # 项目的经济效益
# policy = db.Column(db.Text) # 项目政策需求
# question = db.Column(db.Text) # 项目进展及存在的问题
#
#
# # 项目阶段表
# class Trends(BaseModel, db.Model):
# __tablename__ = "trends"
#
# id = db.Column(db.Integer, primary_key=True, autoincrement=True)
# stage = db.Column(db.String(255)) # 项目的阶段
# unit = db.Column(db.String(255)) # 主导机构
# user = db.Column(db.String(255)) # 更新人
# item_id = db.Column(db.Integer, db.ForeignKey("item.id")) # 项目ID
# item = db.relationship('Item', backref=db.backref('trends')) # 外键联系
#
#
# # 招商资源管理项目文件
# class File(BaseModel, db.Model):
# __tablename__ = "file"
#
# id = db.Column(db.Integer, primary_key=True, autoincrement=True)
# name = db.Column(db.String(255)) # 上传文件名
# file_size = db.Column(db.String(255)) # 文件大小
# uploader = db.Column(db.String(255)) # 上传人
# url = db.Column(db.String(255)) # url
# item_id = db.Column(db.Integer, db.ForeignKey("item.id")) # 项目ID
# item = db.relationship('Item', backref=db.backref('file')) # 外键联系
#
#
# # 政府机构之间的上下级统筹
# followers = db.Table('followers',
# db.Column('follower_id', db.Integer, db.ForeignKey('government.id'), primary_key=True),
# db.Column('followed_id', db.Integer, db.ForeignKey('government.id'), primary_key=True)
# )
#
#
# # 政府机构表(自关联多对多)
# class Government(db.Model):
# __tablename__ = "government"
# # 基本信息
# id = db.Column(db.Integer, primary_key=True, autoincrement=True)
# pnums = db.Column(db.Integer) # 人数
# charge = db.Column(db.String(255)) # 机构负责人
# charge_phone = db.Column(db.String(255)) # 负责人电话
# function = db.Column(db.Text) # 部门职能
# name = db.Column(db.String(255), nullable=False, view_index=True) # 政府机构单位名称
# # followed 我的下级,管制谁,followers 我的上级,谁管制我
# followed = db.relationship('Government', secondary=followers, primaryjoin=(followers.c.follower_id == id),
# secondaryjoin=(followers.c.followed_id == id),
# backref=db.backref('followers', lazy='dynamic'), lazy='dynamic')
#
#
# # 政府部门(政府-部门 一对多)
# class Section(db.Model):
# __tablename__ = "section"
# # 基本信息
# id = db.Column(db.Integer, primary_key=True, autoincrement=True)
# pnums = db.Column(db.Integer) # 人数
# charge = db.Column(db.String(255)) # 部门负责人
# charge_phone = db.Column(db.String(255)) # 负责人电话
# function = db.Column(db.Text) # 部门职能
# name = db.Column(db.String(255), nullable=False) # 政府机构部门名称
# # gid = db.Column(db.Integer) # 政府id
# goverment_id = db.Column(db.Integer, db.ForeignKey("government.id"))
# goverment = db.relationship('Government', backref=db.backref('sections')) # 政府1-N部门
#
#
# # 政府组(政府1-N部门1-N组)
# class Group(db.Model):
# __tablename__ = "group"
# # 基本信息
# id = db.Column(db.Integer, primary_key=True, autoincrement=True)
# pnums = db.Column(db.Integer) # 人数
# charge = db.Column(db.String(255)) # 组负责人
# charge_phone = db.Column(db.String(255)) # 负责人电话
# function = db.Column(db.Text) # 部门职能
# name = db.Column(db.String(255), nullable=False) # 政府机构部门下组的名称
# # sid = db.Column(db.Integer) # 部门id
# section_id = db.Column(db.Integer, db.ForeignKey("section.id"))
# section = db.relationship('Section', backref=db.backref('groups')) # 部门1-N组
#
#
# # 用户关注行业,多-多
# class UserIndustry(BaseModel, db.Model):
# __tablename__ = "user_industry"
#
# user_id = db.Column(db.Integer, db.ForeignKey("user.id"), primary_key=True)
# industry_id = db.Column(db.Integer, db.ForeignKey("industry.id"), primary_key=True)
#
#
# # #用户关注公司,多-多
# class UserCompany(BaseModel, db.Model):
# __tablename__ = "user_company"
#
# user_id = db.Column(db.Integer, db.ForeignKey("user.id"), primary_key=True)
# company_id = db.Column(db.Integer, db.ForeignKey("company.id"), primary_key=True)
#
#
# # #用户关注公司,多-多
# class UserEnterprise(BaseModel, db.Model):
# __tablename__ = "user_enterprise"
#
# user_id = db.Column(db.Integer, db.ForeignKey("user.id"), primary_key=True)
# enterprise_id = db.Column(db.Integer, db.ForeignKey("enterprise.id"), primary_key=True)
# # 创新资源-双创平台
# class Platform(db.Model):
# __tablename_ = "platform"
......
apps/user_pc/view.py deleted 100644 → 0
import datetime
import re
import json
import time
import random
import threading
import numpy as np
import requests
import filetype
from sqlalchemy.exc import IntegrityError
from flask_mail import Mail, Message
from flask import g, current_app, request, jsonify, session
from apps.user_pc import api_user
from apps import creat_app
from apps.utils.send_phone_info import send_code_new
from apps.utils.response_code import RET
from apps import db, constants, redis_store
from apps.models import *
from apps.util import create_token
from werkzeug.security import generate_password_hash, check_password_hash
from apps import qiniu_store
from apps.utils.vxconfig import WxConfig
from apps.utils.encrypt_decrypt.aes_cbc import encrypt, decrypt
# 给手机发验证码(2020-11-4)
@api_user.route("/send_mobile_code", methods=["POST"])
def send_phone_code():
'''
向手机发送验证码
:return:
'''
# 获取请求参数,转化字典
req_dict = request.get_json()
mobile = req_dict.get('mobile') # 手机号
# 校验参数完整性
if not all([mobile]):
return jsonify(code=RET.PARAMERR, msg="参数不完整")
# 校验手机号格式
if not re.match(r"1[23456789]\d{9}$", mobile):
return jsonify(code=RET.MOBILEERR, msg="手机号格式错误")
# # 判断手机号是否存在
# try:
# user = User.query.filter_by(mobile=mobile).first()
# except Exception as e:
# current_app.logger.error(e)
# else:
# if user: # 手机号已存在
# return jsonify(code=RET.DATAEXIST, msg="手机号已存在,请直接登录")
# 生成短信验证码
sms_code = "%06d" % random.randint(0, 999999)
data = send_code_new(mobile, sms_code)
# print(data)
if data['Message'] == 'OK':
# 保存真实的短信验证码
try:
redis_store.setex("sms_code_%s" % mobile, constants.SMS_CODE_REDIS_EXPIRES, sms_code)
# 保存发送给这个手机号的记录,防止用户在60s内再次出发发送短信的操作
redis_store.setex("send_sms_code_%s" % mobile, constants.SEND_SMS_CODE_INTERVAL, 1)
except Exception as e:
current_app.logger.error(e)
return jsonify(code=RET.DBERR, msg="保存短信验证码异常")
# 发送成功
return jsonify(code=RET.OK, msg="发送成功")
else:
return jsonify(code=RET.THIRDERR, msg="发送失败")
# 手机验证码登录(2020-11-4)
@api_user.route("/login_bysms", methods=["POST"])
def login_bysms():
'''
用户验证码登录,用户存在,直接登陆,不存在就后台注册
:return:
'''
# 参数获取与校验
req_dict = request.get_json()
mobile = req_dict.get('mobile') # 手机号
sms_code = req_dict.get("sms_code") # 验证码
# 校验参数完整性
if not all([mobile, sms_code]):
return jsonify(code=RET.PARAMERR, msg="参数不完整")
# 校验手机号格式
if not re.match(r"1[23456789]\d{9}$", mobile):
return jsonify(code=RET.PARAMERR, msg="手机号格式错误")
# 获取短信验证码
try:
real_sms_code = redis_store.get('sms_code_{}'.format(mobile)).decode()
# real_sms_code = "123456"
except Exception as e:
current_app.logger.error(e)
return jsonify(code=RET.DBERR, msg="redis数据库异常")
# 获取用户
try:
user = User.query.filter_by(mobile=mobile).first()
except Exception as e:
current_app.logger.error(e)
return jsonify(code=RET.DBERR, msg="获取用户信息失败")
# 判断用户填写短信验证码是否一致
if real_sms_code != sms_code:
# if "123456" != sms_code:
return jsonify(code=RET.DATAERR, msg="短信验证码错误")
# 删除redis中的短信验证码,防止重复校验
try:
redis_store.delete("sms_code_{}".format(mobile))
except Exception as e:
current_app.logger.error(e)
if not user:
# 判断并添加用户信息
try:
user = User(name=mobile, mobile=mobile, flag=1, status=1)
db.session.add(user)
db.session.commit()
except Exception as e:
# 表示操作失败,回滚数据库操作
db.session.rollback()
current_app.logger.error(e)
return jsonify(code=RET.DBERR, msg="数据库异常")
# print(user.status==3)
if user.status == 3:
return jsonify(code=RET.USERERR, msg="当前用户被禁止登录,请联系管理员")
# 获取用户id,传入生成token的方法,并接收返回的token
token = create_token(user.id)
time = datetime.now()
current_app.logger.error(
'++++++++++++++++++++++++++++登录日志>>>{}:{}通过使用手机-短信验证码登录成功了!+++++++++++++++++++++++=++'.format(time, mobile))
return jsonify(code=RET.OK, msg="登录成功", token=token, flag=user.flag)
# # 异步邮箱发送信息
# def send_async_email(mail, app, msg):
# with app.app_context():
# mail.send(msg)
#
#
# # 给邮箱发验证码
# @api_user.route("/send_email_code", methods=["POST"])
# def send_email_code():
# '''
# 向邮箱送验证码
# :return:
# '''
# # 获取请求参数,转化字典
# req_dict = request.get_json()
# email = req_dict.get('email') # 邮箱号
# # 校验参数完整性
# if not all([email]):
# return jsonify(code=RET.PARAMERR, msg="参数不完整")
#
# # 校验邮箱格式
# if not re.match("^.+\\@(\\[?)[a-zA-Z0-9\\-\\.]+\\.([a-zA-Z]{2,3}|[0-9]{1,3})(\\]?)$", email):
# return jsonify(code=RET.PARAMERR, msg="邮箱格式错误")
#
# # print(email)
# app = creat_app('product')
# mail = Mail(app)
# sms_code = "%06d" % random.randint(0, 999999)
#
# msg = Message("中研认知产业链在线,欢迎您!", recipients=[email])
# msg.body = "【中研认知产业链在线】您的验证码为:{},您正在进行邮箱绑定,如非本人操作,请忽略本邮件!".format(sms_code)
# thread = threading.Thread(target=send_async_email, args=(mail, app, msg))
# thread.start()
# try:
# redis_store.setex("ems_code_%s" % email, constants.SMS_CODE_REDIS_EXPIRES, sms_code)
# # 保存发送给这个邮箱的记录,防止用户在180s内再次出发发送短信的操作
# redis_store.setex("send_ems_code_%s" % email, constants.SEND_EMS_CODE_INTERVAL, 1)
# except Exception as e:
# current_app.logger.error(e)
# return jsonify(code=RET.DBERR, msg="保存验证码异常")
#
# return jsonify(code=RET.OK, msg="发送成功")
''''''
# 注册页面选择选择单位(2020-11-4)
@api_user.route('/orgs', methods=['GET'])
def zcorgs():
'''
太原市企业条件选择导航获取
:return:
'''
try:
gover = Government.query.all()
ty = Government.query.get(1)
sections = ty.sections
data = [{"label": i.name, "value": i.id} for i in gover]
section = [{"label": i.name, "value": i.id} for i in sections]
orgs = {"data": data, "section": section}
return jsonify(code=RET.OK, msg="获取成功", orgs=orgs)
except Exception as e:
current_app.logger.error(e)
return jsonify(code=RET.DBERR, msg="数据库查询错误")
# 注册(2020-11-4)
@api_user.route("/register", methods=["POST"])
def register():
"""
用户注册
:return:
"""
# 获取请求参数,转化字典
req_dict = request.get_json()
real_name = req_dict.get("real_name") # 姓名
age = req_dict.get("age") # 年龄
sex = req_dict.get("sex") # 性别
mobile = req_dict.get('mobile') # 手机号
sms_code = req_dict.get("sms_code") # 验证码
name = req_dict.get("name") # 用户名
password = req_dict.get("password") # 密码
password_again = req_dict.get("repassword") # 密码2
position = req_dict.get("position") # 职务
unit = req_dict.get("unit") # 机构/单位
section = req_dict.get("section") # 所在部门(政府)
# 校验参数完整性
if not all([real_name, age, sex, mobile, sms_code, name, unit, position, password, password_again]):
return jsonify(code=RET.PARAMERR, msg="参数不完整")
# 校验手机号格式
if not re.match(r"1[23456789]\d{9}$", mobile):
return jsonify(code=RET.PARAMERR, msg="手机号格式错误")
# 获取短信验证码
try:
real_sms_code = redis_store.get('sms_code_{}'.format(mobile)).decode()
# real_sms_code = "123456"
except Exception as e:
current_app.logger.error(e)
return jsonify(code=RET.NODATA, msg="短信验证码失效")
# 判断短信验证码是否失效
if not redis_store:
return jsonify(code=RET.NODATA, msg="短信验证码失效")
# 删除redis中的短信验证码,防止重复校验
try:
redis_store.delete("sms_code_{}".format(mobile))
except Exception as e:
current_app.logger.error(e)
# 判断用户填写短信验证码是否一致
if real_sms_code != sms_code:
# if "123456" != sms_code:
return jsonify(code=RET.DATAERR, msg="短信验证码错误")
# 用户名唯一(字母开头,长度4-15)
try:
patten = "^[a-zA-Z][\w]*[\w]*$"
if re.match(patten, name) and re.match(patten, name).string == name:
user = User.query.filter_by(name=name).first()
if user:
return jsonify(code=RET.DATAEXIST, msg="用户名已存在")
else:
return jsonify(code=RET.DATAERR, msg="用户名格式错误")
except Exception as e:
current_app.logger.error(e)
return jsonify(code=RET.DBERR, msg="用户名格式错误")
# 校验密码
if password != password_again:
return jsonify(code=RET.DATAERR, msg="密码不一致")
# 增加密码校验策略,20211109
# 判断密码长度是否8位,数字、字母、特殊字符同时存在,能使用用户名、连续性字母、数字、特殊字符等易猜测口令。
if len(password) < 8:
return jsonify(code=RET.DATAERR, msg="密码长度最少为8位")
# 密码应设置为包含大小写字母、数字、特殊符号'!@#$%^&*()_+=-'
if not (re.search(r'\d+', password) and re.search(r'[a-z]+', password) and re.search(r'[A-Z]+',password) and re.search(r'[!@#$%^&*()_+=-]+', password)):
return jsonify(code=RET.DATAERR, msg="密码应设置为包含大小写字母、数字、特殊符号'!@#$%^&*()_+=-'")
# 密码不能使用用户名
if password == name:
return jsonify(code=RET.DATAERR, msg="密码存在风险,不能与用户名相同!")
# 判断并添加用户信息
try:
ouser = User.query.filter_by(mobile=mobile).first()
print(ouser)
if ouser and ouser.flag == 1 and ouser.status != 1: # 外部访客被禁止
return jsonify(code=RET.DATAEXIST, msg="当前用户被禁止,请联系管理员")
if ouser and ouser.flag == 2 and ouser.status == 2: # 注册暂时未通过
return jsonify(code=RET.DATAEXIST, msg="手机号已注册,请耐心等待审核")
if ouser and ouser.flag == 2 and ouser.status == 1: # 内部用户再次注册
return jsonify(code=RET.DATAEXIST, msg="手机号已注册,请勿重复注册")
if ouser and ouser.flag == 1 and ouser.status == 1: # 外部访客注册
ouser.real_name = real_name
ouser.age = age
ouser.sex = sex
ouser.mobile = mobile
ouser.unit = unit
ouser.position = position
ouser.name = name
ouser.flag = 2
ouser.status = 2
if section:
ouser.section = section
ouser.password = password
# return jsonify(code=RET.DATAEXIST, msg="手机号已存在,请勿重复注册")
else:
user = User(real_name=real_name, age=age, sex=sex, mobile=mobile, unit=unit, position=position, name=name,
flag=2, status=2)
if section:
user.section = section
user.password = password
db.session.add(user)
db.session.commit()
except Exception as e:
current_app.logger.error(e)
return jsonify(code=RET.DBERR, msg="数据库异常")
# except IntegrityError as e:
# current_app.logger.error(e)
# return jsonify(code=RET.DBERR, msg="手机号已被使用,请勿重复注册")
return jsonify(code=RET.OK, msg="注册成功,请等待工作人员的审核,通常为3-7个工作日")
# 内部用户手机-密码登录 (2020-11-4)
@api_user.route("/login_bypwd", methods=["POST"])
def login_bypwd():
'''
用户密码登录
:return:
'''
# 参数获取与校验
req_dict = request.get_json()
# 解密
param = req_dict.get("param") # 揭秘参数
req_dict = json.loads(decrypt(param))
mobile = req_dict.get('mobile')
password = req_dict.get('password')
# 校验参数完整性
if not all([mobile, password]):
return jsonify(code=RET.PARAMERR, msg="参数不完整")
# 校验手机号格式
if not re.match(r"1[23456789]\d{9}$", mobile):
return jsonify(code=RET.PARAMERR, msg="手机号错误")
# 判断错误次数是否超过限制,如果超过则10分钟内禁止此IP登录
user_ip = request.remote_addr
print("IP地址:", user_ip)
# 获取ip的锁定时间
try:
access_nums = redis_store.get('access_nums_{}'.format(user_ip))
if access_nums:
if int(access_nums.decode()) >= constants.LOGIN_ERROR_TIMES:
lock_time = redis_store.ttl('access_nums_{}'.format(user_ip))
return jsonify(code=RET.LOCKTIME, msg="ip锁定倒计时中.....", lock_time = lock_time)
except Exception as e:
current_app.logger.error(e)
else:
pass
try:
access_nums = redis_store.get('access_nums_{}'.format(user_ip))
# access_nums = "123456"
except Exception as e:
current_app.logger.error(e)
else:
if access_nums:
if int(access_nums.decode()) >= constants.LOGIN_ERROR_TIMES:
return jsonify(code=RET.REQERR, msg="错误次数过多,请15分钟后重试!",time=constants.LOGIN_ERROR_FORBID_TIME)
# 验证手机号与密码
try:
user = User.query.filter_by(mobile=mobile, flag=2).first()
except Exception as e:
current_app.logger.error(e)
return jsonify(code=RET.DATAERR, msg="获取用户信息失败")
if not user:
return jsonify(code=RET.DATAERR, msg="账户不存在")
# 将用户名与密码验证放置在一处,若失败返回提示信息并记录次数
if not user.check_password(password):
try:
redis_store.incr('access_nums_{}'.format(user_ip))
redis_store.expire('access_nums_{}'.format(user_ip), constants.LOGIN_ERROR_FORBID_TIME)
except Exception as e:
current_app.logger.error(e)
return jsonify(code=RET.DATAERR, msg="密码错误")
if user.status == 2: # 审核
return jsonify(code=RET.ROLEERR, msg="审核暂未通过,请以外部访客身份登陆")
if user.status == 3: # 驳回
return jsonify(code=RET.ROLEERR, msg="您的审核未通过,请联系工作人员")
session.permanent = True # 设置session在设定时间内有效 注意这个要设置在request里边 即请求内部
# 若成功保存登录状态
token = create_token(user.id)
time = datetime.now()
current_app.logger.error('++++++++++++++++++++++++++++登录日志>>>{}:{}通过使用手机-密码登录成功了!+++++++++++++++++++++++=++'.format(time,mobile))
return jsonify(code=RET.OK, msg="登录成功", token=token,flag=user.flag)
''''''
# 微信授权
@api_user.route("/login_byvx", methods=["POST"])
def login_byvx():
'''
用户验证码登录,用户存在,直接登陆,不存在就后台注册
:return:
'''
# 参数获取与校验
req_dict = request.get_json()
code = req_dict.get('code') # 微信登录code
# 校验参数完整性
if not all([code]):
return jsonify(code=RET.PARAMERR, msg="参数不完整")
app_id = WxConfig.get_wx_app_id()
app_secret = WxConfig.get_wx_app_secret()
url = u'https://api.weixin.qq.com/sns/oauth2/access_token'
params = {
'appid': app_id,
'secret': app_secret,
'code': code,
'grant_type': 'authorization_code'
}
res = requests.get(url, params=params).json()
user_info_url = u'https://api.weixin.qq.com/sns/userinfo'
params1 = {
'access_token': res.get("access_token"),
'openid': res.get("openid")
}
uinfo = requests.get(user_info_url, params=params1).json()
# nickname = uinfo.get('nickname').encode('iso8859-1').decode('utf-8')
try:
openid = uinfo["openid"]
unionid = uinfo["unionid"]
except:
return None
try:
user = User.query.filter_by(vxopenid=openid, vxunionid=unionid).first()
if user:
# 若成功保存登录状态
token = create_token(user.id)
return jsonify(code=RET.OK, msg="登录成功", token=token,flag=user.flag)
except Exception as e:
current_app.logger.error(e)
return jsonify(code=RET.DBERR, msg="appid,secreat异常")
time = datetime.now()
current_app.logger.error(
'++++++++++++++++++++++++++++登录日志>>>{}:{}通过使用微信登录成功了!+++++++++++++++++++++++=++'.format(time, user))
return jsonify(code=RET.USERERR, msg="授权成功", user_info=uinfo)
# vx登陆后绑定手机号
@api_user.route("/binding", methods=["POST"])
def binding():
'''
绑定已有账号
:return:
'''
req_dict = request.get_json()
openid = req_dict.get("openid") # vxopenid
unionid = req_dict.get("unionid") # vxunionid
mobile = req_dict.get('mobile') # 手机号
sms_code = req_dict.get("sms_code") # 验证码
# 校验参数完整性
if not all([openid, unionid, mobile, sms_code]):
return jsonify(code=RET.PARAMERR, msg="参数不完整")
# 校验手机号格式
if not re.match(r"1[23456789]\d{9}$", mobile):
return jsonify(code=RET.PARAMERR, msg="手机号格式错误")
# 获取短信验证码
try:
real_sms_code = redis_store.get('sms_code_{}'.format(mobile)).decode()
except Exception as e:
current_app.logger.error(e)
return jsonify(code=RET.DBERR, msg="redis数据库异常")
# 获取用户
try:
user = User.query.filter_by(mobile=mobile).first()
except Exception as e:
current_app.logger.error(e)
return jsonify(code=RET.DBERR, msg="获取用户信息失败")
# 判断用户填写短信验证码是否一致
if real_sms_code != sms_code:
return jsonify(code=RET.DATAERR, msg="短信验证码错误")
# 删除redis中的短信验证码,防止重复校验
try:
redis_store.delete("sms_code_{}".format(mobile))
except Exception as e:
current_app.logger.error(e)
try:
if user:
user.vxopenid = openid
user.vxunionid = unionid
db.session.commit()
if user.status != 1:
jsonify(code=RET.OK, msg="绑定成功,当前用户被禁止登录,请联系管理员")
else:
user = User(name=mobile, mobile=mobile, vxopenid=openid, vxunionid=unionid, flag=1, status=1)
# user.password = password
db.session.add(user)
db.session.commit()
except Exception as e:
# 表示操作失败,回滚数据库操作
db.session.rollback()
current_app.logger.error(e)
return jsonify(code=RET.DBERR, msg="数据库异常")
# 若成功保存登录状态
token = create_token(user.id)
return jsonify(code=RET.OK, msg="绑定成功,登录成功", token=token,flag=user.flag)
# 后台用户账号密码
@api_user.route("/backLogin", methods=["POST"])
def back_login():
'''
用户密码登录
:return:
'''
# 参数获取与校验
req_dict = request.get_json()
# 解密
param = req_dict.get("param") # 揭秘参数
req_dict = json.loads(decrypt(param))
name = req_dict.get('name')
password = req_dict.get('password')
# 校验参数完整性
if not all([name, password]):
return jsonify(code=RET.PARAMERR, msg="参数不完整")
# 判断错误次数是否超过限制,如果超过则10分钟内禁止此IP登录
user_ip = request.remote_addr
# print("IP地址:", user_ip)
try:
access_nums = redis_store.get('access_nums_{}'.format(user_ip))
except Exception as e:
current_app.logger.error(e)
else:
if access_nums:
if int(access_nums.decode()) >= constants.LOGIN_ERROR_TIMES:
return jsonify(code=RET.REQERR, msg="错误次数过多,请稍候重试")
# 验证账户与密码
try:
user = Bstage.query.filter_by(name=name).first()
except Exception as e:
current_app.logger.error(e)
return jsonify(code=RET.DBERR, msg="获取用户信息失败")
# 将用户名与密码验证放置在一处,若失败返回提示信息并记录次数
if (not user) or (not user.check_password(password)):
# if (not user) or (password != "123"):
try:
redis_store.incr('access_nums_{}'.format(user_ip))
redis_store.expire('access_nums_{}'.format(user_ip), constants.LOGIN_ERROR_FORBID_TIME)
except Exception as e:
current_app.logger.error(e)
return jsonify(code=RET.DBERR, msg="密码错误")
# 若成功保存登录状态和管理员的角色id
token = create_token(user.id)
time = datetime.now()
current_app.logger.error(
'++++++++++++++++++++++++++++登录日志>>>{}:{}通过后台登录成功了!+++++++++++++++++++++++=++'.format(time, name))
return jsonify(code=RET.OK, msg="登录成功", token=token,flag=3)
apps/util.py
......@@ -9,6 +9,7 @@ import functools
# from flask_httpauth import HTTPBasicAuth
#
# auth = HTTPBasicAuth
# from models import User
class RegexConverter(BaseConverter):
......@@ -93,3 +94,9 @@ def login_required(view_func):
return view_func(*args, **kwargs)
return verify_token
apps/utils/send_phone_info.py
......@@ -3,6 +3,7 @@ from aliyunsdkcore.client import AcsClient
from aliyunsdkcore.request import CommonRequest
# 进行手机号码绑定
def send_code(phone, c_num):
client = AcsClient('LTAI4Fkgi7DUf6jCVW3KNGwT', 'ynr6TWWNOnpALn3YUICUaXwpp9w4er', 'cn-hangzhou')
......@@ -28,6 +29,7 @@ def send_code(phone, c_num):
return el
# 注册账号
def send_code_wang(phone, c_num):
client = AcsClient('LTAI4Fkgi7DUf6jCVW3KNGwT', 'ynr6TWWNOnpALn3YUICUaXwpp9w4er', 'cn-hangzhou')
......@@ -53,6 +55,7 @@ def send_code_wang(phone, c_num):
return el
# 验证码登录
def send_code_new(phone, c_num):
client = AcsClient('LTAI4Fkgi7DUf6jCVW3KNGwT', 'ynr6TWWNOnpALn3YUICUaXwpp9w4er', 'cn-hangzhou')
......@@ -78,6 +81,7 @@ def send_code_new(phone, c_num):
return el
# 验证码登录
def code_new(phone, c_num):
client = AcsClient('LTAI4Fkgi7DUf6jCVW3KNGwT', 'ynr6TWWNOnpALn3YUICUaXwpp9w4er', 'cn-hangzhou')
......
apps/view_user/view.py 0 → 100644
import datetime
import re
import json
import time
import random
import threading
import numpy as np
import requests
import filetype
from sqlalchemy.exc import IntegrityError
from flask_mail import Mail, Message
from flask import g, current_app, request, jsonify, session
from apps.view_user import api_user
from apps import creat_app
from apps.utils.send_phone_info import send_code_new
from apps.utils.response_code import RET
from apps import db, constants, redis_store
from apps.models import *
from apps.util import create_token
from werkzeug.security import generate_password_hash, check_password_hash
from apps import qiniu_store
from apps.utils.vxconfig import WxConfig
from apps.utils.encrypt_decrypt.aes_cbc import encrypt, decrypt
# 给手机发验证码(2020-11-4)
@api_user.route("/SendMobileCode", methods=["POST"])
def send_phone_code():
'''
向手机发送验证码
:return:
'''
# 获取请求参数,转化字典
req_dict = request.get_json()
mobile = req_dict.get('mobile') # 手机号
# 校验参数完整性
if not all([mobile]):
return jsonify(code=RET.PARAMERR, msg="参数不完整")
# 校验手机号格式
if not re.match(r"1[23456789]\d{9}$", mobile):
return jsonify(code=RET.MOBILEERR, msg="手机号格式错误")
# # 判断手机号是否存在
# try:
# user = User.query.filter_by(mobile=mobile).first()
# except Exception as e:
# current_app.logger.error(e)
# else:
# if user: # 手机号已存在
# return jsonify(code=RET.DATAEXIST, msg="手机号已存在,请直接登录")
# 生成短信验证码
sms_code = "%06d" % random.randint(0, 999999)
data = send_code_new(mobile, sms_code)
# print(data)
if data['Message'] == 'OK':
# 保存真实的短信验证码
try:
redis_store.setex("sms_code_%s" % mobile, constants.SMS_CODE_REDIS_EXPIRES, sms_code)
# 保存发送给这个手机号的记录,防止用户在60s内再次出发发送短信的操作
redis_store.setex("send_sms_code_%s" % mobile, constants.SEND_SMS_CODE_INTERVAL, 1)
except Exception as e:
current_app.logger.error(e)
return jsonify(code=RET.DBERR, msg="保存短信验证码异常")
# 发送成功
return jsonify(code=RET.OK, msg="发送成功")
else:
return jsonify(code=RET.THIRDERR, msg="发送失败")
# 手机验证码登录(2020-11-4)
@api_user.route("/LoginBySms", methods=["POST"])
def login_bysms():
'''
用户验证码登录,用户存在,直接登陆,不存在就后台注册
:return:
'''
# 参数获取与校验
req_dict = request.get_json()
mobile = req_dict.get('mobile') # 手机号
sms_code = req_dict.get("sms_code") # 验证码
# 校验参数完整性
if not all([mobile, sms_code]):
return jsonify(code=RET.PARAMERR, msg="参数不完整")
# 校验手机号格式
if not re.match(r"1[23456789]\d{9}$", mobile):
return jsonify(code=RET.PARAMERR, msg="手机号格式错误")
# 获取短信验证码
try:
real_sms_code = redis_store.get('sms_code_{}'.format(mobile)).decode()
# real_sms_code = "123456"
except Exception as e:
current_app.logger.error(e)
return jsonify(code=RET.DBERR, msg="redis数据库异常")
# 获取用户
try:
user = User.query.filter_by(mobile=mobile).first()
except Exception as e:
current_app.logger.error(e)
return jsonify(code=RET.DBERR, msg="获取用户信息失败")
# 判断用户填写短信验证码是否一致
if real_sms_code != sms_code:
# if "123456" != sms_code:
return jsonify(code=RET.DATAERR, msg="短信验证码错误")
# 删除redis中的短信验证码,防止重复校验
try:
redis_store.delete("sms_code_{}".format(mobile))
except Exception as e:
current_app.logger.error(e)
if not user:
# 判断并添加用户信息
try:
user = User(name=mobile, mobile=mobile, flag=1, status=1)
db.session.add(user)
db.session.commit()
except Exception as e:
# 表示操作失败,回滚数据库操作
db.session.rollback()
current_app.logger.error(e)
return jsonify(code=RET.DBERR, msg="数据库异常")
# print(user.status==3)
if user.status == 3:
return jsonify(code=RET.USERERR, msg="当前用户被禁止登录,请联系管理员")
# 获取用户id,传入生成token的方法,并接收返回的token
token = create_token(user.id)
time = datetime.now()
current_app.logger.error(
'++++++++++++++++++++++++++++登录日志>>>{}:{}通过使用手机-短信验证码登录成功了!+++++++++++++++++++++++=++'.format(time, mobile))
return jsonify(code=RET.OK, msg="登录成功", data={"token": token, "flag": user.flag})
# 用户中心-账号设置-添加账号(注册)
@api_user.route("/Register", methods=["POST"])
def register():
"""
用户注册
:return:
"""
# 获取请求参数,转化字典
req_dict = request.get_json()
real_name = req_dict.get("real_name") # 姓名
mobile = req_dict.get('mobile') # 联系电话
belong_organization = req_dict.get("belong_organization") # 所属机构
# age = req_dict.get("age") # 年龄
# sex = req_dict.get("sex") # 性别
# sms_code = req_dict.get("sms_code") # 验证码
is_organization_manager = req_dict.get("is_organization_manager") # 是否是机构负责人
charge_organization = req_dict.get("charge_organization") # 是机构负责人的话,所负责的机构
belong_department = req_dict.get("belong_department") # 所属部门(政府)
is_department_manager = req_dict.get("is_department_manager") # 是否是部门负责人
# charge_department = req_dict.get("charge_department") # 是部门负责人的话,所负责的部门
position = req_dict.get("position") # 职务
name = req_dict.get("name") # 用户名
password = req_dict.get("password") # 密码
password_again = req_dict.get("password_again") # 密码2
# 校验参数完整性
if not all([real_name, mobile, name, belong_organization, is_organization_manager, belong_department,
is_department_manager,
position, password, password_again]):
return jsonify(code=RET.PARAMERR, msg="参数不完整")
# 校验手机号格式
if not re.match(r"1[23456789]\d{9}$", mobile):
return jsonify(code=RET.PARAMERR, msg="手机号格式错误")
# # 获取短信验证码
# try:
# real_sms_code = redis_store.get('sms_code_{}'.format(mobile)).decode()
# # real_sms_code = "123456"
# except Exception as e:
# current_app.logger.error(e)
# return jsonify(code=RET.NODATA, msg="短信验证码失效")
#
# # 判断短信验证码是否失效
# if not redis_store:
# return jsonify(code=RET.NODATA, msg="短信验证码失效")
# # 删除redis中的短信验证码,防止重复校验
# try:
# redis_store.delete("sms_code_{}".format(mobile))
# except Exception as e:
# current_app.logger.error(e)
#
# # 判断用户填写短信验证码是否一致
# if real_sms_code != sms_code:
# # if "123456" != sms_code:
# return jsonify(code=RET.DATAERR, msg="短信验证码错误")
# 用户名唯一(字母开头,长度4-15)
try:
patten = "^[a-zA-Z][\w]*[\w]*$"
if re.match(patten, name) and re.match(patten, name).string == name:
user = User.query.filter_by(name=name).first()
if user:
return jsonify(code=RET.DATAEXIST, msg="用户名已存在")
else:
return jsonify(code=RET.DATAERR, msg="用户名格式错误")
except Exception as e:
current_app.logger.error(e)
return jsonify(code=RET.DBERR, msg="用户名格式错误")
# 校验密码
if password != password_again:
return jsonify(code=RET.DATAERR, msg="密码不一致")
# 增加密码校验策略,20211109
# 判断密码长度是否8位,数字、字母、特殊字符同时存在,能使用用户名、连续性字母、数字、特殊字符等易猜测口令。
if len(password) < 8:
return jsonify(code=RET.DATAERR, msg="密码长度最少为8位")
# 密码应设置为包含大小写字母、数字、特殊符号'!@#$%^&*()_+=-'
if not (re.search(r'\d+', password) and re.search(r'[a-z]+', password) and re.search(r'[A-Z]+',
password) and re.search(
r'[!@#$%^&*()_+=-]+', password)):
return jsonify(code=RET.DATAERR, msg="密码应设置为包含大小写字母、数字、特殊符号'!@#$%^&*()_+=-'")
# 密码不能使用用户名
if password == name:
return jsonify(code=RET.DATAERR, msg="密码存在风险,不能与用户名相同!")
# 判断并添加用户信息
try:
ouser = User.query.filter_by(mobile=mobile).first()
print(ouser)
# if ouser and ouser.flag == 1 and ouser.status != 1: # 外部访客被禁止
# return jsonify(code=RET.DATAEXIST, msg="当前用户被禁止,请联系管理员")
# if ouser and ouser.flag == 2 and ouser.status == 2: # 注册暂时未通过
# return jsonify(code=RET.DATAEXIST, msg="手机号已注册,请耐心等待审核")
if ouser and ouser.flag == 2 and ouser.status == 1: # 内部用户再次注册
return jsonify(code=RET.DATAEXIST, msg="手机号已注册,请勿重复注册")
if ouser and ouser.flag == 1 and ouser.status == 1: # 外部访客注册
ouser.real_name = real_name # 姓名
ouser.mobile = mobile # 联系电话
ouser.belong_organization = belong_organization # 所属机构
ouser.is_organization_manager = is_organization_manager # 是否为机构负责人
ouser.charge_organization = charge_organization # 是机构负责人的话,所负责的机构
ouser.belong_department = belong_department # 所属部门
ouser.is_department_manager = is_department_manager # 是否为部门负责人
# ouser.charge_department = charge_department # 是部门负责人的话,所负责的部门
ouser.position = position # 职务
ouser.name = name # 用户名
ouser.flag = 2 # 外部访问为1,内部人员为2
# ouser.status = 1 #
ouser.password = password
else:
user = User(real_name=real_name,
mobile=mobile,
belong_organization=belong_organization,
is_organization_manager=is_organization_manager,
charge_organization=charge_organization,
belong_department=belong_department,
is_department_manager=is_department_manager,
# charge_department=charge_department,
position=position,
name=name,
flag=2, status=1, password=password)
db.session.add(user)
db.session.commit()
except Exception as e:
current_app.logger.error(e)
return jsonify(code=RET.DBERR, msg="数据库异常")
# except IntegrityError as e:
# current_app.logger.error(e)
# return jsonify(code=RET.DBERR, msg="手机号已被使用,请勿重复注册")
return jsonify(code=RET.OK, msg="注册成功")
# # 异步邮箱发送信息
# def send_async_email(mail, app, msg):
# with app.app_context():
# mail.send(msg)
#
#
# # 给邮箱发验证码
# @api_user.route("/send_email_code", methods=["POST"])
# def send_email_code():
# '''
# 向邮箱送验证码
# :return:
# '''
# # 获取请求参数,转化字典
# req_dict = request.get_json()
# email = req_dict.get('email') # 邮箱号
# # 校验参数完整性
# if not all([email]):
# return jsonify(code=RET.PARAMERR, msg="参数不完整")
#
# # 校验邮箱格式
# if not re.match("^.+\\@(\\[?)[a-zA-Z0-9\\-\\.]+\\.([a-zA-Z]{2,3}|[0-9]{1,3})(\\]?)$", email):
# return jsonify(code=RET.PARAMERR, msg="邮箱格式错误")
#
# # print(email)
# app = creat_app('product')
# mail = Mail(app)
# sms_code = "%06d" % random.randint(0, 999999)
#
# msg = Message("中研认知产业链在线,欢迎您!", recipients=[email])
# msg.body = "【中研认知产业链在线】您的验证码为:{},您正在进行邮箱绑定,如非本人操作,请忽略本邮件!".format(sms_code)
# thread = threading.Thread(target=send_async_email, args=(mail, app, msg))
# thread.start()
# try:
# redis_store.setex("ems_code_%s" % email, constants.SMS_CODE_REDIS_EXPIRES, sms_code)
# # 保存发送给这个邮箱的记录,防止用户在180s内再次出发发送短信的操作
# redis_store.setex("send_ems_code_%s" % email, constants.SEND_EMS_CODE_INTERVAL, 1)
# except Exception as e:
# current_app.logger.error(e)
# return jsonify(code=RET.DBERR, msg="保存验证码异常")
#
# return jsonify(code=RET.OK, msg="发送成功")
# ''''''
# # 注册页面选择选择单位(2020-11-4)
# @api_user.route('/orgs', methods=['GET'])
# def zcorgs():
# '''
# 太原市企业条件选择导航获取
# :return:
# '''
# try:
# gover = Government.query.all()
# ty = Government.query.get(1)
# sections = ty.sections
# data = [{"label": i.name, "value": i.id} for i in gover]
# section = [{"label": i.name, "value": i.id} for i in sections]
# orgs = {"data": data, "section": section}
# return jsonify(code=RET.OK, msg="获取成功", orgs=orgs)
# except Exception as e:
# current_app.logger.error(e)
# return jsonify(code=RET.DBERR, msg="数据库查询错误")
#
#
#
#
#
# # 内部用户手机-密码登录 (2020-11-4)
# @api_user.route("/login_bypwd", methods=["POST"])
# def login_bypwd():
# '''
# 用户密码登录
# :return:
# '''
# # 参数获取与校验
# req_dict = request.get_json()
# # 解密
# param = req_dict.get("param") # 揭秘参数
# req_dict = json.loads(decrypt(param))
# mobile = req_dict.get('mobile')
# password = req_dict.get('password')
# # 校验参数完整性
# if not all([mobile, password]):
# return jsonify(code=RET.PARAMERR, msg="参数不完整")
#
# # 校验手机号格式
# if not re.match(r"1[23456789]\d{9}$", mobile):
# return jsonify(code=RET.PARAMERR, msg="手机号错误")
#
# # 判断错误次数是否超过限制,如果超过则10分钟内禁止此IP登录
# user_ip = request.remote_addr
# print("IP地址:", user_ip)
#
# # 获取ip的锁定时间
# try:
# access_nums = redis_store.get('access_nums_{}'.format(user_ip))
# if access_nums:
# if int(access_nums.decode()) >= constants.LOGIN_ERROR_TIMES:
# lock_time = redis_store.ttl('access_nums_{}'.format(user_ip))
# return jsonify(code=RET.LOCKTIME, msg="ip锁定倒计时中.....", lock_time=lock_time)
# except Exception as e:
# current_app.logger.error(e)
# else:
# pass
#
# try:
# access_nums = redis_store.get('access_nums_{}'.format(user_ip))
# # access_nums = "123456"
# except Exception as e:
# current_app.logger.error(e)
# else:
# if access_nums:
# if int(access_nums.decode()) >= constants.LOGIN_ERROR_TIMES:
# return jsonify(code=RET.REQERR, msg="错误次数过多,请15分钟后重试!", time=constants.LOGIN_ERROR_FORBID_TIME)
#
# # 验证手机号与密码
# try:
# user = User.query.filter_by(mobile=mobile, flag=2).first()
# except Exception as e:
# current_app.logger.error(e)
# return jsonify(code=RET.DATAERR, msg="获取用户信息失败")
#
# if not user:
# return jsonify(code=RET.DATAERR, msg="账户不存在")
# # 将用户名与密码验证放置在一处,若失败返回提示信息并记录次数
# if not user.check_password(password):
# try:
# redis_store.incr('access_nums_{}'.format(user_ip))
# redis_store.expire('access_nums_{}'.format(user_ip), constants.LOGIN_ERROR_FORBID_TIME)
# except Exception as e:
# current_app.logger.error(e)
# return jsonify(code=RET.DATAERR, msg="密码错误")
#
# if user.status == 2: # 审核
# return jsonify(code=RET.ROLEERR, msg="审核暂未通过,请以外部访客身份登陆")
#
# if user.status == 3: # 驳回
# return jsonify(code=RET.ROLEERR, msg="您的审核未通过,请联系工作人员")
#
# session.permanent = True # 设置session在设定时间内有效 注意这个要设置在request里边 即请求内部
# # 若成功保存登录状态
# token = create_token(user.id)
#
# time = datetime.now()
# current_app.logger.error(
# '++++++++++++++++++++++++++++登录日志>>>{}:{}通过使用手机-密码登录成功了!+++++++++++++++++++++++=++'.format(time, mobile))
#
# return jsonify(code=RET.OK, msg="登录成功", token=token, flag=user.flag)
#
#
# ''''''
#
#
# # 微信授权
# @api_user.route("/login_byvx", methods=["POST"])
# def login_byvx():
# '''
# 用户验证码登录,用户存在,直接登陆,不存在就后台注册
# :return:
# '''
# # 参数获取与校验
# req_dict = request.get_json()
# code = req_dict.get('code') # 微信登录code
#
# # 校验参数完整性
# if not all([code]):
# return jsonify(code=RET.PARAMERR, msg="参数不完整")
#
# app_id = WxConfig.get_wx_app_id()
# app_secret = WxConfig.get_wx_app_secret()
#
# url = u'https://api.weixin.qq.com/sns/oauth2/access_token'
# params = {
# 'appid': app_id,
# 'secret': app_secret,
# 'code': code,
# 'grant_type': 'authorization_code'
# }
# res = requests.get(url, params=params).json()
#
# user_info_url = u'https://api.weixin.qq.com/sns/userinfo'
# params1 = {
# 'access_token': res.get("access_token"),
# 'openid': res.get("openid")
# }
# uinfo = requests.get(user_info_url, params=params1).json()
# # nickname = uinfo.get('nickname').encode('iso8859-1').decode('utf-8')
# try:
# openid = uinfo["openid"]
# unionid = uinfo["unionid"]
# except:
# return None
#
# try:
# user = User.query.filter_by(vxopenid=openid, vxunionid=unionid).first()
# if user:
# # 若成功保存登录状态
# token = create_token(user.id)
# return jsonify(code=RET.OK, msg="登录成功", token=token, flag=user.flag)
# except Exception as e:
# current_app.logger.error(e)
# return jsonify(code=RET.DBERR, msg="appid,secreat异常")
#
# time = datetime.now()
# current_app.logger.error(
# '++++++++++++++++++++++++++++登录日志>>>{}:{}通过使用微信登录成功了!+++++++++++++++++++++++=++'.format(time, user))
#
# return jsonify(code=RET.USERERR, msg="授权成功", user_info=uinfo)
#
#
# # vx登陆后绑定手机号
# @api_user.route("/binding", methods=["POST"])
# def binding():
# '''
# 绑定已有账号
# :return:
# '''
# req_dict = request.get_json()
# openid = req_dict.get("openid") # vxopenid
# unionid = req_dict.get("unionid") # vxunionid
# mobile = req_dict.get('mobile') # 手机号
# sms_code = req_dict.get("sms_code") # 验证码
#
# # 校验参数完整性
# if not all([openid, unionid, mobile, sms_code]):
# return jsonify(code=RET.PARAMERR, msg="参数不完整")
#
# # 校验手机号格式
# if not re.match(r"1[23456789]\d{9}$", mobile):
# return jsonify(code=RET.PARAMERR, msg="手机号格式错误")
#
# # 获取短信验证码
# try:
# real_sms_code = redis_store.get('sms_code_{}'.format(mobile)).decode()
# except Exception as e:
# current_app.logger.error(e)
# return jsonify(code=RET.DBERR, msg="redis数据库异常")
#
# # 获取用户
# try:
# user = User.query.filter_by(mobile=mobile).first()
# except Exception as e:
# current_app.logger.error(e)
# return jsonify(code=RET.DBERR, msg="获取用户信息失败")
#
# # 判断用户填写短信验证码是否一致
# if real_sms_code != sms_code:
# return jsonify(code=RET.DATAERR, msg="短信验证码错误")
# # 删除redis中的短信验证码,防止重复校验
# try:
# redis_store.delete("sms_code_{}".format(mobile))
# except Exception as e:
# current_app.logger.error(e)
#
# try:
# if user:
# user.vxopenid = openid
# user.vxunionid = unionid
# db.session.commit()
# if user.status != 1:
# jsonify(code=RET.OK, msg="绑定成功,当前用户被禁止登录,请联系管理员")
# else:
# user = User(name=mobile, mobile=mobile, vxopenid=openid, vxunionid=unionid, flag=1, status=1)
# # user.password = password
# db.session.add(user)
# db.session.commit()
# except Exception as e:
# # 表示操作失败,回滚数据库操作
# db.session.rollback()
# current_app.logger.error(e)
# return jsonify(code=RET.DBERR, msg="数据库异常")
#
# # 若成功保存登录状态
# token = create_token(user.id)
# return jsonify(code=RET.OK, msg="绑定成功,登录成功", token=token, flag=user.flag)
#
#
# # 后台用户账号密码
# @api_user.route("/backLogin", methods=["POST"])
# def back_login():
# '''
# 用户密码登录
# :return:
# '''
# # 参数获取与校验
# req_dict = request.get_json()
# # 解密
# param = req_dict.get("param") # 揭秘参数
# req_dict = json.loads(decrypt(param))
# name = req_dict.get('name')
# password = req_dict.get('password')
# # 校验参数完整性
# if not all([name, password]):
# return jsonify(code=RET.PARAMERR, msg="参数不完整")
#
# # 判断错误次数是否超过限制,如果超过则10分钟内禁止此IP登录
# user_ip = request.remote_addr
# # print("IP地址:", user_ip)
# try:
# access_nums = redis_store.get('access_nums_{}'.format(user_ip))
# except Exception as e:
# current_app.logger.error(e)
# else:
# if access_nums:
# if int(access_nums.decode()) >= constants.LOGIN_ERROR_TIMES:
# return jsonify(code=RET.REQERR, msg="错误次数过多,请稍候重试")
#
# # 验证账户与密码
# try:
# user = Bstage.query.filter_by(name=name).first()
# except Exception as e:
# current_app.logger.error(e)
# return jsonify(code=RET.DBERR, msg="获取用户信息失败")
#
# # 将用户名与密码验证放置在一处,若失败返回提示信息并记录次数
# if (not user) or (not user.check_password(password)):
# # if (not user) or (password != "123"):
# try:
# redis_store.incr('access_nums_{}'.format(user_ip))
# redis_store.expire('access_nums_{}'.format(user_ip), constants.LOGIN_ERROR_FORBID_TIME)
# except Exception as e:
# current_app.logger.error(e)
# return jsonify(code=RET.DBERR, msg="密码错误")
#
# # 若成功保存登录状态和管理员的角色id
# token = create_token(user.id)
#
# time = datetime.now()
# current_app.logger.error(
# '++++++++++++++++++++++++++++登录日志>>>{}:{}通过后台登录成功了!+++++++++++++++++++++++=++'.format(time, name))
#
# return jsonify(code=RET.OK, msg="登录成功", token=token, flag=3)
apps/user_pc/view_other.py apps/view_user/view_other.py
......@@ -4,7 +4,7 @@ import threading
from flask import jsonify, request, current_app
from flask_mail import Mail, Message
from apps import redis_store, creat_app
from apps.user_pc import api_user
from apps.view_user import api_user
from apps.models import *
from apps.utils.response_code import RET
from apps.util import login_required, verify_token
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment