import os
import hashlib
import uuid
import aioredis
from mycode.DBManager import app_DBM
from quart import Quart, render_template, request, session, redirect, url_for,jsonify,send_file,flash,current_app
from quart_sqlalchemy import SQLAlchemy
from quart_session import Session
from web.common.utils import generate_captcha,login_required
from myutils.ConfigManager import myCongif
from web.common.errors import handle_error
from . import api
@api.route('/user/code',methods=['GET'])
async def user_get_code(): #获取验证码
captcha_text, buffer = generate_captcha()
print(captcha_text)
session['captcha'] = captcha_text # 记录验证码?
return await send_file(buffer, mimetype='image/png')
@api.route('/user/login',methods=['POST'])
async def user_login(): #用户登录
try:
form = await request.form
username = form['username']
password = form['password']
captcha = form['captcha']
except Exception as e:
await flash('请求数据格式错误', 'error')
return redirect(url_for('main.login'))
#return jsonify({'error': '请求数据格式错误'}), 400
if captcha != session.get('captcha'):
# 验证码验证过后,需要失效
session.pop('captcha', None)
await flash('验证码错误', 'error')
return redirect(url_for('main.login'))
#return jsonify({'error': '验证码错误'}), 400
#return 'captcha error!', 400
#比对用户名和密码
strsql = f"select password from user where username = '{username}';"
db_password = app_DBM.do_select(strsql,1)
passwd_md5 = get_md5(password)
if db_password:
if db_password[0] == passwd_md5: #后续需要对密码进行MD5加默
# 生成新的登录 token
login_token = uuid.uuid4().hex
# 写入 Redis:key = user_token:<username>
await current_app.redis.set(f"user_token:{username}", login_token)
session['user'] = username
session['token'] = login_token
return redirect(url_for('main.get_html', html='index.html'))
await flash('用户名或密码错误', 'error')
return redirect(url_for('main.login'))
@api.route('/user/userinfo',methods=['GET'])
@login_required
async def user_info(): #获取用户列表
strsql = "select username,status,people,tellnum from user;"
data = app_DBM.do_select(strsql)
if data:
user_list = [{"username": user[0], "status": user[1],
"people":user[2],"tellnum":user[3]} for user in data]
return jsonify(user_list)
else:
return jsonify(0)
#登出接口,清除 Redis 和 Session ---
@api.route('/user/logout')
async def user_logout():
username = session.get('user')
if username:
await current_app.redis.delete(f"user_token:{username}")
session.clear()
return redirect(url_for('main.login'))
@api.route('/user/passwd',methods=['POST'])
@login_required
async def user_change_passwd(): #修改密码
json_data = await request.get_json()
oldpasswd = json_data.get('oldpasswd')
newpasswd = json_data.get('newpasswd')
old_md5= get_md5(oldpasswd)
print(old_md5)
strsql = f"select id from user where password='{old_md5}';"
data = app_DBM.do_select(strsql,1)
reStatus = 0
if data:
new_md5 = get_md5(newpasswd)
strsql = f"update user set password = '{new_md5}' where password = '{old_md5}';"
ret = app_DBM.do_sql(strsql)
if ret:
reStatus = 1
reMsg = '修改密码成功'
else:
reMsg = '修改密码失败,请联系技术支持!'
else:
reMsg = '原密码错误,请确认!'
return jsonify({'status':reStatus,'msg':reMsg})
@api.route('/user/changeuser',methods=['POST'])
@login_required
async def user_change_user_info(): #修改用户信息
username = (await request.form)['username']
people = (await request.form)['people']
tellnum = (await request.form)['tellnum']
strsql = f"update user set people='{people}',tellnum='{tellnum}' where username='{username}';"
ret = app_DBM.do_sql(strsql)
if ret == True:
reStatus = 1
reMsg = '修改用户信息成功'
else:
reStatus = 0
reMsg = '修改失败,请联系管理员处理!'
return jsonify({'status': reStatus, 'msg': reMsg})
@api.route('/user/<int:user_id>', methods=['GET'])
async def get_user(user_id):
try:
user = user_id
if user:
return jsonify(user)
else:
return jsonify({'error': 'User not found'}), 404
except Exception as e:
return handle_error(e)
def get_md5(value):
md5 = hashlib.md5() # 创建一个md5对象
md5.update(value.encode('utf-8')) # 使用utf-8编码更新待计算的字符串
return md5.hexdigest() # 返回十六进制的MD5值