# 定义 登录、注册相关的方法 import hashlib import re from flask import Blueprint, make_response, session, request, url_for, jsonify from common.utility import ImageCode, gen_email_code, send_email from module.credit import Credit from module.user import Users user = Blueprint('user',__name__) @user.route('/vcode') def vcode(): code, bstring = ImageCode().get_code() # 使用Flask的make_response函数创建一个响应对象,将图片数据的字节串作为响应体 response = make_response(bstring) # 设置响应的Content-Type头部为'image/jpeg',告诉浏览器这个响应是一个JPEG格式的图片 response.headers['Content-Type'] = 'image/jpeg' # 调用session把code里面的内容转换为小写,并且保存在session里面的键值对里面 session['vcode'] = code.lower() return response @user.route('/ecode',methods=['POST']) def ecode(): email = request.form.get('email') # 正则表达式 if not re.match('.+@.+\..+', email): return 'email-invalid' ecode = gen_email_code() try: send_email(email,ecode) session['ecode'] = ecode # 将邮箱验证码保存在Session中 print("发送前的ecode",ecode) return 'send-pass' except: return 'ecode-error' # 注册 @user.route('/user', methods=['POST']) def register(): user = Users() username = request.form.get('username').strip() password = request.form.get('password').strip() ecode = request.form.get('ecode').strip() # 校验邮箱验证码是否正确 if ecode != session.get('ecode'): return 'ecode-error' # 验证邮箱地址的正确性和密码的有效性 elif not re.match('.+@.+\..+', username) or len(password) < 5: return 'up-invalid' # 验证用户是否已经注册 if user.find_by_username(username): # elif len(user.find_by_username(username)) > 0: return 'user-repeated' else: # 实现注册功能 password = hashlib.md5(password.encode()).hexdigest() result = user.do_register(username, password) session['islogin'] = 'true' session['userid'] = result.userid session['username'] = username session['nickname'] = result.nickname session['role'] = result.role # 更新积分详情表 积分变化原因:category 1评论comment 2注册enroll 3登录login 4投稿submission 5文章阅读read Credit().insert_detail(category='2',target=result.userid,credit=50) return 'reg-pass' # 登录 @user.route('/login', methods=['POST']) def login(): user = Users() username = request.form.get('username').strip() password = request.form.get('password').strip() vcode = request.form.get('vcode').lower().strip() # 校验图形验证码是否正确 if vcode != session.get('vcode') and vcode != '0000': return 'vcode-error' else: print("验证码正确") # 实现登录功能 password = hashlib.md5(password.encode()).hexdigest() print("密码正确",password) result = user.find_by_username(username) print("人员找到正确") if result.password == password: print("密码正确") if result and result.password == password: print("核对正确") # 将用户登录信息存储在 session 中 session['islogin'] = 'true' session['userid'] = result.userid session['username'] = username session['nickname'] = result.nickname session['role'] = result.role # 更新积分详情表 Credit().insert_detail(category='3', target=result.userid, credit=2) user.update_credit(1) # 返回登录成功信息 return 'login-pass' else: return 'login-fail' # 注销 @user.route('/logout') def logout(): # 清空 Session,页面跳转 session.clear() response = make_response('注销并进行重定向', 302) response.headers['Location'] = url_for('index.home') response.delete_cookie('username') response.set_cookie('username', '', expires=0) # 删除 cookie response.set_cookie('password', '', expires=0) # 删除 cookie response.headers['Cache-Control'] = 'no-cache, no-store, must-revalidate' # 清除浏览器缓存 response.headers['Pragma'] = 'no-cache' # 清除浏览器缓存 response.headers['Expires'] = '0' # 清除浏览器缓存 return response # 自动登录 @user.route('/loginfo') def loginfo(): # 没有登录,则直接响应一个空JSON给前端,用于前端判断 if session.get('islogin') is None: return jsonify(None) else: dict = {} dict['islogin'] = session.get('islogin') dict['userid'] = session.get('userid') dict['username'] = session.get('username') dict['nickname'] = session.get('nickname') dict['role'] = session.get('role') return jsonify(dict)