1
0
Fork 0

Compare commits

..

No commits in common. "bug-497Gongzhengcheng" and "master" have entirely different histories.

1 changed files with 11 additions and 66 deletions

View File

@ -19,41 +19,15 @@ def signup():
# POST方法需判断是否注册成功再根据结果返回不同的内容 # POST方法需判断是否注册成功再根据结果返回不同的内容
username = escape(request.form['username']) username = escape(request.form['username'])
password = escape(request.form['password']) password = escape(request.form['password'])
password2 = escape(request.form['password2'])
#! 添加如下代码为了过滤注册时的非法字符 #! 添加如下代码为了过滤注册时的非法字符
warn = WarningMessage(username) warn = WarningMessage(username)
if str(warn) != 'OK': if str(warn) != 'OK':
return str(warn) return jsonify({'status': '3', 'warn': str(warn)})
available = check_username_availability(username) available = check_username_availability(username)
if not available: # 用户名不可用 if not available: # 用户名不可用
flash('用户名 %s 已经被注册。' % (username)) return jsonify({'status': '0'})
return render_template('signup.html')
elif len(password.strip()) < 8: # 密码过短
return '密码过于简单。'
elif password != password2:
return '确认密码与输入密码不一致!'
has_specialchar = False
specialchar_List = ['@']
for c in password.strip():
if c in specialchar_List:
has_specialchar = True
break
if not has_specialchar:
return '密码必须包含特殊字符'
has_upper_letter = False
has_lower_letter = False
for c in password.strip():
if c.isupper():
has_upper_letter = True
elif c.islower():
has_lower_letter = True
has_both_letter = has_upper_letter and has_lower_letter
if has_both_letter:
break
if not has_both_letter:
return '密码必须同时包含大小写字母'
else: # 添加账户信息 else: # 添加账户信息
add_user(username, password) add_user(username, password)
verified = verify_user(username, password) verified = verify_user(username, password)
@ -63,11 +37,10 @@ def signup():
session[username] = username session[username] = username
session['username'] = username session['username'] = username
session['expiry_date'] = get_expiry_date(username) session['expiry_date'] = get_expiry_date(username)
session['articleID'] = None session['visited_articles'] = None
return '<p>恭喜,你已成功注册, 你的用户名是 <a href="%s">%s</a>。</p>\ return jsonify({'status': '2'})
<p><a href="/%s">开始使用</a> <a href="/">返回首页</a><p/>' % (username, username, username)
else: else:
return '用户名密码验证失败。' return jsonify({'status': '1'})
@ -79,13 +52,7 @@ def login():
''' '''
if request.method == 'GET': if request.method == 'GET':
# GET请求 # GET请求
if not session.get('logged_in'):
# 未登录,返回登录页面
return render_template('login.html') return render_template('login.html')
else:
# 已登录,提示信息并显示登出按钮
return '你已登录 <a href="/%s">%s</a>。 登出点击<a href="/logout">这里</a>。' % (
session['username'], session['username'])
elif request.method == 'POST': elif request.method == 'POST':
# POST方法用于判断登录是否成功 # POST方法用于判断登录是否成功
# check database and verify user # check database and verify user
@ -99,10 +66,10 @@ def login():
session['username'] = username session['username'] = username
user_expiry_date = get_expiry_date(username) user_expiry_date = get_expiry_date(username)
session['expiry_date'] = user_expiry_date session['expiry_date'] = user_expiry_date
session['articleID'] = None session['visited_articles'] = None
return redirect(url_for('user_bp.userpage', username=username)) return jsonify({'status': '1'})
else: else:
return '无法通过验证。' return jsonify({'status': '0'})
@accountService.route("/logout", methods=['GET', 'POST']) @accountService.route("/logout", methods=['GET', 'POST'])
@ -135,31 +102,9 @@ def reset():
# POST请求用于提交修改后信息 # POST请求用于提交修改后信息
old_password = escape(request.form['old-password']) old_password = escape(request.form['old-password'])
new_password = escape(request.form['new-password']) new_password = escape(request.form['new-password'])
re_new_password = escape(request.form['re-new-password']) # 确认新密码
if re_new_password != new_password: #验证新密码两次输入是否相同
return '新密码不匹配,请重新输入'
if len(new_password) < 4: #验证新密码长度,原则参照注册模块
return '密码过于简单。(密码长度至少4位)'
flag = change_password(username, old_password, new_password) # flag表示是否修改成功 flag = change_password(username, old_password, new_password) # flag表示是否修改成功
if flag: if flag:
session['logged_in'] = False session['logged_in'] = False
return \ return jsonify({'status':'1'}) # 修改成功
'''
<script>
alert('密码修改成功,请重新登录。');
window.location.href="/login";
</script>
'''
else: else:
return \ return jsonify({'status':'2'}) # 修改失败
'''
<script>
alert('密码修改失败');
window.location.href="/reset";
</script>
'''