EnglishPal/app/account_service.py

126 lines
4.9 KiB
Python
Raw Permalink Normal View History

from flask import *
2023-05-16 14:46:57 +08:00
from Login import check_username_availability, verify_user, add_user, get_expiry_date, change_password, WarningMessage
# 初始化蓝图
accountService = Blueprint("accountService", __name__)
2023-05-16 14:46:57 +08:00
### Sign-up, login, logout ###
@accountService.route("/signup", methods=['GET', 'POST'])
def signup():
'''
注册
:return: 根据注册是否成功返回不同界面
'''
if request.method == 'GET':
# GET方法直接返回注册页面
return render_template('signup.html')
elif request.method == 'POST':
# POST方法需判断是否注册成功再根据结果返回不同的内容
2022-01-27 17:01:03 +08:00
username = escape(request.form['username'])
password = escape(request.form['password'])
2023-04-23 19:57:18 +08:00
# ! 添加如下代码为了过滤注册时的非法字符
2022-11-03 21:59:12 +08:00
warn = WarningMessage(username)
if str(warn) != 'OK':
2023-04-23 19:57:18 +08:00
return jsonify({'status': '3', 'warn': str(warn)})
available = check_username_availability(username)
2023-04-23 19:57:18 +08:00
if not available: # 用户名不可用
return jsonify({'status': '0'})
else: # 添加账户信息
add_user(username, password)
verified = verify_user(username, password)
if verified:
# 写入session
session['logged_in'] = True
session[username] = username
session['username'] = username
2023-05-16 14:46:57 +08:00
session['token'] = "70620F32A9DC965FCCF0447B674AA161"
session['expiry_date'] = get_expiry_date(username)
session['articleID'] = None
2023-04-23 19:57:18 +08:00
return render_template('signup_success.html', username=username)
# session['existing_articles'] = None
# return jsonify({'status': '2'})
else:
2023-04-23 19:57:18 +08:00
return jsonify({'status': '1'})
@accountService.route("/login", methods=['GET', 'POST'])
def login():
'''
登录
:return: 根据登录是否成功返回不同页面
'''
if request.method == 'GET':
# GET请求
if not session.get('logged_in'):
# 未登录,返回登录页面
return render_template('login.html')
else:
# 已登录,提示信息并显示登出按钮
2023-04-23 19:57:18 +08:00
return render_template('login_success.html', username=session['username'])
elif request.method == 'POST':
# POST方法用于判断登录是否成功
# check database and verify user
2022-01-27 17:01:03 +08:00
username = escape(request.form['username'])
password = escape(request.form['password'])
verified = verify_user(username, password)
if verified:
# 登录成功写入session
session['logged_in'] = True
session[username] = username
session['username'] = username
2023-05-16 14:46:57 +08:00
session['token'] = "70620F32A9DC965FCCF0447B674AA161"
user_expiry_date = get_expiry_date(username)
session['expiry_date'] = user_expiry_date
2023-04-23 19:57:18 +08:00
session['existing_articles'] = None
return jsonify({'status': '1'})
else:
2023-04-23 19:57:18 +08:00
return jsonify({'status': '0'})
@accountService.route("/logout", methods=['GET', 'POST'])
def logout():
'''
登出
:return: 重定位到主界面
'''
# 将session标记为登出状态
session['logged_in'] = False
2023-05-16 14:46:57 +08:00
session["token"] = None
return redirect(url_for('mainpage'))
@accountService.route("/reset", methods=['GET', 'POST'])
def reset():
'''
重设密码
:return: 返回适当的页面
'''
# 下列方法用于防止未登录状态下的修改密码
if not session.get('logged_in'):
return render_template('login.html')
username = session['username']
if username == '':
return redirect('/login')
if request.method == 'GET':
# GET请求返回修改密码页面
return render_template('reset.html', username=session['username'], state='wait')
else:
# POST请求用于提交修改后信息
2022-01-27 17:01:03 +08:00
old_password = escape(request.form['old-password'])
new_password = escape(request.form['new-password'])
re_new_password = escape(request.form['re-new-password']) # 确认新密码
2023-04-23 19:57:18 +08:00
if re_new_password != new_password: # 验证新密码两次输入是否相同
return '新密码不匹配,请重新输入'
2023-04-23 19:57:18 +08:00
if len(new_password) < 4: # 验证新密码长度g原则参照注册模块
return '密码过于简单。(密码长度至少4位)'
2023-04-23 19:57:18 +08:00
flag = change_password(username, old_password, new_password) # flag表示是否修改成功
if flag:
session['logged_in'] = False
2023-04-23 19:57:18 +08:00
return render_template('password_change_status.html', message="密码修改成功,请重新登录。", path="/login")
else:
2023-04-23 19:57:18 +08:00
return render_template('password_change_status.html', message="密码修改失败", path="/reset")