refactor: remove sql sentences

Alpha-snapshot20230426^2
zzhaofisher 2023-04-18 21:50:54 +08:00
parent 5d20e92061
commit cc8ca47f8c
2 changed files with 29 additions and 41 deletions

View File

@ -3,6 +3,18 @@ import string
from datetime import datetime, timedelta from datetime import datetime, timedelta
from UseSqlite import InsertQuery, RecordQuery from UseSqlite import InsertQuery, RecordQuery
def md5(s):
'''
MD5摘要
:param str: 字符串
:return: 经MD5以后的字符串
'''
h = hashlib.md5(s.encode(encoding='utf-8'))
return h.hexdigest()
# import model.user after the defination of md5(s) to avoid circular import
from model.user import get_user_by_username, insert_user, update_password_by_username
path_prefix = '/var/www/wordfreq/wordfreq/' path_prefix = '/var/www/wordfreq/wordfreq/'
path_prefix = './' # comment this line in deployment path_prefix = './' # comment this line in deployment
@ -12,13 +24,9 @@ def verify_pass(newpass,oldpass):
def verify_user(username, password): def verify_user(username, password):
rq = RecordQuery(path_prefix + 'static/wordfreqapp.db') user = get_user_by_username(username)
password = md5(username + password) encoded_password = md5(username + password)
rq.instructions_with_parameters("SELECT * FROM user WHERE name=:username AND password=:password", dict( return user is not None and user.password == encoded_password
username=username, password=password)) # the named style https://docs.python.org/3/library/sqlite3.html
rq.do_with_parameters()
result = rq.get_results()
return result != []
def add_user(username, password): def add_user(username, password):
@ -26,19 +34,12 @@ def add_user(username, password):
expiry_date = (datetime.now() + timedelta(days=30)).strftime('%Y%m%d') # will expire after 30 days expiry_date = (datetime.now() + timedelta(days=30)).strftime('%Y%m%d') # will expire after 30 days
# 将用户名和密码一起加密,以免暴露不同用户的相同密码 # 将用户名和密码一起加密,以免暴露不同用户的相同密码
password = md5(username + password) password = md5(username + password)
rq = InsertQuery(path_prefix + 'static/wordfreqapp.db') insert_user(username=username, password=password, start_date=start_date, expiry_date=expiry_date)
rq.instructions_with_parameters("INSERT INTO user VALUES (:username, :password, :start_date, :expiry_date)", dict(
username=username, password=password, start_date=start_date, expiry_date=expiry_date))
rq.do_with_parameters()
def check_username_availability(username): def check_username_availability(username):
rq = RecordQuery(path_prefix + 'static/wordfreqapp.db') existed_user = get_user_by_username(username)
rq.instructions_with_parameters( return existed_user is None
"SELECT * FROM user WHERE name=:username", dict(username=username))
rq.do_with_parameters()
result = rq.get_results()
return result == []
def change_password(username, old_password, new_password): def change_password(username, old_password, new_password):
@ -54,35 +55,16 @@ def change_password(username, old_password, new_password):
# 将用户名和密码一起加密,以免暴露不同用户的相同密码 # 将用户名和密码一起加密,以免暴露不同用户的相同密码
if verify_pass(new_password,old_password): #新旧密码一致 if verify_pass(new_password,old_password): #新旧密码一致
return False return False
password = md5(username + new_password) update_password_by_username(username, new_password)
rq = InsertQuery(path_prefix + 'static/wordfreqapp.db')
rq.instructions_with_parameters("UPDATE user SET password=:password WHERE name=:username", dict(
password=password, username=username))
rq.do_with_parameters()
return True return True
def get_expiry_date(username): def get_expiry_date(username):
rq = RecordQuery(path_prefix + 'static/wordfreqapp.db') user = get_user_by_username(username)
rq.instructions_with_parameters( if user is None:
"SELECT expiry_date FROM user WHERE name=:username", dict(username=username))
rq.do_with_parameters()
result = rq.get_results()
if len(result) > 0:
return result[0]['expiry_date']
else:
return '20191024' return '20191024'
else:
return user.expiry_date
def md5(s):
'''
MD5摘要
:param str: 字符串
:return: 经MD5以后的字符串
'''
h = hashlib.md5(s.encode(encoding='utf-8'))
return h.hexdigest()
class UserName: class UserName:
def __init__(self, username): def __init__(self, username):

View File

@ -1,5 +1,6 @@
from model import * from model import *
from Login import md5 from Login import md5
from pony import orm
def get_users(): def get_users():
with db_session: with db_session:
@ -11,6 +12,11 @@ def get_user_by_username(username):
if user: if user:
return user.first() return user.first()
def insert_user(username, password, start_date, expiry_date):
with db_session:
user = User(name=username, password=password, start_date=start_date, expiry_date=expiry_date)
orm.commit()
def update_password_by_username(username, password="123456"): def update_password_by_username(username, password="123456"):
with db_session: with db_session:
user = User.select(name=username) user = User.select(name=username)