import hashlib
import string
from datetime import datetime
from UseSqlite import InsertQuery, RecordQuery
path_prefix = '/var/www/wordfreq/wordfreq/'
path_prefix = './' # comment this line in deployment
def verify_pass(newpass,oldpass):
if(newpass==oldpass):
return True
def verify_user(username, password):
rq = RecordQuery(path_prefix + 'static/wordfreqapp.db')
password = md5(username + password)
rq.instructions_with_parameters("SELECT * FROM user WHERE name=:username AND password=:password", dict(
username=username, password=password)) # the named style https://docs.python.org/3/library/sqlite3.html
rq.do_with_parameters()
result = rq.get_results()
return result != []
def add_user(username, password):
start_date = datetime.now().strftime('%Y%m%d')
expiry_date = '20221230'
# 将用户名和密码一起加密,以免暴露不同用户的相同密码
password = md5(username + password)
rq = InsertQuery(path_prefix + 'static/wordfreqapp.db')
rq.instructions_with_parameters("INSERT INTO user VALUES (:username, :password, :start_date, :expiry_date)", dict(
username=username, password=password, start_date=start_date, expiry_date=expiry_date))
rq.do_with_parameters()
def check_username_availability(username):
rq = RecordQuery(path_prefix + 'static/wordfreqapp.db')
rq.instructions_with_parameters(
"SELECT * FROM user WHERE name=:username", dict(username=username))
rq.do_with_parameters()
result = rq.get_results()
return result == []
def change_password(username, old_password, new_password):
'''
修改密码
:param username: 用户名
:param old_password: 旧的密码
:param new_password: 新密码
:return: 修改成功:True 否则:False
'''
if not verify_user(username, old_password): # 旧密码错误
return False
# 将用户名和密码一起加密,以免暴露不同用户的相同密码
if verify_pass(new_password,old_password): #新旧密码一致
return False
password = md5(username + new_password)
rq = InsertQuery(path_prefix + 'static/wordfreqapp.db')
rq.instructions_with_parameters("UPDATE user SET password=:password WHERE name=:username", dict(
password=password, username=username))
rq.do_with_parameters()
return True
def get_expiry_date(username):
rq = RecordQuery(path_prefix + 'static/wordfreqapp.db')
rq.instructions_with_parameters(
"SELECT expiry_date FROM user WHERE name=:username", dict(username=username))
rq.do_with_parameters()
result = rq.get_results()
if len(result) > 0:
return result[0]['expiry_date']
else:
return '20191024'
def md5(s):
'''
MD5摘要
:param str: 字符串
:return: 经MD5以后的字符串
'''
h = hashlib.md5(s.encode(encoding='utf-8'))
return h.hexdigest()
class UserName:
def __init__(self, username):
self.username = username
def validate(self):
if len(self.username) > 20:
return f'{self.username} is too long. The user name cannot exceed 20 characters.'
if self.username.startswith('.'): # a user name must not start with a dot
return 'Period (.) is not allowed as the first letter in the user name.'
if ' ' in self.username: # a user name must not include a whitespace
return 'Whitespace is not allowed in the user name.'
for c in self.username: # a user name must not include special characters, except non-leading periods or underscores
if c in string.punctuation and c is not '.' and c is not '_':
return f'{c} is not allowed in the user name.'
if self.username in ['signup', 'login', 'logout', 'reset', 'mark', 'back', 'unfamiliar', 'familiar', 'del']:
return 'You used a restricted word as your user name. Please come up with a better one.'
return 'OK'
class WarningMessage:
def __init__(self, s):
self.s = s
def __str__(self):
return UserName(self.s).validate()