From 9db98d2d442e38a403c3186f8e197053defd565c Mon Sep 17 00:00:00 2001 From: Hiragacara <1227029533@qq.com> Date: Tue, 7 Jul 2020 22:17:39 +0800 Subject: [PATCH 1/3] Update views.py --- backend/housekeeping/user/views.py | 186 ++++++++++++++++++++++++++--- 1 file changed, 169 insertions(+), 17 deletions(-) diff --git a/backend/housekeeping/user/views.py b/backend/housekeeping/user/views.py index 80e7334..6676123 100644 --- a/backend/housekeeping/user/views.py +++ b/backend/housekeeping/user/views.py @@ -1,37 +1,183 @@ -from django.shortcuts import render -from housekeeping.globalFunc import js_ok,js_error +from django.shortcuts import render, redirect +from housekeeping.globalFunc import js_ok, js_error # Create your views here. +from user.models import User + + def login(request): """ 请求方式:POST 传递参数:username&password 返回类型:字符串:ok|error """ - pass + # 判断是否是post请求 + if request.POST: + # 获取用户信息 + username = request.POST.get('username', None) + password = request.POST.get('password', None) + # 查询对应用户信息 + user = User.objects.get(username=username) + # 判断密码正确性 + if password == user.password: + # 登录成功 + + # 把内容存到cookie中 + resp = redirect('/showusi//') + # 设置cookie + resp.set_signed_cookie('username', username, salt='xyz') + + # 把数据存入到session中 + request.session['username'] = username + + # 响应到客户端 + return resp + + else: + # 这是账号密码不对的时候 + return render(request, 'login.html', {'msg':'账号或密码有误,请检查后登录'}) + + else: + # 这是GET请求, 则响应到客户端 + + # 获取到cookie的值 + username = request.get_signed_cookie('username', None, salt='xyz') + + # 判断username是否存在 + if username: + # 如果username存在, 则可以自动填写到输入框 + return render(request, 'login.html', {'username':username}) + else: + # username不存在 + return render(request, 'login.html') def register(request): """ 请求方式:POST 传递值:username&password """ - pass + if request.POST: + # 获取参数 + username = request.POST.get('username', None) + password = request.POST.get('password', None) + real_name = request.request.POST.get('real_name', None) + sex = request.request.POST.get('sex', None) + phone = request.POST.get('phone', None) + company = request.request.POST.get('company', None) + + # 判断用户是否存在 + user = User.objects.filter(username=username) + + if len(user) > 0: + return render(request, 'register.html', {'error_msg':'用户名已经被使用'}) + + # 这是用户名可以使用的时候 + # 添加数据 + user = User() + + user.username = username + user.password = password + user.salt = password[0:6] + user.real_name = real_name + user.sex = sex + user.phone = phone + user.company = company + + user.save() + + return render(request, 'register.html', {'success_msg':'创建用户成功'}) + + else: + return render(request, 'register.html') + def completeUserInfo(request): - """ - 填写/修改用户资料 - 请求方式:POST - 传递:real_name、phone、sex - """ - pass + context = dict() + try: + # 从session获取账号 + account = request.session['username'] + # 找到账号 + this_accounts = User.objects.get(username=account) + context['account'] = account + context['real_name'] = this_accounts.real_name + context['phone'] = this_accounts.phone + context['sex'] = this_accounts.sex + except: + context['account'] = None + if request.POST: + # 获取修改填入的数据 + sex = request.POST.get('sex') + real_name = request.POST.get('real_name') + phone = request.POST.get('phone') + account = request.session['username'] + + if sex == "" and real_name == "" and phone == "": # 如果三项都没有进行修改 + context['error_msg'] = '请至少修改一项' + return render(request, 'account_change.html', context) + else: # 如果进行操作,一次判断哪一个发生了改变,再依次update + if (real_name != ""): # 昵称如果不为空,更新昵称 + User.objects.filter(username=account).update(real_name=real_name) + if (sex != ""): # 性别不为空,更新性别 + User.objects.filter(username=account).update(sex=sex) + if (phone != "" and len(phone) == 11): # 电话不为空,更新电话 + User.objects.filter(username=account).update(phone=phone) + if (phone != "" and len(phone) != 11): + context['error_msg'] = '电话号码必须为11位' + return render(request, 'account_change.html', context) + this_accounts = User.objects.get(username=account) + context['success_msg'] = '修改成功' + context['account'] = this_accounts.username + context['name'] = this_accounts.real_name + context['phone'] = this_accounts.phone + return render(request, 'account_change.html', context) + else: + return render(request, 'account_change.html', context) + def changePassword(request): - """ - 修改密码 - 请求方式:POST - 传递:password&newpassword - """ - pass + context = dict() + try: + # 从session获取账号 + account = request.session['username'] + # 找到账号 + this_accounts = User.objects.get(username=account) + context['account'] = account + context['real_name'] = this_accounts.real_name + context['phone'] = this_accounts.phone + context['sex'] = this_accounts.sex + except: + context['account'] = None + if request.POST: + oldPwd = request.POST.get('oldPwd') + newPwd = request.POST.get('newPwd') + newPwd1 = request.POST.get('newPwd1') + # 从session获取账号 + account = request.session['username'] + # 遍历找到账号 + for i in range(1, User.objects.count() + 1): + this_accounts = User.objects.get(username=account) + if (account == this_accounts.username): + break + if (this_accounts.a_pwd == oldPwd): + if (newPwd == newPwd1): + if (newPwd != this_accounts.password): + User.objects.filter(username=account).update(password=str(newPwd)) + context['success_msg'] = '修改成功' + return render(request, 'account_changeP.html', context) + else: + context['error_msg'] = '不能与原密码相同' + return render(request, 'account_changeP.html', context) + else: + context['error_msg'] = '两次密码不一致,请重新输入' + return render(request, 'account_changeP.html', context) + else: + context['error_msg'] = '原密码错误,请重新再试' + return render(request, 'account_changeP.html', context) + else: + context['success_msg'] = "" + context['error_msg'] = "" + return render(request, 'account_changeP.html', context) + def forgetPassword(request): """ @@ -42,10 +188,16 @@ def forgetPassword(request): """ return js_ok('已发送找回密码短信,请注意查收') + def showUserInfo(request, userId): """ 家政公司查看用户信息 请求方式:GET 返回手机、性别、姓氏等信息 """ - pass \ No newline at end of file + result = User.objects.filter(userId=userId) + + context = dict() + context['data'] = result + + return js_ok(context) From e11a648bdeedd3376872f9e93532d77b89f7dcdb Mon Sep 17 00:00:00 2001 From: Hiragacara <1227029533@qq.com> Date: Tue, 7 Jul 2020 23:03:39 +0800 Subject: [PATCH 2/3] Update views.py --- backend/housekeeping/user/views.py | 75 ++++++++++-------------------- 1 file changed, 24 insertions(+), 51 deletions(-) diff --git a/backend/housekeeping/user/views.py b/backend/housekeeping/user/views.py index 6676123..b80ddfb 100644 --- a/backend/housekeeping/user/views.py +++ b/backend/housekeeping/user/views.py @@ -21,35 +21,21 @@ def login(request): # 判断密码正确性 if password == user.password: # 登录成功 - - # 把内容存到cookie中 - resp = redirect('/showusi//') - # 设置cookie - resp.set_signed_cookie('username', username, salt='xyz') - - # 把数据存入到session中 + # 存入session request.session['username'] = username - # 响应到客户端 - return resp + return js_ok('ok') else: # 这是账号密码不对的时候 - return render(request, 'login.html', {'msg':'账号或密码有误,请检查后登录'}) + return js_error('100', 'error') - else: - # 这是GET请求, 则响应到客户端 - # 获取到cookie的值 - username = request.get_signed_cookie('username', None, salt='xyz') +def logout(request): + request.session.flush() + + return js_ok('ok') - # 判断username是否存在 - if username: - # 如果username存在, 则可以自动填写到输入框 - return render(request, 'login.html', {'username':username}) - else: - # username不存在 - return render(request, 'login.html') def register(request): """ @@ -69,7 +55,7 @@ def register(request): user = User.objects.filter(username=username) if len(user) > 0: - return render(request, 'register.html', {'error_msg':'用户名已经被使用'}) + return js_error('100', 'error') # 这是用户名可以使用的时候 # 添加数据 @@ -85,10 +71,7 @@ def register(request): user.save() - return render(request, 'register.html', {'success_msg':'创建用户成功'}) - - else: - return render(request, 'register.html') + return js_ok('ok') def completeUserInfo(request): @@ -112,8 +95,7 @@ def completeUserInfo(request): account = request.session['username'] if sex == "" and real_name == "" and phone == "": # 如果三项都没有进行修改 - context['error_msg'] = '请至少修改一项' - return render(request, 'account_change.html', context) + return js_error(502, '请至少修改一项') else: # 如果进行操作,一次判断哪一个发生了改变,再依次update if (real_name != ""): # 昵称如果不为空,更新昵称 User.objects.filter(username=account).update(real_name=real_name) @@ -122,16 +104,14 @@ def completeUserInfo(request): if (phone != "" and len(phone) == 11): # 电话不为空,更新电话 User.objects.filter(username=account).update(phone=phone) if (phone != "" and len(phone) != 11): - context['error_msg'] = '电话号码必须为11位' - return render(request, 'account_change.html', context) + return js_error(502, '电话号码位数不对') this_accounts = User.objects.get(username=account) - context['success_msg'] = '修改成功' context['account'] = this_accounts.username context['name'] = this_accounts.real_name context['phone'] = this_accounts.phone - return render(request, 'account_change.html', context) + return js_ok('修改成功') else: - return render(request, 'account_change.html', context) + return js_error(401, '修改失败') def changePassword(request): @@ -156,27 +136,20 @@ def changePassword(request): # 遍历找到账号 for i in range(1, User.objects.count() + 1): this_accounts = User.objects.get(username=account) - if (account == this_accounts.username): + if account == this_accounts.username: break - if (this_accounts.a_pwd == oldPwd): - if (newPwd == newPwd1): - if (newPwd != this_accounts.password): + if this_accounts.a_pwd == oldPwd: + if newPwd == newPwd1: + if newPwd != this_accounts.password: User.objects.filter(username=account).update(password=str(newPwd)) - context['success_msg'] = '修改成功' - return render(request, 'account_changeP.html', context) + return js_ok('修改成功') else: - context['error_msg'] = '不能与原密码相同' - return render(request, 'account_changeP.html', context) + js_error(502, '不能与原密码一致') else: - context['error_msg'] = '两次密码不一致,请重新输入' - return render(request, 'account_changeP.html', context) + js_error(502, '两次密码不一致') else: - context['error_msg'] = '原密码错误,请重新再试' - return render(request, 'account_changeP.html', context) - else: - context['success_msg'] = "" - context['error_msg'] = "" - return render(request, 'account_changeP.html', context) + js_error(401, '原密码不对') + def forgetPassword(request): @@ -195,9 +168,9 @@ def showUserInfo(request, userId): 请求方式:GET 返回手机、性别、姓氏等信息 """ - result = User.objects.filter(userId=userId) + result = User.objects.get(userId=userId) context = dict() context['data'] = result - return js_ok(context) + return js_ok(context) \ No newline at end of file From 5bd3ea5d01554594997d7809cd68bcd725ae9b74 Mon Sep 17 00:00:00 2001 From: HackerYunen <31438247+HackerYunen@users.noreply.github.com> Date: Thu, 9 Jul 2020 00:37:25 +0800 Subject: [PATCH 3/3] Update views.py --- backend/housekeeping/user/views.py | 223 +++++++++++++---------------- 1 file changed, 98 insertions(+), 125 deletions(-) diff --git a/backend/housekeeping/user/views.py b/backend/housekeeping/user/views.py index b80ddfb..088669a 100644 --- a/backend/housekeeping/user/views.py +++ b/backend/housekeeping/user/views.py @@ -1,10 +1,27 @@ -from django.shortcuts import render, redirect from housekeeping.globalFunc import js_ok, js_error - -# Create your views here. +from django.views.decorators.http import require_http_methods +import random, string, hashlib from user.models import User +@require_http_methods(['GET']) +def my(request): + + username = request.session.get('username') + user = User.objects.get(username = username) + + context = { + 'lastName': user.real_name[0:1], + 'sex': '女士' if user.sex else '先生', + 'collectionsNum': 0, + 'recentOrderNum': 0, + 'AvgScore': 0, + 'AvgSpend': 0 + } + + return js_ok(context) + +@require_http_methods(['POST']) def login(request): """ 请求方式:POST @@ -12,146 +29,97 @@ def login(request): 返回类型:字符串:ok|error """ # 判断是否是post请求 - if request.POST: - # 获取用户信息 - username = request.POST.get('username', None) - password = request.POST.get('password', None) - # 查询对应用户信息 - user = User.objects.get(username=username) - # 判断密码正确性 - if password == user.password: - # 登录成功 - # 存入session - request.session['username'] = username - # 响应到客户端 - return js_ok('ok') - - else: - # 这是账号密码不对的时候 - return js_error('100', 'error') + # 获取用户信息 + username = request.POST.get('username', None) + password = request.POST.get('password', None) + + if username == None or password == None: + return js_error(502, '参数不全') + + # 查询对应用户信息 + user = User.objects.get(username=username) + # 判断密码正确性 + if hashlib.md5((password + user.salt).encode('utf-8')).hexdigest() == user.password: + # 存入session + request.session['username'] = username + return js_ok('登录成功') + else: + # 账号密码错误 + return js_error(401, '密码错误') +@require_http_methods(['GET','POST']) def logout(request): request.session.flush() - - return js_ok('ok') + return js_ok('退出成功') +@require_http_methods(['POST']) def register(request): """ 请求方式:POST 传递值:username&password """ - if request.POST: - # 获取参数 - username = request.POST.get('username', None) - password = request.POST.get('password', None) - real_name = request.request.POST.get('real_name', None) - sex = request.request.POST.get('sex', None) - phone = request.POST.get('phone', None) - company = request.request.POST.get('company', None) - - # 判断用户是否存在 - user = User.objects.filter(username=username) - - if len(user) > 0: - return js_error('100', 'error') - - # 这是用户名可以使用的时候 - # 添加数据 - user = User() - - user.username = username - user.password = password - user.salt = password[0:6] - user.real_name = real_name - user.sex = sex - user.phone = phone - user.company = company + # 获取参数 + username = request.POST.get('username', None) + password = request.POST.get('password', None) - user.save() + if username == None or password == None: + return js_error(502, '缺少参数') - return js_ok('ok') + # 判断用户是否存在 + if User.objects.filter(username=username).count() != 0: + return js_error(502, '用户名已存在') + # 添加数据 + salt = ''.join(random.sample(string.ascii_letters + string.digits, 6)) + md5_password = hashlib.md5((password + salt).encode('utf-8')).hexdigest() + User.objects.create(username = username, password = md5_password, salt = salt) + return js_ok('注册成功') + + +@require_http_methods(['POST']) def completeUserInfo(request): - context = dict() - try: - # 从session获取账号 - account = request.session['username'] - # 找到账号 - this_accounts = User.objects.get(username=account) - context['account'] = account - context['real_name'] = this_accounts.real_name - context['phone'] = this_accounts.phone - context['sex'] = this_accounts.sex - except: - context['account'] = None - if request.POST: - # 获取修改填入的数据 - sex = request.POST.get('sex') - real_name = request.POST.get('real_name') - phone = request.POST.get('phone') - account = request.session['username'] - - if sex == "" and real_name == "" and phone == "": # 如果三项都没有进行修改 - return js_error(502, '请至少修改一项') - else: # 如果进行操作,一次判断哪一个发生了改变,再依次update - if (real_name != ""): # 昵称如果不为空,更新昵称 - User.objects.filter(username=account).update(real_name=real_name) - if (sex != ""): # 性别不为空,更新性别 - User.objects.filter(username=account).update(sex=sex) - if (phone != "" and len(phone) == 11): # 电话不为空,更新电话 - User.objects.filter(username=account).update(phone=phone) - if (phone != "" and len(phone) != 11): - return js_error(502, '电话号码位数不对') - this_accounts = User.objects.get(username=account) - context['account'] = this_accounts.username - context['name'] = this_accounts.real_name - context['phone'] = this_accounts.phone - return js_ok('修改成功') - else: - return js_error(401, '修改失败') + # 获取修改填入的数据 + sex = request.POST.get('sex', None) + real_name = request.POST.get('real_name', None) + phone = request.POST.get('phone', 0) + account = request.session['username'] + + if sex == "" and real_name == "" and phone == "": # 如果三项都没有进行修改 + return js_error(502, '请至少修改一项') + else: # 如果进行操作,一次判断哪一个发生了改变,再依次update + if (real_name != ""): # 昵称如果不为空,更新昵称 + User.objects.filter(username=account).update(real_name=real_name) + + if (sex != ""): # 性别不为空,更新性别 + User.objects.filter(username=account).update(sex=sex) + + if (len(phone) != 11): + return js_error(502, '电话号码输入不正确') + else: + User.objects.filter(username=account).update(phone=phone) + + return js_ok('修改成功') +@require_http_methods(['POST']) def changePassword(request): - context = dict() - try: - # 从session获取账号 - account = request.session['username'] - # 找到账号 - this_accounts = User.objects.get(username=account) - context['account'] = account - context['real_name'] = this_accounts.real_name - context['phone'] = this_accounts.phone - context['sex'] = this_accounts.sex - except: - context['account'] = None - if request.POST: - oldPwd = request.POST.get('oldPwd') - newPwd = request.POST.get('newPwd') - newPwd1 = request.POST.get('newPwd1') - # 从session获取账号 - account = request.session['username'] - # 遍历找到账号 - for i in range(1, User.objects.count() + 1): - this_accounts = User.objects.get(username=account) - if account == this_accounts.username: - break - if this_accounts.a_pwd == oldPwd: - if newPwd == newPwd1: - if newPwd != this_accounts.password: - User.objects.filter(username=account).update(password=str(newPwd)) - return js_ok('修改成功') - else: - js_error(502, '不能与原密码一致') - else: - js_error(502, '两次密码不一致') - else: - js_error(401, '原密码不对') + username = request.session['username'] + password = request.POST.get('password') # 现密码 + newPassword = request.POST.get('newPassword') # 新密码 + user = User.objects.get(username=username) + + if user.password == hashlib.md5((password + user.salt).encode('utf-8')).hexdigest(): + user.password = hashlib.md5((newPassword + user.salt).encode('utf-8')).hexdigest() + user.save() + else: + js_error(401, '原密码不对') +@require_http_methods(['POST']) def forgetPassword(request): """ 忘记密码 @@ -162,15 +130,20 @@ def forgetPassword(request): return js_ok('已发送找回密码短信,请注意查收') +@require_http_methods(['GET']) def showUserInfo(request, userId): """ 家政公司查看用户信息 请求方式:GET 返回手机、性别、姓氏等信息 """ - result = User.objects.get(userId=userId) + customer = User.objects.get(id=userId) - context = dict() - context['data'] = result + data = { + 'username': customer.username, + 'sex': customer.sex, + 'phone': customer.phone, + 'real_name': customer.real_name + } - return js_ok(context) \ No newline at end of file + return js_ok(data)