以下所有代码都在 apps\apis\user_api.py 文件内操作
1. 忘记密码 API
(1). 定义api
# 忘记密码
class ForgetPasswordApi(Resource):
def get(self):
s = 'QEUQWEIQHEBQHEQGEIQHEQBcashdoahdajbhasoba1234567890'
code = ""
for i in range(4):
ran = random.choice(s)
code += ran
# 保存code
session["code"] = code
return {"code": code}
(2). 绑定路由
# 忘记密码
api.add_resource(ForgetPasswordApi, "/forget")
2. 申请重置密码API
(1). 参数校验
# 输入
sms_parser = reqparse.RequestParser()
sms_parser.add_argument('mobile', type=inputs.regex(r'^1[356789]\d{9}$'), help="手机号码格式错误", required=True,
location=["form","args"])
# 申请重置密码的输入
reset_parser = sms_parser.copy()
reset_parser.add_argument("imageCode", type=inputs.regex(r'^[a-zA-Z0-9]{4}$'), help="必须输入四位数的验证码", location="args")
(2). 定义api
# 申请重置账号密码
class ResetPasswordApi(Resource):
def get(self):
args = reset_parser.parse_args()
mobile = args.get("mobile")
imageCode = args.get("imageCode")
code = session.get("code")
print(mobile,imageCode,code)
if code and imageCode.lower() == code.lower():
# 判断手机号码
user = User.query.filter(User.phone == mobile).first()
if user:
return jsonify(status=200, msg="手机号可使用")
else:
return {"status": 400, "msg": "此用户未注册,请注册"}
else:
return {"status": 400, "msg": "验证码输入有误或超时"}
(3). 绑定路由
# 申请重置账号密码
api.add_resource(ResetPasswordApi, "/reset")
3. 更新密码和登录API
(1). 参数校验
# 输入
sms_parser = reqparse.RequestParser()
sms_parser.add_argument('mobile', type=inputs.regex(r'^1[356789]\d{9}$'), help="手机号码格式错误", required=True,
location=["form","args"])
# 校验登录参数
password_login_parser = sms_parser.copy()
password_login_parser.add_argument("password", type=str, help="必须输入密码", required=True, location="form")
# 输入
lr_parser = sms_parser.copy() # 浅拷贝:将上面的parser拷贝一份
lr_parser.add_argument("code", type=inputs.regex(r'^\d{4}$'), help="必须输入四位数字验证码", required=True, location=["form","args"])
# 校验设置密码参数
update_parser = lr_parser.copy()
update_parser.add_argument("password", type=inputs.regex(r'^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])[a-zA-Z0-9]{8,10}$'),
help="必须包含大小写字母和数字的组合,不能使用特殊符号", location=["form","args"])
update_parser.add_argument("repassword", type=inputs.regex(r'^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])[a-zA-Z0-9]{8,10}$'),
help="必须包含大小写字母和数字的组合,不能使用特殊符号", location=["form","args"])
(2). 定义api
# 账号密码登录
class UserApi(Resource):
def post(self):
args = password_login_parser.parse_args()
mobile = args.get("mobile")
password = args.get("password")
# 判断用户
user = User.query.filter(User.phone == mobile).first()
if user:
if check_password_hash(user.password, password):
# 说明这个用户是登陆成功的
session["mobile"] = 1
return {"status": 200, "msg": "用户登录成功"}
return {"status": 400, "msg": "用户名或密码有误"}
def put(self):
args = update_parser.parse_args()
code = args.get("code")
mobile = args.get("mobile")
# 判断验证码是否输入正确
if code=="1111":
user = User.query.filter(User.phone == mobile).first()
if user:
password = args.get('password')
repassword = args.get("repassword")
# 判断密码是否一致
if password == repassword:
user.password = generate_password_hash(password)
db.session.commit()
return {"static": 200, "msg": "设置密码成功"}
else:
return {"static": 400, "msg": "两次密码不一致"}
else:
return {"static": 400, "msg": "手机号不存在"}
else:
return {"static": 400, "msg": "验证码有误"}
(3). 绑定路由
# 设置密码和登录
api.add_resource(UserApi, "/user")