|
|
| from flask import request
|
| from flask_restful import Resource
|
| from flask_jwt_extended import create_access_token
|
| from datetime import datetime, timedelta
|
|
|
| from app import db
|
| from app.models import Customer, SendCode
|
| from app.utils.security import hash_password, verify_password
|
| from app.utils.response import APIResponse
|
| from app.utils.mail_service import EmailService
|
| import random
|
|
|
| from app.utils.validators import (
|
| validate_verification_code,
|
| validate_password_confirmation
|
| )
|
|
|
|
|
|
|
|
|
| class SendRegisterCodeResource(Resource):
|
| def post(self):
|
| """发送注册验证码接口[^1]"""
|
| email = request.form.get('email')
|
| if Customer.query.filter_by(email=email).first():
|
| return APIResponse.error('邮箱已存在', 400)
|
|
|
| code = ''.join(random.choices('0123456789', k=6))
|
| send_code = SendCode(
|
| send_type=1,
|
| send_to=email,
|
| code=code,
|
| created_at=datetime.utcnow()
|
| )
|
| db.session.add(send_code)
|
| try:
|
| EmailService.send_verification_code(email, code)
|
| db.session.commit()
|
| return APIResponse.success()
|
| except Exception as e:
|
| db.session.rollback()
|
| return APIResponse.error('邮件发送失败', 500)
|
|
|
|
|
| class UserRegisterResource(Resource):
|
| def post(self):
|
| """用户注册接口[^2]"""
|
| data = request.form
|
|
|
| required_fields = ['email', 'password', 'code']
|
| if not all(field in data for field in required_fields):
|
| return APIResponse.error('缺少必要参数', 400)
|
|
|
|
|
| is_valid, msg = validate_verification_code(
|
| data['email'], data['code'], 1
|
| )
|
| if not is_valid:
|
| return APIResponse.error(msg, 400)
|
|
|
| customer = Customer(
|
| email=data['email'],
|
| password=hash_password(data['password']),
|
| created_at=datetime.utcnow(),
|
| updated_at=datetime.utcnow()
|
| )
|
| db.session.add(customer)
|
| db.session.commit()
|
|
|
|
|
|
|
| return APIResponse.success(message='注册成功!',data={
|
|
|
| 'email': data['email']
|
| })
|
|
|
|
|
| class UserLoginResource(Resource):
|
| def post(self):
|
| """用户登录接口[^3]"""
|
| data = request.form
|
| customer = Customer.query.filter_by(email=data['email']).first()
|
|
|
| if not customer or not verify_password(customer.password, data['password']):
|
| return APIResponse.error('账号或密码错误')
|
|
|
| access_token = create_access_token(identity=str(customer.id))
|
| return APIResponse.success({
|
| 'token': access_token,
|
| 'email': data['email'],
|
| 'level': customer.level
|
| })
|
|
|
|
|
| class SendResetCodeResource(Resource):
|
| def post(self):
|
| """发送密码重置验证码接口[^4]"""
|
| email = request.form.get('email')
|
| if not Customer.query.filter_by(email=email).first():
|
| return APIResponse.not_found('用户不存在')
|
|
|
| code = ''.join(random.choices('0123456789', k=6))
|
| send_code = SendCode(
|
| send_type=2,
|
| send_to=email,
|
| code=code,
|
| created_at=datetime.utcnow()
|
| )
|
| db.session.add(send_code)
|
| try:
|
| EmailService.send_verification_code(email, code)
|
| db.session.commit()
|
| return APIResponse.success()
|
| except Exception as e:
|
| db.session.rollback()
|
| return APIResponse.error('邮件发送失败', 500)
|
|
|
|
|
| class ResetPasswordResource(Resource):
|
| def post(self):
|
| """重置密码接口[^5]"""
|
| data = request.form
|
|
|
|
|
| is_valid, msg = validate_password_confirmation(data)
|
| if not is_valid:
|
| return APIResponse.error(msg, 400)
|
|
|
|
|
| is_valid, msg = validate_verification_code(
|
| data['email'], data['code'], 2
|
| )
|
| if not is_valid:
|
| return APIResponse.error(msg, 400)
|
|
|
| customer = Customer.query.filter_by(email=data['email']).first()
|
| customer.password = hash_password(data['password'])
|
| customer.updated_at = datetime.utcnow()
|
| db.session.commit()
|
| return APIResponse.success()
|
|
|
|
|
