Merge pull request #508 from liangliangyy/dev

增加新功能

Author: liangliangyy

DjangoBlog/blog_signals.py

@@ -12,24 +12,23 @@
 @file: blog_signals.py
 @time: 2017/8/12 上午10:18
 """
-import django
+import _thread
+import logging
+
 import django.dispatch
 from django.dispatch import receiver
 from django.conf import settings
 from django.contrib.admin.models import LogEntry
-from DjangoBlog.utils import get_current_site
 from django.core.mail import EmailMultiAlternatives
 from django.db.models.signals import post_save
-from django.contrib.auth.signals import user_logged_in, user_logged_out, user_login_failed
+from django.contrib.auth.signals import user_logged_in, user_logged_out
 
-from DjangoBlog.utils import cache, send_email, expire_view_cache, delete_sidebar_cache, delete_view_cache
-from DjangoBlog.spider_notify import SpiderNotify
 from oauth.models import OAuthUser
-from blog.models import Article, Category, Tag, Links, SideBar, BlogSettings
 from comments.models import Comment
 from comments.utils import send_comment_email
-import _thread
-import logging
+from DjangoBlog.utils import get_current_site
+from DjangoBlog.utils import cache, expire_view_cache, delete_sidebar_cache, delete_view_cache
+from DjangoBlog.spider_notify import SpiderNotify
 
 logger = logging.getLogger(__name__)
 
@@ -61,7 +60,7 @@ def send_email_signal_handler(sender, **kwargs):
         result = msg.send()
         log.send_result = result > 0
     except Exception as e:
-        logger.error(e)
+        logger.error(f"失败邮箱号: {emailto}, {e}")
         log.send_result = False
     log.save()
 

DjangoBlog/utils.py

@@ -2,28 +2,21 @@
 # encoding: utf-8
 
 
-"""
-@version: ??
-@author: liangliangyy
-@license: MIT Licence
-@contact: liangliangyy@gmail.com
-@site: https://www.lylinux.net/
-@software: PyCharm
-@file: utils.py
-@time: 2017/1/19 上午2:30
-"""
-from django.core.cache import cache
-from django.contrib.sites.models import Site
+import logging
+import os
+import random
+import string
+import uuid
 from hashlib import sha256
+
 import mistune
+import requests
+from django.contrib.sites.models import Site
+from django.core.cache import cache
 from mistune import escape, escape_link
 from pygments import highlight
-from pygments.lexers import get_lexer_by_name
 from pygments.formatters import html
-import logging
-import requests
-import uuid
-import os
+from pygments.lexers import get_lexer_by_name
 
 logger = logging.getLogger(__name__)
 
@@ -187,6 +180,11 @@ def send_email(emailto, title, content):
         content=content)
 
 
+def generate_code() -> str:
+    """生成随机数验证码"""
+    return ''.join(random.sample(string.digits, 6))
+
+
 def parse_dict_to_url(dict):
     from urllib.parse import quote
     url = '&'.join(['{}={}'.format(quote(k, safe='/'), quote(v, safe='/'))

accounts/forms.py

@@ -12,11 +12,14 @@
 @file: forms.py
 @time: 2016/11/20 下午3:16
 """
+from django import forms
+from django.contrib.auth import get_user_model, password_validation
 from django.contrib.auth.forms import AuthenticationForm, UserCreationForm
-from django.forms import widgets
-from django.conf import settings
-from django.contrib.auth import get_user_model
 from django.core.exceptions import ValidationError
+from django.forms import widgets
+
+from . import utils
+from .models import BlogUser
 
 
 class LoginForm(AuthenticationForm):
@@ -50,3 +53,79 @@ def clean_email(self):
     class Meta:
         model = get_user_model()
         fields = ("username", "email")
+
+
+class ForgetPasswordForm(forms.Form):
+    new_password1 = forms.CharField(
+        label="新密码",
+        widget=forms.PasswordInput(
+            attrs={
+                "class": "form-control",
+                'placeholder': "密码"
+            }
+        ),
+    )
+
+    new_password2 = forms.CharField(
+        label="确认密码",
+        widget=forms.PasswordInput(
+            attrs={
+                "class": "form-control",
+                'placeholder': "确认密码"
+            }
+        ),
+    )
+
+    email = forms.EmailField(
+        label='邮箱',
+        widget=forms.TextInput(
+            attrs={
+                'class': 'form-control',
+                'placeholder': "邮箱"
+            }
+        ),
+    )
+
+    code = forms.CharField(
+        label='验证码',
+        widget=forms.TextInput(
+            attrs={
+                'class': 'form-control',
+                'placeholder': "验证码"
+            }
+        ),
+    )
+
+    def clean_new_password2(self):
+        password1 = self.data.get("new_password1")
+        password2 = self.data.get("new_password2")
+        if password1 and password2 and password1 != password2:
+            raise ValidationError("两次密码不一致")
+        password_validation.validate_password(password2)
+
+        return password2
+
+    def clean_email(self):
+        user_email = self.cleaned_data.get("email")
+        if not BlogUser.objects.filter(
+            email=user_email
+        ).exists():
+            # todo 这里的报错提示可以判断一个邮箱是不是注册过，如果不想暴露可以修改
+            raise ValidationError("未找到邮箱对应的用户")
+        return user_email
+
+    def clean_code(self):
+        code = self.cleaned_data.get("code")
+        error = utils.verify(
+            email=self.cleaned_data.get("email"),
+            code=code,
+        )
+        if error:
+            raise ValidationError(error)
+        return code
+
+
+class ForgetPasswordCodeForm(forms.Form):
+    email = forms.EmailField(
+        label="邮箱号"
+    )

accounts/tests.py

@@ -1,20 +1,26 @@
+from django.conf import settings
 from django.test import Client, RequestFactory, TestCase
-from blog.models import Article, Category, Tag
-from django.contrib.auth import get_user_model
-from DjangoBlog.utils import delete_view_cache, delete_sidebar_cache
-from accounts.models import BlogUser
 from django.urls import reverse
-from DjangoBlog.utils import *
-from django.conf import settings
 from django.utils import timezone
 
+from DjangoBlog.utils import *
+from accounts.models import BlogUser
+from blog.models import Article, Category
+from . import utils
+
 
 # Create your tests here.
 
 class AccountTest(TestCase):
     def setUp(self):
         self.client = Client()
         self.factory = RequestFactory()
+        self.blog_user = BlogUser.objects.create_user(
+            username="test",
+            email="admin@admin.com",
+            password="12345678"
+        )
+        self.new_test = "xxx123--="
 
     def test_validate_account(self):
         site = get_current_site().domain
@@ -111,3 +117,101 @@ def test_validate_register(self):
 
         response = self.client.get(article.get_admin_url())
         self.assertIn(response.status_code, [301, 302, 200])
+
+    def test_verify_email_code(self):
+        to_email = "admin@admin.com"
+        code = generate_code()
+        utils.set_code(to_email, code)
+        utils.send_verify_email(to_email, code)
+
+        err = utils.verify("admin@admin.com", code)
+        self.assertEqual(err, None)
+
+        err = utils.verify("admin@123.com", code)
+        self.assertEqual(type(err), str)
+
+    def test_forget_password_email_code_success(self):
+        resp = self.client.post(
+            path=reverse("account:forget_password_code"),
+            data=dict(email="admin@admin.com")
+        )
+
+        self.assertEqual(resp.status_code, 200)
+        self.assertEqual(resp.content.decode("utf-8"), "ok")
+
+    def test_forget_password_email_code_fail(self):
+        resp = self.client.post(
+            path=reverse("account:forget_password_code"),
+            data=dict()
+        )
+        self.assertEqual(resp.content.decode("utf-8"), "错误的邮箱")
+
+        resp = self.client.post(
+            path=reverse("account:forget_password_code"),
+            data=dict(email="admin@com")
+        )
+        self.assertEqual(resp.content.decode("utf-8"), "错误的邮箱")
+
+    def test_forget_password_email_success(self):
+        code = generate_code()
+        utils.set_code(self.blog_user.email, code)
+        data = dict(
+            new_password1=self.new_test,
+            new_password2=self.new_test,
+            email=self.blog_user.email,
+            code=code,
+        )
+        resp = self.client.post(
+            path=reverse("account:forget_password"),
+            data=data
+        )
+        self.assertEqual(resp.status_code, 302)
+
+        # 验证用户密码是否修改成功
+        blog_user = BlogUser.objects.filter(
+            email=self.blog_user.email,
+        ).first()  # type: BlogUser
+        self.assertNotEqual(blog_user, None)
+        self.assertEqual(blog_user.check_password(data["new_password1"]), True)
+
+    def test_forget_password_email_not_user(self):
+        data = dict(
+            new_password1=self.new_test,
+            new_password2=self.new_test,
+            email="123@123.com",
+            code="123456",
+        )
+        resp = self.client.post(
+            path=reverse("account:forget_password"),
+            data=data
+        )
+
+        self.assertEqual(resp.status_code, 200)
+        self.assertFormError(
+            response=resp,
+            form="form",
+            field="email",
+            errors="未找到邮箱对应的用户"
+        )
+
+    def test_forget_password_email_code_error(self):
+        code = generate_code()
+        utils.set_code(self.blog_user.email, code)
+        data = dict(
+            new_password1=self.new_test,
+            new_password2=self.new_test,
+            email=self.blog_user.email,
+            code="111111",
+        )
+        resp = self.client.post(
+            path=reverse("account:forget_password"),
+            data=data
+        )
+
+        self.assertEqual(resp.status_code, 200)
+        self.assertFormError(
+            response=resp,
+            form="form",
+            field="code",
+            errors="验证码错误"
+        )

accounts/urls.py

@@ -14,10 +14,10 @@
 """
 
 from django.conf.urls import url
-from django.contrib.auth import views as auth_view
 from django.urls import path
-from . import views
+
 from .forms import LoginForm
+from . import views
 
 app_name = "accounts"
 
@@ -33,4 +33,11 @@
                    name='logout'),
                path(r'account/result.html',
                     views.account_result,
-                    name='result')]
+                    name='result'),
+               url(r'^forget_password/$',
+                   views.ForgetPasswordView.as_view(),
+                   name='forget_password'),
+               url(r'^forget_password_code/$',
+                   views.ForgetPasswordEmailCode.as_view(),
+                   name='forget_password_code'),
+               ]

accounts/utils.py

@@ -0,0 +1,45 @@
+import typing
+from datetime import timedelta
+
+from django.core.cache import cache
+
+from DjangoBlog.utils import send_email
+
+_code_ttl = timedelta(minutes=5)
+
+
+def send_verify_email(to_mail: str, code: str, subject: str = "邮件验证码"):
+    """发送重设密码验证码
+    Args:
+        to_mail: 接受邮箱
+        subject: 邮件主题
+        code: 验证码
+    """
+    html_content = f"您正在重设密码，验证码为：{code}, 5分钟内有效，请妥善保管"
+    send_email([to_mail], subject, html_content)
+
+
+def verify(email: str, code: str) -> typing.Optional[str]:
+    """验证code是否有效
+    Args:
+        email: 请求邮箱
+        code: 验证码
+    Return:
+        如果有错误就返回错误str
+    Node:
+        这里的错误处理不太合理，应该采用raise抛出
+        否测调用方也需要对error进行处理
+    """
+    cache_code = get_code(email)
+    if cache_code != code:
+        return "验证码错误"
+
+
+def set_code(email: str, code: str):
+    """设置code"""
+    cache.set(email, code, _code_ttl.seconds)
+
+
+def get_code(email: str) -> typing.Optional[str]:
+    """获取code"""
+    return cache.get(email)