(1)front/form.pyhtml
# front/forms.py __author__ = 'derek' from ..forms import BaseForm from wtforms import StringField from wtforms.validators import Regexp,ValidationError,EqualTo from utils import zlcache class SignupForm(BaseForm): telephone=StringField(validators=[Regexp(r'1[3578]\d{9}',message='請輸入正確格式的手機號碼')]) sms_captcha=StringField(validators=[Regexp(r'\w{4}',message='請輸入四位短信驗證碼')]) username=StringField(validators=[Regexp(r'.{3,15}',message='用戶名長度在3-15位之間')]) password=StringField(validators=[Regexp(r'[0-9a-zA-Z_\.]{6,15}',message='請輸入正確格式的密碼')]) password2=StringField(validators=[EqualTo('password',message='兩次輸入的密碼不一致')]) graph_captcha=StringField(validators=[Regexp(r'\w{4}',message='圖形驗證碼不正確')]) def validate_sms_captcha(self,field): # 必須傳入的參數self,field # 使用fields.data和使用self.sms_captcha.data是同樣的 sms_captcha=field.data telephone=self.telephone.data if sms_captcha != '1111': sms_captcha_mem=zlcache.get(telephone) if not sms_captcha_mem or sms_captcha_mem.lower() != sms_captcha.lower(): raise ValidationError(message='短信驗證碼錯誤') def validate_graph_captcha(self,field): graph_captcha=field.data if graph_captcha != '1111': graph_captcha_mem=zlcache.get(graph_captcha.lower()) if not graph_captcha_mem: raise ValidationError(message='圖形驗證碼錯誤')
(2)utils/safeutils.pyajax
from urllib.parse import urlparse,urljoin from flask import request def is_safe_url(target): ref_url = urlparse(request.host_url) test_url = urlparse(urljoin(request.host_url, target)) return test_url.scheme in ('http', 'https') and \ ref_url.netloc == test_url.netloc
(3)front/views.pyflask
class SignupView(views.MethodView): def get(self): return_to = request.referrer if return_to and return_to != request.url and safeutils.is_safe_url(return_to): return render_template('front/signup.html', return_to=return_to) else: return render_template('front/signup.html') def post(self): form = SignupForm(request.form) if form.validate(): telephone = form.telephone.data username = form.username.data password = form.password.data user = FrontUser(telephone=telephone, username=username, password=password) db.session.add(user) db.session.commit() return restful.success() else: print(form.get_error()) return restful.params_error(message=form.get_error())
(4)front/signup.htmlrestful
<div class="form-group"> <span style="display: none" id="return-to-span">{{ return_to }}</span> <button id="submit-btn" class="btn btn-warning btn-block">當即註冊</button> </div>
(6)front/signup.jssession
$(function () { $('#submit-btn').on('click', function () { var telephone_input = $('input[name=telephone]'); var sms_captcha_input = $('input[name=sms_captcha]'); var username_input = $('input[name=username]'); var password_input = $('input[name=password1]'); var password2_input = $('input[name=password2]'); var graph_captcha_input = $('input[name=graph_captcha]'); var telephone = telephone_input.val(); var sms_captcha = sms_captcha_input.val(); var username = username_input.val(); var password = password_input.val(); var password2 = password2_input.val(); var graph_captcha = graph_captcha_input.val(); zlajax.post({ 'url': '/signup/', 'data': { 'telephone': telephone, 'sms_captcha': sms_captcha, 'username': username, 'password': password, 'password2': password2, 'graph_captcha': graph_captcha }, 'success': function (data) { if (data['code'] == 200) { var return_to = $('#return-to-span').text(); if (return_to) { window.location = return_to } else { window.location = '/' } } else { zlalert.alertInfoToast(data['message']); } }, 'fail': function () { zlalert.alertNetworkError(); } }); }); });