from django.contrib.auth.forms import UserCreationForm
from .models import MyUser
from django import forms
class MyUserCreationForm(UserCreationForm):
def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs)
self.fields['password1'].widget = forms.PasswordInput(
attrs={'class': 'txt tabInput', 'placeholder': '密码,4-16位数字/字母/符号(空格除外)'})
self.fields['password2'].widget = forms.PasswordInput(attrs={'class': 'txt tabInput', 'placeholder': '重复密码'})
class Meta(UserCreationForm.Meta):
model = MyUser
fields = UserCreationForm.Meta.fields + ('email',)
widgets = {
'email': forms.widgets.TextInput(attrs={'class': 'txt tabInput', 'placeholder': '邮箱'}),
'username': forms.widgets.TextInput(attrs={'class': 'txt tabInput', 'placeholder': '用户名'}),
}
from django.core.validators import EmailValidator
from django.db import models
from django.contrib.auth.models import AbstractUser
# Create your models here.
class MyUser(AbstractUser):
is_secert = models.BooleanField('是否为涉密人员', default=False)
email = models.CharField('邮箱地址', max_length=50, validators=[EmailValidator('请输入合法的邮箱地址')], )
def __str__(self):
return self.username
from django.contrib.auth.decorators import login_required,permission_required
from django.shortcuts import render
from user.models import MyUser
from .models import *
from gmssl import sm2
@login_required(login_url='/')
def indexView(request):
if request.user.username:
uname = request.user.username
this_user = MyUser.objects.get(username=uname).is_secert
else:
this_user=0
if not this_user:
documentDynamic = Dynamic.objects.select_related('document').filter(document_id__Classification=this_user)
else:
documentDynamic = Dynamic.objects.select_related('document')
# 热搜公文
searchs = documentDynamic.order_by('-search').all()[:8]
# 公文分类
labels = Label.objects.all()
# 热门公文
popular = documentDynamic.order_by('-plays').all()[:10]
# 最新公文
recommend = Document.objects.order_by('-time').all()[:3]
# 热门搜索、热门下载
downloads = documentDynamic.order_by('-download').all()[:6]
tabs = [searchs[:6], downloads]
return render(request, 'index.html', locals())
# 自定义404和500的视图函数
def page_not_found(request, exception):
return render(request, '404.html', status=404)
def page_error(request):
return render(request, '404.html', status=500)
import os
import imghdr
import string
import secrets
import time
import filetype
from gmssl import sm2
from PyPDF2 import PdfFileReader, PdfFileWriter
from django.contrib.auth.models import Group
from django.http import HttpResponse
from django.shortcuts import render, redirect
from django.shortcuts import reverse
from index.models import *
from user.models import *
from .form import MyUserCreationForm
from django.db.models import Q
from django.contrib.auth import login, logout
from django.contrib.auth.hashers import check_password
from django.contrib.auth.decorators import login_required
from django.core.paginator import Paginator
from django.core.paginator import EmptyPage
from django.core.paginator import PageNotAnInteger
def loginView(request):
user = MyUserCreationForm()
if request.method == 'POST':
if request.POST.get('loginUser', ''):
u = request.POST.get('loginUser', '')
p = request.POST.get('password', '')
if MyUser.objects.filter(Q(username=u)):
u1 = MyUser.objects.filter(Q(username=u)).first()
if check_password(p, u1.password):
login(request, u1)
return redirect(reverse('home', kwargs={'page': 1}))
else:
tips = '密码错误'
else:
tips = '用户不存在'
else:
u = MyUserCreationForm(request.POST)
if u.is_valid():
u.save()
if request.user.username:
uname = request.user.username
this_user_id = MyUser.objects.get(username=uname).id
user = MyUser.objects.get(id=this_user_id)
group = Group.objects.get(id=3)
user.groups.add(group)
else:
print('用户组添加失败')
tips = '注册成功'
else:
if u.errors.get('username', ''):
tips = u.errors.get('username', '注册失败')
else:
tips = u.errors.get('password2','') + u.errors.get('email', '')
return render(request, 'user.html', locals())
# 用户中心
# 设置用户登录限制
@login_required(login_url='/')
def homeView(request, page):
# 热搜公文
searchs = Dynamic.objects.select_related('document').order_by('-search').all()[:4]
# 分页功能
documents = request.session.get('play_list', [])
paginator = Paginator(documents, 3)
try:
pages = paginator.page(page)
except PageNotAnInteger:
pages = paginator.page(1)
except EmptyPage:
pages = paginator.page(paginator.num_pages)
return render(request, 'home.html', locals())
# 退出登录
def logoutView(request):
logout(request)
return redirect('/')
def uploadView(request):
# 请求方法为POST时,执行文件上传
if request.method == 'POST':
# 获取上传的文件,如果没有文件,就默认为None
myFile = request.FILES.get("myfile", None)
summary = request.FILES.get("summary", None)
image = request.FILES.get("image", None)
if not myFile:
return HttpResponse("上传的文件不可缺省")
try:
if str(myFile).endswith('.pdf'):
pass
else:
return HttpResponse('文件不符合要求,请转为pdf文件')
except:
print('文件错误')
try:
if str(summary).endswith('.txt'):
pass
else:
return HttpResponse('摘要不符合要求,请转为txt文件')
except:
print('摘要错误')
try:
if str(image).endswith('.jpg'):
pass
else:
return HttpResponse('图片格式错误')
except:
print('图片错误')
title = request.POST.get('title', '')
office = request.POST.get('office', '')
type_id = request.POST.get('type', '')
if int(type_id) == 1:
type='条例'
elif int(type_id) == 2:
type='请示'
elif int(type_id) == 3:
type='决定'
elif int(type_id) == 4:
type='命令'
elif int(type_id) == 5:
type='指示'
elif int(type_id) == 6:
type='批复'
elif int(type_id) == 7:
type='通知'
elif int(type_id) == 8:
type='通报'
elif int(type_id) == 9:
type='公告'
elif int(type_id) == 10:
type='通告'
elif int(type_id) == 11:
type='议案'
elif int(type_id) == 12:
type='报告'
elif int(type_id) == 13:
type='涵'
elif int(type_id) == 14:
type='会议纪要'
else:
type=''
sec = int(request.POST.get('sec', ''))
user = request.user.username
now = time.strftime('%Y-%m-%d', time.localtime(time.time()))
alphabet = string.ascii_letters + string.digits + string.punctuation
while True:
password = ''.join(secrets.choice(alphabet) for i in range(16))
if (any(c.islower() for c in password)
and any(c.isupper() for c in password)
and sum(c in string.punctuation for c in password) <= 2
and sum(c.isdigit() for c in password) >= 3):
break
print(password)
SM2_PRIVATE_KEY = '00B9AB0B828FF68872F21A837FC303668428DEA11DCD1B24429D0C99E24EED83D5'
SM2_PUBLIC_KEY = 'B9C9A6E04E9C91F7BA880429273747D7EF5DDEB0BB2FF6317EB00BEF331A83081A6994B8993F3F5D6EADDDB81872266C87C018FB4162F5AF347B483E24620207'
sm2_crypt = sm2.CryptSM2(public_key=SM2_PUBLIC_KEY, private_key=SM2_PRIVATE_KEY)
str1_bytes = bytes(password, encoding="utf8")
str1_sm2en = sm2_crypt.encrypt(str1_bytes)
print(str1_sm2en, len(str1_sm2en))
article = Document(name=title, person=user, office=office, type=type, Classification=sec,
time=now, img=image, lyrics=summary, file=myFile, label_id=type_id, key=str1_sm2en)
article.save()
id = article.id
dynamic = Dynamic(plays=0, search=0, download=0, document_id=id)
dynamic.save()
try:
if imghdr.what(os.path.join("D://electronicDocument/media/documentImg/", str(image))) == None:
print('img error')
else:
pass
except:
print('img test error')
path_doc = os.path.join("D://electronicDocument/media/documentFile/", str(myFile))
path_sum = os.path.join("D://electronicDocument/media/documentLyric/", str(summary))
if file_test(path_doc):
pass
else:
print('error document')
if file_test(path_sum):
pass
else:
print('error summary')
file_reader = PdfFileReader("D:\\electronicDocument\\media\\documentFile\\"+str(myFile))
file_writer = PdfFileWriter()
for page in range(file_reader.getNumPages()):
file_writer.addPage(file_reader.getPage(page))
file_writer.encrypt(password) # 设置密码
with open("D:\\electronicDocument\\media\\documentFile\\"+str(myFile), 'wb') as out:
file_writer.write(out)
# 打开特定的文件进行二进制的写操作
'''
f = open(os.path.join("D://electronicDocument/media/documentFile/", myFile.name), 'wb+')
# 分块写入文件
for chunk in myFile.chunks():
f.write(chunk)
f.close()
f = open(os.path.join("D://electronicDocument/media/documentLyric/", summary.name), 'wb+')
# 分块写入文件
for chunk in summary.chunks():
f.write(chunk)
f.close()
f = open(os.path.join("D://electronicDocument/media/documentImg/", image.name), 'wb+')
# 分块写入文件
for chunk in image.chunks():
f.write(chunk)
f.close()
'''
return HttpResponse("上传成功")
else:
# 当请求方法为GET时,生成上传文件的页面
return render(request, 'upload.html')
def file_test(path):
kind = filetype.guess(path)
if kind is None:
print('Cannot guess file type!')
return False
elif kind.extension == 'exe':
print(path + '是PE文件')
return False
else:
return True
from django.shortcuts import render
from django.http import StreamingHttpResponse, FileResponse, HttpResponse
from gmssl import sm2
from index.models import *
from user.models import MyUser
def playView(request, id):
if request.user.username:
uname = request.user.username
this_user = MyUser.objects.get(username=uname).is_secert
else:
this_user = 0
sec = Document.objects.values('Classification').get(id=id)['Classification']
if sec > this_user:
return HttpResponse("非法参数,已报告管理员并记录日志")
if this_user:
# 热搜公文
searchs = Dynamic.objects.select_related('document__label').order_by('-search').all()[:6]
# 相关公文推荐
type = Document.objects.values('type').get(id=id)['type']
relevant = Dynamic.objects.select_related('document').filter(document__type=type).order_by('-plays').all()[:6]
else:
searchs = Dynamic.objects.select_related('document__label').filter(document_id__Classification=this_user).order_by('-search').all()[:6]
type = Document.objects.values('type').get(id=id)['type']
relevant = Dynamic.objects.select_related('document').filter(document__type=type).filter(document_id__Classification=this_user).order_by('-plays').all()[:6]
# 公文信息
documents = Document.objects.get(id=int(id))
# 观看列表
play_list = request.session.get('play_list', [])
exist = False
if play_list:
for i in play_list:
if int(id) == i['id']:
exist = True
if exist == False:
play_list.append({'id': int(id), 'singer': documents.person, 'name': documents.name})
request.session['play_list'] = play_list
# 摘要
if documents.lyrics != '暂无摘要':
lyrics = str(documents.lyrics.url)[1::]
with open(lyrics, 'r', encoding='utf-8') as f:
lyrics = f.read()
# 添加播放次数
# 功能扩展:可使用Session实现每天只添加一次播放次数
p = Dynamic.objects.filter(document_id=int(id)).first()
plays = p.plays + 1 if p else 1
Dynamic.objects.update_or_create(document_id=id, defaults={'plays': plays})
documents = Document.objects.get(id=int(id))
if documents.key:
key_b = documents.key
SM2_PRIVATE_KEY = '00B9AB0B828FF68872F21A837FC303668428DEA11DCD1B24429D0C99E24EED83D5'
SM2_PUBLIC_KEY = 'B9C9A6E04E9C91F7BA880429273747D7EF5DDEB0BB2FF6317EB00BEF331A83081A6994B8993F3F5D6EADDDB81872266C87C018FB4162F5AF347B483E24620207'
sm2_crypt = sm2.CryptSM2(public_key=SM2_PUBLIC_KEY, private_key=SM2_PRIVATE_KEY)
str1_sm2de = sm2_crypt.decrypt(key_b)
str1_m = str(str1_sm2de, encoding="utf8")
print(str1_m)
return render(request, 'play.html', locals())
def downloadView(request, id):
# 添加下载次数
p = Dynamic.objects.filter(document_id=int(id)).first()
download = p.download + 1 if p else 1
Dynamic.objects.update_or_create(document_id=id, defaults={'download': download})
# 读取文件内容
# 根据id查找公文信息
documents = Document.objects.get(id=int(id))
file = documents.file.url[1::]
name = documents.name
def file_iterator(file, chunk_size=512):
with open(file, 'rb') as f:
while True:
c = f.read(chunk_size)
if c:
yield c
else:
break
# 将文件内容写入StreamingHttpResponse对象
# 并以字节流方式返回给用户,实现文件下载
f = name + '.pdf'
response = StreamingHttpResponse(file_iterator(file))
response['Content-Type'] = 'application/octet-stream'
response['Content-Disposition'] = 'attachment; filename="%s"' %(f)
return response
def downloadr(request, id):
documents = Document.objects.get(id=int(id))
file = documents.file.url[1::]
try:
f = open(file, 'rb')
# as_attachment为T则可以下载到本机,为F则不可以下载只能浏览
r = FileResponse(f, as_attachment=False) # 只支持文件输出
return r
except Exception:
return render(request, '404.html')