Blame - ptstation-register/backend/send_code_server.py - G3Backend

blob: c45859daf8e1c6dd71a5415412c67b856af5a50f [file] [log] [blame]

22301110	e361be5	2025-06-08 15:24:14 +0800	[diff] [blame]	1	from flask import Flask, request, jsonify
				2	from flask_cors import CORS
				3	from smtplib import SMTP_SSL
				4	from email.mime.text import MIMEText
				5	import random, datetime
				6	import bcrypt
				7	import mysql.connector
				8
				9	# Flask & CORS
				10	app = Flask(__name__)
				11	CORS(app)
				12
				13	# 邮箱配置
				14	SMTP_SERVER = 'smtp.qq.com'
				15	EMAIL_ADDRESS = '3534185780@qq.com'
				16	EMAIL_AUTH_CODE = 'slcsbwtrwitbcjic'
				17
				18	# 数据库配置
				19	DB_CONFIG = {
				20	'host': '49.233.215.144',
				21	'port': 3306,
				22	'user': 'sy',
				23	'password': 'sy_password',
				24	'database': 'pt_station'
				25	}
				26
				27
				28	# === 发送验证码接口 ===
				29	@app.route('/send-code', methods=['POST'])
				30	def send_code():
				31	data = request.get_json()
				32	to_email = data.get('email')
				33
				34	if not to_email:
				35	return jsonify({"success": False, "message": "缺少邮箱"}), 400
				36
				37	code = str(random.randint(100000, 999999))
				38	msg = MIMEText(f"欢迎注册PTStation，您的验证码是：{code}（有效期5分钟）")
				39	msg['Subject'] = '您的验证码'
				40	msg['From'] = EMAIL_ADDRESS
				41	msg['To'] = to_email
				42
				43	try:
				44	# 发送邮件
				45	with SMTP_SSL(SMTP_SERVER, 465) as smtp:
				46	smtp.login(EMAIL_ADDRESS, EMAIL_AUTH_CODE)
				47	smtp.send_message(msg)
				48	smtp.quit()
				49	# 存入数据库
				50	conn = mysql.connector.connect(**DB_CONFIG)
				51	cursor = conn.cursor()
				52	sql = "INSERT INTO email_verification (email, code, created_at) VALUES (%s, %s, NOW())"
				53	cursor.execute(sql, (to_email, code))
				54	conn.commit()
				55	cursor.close()
				56	conn.close()
				57
				58	return jsonify({"success": True})
				59	except Exception as e:
				60	print("发送失败：", e)
				61	return jsonify({"success": False, "message": f"邮件发送失败：{e}"}), 500
				62
				63
				64	# === 注册接口 ===
				65	@app.route('/register', methods=['POST'])
				66	def register():
				67	data = request.get_json()
				68	email = data.get('email')
				69	password = data.get('password') # 可以保留做哈希后传给支付回调存库
				70	code = data.get('code')
				71
				72	if not all([email, password, code]):
				73	return jsonify({"success": False, "message": "缺少参数"}), 400
				74
				75	try:
				76	conn = mysql.connector.connect(**DB_CONFIG)
				77	cursor = conn.cursor(dictionary=True)
				78
				79	# 1. 验证验证码是否有效（5分钟内）
				80	cursor.execute("""
				81	SELECT * FROM email_verification
				82	WHERE email = %s AND code = %s AND created_at > NOW() - INTERVAL 5 MINUTE
				83	ORDER BY created_at DESC LIMIT 1
				84	""", (email, code))
				85	result = cursor.fetchone()
				86
				87	if not result:
				88	return jsonify({"success": False, "message": "验证码无效或已过期"}), 400
				89
				90	# 2. 检查邮箱是否已注册
				91	cursor.execute("SELECT user_id FROM sys_user WHERE email = %s", (email,))
				92	if cursor.fetchone():
				93	return jsonify({"success": False, "message": "该邮箱已注册"}), 400
				94
				95	# ⚠️ 不再插入数据库，只返回验证通过
				96	return jsonify({"success": True, "message": "验证通过"})
				97
				98	except Exception as e:
				99	print("注册失败：", e)
				100	return jsonify({"success": False, "message": f"注册失败：{e}"}), 500
				101	finally:
				102	cursor.close()
				103	conn.close()
				104
				105
				106
				107	@app.route('/reset-password', methods=['POST'])
				108	def reset_password():
				109	data = request.get_json()
				110	email = data.get('email')
				111	code = data.get('code')
				112	new_password = data.get('newPassword')
				113
				114	if not all([email, code, new_password]):
				115	return jsonify({"success": False, "message": "参数缺失"}), 400
				116
				117	try:
				118	conn = mysql.connector.connect(**DB_CONFIG)
				119	cursor = conn.cursor()
				120
				121	# 验证验证码是否正确且在有效期内
				122	cursor.execute("""
				123	SELECT * FROM email_verification
				124	WHERE email = %s AND code = %s
				125	AND created_at > NOW() - INTERVAL 5 MINUTE
				126	ORDER BY created_at DESC LIMIT 1
				127	""", (email, code))
				128	result = cursor.fetchone()
				129
				130	if not result:
				131	return jsonify({"success": False, "message": "验证码错误或已过期"}), 400
				132
				133	# 加密密码
				134	import bcrypt
				135	hashed_pwd = bcrypt.hashpw(new_password.encode(), bcrypt.gensalt()).decode()
				136
				137	# 检查用户是否存在
				138	cursor.execute("SELECT user_id FROM sys_user WHERE email = %s", (email,))
				139	user = cursor.fetchone()
				140	if not user:
				141	return jsonify({"success": False, "message": "用户不存在"}), 404
				142
				143	# 更新密码
				144	cursor.execute("""
				145	UPDATE sys_user
				146	SET password = %s
				147	WHERE email = %s
				148	""", (hashed_pwd, email))
				149
				150	conn.commit()
				151	return jsonify({"success": True, "message": "密码已重置"})
				152
				153	except Exception as e:
				154	print("重置失败：", e)
				155	return jsonify({"success": False, "message": f"服务器异常：{e}"}), 500
				156
				157	finally:
				158	if cursor:
				159	cursor.close()
				160	if conn:
				161	conn.close()
				162
				163
				164
				165	if __name__ == '__main__':
				166	app.run(port=3001, debug=True)