!39 新增前端登录MD5功能(已使用的用户不建议升级)

新增前端登录MD5功能(已使用的用户不建议升级)

dvadmin-backend/apps/vadmin/permission/serializers.py

@@ -1,3 +1,5 @@
+import hashlib
+
 from django.contrib.auth import get_user_model
 from rest_framework import serializers
 
@@ -300,7 +302,8 @@ class UserProfileImportSerializer(CustomModelSerializer):
 
     def save(self, **kwargs):
         data = super().save(**kwargs)
-        data.set_password(self.initial_data.get('password', None))
+        password = hashlib.new('md5', self.initial_data.get('password', '').encode(encoding='UTF-8')).hexdigest()
+        data.set_password(password)
         data.save()
         return data
 

dvadmin-backend/apps/vadmin/scripts/permission/permission_userprofile.sql

@@ -33,8 +33,8 @@
 -- ----------------------------
 -- Records of permission_userprofile
 -- ----------------------------
-INSERT INTO `permission_userprofile` (id, password, last_login, is_superuser, first_name, last_name, is_staff, is_active, date_joined, username, secret, email, mobile, avatar, name, gender, remark, user_type, create_datetime, update_datetime, dept_id, dept_belong_id, creator_id) VALUES (1, 'pbkdf2_sha256$150000$OjTMSXJgkzrE$jEQCjWbIbXwpN4k2z0o8Yvou1UQGuoJALyL/kGDZFd4=', '2021-02-27 06:20:28.214775', 1, '', '', 1, 1, '2021-02-27 06:20:09.188689', 'admin', '3704adf3-380f-4c27-a8da-60420e8cb4ab', 'admin@qq.com', NULL, NULL, '管理员', '2', '1', 2, '2021-02-27 06:20:09.263192', '2021-02-27 09:14:30.009998', 1, 1, 1);
-INSERT INTO `permission_userprofile` (id, password, last_login, is_superuser, first_name, last_name, is_staff, is_active, date_joined, username, secret, email, mobile, avatar, name, gender, remark, user_type, create_datetime, update_datetime, dept_id, dept_belong_id, creator_id) VALUES (2, 'pbkdf2_sha256$150000$5Z9LSi7LpNms$xVguE/dOEpI4D95LjSaKm0xzG7vNSopUolANr8f/6/E=', NULL, 0, '', '', 0, 1, '2021-03-03 15:38:27.009893', 'dvadmin', 'b4c5d79a-f01c-4244-92f8-b5288eca1d50', NULL, NULL, NULL, '普通用户', '2', NULL, 0, '2021-03-03 15:38:27.010771', '2021-03-03 15:38:27.086069', 1, 1, 1);
+INSERT INTO `permission_userprofile` (id, password, last_login, is_superuser, first_name, last_name, is_staff, is_active, date_joined, username, secret, email, mobile, avatar, name, gender, remark, user_type, create_datetime, update_datetime, dept_id, dept_belong_id, creator_id) VALUES (1, 'pbkdf2_sha256$150000$X0RG2idBumnn$TaMaXFquGzyDtytL3ofZG/sSN+1VR521A9xLkUPxYI4=', '2021-02-27 06:20:28.214775', 1, '', '', 1, 1, '2021-02-27 06:20:09.188689', 'admin', '3704adf3-380f-4c27-a8da-60420e8cb4ab', 'admin@qq.com', NULL, NULL, '管理员', '2', '1', 2, '2021-02-27 06:20:09.263192', '2021-02-27 09:14:30.009998', 1, 1, 1);
+INSERT INTO `permission_userprofile` (id, password, last_login, is_superuser, first_name, last_name, is_staff, is_active, date_joined, username, secret, email, mobile, avatar, name, gender, remark, user_type, create_datetime, update_datetime, dept_id, dept_belong_id, creator_id) VALUES (2, 'pbkdf2_sha256$150000$vWY1VIn7rEJz$qq2iiADgcGumy9kNU1FSBhktcimaudYICviCcOKzfKY=', NULL, 0, '', '', 0, 1, '2021-03-03 15:38:27.009893', 'dvadmin', 'b4c5d79a-f01c-4244-92f8-b5288eca1d50', NULL, NULL, NULL, '普通用户', '2', NULL, 0, '2021-03-03 15:38:27.010771', '2021-03-03 15:38:27.086069', 1, 1, 1);
 -- ----------------------------
 -- Table structure for permission_userprofile_post
 -- ----------------------------

dvadmin-ui/package.json

@@ -49,6 +49,7 @@
     "highlight.js": "9.18.5",
     "js-beautify": "1.13.0",
     "js-cookie": "2.2.1",
+    "js-md5": "^0.7.3",
     "jsencrypt": "3.0.0-rc.1",
     "lodash": "^4.17.21",
     "moment": "^2.29.1",

dvadmin-ui/src/components/ModelDisplay/index.vue

@@ -320,6 +320,7 @@
             :precision="value.precision || 0"
             :step="value.step || 1"
             :max="value.step || Infinity"
+            :min="value.min || Infinity"
           />
           <dept-tree
             v-else-if="value.type==='depts'"

dvadmin-ui/src/views/login.vue

@@ -61,6 +61,7 @@
 import { getCodeImg } from "@/api/vadmin/login";
 import Cookies from "js-cookie";
 import { decrypt, encrypt } from "@/utils/jsencrypt";
+import md5 from "js-md5";
 
 export default {
   name: "Login",
@@ -131,7 +132,9 @@ export default {
             Cookies.remove("password");
             Cookies.remove("rememberMe");
           }
-          this.$store.dispatch("Login", this.loginForm).then(() => {
+          const loginForm = JSON.parse(JSON.stringify(this.loginForm));
+          loginForm.password = md5(loginForm.password);
+          this.$store.dispatch("Login", loginForm).then(() => {
             this.$router.push({ path: this.redirect || "/" }).catch(() => {});
           }).catch(() => {
             this.loading = false;

dvadmin-ui/src/views/vadmin/permission/user/index.vue

@@ -421,6 +421,7 @@ import { getToken } from "@/utils/auth";
 import { treeselect } from "@/api/vadmin/permission/dept";
 import Treeselect from "@riophae/vue-treeselect";
 import "@riophae/vue-treeselect/dist/vue-treeselect.css";
+import md5 from "js-md5";
 
 export default {
   name: "User",
@@ -667,7 +668,7 @@ export default {
         confirmButtonText: "确定",
         cancelButtonText: "取消"
       }).then(({ value }) => {
-        resetUserPwd(row.id, value).then(response => {
+        resetUserPwd(row.id, md5(value)).then(response => {
           this.msgSuccess("修改成功，新密码是：" + value);
         });
       }).catch(() => {

dvadmin-ui/src/views/vadmin/permission/user/profile/resetPwd.vue

@@ -18,6 +18,7 @@
 
 <script>
 import { updateUserPwd } from "@/api/vadmin/permission/user";
+import md5 from "js-md5";
 
 export default {
   data() {
@@ -55,7 +56,9 @@ export default {
     submit() {
       this.$refs["form"].validate(valid => {
         if (valid) {
-          updateUserPwd(this.user.oldPassword, this.user.newPassword).then(
+          const oldPassword = md5(this.user.oldPassword);
+          const newPassword = md5(this.user.newPassword);
+          updateUserPwd(oldPassword, newPassword).then(
             response => {
               this.msgSuccess("修改成功");
             }