diff --git a/apps/assets/models/base.py b/apps/assets/models/base.py index 094f029bc..9fd4836f7 100644 --- a/apps/assets/models/base.py +++ b/apps/assets/models/base.py @@ -11,7 +11,7 @@ from django.db import models from django.utils.translation import ugettext_lazy as _ from django.conf import settings -from common.utils.common import timeit +from common.utils import random_string from common.utils import ( ssh_key_string_to_obj, ssh_key_gen, get_logger, lazyproperty ) @@ -205,8 +205,8 @@ class AuthMixin: self.save() @staticmethod - def gen_password(): - return str(uuid.uuid4()) + def gen_password(length=36): + return random_string(length, special_char=True) @staticmethod def gen_key(username): diff --git a/apps/common/utils/__init__.py b/apps/common/utils/__init__.py index 01850f0cf..8b4576221 100644 --- a/apps/common/utils/__init__.py +++ b/apps/common/utils/__init__.py @@ -7,3 +7,4 @@ from .encode import * from .http import * from .ipip import * from .crypto import * +from .random import * diff --git a/apps/common/utils/common.py b/apps/common/utils/common.py index f9c488e18..d1ecf8579 100644 --- a/apps/common/utils/common.py +++ b/apps/common/utils/common.py @@ -7,6 +7,8 @@ import logging import datetime import uuid from functools import wraps +import string +import random import time import ipaddress import psutil @@ -191,14 +193,6 @@ def with_cache(func): return wrapper -def random_string(length): - import string - import random - charset = string.ascii_letters + string.digits - s = [random.choice(charset) for i in range(length)] - return ''.join(s) - - logger = get_logger(__name__) diff --git a/apps/common/utils/random.py b/apps/common/utils/random.py index f32147b6d..055966947 100644 --- a/apps/common/utils/random.py +++ b/apps/common/utils/random.py @@ -1,8 +1,13 @@ # -*- coding: utf-8 -*- # -import socket import struct import random +import socket +import string +import secrets + + +string_punctuation = '!#$%&()*+,-.:;<=>?@[]^_{}~' def random_datetime(date_start, date_end): @@ -14,6 +19,29 @@ def random_ip(): return socket.inet_ntoa(struct.pack('>I', random.randint(1, 0xffffffff))) +def random_string(length, lower=True, upper=True, digit=True, special_char=False): + chars = string.ascii_letters + if digit: + chars += string.digits + + while True: + password = list(random.choice(chars) for i in range(length)) + if upper and not any(c.upper() for c in password): + continue + if lower and not any(c.lower() for c in password): + continue + if digit and not any(c.isdigit() for c in password): + continue + break + + if special_char: + spc = random.choice(string_punctuation) + i = random.choice(range(len(password))) + password[i] = spc + + password = ''.join(password) + return password + # def strTimeProp(start, end, prop, fmt): # time_start = time.mktime(time.strptime(start, fmt)) diff --git a/apps/users/models/user.py b/apps/users/models/user.py index b3b4e9d1c..50099253d 100644 --- a/apps/users/models/user.py +++ b/apps/users/models/user.py @@ -18,7 +18,7 @@ from django.shortcuts import reverse from orgs.utils import current_org from orgs.models import OrganizationMember, Organization -from common.utils import date_expired_default, get_logger, lazyproperty +from common.utils import date_expired_default, get_logger, lazyproperty, random_string from common import fields from common.const import choices from common.db.models import ChoiceSet @@ -387,7 +387,7 @@ class TokenMixin: cache_key = '%s_%s' % (self.id, remote_addr) token = cache.get(cache_key) if not token: - token = uuid.uuid4().hex + token = random_string(36) cache.set(token, self.id, expiration) cache.set('%s_%s' % (self.id, remote_addr), token, expiration) date_expired = timezone.now() + timezone.timedelta(seconds=expiration)