diff --git a/apps/i18n/zh/LC_MESSAGES/django.mo b/apps/i18n/zh/LC_MESSAGES/django.mo index 21cce3fc3..543ddd907 100644 Binary files a/apps/i18n/zh/LC_MESSAGES/django.mo and b/apps/i18n/zh/LC_MESSAGES/django.mo differ diff --git a/apps/i18n/zh/LC_MESSAGES/django.po b/apps/i18n/zh/LC_MESSAGES/django.po index 5d415863a..7f5586b2b 100644 --- a/apps/i18n/zh/LC_MESSAGES/django.po +++ b/apps/i18n/zh/LC_MESSAGES/django.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: Jumpserver 0.3.3\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2018-04-18 20:14+0800\n" +"POT-Creation-Date: 2018-04-19 12:44+0800\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: ibuler \n" "Language-Team: Jumpserver team\n" @@ -173,7 +173,7 @@ msgstr "密码或密钥密码" #: users/templates/users/login.html:59 #: users/templates/users/reset_password.html:52 #: users/templates/users/user_create.html:11 -#: users/templates/users/user_password_authentication.html:13 +#: users/templates/users/user_password_authentication.html:14 #: users/templates/users/user_password_update.html:40 #: users/templates/users/user_profile_update.html:40 #: users/templates/users/user_pubkey_update.html:40 @@ -1916,7 +1916,7 @@ msgstr "关闭" #: templates/_nav.html:10 users/views/group.py:28 users/views/group.py:44 #: users/views/group.py:62 users/views/group.py:79 users/views/group.py:95 -#: users/views/login.py:240 users/views/login.py:289 users/views/user.py:64 +#: users/views/login.py:241 users/views/login.py:290 users/views/user.py:64 #: users/views/user.py:79 users/views/user.py:99 users/views/user.py:155 #: users/views/user.py:310 users/views/user.py:357 users/views/user.py:379 msgid "Users" @@ -2417,9 +2417,9 @@ msgstr "上一步" #: users/templates/users/first_login.html:60 #: users/templates/users/login_otp.html:66 #: users/templates/users/user_otp_authentication.html:22 -#: users/templates/users/user_otp_enable_bind.html:25 +#: users/templates/users/user_otp_enable_bind.html:19 #: users/templates/users/user_otp_enable_install_app.html:22 -#: users/templates/users/user_password_authentication.html:21 +#: users/templates/users/user_password_authentication.html:17 msgid "Next" msgstr "下一步" @@ -2462,13 +2462,13 @@ msgstr "" #: users/templates/users/login_otp.html:64 #: users/templates/users/user_otp_authentication.html:19 -#: users/templates/users/user_otp_enable_bind.html:18 +#: users/templates/users/user_otp_enable_bind.html:16 msgid "Six figures" msgstr "6位数字" #: users/templates/users/login_otp.html:69 -msgid "Can't provide security? Please contact the administrator" -msgstr "如果不能提供OTP码,请联系管理员" +msgid "Can't provide security? Please contact the administrator!" +msgstr "如果不能提供OTP验证码,请联系管理员!" #: users/templates/users/reset_password.html:45 #: users/templates/users/user_detail.html:343 users/utils.py:72 @@ -2816,52 +2816,52 @@ msgstr "用户组授权资产" msgid "Please enable cookies and try again." msgstr "设置你的浏览器支持cookie" -#: users/views/login.py:106 users/views/user.py:460 users/views/user.py:485 +#: users/views/login.py:107 users/views/user.py:479 users/views/user.py:507 msgid "Otp code invalid" msgstr "otp码认证失败" -#: users/views/login.py:132 +#: users/views/login.py:133 msgid "Logout success" msgstr "退出登录成功" -#: users/views/login.py:133 +#: users/views/login.py:134 msgid "Logout success, return login page" msgstr "退出登录成功,返回到登录页面" -#: users/views/login.py:149 +#: users/views/login.py:150 msgid "Email address invalid, please input again" msgstr "邮箱地址错误,重新输入" -#: users/views/login.py:162 +#: users/views/login.py:163 msgid "Send reset password message" msgstr "发送重置密码邮件" -#: users/views/login.py:163 +#: users/views/login.py:164 msgid "Send reset password mail success, login your mail box and follow it " msgstr "" "发送重置邮件成功, 请登录邮箱查看, 按照提示操作 (如果没收到,请等待3-5分钟)" -#: users/views/login.py:177 +#: users/views/login.py:178 msgid "Reset password success" msgstr "重置密码成功" -#: users/views/login.py:178 +#: users/views/login.py:179 msgid "Reset password success, return to login page" msgstr "重置密码成功,返回到登录页面" -#: users/views/login.py:195 users/views/login.py:208 +#: users/views/login.py:196 users/views/login.py:209 msgid "Token invalid or expired" msgstr "Token错误或失效" -#: users/views/login.py:204 +#: users/views/login.py:205 msgid "Password not same" msgstr "密码不一致" -#: users/views/login.py:240 +#: users/views/login.py:241 msgid "First login" msgstr "首次登陆" -#: users/views/login.py:290 +#: users/views/login.py:291 msgid "Login log list" msgstr "登录日志" @@ -2889,23 +2889,23 @@ msgstr "密码更新" msgid "Public key update" msgstr "密钥更新" -#: users/views/user.py:419 +#: users/views/user.py:430 msgid "Password invalid" msgstr "用户名或密码无效" -#: users/views/user.py:512 +#: users/views/user.py:535 msgid "OTP enable success" msgstr "OTP 绑定成功" -#: users/views/user.py:513 +#: users/views/user.py:536 msgid "OTP enable success, return login page" msgstr "OTP 绑定成功,返回到登录页面" -#: users/views/user.py:515 +#: users/views/user.py:538 msgid "OTP disable success" msgstr "OTP 解绑成功" -#: users/views/user.py:516 +#: users/views/user.py:539 msgid "OTP disable success, return login page" msgstr "OTP 解绑成功,返回登录页面" diff --git a/apps/users/templates/users/login_otp.html b/apps/users/templates/users/login_otp.html index 80f5dc429..de201ce8c 100644 --- a/apps/users/templates/users/login_otp.html +++ b/apps/users/templates/users/login_otp.html @@ -51,7 +51,7 @@
-

请在手机中打开Google Authenticator应用,输入6位动态码

+

 请打开手机Google Authenticator应用,输入6位动态码

@@ -66,7 +66,7 @@ - {% trans "Can't provide otp code? Please contact the administrator" %} + {% trans "Can't provide security? Please contact the administrator!" %}
diff --git a/apps/users/utils.py b/apps/users/utils.py index 94368e0c7..0ccba92be 100644 --- a/apps/users/utils.py +++ b/apps/users/utils.py @@ -9,6 +9,7 @@ import uuid import requests import ipaddress +from django.http import Http404 from django.conf import settings from django.contrib.auth.mixins import UserPassesTestMixin from django.contrib.auth import authenticate, login as auth_login @@ -224,14 +225,26 @@ def get_ip_city(ip, timeout=10): return city -def get_tmp_user_from_session(request): - user_id = request.session.get('tmp_user_id') - user = get_object_or_none(User, pk=user_id) +def get_user_or_tmp_user(request): + user = request.user + tmp_user = get_tmp_user_from_cache(request) + if user.is_authenticated: + return user + elif tmp_user: + return tmp_user + else: + raise Http404("Not found this user") + + +def get_tmp_user_from_cache(request): + if not request.session.session_key: + return None + user = cache.get(request.session.session_key+'user') return user -def set_tmp_user_to_session(request, user): - request.session['tmp_user_id'] = str(user.id) +def set_tmp_user_to_cache(request, user): + cache.set(request.session.session_key+'user', user, 600) def redirect_user_first_login_or_index(request, redirect_field_name): @@ -243,10 +256,7 @@ def redirect_user_first_login_or_index(request, redirect_field_name): def generate_otp_uri(request, issuer="Jumpserver"): - if request.user.is_authenticated: - user = request.user - else: - user = get_tmp_user_from_session(request) + user = get_user_or_tmp_user(request) otp_secret_key = cache.get(request.session.session_key+'otp_key', '') if not otp_secret_key: otp_secret_key = base64.b32encode(os.urandom(10)).decode('utf-8') diff --git a/apps/users/views/login.py b/apps/users/views/login.py index d7a98e174..376a93139 100644 --- a/apps/users/views/login.py +++ b/apps/users/views/login.py @@ -24,7 +24,7 @@ from common.utils import get_object_or_none from common.mixins import DatetimeSearchMixin, AdminUserRequiredMixin from ..models import User, LoginLog from ..utils import send_reset_password_mail, check_otp_code, get_login_ip, redirect_user_first_login_or_index, \ - get_tmp_user_from_session, set_tmp_user_to_session + get_user_or_tmp_user, set_tmp_user_to_cache from ..tasks import write_login_log_async from .. import forms @@ -55,11 +55,11 @@ class UserLoginView(FormView): if not self.request.session.test_cookie_worked(): return HttpResponse(_("Please enable cookies and try again.")) - set_tmp_user_to_session(self.request, form.get_user()) + set_tmp_user_to_cache(self.request, form.get_user()) return redirect(self.get_success_url()) def get_success_url(self): - user = get_tmp_user_from_session(self.request) + user = get_user_or_tmp_user(self.request) if user.otp_enabled and user.otp_secret_key: # 1,2 & T @@ -95,7 +95,7 @@ class UserLoginOtpView(FormView): redirect_field_name = 'next' def form_valid(self, form): - user = get_tmp_user_from_session(self.request) + user = get_user_or_tmp_user(self.request) otp_code = form.cleaned_data.get('otp_code') otp_secret_key = user.otp_secret_key diff --git a/apps/users/views/user.py b/apps/users/views/user.py index 99c45b19c..c6a882705 100644 --- a/apps/users/views/user.py +++ b/apps/users/views/user.py @@ -35,7 +35,7 @@ from common.mixins import JSONResponseMixin from common.utils import get_logger, get_object_or_none, is_uuid, ssh_key_gen from .. import forms from ..models import User, UserGroup -from ..utils import AdminUserRequiredMixin, generate_otp_uri, check_otp_code, get_tmp_user_from_session +from ..utils import AdminUserRequiredMixin, generate_otp_uri, check_otp_code, get_user_or_tmp_user from ..signals import post_user_create from ..tasks import write_login_log_async @@ -400,19 +400,13 @@ class UserOtpEnableAuthenticationView(FormView): form_class = forms.UserCheckPasswordForm def get_form(self, form_class=None): - if self.request.user.is_authenticated: - user = self.request.user - else: - user = get_tmp_user_from_session(self.request) + user = get_user_or_tmp_user(self.request) form = super().get_form(form_class=form_class) form['username'].initial = user.username return form def get_context_data(self, **kwargs): - if self.request.user.is_authenticated: - user = self.request.user - else: - user = get_tmp_user_from_session(self.request) + user = get_user_or_tmp_user(self.request) context = { 'user': user } @@ -420,10 +414,7 @@ class UserOtpEnableAuthenticationView(FormView): return super().get_context_data(**kwargs) def form_valid(self, form): - if self.request.user.is_authenticated: - user = self.request.user - else: - user = get_tmp_user_from_session(self.request) + user = get_user_or_tmp_user(self.request) password = form.cleaned_data.get('password') user = authenticate(username=user.username, password=password) if not user: @@ -439,10 +430,7 @@ class UserOtpEnableInstallAppView(TemplateView): template_name = 'users/user_otp_enable_install_app.html' def get_context_data(self, **kwargs): - if self.request.user.is_authenticated: - user = self.request.user - else: - user = get_tmp_user_from_session(self.request) + user = get_user_or_tmp_user(self.request) context = { 'user': user } @@ -456,10 +444,7 @@ class UserOtpEnableBindView(TemplateView, FormView): success_url = reverse_lazy('users:user-otp-settings-success') def get_context_data(self, **kwargs): - if self.request.user.is_authenticated: - user = self.request.user - else: - user = get_tmp_user_from_session(self.request) + user = get_user_or_tmp_user(self.request) context = { 'otp_uri': generate_otp_uri(self.request), 'user': user @@ -480,10 +465,7 @@ class UserOtpEnableBindView(TemplateView, FormView): return self.form_invalid(form) def save_otp(self, otp_secret_key): - if self.request.user.is_authenticated: - user = self.request.user - else: - user = get_tmp_user_from_session(self.request) + user = get_user_or_tmp_user(self.request) user.enable_otp() user.otp_secret_key = otp_secret_key user.save() @@ -527,11 +509,9 @@ class UserOtpSettingsSuccessView(TemplateView): return super().get_context_data(**kwargs) def get_title_describe(self): + user = get_user_or_tmp_user(self.request) if self.request.user.is_authenticated: - user = self.request.user auth_logout(self.request) - else: - user = get_tmp_user_from_session(self.request) title = _('OTP enable success') describe = _('OTP enable success, return login page') if not user.otp_enabled: