U 加强账户密码策略

pull/494/head
vapao 2022-05-22 20:49:08 +08:00
parent 7d4a49f694
commit 7902dcd636
5 changed files with 23 additions and 6 deletions

View File

@ -2,6 +2,7 @@
# Copyright: (c) <spug.dev@gmail.com>
# Released under the AGPL-3.0 License.
from apps.host.models import Group
import re
def get_host_perms(user):
@ -19,3 +20,11 @@ def has_host_perm(user, target):
if isinstance(target, (list, set, tuple)):
return set(target).issubset(host_ids)
return int(target) in host_ids
def verify_password(password):
if len(password) < 8:
return False
if not all(map(lambda x: re.findall(x, password), ['[0-9]', '[a-z]', '[A-Z]'])):
return False
return True

View File

@ -8,6 +8,7 @@ from libs.utils import get_request_real_ip, generate_random_str
from libs.spug import send_login_wx_code
from apps.account.models import User, Role, History
from apps.setting.utils import AppSetting
from apps.account.utils import verify_password
from libs.ldap import LDAP
import ipaddress
import time
@ -40,6 +41,9 @@ class UserView(AdminView):
return json_response(error=f'已存在登录名为【{form.username}】的用户')
role_ids, password = form.pop('role_ids'), form.pop('password')
if not verify_password(password):
return json_response(error='请设置至少8位包含数字、小写和大写字母的新密码')
if form.id:
user = User.objects.get(pk=form.id)
user.update_by_dict(form)
@ -62,6 +66,8 @@ class UserView(AdminView):
if error is None:
user = User.objects.get(pk=form.id)
if form.password:
if not verify_password(form.password):
return json_response(error='请设置至少8位包含数字、小写和大写字母的新密码')
user.token_expired = 0
user.password_hash = User.make_password(form.pop('password'))
if form.is_active is not None:
@ -157,8 +163,10 @@ class SelfView(View):
if form.old_password and form.new_password:
if request.user.type == 'ldap':
return json_response(error='LDAP账户无法修改密码')
if len(form.new_password) < 6:
return json_response(error='请设置至少6位的新密码')
if not verify_password(form.new_password):
return json_response(error='请设置至少8位包含数字、小写和大写字母的新密码')
if request.user.verify_password(form.old_password):
request.user.password_hash = User.make_password(form.new_password)
request.user.token_expired = 0

View File

@ -49,8 +49,8 @@ export default observer(function () {
<Form.Item required name="nickname" label="姓名">
<Input placeholder="请输入姓名"/>
</Form.Item>
<Form.Item required hidden={store.record.id} name="password" label="密码">
<Input type="password" placeholder="请输入密码"/>
<Form.Item required hidden={store.record.id} name="password" label="密码" extra="至少8位包含数字、小写和大写字母。">
<Input.Password placeholder="请输入密码"/>
</Form.Item>
<Form.Item hidden={store.record.is_supper} label="角色" style={{marginBottom: 0}}>
<Form.Item name="role_ids" style={{display: 'inline-block', width: '80%'}} extra="权限最大化原则,组合多个角色权限。">

View File

@ -67,7 +67,7 @@ class ComTable extends React.Component {
icon: <ExclamationCircleOutlined/>,
title: '重置登录密码',
content: <Form layout="vertical" style={{marginTop: 24}}>
<Form.Item required label="重置后的新密码">
<Form.Item required label="重置后的新密码" extra="至少8位包含数字、小写和大写字母。">
<Input.Password onChange={val => this.setState({password: val.target.value})}/>
</Form.Item>
</Form>,

View File

@ -41,7 +41,7 @@ export default function Reset(props) {
<Form.Item required label="原密码">
<Input.Password value={old_password} placeholder="请输入" onChange={e => setOldPassword(e.target.value)}/>
</Form.Item>
<Form.Item required label="新密码">
<Form.Item required label="新密码" extra="至少8位包含数字、小写和大写字母。">
<Input.Password value={new_password} placeholder="请输入" onChange={e => setNewPassword(e.target.value)}/>
</Form.Item>
<Form.Item required label="再次确认">