github
/
spug
mirror of https://github.com/openspug/spug
1
0
Fork 0
Code Issues Releases Wiki Activity

U 加强账户密码策略

pull/494/head
vapao 2022-05-22 20:49:08 +08:00
parent 7d4a49f694
commit 7902dcd636
5 changed files with 23 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
spug_api/apps/account/utils.py
View File

@ -2,6 +2,7 @@
# Copyright: (c) <spug.dev@gmail.com> # Copyright: (c) <spug.dev@gmail.com>
# Released under the AGPL-3.0 License. # Released under the AGPL-3.0 License.
from apps.host.models import Group from apps.host.models import Group
import re
def get_host_perms(user): def get_host_perms(user):
@ -19,3 +20,11 @@ def has_host_perm(user, target):
if isinstance(target, (list, set, tuple)): if isinstance(target, (list, set, tuple)):
return set(target).issubset(host_ids) return set(target).issubset(host_ids)
return int(target) in host_ids return int(target) in host_ids
def verify_password(password):
if len(password) < 8:
return False
if not all(map(lambda x: re.findall(x, password), ['[0-9]', '[a-z]', '[A-Z]'])):
return False
return True

12
spug_api/apps/account/views.py
View File

@ -8,6 +8,7 @@ from libs.utils import get_request_real_ip, generate_random_str
from libs.spug import send_login_wx_code from libs.spug import send_login_wx_code
from apps.account.models import User, Role, History from apps.account.models import User, Role, History
from apps.setting.utils import AppSetting from apps.setting.utils import AppSetting
from apps.account.utils import verify_password
from libs.ldap import LDAP from libs.ldap import LDAP
import ipaddress import ipaddress
import time import time
@ -40,6 +41,9 @@ class UserView(AdminView):
return json_response(error=f'已存在登录名为【{form.username}】的用户') return json_response(error=f'已存在登录名为【{form.username}】的用户')
role_ids, password = form.pop('role_ids'), form.pop('password') role_ids, password = form.pop('role_ids'), form.pop('password')
if not verify_password(password):
return json_response(error='请设置至少8位包含数字、小写和大写字母的新密码')
if form.id: if form.id:
user = User.objects.get(pk=form.id) user = User.objects.get(pk=form.id)
user.update_by_dict(form) user.update_by_dict(form)
@ -62,6 +66,8 @@ class UserView(AdminView):
if error is None: if error is None:
user = User.objects.get(pk=form.id) user = User.objects.get(pk=form.id)
if form.password: if form.password:
if not verify_password(form.password):
return json_response(error='请设置至少8位包含数字、小写和大写字母的新密码')
user.token_expired = 0 user.token_expired = 0
user.password_hash = User.make_password(form.pop('password')) user.password_hash = User.make_password(form.pop('password'))
if form.is_active is not None: if form.is_active is not None:
@ -157,8 +163,10 @@ class SelfView(View):
if form.old_password and form.new_password: if form.old_password and form.new_password:
if request.user.type == 'ldap': if request.user.type == 'ldap':
return json_response(error='LDAP账户无法修改密码') return json_response(error='LDAP账户无法修改密码')
if len(form.new_password) < 6:
return json_response(error='请设置至少6位的新密码') if not verify_password(form.new_password):
return json_response(error='请设置至少8位包含数字、小写和大写字母的新密码')
if request.user.verify_password(form.old_password): if request.user.verify_password(form.old_password):
request.user.password_hash = User.make_password(form.new_password) request.user.password_hash = User.make_password(form.new_password)
request.user.token_expired = 0 request.user.token_expired = 0

4
spug_web/src/pages/system/account/Form.js
View File

@ -49,8 +49,8 @@ export default observer(function () {
<Form.Item required name="nickname" label="姓名"> <Form.Item required name="nickname" label="姓名">
<Input placeholder="请输入姓名"/> <Input placeholder="请输入姓名"/>
</Form.Item> </Form.Item>
<Form.Item required hidden={store.record.id} name="password" label="密码"> <Form.Item required hidden={store.record.id} name="password" label="密码" extra="至少8位包含数字、小写和大写字母。">
<Input type="password" placeholder="请输入密码"/> <Input.Password placeholder="请输入密码"/>
</Form.Item> </Form.Item>
<Form.Item hidden={store.record.is_supper} label="角色" style={{marginBottom: 0}}> <Form.Item hidden={store.record.is_supper} label="角色" style={{marginBottom: 0}}>
<Form.Item name="role_ids" style={{display: 'inline-block', width: '80%'}} extra="权限最大化原则,组合多个角色权限。"> <Form.Item name="role_ids" style={{display: 'inline-block', width: '80%'}} extra="权限最大化原则,组合多个角色权限。">

2
spug_web/src/pages/system/account/Table.js
View File

@ -67,7 +67,7 @@ class ComTable extends React.Component {
icon: <ExclamationCircleOutlined/>, icon: <ExclamationCircleOutlined/>,
title: '重置登录密码', title: '重置登录密码',
content: <Form layout="vertical" style={{marginTop: 24}}> content: <Form layout="vertical" style={{marginTop: 24}}>
<Form.Item required label="重置后的新密码"> <Form.Item required label="重置后的新密码" extra="至少8位包含数字、小写和大写字母。">
<Input.Password onChange={val => this.setState({password: val.target.value})}/> <Input.Password onChange={val => this.setState({password: val.target.value})}/>
</Form.Item> </Form.Item>
</Form>, </Form>,

2
spug_web/src/pages/welcome/info/Reset.js
View File

@ -41,7 +41,7 @@ export default function Reset(props) {
<Form.Item required label="原密码"> <Form.Item required label="原密码">
<Input.Password value={old_password} placeholder="请输入" onChange={e => setOldPassword(e.target.value)}/> <Input.Password value={old_password} placeholder="请输入" onChange={e => setOldPassword(e.target.value)}/>
</Form.Item> </Form.Item>
<Form.Item required label="新密码"> <Form.Item required label="新密码" extra="至少8位包含数字、小写和大写字母。">
<Input.Password value={new_password} placeholder="请输入" onChange={e => setNewPassword(e.target.value)}/> <Input.Password value={new_password} placeholder="请输入" onChange={e => setNewPassword(e.target.value)}/>
</Form.Item> </Form.Item>
<Form.Item required label="再次确认"> <Form.Item required label="再次确认">