From ba4bbdedd71f657f026d9fac2e7a6bbdce82c7c2 Mon Sep 17 00:00:00 2001 From: insistence <3055204202@qq.com> Date: Mon, 29 Jan 2024 15:11:35 +0800 Subject: [PATCH] =?UTF-8?q?fix:=20=E4=BF=AE=E5=A4=8D=E7=99=BB=E5=BD=95?= =?UTF-8?q?=E6=97=B6=E7=94=A8=E6=88=B7=E8=A1=A8=E6=9C=AA=E8=AE=B0=E5=BD=95?= =?UTF-8?q?=E7=99=BB=E5=BD=95=E6=97=B6=E9=97=B4=E7=9A=84=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../controller/login_controller.py | 61 +++--- .../module_admin/service/login_service.py | 178 +++++++++--------- 2 files changed, 123 insertions(+), 116 deletions(-) diff --git a/ruoyi-fastapi-backend/module_admin/controller/login_controller.py b/ruoyi-fastapi-backend/module_admin/controller/login_controller.py index d62c48f..a036862 100644 --- a/ruoyi-fastapi-backend/module_admin/controller/login_controller.py +++ b/ruoyi-fastapi-backend/module_admin/controller/login_controller.py @@ -46,6 +46,7 @@ async def login(request: Request, form_data: CustomOAuth2PasswordRequestForm = D # 此方法可实现同一账号同一时间只能登录一次 # await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{result[0].user_id}", access_token, # ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes)) + UserService.edit_user_services(query_db, EditUserModel(userId=result[0].user_id, loginDate=datetime.now(), type='status')) logger.info('登录成功') # 判断请求是否来自于api文档,如果是返回指定格式的结果,用于修复api文档认证成功后token显示undefined的bug request_from_swagger = request.headers.get('referer').endswith('docs') if request.headers.get('referer') else False @@ -85,7 +86,7 @@ async def get_login_user_routers(request: Request, current_user: CurrentUserMode @loginController.post("/register", response_model=CrudResponseModel) async def register_user(request: Request, user_register: UserRegister, query_db: Session = Depends(get_db)): try: - user_register_result = await register_user_services(request, query_db, user_register) + user_register_result = await LoginService.register_user_services(request, query_db, user_register) if user_register_result.is_success: logger.info(user_register_result.message) return ResponseUtil.success(data=user_register_result, msg=user_register_result.message) @@ -97,34 +98,34 @@ async def register_user(request: Request, user_register: UserRegister, query_db: return ResponseUtil.error(msg=str(e)) -@loginController.post("/getSmsCode", response_model=SmsCode) -async def get_sms_code(request: Request, user: ResetUserModel, query_db: Session = Depends(get_db)): - try: - sms_result = await get_sms_code_services(request, query_db, user) - if sms_result.is_success: - logger.info('获取成功') - return ResponseUtil.success(data=sms_result) - else: - logger.warning(sms_result.message) - return ResponseUtil.failure(msg=sms_result.message) - except Exception as e: - logger.exception(e) - return ResponseUtil.error(msg=str(e)) - - -@loginController.post("/forgetPwd", response_model=CrudResponseModel) -async def forget_user_pwd(request: Request, forget_user: ResetUserModel, query_db: Session = Depends(get_db)): - try: - forget_user_result = await forget_user_services(request, query_db, forget_user) - if forget_user_result.is_success: - logger.info(forget_user_result.message) - return ResponseUtil.success(data=forget_user_result, msg=forget_user_result.message) - else: - logger.warning(forget_user_result.message) - return ResponseUtil.failure(msg=forget_user_result.message) - except Exception as e: - logger.exception(e) - return ResponseUtil.error(msg=str(e)) +# @loginController.post("/getSmsCode", response_model=SmsCode) +# async def get_sms_code(request: Request, user: ResetUserModel, query_db: Session = Depends(get_db)): +# try: +# sms_result = await LoginService.get_sms_code_services(request, query_db, user) +# if sms_result.is_success: +# logger.info('获取成功') +# return ResponseUtil.success(data=sms_result) +# else: +# logger.warning(sms_result.message) +# return ResponseUtil.failure(msg=sms_result.message) +# except Exception as e: +# logger.exception(e) +# return ResponseUtil.error(msg=str(e)) +# +# +# @loginController.post("/forgetPwd", response_model=CrudResponseModel) +# async def forget_user_pwd(request: Request, forget_user: ResetUserModel, query_db: Session = Depends(get_db)): +# try: +# forget_user_result = await LoginService.forget_user_services(request, query_db, forget_user) +# if forget_user_result.is_success: +# logger.info(forget_user_result.message) +# return ResponseUtil.success(data=forget_user_result, msg=forget_user_result.message) +# else: +# logger.warning(forget_user_result.message) +# return ResponseUtil.failure(msg=forget_user_result.message) +# except Exception as e: +# logger.exception(e) +# return ResponseUtil.error(msg=str(e)) @loginController.post("/logout") @@ -132,7 +133,7 @@ async def logout(request: Request, token: Optional[str] = Depends(oauth2_scheme) try: payload = jwt.decode(token, JwtConfig.jwt_secret_key, algorithms=[JwtConfig.jwt_algorithm]) session_id: str = payload.get("session_id") - await logout_services(request, session_id) + await LoginService.logout_services(request, session_id) logger.info('退出成功') return ResponseUtil.success(msg="退出成功") except Exception as e: diff --git a/ruoyi-fastapi-backend/module_admin/service/login_service.py b/ruoyi-fastapi-backend/module_admin/service/login_service.py index 8290b3d..f0ecace 100644 --- a/ruoyi-fastapi-backend/module_admin/service/login_service.py +++ b/ruoyi-fastapi-backend/module_admin/service/login_service.py @@ -261,98 +261,104 @@ class LoginService: return router_list - -async def register_user_services(request: Request, query_db: Session, user_register: UserRegister): - """ - 用户注册services - :param request: Request对象 - :param query_db: orm对象 - :param user_register: 注册用户对象 - :return: 注册结果 - """ - register_enabled = True if await request.app.state.redis.get(f"{RedisInitKeyConfig.SYS_CONFIG.get('key')}:sys.account.registerUser") == 'true' else False - captcha_enabled = True if await request.app.state.redis.get(f"{RedisInitKeyConfig.SYS_CONFIG.get('key')}:sys.account.captchaEnabled") == 'true' else False - if user_register.password == user_register.confirm_password: - if register_enabled: - if captcha_enabled: - captcha_value = await request.app.state.redis.get(f"{RedisInitKeyConfig.CAPTCHA_CODES.get('key')}:{user_register.uuid}") - if not captcha_value: - logger.warning("验证码已失效") - return CrudResponseModel(is_success=False, message='验证码已失效') - elif user_register.code != str(captcha_value): - logger.warning("验证码错误") - return CrudResponseModel(is_success=False, message='验证码错误') - add_user = AddUserModel( - userName=user_register.username, - nickName=user_register.username, - password=PwdUtil.get_password_hash(user_register.password) - ) - result = UserService.add_user_services(query_db, add_user) - return result + @classmethod + async def register_user_services(cls, request: Request, query_db: Session, user_register: UserRegister): + """ + 用户注册services + :param request: Request对象 + :param query_db: orm对象 + :param user_register: 注册用户对象 + :return: 注册结果 + """ + register_enabled = True if await request.app.state.redis.get( + f"{RedisInitKeyConfig.SYS_CONFIG.get('key')}:sys.account.registerUser") == 'true' else False + captcha_enabled = True if await request.app.state.redis.get( + f"{RedisInitKeyConfig.SYS_CONFIG.get('key')}:sys.account.captchaEnabled") == 'true' else False + if user_register.password == user_register.confirm_password: + if register_enabled: + if captcha_enabled: + captcha_value = await request.app.state.redis.get( + f"{RedisInitKeyConfig.CAPTCHA_CODES.get('key')}:{user_register.uuid}") + if not captcha_value: + logger.warning("验证码已失效") + return CrudResponseModel(is_success=False, message='验证码已失效') + elif user_register.code != str(captcha_value): + logger.warning("验证码错误") + return CrudResponseModel(is_success=False, message='验证码错误') + add_user = AddUserModel( + userName=user_register.username, + nickName=user_register.username, + password=PwdUtil.get_password_hash(user_register.password) + ) + result = UserService.add_user_services(query_db, add_user) + return result + else: + result = dict(is_success=False, message='注册程序已关闭,禁止注册') else: - result = dict(is_success=False, message='注册程序已关闭,禁止注册') - else: - result = dict(is_success=False, message='两次输入的密码不一致') - - return CrudResponseModel(**result) + result = dict(is_success=False, message='两次输入的密码不一致') + return CrudResponseModel(**result) -async def get_sms_code_services(request: Request, query_db: Session, user: ResetUserModel): - """ - 获取短信验证码service - :param request: Request对象 - :param query_db: orm对象 - :param user: 用户对象 - :return: 短信验证码对象 - """ - redis_sms_result = await request.app.state.redis.get(f"{RedisInitKeyConfig.SMS_CODE.get('key')}:{user.session_id}") - if redis_sms_result: - return SmsCode(**dict(is_success=False, sms_code='', session_id='', message='短信验证码仍在有效期内')) - is_user = UserDao.get_user_by_name(query_db, user.user_name) - if is_user: - sms_code = str(random.randint(100000, 999999)) - session_id = str(uuid.uuid4()) - await request.app.state.redis.set(f"{RedisInitKeyConfig.SMS_CODE.get('key')}:{session_id}", sms_code, ex=timedelta(minutes=2)) - # 此处模拟调用短信服务 - message_service(sms_code) - - return SmsCode(**dict(is_success=True, sms_code=sms_code, session_id=session_id, message='获取成功')) - - return SmsCode(**dict(is_success=False, sms_code='', session_id='', message='用户不存在')) + @classmethod + async def get_sms_code_services(cls, request: Request, query_db: Session, user: ResetUserModel): + """ + 获取短信验证码service + :param request: Request对象 + :param query_db: orm对象 + :param user: 用户对象 + :return: 短信验证码对象 + """ + redis_sms_result = await request.app.state.redis.get( + f"{RedisInitKeyConfig.SMS_CODE.get('key')}:{user.session_id}") + if redis_sms_result: + return SmsCode(**dict(is_success=False, sms_code='', session_id='', message='短信验证码仍在有效期内')) + is_user = UserDao.get_user_by_name(query_db, user.user_name) + if is_user: + sms_code = str(random.randint(100000, 999999)) + session_id = str(uuid.uuid4()) + await request.app.state.redis.set(f"{RedisInitKeyConfig.SMS_CODE.get('key')}:{session_id}", sms_code, + ex=timedelta(minutes=2)) + # 此处模拟调用短信服务 + message_service(sms_code) + return SmsCode(**dict(is_success=True, sms_code=sms_code, session_id=session_id, message='获取成功')) -async def forget_user_services(request: Request, query_db: Session, forget_user: ResetUserModel): - """ - 用户忘记密码services - :param request: Request对象 - :param query_db: orm对象 - :param forget_user: 重置用户对象 - :return: 重置结果 - """ - redis_sms_result = await request.app.state.redis.get(f"{RedisInitKeyConfig.SMS_CODE.get('key')}:{forget_user.session_id}") - if forget_user.sms_code == redis_sms_result: - forget_user.password = PwdUtil.get_password_hash(forget_user.password) - forget_user.user_id = UserDao.get_user_by_name(query_db, forget_user.user_name).user_id - edit_result = UserService.reset_user_services(query_db, forget_user) - result = edit_result.dict() - elif not redis_sms_result: - result = dict(is_success=False, message='短信验证码已过期') - else: - await request.app.state.redis.delete(f"{RedisInitKeyConfig.SMS_CODE.get('key')}:{forget_user.session_id}") - result = dict(is_success=False, message='短信验证码不正确') + return SmsCode(**dict(is_success=False, sms_code='', session_id='', message='用户不存在')) - return CrudResponseModel(**result) + @classmethod + async def forget_user_services(cls, request: Request, query_db: Session, forget_user: ResetUserModel): + """ + 用户忘记密码services + :param request: Request对象 + :param query_db: orm对象 + :param forget_user: 重置用户对象 + :return: 重置结果 + """ + redis_sms_result = await request.app.state.redis.get( + f"{RedisInitKeyConfig.SMS_CODE.get('key')}:{forget_user.session_id}") + if forget_user.sms_code == redis_sms_result: + forget_user.password = PwdUtil.get_password_hash(forget_user.password) + forget_user.user_id = UserDao.get_user_by_name(query_db, forget_user.user_name).user_id + edit_result = UserService.reset_user_services(query_db, forget_user) + result = edit_result.dict() + elif not redis_sms_result: + result = dict(is_success=False, message='短信验证码已过期') + else: + await request.app.state.redis.delete(f"{RedisInitKeyConfig.SMS_CODE.get('key')}:{forget_user.session_id}") + result = dict(is_success=False, message='短信验证码不正确') + return CrudResponseModel(**result) -async def logout_services(request: Request, session_id: str): - """ - 退出登录services - :param request: Request对象 - :param session_id: 会话编号 - :return: 退出登录结果 - """ - await request.app.state.redis.delete(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{session_id}") - # await request.app.state.redis.delete(f'{current_user.user.user_id}_access_token') - # await request.app.state.redis.delete(f'{current_user.user.user_id}_session_id') + @classmethod + async def logout_services(cls, request: Request, session_id: str): + """ + 退出登录services + :param request: Request对象 + :param session_id: 会话编号 + :return: 退出登录结果 + """ + await request.app.state.redis.delete(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{session_id}") + # await request.app.state.redis.delete(f'{current_user.user.user_id}_access_token') + # await request.app.state.redis.delete(f'{current_user.user.user_id}_session_id') - return True + return True