1.增加config配置文件,自定义是否是用加密
2.增加区分加密数据库和非加密数据库 3.重构现有接口,区分是否加密和是用的加密方式,目前支持caesar和base64两种加密方式,仅在数据库存储时加密
This commit is contained in:
jayhgq
parent
7bf39c83bd
commit
4d5846f81e
@ -78,6 +78,10 @@ DATABASES = {
|
||||
'default': {
|
||||
'ENGINE': 'django.db.backends.sqlite3',
|
||||
'NAME': BASE_DIR / 'data/db.sqlite3',
|
||||
},
|
||||
'cypher': {
|
||||
'ENGINE': 'django.db.backends.sqlite3',
|
||||
'NAME': BASE_DIR / 'data/db_cypher.sqlite3',
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -52,7 +52,6 @@ class Base64CypherClass:
|
||||
"""
|
||||
Base64的加解密算法,最简单的加密方式,可加密短的文字、小图片、小文件,图片文件大小不宜超过10M
|
||||
"""
|
||||
|
||||
def __init__(self, *args, **kwargs):
|
||||
"""
|
||||
Base64类初始化函数
|
||||
|
||||
8
apps/api/config.py
Normal file
8
apps/api/config.py
Normal file
@ -0,0 +1,8 @@
|
||||
class Config:
|
||||
config = {
|
||||
"isCypher": False,
|
||||
"CypherMethod": "base64"
|
||||
}
|
||||
|
||||
def getconfig(self, config_name):
|
||||
return self.config[config_name]
|
||||
@ -1,7 +1,10 @@
|
||||
from django.shortcuts import HttpResponse
|
||||
from apps.api import models as m_api
|
||||
from django.views.decorators.http import require_http_methods, require_POST, require_GET
|
||||
from apps.api.common import CaesarCypherClass
|
||||
from apps.api.common import CaesarCypherClass, Base64CypherClass
|
||||
from apps.api.config import Config
|
||||
|
||||
config = Config()
|
||||
|
||||
|
||||
# Create your views here.
|
||||
@ -9,8 +12,18 @@ from apps.api.common import CaesarCypherClass
|
||||
def get_config(request):
|
||||
try:
|
||||
identity = request.POST.get("param")
|
||||
param = m_api.SysConfig.objects.filter(identity=identity).first().param
|
||||
return HttpResponse(param)
|
||||
if config.getconfig("isCypher"):
|
||||
if config.getconfig("CypherMethod") == "base64":
|
||||
param_base64 = m_api.SysConfig.objects.using("cypher").filter(identity=identity).first().param
|
||||
param = Base64CypherClass().base64_decode_str(Base64CypherClass(), param_base64)
|
||||
return HttpResponse(param)
|
||||
if config.getconfig("CypherMethod") == "caesar":
|
||||
param_base64 = m_api.SysConfig.objects.using("cypher").filter(identity=identity).first().param
|
||||
param = CaesarCypherClass.caesar_decode(param_base64)
|
||||
return HttpResponse(param)
|
||||
else:
|
||||
param = m_api.SysConfig.objects.using("default").filter(identity=identity).first().param
|
||||
return HttpResponse(param)
|
||||
except Exception as e:
|
||||
print(f"报错了:{e}")
|
||||
return HttpResponse(f"报错了:{e}")
|
||||
|
||||
@ -6,10 +6,12 @@ from django.views.decorators.http import require_GET, require_POST
|
||||
from apps.auth import models as auth_models
|
||||
from django.contrib.auth.hashers import make_password, check_password
|
||||
from apps.api.common import CaesarCypherClass, Base64CypherClass
|
||||
|
||||
from apps.api.config import Config
|
||||
|
||||
# Create your views here.
|
||||
config = Config()
|
||||
base64 = Base64CypherClass()
|
||||
caesar = CaesarCypherClass()
|
||||
|
||||
|
||||
@require_GET
|
||||
@ -30,8 +32,16 @@ def search_user(request):
|
||||
:param request:
|
||||
:return:
|
||||
"""
|
||||
username = base64.base64_encode_str(base64, request.POST.get("username")).decode('utf-8')
|
||||
user = auth_models.User.objects.filter(username=username)
|
||||
if config.getconfig("isCypher"):
|
||||
if config.getconfig("CypherMethod") == "caesar":
|
||||
username = caesar.caesar_encode(request.POST.get("username"))
|
||||
user = auth_models.User.objects.using("cypher").filter(username=username)
|
||||
else:
|
||||
username = base64.base64_encode_str(base64, request.POST.get("username")).decode('utf-8')
|
||||
user = auth_models.User.objects.using("cypher").filter(username=username)
|
||||
else:
|
||||
username = request.POST.get("username")
|
||||
user = auth_models.User.objects.using("default").filter(username=username)
|
||||
if user.exists():
|
||||
return HttpResponse(True)
|
||||
else:
|
||||
@ -46,25 +56,42 @@ def add_user(request):
|
||||
:return: 注册结果
|
||||
"""
|
||||
try:
|
||||
username = base64.base64_encode_str(base64, request.POST.get("username")).decode('utf-8')
|
||||
pwd_base64 = base64.base64_decode_str(base64, request.POST.get("pwd"))
|
||||
print(username, pwd_base64)
|
||||
pwd = make_password(pwd_base64)
|
||||
email = base64.base64_encode_str(base64, request.POST.get("email")).decode('utf-8')
|
||||
phone = base64.base64_encode_str(base64, request.POST.get("phone")).decode('utf-8')
|
||||
create_time = datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S")
|
||||
last_login_time = datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S")
|
||||
print(username, pwd, email, phone)
|
||||
avatar = request.FILES.get("avatar")
|
||||
auth_models.User.objects.create(
|
||||
username=username,
|
||||
pwd=pwd,
|
||||
email=email,
|
||||
phone=phone,
|
||||
create_time=create_time,
|
||||
last_login_time=last_login_time,
|
||||
avatar=avatar
|
||||
)
|
||||
pwd_base64 = base64.base64_decode_str(base64, request.POST.get("pwd"))
|
||||
pwd = make_password(pwd_base64)
|
||||
if config.getconfig("isCypher"):
|
||||
if config.getconfig("CypherMethod") == "caesar":
|
||||
username = caesar.caesar_encode(request.POST.get("username"))
|
||||
email = caesar.caesar_encode(request.POST.get("email"))
|
||||
phone = caesar.caesar_encode(request.POST.get("phone"))
|
||||
else:
|
||||
username = base64.base64_encode_str(base64, request.POST.get("username")).decode('utf-8')
|
||||
email = base64.base64_encode_str(base64, request.POST.get("email")).decode('utf-8')
|
||||
phone = base64.base64_encode_str(base64, request.POST.get("phone")).decode('utf-8')
|
||||
auth_models.User.objects.using("cypher").create(
|
||||
username=username,
|
||||
pwd=pwd,
|
||||
email=email,
|
||||
phone=phone,
|
||||
create_time=create_time,
|
||||
last_login_time=last_login_time,
|
||||
avatar=avatar
|
||||
)
|
||||
else:
|
||||
username = request.POST.get("username")
|
||||
email = request.POST.get("email")
|
||||
phone = request.POST.get("phone")
|
||||
auth_models.User.objects.using("default").create(
|
||||
username=username,
|
||||
pwd=pwd,
|
||||
email=email,
|
||||
phone=phone,
|
||||
create_time=create_time,
|
||||
last_login_time=last_login_time,
|
||||
avatar=avatar
|
||||
)
|
||||
return HttpResponse("添加用户成功")
|
||||
except Exception as e:
|
||||
return HttpResponse(f"报错了:{e}")
|
||||
@ -78,12 +105,25 @@ def login_user(request):
|
||||
:return:
|
||||
"""
|
||||
try:
|
||||
username = base64.base64_encode_str(base64, request.POST.get("username")).decode('utf-8')
|
||||
pwd_input = base64.base64_decode_str(base64, request.POST.get("pwd"))
|
||||
pwd_made = auth_models.User.objects.filter(username=username).first().pwd
|
||||
pwd = check_password(pwd_input, pwd_made)
|
||||
if pwd:
|
||||
return HttpResponse(True)
|
||||
if config.getconfig("isCypher"):
|
||||
if config.getconfig("CypherMethod") == "caesar":
|
||||
username = caesar.caesar_encode(request.POST.get("username"))
|
||||
pwd_input = caesar.caesar_encode(request.POST.get("pwd"))
|
||||
pwd_made = auth_models.User.objects.using("cypher").filter(username=username).first()
|
||||
else:
|
||||
username = base64.base64_encode_str(base64, request.POST.get("username")).decode('utf-8')
|
||||
pwd_input = base64.base64_decode_str(base64, request.POST.get("pwd"))
|
||||
pwd_made = auth_models.User.objects.using("cypher").filter(username=username).first()
|
||||
else:
|
||||
username = request.POST.get("username")
|
||||
pwd_input = base64.base64_decode_str(base64, request.POST.get("pwd"))
|
||||
pwd_made = auth_models.User.objects.using("default").filter(username=username).first()
|
||||
if pwd_made is not None:
|
||||
pwd = check_password(pwd_input, pwd_made.pwd)
|
||||
if pwd:
|
||||
return HttpResponse(True)
|
||||
else:
|
||||
return HttpResponse("用户名或密码不正确")
|
||||
else:
|
||||
return HttpResponse("用户名或密码不正确")
|
||||
except binascii.Error as e:
|
||||
|
||||
BIN
data/db.sqlite3
BIN
data/db.sqlite3
Binary file not shown.
BIN
data/db_cypher.sqlite3
Normal file
BIN
data/db_cypher.sqlite3
Normal file
Binary file not shown.
Loading…
Reference in New Issue
Block a user