jayhgq/CMS_Django_Backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

1.增加config配置文件,自定义是否是用加密

Browse Source 
2.增加区分加密数据库和非加密数据库
3.重构现有接口,区分是否加密和是用的加密方式,目前支持caesar和base64两种加密方式,仅在数据库存储时加密
This commit is contained in:
jayhgq 2024-09-17 00:00:45 +08:00
parent 7bf39c83bd
commit 4d5846f81e
7 changed files with 93 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CMS_Django_Backend/settings.py
View File

@ -78,6 +78,10 @@ DATABASES = {
'default': { 'default': {
'ENGINE': 'django.db.backends.sqlite3', 'ENGINE': 'django.db.backends.sqlite3',
'NAME': BASE_DIR / 'data/db.sqlite3', 'NAME': BASE_DIR / 'data/db.sqlite3',
},
'cypher': {
'ENGINE': 'django.db.backends.sqlite3',
'NAME': BASE_DIR / 'data/db_cypher.sqlite3',
} }
} }

1
apps/api/common.py
View File

@ -52,7 +52,6 @@ class Base64CypherClass:
""" """
Base64的加解密算法最简单的加密方式可加密短的文字小图片小文件图片文件大小不宜超过10M Base64的加解密算法最简单的加密方式可加密短的文字小图片小文件图片文件大小不宜超过10M
""" """
def __init__(self, *args, **kwargs): def __init__(self, *args, **kwargs):
""" """
Base64类初始化函数 Base64类初始化函数

8
apps/api/config.py Normal file
View File

@ -0,0 +1,8 @@
class Config:
config = {
"isCypher": False,
"CypherMethod": "base64"
}
def getconfig(self, config_name):
return self.config[config_name]

17
apps/api/views.py
View File

@ -1,7 +1,10 @@
from django.shortcuts import HttpResponse from django.shortcuts import HttpResponse
from apps.api import models as m_api from apps.api import models as m_api
from django.views.decorators.http import require_http_methods, require_POST, require_GET from django.views.decorators.http import require_http_methods, require_POST, require_GET
from apps.api.common import CaesarCypherClass from apps.api.common import CaesarCypherClass, Base64CypherClass
from apps.api.config import Config
config = Config()
# Create your views here. # Create your views here.
@ -9,7 +12,17 @@ from apps.api.common import CaesarCypherClass
def get_config(request): def get_config(request):
try: try:
identity = request.POST.get("param") identity = request.POST.get("param")
param = m_api.SysConfig.objects.filter(identity=identity).first().param if config.getconfig("isCypher"):
if config.getconfig("CypherMethod") == "base64":
param_base64 = m_api.SysConfig.objects.using("cypher").filter(identity=identity).first().param
param = Base64CypherClass().base64_decode_str(Base64CypherClass(), param_base64)
return HttpResponse(param)
if config.getconfig("CypherMethod") == "caesar":
param_base64 = m_api.SysConfig.objects.using("cypher").filter(identity=identity).first().param
param = CaesarCypherClass.caesar_decode(param_base64)
return HttpResponse(param)
else:
param = m_api.SysConfig.objects.using("default").filter(identity=identity).first().param
return HttpResponse(param) return HttpResponse(param)
except Exception as e: except Exception as e:
print(f"报错了:{e}") print(f"报错了:{e}")

64
apps/auth/views.py
View File

@ -6,10 +6,12 @@ from django.views.decorators.http import require_GET, require_POST
from apps.auth import models as auth_models from apps.auth import models as auth_models
from django.contrib.auth.hashers import make_password, check_password from django.contrib.auth.hashers import make_password, check_password
from apps.api.common import CaesarCypherClass, Base64CypherClass from apps.api.common import CaesarCypherClass, Base64CypherClass
from apps.api.config import Config
# Create your views here. # Create your views here.
config = Config()
base64 = Base64CypherClass() base64 = Base64CypherClass()
caesar = CaesarCypherClass()
@require_GET @require_GET
@ -30,8 +32,16 @@ def search_user(request):
:param request: :param request:
:return: :return:
""" """
if config.getconfig("isCypher"):
if config.getconfig("CypherMethod") == "caesar":
username = caesar.caesar_encode(request.POST.get("username"))
user = auth_models.User.objects.using("cypher").filter(username=username)
else:
username = base64.base64_encode_str(base64, request.POST.get("username")).decode('utf-8') username = base64.base64_encode_str(base64, request.POST.get("username")).decode('utf-8')
user = auth_models.User.objects.filter(username=username) user = auth_models.User.objects.using("cypher").filter(username=username)
else:
username = request.POST.get("username")
user = auth_models.User.objects.using("default").filter(username=username)
if user.exists(): if user.exists():
return HttpResponse(True) return HttpResponse(True)
else: else:
@ -46,17 +56,34 @@ def add_user(request):
:return: 注册结果 :return: 注册结果
""" """
try: try:
username = base64.base64_encode_str(base64, request.POST.get("username")).decode('utf-8')
pwd_base64 = base64.base64_decode_str(base64, request.POST.get("pwd"))
print(username, pwd_base64)
pwd = make_password(pwd_base64)
email = base64.base64_encode_str(base64, request.POST.get("email")).decode('utf-8')
phone = base64.base64_encode_str(base64, request.POST.get("phone")).decode('utf-8')
create_time = datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S") create_time = datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S")
last_login_time = datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S") last_login_time = datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S")
print(username, pwd, email, phone)
avatar = request.FILES.get("avatar") avatar = request.FILES.get("avatar")
auth_models.User.objects.create( pwd_base64 = base64.base64_decode_str(base64, request.POST.get("pwd"))
pwd = make_password(pwd_base64)
if config.getconfig("isCypher"):
if config.getconfig("CypherMethod") == "caesar":
username = caesar.caesar_encode(request.POST.get("username"))
email = caesar.caesar_encode(request.POST.get("email"))
phone = caesar.caesar_encode(request.POST.get("phone"))
else:
username = base64.base64_encode_str(base64, request.POST.get("username")).decode('utf-8')
email = base64.base64_encode_str(base64, request.POST.get("email")).decode('utf-8')
phone = base64.base64_encode_str(base64, request.POST.get("phone")).decode('utf-8')
auth_models.User.objects.using("cypher").create(
username=username,
pwd=pwd,
email=email,
phone=phone,
create_time=create_time,
last_login_time=last_login_time,
avatar=avatar
)
else:
username = request.POST.get("username")
email = request.POST.get("email")
phone = request.POST.get("phone")
auth_models.User.objects.using("default").create(
username=username, username=username,
pwd=pwd, pwd=pwd,
email=email, email=email,
@ -78,14 +105,27 @@ def login_user(request):
:return: :return:
""" """
try: try:
if config.getconfig("isCypher"):
if config.getconfig("CypherMethod") == "caesar":
username = caesar.caesar_encode(request.POST.get("username"))
pwd_input = caesar.caesar_encode(request.POST.get("pwd"))
pwd_made = auth_models.User.objects.using("cypher").filter(username=username).first()
else:
username = base64.base64_encode_str(base64, request.POST.get("username")).decode('utf-8') username = base64.base64_encode_str(base64, request.POST.get("username")).decode('utf-8')
pwd_input = base64.base64_decode_str(base64, request.POST.get("pwd")) pwd_input = base64.base64_decode_str(base64, request.POST.get("pwd"))
pwd_made = auth_models.User.objects.filter(username=username).first().pwd pwd_made = auth_models.User.objects.using("cypher").filter(username=username).first()
pwd = check_password(pwd_input, pwd_made) else:
username = request.POST.get("username")
pwd_input = base64.base64_decode_str(base64, request.POST.get("pwd"))
pwd_made = auth_models.User.objects.using("default").filter(username=username).first()
if pwd_made is not None:
pwd = check_password(pwd_input, pwd_made.pwd)
if pwd: if pwd:
return HttpResponse(True) return HttpResponse(True)
else: else:
return HttpResponse("用户名或密码不正确") return HttpResponse("用户名或密码不正确")
else:
return HttpResponse("用户名或密码不正确")
except binascii.Error as e: except binascii.Error as e:
return HttpResponse("base64解码失败") return HttpResponse("base64解码失败")
except Exception as e: except Exception as e:

BIN
data/db.sqlite3
View File

Binary file not shown.

BIN
data/db_cypher.sqlite3 Normal file
View File

Binary file not shown.