jayhgq/CMS_Django_Backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

1.添加备注信息

Browse Source 
2.优化代理逻辑
This commit is contained in:
jayhgq 2024-09-17 00:42:28 +08:00
parent 4d5846f81e
commit 4e8c817880
3 changed files with 36 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
apps/api/views.py
View File

@ -5,23 +5,29 @@ from apps.api.common import CaesarCypherClass, Base64CypherClass
from apps.api.config import Config from apps.api.config import Config
config = Config() config = Config()
caesar = CaesarCypherClass()
base64 = Base64CypherClass()
# Create your views here. # Create your views here.
@require_POST @require_POST
def get_config(request): def get_config(request):
"""
获取系统配置的接口通过identity标识字段查询param参数并返回如果使用加密版数据库则根据加密方式进行解密后返回
:param request: identity标识字段
:return: 获取到的参数param
"""
try: try:
identity = request.POST.get("param") identity = request.POST.get("param")
if config.getconfig("isCypher"): if config.getconfig("isCypher"): # 启用加密数据库
if config.getconfig("CypherMethod") == "base64": param_base64 = m_api.SysConfig.objects.using("cypher").filter(identity=identity).first().param
param_base64 = m_api.SysConfig.objects.using("cypher").filter(identity=identity).first().param if config.getconfig("CypherMethod") == "caesar": # 加密方式为Caesar
param = Base64CypherClass().base64_decode_str(Base64CypherClass(), param_base64) param = caesar.caesar_decode(param_base64)
return HttpResponse(param) return HttpResponse(param)
if config.getconfig("CypherMethod") == "caesar": else: # 加密方式为Base64
param_base64 = m_api.SysConfig.objects.using("cypher").filter(identity=identity).first().param param = base64.base64_decode_str(base64, param_base64)
param = CaesarCypherClass.caesar_decode(param_base64)
return HttpResponse(param) return HttpResponse(param)
else: else: # 不加密的数据库
param = m_api.SysConfig.objects.using("default").filter(identity=identity).first().param param = m_api.SysConfig.objects.using("default").filter(identity=identity).first().param
return HttpResponse(param) return HttpResponse(param)
except Exception as e: except Exception as e:

45
apps/auth/views.py
View File

@ -28,18 +28,18 @@ def gettoken(request):
@require_POST @require_POST
def search_user(request): def search_user(request):
""" """
查询用户名 查询用户名是否存在若存在则返回True不存在则返回False如果使用加密版数据库则根据加密方式进行加密后再查询数据库
:param request: :param request:
:return: :return:
""" """
if config.getconfig("isCypher"): if config.getconfig("isCypher"): # 启用加密数据库
if config.getconfig("CypherMethod") == "caesar": if config.getconfig("CypherMethod") == "caesar": # 加密方式为Caesar
username = caesar.caesar_encode(request.POST.get("username")) username = caesar.caesar_encode(request.POST.get("username"))
user = auth_models.User.objects.using("cypher").filter(username=username) user = auth_models.User.objects.using("cypher").filter(username=username)
else: else: # 加密方式为Base64
username = base64.base64_encode_str(base64, request.POST.get("username")).decode('utf-8') username = base64.base64_encode_str(base64, request.POST.get("username")).decode('utf-8')
user = auth_models.User.objects.using("cypher").filter(username=username) user = auth_models.User.objects.using("cypher").filter(username=username)
else: else: # 不加密的数据库
username = request.POST.get("username") username = request.POST.get("username")
user = auth_models.User.objects.using("default").filter(username=username) user = auth_models.User.objects.using("default").filter(username=username)
if user.exists(): if user.exists():
@ -51,7 +51,9 @@ def search_user(request):
@require_POST @require_POST
def add_user(request): def add_user(request):
""" """
用户注册 用户注册前端需要将用户名密码以base64的方式加密后传输存储密码时是用md5进行存储
如果使用加密版数据库则根据加密方式将用户名邮箱电话加密后存储到数据库
用户头像目前以路径的方式存储
:param request: POST提交注册信息 :param request: POST提交注册信息
:return: 注册结果 :return: 注册结果
""" """
@ -61,12 +63,12 @@ def add_user(request):
avatar = request.FILES.get("avatar") avatar = request.FILES.get("avatar")
pwd_base64 = base64.base64_decode_str(base64, request.POST.get("pwd")) pwd_base64 = base64.base64_decode_str(base64, request.POST.get("pwd"))
pwd = make_password(pwd_base64) pwd = make_password(pwd_base64)
if config.getconfig("isCypher"): if config.getconfig("isCypher"): # 启用加密数据库
if config.getconfig("CypherMethod") == "caesar": if config.getconfig("CypherMethod") == "caesar": # 加密方式为Caesar
username = caesar.caesar_encode(request.POST.get("username")) username = caesar.caesar_encode(request.POST.get("username"))
email = caesar.caesar_encode(request.POST.get("email")) email = caesar.caesar_encode(request.POST.get("email"))
phone = caesar.caesar_encode(request.POST.get("phone")) phone = caesar.caesar_encode(request.POST.get("phone"))
else: else: # 加密方式为Base64
username = base64.base64_encode_str(base64, request.POST.get("username")).decode('utf-8') username = base64.base64_encode_str(base64, request.POST.get("username")).decode('utf-8')
email = base64.base64_encode_str(base64, request.POST.get("email")).decode('utf-8') email = base64.base64_encode_str(base64, request.POST.get("email")).decode('utf-8')
phone = base64.base64_encode_str(base64, request.POST.get("phone")).decode('utf-8') phone = base64.base64_encode_str(base64, request.POST.get("phone")).decode('utf-8')
@ -79,7 +81,7 @@ def add_user(request):
last_login_time=last_login_time, last_login_time=last_login_time,
avatar=avatar avatar=avatar
) )
else: else: # 不加密的数据库
username = request.POST.get("username") username = request.POST.get("username")
email = request.POST.get("email") email = request.POST.get("email")
phone = request.POST.get("phone") phone = request.POST.get("phone")
@ -100,27 +102,24 @@ def add_user(request):
@require_POST @require_POST
def login_user(request): def login_user(request):
""" """
用户登录验证用户密码是否正确正确返回菜单错误返回用户名或密码不正确 用户登录验证用户密码是否正确正确返回菜单错误返回用户名或密码不正确
如果使用加密版数据库则根据加密方式将用户名加密后进行数据库查询
:param request: :param request:
:return: :return: "用户名或密码不正确"或用户拥有权限的菜单
""" """
try: try:
if config.getconfig("isCypher"): pwd_input = base64.base64_decode_str(base64, request.POST.get("pwd"))
if config.getconfig("CypherMethod") == "caesar": if config.getconfig("isCypher"): # 启用加密数据库
if config.getconfig("CypherMethod") == "caesar": # 加密方式为Caesar
username = caesar.caesar_encode(request.POST.get("username")) username = caesar.caesar_encode(request.POST.get("username"))
pwd_input = caesar.caesar_encode(request.POST.get("pwd")) else: # 加密方式为Base64
pwd_made = auth_models.User.objects.using("cypher").filter(username=username).first()
else:
username = base64.base64_encode_str(base64, request.POST.get("username")).decode('utf-8') username = base64.base64_encode_str(base64, request.POST.get("username")).decode('utf-8')
pwd_input = base64.base64_decode_str(base64, request.POST.get("pwd")) pwd_made = auth_models.User.objects.using("cypher").filter(username=username).first()
pwd_made = auth_models.User.objects.using("cypher").filter(username=username).first() else: # 不加密的数据库
else:
username = request.POST.get("username") username = request.POST.get("username")
pwd_input = base64.base64_decode_str(base64, request.POST.get("pwd"))
pwd_made = auth_models.User.objects.using("default").filter(username=username).first() pwd_made = auth_models.User.objects.using("default").filter(username=username).first()
if pwd_made is not None: if pwd_made is not None:
pwd = check_password(pwd_input, pwd_made.pwd) if check_password(pwd_input, pwd_made.pwd):
if pwd:
return HttpResponse(True) return HttpResponse(True)
else: else:
return HttpResponse("用户名或密码不正确") return HttpResponse("用户名或密码不正确")

BIN
data/db_cypher.sqlite3
View File

Binary file not shown.