V2版本密码登录

AdminController/UserManageController.py

@@ -43,41 +43,46 @@ class LoginView(TemplateView):
     def validates(self, request_dict, response):
         username = request_dict.get('username', None)
         password = request_dict.get('password', None)
+        password_version = request_dict.get('pwdVersion', 'V1')
         if not username or not password:
             return response.json(111)
         username = username.strip()
         password = password.strip()
         data_valid = DataValid()
         if data_valid.email_validate(username):
-            return self.do_email_login(username, password, response)
+            return self.do_email_login(username, password, response, password_version)
         elif data_valid.mobile_validate(username):
-            return self.do_phone_login(username, password, response)
+            return self.do_phone_login(username, password, response, password_version)
         elif data_valid.name_validate(username):
-            return self.do_name_login(username, password, response)
+            return self.do_name_login(username, password, response, password_version)
         else:
             return response.json(107)
 
-    def do_email_login(self, email, password, response):
+    def do_email_login(self, email, password, response, password_version):
         user_qs = Device_User.objects.filter(Q(username=email) | Q(userEmail=email))
-        return self.valid_login(user_qs, password, response)
+        return self.valid_login(user_qs, password, response, password_version)
 
-    def do_phone_login(self, phone, password, response):
+    def do_phone_login(self, phone, password, response, password_version):
         user_qs = Device_User.objects.filter(Q(phone=phone) | Q(username=phone), is_active=True, user_isValid=True)
-        return self.valid_login(user_qs, password, response)
+        return self.valid_login(user_qs, password, response, password_version)
 
-    def do_name_login(self, username, password, response):
+    def do_name_login(self, username, password, response, password_version):
         user_qs = Device_User.objects.filter(Q(username=username) | Q(phone=username) | Q(userEmail=username),
                                              is_active=True, user_isValid=True)
-        return self.valid_login(user_qs, password, response)
+        return self.valid_login(user_qs, password, response, password_version)
 
-    def valid_login(self, user_qs, password, response):
+    def valid_login(self, user_qs, password, response, password_version):
         if not user_qs.exists():
             return response.json(104)
         # users = user_qs.values('role__rid', 'role__roleName', 'userID', 'role', 'NickName', 'username', 'userEmail',
         #                        'phone', 'password', 'userIconPath', 'user_isValid', 'is_active')[0]
         users = user_qs.values('role__rid', 'role__roleName', 'userID', 'NickName', 'username', 'userEmail',
                                'phone', 'password', 'userIconPath')[0]
-        if not check_password(password, users['password']):
+        if password_version == 'V1':
+            check_flag = check_password(password, users['password'])
+        else:
+            check_flag = CommonService.check_password(password, users['password'])
+        if not check_flag:
             return response.json(111)
         userID = users['userID']
         tko = TokenObject(returntpye='pc')
@@ -415,6 +420,7 @@ class UserManagement(View):
         roleName = request_dict.get('role', None)
         password = request_dict.get('password', None)
         isEdit = request_dict.get('isEdit', None)
+        password_version = request_dict.get('pwdVersion', 'V1')
 
         # 校验用户名,邮箱,密码是否符合规则
         dataValid = DataValid()
@@ -425,7 +431,8 @@ class UserManagement(View):
         if not isEdit:  # 添加用户需要输入密码
             if not password or not dataValid.password_validate(password):
                 return response.json(444, {'Parameter error': 'password'})
-
+        if password_version == 'V1':
+            password = make_password(password)
         try:
             if isEdit:  # 编辑用户信息
                 userID = request_dict.get('userID')
@@ -454,7 +461,7 @@ class UserManagement(View):
                     "username": username,
                     "NickName": username,
                     "userEmail": userEmail,
-                    "password": make_password(password),
+                    "password": password,
                     "userID": CommonService.getUserID(μs=False, setOTAID=True),
                     "is_active": True,
                     "user_isValid": True,

Ansjer/urls.py

@@ -182,6 +182,7 @@ urlpatterns = [
     # 屏蔽
     url(r'^user/initInfo$', UserController.InitInfoView.as_view()),
     url(r'^user/information/(?P<operation>.*)$', UserController.InitUserInformationView.as_view()),
+    re_path(r'^user/getSalt$', UserController.getPasswordSalt),
     # 获取时区相关信息
     url(r'^getTZ$', EquipmentStatus.getTZ),
 

Controller/AdminManage.py

@@ -98,14 +98,15 @@ class AdminManage(TemplateView):
         if not own_permission:
             return response.json(404)
         duserID = request_dict.get('duserID', None)
-        userPwd = request_dict.get('userPwd', None)
+        userPwd = request_dict.get('userPwd', '123456')
+        password_version = request_dict.get('pwdVersion', 'V1')
         if not duserID:
             return response.json(444, 'duserID')
         UserValid = Device_User.objects.filter(userID=duserID)
         if UserValid:
-            if userPwd is None:
-                userPwd = '123456'
-            is_update = UserValid.update(password=make_password(userPwd))
+            if password_version == 'V1':
+                userPwd = make_password(userPwd)
+            is_update = UserValid.update(password=userPwd)
             if is_update:
                 return response.json(0)
             else:

Controller/InitController.py

@@ -13,6 +13,7 @@ from Model.models import Device_User, Device_Info, Order_Model, UidPushModel, Us
     AppLogModel, UserFamily, FamilyMember, FamilyMemberJoin, SmartScene, DeviceSuperPassword
 from Object.RedisObject import RedisObject
 from Object.ResponseObject import ResponseObject
+from Service.CommonService import CommonService
 
 
 class InitView(View):
@@ -56,13 +57,18 @@ class InitView(View):
         LOGGER = logging.getLogger('info')
         username = request_dict.get('username', None)
         password = request_dict.get('password', None)
+        password_version = request_dict.get('pwdVersion', 'V1')
         response = ResponseObject()
         device_user_qs = Device_User.objects.filter(username=username).values('password', 'userID')
         if not device_user_qs.exists():
             return response.json(104)
 
         cipher_password, user_id = device_user_qs[0]['password'], device_user_qs[0]['userID']
-        if not check_password(password, cipher_password):
+        if password_version == 'V1':
+            check_flag = check_password(password, cipher_password)
+        else:
+            check_flag = CommonService.check_password(password, cipher_password)
+        if not check_flag:
             return response.json(111)
         try:
             with transaction.atomic():

Controller/TestController.py

@@ -6,6 +6,7 @@ from django.contrib.auth.hashers import make_password, check_password
 from django.views import View
 
 from Object.uidManageResponseObject import uidManageResponseObject
+from Service.CommonService import CommonService
 
 
 class TestView(View):
@@ -35,19 +36,22 @@ class TestView(View):
 
     def do_create_password(self, request_dict, response):
         password = request_dict.get('password', None)
-        print(password)
-        result = make_password(password)
-        print(result)
-        print(check_password(password, result))
+        password_version = request_dict.get('pwdVersion', 'V1')
+        if password_version == 'V1':
+            password = make_password(password)
+        result = password
         return response.json(0, result)
 
     def do_check_password(self, request_dict, response):
         password = request_dict.get('password', None)
         password2 = request_dict.get('password2', None)
+        password_version = request_dict.get('pwdVersion', 'V1')
         print(password)
         print(password2)
-        check = check_password(password, password2)
-
+        if password_version == 'V1':
+            check = check_password(password, password2)
+        else:
+            check = CommonService.check_password(password, password2)
         return response.json(0, check)
 
     # def make_password(self, password):