验证码注册修改部分代码，其他页面有传密码的都新增解密

Controller/UserController.py

@@ -341,13 +341,44 @@ class ChangePwdView(TemplateView):
         oldPwd = request_dict.get('oldPwd', None)
         newPwd = request_dict.get('newPwd', None)
         response = ResponseObject()
-        if oldPwd is None and newPwd is None:
-            return response.json(800)
-        tko = TokenObject(token)
-        response.lang = tko.lang
-        if tko.code != 0:
-            return response.json(tko.code)
-        return self.updatePwd(tko.userID, oldPwd, newPwd, response)
+        # 解密
+        try:
+            for i in range(1, 4):
+                if i == 1:
+                    oldPwd = base64.b64decode(oldPwd)
+                    oldPwd = oldPwd.decode('utf-8')
+                    oldPwd = oldPwd[1:-1]
+                if i == 2:
+                    oldPwd = base64.b64decode(oldPwd)
+                    oldPwd = oldPwd.decode('utf-8')
+                    oldPwd = oldPwd[2:-2]
+                if i == 3:
+                    oldPwd = base64.b64decode(oldPwd)
+                    oldPwd = oldPwd.decode('utf-8')
+                    oldPwd = oldPwd[3:-3]
+            for i in range(1, 4):
+                if i == 1:
+                    newPwd = base64.b64decode(newPwd)
+                    newPwd = newPwd.decode('utf-8')
+                    newPwd = newPwd[1:-1]
+                if i == 2:
+                    newPwd = base64.b64decode(newPwd)
+                    newPwd = newPwd.decode('utf-8')
+                    newPwd = newPwd[2:-2]
+                if i == 3:
+                    newPwd = base64.b64decode(newPwd)
+                    newPwd = newPwd.decode('utf-8')
+                    newPwd = newPwd[3:-3]
+        except Exception as e:
+            return response.json(111)
+        else:
+            if oldPwd is None and newPwd is None:
+                return response.json(800)
+            tko = TokenObject(token)
+            response.lang = tko.lang
+            if tko.code != 0:
+                return response.json(tko.code)
+            return self.updatePwd(tko.userID, oldPwd, newPwd, response)
 
     def updatePwd(self, userID, oldPwd, newPwd, response):
         user_qs = Device_User.objects.filter(userID=userID)
@@ -777,19 +808,37 @@ class v2registerView(TemplateView):
         password = request_dict.get('password', None)
         authcode = request_dict.get('authcode', None)
         lang = request_dict.get('lang', None)
-        if not lang:
-            lang = request_dict.get('language', None)
         response = ResponseObject(lang)
-        if password is None:
-            return response.json(444, 'password')
-        if authcode is None:
-            return response.json(444, 'identifyingCode')
-        if phone is not None:
-            return self.do_phone_register(phone, password, authcode, response)
-        elif email is not None:
-            return self.do_email_register(email, password, authcode, response)
+        # 解密
+        try:
+            for i in range(1, 4):
+                if i == 1:
+                    password = base64.b64decode(password)
+                    password = password.decode('utf-8')
+                    password = password[1:-1]
+                if i == 2:
+                    password = base64.b64decode(password)
+                    password = password.decode('utf-8')
+                    password = password[2:-2]
+                if i == 3:
+                    password = base64.b64decode(password)
+                    password = password.decode('utf-8')
+                    password = password[3:-3]
+        except Exception as e:
+            return response.json(111)
         else:
-            return response.json(444, 'phone or email')
+            if not lang:
+                lang = request_dict.get('language', None)
+            if password is None:
+                return response.json(444, 'password')
+            if authcode is None:
+                return response.json(444, 'identifyingCode')
+            if phone is not None:
+                return self.do_phone_register(phone, password, authcode, response)
+            elif email is not None:
+                return self.do_email_register(email, password, authcode, response)
+            else:
+                return response.json(444, 'phone or email')
 
     def do_phone_register(self, phone, password, authcode, response):
         data_valid = DataValid()
@@ -1076,14 +1125,32 @@ class v2resetPwdByCodeView(TemplateView):
             return response.json(444, 'password,authcode')
         authcode = authcode.strip()
         password = password.strip()
-        if phone is not None:
-            phone = phone.strip()
-            return self.do_phone_pwd_reset(phone, authcode, password, response)
-        elif email is not None:
-            email = email.strip()
-            return self.do_email_pwd_reset(email, authcode, password, response)
+        # 解密
+        try:
+            for i in range(1, 4):
+                if i == 1:
+                    password = base64.b64decode(password)
+                    password = password.decode('utf-8')
+                    password = password[1:-1]
+                if i == 2:
+                    password = base64.b64decode(password)
+                    password = password.decode('utf-8')
+                    password = password[2:-2]
+                if i == 3:
+                    password = base64.b64decode(password)
+                    password = password.decode('utf-8')
+                    password = password[3:-3]
+        except Exception as e:
+            return response.json(111)
         else:
-            return response.json(444, 'phone')
+            if phone is not None:
+                phone = phone.strip()
+                return self.do_phone_pwd_reset(phone, authcode, password, response)
+            elif email is not None:
+                email = email.strip()
+                return self.do_email_pwd_reset(email, authcode, password, response)
+            else:
+                return response.json(444, 'phone')
 
     def do_email_pwd_reset(self, email, authcode, password, response):
         data_valid = DataValid()
@@ -2394,65 +2461,78 @@ class Image_Code_RegisterView(TemplateView):
     def validates(self,request_dict):
         print("__________request_dict:%s" % request_dict)
         phone = request_dict.get('phone',None)
-        username = request_dict.get('userName',None)
+        #注释
+        #username = request_dict.get('userName',None)
         userEmail = request_dict.get('userEmail',None)
         password = request_dict.get('userPwd',None)
         language = request_dict.get('language',None)
+
         #前端传进来的uuid
         imageCodeId = request_dict.get('imageCodeId',None)
         # 页面输入的验证码
         valid_code = request_dict.get('id_v_code',None)
         response = ResponseObject(language)
-        if not username:
-            return response.json(107)
-        if not userEmail:
-            return response.json(105)
-        if not password:
-            return response.json(109)
-        if not phone:
-            return response.json(100)
-        userEmail = userEmail.strip()
-        username = username.strip()
-        password = password.strip()
-        # 用户已存在
-        if username:
-            nameValid = Device_User.objects.filter(username=username)
-            if nameValid:
-                return response.json(179)
-        if userEmail:
-            emailValid = Device_User.objects.filter(userEmail=userEmail)
-            if emailValid:
-                return response.json(103)
-        if phone:
-            phoneValid = Device_User.objects.filter(phone=phone)
-            if phoneValid:
-                return response.json(101)
-        #根据uuid拼接的key
-        image_code_key = "image_code_%s" %imageCodeId
-        #判断验证码是否过期
-        if image_code_key is None:
-            return response.json(120)
-        redisObj = RedisObject(db=6)
-        #redis里面的验证码
-        redis_image_code = redisObj.get_data(key=image_code_key)
-        #验证用户输入的验证码和redis中的验证码
-        if valid_code.lower()!=redis_image_code.lower():
-            return response.json(121)
-        # 删除redis中的图片验证码，防止用户使用同一个图片验证码验证多次
-        redisObj.del_data(key=image_code_key)
-        # #存用户名和密码
-        create_data = {
-            "phone":phone,
-            "username": username,
-            "NickName": username,
-            "userEmail": userEmail,
-            "password": make_password(password),
-            "userID": CommonService.getUserID(μs=False, setOTAID=True),
-            "is_active": True,
-            "user_isValid": True,
-        }
-        users = Device_User.objects.create(**create_data)
-        return response.json(0)
+        try:
+            for i in range(1, 4):
+                if i == 1:
+                    password = base64.b64decode(password)
+                    password = password.decode('utf-8')
+                    password = password[1:-1]
+                if i == 2:
+                    password = base64.b64decode(password)
+                    password = password.decode('utf-8')
+                    password = password[2:-2]
+                if i == 3:
+                    password = base64.b64decode(password)
+                    password = password.decode('utf-8')
+                    password = password[3:-3]
+        except Exception as e:
+            return response.json(111)
+        else:
+            if not userEmail:
+                return response.json(105)
+            if not password:
+                return response.json(109)
+            if not phone:
+                return response.json(100)
+            userEmail = userEmail.strip()
+            password = password.strip()
+            # 注释
+            if userEmail:
+                emailValid = Device_User.objects.filter(userEmail=userEmail)
+                if emailValid:
+                    return response.json(103)
+            if phone:
+                phoneValid = Device_User.objects.filter(phone=phone)
+                if phoneValid:
+                    return response.json(101)
+            #根据uuid拼接的key
+            image_code_key = "image_code_%s" %imageCodeId
+            #判断验证码是否过期
+            if image_code_key is None:
+                return response.json(120)
+            redisObj = RedisObject(db=6)
+            #redis里面的验证码
+            redis_image_code = redisObj.get_data(key=image_code_key)
+            #验证用户输入的验证码和redis中的验证码
+            if valid_code.lower()!=redis_image_code.lower():
+                return response.json(121)
+            # 删除redis中的图片验证码，防止用户使用同一个图片验证码验证多次
+            redisObj.del_data(key=image_code_key)
+            username = phone
+            # #存用户名和密码
+            create_data = {
+                "phone":phone,
+                "username": username,
+                "NickName": username,
+                "userEmail": userEmail,
+                "password": make_password(password),
+                "userID": CommonService.getUserID(μs=False, setOTAID=True),
+                "is_active": True,
+                "user_isValid": True,
+            }
+            users = Device_User.objects.create(**create_data)
+            return response.json(0)