diff --git a/apps/auth1/serializers.py b/apps/auth1/serializers.py index 64f85138..0efcbeb4 100755 --- a/apps/auth1/serializers.py +++ b/apps/auth1/serializers.py @@ -4,6 +4,7 @@ from rest_framework import serializers class LoginSerializer(serializers.Serializer): username = serializers.CharField(label="用户名") password = serializers.CharField(label="密码") + password_check = serializers.BooleanField(required=False, default=True) class SendCodeSerializer(serializers.Serializer): diff --git a/apps/auth1/services.py b/apps/auth1/services.py index a75e9d64..e7107e74 100644 --- a/apps/auth1/services.py +++ b/apps/auth1/services.py @@ -1,5 +1,6 @@ from django.core.cache import cache from rest_framework.exceptions import ParseError +import re def check_phone_code(phone, code, raise_exception=True): @@ -9,3 +10,15 @@ def check_phone_code(phone, code, raise_exception=True): if raise_exception: raise ParseError('验证码错误') return False + + + +def validate_password(password): + # 正则表达式匹配规则 + pattern = r"^(?=.*[a-zA-Z])(?=.*\d)(?=.*[@#$%^&+=!])(?!.*\s).{8,}$" + + # 使用正则表达式进行匹配 + if re.match(pattern, password): + return True + else: + return False \ No newline at end of file diff --git a/apps/auth1/urls.py b/apps/auth1/urls.py index 91eb711c..41925f5c 100755 --- a/apps/auth1/urls.py +++ b/apps/auth1/urls.py @@ -1,14 +1,13 @@ from django.urls import path -from rest_framework_simplejwt.views import (TokenObtainPairView, - TokenRefreshView) +from rest_framework_simplejwt.views import TokenRefreshView from apps.auth1.views import (CodeLogin, LoginView, LogoutView, PwResetView, - SecretLogin, SendCode, TokenBlackView, WxLogin, WxmpLogin) + SecretLogin, SendCode, TokenBlackView, WxLogin, WxmpLogin, TokenLoginView) API_BASE_URL = 'api/auth/' urlpatterns = [ - path(API_BASE_URL + 'token/', TokenObtainPairView.as_view(), name='token_obtain_pair'), + path(API_BASE_URL + 'token/', TokenLoginView.as_view(), name='token_obtain_pair'), path(API_BASE_URL + 'token/refresh/', TokenRefreshView.as_view(), name='token_refresh'), path(API_BASE_URL + 'token/black/', TokenBlackView.as_view(), name='token_black'), path(API_BASE_URL + 'login/', LoginView.as_view(), name='session_login'), diff --git a/apps/auth1/views.py b/apps/auth1/views.py index 9a461cf9..f1207948 100755 --- a/apps/auth1/views.py +++ b/apps/auth1/views.py @@ -16,11 +16,13 @@ from apps.utils.wxmp import wxmpClient from apps.utils.wx import wxClient from django.contrib.auth.hashers import make_password from django.db.models import Q +from apps.auth1.services import validate_password from apps.auth1.serializers import (CodeLoginSerializer, LoginSerializer, PwResetSerializer, SecretLoginSerializer, SendCodeSerializer, WxCodeSerializer) from apps.system.models import User +from rest_framework_simplejwt.views import TokenObtainPairView # Create your views here. @@ -32,7 +34,33 @@ def get_tokens_for_user(user: User): 'access': str(refresh.access_token), } +class TokenLoginView(CreateAPIView): + """ + 账户名/密码获取token + 账户名/密码获取token + """ + authentication_classes = [] + permission_classes = [] + serializer_class = LoginSerializer + + def create(self, request, *args, **kwargs): + serializer = self.get_serializer(data=request.data) + serializer.is_valid(raise_exception=True) + vdata = serializer.validated_data + password_check = vdata.get('password_check', True) + # 校验密码复杂度 + is_ok = validate_password(vdata.get('password')) + if is_ok is False and password_check: + raise ParseError('密码校验失败, 请更换登录方式并修改密码') + user = authenticate(username=vdata.get('username'), + password=vdata.get('password')) + if user is not None: + token_dict = get_tokens_for_user(user) + token_dict['password_ok'] = is_ok + return Response(token_dict) + raise ParseError(**USERNAME_OR_PASSWORD_WRONG) + class TokenBlackView(APIView): permission_classes = [IsAuthenticated]