From ac9dc50f6b8403c4f4b0918432e11d7268fcadf1 Mon Sep 17 00:00:00 2001
From: zhaoqingang <zhaoqg0118@163.com>
Date: 星期四, 26 十二月 2024 17:28:18 +0800
Subject: [PATCH] 登录过程密码加密
---
app/models/resource_model.py | 1
app/config/const.py | 1
app/service/pom/__init__.py | 0
app/service/pom/private_key.pem | 27 +++++++++++++
app/service/__init__.py | 0
app/api/auth.py | 6 ++-
app/service/auth.py | 29 +++++++++++++-
7 files changed, 60 insertions(+), 4 deletions(-)
diff --git a/app/api/auth.py b/app/api/auth.py
index d95e473..1de0449 100644
--- a/app/api/auth.py
+++ b/app/api/auth.py
@@ -7,6 +7,7 @@
from Log import logger
from app.api import Response, pwd_context, get_current_user
+from app.api.user import reset_user_pwd
from app.config.config import settings
from app.config.const import RAGFLOW, BISHENG, DIFY
from app.models.app_token_model import AppToken
@@ -16,7 +17,7 @@
from app.models.user import UserCreate, LoginData
from app.models.user_model import UserModel, UserAppModel
from app.service.auth import authenticate_user, create_access_token, is_valid_password, save_register_user, \
- update_user_token, UserAppDao, update_user_info
+ update_user_token, UserAppDao, update_user_info, password_rsa
from app.service.bisheng import BishengService
from app.service.service_token import get_new_token, get_token, update_user_group
from app.service.v2.app_register import AppRegisterDao
@@ -106,7 +107,8 @@
@router.post("/v2/login", response_model=Response)
async def login_v2(login_data: LoginData, db: Session = Depends(get_db), pdb: AsyncSession = Depends(get_pdb)):
- user = authenticate_user(db, login_data.username, login_data.password)
+ password = await password_rsa(login_data.password)
+ user = authenticate_user(db, login_data.username, password)
if not user:
return Response(code=400, msg="Incorrect username or password")
app_register = AppRegisterDao(db).get_apps()
diff --git a/app/config/const.py b/app/config/const.py
index c971418..6165148 100644
--- a/app/config/const.py
+++ b/app/config/const.py
@@ -5,6 +5,7 @@
IMAGE_TO_TEXT = "image_and_text_conversion"
DOCUMENT_IA_QUESTIONS = "document_ia_questions"
ENV_CONF_PATH = "app/config/env_conf"
+APP_SERVICE_PATH = "app/service/"
### -----------app register --------------
RAGFLOW = "ragflow_app"
diff --git a/app/models/resource_model.py b/app/models/resource_model.py
index 34f6be1..c1c6960 100644
--- a/app/models/resource_model.py
+++ b/app/models/resource_model.py
@@ -58,6 +58,7 @@
'menuName': self.name,
'menuType': self.resource_type_id,
'parentId': self.get_pid(),
+ 'status': self.status,
'parentName': self.get_pName(),
'children': [res.to_tree_select_json() for res in self.children if res if res.status != RESOURCE_STATUS_DELETE]
}
diff --git a/app/service/__init__.py b/app/service/__init__.py
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/service/__init__.py
diff --git a/app/service/auth.py b/app/service/auth.py
index d32d8db..8c6544c 100644
--- a/app/service/auth.py
+++ b/app/service/auth.py
@@ -1,5 +1,7 @@
+锘縤mport os.path
import re
import uuid
+import base64
from datetime import datetime, timedelta
from typing import Type
from uuid import uuid4
@@ -11,12 +13,16 @@
from Log import logger
from app.config.config import settings
-from app.config.const import RAGFLOW, BISHENG, DIFY, USER_STATSU_DELETE
+from app.config.const import RAGFLOW, BISHENG, DIFY, USER_STATSU_DELETE, APP_SERVICE_PATH
from app.models import RoleModel, GroupModel, TokenModel
from app.models.user_model import UserModel, UserAppModel
# from app.service.ragflow import RagflowService
# from app.service.service_token import get_new_token
from app.service.v2.app_register import AppRegisterDao
+
+from cryptography.hazmat.backends import default_backend
+from cryptography.hazmat.primitives import serialization
+from cryptography.hazmat.primitives.asymmetric import padding
SECRET_KEY = settings.secret_key
ALGORITHM = "HS256"
@@ -196,6 +202,25 @@
return self.db.query(UserAppModel).filter_by(user_id=user_id).all()
-
+async def password_rsa(password):
+ with open(os.path.join(APP_SERVICE_PATH, "pom/private_key.pem"), "rb") as key_file:
+ private_key = serialization.load_pem_private_key(
+ key_file.read(),
+ password=None, # 濡傛灉绉侀挜鍔犲瘑锛岃鎻愪緵瀵嗙爜
+ backend=default_backend()
+ )
+ # Base64 瑙g爜
+ try:
+ # 瑙e瘑娑堟伅
+ ciphertext = base64.b64decode(password)
+ # 浣跨敤 PKCS#1 v1.5 濉厖瑙e瘑
+ plaintext = private_key.decrypt(
+ ciphertext,
+ padding.PKCS1v15() # 鏀逛负 PKCS#1 v1.5 濉厖
+ )
+ return plaintext.decode()
+ except Exception as e:
+ print(e)
+ return ""
diff --git a/app/service/pom/__init__.py b/app/service/pom/__init__.py
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/app/service/pom/__init__.py
diff --git a/app/service/pom/private_key.pem b/app/service/pom/private_key.pem
new file mode 100644
index 0000000..fa27fa7
--- /dev/null
+++ b/app/service/pom/private_key.pem
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAwJ0feodpQYfSPeeBRlyqlqfs5dtP38LL19kKO3wwdP+vdckt
+xXR9Inje9Jcq+nIUJ+Comh3bEh1nsWUDBgtlz4vEqecho9KFaDqkFp3tR/emWJYT
+0KLEcBidKUImkumJk0cVBKleww/4R1HDorwE9J2a1Rp9z0DUEU7YuudoaUy5Es1v
+ORjDplIZv9bzip7/LANv6GmdtXwk5IpdbfNrkoJgGXlE063uIMkqRyiOo04ofeYp
+SjZbP4bvnboxYi23wpIe81uLIsM+4JcFoU6uN0cYs03oYkfjXQdlKTpBpM6lcm+7
+xhEz9Y/OR7YorRWB1Qdt7nr3cRmx0uIs/h/T9QIDAQABAoIBAAN62JBwyMuQUYp9
+RfDU2iY/0UHVTKXEBWHxPhXjiiOUU4yATo5OnJrtamQ4z4Biq4TUlf1wXyWo8RBY
+C1Gif7EjCUdN/CzoqNuHkwZL6hOs60Jr9iWhHy/sts5lRLKHZhtfwz/dj5ncwBVQ
+qmGIJQXGdmLnhKYyuZzG/pdZozbNxuPzOHP0LdkETLAqVbROL/lDVNMxlQoicKAK
+ir38bxH4ck2IjogJTJKyfl7UzFyxb0fjujYJX4ZsVoJzawdV7jJAbdKilOX/4bl/
+WITRyjm5AKTckFsuKbniWhlrgN/ji2J+u0RP5LEIq+VBt2Akdz2E2d2OzLUowxtS
+i6MXIbkCgYEA+HIZR1fvtMZCu2Z1NBl9GCuCm2TlaOnHB0jLvan2R062Icih/BRG
+wzc/AAhExqWS69r9NA1M/09kwybFOzPY/A3UidrqTx6QkXIIUkk1CRBKrdDqISss
+Kzo7lkS9HS46ADkPFGqG9ZnPHEmKvxvWC6vMXI/S2VQIiK0QrdhRkGkCgYEAxnht
+rg4OQsP+KNOSe8qkqvKyJK48+vRV6JlDnFqsiWsUHdck+VqhlkkxVe2bH1w92JYt
+ACvtQW+mTJsORlixdPWnpqF5i5m/3nKk6zLw8hc4KBq+8rwqAOF6O+yd2MVDUiYB
+7Tn05Rvl3/WRq28oKP64MGK/Piz9Njjj3YfPta0CgYACl85DvFs4G8megxc+D/YK
+Ron6bTcnvSjinpPhyuBTJjMobxuhseR7LRxvN6bgG+JIq+RwoqLnF0EJ+GGemI/v
+MYXCWpKPeNYxbms/0JvJGG5vGfsXlYfEe7sbemQu5cidL/tET0hRT+Wlee8Ex5mY
+TZa4cJfWxNXB92xxJAzV4QKBgQDER+nAz2nPIeJEIimmf9ymq+r+V8s7LVWg+aJi
+CVLFfL6iXFnWuYlBBhXis2BMfX80qiDLIKY9ptvCuz482A54a1Joex2nsGCO8Lal
+XPXplokVMI5TpT+tK1El3nalIUHZBnm1UTIfO532BfkQoJgJIxCp2Z7lML0jWNQS
+DPSg6QKBgAR7IMz5wCkdS//PbIS8UOmxXHwwkZgrtAf56+xyvyQiOdcZj/xFolY4
+X86xznY0cuDr9o5sWdNXDqcZFOGS4txwCOEyI3VntYReO005nS6vsfDiGqyutlZh
+9gAMVA6Hm3UFKvxrjgmpMOAMYqugRx5hFxhjiiaDRScoewx5abHN
+-----END RSA PRIVATE KEY-----
--
Gitblit v1.8.0