From c4338024c90cd36a330d42194bb553525828fa3b Mon Sep 17 00:00:00 2001
From: zhaoqingang <zhaoqg0118@163.com>
Date: 星期五, 14 二月 2025 16:28:10 +0800
Subject: [PATCH] 问题优化

---
 app/api/user.py |   28 ++++++++++++++--------------
 1 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/app/api/user.py b/app/api/user.py
index efd0ada..c66869e 100644
--- a/app/api/user.py
+++ b/app/api/user.py
@@ -1,9 +1,10 @@
 from fastapi import APIRouter, Depends
 from app.api import Response, pwd_context, get_current_user, ResponseList
+from app.config.const import USER_STATSU_DELETE
 from app.models.base_model import get_db
 from app.models.user import PageParameter, UserStatus, UserInfo, LoginData, UserPassword, UserDept
 from app.models.user_model import UserModel
-from app.service.auth import is_valid_password, verify_password
+from app.service.auth import is_valid_password, verify_password, password_rsa
 from app.service.user import get_user_list, edit_user_status, delete_user_data, create_user, edit_user_data, \
     edit_user_pwd, get_user_info, get_user_routers, get_user_menus, get_user_permission, get_user_dept, change_user_pwd, \
     user_data_service, edit_user_dept
@@ -22,32 +23,29 @@
 async def add_user(user: UserInfo, current_user: UserModel = Depends(get_current_user), db=Depends(get_db)):
     if not user.userName:
         return Response(code=400, msg="The userName cannot be empty!")
+    if "@" in user.userName:
+        return Response(code=400, msg="Username cannot contain @")
     if user.pwd:
         if not is_valid_password(user.pwd):
             return Response(code=400, msg="The password must be at least 8 and contain both numbers and letters")
-    db_user = db.query(UserModel).filter(UserModel.username == user.userName).first()
+    db_user = db.query(UserModel).filter(UserModel.username == user.userName, UserModel.status != USER_STATSU_DELETE).first()
     if db_user:
         return Response(code=200, msg="user already created")
     pwd = user.pwd
     if not pwd:
         pwd = "basic123456"
-    is_create = await create_user(db, user.userName, user.email, user.phone, user.loginName, pwd, user.roles,
+    user_flag = await create_user(db, user.userName, user.email, user.phone, user.loginName, pwd, user.roles,
                                   user.groups, current_user.id)
-    if not is_create:
-        return Response(code=500, msg="user create failure", data={})
-    return Response(code=200, msg="user create successfully", data={})
+    # if not is_create:
+    #     return Response(code=500, msg="user create failure", data={})
+    return Response(code=200, msg="user create successfully", data={"userFlag": user_flag})
 
 
 @user_router.put("/edit_user", response_model=Response)
 async def edit_user(user: UserInfo, current_user: UserModel = Depends(get_current_user), db=Depends(get_db)):
-    # if not user.userName:
-    #     return Response(code=400, msg="The userName cannot be empty!")
     user_info = db.query(UserModel).filter(UserModel.id == user.userId).first()
     if not user_info:
         return Response(code=200, msg="user does not exist")
-    # db_user = db.query(UserModel).filter(UserModel.username == user.userName).first()
-    # if db_user and db_user.id != user.userId:
-    #     return Response(code=200, msg="user already created")
     is_edit = await edit_user_data(db, user.userId, user.email, user.phone, user.loginName, user.roles, user.groups)
     if not is_edit:
         return Response(code=500, msg="user edit failure", data={})
@@ -91,11 +89,13 @@
     user_info = db.query(UserModel).filter(UserModel.id==current_user.id).first()
     if not user_info:
         return Response(code=401, msg="Incorrect change password !")
-    if not verify_password(user.oldPassword, user_info.hashed_password):
+    old_password = await password_rsa(user.oldPassword)
+    new_password = await password_rsa(user.newPassword)
+    if not verify_password(old_password, user_info.hashed_password):
         return Response(code=400, msg="Incorrect password !")
-    if not is_valid_password(user.newPassword):
+    if not is_valid_password(new_password):
         return Response(code=400, msg="The password must be at least 8 and contain both numbers and letters")
-    is_edit = await change_user_pwd(db, user_info.id, user.newPassword)
+    is_edit = await change_user_pwd(db, user_info.id, new_password)
     if not is_edit:
         return Response(code=500, msg="user pwd change failure", data={})
     return Response(code=200, msg="user pwd change success", data={})

--
Gitblit v1.8.0