From ac9dc50f6b8403c4f4b0918432e11d7268fcadf1 Mon Sep 17 00:00:00 2001
From: zhaoqingang <zhaoqg0118@163.com>
Date: 星期四, 26 十二月 2024 17:28:18 +0800
Subject: [PATCH] 登录过程密码加密
---
app/service/auth.py | 29 +++++++++++++++++++++++++++--
1 files changed, 27 insertions(+), 2 deletions(-)
diff --git a/app/service/auth.py b/app/service/auth.py
index d32d8db..8c6544c 100644
--- a/app/service/auth.py
+++ b/app/service/auth.py
@@ -1,5 +1,7 @@
+锘縤mport os.path
import re
import uuid
+import base64
from datetime import datetime, timedelta
from typing import Type
from uuid import uuid4
@@ -11,12 +13,16 @@
from Log import logger
from app.config.config import settings
-from app.config.const import RAGFLOW, BISHENG, DIFY, USER_STATSU_DELETE
+from app.config.const import RAGFLOW, BISHENG, DIFY, USER_STATSU_DELETE, APP_SERVICE_PATH
from app.models import RoleModel, GroupModel, TokenModel
from app.models.user_model import UserModel, UserAppModel
# from app.service.ragflow import RagflowService
# from app.service.service_token import get_new_token
from app.service.v2.app_register import AppRegisterDao
+
+from cryptography.hazmat.backends import default_backend
+from cryptography.hazmat.primitives import serialization
+from cryptography.hazmat.primitives.asymmetric import padding
SECRET_KEY = settings.secret_key
ALGORITHM = "HS256"
@@ -196,6 +202,25 @@
return self.db.query(UserAppModel).filter_by(user_id=user_id).all()
-
+async def password_rsa(password):
+ with open(os.path.join(APP_SERVICE_PATH, "pom/private_key.pem"), "rb") as key_file:
+ private_key = serialization.load_pem_private_key(
+ key_file.read(),
+ password=None, # 濡傛灉绉侀挜鍔犲瘑锛岃鎻愪緵瀵嗙爜
+ backend=default_backend()
+ )
+ # Base64 瑙g爜
+ try:
+ # 瑙e瘑娑堟伅
+ ciphertext = base64.b64decode(password)
+ # 浣跨敤 PKCS#1 v1.5 濉厖瑙e瘑
+ plaintext = private_key.decrypt(
+ ciphertext,
+ padding.PKCS1v15() # 鏀逛负 PKCS#1 v1.5 濉厖
+ )
+ return plaintext.decode()
+ except Exception as e:
+ print(e)
+ return ""
--
Gitblit v1.8.0