perf: password 等使用 rsa 加密传输 (#8188)

* perf: 修改 model fields 路径 * stash it * pref: 统一加密方式，密码字段采用 rsa 加密 * pref: 临时密码使用 rsa * perf: 去掉 debug msg * perf: 去掉 Debug * perf: 去掉 debug * perf: 抽出来 Co-authored-by: ibuler <ibuler@qq.com>
2025-09-11 12:19:41 +00:00 · 2022-05-07 16:20:12 +08:00
parent 3f856e68f0
commit 031077c298
43 changed files with 291 additions and 245 deletions
--- a/apps/users/forms/profile.py
+++ b/apps/users/forms/profile.py
@@ -5,6 +5,7 @@ from django.utils.translation import gettext_lazy as _
 from captcha.fields import CaptchaField

 from common.utils import validate_ssh_public_key
+from authentication.forms import EncryptedField
 from ..models import User


@@ -17,7 +18,7 @@ __all__ = [


 class UserCheckPasswordForm(forms.Form):
-    password = forms.CharField(
+    password = EncryptedField(
        label=_('Password'), widget=forms.PasswordInput,
        max_length=1024, strip=False
    )
@@ -77,12 +78,12 @@ UserFirstLoginFinishForm.verbose_name = _("Finish")


 class UserTokenResetPasswordForm(forms.Form):
-    new_password = forms.CharField(
+    new_password = EncryptedField(
        min_length=5, max_length=128,
        widget=forms.PasswordInput,
        label=_("New password")
    )
-    confirm_password = forms.CharField(
+    confirm_password = EncryptedField(
        min_length=5, max_length=128,
        widget=forms.PasswordInput,
        label=_("Confirm password")
@@ -103,7 +104,7 @@ class UserForgotPasswordForm(forms.Form):


 class UserPasswordForm(UserTokenResetPasswordForm):
-    old_password = forms.CharField(
+    old_password = EncryptedField(
        max_length=128, widget=forms.PasswordInput,
        label=_("Old password")
    )