perf: password 等使用 rsa 加密传输 (#8188)

* perf: 修改 model fields 路径 * stash it * pref: 统一加密方式，密码字段采用 rsa 加密 * pref: 临时密码使用 rsa * perf: 去掉 debug msg * perf: 去掉 Debug * perf: 去掉 debug * perf: 抽出来 Co-authored-by: ibuler <ibuler@qq.com>
2025-09-07 18:31:04 +00:00 · 2022-05-07 16:20:12 +08:00
parent 3f856e68f0
commit 031077c298
43 changed files with 291 additions and 245 deletions
--- a/apps/users/serializers/profile.py
+++ b/apps/users/serializers/profile.py
@@ -3,6 +3,7 @@ from django.utils.translation import ugettext_lazy as _
 from rest_framework import serializers

 from common.utils import validate_ssh_public_key
+from common.drf.fields import EncryptedField
 from ..models import User

 from .user import UserSerializer
@@ -16,9 +17,9 @@ class UserOrgSerializer(serializers.Serializer):


 class UserUpdatePasswordSerializer(serializers.ModelSerializer):
-    old_password = serializers.CharField(required=True, max_length=128, write_only=True)
-    new_password = serializers.CharField(required=True, max_length=128, write_only=True)
-    new_password_again = serializers.CharField(required=True, max_length=128, write_only=True)
+    old_password = EncryptedField(required=True, max_length=128, write_only=True)
+    new_password = EncryptedField(required=True, max_length=128, write_only=True)
+    new_password_again = EncryptedField(required=True, max_length=128, write_only=True)

    class Meta:
        model = User
@@ -41,11 +42,13 @@ class UserUpdatePasswordSerializer(serializers.ModelSerializer):
            raise serializers.ValidationError(msg)
        return value

-    def validate_new_password_again(self, value):
-        if value != self.initial_data.get('new_password', ''):
+    def validate(self, values):
+        new_password = values.get('new_password', '')
+        new_password_again = values.get('new_password_again', '')
+        if new_password != new_password_again:
            msg = _('The newly set password is inconsistent')
-            raise serializers.ValidationError(msg)
-        return value
+            raise serializers.ValidationError({'new_password_again': msg})
+        return values

    def update(self, instance, validated_data):
        new_password = self.validated_data.get('new_password')