feat: 用户更改密码不可使用前n次历史密码，管理员可设置历史密码重复次数 (#6010)

* feat: 用户更改密码不可使用前n次历史密码，管理员可设置历史密码重复次数 * feat: 用户更改密码不可使用前n次历史密码，管理员可设置历史密码重复次数, 判断是否为历史密码逻辑修改 * feat: 用户更改密码不可使用前n次历史密码，管理员可设置历史密码重复次数, 提示内容更人性化 * fixs: 用户更改密码不可使用前n次历史密码，管理员可设置历史密码重复次数, 最新国际化翻译文件
2025-09-05 17:30:30 +00:00 · 2021-04-28 17:03:20 +08:00
parent 4519ccfe1a
commit 11e5a97f14
10 changed files with 103 additions and 11 deletions
--- a/apps/users/serializers/profile.py
+++ b/apps/users/serializers/profile.py
@@ -30,12 +30,17 @@ class UserUpdatePasswordSerializer(serializers.ModelSerializer):
            raise serializers.ValidationError(msg)
        return value

-    @staticmethod
-    def validate_new_password(value):
+    def validate_new_password(self, value):
        from ..utils import check_password_rules
        if not check_password_rules(value):
            msg = _('Password does not match security rules')
            raise serializers.ValidationError(msg)
+        if self.instance.is_history_password(value):
+            limit_count = settings.OLD_PASSWORD_HISTORY_LIMIT_COUNT
+            msg = _('The new password cannot be the last {} passwords').format(limit_count)
+            raise serializers.ValidationError(msg)
+        else:
+            self.instance.save_history_password(value)
        return value

    def validate_new_password_again(self, value):