[Update] 修改settings配置 (#2067)

* [Update] 修改settings配置 * [Update] 修改settings * [Update] 修改密码校验规则前后端逻辑 * [Update] 修改用户config机制 * [Update] 修改配置 * [Update] 修改config example增加翻译
2025-09-04 17:01:09 +00:00 · 2018-11-22 12:27:27 +08:00
parent 5931c5a032
commit 16cc4a0f4e
26 changed files with 777 additions and 399 deletions
--- a/apps/users/utils.py
+++ b/apps/users/utils.py
@@ -19,8 +19,8 @@ from django.core.cache import cache

 from common.tasks import send_mail_async
 from common.utils import reverse, get_object_or_none
-from common.models import common_settings, Setting
 from common.forms import SecuritySettingForm
+from common.models import Setting
 from .models import User, LoginLog


@@ -275,56 +275,27 @@ def check_otp_code(otp_secret_key, otp_code):

 def get_password_check_rules():
    check_rules = []
-    min_length = settings.DEFAULT_PASSWORD_MIN_LENGTH
-    min_name = 'SECURITY_PASSWORD_MIN_LENGTH'
-    base_filed = SecuritySettingForm.base_fields
-    password_setting = Setting.objects.filter(name__startswith='SECURITY_PASSWORD')
-
-    if not password_setting:
-        # 用户还没有设置过密码校验规则
-        label = base_filed.get(min_name).label
-        label += ' ' + str(min_length) + _('Bit')
-        id = 'rule_' + min_name
-        rules = {'id': id, 'label': label}
-        check_rules.append(rules)
-
-    for setting in password_setting:
-        if setting.cleaned_value:
-            id = 'rule_' + setting.name
-            label = base_filed.get(setting.name).label
-            if setting.name == min_name:
-                label += str(setting.cleaned_value) + _('Bit')
-                min_length = setting.cleaned_value
-            rules = {'id': id, 'label': label}
-            check_rules.append(rules)
-
-    return check_rules, min_length
+    for rule in settings.SECURITY_PASSWORD_RULES:
+        key = "id_{}".format(rule.lower())
+        value = getattr(settings, rule)
+        if not value:
+            continue
+        check_rules.append({'key': key, 'value': int(value)})
+    return check_rules


 def check_password_rules(password):
-    min_field_name = 'SECURITY_PASSWORD_MIN_LENGTH'
-    upper_field_name = 'SECURITY_PASSWORD_UPPER_CASE'
-    lower_field_name = 'SECURITY_PASSWORD_LOWER_CASE'
-    number_field_name = 'SECURITY_PASSWORD_NUMBER'
-    special_field_name = 'SECURITY_PASSWORD_SPECIAL_CHAR'
-    min_length = getattr(common_settings, min_field_name)
-
-    password_setting = Setting.objects.filter(name__startswith='SECURITY_PASSWORD')
-    if not password_setting:
-        pattern = r"^.{" + str(min_length) + ",}$"
-    else:
-        pattern = r"^"
-        for setting in password_setting:
-            if setting.cleaned_value and setting.name == upper_field_name:
-                pattern += '(?=.*[A-Z])'
-            elif setting.cleaned_value and setting.name == lower_field_name:
-                pattern += '(?=.*[a-z])'
-            elif setting.cleaned_value and setting.name == number_field_name:
-                pattern += '(?=.*\d)'
-            elif setting.cleaned_value and setting.name == special_field_name:
-                pattern += '(?=.*[`~!@#\$%\^&\*\(\)-=_\+\[\]\{\}\|;:\'",\.<>\/\?])'
-        pattern += '[a-zA-Z\d`~!@#\$%\^&\*\(\)-=_\+\[\]\{\}\|;:\'",\.<>\/\?]'
-
+    pattern = r"^"
+    if settings.SECURITY_PASSWORD_UPPER_CASE:
+        pattern += '(?=.*[A-Z])'
+    if settings.SECURITY_PASSWORD_LOWER_CASE:
+        pattern += '(?=.*[a-z])'
+    if settings.SECURITY_PASSWORD_NUMBER:
+        pattern += '(?=.*\d)'
+    if settings.SECURITY_PASSWORD_SPECIAL_CHAR:
+        pattern += '(?=.*[`~!@#\$%\^&\*\(\)-=_\+\[\]\{\}\|;:\'\",\.<>\/\?])'
+    pattern += '[a-zA-Z\d`~!@#\$%\^&\*\(\)-=_\+\[\]\{\}\|;:\'\",\.<>\/\?]'
+    pattern += '.{' + str(settings.SECURITY_PASSWORD_MIN_LENGTH-1) + ',}$'
    match_obj = re.match(pattern, password)
    return bool(match_obj)

@@ -339,7 +310,7 @@ def increase_login_failed_count(username, ip):
    count = cache.get(key_limit)
    count = count + 1 if count else 1

-    limit_time = common_settings.SECURITY_LOGIN_LIMIT_TIME
+    limit_time = settings.SECURITY_LOGIN_LIMIT_TIME
    cache.set(key_limit, count, int(limit_time)*60)


@@ -355,8 +326,8 @@ def is_block_login(username, ip):
    key_block = key_prefix_block.format(username)
    count = cache.get(key_limit, 0)

-    limit_count = common_settings.SECURITY_LOGIN_LIMIT_COUNT
-    limit_time = common_settings.SECURITY_LOGIN_LIMIT_TIME
+    limit_count = settings.SECURITY_LOGIN_LIMIT_COUNT
+    limit_time = settings.SECURITY_LOGIN_LIMIT_TIME

    if count >= limit_count:
        cache.set(key_block, 1, int(limit_time)*60)