feat: 忘记密码支持手机短信找回，并修改邮箱方式和手机方式统一 (#8960)

* feat: 忘记密码支持通过手机找回，邮箱方式修改为和手机方式一致 * feat: 翻译 * feat: 修改翻译 * fix: 还原 Co-authored-by: Jiangjie.Bai <bugatti_it@163.com>
2025-09-03 16:35:10 +00:00 · 2022-11-04 13:56:55 +08:00
parent 262d070f3c
commit 1e97a23bc5
15 changed files with 583 additions and 281 deletions
--- a/apps/authentication/api/password.py
+++ b/apps/authentication/api/password.py
@@ -1,13 +1,73 @@
 from rest_framework.generics import CreateAPIView
 from rest_framework.response import Response
+from rest_framework.permissions import AllowAny
+from django.utils.translation import ugettext as _
+from django.template.loader import render_to_string

-from authentication.serializers import PasswordVerifySerializer
+from common.utils.verify_code import SendAndVerifyCodeUtil
 from common.permissions import IsValidUser
+from common.utils.random import random_string
+from common.utils import get_object_or_none
+from authentication.serializers import (
+    PasswordVerifySerializer, ResetPasswordCodeSerializer
+)
+from settings.utils import get_login_title
+from users.models import User
 from authentication.mixins import authenticate
 from authentication.errors import PasswordInvalid
 from authentication.mixins import AuthMixin


+class UserResetPasswordSendCodeApi(CreateAPIView):
+    permission_classes = (AllowAny,)
+    serializer_class = ResetPasswordCodeSerializer
+
+    @staticmethod
+    def is_valid_user( **kwargs):
+        user = get_object_or_none(User, **kwargs)
+        if not user:
+            err_msg = _('User does not exist: {}').format(_("No user matched"))
+            return None, err_msg
+        if not user.is_local:
+            err_msg = _(
+                'The user is from {}, please go to the corresponding system to change the password'
+            ).format(user.get_source_display())
+            return None, err_msg
+        return user, None
+
+    def create(self, request, *args, **kwargs):
+        serializer = self.get_serializer(data=request.data)
+        serializer.is_valid(raise_exception=True)
+        form_type = serializer.validated_data['form_type']
+        username = serializer.validated_data['username']
+        code = random_string(6, lower=False, upper=False)
+        other_args = {}
+
+        if form_type == 'phone':
+            backend = 'sms'
+            target = serializer.validated_data['phone']
+            user, err = self.is_valid_user(username=username, phone=target)
+            if not user:
+                return Response({'error': err}, status=400)
+        else:
+            backend = 'email'
+            target = serializer.validated_data['email']
+            user, err = self.is_valid_user(username=username, email=target)
+            if not user:
+                return Response({'error': err}, status=400)
+
+            subject = '%s: %s' % (get_login_title(), _('Forgot password'))
+            context = {
+                'user': user, 'title': subject, 'code': code,
+            }
+            message = render_to_string('authentication/_msg_reset_password_code.html', context)
+            other_args['subject'] = subject
+            other_args['message'] = message
+
+        SendAndVerifyCodeUtil(target, code, backend=backend, **other_args).gen_and_send_async()
+        return Response({'data': 'ok'}, status=200)
+
+
 class UserPasswordVerifyApi(AuthMixin, CreateAPIView):
    permission_classes = (IsValidUser,)
    serializer_class = PasswordVerifySerializer