fix: wechat or phone decrypt err

apps/authentication/backends/token.py

@@ -14,7 +14,9 @@ class TempTokenAuthBackend(JMSBaseAuthBackend):
         return settings.AUTH_TEMP_TOKEN
 
     def authenticate(self, request, username='', password=''):
-        token = self.model.objects.filter(username=username, secret=password).first()
+        tokens = self.model.objects.filter(username=username).order_by('-date_created')[:500]
+        token = next((t for t in tokens if t.secret == password), None)
+
         if not token:
             return None
         if not token.is_valid:

apps/authentication/migrations/0008_alter_accesskey_secret_alter_temptoken_secret.py

@@ -4,6 +4,25 @@ import authentication.models.access_key
 import common.db.fields
 from django.db import migrations
 
+old_access_key_secrets_mapper = {}
+
+def fetch_access_key_secrets(apps, schema_editor):
+    AccessKey = apps.get_model("authentication", "AccessKey")
+
+    for id, secret in AccessKey.objects.all().values_list('id', 'secret'):
+        old_access_key_secrets_mapper[str(id)] = secret
+
+
+def save_access_key_secrets(apps, schema_editor):
+    AccessKey = apps.get_model("authentication", "AccessKey")
+    aks = AccessKey.objects.filter(id__in=list(old_access_key_secrets_mapper.keys()))
+    for ak in aks:
+        old_value = old_access_key_secrets_mapper.get(str(ak.id))
+        if not old_value:
+            continue
+        ak.secret = old_value
+        ak.save(update_fields=["secret"])
+
 
 class Migration(migrations.Migration):
 
@@ -12,6 +31,7 @@ class Migration(migrations.Migration):
     ]
 
     operations = [
+        migrations.RunPython(fetch_access_key_secrets),
         migrations.AlterField(
             model_name="accesskey",
             name="secret",
@@ -27,4 +47,5 @@ class Migration(migrations.Migration):
                 verbose_name="Secret"
             ),
         ),
+        migrations.RunPython(save_access_key_secrets),
     ]

apps/common/db/fields.py

@@ -145,9 +145,6 @@ class EncryptMixin:
 
         plain_value = Encryptor(value).decrypt()
 
-        # 如果解密失败，则使用原来的值
-        if not plain_value:
-            plain_value = value
         # 可能和Json mix，所以要先解密，再json
         sp = super()
         if hasattr(sp, "from_db_value"):

apps/users/migrations/0004_fix_user_wechat_phone.py

@@ -0,0 +1,32 @@
+
+from django.db import migrations
+
+
+def fix_user_wechat_phone(apps, schema_editor):
+    User = apps.get_model("users", "User")
+    users = User.objects.all()
+
+    for user in users:
+        update_fields = []
+
+        if user.wechat and '==' in user.wechat and len(user.wechat) > 40:
+            user.wechat = ''
+            update_fields.append("wechat")
+
+        if user.phone and '==' in user.phone and len(user.phone) > 40:
+            user.phone = ''
+            update_fields.append("phone")
+
+        if update_fields:
+            user.save(update_fields=update_fields)
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('users', '0003_alter_user_date_expired'),
+    ]
+
+    operations = [
+        migrations.RunPython(fix_user_wechat_phone),
+    ]