功能变化: 登录加入判断,超过5次账号密码不正确则锁定

backend/dvadmin/system/views/login.py

@@ -86,28 +86,36 @@ class LoginSerializer(TokenObtainPairSerializer):
 
         user = Users.objects.get(username=attrs['username'])
         if not user.is_active:
-            raise CustomValidationError("账号被锁定")
+            raise CustomValidationError("账号已被锁定,联系管理员解锁")
+        try:
+            data = super().validate(attrs)
+            data["name"] = self.user.name
+            data["userId"] = self.user.id
+            data["avatar"] = self.user.avatar
+            data['user_type'] = self.user.user_type
+            dept = getattr(self.user, 'dept', None)
+            if dept:
+                data['dept_info'] = {
+                    'dept_id': dept.id,
+                    'dept_name': dept.name,
 
-        data = super().validate(attrs)
-        data["name"] = self.user.name
-        data["userId"] = self.user.id
-        data["avatar"] = self.user.avatar
-        data['user_type'] = self.user.user_type
-        dept = getattr(self.user, 'dept', None)
-        if dept:
-            data['dept_info'] = {
-                'dept_id': dept.id,
-                'dept_name': dept.name,
-
-            }
-        role = getattr(self.user, 'role', None)
-        if role:
-            data['role_info'] = role.values('id', 'name', 'key')
-        request = self.context.get("request")
-        request.user = self.user
-        # 记录登录日志
-        save_login_log(request=request)
-        return {"code": 2000, "msg": "请求成功", "data": data}
+                }
+            role = getattr(self.user, 'role', None)
+            if role:
+                data['role_info'] = role.values('id', 'name', 'key')
+            request = self.context.get("request")
+            request.user = self.user
+            # 记录登录日志
+            save_login_log(request=request)
+            return {"code": 2000, "msg": "请求成功", "data": data}
+        except Exception as e:
+            user.login_error_count += 1
+            if user.login_error_count >= 5:
+                user.is_active = False
+                raise CustomValidationError("账号已被锁定,联系管理员解锁")
+            user.save()
+            count = 5 - user.login_error_count
+            raise CustomValidationError(f"账号/密码错误;重试{count}次后将被锁定~")
 
 
 class LoginView(TokenObtainPairView):

backend/dvadmin/system/views/user.py

@@ -115,14 +115,14 @@ class UserUpdateSerializer(CustomModelSerializer):
         ],
     )
 
-    # password = serializers.CharField(required=False, allow_blank=True)
-    # mobile = serializers.CharField(
-    #     max_length=50,
-    #     validators=[
-    #         CustomUniqueValidator(queryset=Users.objects.all(), message="手机号必须唯一")
-    #     ],
-    #     allow_blank=True
-    # )
+    def validate_is_active(self, value):
+        """
+        更改激活状态
+        """
+        print(111, value)
+        if value:
+            self.initial_data["login_error_count"] = 0
+        return value
 
     def save(self, **kwargs):
         data = super().save(**kwargs)