功能变化: 登录加入判断,超过5次账号密码不正确则锁定

2024-05-21 21:46:11 +08:00
parent 767cbbe366
commit 3786b4123b
3 changed files with 38 additions and 29 deletions
--- a/backend/dvadmin/system/models.py
+++ b/backend/dvadmin/system/models.py
@@ -70,6 +70,7 @@ class Users(CoreModel, AbstractUser):
        blank=True,
        help_text="关联部门",
    )
    login_error_count = models.IntegerField(default=0, verbose_name="登录错误次数", help_text="登录错误次数")
    objects = CustomUserManager()
    def set_password(self, raw_password):
--- a/backend/dvadmin/system/views/login.py
+++ b/backend/dvadmin/system/views/login.py
@@ -86,28 +86,36 @@ class LoginSerializer(TokenObtainPairSerializer):
        user = Users.objects.get(username=attrs['username'])
        if not user.is_active:
-            raise CustomValidationError("账号被锁定")
+            raise CustomValidationError("账号已被锁定,联系管理员解锁")
        try:
            data = super().validate(attrs)
            data["name"] = self.user.name
            data["userId"] = self.user.id
            data["avatar"] = self.user.avatar
            data['user_type'] = self.user.user_type
            dept = getattr(self.user, 'dept', None)
            if dept:
                data['dept_info'] = {
                    'dept_id': dept.id,
                    'dept_name': dept.name,
-        data = super().validate(attrs)
+                }
-        data["name"] = self.user.name
+            role = getattr(self.user, 'role', None)
-        data["userId"] = self.user.id
+            if role:
-        data["avatar"] = self.user.avatar
+                data['role_info'] = role.values('id', 'name', 'key')
-        data['user_type'] = self.user.user_type
+            request = self.context.get("request")
-        dept = getattr(self.user, 'dept', None)
+            request.user = self.user
-        if dept:
+            # 记录登录日志
-            data['dept_info'] = {
+            save_login_log(request=request)
-                'dept_id': dept.id,
+            return {"code": 2000, "msg": "请求成功", "data": data}
-                'dept_name': dept.name,
+        except Exception as e:
-
+            user.login_error_count += 1
-            }
+            if user.login_error_count >= 5:
-        role = getattr(self.user, 'role', None)
+                user.is_active = False
-        if role:
+                raise CustomValidationError("账号已被锁定,联系管理员解锁")
-            data['role_info'] = role.values('id', 'name', 'key')
+            user.save()
-        request = self.context.get("request")
+            count = 5 - user.login_error_count
-        request.user = self.user
+            raise CustomValidationError(f"账号/密码错误;重试{count}次后将被锁定~")
        # 记录登录日志
        save_login_log(request=request)
        return {"code": 2000, "msg": "请求成功", "data": data}
 class LoginView(TokenObtainPairView):
--- a/backend/dvadmin/system/views/user.py
+++ b/backend/dvadmin/system/views/user.py
@@ -115,14 +115,14 @@ class UserUpdateSerializer(CustomModelSerializer):
        ],
    )
-    # password = serializers.CharField(required=False, allow_blank=True)
+    def validate_is_active(self, value):
-    # mobile = serializers.CharField(
+        """
-    #     max_length=50,
+        更改激活状态
-    #     validators=[
+        """
-    #         CustomUniqueValidator(queryset=Users.objects.all(), message="手机号必须唯一")
+        print(111, value)
-    #     ],
+        if value:
-    #     allow_blank=True
+            self.initial_data["login_error_count"] = 0
-    # )
+        return value
    def save(self, **kwargs):
        data = super().save(**kwargs)