1.优化登录页面;

2.新增初次登录强制修改密码;
2024-11-06 01:39:20 +08:00
parent 3f58c1cb7a
commit 3ea38a59b7
8 changed files with 384 additions and 55 deletions
--- a/backend/application/settings.py
+++ b/backend/application/settings.py
@@ -404,7 +404,7 @@ PLUGINS_URL_PATTERNS = []
 # ********** 一键导入插件配置开始 **********
 # 例如:
 # from dvadmin_upgrade_center.settings import *    # 升级中心
-# from dvadmin_celery.settings import *            # celery 异步任务
+from dvadmin3_celery.settings import *            # celery 异步任务
 # from dvadmin_third.settings import *            # 第三方用户管理
 # from dvadmin_ak_sk.settings import *            # 秘钥管理管理
 # from dvadmin_tenants.settings import *            # 租户管理
--- a/backend/dvadmin/system/models.py
+++ b/backend/dvadmin/system/models.py
@@ -71,6 +71,7 @@ class Users(CoreModel, AbstractUser):
        help_text="关联部门",
    )
    login_error_count = models.IntegerField(default=0, verbose_name="登录错误次数", help_text="登录错误次数")
+    pwd_change_count = models.IntegerField(default=0,blank=True, verbose_name="密码修改次数", help_text="密码修改次数")
    objects = CustomUserManager()

    def set_password(self, raw_password):
--- a/backend/dvadmin/system/views/login.py
+++ b/backend/dvadmin/system/views/login.py
@@ -4,12 +4,15 @@ from datetime import datetime, timedelta
 from captcha.views import CaptchaStore, captcha_image
 from django.contrib import auth
 from django.contrib.auth import login
+from django.contrib.auth.hashers import check_password, make_password
 from django.db.models import Q
 from django.shortcuts import redirect
 from django.utils.translation import gettext_lazy as _
 from drf_yasg import openapi
 from drf_yasg.utils import swagger_auto_schema
 from rest_framework import serializers
+from rest_framework.decorators import action
+from rest_framework.permissions import IsAuthenticated
 from rest_framework.views import APIView
 from rest_framework_simplejwt.serializers import TokenObtainPairSerializer
 from rest_framework_simplejwt.views import TokenObtainPairView
@@ -97,16 +100,17 @@ class LoginSerializer(TokenObtainPairSerializer):
            # 必须重置用户名为username,否则使用邮箱手机号登录会提示密码错误
            attrs['username'] = user.username
            data = super().validate(attrs)
+            data["username"] = self.user.username
            data["name"] = self.user.name
            data["userId"] = self.user.id
            data["avatar"] = self.user.avatar
            data['user_type'] = self.user.user_type
+            data['pwd_change_count'] = self.user.pwd_change_count
            dept = getattr(self.user, 'dept', None)
            if dept:
                data['dept_info'] = {
                    'dept_id': dept.id,
                    'dept_name': dept.name,
-
                }
            role = getattr(self.user, 'role', None)
            if role:
--- a/backend/dvadmin/system/views/user.py
+++ b/backend/dvadmin/system/views/user.py
@@ -286,6 +286,7 @@ class UserViewSet(CustomModelViewSet):
            "dept": user.dept_id,
            "is_superuser": user.is_superuser,
            "role": user.role.values_list('id', flat=True),
+            "pwd_change_count":user.pwd_change_count
        }
        if hasattr(connection, 'tenant'):
            result['tenant_id'] = connection.tenant and connection.tenant.id
@@ -319,7 +320,6 @@ class UserViewSet(CustomModelViewSet):
        """密码修改"""
        data = request.data
        old_pwd = data.get("oldPassword")
-        print(old_pwd)
        new_pwd = data.get("newPassword")
        new_pwd2 = data.get("newPassword2")
        if old_pwd is None or new_pwd is None or new_pwd2 is None:
@@ -336,11 +336,26 @@ class UserViewSet(CustomModelViewSet):
                verify_password = check_password(str(old_pwd_md5), request.user.password)
        if verify_password:
            request.user.password = make_password(hashlib.md5(new_pwd.encode(encoding='UTF-8')).hexdigest())
+            request.user.pwd_change_count += 1
            request.user.save()
            return DetailResponse(data=None, msg="修改成功")
        else:
            return ErrorResponse(msg="旧密码不正确")

+    @action(methods=["post"], detail=False, permission_classes=[IsAuthenticated])
+    def login_change_password(self, request, *args, **kwargs):
+        """初次登录进行密码修改"""
+        data = request.data
+        new_pwd = data.get("password")
+        new_pwd2 = data.get("password_regain")
+        if new_pwd != new_pwd2:
+            return ErrorResponse(msg="两次密码不匹配")
+        else:
+            request.user.password = make_password(hashlib.md5(new_pwd.encode(encoding='UTF-8')).hexdigest())
+            request.user.pwd_change_count += 1
+            request.user.save()
+            return DetailResponse(data=None, msg="修改成功")
+
    @action(methods=["PUT"], detail=True, permission_classes=[IsAuthenticated])
    def reset_to_default_password(self, request,pk):
        """恢复默认密码"""