badr_abdellaoui
/
EnglishPal
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

修复 Bug394

Bug394-MiaoChenShuo
miaochenshuo 2022-06-05 23:36:55 +08:00
parent b9cf94da74
commit 260f62967b
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
app/Login.py
View File

@ -5,6 +5,10 @@ from UseSqlite import InsertQuery, RecordQuery
path_prefix = '/var/www/wordfreq/wordfreq/' path_prefix = '/var/www/wordfreq/wordfreq/'
path_prefix = './' # comment this line in deployment path_prefix = './' # comment this line in deployment
def verify_pass(newpass,oldpass):
if(newpass==oldpass):
return True
def verify_user(username, password): def verify_user(username, password):
rq = RecordQuery(path_prefix + 'static/wordfreqapp.db') rq = RecordQuery(path_prefix + 'static/wordfreqapp.db')
@ -47,6 +51,8 @@ def change_password(username, old_password, new_password):
if not verify_user(username, old_password): # 旧密码错误 if not verify_user(username, old_password): # 旧密码错误
return False return False
# 将用户名和密码一起加密,以免暴露不同用户的相同密码 # 将用户名和密码一起加密,以免暴露不同用户的相同密码
if verify_pass(new_password,old_password): #新旧密码一致
return False
password = md5(username + new_password) password = md5(username + new_password)
rq = InsertQuery(path_prefix + 'static/wordfreqapp.db') rq = InsertQuery(path_prefix + 'static/wordfreqapp.db')
rq.instructions_with_parameters("UPDATE user SET password=:password WHERE name=:username", dict( rq.instructions_with_parameters("UPDATE user SET password=:password WHERE name=:username", dict(