baoyuelin
/
EnglishPal
forked from mrlan/EnglishPal
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge branch 'master' into Bug428-LouJiCheng

Bug428-LouJiCheng
楼吉诚 2022-06-14 22:11:24 +08:00
parent 9d5175d0a6 e48008550a
commit e241c47744
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
app/Login.py
View File

@ -5,6 +5,10 @@ from UseSqlite import InsertQuery, RecordQuery
path_prefix = '/var/www/wordfreq/wordfreq/' path_prefix = '/var/www/wordfreq/wordfreq/'
path_prefix = './' # comment this line in deployment path_prefix = './' # comment this line in deployment
def verify_pass(newpass,oldpass):
if(newpass==oldpass):
return True
def verify_user(username, password): def verify_user(username, password):
rq = RecordQuery(path_prefix + 'static/wordfreqapp.db') rq = RecordQuery(path_prefix + 'static/wordfreqapp.db')
@ -47,6 +51,8 @@ def change_password(username, old_password, new_password):
if not verify_user(username, old_password): # 旧密码错误 if not verify_user(username, old_password): # 旧密码错误
return False return False
# 将用户名和密码一起加密,以免暴露不同用户的相同密码 # 将用户名和密码一起加密,以免暴露不同用户的相同密码
if verify_pass(new_password,old_password): #新旧密码一致
return False
password = md5(username + new_password) password = md5(username + new_password)
rq = InsertQuery(path_prefix + 'static/wordfreqapp.db') rq = InsertQuery(path_prefix + 'static/wordfreqapp.db')
rq.instructions_with_parameters("UPDATE user SET password=:password WHERE name=:username", dict( rq.instructions_with_parameters("UPDATE user SET password=:password WHERE name=:username", dict(