lixiuya
/
EnglishPal
forked from mrlan/EnglishPal
1
0
Fork 0
Code Pull Requests Activity

加入注册验证码机制,防止被机器人恶意批量注册。 

修改源代码的 account_service.py 文件,并加入验证码机制。
Bug534-WangWeitao
王伟涛 2024-07-07 17:54:44 +08:00
parent 8cbc7c9a0c
commit de392ddc5a
2 changed files with 86 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
app/account_service.py
View File

@ -1,10 +1,10 @@
from flask import * from flask import *
from Login import check_username_availability, verify_user, add_user, get_expiry_date, change_password, WarningMessage from Login import check_username_availability, verify_user, add_user, get_expiry_date, change_password, WarningMessage
# 初始化蓝图 # 初始化蓝图
accountService = Blueprint("accountService", __name__) accountService = Blueprint("accountService", __name__)
### Sign-up, login, logout ### ### Sign-up, login, logout ###
@accountService.route("/signup", methods=['GET', 'POST']) @accountService.route("/signup", methods=['GET', 'POST'])
def signup(): def signup():
@ -23,11 +23,39 @@ def signup():
# ! 添加如下代码为了过滤注册时的非法字符 # ! 添加如下代码为了过滤注册时的非法字符
warn = WarningMessage(username) warn = WarningMessage(username)
if str(warn) != 'OK': if str(warn) != 'OK':
return jsonify({'status': '3', 'warn': str(warn)}) return str(warn)
# return jsonify({'status': '3', 'warn': str(warn)})
available = check_username_availability(username) available = check_username_availability(username)
if not available: # 用户名不可用 if not available: # 用户名不可用
return jsonify({'status': '0'}) flash('用户名 %s 已经被注册。' % (username))
return render_template('signup.html')
elif len(password.strip()) < 8: # 密码过短
return '密码少于8位。'
# return jsonify({'status': '0'})
has_specialchar = False
specialchar_list = ['+', '-', '*', '/', '_', '&', '%', ',']
for c in password.strip():
if c in specialchar_list:
has_specialchar = True
break
if not has_specialchar:
return '密码必须包含特殊字符'
has_upper_letter = False
has_lower_letter = False
for c in password.strip():
if c.isupper():
has_upper_letter = True
elif c.islower():
has_lower_letter = True
has_both_letter = has_upper_letter and has_lower_letter
if has_both_letter:
break
if not has_both_letter:
return '密码必须同时包含大写字母和小写字母'
else: # 添加账户信息 else: # 添加账户信息
add_user(username, password) add_user(username, password)
verified = verify_user(username, password) verified = verify_user(username, password)
@ -43,7 +71,6 @@ def signup():
return jsonify({'status': '1'}) return jsonify({'status': '1'})
@accountService.route("/login", methods=['GET', 'POST']) @accountService.route("/login", methods=['GET', 'POST'])
def login(): def login():
''' '''

47
app/bug.py Normal file
View File

@ -0,0 +1,47 @@
from random import randint
from PIL import Image, ImageDraw, ImageFont
def get_random_color():
# 随机颜色RGB
return randint(120, 200), randint(120, 200), randint(120, 200)
def get_random_code():
# 随机字符
codes = [[chr(i) for i in range(48, 58)], [chr(i) for i in range(65, 91)], [chr(i) for i in range(97, 123)]]
codes = codes[randint(0, 2)]
return codes[randint(0, len(codes)-1)]
def generate_captcha(width=140, height=60, length=4):
# 生成验证码
img = Image.new("RGB", (width, height), (250, 250, 250))
draw = ImageDraw.Draw(img)
font = ImageFont.truetype("static/font/font.ttf", size=36)
# 验证码文本
text = ""
for i in range(length):
c = get_random_code()
text += c
rand_len = randint(-5, 5)
draw.text((width * 0.2 * (i+1) + rand_len, height * 0.2 + rand_len), c, font=font, fill=get_random_color())
# 加入干扰线
for i in range(3):
x1 = randint(0, width)
y1 = randint(0, height)
x2 = randint(0, width)
y2 = randint(0, height)
draw.line((x1, y1, x2, y2), fill=get_random_color())
# 加入干扰点
for i in range(16):
draw.point((randint(0, width), randint(0, height)), fill=get_random_color())
# 保存图片
img.save("static/captcha/" + text + ".jpg")
return text + ".jpg"
if __name__ == "__main__":
for i in range(1000):
generate_captcha()