Merge pull request 'Fix bug 394' (#185) from Bug394-Hui into Alpha-snapshot20240618

Reviewed-on: #185
2024-09-06 08:55:35 +08:00 · 2024-09-06 08:55:35 +08:00 · 12752341db
parent 92331ca7a0 3abebdfb21
commit 12752341db
5 changed files with 41 additions and 44 deletions
--- a/app/Login.py
+++ b/app/Login.py
@ -21,11 +21,6 @@ path_prefix = '/var/www/wordfreq/wordfreq/'
 path_prefix = './'  # comment this line in deployment


-def verify_pass(newpass, oldpass):
-    if (newpass == oldpass):
-        return True
-
-
 def verify_user(username, password):
    user = get_user_by_username(username)
    encoded_password = md5(username + password)
@ -54,12 +49,12 @@ def change_password(username, old_password, new_password):
    :return: 修改成功:True 否则:False
    '''
    if not verify_user(username, old_password):  # 旧密码错误
-        return False
+        return {'error':'Old password is wrong.', 'username':username}
    # 将用户名和密码一起加密，以免暴露不同用户的相同密码
-    if verify_pass(new_password, old_password):  #新旧密码一致
-        return False
+    if new_password == old_password:  #新旧密码一致
+        return {'error':'New password cannot be the same as the old password.', 'username':username}
    update_password_by_username(username, new_password)
-    return True
+    return {'success':'Password changed', 'username':username}


 def get_expiry_date(username):
--- a/app/account_service.py
+++ b/app/account_service.py
@ -133,10 +133,7 @@ def reset():
        # POST请求用于提交修改后信息
        old_password = escape(request.form['old-password'])
        new_password = escape(request.form['new-password'])
-        flag = change_password(username, old_password, new_password) # flag表示是否修改成功
-        if flag:
-            session['logged_in'] = False
-            return jsonify({'status':'1'})  # 修改成功
-        else:
-            return jsonify({'status':'2'})  # 修改失败
+        result = change_password(username, old_password, new_password)
+        return jsonify(result)
+

--- a/app/static/js/password.js
+++ b/app/static/js/password.js
@ -0,0 +1,20 @@
+function containsDigitsLettersSpecialCharacters(s) {
+    let resultD = 0, resultL = 0, resultS = 0;
+
+    // Digit test
+    '0123456789'.split('').forEach((x) => {
+	if (s.includes(x))
+	    resultD = 1;
+    });
+
+    // Letter test
+    resultL =  /[a-z]/i.test(s);
+
+    // Special charater test
+    '+-*/,.:;/\[]<>$%&()!?^~'.split('').forEach((x) => {
+	if (s.includes(x))
+	    resultS = 1;
+    });
+
+    return resultD + resultL + resultS == 3;
+}
--- a/app/templates/reset.html
+++ b/app/templates/reset.html
@ -3,6 +3,7 @@
          content="width=device-width, initial-scale=1.0, minimum-scale=0.5, maximum-scale=3.0, user-scalable=yes"/>
    <link rel="stylesheet" href="static/css/login_service.css">
    <script src="static/js/jquery.js"></script>
+    <script src="static/js/password.js"></script>
    <script>
        function reset() {
            let old_password = $("#old-password").val();
@ -24,15 +25,19 @@
                alert('密码过于简单。(密码长度至少4位)');
                return false;
            }
+            if (!containsDigitsLettersSpecialCharacters(new_password)) {
+		alert('密码过于简单。(密码要包括数字，字母，特殊符号)');
+		return false;
+            }
            $.post("/reset", {'old-password': old_password, 'new-password': new_password},
-                function (response) {
-                    if (response.status === '1') {
-                        alert('密码修改成功，请重新登录。');
-                        window.location.href = "/login";
-                    } else if (response.status === '2') {
-                        alert('密码修改失败');
-                        window.location.href = "/reset";
+                   function (response) {
+		       console.log(response);
+                    if ('success' in response) {
+                        alert('密码修改成功。');
+                    } else if ('error' in response) {
+                        alert(`密码修改失败 ${response.error}`);
                    }
+                    window.location.href = `/${response.username}/userpage`;
                }
            )
            return false;
@ -52,4 +57,4 @@
        <button class="btn" onclick="window.location.href='/{{ username }}/userpage'">放弃修改</button>

    </div>
-{% endblock %}
+{% endblock %}
--- a/app/templates/signup.html
+++ b/app/templates/signup.html
@ -7,6 +7,7 @@
    <meta charset="UTF-8">
    <meta http-equiv="X-UA-Compatible" content="IE-edge,chrome=1">
    <link href="static/css/slide-unlock.css" rel="stylesheet">
+    <script src="static/js/password.js"></script>
    <script src="static/js/jquery.js"></script>
    <script src="static/js/jquery.slideunlock.js"></script>
    <script>
@ -21,27 +22,6 @@
        slider.init(); // 初始化滑块解锁功能
    });

-      function containsDigitsLettersSpecialCharacters(s) {
-	  let resultD = 0, resultL = 0, resultS = 0;
-
-	  // Digit test
-          '0123456789'.split('').forEach((x) => {
-	      if (s.includes(x))
-		  resultD = 1;
-	  });
-
-	  // Letter test
-	  resultL =  /[a-z]/i.test(s);
-
-	  // Special charater test
-          '+-*/,.:;/\[]<>$%&()!?^~'.split('').forEach((x) => {
-	      if (s.includes(x))
-		  resultS = 1;
-	  });
-
-	  return resultD + resultL + resultS == 3;
-      }
-
    function signup(){
        // 发起 AJAX 请求来处理注册
        username = $("#username").val().trim();