From 3abebdfb2193aec1479361cec2341ea6f727570c Mon Sep 17 00:00:00 2001 From: Lan Hui <1348141770@qq.com> Date: Fri, 6 Sep 2024 08:54:11 +0800 Subject: [PATCH] Fix bug 394 --- app/Login.py | 13 ++++--------- app/account_service.py | 9 +++------ app/static/js/password.js | 20 ++++++++++++++++++++ app/templates/reset.html | 21 +++++++++++++-------- app/templates/signup.html | 22 +--------------------- 5 files changed, 41 insertions(+), 44 deletions(-) create mode 100644 app/static/js/password.js diff --git a/app/Login.py b/app/Login.py index cd3ee22..d82a6d1 100644 --- a/app/Login.py +++ b/app/Login.py @@ -21,11 +21,6 @@ path_prefix = '/var/www/wordfreq/wordfreq/' path_prefix = './' # comment this line in deployment -def verify_pass(newpass, oldpass): - if (newpass == oldpass): - return True - - def verify_user(username, password): user = get_user_by_username(username) encoded_password = md5(username + password) @@ -54,12 +49,12 @@ def change_password(username, old_password, new_password): :return: 修改成功:True 否则:False ''' if not verify_user(username, old_password): # 旧密码错误 - return False + return {'error':'Old password is wrong.', 'username':username} # 将用户名和密码一起加密,以免暴露不同用户的相同密码 - if verify_pass(new_password, old_password): #新旧密码一致 - return False + if new_password == old_password: #新旧密码一致 + return {'error':'New password cannot be the same as the old password.', 'username':username} update_password_by_username(username, new_password) - return True + return {'success':'Password changed', 'username':username} def get_expiry_date(username): diff --git a/app/account_service.py b/app/account_service.py index dfc403e..a57be5c 100644 --- a/app/account_service.py +++ b/app/account_service.py @@ -133,10 +133,7 @@ def reset(): # POST请求用于提交修改后信息 old_password = escape(request.form['old-password']) new_password = escape(request.form['new-password']) - flag = change_password(username, old_password, new_password) # flag表示是否修改成功 - if flag: - session['logged_in'] = False - return jsonify({'status':'1'}) # 修改成功 - else: - return jsonify({'status':'2'}) # 修改失败 + result = change_password(username, old_password, new_password) + return jsonify(result) + diff --git a/app/static/js/password.js b/app/static/js/password.js new file mode 100644 index 0000000..7542ec7 --- /dev/null +++ b/app/static/js/password.js @@ -0,0 +1,20 @@ +function containsDigitsLettersSpecialCharacters(s) { + let resultD = 0, resultL = 0, resultS = 0; + + // Digit test + '0123456789'.split('').forEach((x) => { + if (s.includes(x)) + resultD = 1; + }); + + // Letter test + resultL = /[a-z]/i.test(s); + + // Special charater test + '+-*/,.:;/\[]<>$%&()!?^~'.split('').forEach((x) => { + if (s.includes(x)) + resultS = 1; + }); + + return resultD + resultL + resultS == 3; +} diff --git a/app/templates/reset.html b/app/templates/reset.html index 408e001..6849bd5 100644 --- a/app/templates/reset.html +++ b/app/templates/reset.html @@ -3,6 +3,7 @@ content="width=device-width, initial-scale=1.0, minimum-scale=0.5, maximum-scale=3.0, user-scalable=yes"/> +