Compare commits

..

No commits in common. "12752341db1ea8896f9d5dd9449a74107656b3be" and "92331ca7a09dbdc4bd907115c073d0e69621a272" have entirely different histories.

5 changed files with 44 additions and 41 deletions

View File

@ -21,6 +21,11 @@ path_prefix = '/var/www/wordfreq/wordfreq/'
path_prefix = './' # comment this line in deployment
def verify_pass(newpass, oldpass):
if (newpass == oldpass):
return True
def verify_user(username, password):
user = get_user_by_username(username)
encoded_password = md5(username + password)
@ -49,12 +54,12 @@ def change_password(username, old_password, new_password):
:return: 修改成功:True 否则:False
'''
if not verify_user(username, old_password): # 旧密码错误
return {'error':'Old password is wrong.', 'username':username}
return False
# 将用户名和密码一起加密,以免暴露不同用户的相同密码
if new_password == old_password: #新旧密码一致
return {'error':'New password cannot be the same as the old password.', 'username':username}
if verify_pass(new_password, old_password): #新旧密码一致
return False
update_password_by_username(username, new_password)
return {'success':'Password changed', 'username':username}
return True
def get_expiry_date(username):

View File

@ -133,7 +133,10 @@ def reset():
# POST请求用于提交修改后信息
old_password = escape(request.form['old-password'])
new_password = escape(request.form['new-password'])
result = change_password(username, old_password, new_password)
return jsonify(result)
flag = change_password(username, old_password, new_password) # flag表示是否修改成功
if flag:
session['logged_in'] = False
return jsonify({'status':'1'}) # 修改成功
else:
return jsonify({'status':'2'}) # 修改失败

View File

@ -1,20 +0,0 @@
function containsDigitsLettersSpecialCharacters(s) {
let resultD = 0, resultL = 0, resultS = 0;
// Digit test
'0123456789'.split('').forEach((x) => {
if (s.includes(x))
resultD = 1;
});
// Letter test
resultL = /[a-z]/i.test(s);
// Special charater test
'+-*/,.:;/\[]<>$%&()!?^~'.split('').forEach((x) => {
if (s.includes(x))
resultS = 1;
});
return resultD + resultL + resultS == 3;
}

View File

@ -3,7 +3,6 @@
content="width=device-width, initial-scale=1.0, minimum-scale=0.5, maximum-scale=3.0, user-scalable=yes"/>
<link rel="stylesheet" href="static/css/login_service.css">
<script src="static/js/jquery.js"></script>
<script src="static/js/password.js"></script>
<script>
function reset() {
let old_password = $("#old-password").val();
@ -25,19 +24,15 @@
alert('密码过于简单。(密码长度至少4位)');
return false;
}
if (!containsDigitsLettersSpecialCharacters(new_password)) {
alert('密码过于简单。(密码要包括数字,字母,特殊符号)');
return false;
}
$.post("/reset", {'old-password': old_password, 'new-password': new_password},
function (response) {
console.log(response);
if ('success' in response) {
alert('密码修改成功。');
} else if ('error' in response) {
alert(`密码修改失败 ${response.error}`);
if (response.status === '1') {
alert('密码修改成功,请重新登录。');
window.location.href = "/login";
} else if (response.status === '2') {
alert('密码修改失败');
window.location.href = "/reset";
}
window.location.href = `/${response.username}/userpage`;
}
)
return false;

View File

@ -7,7 +7,6 @@
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE-edge,chrome=1">
<link href="static/css/slide-unlock.css" rel="stylesheet">
<script src="static/js/password.js"></script>
<script src="static/js/jquery.js"></script>
<script src="static/js/jquery.slideunlock.js"></script>
<script>
@ -22,6 +21,27 @@
slider.init(); // 初始化滑块解锁功能
});
function containsDigitsLettersSpecialCharacters(s) {
let resultD = 0, resultL = 0, resultS = 0;
// Digit test
'0123456789'.split('').forEach((x) => {
if (s.includes(x))
resultD = 1;
});
// Letter test
resultL = /[a-z]/i.test(s);
// Special charater test
'+-*/,.:;/\[]<>$%&()!?^~'.split('').forEach((x) => {
if (s.includes(x))
resultS = 1;
});
return resultD + resultL + resultS == 3;
}
function signup(){
// 发起 AJAX 请求来处理注册
username = $("#username").val().trim();