Merge pull request 'Fix bug 394' (#185 ) from Bug394-Hui into Alpha-snapshot20240618

Reviewed-on: #185
Fix bug 394
2024-09-06 08:55:35 +08:00 · 2024-09-06 08:54:11 +08:00
5 changed files with 41 additions and 44 deletions
--- a/app/Login.py
+++ b/app/Login.py
@ -21,11 +21,6 @@ path_prefix = '/var/www/wordfreq/wordfreq/'
 path_prefix = './'  # comment this line in deployment
 def verify_pass(newpass, oldpass):
    if (newpass == oldpass):
        return True
 def verify_user(username, password):
    user = get_user_by_username(username)
    encoded_password = md5(username + password)
@ -54,12 +49,12 @@ def change_password(username, old_password, new_password):
    :return: 修改成功:True 否则:False
    '''
    if not verify_user(username, old_password):  # 旧密码错误
-        return False
+        return {'error':'Old password is wrong.', 'username':username}
    # 将用户名和密码一起加密，以免暴露不同用户的相同密码
-    if verify_pass(new_password, old_password):  #新旧密码一致
+    if new_password == old_password:  #新旧密码一致
-        return False
+        return {'error':'New password cannot be the same as the old password.', 'username':username}
    update_password_by_username(username, new_password)
-    return True
+    return {'success':'Password changed', 'username':username}
 def get_expiry_date(username):
--- a/app/account_service.py
+++ b/app/account_service.py
@ -133,10 +133,7 @@ def reset():
        # POST请求用于提交修改后信息
        old_password = escape(request.form['old-password'])
        new_password = escape(request.form['new-password'])
-        flag = change_password(username, old_password, new_password) # flag表示是否修改成功
+        result = change_password(username, old_password, new_password)
-        if flag:
+        return jsonify(result)
-            session['logged_in'] = False
+
            return jsonify({'status':'1'})  # 修改成功
        else:
            return jsonify({'status':'2'})  # 修改失败
--- a/app/static/js/password.js
+++ b/app/static/js/password.js
@ -0,0 +1,20 @@
 function containsDigitsLettersSpecialCharacters(s) {
    let resultD = 0, resultL = 0, resultS = 0;
    // Digit test
    '0123456789'.split('').forEach((x) => {
 	if (s.includes(x))
 	    resultD = 1;
    });
    // Letter test
    resultL =  /[a-z]/i.test(s);
    // Special charater test
    '+-*/,.:;/\[]<>$%&()!?^~'.split('').forEach((x) => {
 	if (s.includes(x))
 	    resultS = 1;
    });
    return resultD + resultL + resultS == 3;
 }
--- a/app/templates/reset.html
+++ b/app/templates/reset.html
@ -3,6 +3,7 @@
          content="width=device-width, initial-scale=1.0, minimum-scale=0.5, maximum-scale=3.0, user-scalable=yes"/>
    <link rel="stylesheet" href="static/css/login_service.css">
    <script src="static/js/jquery.js"></script>
    <script src="static/js/password.js"></script>
    <script>
        function reset() {
            let old_password = $("#old-password").val();
@ -24,15 +25,19 @@
                alert('密码过于简单。(密码长度至少4位)');
                return false;
            }
            if (!containsDigitsLettersSpecialCharacters(new_password)) {
 		alert('密码过于简单。(密码要包括数字，字母，特殊符号)');
 		return false;
            }
            $.post("/reset", {'old-password': old_password, 'new-password': new_password},
-                function (response) {
+                   function (response) {
-                    if (response.status === '1') {
+		       console.log(response);
-                        alert('密码修改成功，请重新登录。');
+                    if ('success' in response) {
-                        window.location.href = "/login";
+                        alert('密码修改成功。');
-                    } else if (response.status === '2') {
+                    } else if ('error' in response) {
-                        alert('密码修改失败');
+                        alert(`密码修改失败 ${response.error}`);
                        window.location.href = "/reset";
                    }
                    window.location.href = `/${response.username}/userpage`;
                }
            )
            return false;
--- a/app/templates/signup.html
+++ b/app/templates/signup.html
@ -7,6 +7,7 @@
    <meta charset="UTF-8">
    <meta http-equiv="X-UA-Compatible" content="IE-edge,chrome=1">
    <link href="static/css/slide-unlock.css" rel="stylesheet">
    <script src="static/js/password.js"></script>
    <script src="static/js/jquery.js"></script>
    <script src="static/js/jquery.slideunlock.js"></script>
    <script>
@ -21,27 +22,6 @@
        slider.init(); // 初始化滑块解锁功能
    });
      function containsDigitsLettersSpecialCharacters(s) {
 	  let resultD = 0, resultL = 0, resultS = 0;
 	  // Digit test
          '0123456789'.split('').forEach((x) => {
 	      if (s.includes(x))
 		  resultD = 1;
 	  });
 	  // Letter test
 	  resultL =  /[a-z]/i.test(s);
 	  // Special charater test
          '+-*/,.:;/\[]<>$%&()!?^~'.split('').forEach((x) => {
 	      if (s.includes(x))
 		  resultS = 1;
 	  });
 	  return resultD + resultL + resultS == 3;
      }
    function signup(){
        // 发起 AJAX 请求来处理注册
        username = $("#username").val().trim();
Author	SHA1	Message	Date
mrlan	12752341db	Merge pull request 'Fix bug 394' (#185 ) from Bug394-Hui into Alpha-snapshot20240618 Reviewed-on: #185	2024-09-06 08:55:35 +08:00
Lan Hui	3abebdfb21	Fix bug 394	2024-09-06 08:54:11 +08:00