Fix bug 394 #185
13
app/Login.py
13
app/Login.py
|
@ -21,11 +21,6 @@ path_prefix = '/var/www/wordfreq/wordfreq/'
|
|||
path_prefix = './' # comment this line in deployment
|
||||
|
||||
|
||||
def verify_pass(newpass, oldpass):
|
||||
if (newpass == oldpass):
|
||||
return True
|
||||
|
||||
|
||||
def verify_user(username, password):
|
||||
user = get_user_by_username(username)
|
||||
encoded_password = md5(username + password)
|
||||
|
@ -54,12 +49,12 @@ def change_password(username, old_password, new_password):
|
|||
:return: 修改成功:True 否则:False
|
||||
'''
|
||||
if not verify_user(username, old_password): # 旧密码错误
|
||||
return False
|
||||
return {'error':'Old password is wrong.', 'username':username}
|
||||
# 将用户名和密码一起加密,以免暴露不同用户的相同密码
|
||||
if verify_pass(new_password, old_password): #新旧密码一致
|
||||
return False
|
||||
if new_password == old_password: #新旧密码一致
|
||||
return {'error':'New password cannot be the same as the old password.', 'username':username}
|
||||
update_password_by_username(username, new_password)
|
||||
return True
|
||||
return {'success':'Password changed', 'username':username}
|
||||
|
||||
|
||||
def get_expiry_date(username):
|
||||
|
|
|
@ -133,10 +133,7 @@ def reset():
|
|||
# POST请求用于提交修改后信息
|
||||
old_password = escape(request.form['old-password'])
|
||||
new_password = escape(request.form['new-password'])
|
||||
flag = change_password(username, old_password, new_password) # flag表示是否修改成功
|
||||
if flag:
|
||||
session['logged_in'] = False
|
||||
return jsonify({'status':'1'}) # 修改成功
|
||||
else:
|
||||
return jsonify({'status':'2'}) # 修改失败
|
||||
result = change_password(username, old_password, new_password)
|
||||
return jsonify(result)
|
||||
|
||||
|
||||
|
|
|
@ -0,0 +1,20 @@
|
|||
function containsDigitsLettersSpecialCharacters(s) {
|
||||
let resultD = 0, resultL = 0, resultS = 0;
|
||||
|
||||
// Digit test
|
||||
'0123456789'.split('').forEach((x) => {
|
||||
if (s.includes(x))
|
||||
resultD = 1;
|
||||
});
|
||||
|
||||
// Letter test
|
||||
resultL = /[a-z]/i.test(s);
|
||||
|
||||
// Special charater test
|
||||
'+-*/,.:;/\[]<>$%&()!?^~'.split('').forEach((x) => {
|
||||
if (s.includes(x))
|
||||
resultS = 1;
|
||||
});
|
||||
|
||||
return resultD + resultL + resultS == 3;
|
||||
}
|
|
@ -3,6 +3,7 @@
|
|||
content="width=device-width, initial-scale=1.0, minimum-scale=0.5, maximum-scale=3.0, user-scalable=yes"/>
|
||||
<link rel="stylesheet" href="static/css/login_service.css">
|
||||
<script src="static/js/jquery.js"></script>
|
||||
<script src="static/js/password.js"></script>
|
||||
<script>
|
||||
function reset() {
|
||||
let old_password = $("#old-password").val();
|
||||
|
@ -24,15 +25,19 @@
|
|||
alert('密码过于简单。(密码长度至少4位)');
|
||||
return false;
|
||||
}
|
||||
if (!containsDigitsLettersSpecialCharacters(new_password)) {
|
||||
alert('密码过于简单。(密码要包括数字,字母,特殊符号)');
|
||||
return false;
|
||||
}
|
||||
$.post("/reset", {'old-password': old_password, 'new-password': new_password},
|
||||
function (response) {
|
||||
if (response.status === '1') {
|
||||
alert('密码修改成功,请重新登录。');
|
||||
window.location.href = "/login";
|
||||
} else if (response.status === '2') {
|
||||
alert('密码修改失败');
|
||||
window.location.href = "/reset";
|
||||
function (response) {
|
||||
console.log(response);
|
||||
if ('success' in response) {
|
||||
alert('密码修改成功。');
|
||||
} else if ('error' in response) {
|
||||
alert(`密码修改失败 ${response.error}`);
|
||||
}
|
||||
window.location.href = `/${response.username}/userpage`;
|
||||
}
|
||||
)
|
||||
return false;
|
||||
|
@ -52,4 +57,4 @@
|
|||
<button class="btn" onclick="window.location.href='/{{ username }}/userpage'">放弃修改</button>
|
||||
|
||||
</div>
|
||||
{% endblock %}
|
||||
{% endblock %}
|
||||
|
|
|
@ -7,6 +7,7 @@
|
|||
<meta charset="UTF-8">
|
||||
<meta http-equiv="X-UA-Compatible" content="IE-edge,chrome=1">
|
||||
<link href="static/css/slide-unlock.css" rel="stylesheet">
|
||||
<script src="static/js/password.js"></script>
|
||||
<script src="static/js/jquery.js"></script>
|
||||
<script src="static/js/jquery.slideunlock.js"></script>
|
||||
<script>
|
||||
|
@ -21,27 +22,6 @@
|
|||
slider.init(); // 初始化滑块解锁功能
|
||||
});
|
||||
|
||||
function containsDigitsLettersSpecialCharacters(s) {
|
||||
let resultD = 0, resultL = 0, resultS = 0;
|
||||
|
||||
// Digit test
|
||||
'0123456789'.split('').forEach((x) => {
|
||||
if (s.includes(x))
|
||||
resultD = 1;
|
||||
});
|
||||
|
||||
// Letter test
|
||||
resultL = /[a-z]/i.test(s);
|
||||
|
||||
// Special charater test
|
||||
'+-*/,.:;/\[]<>$%&()!?^~'.split('').forEach((x) => {
|
||||
if (s.includes(x))
|
||||
resultS = 1;
|
||||
});
|
||||
|
||||
return resultD + resultL + resultS == 3;
|
||||
}
|
||||
|
||||
function signup(){
|
||||
// 发起 AJAX 请求来处理注册
|
||||
username = $("#username").val().trim();
|
||||
|
|
Loading…
Reference in New Issue