From 286e884dd8a08fe3bb14cd9f656c2da1f70af2b5 Mon Sep 17 00:00:00 2001 From: Hui Lan Date: Thu, 3 Nov 2022 21:59:12 +0800 Subject: [PATCH 1/6] Refactor Wu Yuhan's code --- app/Login.py | 33 +++++++++++++++++++++++++++++++++ app/account_service.py | 18 +++++------------- 2 files changed, 38 insertions(+), 13 deletions(-) diff --git a/app/Login.py b/app/Login.py index f1317b2..e5cdd9b 100644 --- a/app/Login.py +++ b/app/Login.py @@ -1,4 +1,5 @@ import hashlib +import string from datetime import datetime from UseSqlite import InsertQuery, RecordQuery @@ -81,3 +82,35 @@ def md5(s): ''' h = hashlib.md5(s.encode(encoding='utf-8')) return h.hexdigest() + + +class UserName: + def __init__(self, username): + self.username = username + + def validate(self): + if gen(self.username) > 20: + return f'{self.username} is too long. The user name cannot exceed 20 characters.' + if self.username.startswith('.'): # a user name must not start with a dot + return 'Period (.) is not allowed as the first letter in the user name.' + if ' ' in self.username: # a user must not include a whitespace + return 'Whitespace is not allowed in the user name.' + for c in self.username: # a user name not include special characters + if c in string.punctuation and c is not '.' and c is not '_': + return f'{c} is not allowed in the user name.' + return 'OK' + + +class WarningMessage: + def __init__(self, s): + self.s = s + + def __str__(self): + result = UserName(self.s).validate() + if result != 'OK' + return result + + if self.s in ['signup', 'login', 'logout', 'reset', 'mark', 'back', 'unfamiliar', 'familiar', 'del']: + return 'You used a restricted word as the username. Please come up with a better one.' + + return 'OK' diff --git a/app/account_service.py b/app/account_service.py index 0e5cf7a..2d44ec2 100644 --- a/app/account_service.py +++ b/app/account_service.py @@ -1,5 +1,5 @@ from flask import * -from Login import check_username_availability, verify_user, add_user, get_expiry_date, change_password +from Login import check_username_availability, verify_user, add_user, get_expiry_date, change_password, UserName, WarningMessage import re # 初始化蓝图 @@ -22,17 +22,9 @@ def signup(): password = escape(request.form['password']) #! 添加如下代码为了过滤注册时的非法字符 - if len(username) > 20: - return '用户名过长' - # 正则匹配非法字符 - check_useful = re.search(u'^[_a-zA-Z0-9\u4e00-\u9fa5]+$', username) - if not check_useful: - return '存在非法字符' - # 判断用户名是否和接口重名 - if username in ["signup", "login", "logout", - "reset", "mark", "back", - "unfamiliar", "familiar", 'del']: - return '请勿与接口同名' + warn = WarningMessage(username) + if warn != 'OK': + return str(warn) available = check_username_availability(username) if not available: # 用户名不可用 @@ -140,4 +132,4 @@ alert('密码修改失败'); window.location.href="/reset"; -''' \ No newline at end of file +''' From 3cfec31c3fe739d679c2af3d1e1bbaf3e5826896 Mon Sep 17 00:00:00 2001 From: Hui Lan Date: Thu, 3 Nov 2022 22:00:47 +0800 Subject: [PATCH 2/6] Login.py: add missing colon --- app/Login.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Login.py b/app/Login.py index e5cdd9b..9c89b91 100644 --- a/app/Login.py +++ b/app/Login.py @@ -107,7 +107,7 @@ class WarningMessage: def __str__(self): result = UserName(self.s).validate() - if result != 'OK' + if result != 'OK': return result if self.s in ['signup', 'login', 'logout', 'reset', 'mark', 'back', 'unfamiliar', 'familiar', 'del']: From f0b5adc5e4fc25298042a02efc63f61aa9830ded Mon Sep 17 00:00:00 2001 From: Lan Hui <1348141770@qq.com> Date: Thu, 3 Nov 2022 22:02:32 +0800 Subject: [PATCH 3/6] Login.py: fix function name --- app/Login.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Login.py b/app/Login.py index 9c89b91..66a6634 100644 --- a/app/Login.py +++ b/app/Login.py @@ -89,7 +89,7 @@ class UserName: self.username = username def validate(self): - if gen(self.username) > 20: + if len(self.username) > 20: return f'{self.username} is too long. The user name cannot exceed 20 characters.' if self.username.startswith('.'): # a user name must not start with a dot return 'Period (.) is not allowed as the first letter in the user name.' From 702205940cc8962f23b304c55b13ccbb8a0d6639 Mon Sep 17 00:00:00 2001 From: Lan Hui <1348141770@qq.com> Date: Thu, 3 Nov 2022 22:06:24 +0800 Subject: [PATCH 4/6] Login.py: must convert warn to string before comparing to OK --- app/account_service.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/account_service.py b/app/account_service.py index 2d44ec2..2307686 100644 --- a/app/account_service.py +++ b/app/account_service.py @@ -23,7 +23,7 @@ def signup(): #! 添加如下代码为了过滤注册时的非法字符 warn = WarningMessage(username) - if warn != 'OK': + if str(warn) != 'OK': return str(warn) available = check_username_availability(username) From d3a796428d9eac9ebe2f35329540dff34d7fb06b Mon Sep 17 00:00:00 2001 From: Hui Lan Date: Thu, 3 Nov 2022 22:21:34 +0800 Subject: [PATCH 5/6] account_service.py: module re is no longer necessary. --- app/account_service.py | 1 - 1 file changed, 1 deletion(-) diff --git a/app/account_service.py b/app/account_service.py index 2307686..4aafe67 100644 --- a/app/account_service.py +++ b/app/account_service.py @@ -1,6 +1,5 @@ from flask import * from Login import check_username_availability, verify_user, add_user, get_expiry_date, change_password, UserName, WarningMessage -import re # 初始化蓝图 accountService = Blueprint("accountService", __name__) From 29ffada7eb442c19406fa2cc6f8dd1eb6dff2466 Mon Sep 17 00:00:00 2001 From: Hui Lan Date: Thu, 3 Nov 2022 22:28:25 +0800 Subject: [PATCH 6/6] Login.py: improve comments. --- app/Login.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/app/Login.py b/app/Login.py index 66a6634..64612bc 100644 --- a/app/Login.py +++ b/app/Login.py @@ -93,9 +93,9 @@ class UserName: return f'{self.username} is too long. The user name cannot exceed 20 characters.' if self.username.startswith('.'): # a user name must not start with a dot return 'Period (.) is not allowed as the first letter in the user name.' - if ' ' in self.username: # a user must not include a whitespace + if ' ' in self.username: # a user name must not include a whitespace return 'Whitespace is not allowed in the user name.' - for c in self.username: # a user name not include special characters + for c in self.username: # a user name must not include special characters, except non-leading periods or underscores if c in string.punctuation and c is not '.' and c is not '_': return f'{c} is not allowed in the user name.' return 'OK' @@ -111,6 +111,6 @@ class WarningMessage: return result if self.s in ['signup', 'login', 'logout', 'reset', 'mark', 'back', 'unfamiliar', 'familiar', 'del']: - return 'You used a restricted word as the username. Please come up with a better one.' + return 'You used a restricted word as the user name. Please come up with a better one.' return 'OK'