feat: Login and add graphic captcha

Author: shaohuzhang1

apps/common/util/common.py

@@ -11,6 +11,7 @@
 import io
 import mimetypes
 import pickle
+import random
 import re
 import shutil
 from functools import reduce
@@ -297,3 +298,10 @@ def markdown_to_plain_text(md: str) -> str:
     # 去除首尾空格
     text = text.strip()
     return text
+
+
+CHAR_SET = ['0', '1', '2', '3', '4', '5', '6', '7', '8', '9']
+
+
+def get_random_chars(number=6):
+    return "".join([CHAR_SET[random.randint(0, len(CHAR_SET) - 1)] for index in range(number)])

apps/locales/en_US/LC_MESSAGES/django.po

@@ -7490,4 +7490,13 @@ msgid "Field: {name} No value set"
 msgstr ""
 
 msgid "Generate related"
+msgstr ""
+
+msgid "Obtain graphical captcha"
+msgstr ""
+
+msgid "Captcha code error or expiration"
+msgstr ""
+
+msgid "captcha"
 msgstr ""

apps/locales/zh_CN/LC_MESSAGES/django.po

@@ -7653,4 +7653,13 @@ msgid "Field: {name} No value set"
 msgstr "字段: {name} 未设置值"
 
 msgid "Generate related"
-msgstr "生成问题"
+msgstr "生成问题"
+
+msgid "Obtain graphical captcha"
+msgstr "获取图形验证码"
+
+msgid "Captcha code error or expiration"
+msgstr "验证码错误或过期"
+
+msgid "captcha"
+msgstr "验证码"

apps/locales/zh_Hant/LC_MESSAGES/django.po

@@ -7663,4 +7663,13 @@ msgid "Field: {name} No value set"
 msgstr "欄位: {name} 未設定值"
 
 msgid "Generate related"
-msgstr "生成問題"
+msgstr "生成問題"
+
+msgid "Obtain graphical captcha"
+msgstr "獲取圖形驗證碼"
+
+msgid "Captcha code error or expiration"
+msgstr "驗證碼錯誤或過期"
+
+msgid "captcha"
+msgstr "驗證碼"

apps/smartdoc/settings/base.py

@@ -126,6 +126,10 @@
     "token_cache": {
         'BACKEND': 'common.cache.file_cache.FileCache',
         'LOCATION': os.path.join(PROJECT_DIR, 'data', 'cache', "token_cache")  # 文件夹路径
+    },
+    'captcha_cache': {
+        'BACKEND': 'common.cache.file_cache.FileCache',
+        'LOCATION': os.path.join(PROJECT_DIR, 'data', 'cache', "captcha_cache")  # 文件夹路径
     }
 }
 

apps/users/serializers/user_serializers.py

@@ -6,18 +6,22 @@
     @date：2023/9/5 16:32
     @desc:
 """
+import base64
 import datetime
 import os
 import random
 import re
 import uuid
 
+from captcha.image import ImageCaptcha
 from django.conf import settings
 from django.core import validators, signing, cache
 from django.core.mail import send_mail
 from django.core.mail.backends.smtp import EmailBackend
 from django.db import transaction
 from django.db.models import Q, QuerySet, Prefetch
+from django.utils.translation import get_language
+from django.utils.translation import gettext_lazy as _, to_locale
 from drf_yasg import openapi
 from rest_framework import serializers
 
@@ -30,7 +34,7 @@
 from common.mixins.api_mixin import ApiMixin
 from common.models.db_model_manage import DBModelManage
 from common.response.result import get_api_response
-from common.util.common import valid_license
+from common.util.common import valid_license, get_random_chars
 from common.util.field_message import ErrMessage
 from common.util.lock import lock
 from dataset.models import DataSet, Document, Paragraph, Problem, ProblemParagraphMapping
@@ -39,9 +43,29 @@
 from setting.models import Team, SystemSetting, SettingType, Model, TeamMember, TeamMemberPermission
 from smartdoc.conf import PROJECT_DIR
 from users.models.user import User, password_encrypt, get_user_dynamics_permission
-from django.utils.translation import gettext_lazy as _, gettext, to_locale
-from django.utils.translation import get_language
+
 user_cache = cache.caches['user_cache']
+captcha_cache = cache.caches['captcha_cache']
+
+
+class CaptchaSerializer(ApiMixin, serializers.Serializer):
+    @staticmethod
+    def get_response_body_api():
+        return get_api_response(openapi.Schema(
+            type=openapi.TYPE_STRING,
+            title="captcha",
+            default="xxxx",
+            description="captcha"
+        ))
+
+    @staticmethod
+    def generate():
+        chars = get_random_chars()
+        image = ImageCaptcha()
+        data = image.generate(chars)
+        captcha = base64.b64encode(data.getbuffer())
+        captcha_cache.set(f"LOGIN:{chars}", chars, timeout=5 * 60)
+        return 'data:image/png;base64,' + captcha.decode()
 
 
 class SystemSerializer(ApiMixin, serializers.Serializer):
@@ -71,13 +95,19 @@ class LoginSerializer(ApiMixin, serializers.Serializer):
 
     password = serializers.CharField(required=True, error_messages=ErrMessage.char(_("Password")))
 
+    captcha = serializers.CharField(required=True, error_messages=ErrMessage.char(_("captcha")))
+
     def is_valid(self, *, raise_exception=False):
         """
         校验参数
         :param raise_exception: Whether to throw an exception can only be True
         :return: User information
         """
         super().is_valid(raise_exception=True)
+        captcha = self.data.get('captcha')
+        captcha_value = captcha_cache.get(f"LOGIN:{captcha}")
+        if captcha_value is None:
+            raise AppApiException(1005, _("Captcha code error or expiration"))
         username = self.data.get("username")
         password = password_encrypt(self.data.get("password"))
         user = QuerySet(User).filter(Q(username=username,
@@ -109,7 +139,8 @@ def get_request_body_api(self):
             required=['username', 'password'],
             properties={
                 'username': openapi.Schema(type=openapi.TYPE_STRING, title=_("Username"), description=_("Username")),
-                'password': openapi.Schema(type=openapi.TYPE_STRING, title=_("Password"), description=_("Password"))
+                'password': openapi.Schema(type=openapi.TYPE_STRING, title=_("Password"), description=_("Password")),
+                'captcha': openapi.Schema(type=openapi.TYPE_STRING, title=_("captcha"), description=_("captcha"))
             }
         )
 

apps/users/urls.py

@@ -6,6 +6,7 @@
 urlpatterns = [
     path('profile', views.Profile.as_view()),
     path('user', views.User.as_view(), name="profile"),
+    path('user/captcha', views.CaptchaView.as_view(), name='captcha'),
     path('user/language', views.SwitchUserLanguageView.as_view(), name='language'),
     path('user/list', views.User.Query.as_view()),
     path('user/login', views.Login.as_view(), name='login'),

apps/users/views/user.py

@@ -26,7 +26,7 @@
 from users.serializers.user_serializers import RegisterSerializer, LoginSerializer, CheckCodeSerializer, \
     RePasswordSerializer, \
     SendEmailSerializer, UserProfile, UserSerializer, UserManageSerializer, UserInstanceSerializer, SystemSerializer, \
-    SwitchLanguageSerializer
+    SwitchLanguageSerializer, CaptchaSerializer
 from users.views.common import get_user_operation_object, get_re_password_details
 
 user_cache = cache.caches['user_cache']
@@ -170,6 +170,18 @@ def _get_details(request):
     }
 
 
+class CaptchaView(APIView):
+
+    @action(methods=['GET'], detail=False)
+    @swagger_auto_schema(operation_summary=_("Obtain graphical captcha"),
+                         operation_id=_("Obtain graphical captcha"),
+                         responses=CaptchaSerializer().get_response_body_api(),
+                         security=[],
+                         tags=[_("User management")])
+    def get(self, request: Request):
+        return result.success(CaptchaSerializer().generate())
+
+
 class Login(APIView):
 
     @action(methods=['POST'], detail=False)

pyproject.toml

@@ -68,6 +68,7 @@ django-db-connection-pool = "1.2.5"
 opencv-python-headless = "4.11.0.86"
 pymysql = "1.1.1"
 accelerate = "1.6.0"
+captcha = "0.7.1"
 [build-system]
 requires = ["poetry-core"]
 build-backend = "poetry.core.masonry.api"

ui/src/api/type/user.ts

@@ -37,6 +37,10 @@ interface LoginRequest {
    * 密码
    */
   password: string
+  /**
+   * 验证码
+   */
+  captcha: string
 }
 
 interface RegisterRequest {