feat: enhance user authentication with RSA key handling and encrypted data support

Author: wxg0103

apps/chat/serializers/chat_authentication.py

@@ -20,6 +20,7 @@
 from common.constants.cache_version import Cache_Version
 from common.database_model_manage.database_model_manage import DatabaseModelManage
 from common.exception.app_exception import NotFound404, AppUnauthorizedFailed
+from common.utils.rsa_util import get_key_pair_by_sql
 
 
 class AnonymousAuthenticationSerializer(serializers.Serializer):
@@ -82,7 +83,8 @@ def profile(self):
                     'authentication_type': application_access_token.authentication_value.get(
                         'type', 'password'),
                     'max_attempts': max_attempts,
-                    'login_value': final_login_value
+                    'login_value': final_login_value,
+                    'rasKey' : get_key_pair_by_sql().get('key')
                 }
         return profile
 

apps/common/forms/switch_field.py

@@ -28,6 +28,6 @@ def __init__(self, label: str or BaseLabel,
         @param props_info:
         """
 
-        super().__init__('Switch', label, required, default_value, relation_show_field_dict,
+        super().__init__('SwitchInput', label, required, default_value, relation_show_field_dict,
                          {},
                          TriggerType.OPTION_LIST, attrs, props_info)

apps/system_manage/serializers/system.py

@@ -14,7 +14,9 @@
 
 from common.constants.cache_version import Cache_Version
 from common.database_model_manage.database_model_manage import DatabaseModelManage
+from common.utils.rsa_util import get_key_pair_by_sql
 from maxkb import settings
+from system_manage.models import SystemSetting
 
 
 class SettingType(models.CharField):
@@ -38,4 +40,5 @@ def profile():
         version = os.environ.get('MAXKB_VERSION')
         license_is_valid = DatabaseModelManage.get_model('license_is_valid') or (lambda: False)
         return {'version': version, 'edition': settings.edition,
-                'license_is_valid': license_is_valid() if license_is_valid() is not None else False}
+                'license_is_valid': license_is_valid() if license_is_valid() is not None else False,
+                'ras': get_key_pair_by_sql().get('key')}

apps/users/serializers/login.py

@@ -22,6 +22,7 @@
 from common.database_model_manage.database_model_manage import DatabaseModelManage
 from common.exception.app_exception import AppApiException
 from common.utils.common import password_encrypt, get_random_chars
+from common.utils.rsa_util import encrypt, decrypt
 from maxkb.const import CONFIG
 from users.models import User
 
@@ -31,6 +32,9 @@ class LoginRequest(serializers.Serializer):
     password = serializers.CharField(required=True, max_length=128, label=_("Password"))
     captcha = serializers.CharField(required=False, max_length=64, label=_('captcha'), allow_null=True,
                                     allow_blank=True)
+    encryptedData = serializers.CharField(required=False, label=_('encryptedData'), allow_null=True,
+                                        allow_blank=True)
+
 
 
 system_version, system_get_key = Cache_Version.SYSTEM.value
@@ -60,6 +64,10 @@ class LoginSerializer(serializers.Serializer):
     @staticmethod
     def login(instance):
         username = instance.get("username", "")
+        encryptedData = instance.get("encryptedData", "")
+        if encryptedData:
+            json_data = json.loads(decrypt(encryptedData))
+            instance.update(json_data)
         try:
             LoginRequest(data=instance).is_valid(raise_exception=True)
         except Exception as e:
@@ -99,7 +107,7 @@ def login(instance):
             if captcha_cache is None or captcha.lower() != captcha_cache:
                 raise AppApiException(1005, _("Captcha code error or expiration"))
 
-        user = QuerySet(User).filter(username=username, password=password).first()
+        user = QuerySet(User).filter(username=username, password=password_encrypt(password)).first()
         if user is None:
             record_login_fail(username)
             raise AppApiException(500, _('The username or password is incorrect'))