Skip to content

Commit 194bf36

Browse files
wu-clanwu-clan
committed
Update the OAuth2 login password policy
1 parent d64f7c2 commit 194bf36

File tree

3 files changed

+29
-28
lines changed

3 files changed

+29
-28
lines changed

backend/app/admin/model/user.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -27,8 +27,8 @@ class User(Base):
2727
uuid: Mapped[str] = mapped_column(String(50), init=False, default_factory=uuid4_str, unique=True)
2828
username: Mapped[str] = mapped_column(String(20), unique=True, index=True, comment='用户名')
2929
nickname: Mapped[str] = mapped_column(String(20), comment='昵称')
30-
password: Mapped[str] = mapped_column(String(255), comment='密码')
31-
salt: Mapped[bytes] = mapped_column(VARBINARY(255).with_variant(BYTEA(255), 'postgresql'), comment='加密盐')
30+
password: Mapped[str | None] = mapped_column(String(255), comment='密码')
31+
salt: Mapped[bytes | None] = mapped_column(VARBINARY(255).with_variant(BYTEA(255), 'postgresql'), comment='加密盐')
3232
email: Mapped[str | None] = mapped_column(String(50), default=None, unique=True, index=True, comment='邮箱')
3333
phone: Mapped[str | None] = mapped_column(String(11), default=None, comment='手机号')
3434
avatar: Mapped[str | None] = mapped_column(String(255), default=None, comment='头像')

backend/plugin/oauth2/plugin.toml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
[plugin]
22
summary = 'OAuth 2.0'
3-
version = '0.0.3'
3+
version = '0.0.4'
44
description = '通过 OAuth 2.0 的方式登录系统'
55
author = 'wu-clan'
66

backend/plugin/oauth2/service/oauth2_service.py

Lines changed: 26 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -57,35 +57,36 @@ async def create_with_login(
5757
sid = user.get('id')
5858
nickname = user.get('name')
5959

60-
sys_user = None
6160
user_social = await user_social_dao.get_by_sid(db, str(sid), str(social.value))
62-
if not user_social:
61+
if user_social:
62+
sys_user = await user_dao.get(db, user_social.user_id)
63+
# 更新用户头像
64+
if not sys_user.avatar and avatar is not None:
65+
await user_dao.update_avatar(db, sys_user.id, avatar)
66+
else:
67+
sys_user = None
68+
# 检测系统用户是否已存在
6369
if email:
64-
sys_user = await user_dao.check_email(db, email)
65-
66-
# 创建系统用户
67-
if not sys_user:
68-
while await user_dao.get_by_username(db, username):
69-
username = f'{username}_{text_captcha(5)}'
70-
new_sys_user = AddOAuth2UserParam(
71-
username=username,
72-
password='123456', # 默认密码,可修改系统用户表进行默认密码检测并配合前端进行修改密码提示
73-
nickname=nickname,
74-
email=email,
75-
avatar=avatar,
76-
)
77-
await user_dao.add_by_oauth2(db, new_sys_user)
78-
await db.flush()
79-
sys_user = await user_dao.get_by_username(db, username)
70+
sys_user = await user_dao.check_email(db, email) # 通过邮箱验证绑定保证邮箱真实性
8071

81-
# 绑定社交用户
82-
new_user_social = CreateUserSocialParam(sid=str(sid), source=social.value, user_id=sys_user.id)
83-
await user_social_dao.create(db, new_user_social)
72+
# 创建系统用户
73+
if not sys_user:
74+
while await user_dao.get_by_username(db, username):
75+
username = f'{username}_{text_captcha(5)}'
76+
new_sys_user = AddOAuth2UserParam(
77+
username=username,
78+
password=None,
79+
nickname=nickname,
80+
email=email,
81+
avatar=avatar,
82+
)
83+
await user_dao.add_by_oauth2(db, new_sys_user)
84+
await db.flush()
85+
sys_user = await user_dao.get_by_username(db, username)
8486

85-
if not sys_user:
86-
sys_user = await user_dao.get(db, user_social.user_id)
87-
if avatar:
88-
await user_dao.update_avatar(db, sys_user.id, avatar)
87+
# 绑定社交账号
88+
new_user_social = CreateUserSocialParam(sid=str(sid), source=social.value, user_id=sys_user.id)
89+
await user_social_dao.create(db, new_user_social)
8990

9091
# 创建 token
9192
access_token = await jwt.create_access_token(

0 commit comments

Comments
 (0)