floraachy/gitlink-forgeplus
1
0
Fork 0
mirror of https://gitlink.org.cn/Gitlink/forgeplus.git synced 2026-05-22 04:35:45 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

修改密码最短要求为6,最长要求为32

Browse Source
This commit is contained in:
Gitea
2023-10-25 10:09:01 +08:00
parent c2b1a141c2
commit b05a7d3b76
245 changed files with 8780 additions and 8322 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/controllers/api/v1/users_controller.rb
View File

@@ -54,7 +54,7 @@ class Api::V1::UsersController < Api::V1::BaseController
def check_password
password = params[:password]
return tip_exception(-5, "8~16位密码,支持字母数字和符号") unless password =~ CustomRegexp::PASSWORD
return tip_exception(-5, "6~32位密码,支持字母数字和符号") unless password =~ CustomRegexp::PASSWORD
return tip_exception(-5, "密码错误") unless @observe_user.check_password?(password)
render_ok
end

4
app/forms/base_form.rb
View File

@@ -44,14 +44,14 @@ class BaseForm
def check_password(password)
password = strip(password)
raise PasswordFormatError, "密码8~16位密码,支持字母数字和符号" unless password =~ CustomRegexp::PASSWORD
raise PasswordFormatError, "密码6~32位密码,支持字母数字和符号" unless password =~ CustomRegexp::PASSWORD
end
def check_password_confirmation(password, password_confirmation)
password = strip(password)
password_confirmation = strip(password_confirmation)
raise PasswordFormatError, "确认密码为8~16位密码,支持字母数字和符号" unless password_confirmation =~ CustomRegexp::PASSWORD
raise PasswordFormatError, "确认密码为6~32位密码,支持字母数字和符号" unless password_confirmation =~ CustomRegexp::PASSWORD
raise PasswordConfirmationError, "两次输入的密码不一致" unless password == password_confirmation
end

2
app/forms/users/login_form.rb
View File

@@ -4,5 +4,5 @@ class Users::LoginForm
attr_accessor :password, :login
validates :login, presence: true
validates :password, presence: true, length: { minimum: 6, maximum: 16 }, format: { with: CustomRegexp::LOGIN_PASSWORD, message: "6~16位,支持字母数字和符号" }
validates :password, presence: true, length: { minimum: 6, maximum: 32 }, format: { with: CustomRegexp::LOGIN_PASSWORD, message: "6~32位,支持字母数字和符号" }
end

2
app/forms/users/update_password_form.rb
View File

@@ -3,5 +3,5 @@ class Users::UpdatePasswordForm
attr_accessor :password, :old_password
validates :password, presence: true, length: { minimum: 8, maximum: 16 }, format: { with: CustomRegexp::PASSWORD, message: "8~16位密码,支持字母数字和符号" }
validates :password, presence: true, length: { minimum: 6, maximum: 32 }, format: { with: CustomRegexp::PASSWORD, message: "6~32位密码,支持字母数字和符号" }
end

104
app/models/user.rb
View File

@@ -8,8 +8,8 @@
# firstname :string(30) default(""), not null
# lastname :string(255) default(""), not null
# mail :string(60)
# admin :boolean default("0"), not null
# status :integer default("1"), not null
# admin :boolean default(FALSE), not null
# status :integer default(1), not null
# last_login_on :datetime
# language :string(5) default("")
# auth_source_id :integer
@@ -20,36 +20,33 @@
# mail_notification :string(255) default(""), not null
# salt :string(64)
# gid :integer
# visits :integer default("0")
# excellent_teacher :integer default("0")
# excellent_student :integer default("0")
# visits :integer default(0)
# excellent_teacher :integer default(0)
# excellent_student :integer default(0)
# phone :string(255)
# authentication :boolean default("0")
# grade :integer default("0")
# experience :integer default("0")
# authentication :boolean default(FALSE)
# grade :integer default(0)
# experience :integer default(0)
# nickname :string(255)
# show_realname :boolean default("1")
# professional_certification :boolean default("0")
# show_realname :boolean default(TRUE)
# professional_certification :boolean default(FALSE)
# ID_number :string(255)
# certification :integer default("0")
# homepage_teacher :boolean default("0")
# homepage_engineer :boolean default("0")
# is_test :integer default("0")
# ecoder_user_id :integer default("0")
# business :boolean default("0")
# profile_completed :boolean default("0")
# certification :integer default(0)
# homepage_teacher :boolean default(FALSE)
# homepage_engineer :boolean default(FALSE)
# is_test :integer default(0)
# ecoder_user_id :integer default(0)
# business :boolean default(FALSE)
# profile_completed :boolean default(FALSE)
# laboratory_id :integer
# platform :string(255) default("0")
# platform :string(255) default(NULL)
# gitea_token :string(255)
# gitea_uid :integer
# is_shixun_marker :boolean default("0")
# is_sync_pwd :boolean default("1")
# watchers_count :integer default("0")
# devops_step :integer default("0")
# sign_cla :boolean default("0")
# enabling_cla :boolean default("0")
# id_card_verify :boolean default("0")
# website_permission :boolean default("0")
# is_shixun_marker :boolean default(FALSE)
# is_sync_pwd :boolean default(TRUE)
# watchers_count :integer default(0)
# devops_step :integer default(0)
# sign_cla :boolean default(FALSE)
#
# Indexes
#
@@ -57,7 +54,7 @@
# index_users_on_homepage_engineer (homepage_engineer)
# index_users_on_homepage_teacher (homepage_teacher)
# index_users_on_laboratory_id (laboratory_id)
# index_users_on_login (login) UNIQUE
# index_users_on_login (login)
# index_users_on_mail (mail)
# index_users_on_type (type)
#
@@ -105,7 +102,7 @@ class User < Owner
MAIL_LENGTH_LMIT = 60
# 最短密码长度修改为6
# MIX_PASSWORD_LIMIT = 8
MIX_PASSWORD_LIMIT = 6
MIX_PASSWORD_LIMIT = 6
LOGIN_CHARS = %W(2 3 4 5 6 7 8 9 a b c f e f g h i j k l m n o p q r s t u v w x y z).freeze
@@ -123,20 +120,19 @@ class User < Owner
has_many :open_users, dependent: :destroy
has_one :wechat_open_user, class_name: 'OpenUsers::Wechat'
has_one :qq_open_user, class_name: 'OpenUsers::Qq'
has_one :identity_verification
accepts_nested_attributes_for :user_extension, update_only: true
has_many :fork_users, dependent: :destroy
has_many :versions
has_many :issue_times, :dependent => :destroy
# has_one :onclick_time, :dependent => :destroy
has_one :onclick_time, :dependent => :destroy
# 新版私信
# has_many :private_messages, dependent: :destroy
has_many :private_messages, dependent: :destroy
has_many :recent_contacts, through: :private_messages, source: :target
has_many :tidings, :dependent => :destroy
# has_many :journals_for_messages, :as => :jour, :dependent => :destroy
has_many :journals_for_messages, :as => :jour, :dependent => :destroy
has_many :attachments,foreign_key: :author_id, :dependent => :destroy
@@ -146,7 +142,7 @@ class User < Owner
has_many :apply_user_authentication
has_one :process_real_name_apply, -> { processing.real_name_auth.order(created_at: :desc) }, class_name: 'ApplyUserAuthentication'
has_one :process_professional_apply, -> { processing.professional_auth.order(created_at: :desc) }, class_name: 'ApplyUserAuthentication'
# has_many :apply_actions, dependent: :destroy
has_many :apply_actions, dependent: :destroy
has_many :trail_auth_apply_actions, -> { where(container_type: 'TrialAuthorization') }, class_name: 'ApplyAction'
# has_many :attendances
@@ -186,18 +182,12 @@ class User < Owner
has_many :issue_participants, foreign_key: :participant_id
has_many :participant_issues, through: :issue_participants, source: :issue
has_many :project_topics
#cla
has_many :user_clas, :dependent => :destroy
has_many :clas, through: :user_clas
has_many :pages, :dependent => :destroy
# Groups and active users
scope :active, lambda { where(status: [STATUS_ACTIVE, STATUS_EDIT_INFO]) }
scope :like, lambda { |keywords|
# 表情处理
keywords = keywords.to_s.each_char.select { |c| c.bytes.first < 240 }.join('')
sql = "CONCAT(lastname, firstname) LIKE :search OR nickname LIKE :search OR login LIKE :search OR mail LIKE :search OR phone LIKE :search"
sql = "CONCAT(lastname, firstname) LIKE :search OR nickname LIKE :search OR login LIKE :search OR mail LIKE :search OR nickname LIKE :search"
where(sql, :search => "%#{keywords.strip}%") unless keywords.blank?
}
@@ -472,23 +462,6 @@ class User < Owner
end
end
def register_gitea
psd = "12345678"
interactor = Gitea::RegisterInteractor.call({username: self.login, email: self.mail, password: psd})
if interactor.success?
gitea_user = interactor.result
result = Gitea::User::GenerateTokenService.call(self.login, psd)
self.gitea_token = result['sha1']
self.gitea_uid = gitea_user[:body]['id']
self.password = psd
self.password_confirmation = psd
if self.save!
UserExtension.create!(user_id: self.id)
end
end
end
def activate!
update_attribute(:status, STATUS_ACTIVE)
prohibit_gitea_user_login!(false)
@@ -764,7 +737,6 @@ class User < Owner
if password
salt_password(password)
end
check_website_permission
end
def salt_password(clear_password)
@@ -772,13 +744,6 @@ class User < Owner
self.hashed_password = User.hash_password("#{salt}#{User.hash_password clear_password}")
end
def check_website_permission
if website_permission_changed? && website_permission == false
self.pages.update_all(state: false, state_description:"因违规使用现关闭Page服务")
PageService.close_site(self.id)
end
end
def self.generate_salt
Gitlink::Utils.random_hex(16)
end
@@ -872,8 +837,7 @@ class User < Owner
end
def profile_is_completed?
#self.nickname.present? && self.mail.present?
self.mail.present?
self.nickname.present? && self.mail.present?
end
def trace_token
@@ -896,7 +860,7 @@ class User < Owner
# 重写gitea_token,当用户为bot类型时替换成管理员token
def gitea_token
if self.respond_to?('platform') && self.platform == "bot"
if self.platform == "bot"
GiteaService.gitea_config[:admin_token]
else
self['gitea_token']
@@ -944,8 +908,8 @@ class User < Owner
raise("密码长度不能低于#{MIX_PASSWORD_LIMIT}")
end
if password.present? && password.size > 16
raise('密码长度不能超过16位')
if password.present? && password.size > 32
raise('密码长度不能超过32位')
end
end