bug fix

cd798daf · ibuler · 7f6f46b6 · cd798daf · cd798daf · cd798daf
Commit cd798daf authored Dec 07, 2015 by ibuler
Showing with 38 additions and 39 deletions

user_api.py juser/user_api.py +3 -3

views.py juser/views.py +17 -19

forget_password.html templates/juser/forget_password.html +6 -8

reset_password.html templates/juser/reset_password.html +12 -9

No files found.
--- a/juser/user_api.py
+++ b/juser/user_api.py
@@ -129,7 +129,7 @@ def gen_ssh_key(username, password='',
    生成一个用户ssh密钥对
    """
    logger.debug('生成ssh key， 并设置authorized_keys')
-    private_key_file = os.path.join(key_dir, username+'pem')
+    private_key_file = os.path.join(key_dir, username+'.pem')
    mkdir(key_dir, mode=0700)
    if os.path.isfile(private_key_file):
        os.unlink(private_key_file)
@@ -142,7 +142,7 @@ def gen_ssh_key(username, password='',
        with open(private_key_file+'.pub') as pub_f:
            with open(authorized_key_file, 'w') as auth_f:
                auth_f.write(pub_f.read())
-        os.chmod(authorized_key_file, mode=0600)
+        os.chmod(authorized_key_file, 0600)
        chown(authorized_key_file, username)
@@ -166,7 +166,7 @@ def user_add_mail(user, kwargs):
    mail_msg = u"""
    Hi, %s
        您的用户名： %s
-        您的角色： %s
+        您的权限： %s
        您的web登录密码： %s
        您的ssh密钥文件密码： %s
        密钥下载地址： %s/juser/down_key/?uuid=%s

--- a/juser/views.py
+++ b/juser/views.py
@@ -4,7 +4,7 @@
 # import random
 # from Crypto.PublicKey import RSA
-import uuid as uuid_r
+import uuid
 from django.contrib.auth.decorators import login_required
 from django.db.models import Q
@@ -158,7 +158,7 @@ def user_add(request):
        groups = request.POST.getlist('groups', [])
        admin_groups = request.POST.getlist('admin_groups', [])
        role = request.POST.get('role', 'CU')
-        uuid = uuid_r.uuid1()
+        uuid_r = uuid.uuid1()
        ssh_key_pwd = PyCrypt.gen_rand_pass(16)
        extra = request.POST.getlist('extra', [])
        is_active = False if '0' in extra else True
@@ -180,7 +180,7 @@ def user_add(request):
            try:
                user = db_add_user(username=username, name=name,
                                   password=password,
-                                   email=email, role=role, uuid=uuid,
+                                   email=email, role=role, uuid=uuid_r,
                                   groups=groups, admin_groups=admin_groups,
                                   ssh_key_pwd=ssh_key_pwd,
                                   is_active=is_active,
@@ -262,18 +262,16 @@ def user_del(request):
    for user_id in user_id_list:
        user = get_object(User, id=user_id)
        if user:
-            # TODO: annotation by liuzheng, because useless for me
+            logger.debug("删除用户 %s " % user.username)
-            # assets = user_permed(user)
+            bash('userdel -r %s' % user.username)
-            # result = _public_perm_api({'type': 'del_user', 'user': user, 'asset': assets})
-            # print result
            user.delete()
    return HttpResponse('删除成功')
 @require_role('admin')
 def send_mail_retry(request):
-    user_uuid = request.GET.get('uuid', '1')
+    uuid_r = request.GET.get('uuid', '1')
-    user = get_object(User, uuid=user_uuid)
+    user = get_object(User, uuid=uuid_r)
    msg = u"""
    跳板机地址： %s
    用户名：%s
@@ -315,19 +313,14 @@ def reset_password(request):
    hash_encode = request.GET.get('hash', '')
    action = '/juser/reset_password/?uuid=%s&timestamp=%s&hash=%s' % (uuid_r, timestamp, hash_encode)
-    if hash_encode == PyCrypt.md5_crypt(uuid_r + timestamp + KEY):
-        if int(time.time()) - int(timestamp) > 600:
-            return http_error(request, u'链接已超时')
-        else:
-            return render_to_response('juser/reset_password.html', locals())
    if request.method == 'POST':
        password = request.POST.get('password')
        password_confirm = request.POST.get('password_confirm')
+        print password, password_confirm
        if password != password_confirm:
            return HttpResponse('密码不匹配')
        else:
-            user = get_object(User, uuid=uuid)
+            user = get_object(User, uuid=uuid_r)
            if user:
                user.password = PyCrypt.md5_crypt(password)
                user.save()
@@ -335,6 +328,12 @@ def reset_password(request):
            else:
                return HttpResponse('用户不存在')
+    if hash_encode == PyCrypt.md5_crypt(uuid_r + timestamp + KEY):
+        if int(time.time()) - int(timestamp) > 600:
+            return http_error(request, u'链接已超时')
+        else:
+            return render_to_response('juser/reset_password.html', locals())
    return http_error(request, u'错误请求')
@@ -398,7 +397,6 @@ def user_edit(request):
            send_mail('您的信息已修改', msg, MAIL_FROM, [email], fail_silently=False)
        return HttpResponseRedirect('/juser/user_list/')
    return my_render('juser/user_edit.html', locals(), request)
@@ -447,8 +445,8 @@ def change_info(request):
 @require_role(role='user')
 def regen_ssh_key(request):
-    uuid = request.GET.get('uuid', '')
+    uuid_r = request.GET.get('uuid', '')
-    user = get_object(User, uuid=uuid)
+    user = get_object(User, uuid=uuid_r)
    if not user:
        return HttpResponse('没有该用户')

--- a/templates/juser/forget_password.html
+++ b/templates/juser/forget_password.html
@@ -15,9 +15,9 @@
 <body class="gray-bg">
-<div class="lock-word animated fadeInDown">
+    <div class="lock-word animated fadeInDown">
-    <span class="first-word">Jumperver</span>
+        <span class="first-word">Jumperver</span>
-</div>
+    </div>
    <div class="middle-box text-center lockscreen animated fadeInDown">
        <div>
            <div class="m-b-md">
@@ -47,7 +47,5 @@
    <script src="/static/js/jquery-2.1.1.js"></script>
    <script src="/static/js/bootstrap.min.js"></script>
+</body>
+</html>
\ No newline at end of file
-</body></html>
\ No newline at end of file
--- a/templates/juser/reset_password.html
+++ b/templates/juser/reset_password.html
-<html><head>
+<html>
+<head>
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
@@ -10,8 +11,8 @@
    <link href="/static/css/animate.css" rel="stylesheet">
    <link href="/static/css/style.css" rel="stylesheet">
+    <style type="text/css"></style>
-<style type="text/css"></style></head>
+</head>
 <body class="gray-bg">
@@ -31,8 +32,8 @@
            <h3>请输入新密码</h3>
            <form class="m-t" role="form" id="restForm" action="{{ action }}" method="post">
                <div class="form-group">
-                    <input type="password" name='password' class="form-control" placeholder="New Password" required="">
+                    <input type="password" name='password' class="form-control" placeholder="New Password">
-                    <input type="password" name='password_confirm' class="form-control" placeholder="Password Confirm" required="">
+                    <input type="password" name='password_confirm' class="form-control" placeholder="Password Confirm">
                </div>
                <button type="submit" class="btn btn-primary block full-width">确定</button>
            </form>
@@ -42,23 +43,25 @@
    <script src="/static/js/jquery-2.1.1.js"></script>
    <script src="/static/js/bootstrap.min.js"></script>
    <script src="/static/js/validator/jquery.validator.js"></script>
    <script>
        $('#restForm').validator({
        timely: 2,
        theme: "yellow_right_effect",
        rules: {
-            check_pass: [/^\w+$/, '数字和字符']
+            check_pass: [/^\w{8,50}$/, '数字和字符,8-50位']
        },
        fields: {
            "password": {
-                rule: "length[6~50];check_pass",
+                rule: "required;check_pass",
                tip: "输入密码",
                ok: "",
                msg: {required: "必须填写!"}
            },
            'password_confirm': {
-                rule: "match[password]"
+                rule: "required;check_pass;",
+                tip: '确认密码',
+                msg: {required: "必须填写!"}
            }
        },
        valid: function(form) {