ngskcloud
/
gcgj-dify-1.7.0
17
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add reset password

Browse Source
pull/17608/head
fuwx 1 year ago
parent 96657b65ee
commit ca455af9db
No known key found for this signature in database
GPG Key ID: C8FA8C18DFB4702B
2 changed files with 37 additions and 0 deletions
Show Stats Download Patch File Download Diff File

19
api/controllers/console/workspace/account.py
Unescape Escape View File

@ -215,6 +215,24 @@ class APOAccountPasswordApi(Resource):
return {"result": "success"} return {"result": "success"}
class APOAccountResetPasswordApi(Resource):
def post(self):
parser = reqparse.RequestParser()
parser.add_argument("username", type=str, required=True, location="json")
parser.add_argument("new_password", type=str, required=True, location="json")
args = parser.parse_args()
current_user = AccountService.get_user_through_email(args["username"]+"@apo.com")
if not current_user:
return {"result": "failed", "message": "Account not found"}
try:
AccountService.apo_reset_account_password(current_user, args["new_password"])
except ServiceCurrentPasswordIncorrectError:
return {"result": "failed", "message": "Current password incorrect"}
return {"result": "success"}
class AccountIntegrateApi(Resource): class AccountIntegrateApi(Resource):
integrate_fields = { integrate_fields = {
"provider": fields.String, "provider": fields.String,
@ -325,6 +343,7 @@ api.add_resource(AccountInterfaceThemeApi, "/account/interface-theme")
api.add_resource(AccountTimezoneApi, "/account/timezone") api.add_resource(AccountTimezoneApi, "/account/timezone")
api.add_resource(AccountPasswordApi, "/account/password") api.add_resource(AccountPasswordApi, "/account/password")
api.add_resource(APOAccountPasswordApi, "/apo/account/password") api.add_resource(APOAccountPasswordApi, "/apo/account/password")
api.add_resource(APOAccountResetPasswordApi, "/apo/account/reset-password")
api.add_resource(AccountIntegrateApi, "/account/integrates") api.add_resource(AccountIntegrateApi, "/account/integrates")
api.add_resource(AccountDeleteVerifyApi, "/account/delete/verify") api.add_resource(AccountDeleteVerifyApi, "/account/delete/verify")
api.add_resource(AccountDeleteApi, "/account/delete") api.add_resource(AccountDeleteApi, "/account/delete")

18
api/services/account_service.py
Unescape Escape View File

@ -194,6 +194,24 @@ class AccountService:
account.password_salt = base64_salt account.password_salt = base64_salt
db.session.commit() db.session.commit()
return account return account
@staticmethod
def apo_reset_account_password(account, new_password):
"""reset account password"""
# may be raised
valid_password(new_password)
# generate password salt
salt = secrets.token_bytes(16)
base64_salt = base64.b64encode(salt).decode()
# encrypt password with salt
password_hashed = hash_password(new_password, salt)
base64_password_hashed = base64.b64encode(password_hashed).decode()
account.password = base64_password_hashed
account.password_salt = base64_salt
db.session.commit()
return account
@staticmethod @staticmethod
def create_account( def create_account(

Write Preview
Loading…
Cancel
Save