feat: 用户密码新增非法字符验证

2024-05-11 14:58:02 +08:00
parent c9cb8c6542
commit 901a66bafa
8 changed files with 68 additions and 8 deletions
--- a/ruoyi-fastapi-backend/module_admin/entity/vo/login_vo.py
+++ b/ruoyi-fastapi-backend/module_admin/entity/vo/login_vo.py
@@ -1,6 +1,8 @@
-from pydantic import BaseModel, ConfigDict
+import re
+from pydantic import BaseModel, ConfigDict, model_validator
 from pydantic.alias_generators import to_camel
 from typing import Optional
+from exceptions.exception import ModelValidatorException


 class UserLogin(BaseModel):
@@ -23,6 +25,14 @@ class UserRegister(BaseModel):
    code: Optional[str] = None
    uuid: Optional[str] = None

+    @model_validator(mode='after')
+    def check_password(self) -> 'UserRegister':
+        pattern = r'''^[^<>"'|\\]+$'''
+        if self.password is None or re.match(pattern, self.password):
+            return self
+        else:
+            raise ModelValidatorException(message="密码不能包含非法字符：< > \" ' \\ |")
+

 class Token(BaseModel):
    access_token: str
--- a/ruoyi-fastapi-backend/module_admin/entity/vo/user_vo.py
+++ b/ruoyi-fastapi-backend/module_admin/entity/vo/user_vo.py
@@ -1,3 +1,4 @@
+import re
 from pydantic import BaseModel, ConfigDict, model_validator
 from pydantic.alias_generators import to_camel
 from typing import Union, Optional, List
@@ -6,6 +7,7 @@ from module_admin.entity.vo.role_vo import RoleModel
 from module_admin.entity.vo.dept_vo import DeptModel
 from module_admin.entity.vo.post_vo import PostModel
 from module_admin.annotation.pydantic_annotation import as_query, as_form
+from exceptions.exception import ModelValidatorException


 class TokenData(BaseModel):
@@ -42,6 +44,14 @@ class UserModel(BaseModel):
    remark: Optional[str] = None
    admin: Optional[bool] = False

+    @model_validator(mode='after')
+    def check_password(self) -> 'UserModel':
+        pattern = r'''^[^<>"'|\\]+$'''
+        if self.password is None or re.match(pattern, self.password):
+            return self
+        else:
+            raise ModelValidatorException(message="密码不能包含非法字符：< > \" ' \\ |")
+
    @model_validator(mode='after')
    def check_admin(self) -> 'UserModel':
        if self.user_id == 1:
@@ -144,6 +154,25 @@ class EditUserModel(AddUserModel):
    role: Optional[List] = []


+@as_query
+class ResetPasswordModel(BaseModel):
+    """
+    重置密码模型
+    """
+    model_config = ConfigDict(alias_generator=to_camel)
+
+    old_password: Optional[str] = None
+    new_password: Optional[str] = None
+
+    @model_validator(mode='after')
+    def check_new_password(self) -> 'ResetPasswordModel':
+        pattern = r'''^[^<>"'|\\]+$'''
+        if self.new_password is None or re.match(pattern, self.new_password):
+            return self
+        else:
+            raise ModelValidatorException(message="密码不能包含非法字符：< > \" ' \\ |")
+
+
 class ResetUserModel(UserModel):
    """
    重置用户密码模型