7x31
/
ad-password-self-service
mirror of https://github.com/capricornxl/ad-password-self-service.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

简化代码 

修复路径错误
This commit is contained in:
Github 2019-08-02 22:54:35 +08:00
parent 3962536e7d
commit fa8beccc12
5 changed files with 140 additions and 160 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pwdselfservice/local_settings.py
View File

@ -17,7 +17,7 @@ DING_APP_KEY = 'dingqdzmax324v'
DING_APP_SECRET = 'rnGRJhhw5kVmzykG9mrTDxewmI4e0myPAluMlguYQOaadsf2fhgfdfsx' DING_APP_SECRET = 'rnGRJhhw5kVmzykG9mrTDxewmI4e0myPAluMlguYQOaadsf2fhgfdfsx'
# 钉钉移动应用接入 # 钉钉移动应用接入
DING_SELF_APP_ID = 'dingoabrzugusdfdf33fgfds DING_SELF_APP_ID = 'dingoabrzugusdfdf33fgfds'
DING_SELF_APP_SECRET = 'IrH2MedSgesguFjGvFCTjXYBRZDhA5AI4ADQU5710sgLffdsadf32uhgfdsfs' DING_SELF_APP_SECRET = 'IrH2MedSgesguFjGvFCTjXYBRZDhA5AI4ADQU5710sgLffdsadf32uhgfdsfs'
# Crypty key 通过generate_key生成可不用修改如果需要自行生成请使用Crypto.generate_key自行生成用于加密页面提交的明文密码 # Crypty key 通过generate_key生成可不用修改如果需要自行生成请使用Crypto.generate_key自行生成用于加密页面提交的明文密码

24
readme.md
View File

@ -57,7 +57,7 @@ DING_APP_SECRET = 'rnGRJhhw5kVmzykG9mrTDxewmI4e0myP1123333221jzeKv3amQYWcInLV3x'
# 钉钉移动应用接入 # 钉钉移动应用接入
DING_SELF_APP_ID = 'dingoabr112233xts' DING_SELF_APP_ID = 'dingoabr112233xts'
DING_SELF_APP_SECRET = 'IrH2MedSgesguFjGvFCTjXYBRZD3322112233332211222 DING_SELF_APP_SECRET = 'IrH2MedSgesguFjGvFCTjXYBRZD3322112233332211222'
# Crypty key 通过Crypty.generate_key生成 # Crypty key 通过Crypty.generate_key生成
CRYPTO_KEY = b'dp8U9y7NAhCD3MoNwPzPBhBtTZ1uI_WWSdpNs6wUDgs=' CRYPTO_KEY = b'dp8U9y7NAhCD3MoNwPzPBhBtTZ1uI_WWSdpNs6wUDgs='
@ -90,8 +90,10 @@ IP和路径按自己实际路径修改
[uwsgi] [uwsgi]
http-socket = 192.168.90.111:8000 http-socket = 192.168.90.111:8000
chdir = /usr/local/wwwroot/pwdselfservice # 项目目录
chdir = /usr/local/wwwroot/ad-password-self-service
# settings.py 里的app wsgi名称
module = pwdselfservice.wsgi:application module = pwdselfservice.wsgi:application
master = true master = true
@ -106,21 +108,21 @@ chmod-socket = 755
vacuum = true vacuum = true
#设置缓冲 #设置缓冲大小
post-buffering = 4096 post-buffering = 4096
#设置静态文件 #设置静态文件目录映射
static-map = /static=/usr/local/wwwroot/pwdselfservice/static static-map = /static=/usr/local/wwwroot/ad-password-self-service/static
#设置日志目录 #设置日志保存目录
daemonize = /usr/local/wwwroot/log/uwsgi/uwsgi.log daemonize = /usr/local/wwwroot/log/uwsgi/uwsgi.log
```` ````
## 通过uwsgi启动 ## 通过uwsgi启动
/usr/local/python3/bin/uwsgi -d --ini /usr/loca/wwwroot/pwdselfservice/uwsgi.ini /usr/local/python3/bin/uwsgi -d --ini /usr/local/wwwroot/ad-password-self-service/uwsgi.ini
其中/xxx/xxx/pwdselfservice/uwsgi.ini是你自己的服务器中此文件的真实地址 其中/xxx/xxx/ad-password-self-service/uwsgi.ini是你自己的服务器中此文件的真实地址
启动之后也可以通过IP+端口访问了。 启动之后也可以通过IP+端口访问了。
@ -129,17 +131,17 @@ daemonize = /usr/local/wwwroot/log/uwsgi/uwsgi.log
uwsgi-start.sh: uwsgi-start.sh:
```shell ```shell
#!/bin/sh #!/bin/sh
/usr/local/python3/bin/uwsgi -d --ini /usr/loca/wwwroot/pwdselfservice/uwsgi.ini --touch-reload "/usr/loca/wwwroot/pwdselfservice/reload.set" /usr/local/python3/bin/uwsgi -d --ini /usr/local/wwwroot/ad-password-self-service/uwsgi.ini --touch-reload "/usr/local/wwwroot/ad-password-self-service/reload.set"
``` ```
uwsgi-autoreload.sh: uwsgi-autoreload.sh:
````shell ````shell
#!/bin/sh #!/bin/sh
objectdir="/usr/loca/wwwroot/pwdselfservice" objectdir="/usr/local/wwwroot/ad-password-self-service"
/usr/bin/inotifywait -mrq --exclude "(logs|\.swp|\.swx|\.log|\.pyc|\.sqlite3)" --timefmt '%d/%m/%y %H:%M' --format '%T %wf' --event modify,delete,move,create,attrib ${objectdir} | while read files /usr/bin/inotifywait -mrq --exclude "(logs|\.swp|\.swx|\.log|\.pyc|\.sqlite3)" --timefmt '%d/%m/%y %H:%M' --format '%T %wf' --event modify,delete,move,create,attrib ${objectdir} | while read files
do do
/bin/touch /usr/loca/wwwroot/pwdselfservice/reload.set /bin/touch /usr/local/wwwroot/ad-password-self-service/reload.set
continue continue
done & done &
```` ````

66
resetpwd/views.py
View File

@ -14,6 +14,7 @@ msg_template = 'msg.html'
home_url = HOME_URL home_url = HOME_URL
logger = logging.getLogger('django') logger = logging.getLogger('django')
def resetpwd_index(request): def resetpwd_index(request):
home_url = HOME_URL home_url = HOME_URL
app_id = DING_SELF_APP_ID app_id = DING_SELF_APP_ID
@ -24,6 +25,7 @@ def resetpwd_index(request):
if request.method == 'POST': if request.method == 'POST':
check_form = CheckForm(request.POST) check_form = CheckForm(request.POST)
# 对前端提交的用户名、密码进行二次验证防止有人恶意修改前端JS提交简单密码或提交非法用户
if check_form.is_valid(): if check_form.is_valid():
form_obj = check_form.cleaned_data form_obj = check_form.cleaned_data
user_email = form_obj.get("user_email") user_email = form_obj.get("user_email")
@ -39,7 +41,6 @@ def resetpwd_index(request):
} }
return render(request, msg_template, context) return render(request, msg_template, context)
if user_email and old_password and new_password:
try: try:
# 判断账号是否被锁定 # 判断账号是否被锁定
if ad_get_user_locked_status_by_mail(user_mail_addr=user_email) is not 0: if ad_get_user_locked_status_by_mail(user_mail_addr=user_email) is not 0:
@ -50,6 +51,7 @@ def resetpwd_index(request):
} }
return render(request, msg_template, context) return render(request, msg_template, context)
# 判断账号状态是否禁用或锁定
if ad_get_user_status_by_mail(user_mail_addr=user_email) == 514 or ad_get_user_status_by_mail( if ad_get_user_status_by_mail(user_mail_addr=user_email) == 514 or ad_get_user_status_by_mail(
user_mail_addr=user_email) == 66050: user_mail_addr=user_email) == 66050:
context = { context = {
@ -59,8 +61,22 @@ def resetpwd_index(request):
} }
return render(request, msg_template, context) return render(request, msg_template, context)
else: except IndexError:
try: context = {
'msg': "请确认邮箱账号[%s]是否正确未能在Active Directory中检索到相关信息。" % user_email,
'button_click': "window.location.href='%s'" % home_url,
'button_display': "返回主页"
}
return render(request, msg_template, context)
except Exception as e:
context = {
'msg': "出现未预期的错误[%s],请与管理员联系~" % str(e),
'button_click': "window.history.back()",
'button_display': "返回"
}
return render(request, msg_template, context)
# 修改密码
result = ad_modify_user_pwd_by_mail(user_mail_addr=user_email, old_password=old_password, result = ad_modify_user_pwd_by_mail(user_mail_addr=user_email, old_password=old_password,
new_password=new_password) new_password=new_password)
if result is True: if result is True:
@ -79,44 +95,6 @@ def resetpwd_index(request):
} }
return render(request, msg_template, context) return render(request, msg_template, context)
except IndexError:
context = {
'msg': "请确认邮箱账号[%s]是否正确未能在Active Directory中检索到相关信息。" % user_email,
'button_click': "window.location.href='%s'" % home_url,
'button_display': "返回主页"
}
return render(request, msg_template, context)
except Exception as e:
context = {
'msg': "出现未预期的错误[%s],请与管理员联系~" % str(e),
'button_click': "window.location.href='%s'" % home_url,
'button_display': "返回主页"
}
return render(request, msg_template, context)
except IndexError:
context = {
'msg': "请确认邮箱账号[%s]是否正确未能在Active Directory中检索到相关信息。" % user_email,
'button_click': "window.location.href='%s'" % home_url,
'button_display': "返回主页"
}
return render(request, msg_template, context)
except Exception as e:
context = {
'msg': "出现未预期的错误[%s],请与管理员联系~" % str(e),
'button_click': "window.history.back()",
'button_display': "返回"
}
return render(request, msg_template, context)
else:
context = {
'msg': "用户名、旧密码、新密码参数不正确,请重新确认后输入。",
'button_click': "window.history.back()",
'button_display': "返回"
}
return render(request, msg_template, context)
else: else:
context = { context = {
'msg': "请从主页进行修改密码操作或扫码验证用户信息。", 'msg': "请从主页进行修改密码操作或扫码验证用户信息。",
@ -143,7 +121,7 @@ def resetpwd_check_userinfo(request):
'button_display': "返回主页" 'button_display': "返回主页"
} }
return render(request, msg_template, context) return render(request, msg_template, context)
else:
ding_user_info = ding_get_userinfo_detail(ding_get_userid_by_unionid(unionid)) ding_user_info = ding_get_userinfo_detail(ding_get_userid_by_unionid(unionid))
try: try:
# 钉钉中此账号是否可用 # 钉钉中此账号是否可用
@ -250,7 +228,7 @@ def resetpwd_reset(request):
'button_display': "返回主页" 'button_display': "返回主页"
} }
return render(request, msg_template, context) return render(request, msg_template, context)
else:
try: try:
result = ad_reset_user_pwd_by_mail(user_mail_addr=user_email, new_password=new_password) result = ad_reset_user_pwd_by_mail(user_mail_addr=user_email, new_password=new_password)
if result: if result:
@ -330,7 +308,7 @@ def resetpwd_unlock(request):
'button_display': "返回主页" 'button_display': "返回主页"
} }
return render(request, msg_template, context) return render(request, msg_template, context)
else:
try: try:
result = ad_unlock_user_by_mail(user_email) result = ad_unlock_user_by_mail(user_email)
if result: if result:

2
templates/index.html
View File

@ -108,7 +108,5 @@ if (!!window.ActiveXObject || "ActiveXObject" in window)
alert("您当前使用的浏览器为IE或IE内核因为IE各种体验问题本网站不对IE兼容。\n为能正常使用密码自助修改服务请更换谷歌、火狐等非IE核心的浏览器。\n如果是360、Maxthon" + alert("您当前使用的浏览器为IE或IE内核因为IE各种体验问题本网站不对IE兼容。\n为能正常使用密码自助修改服务请更换谷歌、火狐等非IE核心的浏览器。\n如果是360、Maxthon" +
"等这类双核心浏览器,请切换至[极速模式]亦可。") "等这类双核心浏览器,请切换至[极速模式]亦可。")
} }
</script> </script>
</body></html> </body></html>

12
uwsgi.ini
View File

@ -1,8 +1,10 @@
[uwsgi] [uwsgi]
http-socket = 192.168.90.111:8000 http-socket = 192.168.90.111:8000
chdir = /usr/local/wwwroot/pwdselfservice # 项目目录
chdir = /usr/local/wwwroot/ad-password-self-service
# settings.py 里的wsgi名称
module = pwdselfservice.wsgi:application module = pwdselfservice.wsgi:application
master = true master = true
@ -17,11 +19,11 @@ chmod-socket = 755
vacuum = true vacuum = true
#设置缓冲 #设置缓冲大小
post-buffering = 4096 post-buffering = 4096
#设置静态文件 #设置静态文件目录映射
static-map = /static=/usr/local/wwwroot/pwdselfservice/static static-map = /static=/usr/local/wwwroot/ad-password-self-service/static
#设置日志目录 #设置日志保存目录
daemonize = /usr/local/wwwroot/log/uwsgi/uwsgi.log daemonize = /usr/local/wwwroot/log/uwsgi/uwsgi.log