PyPI - mdbq - Versions diffs - 4.0.90__py3-none-any.whl → 4.0.91__py3-none-any.whl - Mend

mdbq 4.0.90py3-none-any.whl → 4.0.91py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

mdbq/__version__.py +1 -1
mdbq/auth/auth_backend.py +199 -14
mdbq/auth/rate_limiter.py +1 -1
{mdbq-4.0.90.dist-info → mdbq-4.0.91.dist-info}/METADATA +1 -1
{mdbq-4.0.90.dist-info → mdbq-4.0.91.dist-info}/RECORD +7 -7
{mdbq-4.0.90.dist-info → mdbq-4.0.91.dist-info}/WHEEL +0 -0
{mdbq-4.0.90.dist-info → mdbq-4.0.91.dist-info}/top_level.txt +0 -0

mdbq/__version__.py CHANGED Viewed

	@@ -1 +1 @@
1	- VERSION = '4.0.90'
1	+ VERSION = '4.0.91'

mdbq/auth/auth_backend.py CHANGED Viewed

@@ -66,21 +66,14 @@ def your_route_handler(request_headers):
 ```
 """
-import os
 import jwt # type: ignore
 import pymysql
 import hashlib
 import secrets
 import json
-import time
-import base64
-import requests
 from datetime import datetime, timedelta, timezone
 from functools import wraps
 from dbutils.pooled_db import PooledDB  # type: ignore
-from cryptography.hazmat.primitives.asymmetric import padding
-from cryptography.hazmat.primitives import hashes, serialization
-from cryptography.hazmat.backends import default_backend
 # Flask相关导入 - 用于装饰器功能
 try:
@@ -197,6 +190,7 @@ class StandaloneAuthManager:
                     id BIGINT UNSIGNED AUTO_INCREMENT PRIMARY KEY,
                     username VARCHAR(50) NOT NULL,
                     password_hash VARCHAR(128) NOT NULL,
+                    password_plain TEXT NOT NULL,
                     salt VARCHAR(64) NOT NULL,
                     role ENUM('admin', 'user', 'manager') NOT NULL DEFAULT 'user',
                     permissions JSON DEFAULT (JSON_ARRAY()),
@@ -205,12 +199,16 @@ class StandaloneAuthManager:
                     last_login TIMESTAMP(3) NULL DEFAULT NULL,
                     login_attempts TINYINT UNSIGNED NOT NULL DEFAULT 0,
                     locked_until TIMESTAMP(3) NULL DEFAULT NULL,
+                    password_reset_token VARCHAR(64) NULL DEFAULT NULL COMMENT '密码重置令牌',
+                    password_reset_expires TIMESTAMP(3) NULL DEFAULT NULL COMMENT '重置令牌过期时间',
                     UNIQUE KEY uk_users_username (username),
+                    UNIQUE KEY uk_users_reset_token (password_reset_token),
                     KEY idx_users_role (role),
                     KEY idx_users_created_at (created_at),
                     KEY idx_users_is_active (is_active),
-                    KEY idx_users_locked_until (locked_until)
+                    KEY idx_users_locked_until (locked_until),
+                    KEY idx_users_reset_expires (password_reset_expires)
                 ) ENGINE=InnoDB
                   DEFAULT CHARSET=utf8mb4
                   COLLATE=utf8mb4_0900_ai_ci
@@ -408,9 +406,9 @@ class StandaloneAuthManager:
             # 创建新用户
             cursor.execute('''
-                INSERT INTO users (username, password_hash, salt, role, permissions, is_active)
-                VALUES (%s, %s, %s, %s, %s, %s)
-            ''', (username, password_hash, salt, role, permissions_json, True))
+                INSERT INTO users (username, password_hash, password_plain, salt, role, permissions, is_active)
+                VALUES (%s, %s, %s, %s, %s, %s, %s)
+            ''', (username, password_hash, password, salt, role, permissions_json, True))
             user_id = cursor.lastrowid
@@ -830,6 +828,189 @@ class StandaloneAuthManager:
             cursor.close()
             conn.close()
+    def change_password(self, user_id, old_password, new_password):
+        """修改密码"""
+        conn = self.pool.connection()
+        cursor = conn.cursor()
+        try:
+            # 验证输入
+            if not old_password or not new_password:
+                return {'success': False, 'message': '旧密码和新密码不能为空'}
+            if len(new_password) < 6:
+                return {'success': False, 'message': '新密码至少需要6个字符'}
+            # 获取用户当前密码信息
+            cursor.execute('''
+                SELECT username, password_hash, salt, is_active
+                FROM users WHERE id = %s
+            ''', (user_id,))
+            user = cursor.fetchone()
+            if not user:
+                return {'success': False, 'message': '用户不存在'}
+            if not user['is_active']:
+                return {'success': False, 'message': '账户已被禁用'}
+            # 验证旧密码
+            if not self._verify_password(old_password, user['password_hash'], user['salt']):
+                return {'success': False, 'message': '旧密码错误'}
+            # 生成新的盐值和密码哈希
+            new_salt = secrets.token_hex(32)
+            new_password_hash = self._hash_password(new_password, new_salt)
+            current_time_utc = datetime.now(timezone.utc)
+            # 更新密码
+            cursor.execute('''
+                UPDATE users
+                SET password_hash = %s, password_plain = %s, salt = %s,
+                    login_attempts = 0, locked_until = NULL
+                WHERE id = %s
+            ''', (new_password_hash, new_password, new_salt, user_id))
+            # 撤销所有刷新令牌（强制重新登录）
+            cursor.execute('''
+                UPDATE refresh_tokens
+                SET is_revoked = 1, revoked_at = %s, revoked_reason = 'password_changed'
+                WHERE user_id = %s AND is_revoked = 0
+            ''', (current_time_utc, user_id))
+            # 停用所有设备会话
+            cursor.execute('''
+                UPDATE device_sessions
+                SET is_active = 0
+                WHERE user_id = %s AND is_active = 1
+            ''', (user_id,))
+            return {
+                'success': True,
+                'message': '密码修改成功，请重新登录'
+            }
+        except Exception as e:
+            return {'success': False, 'message': f'密码修改失败: {str(e)}'}
+        finally:
+            cursor.close()
+            conn.close()
+    def request_password_reset(self, username):
+        """请求密码重置"""
+        conn = self.pool.connection()
+        cursor = conn.cursor()
+        try:
+            # 查找用户
+            cursor.execute('''
+                SELECT id, username, is_active
+                FROM users WHERE username = %s
+            ''', (username,))
+            user = cursor.fetchone()
+            if not user:
+                # 为安全起见，即使用户不存在也返回成功消息
+                return {
+                    'success': True,
+                    'message': '如果该用户存在，重置链接已发送到相关联系方式'
+                }
+            if not user['is_active']:
+                return {'success': False, 'message': '账户已被禁用'}
+            # 生成重置令牌
+            reset_token = secrets.token_urlsafe(32)
+            expires_at = datetime.now(timezone.utc) + timedelta(hours=1)  # 1小时有效期
+            # 保存重置令牌
+            cursor.execute('''
+                UPDATE users
+                SET password_reset_token = %s, password_reset_expires = %s
+                WHERE id = %s
+            ''', (reset_token, expires_at, user['id']))
+            return {
+                'success': True,
+                'message': '重置链接已生成',
+                'reset_token': reset_token,  # 实际应用中应该通过邮件发送
+                'username': user['username']
+            }
+        except Exception as e:
+            return {'success': False, 'message': f'密码重置请求失败: {str(e)}'}
+        finally:
+            cursor.close()
+            conn.close()
+    def reset_password_with_token(self, reset_token, new_password):
+        """使用重置令牌重置密码"""
+        conn = self.pool.connection()
+        cursor = conn.cursor()
+        try:
+            # 验证输入
+            if not reset_token or not new_password:
+                return {'success': False, 'message': '重置令牌和新密码不能为空'}
+            if len(new_password) < 6:
+                return {'success': False, 'message': '新密码至少需要6个字符'}
+            current_time_utc = datetime.now(timezone.utc)
+            # 查找有效的重置令牌
+            cursor.execute('''
+                SELECT id, username, is_active, password_reset_expires
+                FROM users
+                WHERE password_reset_token = %s
+                  AND password_reset_expires > %s
+                  AND is_active = 1
+            ''', (reset_token, current_time_utc))
+            user = cursor.fetchone()
+            if not user:
+                return {'success': False, 'message': '重置令牌无效或已过期'}
+            # 生成新的盐值和密码哈希
+            new_salt = secrets.token_hex(32)
+            new_password_hash = self._hash_password(new_password, new_salt)
+            # 更新密码并清除重置令牌
+            cursor.execute('''
+                UPDATE users
+                SET password_hash = %s, password_plain = %s, salt = %s,
+                    password_reset_token = NULL, password_reset_expires = NULL,
+                    login_attempts = 0, locked_until = NULL
+                WHERE id = %s
+            ''', (new_password_hash, new_password, new_salt, user['id']))
+            # 撤销所有刷新令牌
+            cursor.execute('''
+                UPDATE refresh_tokens
+                SET is_revoked = 1, revoked_at = %s, revoked_reason = 'password_reset'
+                WHERE user_id = %s AND is_revoked = 0
+            ''', (current_time_utc, user['id']))
+            # 停用所有设备会话
+            cursor.execute('''
+                UPDATE device_sessions
+                SET is_active = 0
+                WHERE user_id = %s AND is_active = 1
+            ''', (user['id'],))
+            return {
+                'success': True,
+                'message': '密码重置成功，请使用新密码登录',
+                'username': user['username']
+            }
+        except Exception as e:
+            return {'success': False, 'message': f'密码重置失败: {str(e)}'}
+        finally:
+            cursor.close()
+            conn.close()
     # ==================== 辅助方法 ====================
     def _check_ip_rate_limit(self, ip_address, action_type='login'):
@@ -1185,8 +1366,7 @@ def create_permission_checker(auth_manager, required_permissions):
     return permission_checker
-# 使用示例
-if __name__ == "__main__":
+def main():
     # 数据库配置
     db_config = {
         'host': 'localhost',
@@ -1233,4 +1413,9 @@ if __name__ == "__main__":
         # 刷新token
         refresh_result = auth_manager.refresh_access_token(refresh_token, '127.0.0.1', 'Mozilla/5.0...')
-        print("Token刷新结果:", refresh_result)
+        print("Token刷新结果:", refresh_result)
+# 使用示例
+if __name__ == "__main__":
+    main()

mdbq/auth/rate_limiter.py CHANGED Viewed

@@ -94,7 +94,7 @@ import time
 import functools
 from collections import defaultdict, deque
 from threading import Lock
-from typing import Dict, Tuple, Optional, List
+from typing import Tuple
 from dataclasses import dataclass
 from enum import Enum
 from flask import request

{mdbq-4.0.90.dist-info → mdbq-4.0.91.dist-info}/METADATA RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: mdbq
-Version: 4.0.90
+Version: 4.0.91
 Home-page: https://pypi.org/project/mdbq
 Author: xigua,
 Author-email: 2587125111@qq.com

{mdbq-4.0.90.dist-info → mdbq-4.0.91.dist-info}/RECORD RENAMED Viewed

@@ -1,8 +1,8 @@
 mdbq/__init__.py,sha256=Il5Q9ATdX8yXqVxtP_nYqUhExzxPC_qk_WXQ_4h0exg,16
-mdbq/__version__.py,sha256=rJCUKD98LrC6ukQm3KYzTuPoSAdRSBpbbBR4qzCePZI,18
+mdbq/__version__.py,sha256=k-Ojd9XAyoffKPd5ogyvzqZF_lbLJqX_MBLGwMbk2Ew,18
 mdbq/auth/__init__.py,sha256=pnPMAt63sh1B6kEvmutUuro46zVf2v2YDAG7q-jV_To,24
-mdbq/auth/auth_backend.py,sha256=Ku01bMXHPu0tD9x7-sWQg9kLremm_OxD_9FhtlrW_Jk,49803
-mdbq/auth/rate_limiter.py,sha256=Tb8w83TKb-4KExNY_WOQmjnqKHAcBc63td7S_OAGf8A,26214
+mdbq/auth/auth_backend.py,sha256=RHWHeSjS2BMTIdtD1sV9idg2BzQ5F9AG3JS7ObFohns,57192
+mdbq/auth/rate_limiter.py,sha256=e7K8pMQlZ1vm1N-c0HBH8tbAwzcmXSRiAl81JNZ369g,26192
 mdbq/js/__init__.py,sha256=hpMi3_ZKwIWkzc0LnKL-SY9AS-7PYFHq0izYTgEvxjc,30
 mdbq/js/jc.py,sha256=FOc6HOOTJwnoZLZmgmaE1SQo9rUnVhXmefhKMD2MlDA,13229
 mdbq/log/__init__.py,sha256=Mpbrav0s0ifLL7lVDAuePEi1hJKiSHhxcv1byBKDl5E,15
@@ -33,7 +33,7 @@ mdbq/route/routes.py,sha256=DHJg0eRNi7TKqhCHuu8ia3vdQ8cTKwrTm6mwDBtNboM,19111
 mdbq/selenium/__init__.py,sha256=AKzeEceqZyvqn2dEDoJSzDQnbuENkJSHAlbHAD0u0ZI,10
 mdbq/selenium/get_driver.py,sha256=1NTlVUE6QsyjTrVVVqTO2LOnYf578ccFWlWnvIXGtic,20903
 mdbq/spider/__init__.py,sha256=RBMFXGy_jd1HXZhngB2T2XTvJqki8P_Fr-pBcwijnew,18
-mdbq-4.0.90.dist-info/METADATA,sha256=BaKIbNE84CCP0VsCJcTT7moFNsdmcaQ1qTMEkRPz97U,364
-mdbq-4.0.90.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-mdbq-4.0.90.dist-info/top_level.txt,sha256=2FQ-uLnCSB-OwFiWntzmwosW3X2Xqsg0ewh1axsaylA,5
-mdbq-4.0.90.dist-info/RECORD,,
+mdbq-4.0.91.dist-info/METADATA,sha256=njj-Rq_D97tP__py-GgA4nlc8D3zPvHO4D63XXqOeKg,364
+mdbq-4.0.91.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+mdbq-4.0.91.dist-info/top_level.txt,sha256=2FQ-uLnCSB-OwFiWntzmwosW3X2Xqsg0ewh1axsaylA,5
+mdbq-4.0.91.dist-info/RECORD,,

{mdbq-4.0.90.dist-info → mdbq-4.0.91.dist-info}/WHEEL RENAMED Viewed

File without changes

{mdbq-4.0.90.dist-info → mdbq-4.0.91.dist-info}/top_level.txt RENAMED Viewed

File without changes

mdbq 4.0.90__py3-none-any.whl → 4.0.91__py3-none-any.whl

mdbq 4.0.90py3-none-any.whl → 4.0.91py3-none-any.whl