def login(request):
if request.method == 'POST':
body_data = request.body
data = judge_data_complate(body_data)
if not data:
return JsonResponse(code[10001])
name = data.get('username')
passwd_ = data.get('passwd')
try:
passwd = decode_passwd(passwd_)
except Exception as e:
return JsonResponse(code[10409])
try:
user = UserInfo.objects.get(name=name)
except Exception as e:
return JsonResponse(code[10004])
if user.password != encode_md5(passwd):
return JsonResponse(code[10003])
res_data = code[200]
res_data['token'] = make_token(name).decode()
res_data['user_id'] = user.id
res_data['roles'] = user.user_permission
res_data['username'] = user.name
return JsonResponse(res_data)
else:
return JsonResponse(code[60001])
def post(self, request):
body_data = request.body
user = request.myuser
data = judge_data_complate(body_data)
if not data:
return JsonResponse(code[60004])
try:
task = Task().create_task(data, user)
# 插入任务进度
progress_dict = {
1: "隐蔽攻击源",
2: "收集攻击目标信息",
3: "挖掘漏洞信息",
4: "获取目标访问权限",
5: "隐蔽攻击行为",
6: "实时攻击",
7: "开辟后门",
8: "清除攻击痕迹,销毁攻击源"
}
for k, v in progress_dict.items():
TaskProgress.objects.create(name=v, weight=k, task=task)
user.task_count += 1
user.save()
action_info = f'创建任务: [{data.get("title")}]'
write_sys_log(action_info, user)
CreateDeleteTask().del_user_info_cache()
except Exception:
return JsonResponse(code[20002])
return JsonResponse(code[200])
def create(request):
if request.method == 'POST':
body_data = request.body
myuser = request.myuser
if myuser.user_permission != 1:
return JsonResponse(code[10410])
data = judge_data_complate(body_data)
if not data:
return JsonResponse(code[10001])
name = data.get('username')
f_passwd_f = str(data.get('f_passwd'))
s_passwd_s = str(data.get('s_passwd'))
try:
f_passwd = decode_passwd(f_passwd_f)
s_passwd = decode_passwd(s_passwd_s)
except Exception as e:
return JsonResponse(code[10409])
if f_passwd != s_passwd:
return JsonResponse(code[10003])
try:
flag = UserInfo().create_user(data, s_passwd)
if not flag:
return JsonResponse(code[10002])
except Exception as e:
return JsonResponse(code[10401])
# 签发token
action_info = f'创建用户: [{name}]'
write_sys_log(action_info, myuser)
res_data = code[200]
res_data['token'] = make_token(name).decode()
return JsonResponse(res_data)
else:
return JsonResponse(code[60001])
def post(self, request):
data = judge_data_complate(request.body)
if not data:
return JsonResponse(code[60004])
try:
FileDir().modify_dir_name(data)
return JsonResponse(code[200])
except Exception:
return JsonResponse(code[20003])
def post(self, request):
body_data = request.body
data = judge_data_complate(body_data)
if not data:
return JsonResponse(code[10001])
label_name = data.get('label_name')
label_id = data.get('label_id')
if not Label().modify_label(label_id, label_name):
return JsonResponse(code[40016])
return JsonResponse(code[200])
def post(self, request):
data = judge_data_complate(request.body)
if not data:
return JsonResponse(code[60004])
try:
res = FileDir().create_dir(data)
if not res:
return JsonResponse(code[30001])
return JsonResponse(code[200])
except Exception:
return JsonResponse(code[20003])
def post(self, request):
myuser = request.myuser
body_data = request.body
data = judge_data_complate(body_data)
if not data:
return JsonResponse(code[10001])
flag, account = SearchEngine().modify_search_engine(data)
if not flag:
return JsonResponse(code[10406])
action_info = f'修改信息收集账号: [{account}]'
write_sys_log(action_info, myuser)
return JsonResponse(code[200])
def post(self, request):
body_data = request.body
data = judge_data_complate(body_data)
if not data:
return JsonResponse(code[10001])
label_name = data.get('label_name')
try:
Label.objects.get(label_name=label_name)
return JsonResponse(code[40014])
except Exception as e:
if not Label().add_label(label_name):
return JsonResponse(code[40015])
return JsonResponse(code[200])
def post(self, request):
user = request.myuser
data = judge_data_complate(request.body)
if not data:
return JsonResponse(code[60004])
try:
result = Note().modify_note(data, user)
if not result:
return JsonResponse(code[40004])
except Exception as e:
print(e)
return JsonResponse(code[40005])
return JsonResponse(code[200])
def post(self, request):
data = judge_data_complate(request.body)
user = request.myuser
if not data:
return JsonResponse(code[60004])
try:
flag, task_id = Note().add_note(data, user)
if not flag:
return JsonResponse(code[40002])
task_progress(6, task_id)
except Exception:
return JsonResponse(code[40001])
return JsonResponse(code[200])
def post(self, request):
"""
创建api_key
"""
myuser = request.myuser
body_data = request.body
data = judge_data_complate(body_data)
if not data:
return JsonResponse(code[10001])
account_key = SearchEngine().create_key(data)
action_info = f'创建信息收集账号: [{account_key}]'
write_sys_log(action_info, myuser)
return JsonResponse(code[200])
def post(self, request):
user = request.myuser
body_data = request.body
data = judge_data_complate(body_data)
if not data:
return JsonResponse(code[60004])
try:
result = Task().modify_task(data)
if not result:
return JsonResponse(code[20003])
except Exception as e:
err_info = code[60003]
err_info['info'] = str(e)
return JsonResponse(err_info)
action_info = f'修改任务: [{data.get("title")}]'
write_sys_log(action_info, user)
return JsonResponse(code[200])
def post(self, request):
myuser = request.myuser
body_data = request.body
data = judge_data_complate(body_data)
if not data:
return JsonResponse(code[10001])
try:
flag, username = UserInfo().update_user_info(data)
if not flag:
return JsonResponse(code[10004])
action_info = f'修改用户: [{username}]'
write_sys_log(action_info, myuser)
return JsonResponse(code[200])
except Exception as e:
print(e)
res_data = code[10403]
res_data['info'] = e
return JsonResponse(code[10403])
def modify_user_info(request):
"""
�û���ҳ��Ϣ����
"""
if request.method == 'POST':
body_data = request.body
data = judge_data_complate(body_data)
if not data:
return JsonResponse(code[10001])
name = data.get('username')
permission = data.get('permission')
engine = data.get('engine')
api_key = data.get('api_key')
user_id = data.get('user_id')
avatar_data = data.get('avatar_data').split(',')
img_data = base64.b64decode(avatar_data[1])
img_name = name + settings.IMG_END
# �ļ�����·��
file_path = settings.MEDIA_ROOT + '/' + img_name
net_path = settings.MEDIA_ADDR + '/' + img_name
print(file_path)
flag = False
try:
if upload_img_save(img_data, file_path):
flag = True
except Exception as e:
print(e)
try:
user = UserInfo.objects.get(id=user_id)
if user:
return JsonResponse(code[10002])
with transaction.atomic():
user.user_permission = permission
user.engine_type = engine
user.api_key = api_key
user.avatar = net_path
user.save()
except Exception:
return JsonResponse(code[10403])
if not flag:
user.avatar = settings.DEFAULT_AVATAR
return JsonResponse(code[10404])
return JsonResponse(code[200])
