def password_update(request): changepasswd_form = ChangePasswdForm(request.POST) if changepasswd_form.is_valid(): username = request.session.get('username') oldpassword = changepasswd_form.cleaned_data.get('oldpasswd') newpasswd = changepasswd_form.cleaned_data.get('newpasswd') newpasswdagain = changepasswd_form.cleaned_data.get('newpasswdagain') try: user = User.objects.get(username=username) if not user.enabled: error_message = '用户已禁用!' login_event_log(user, 4, '用户 [{}] 已禁用'.format(user.username), request.META.get('REMOTE_ADDR', None), request.META.get('HTTP_USER_AGENT', None)) return JsonResponse({"code": 401, "err": error_message}) if newpasswd != newpasswdagain: error_message = '两次输入的新密码不一致' login_event_log(user, 4, '两次输入的新密码不一致', request.META.get('REMOTE_ADDR', None), request.META.get('HTTP_USER_AGENT', None)) return JsonResponse({"code": 400, "err": error_message}) except Exception: error_message = '用户不存在!' login_event_log(None, 4, '用户 [{}] 不存在'.format(username), request.META.get('REMOTE_ADDR', None), request.META.get('HTTP_USER_AGENT', None)) return JsonResponse({"code": 403, "err": error_message}) if user.password == hash_code(oldpassword): data = {'password': hash_code(newpasswd)} User.objects.filter(username=username).update(**data) login_event_log(user, 5, '用户 [{}] 修改密码成功'.format(user.username), request.META.get('REMOTE_ADDR', None), request.META.get('HTTP_USER_AGENT', None)) return JsonResponse({"code": 200, "err": ""}) else: error_message = '当前密码错误!' login_event_log(user, 4, '用户 [{}] 当前密码错误'.format(user.username), request.META.get('REMOTE_ADDR', None), request.META.get('HTTP_USER_AGENT', None)) return JsonResponse({"code": 404, "err": error_message}) else: error_message = '请检查填写的内容!' user = User.objects.get(username=request.session.get('username')) login_event_log(user, 4, '修改密码表单验证错误', request.META.get('REMOTE_ADDR', None), request.META.get('HTTP_USER_AGENT', None)) return JsonResponse({"code": 406, "err": error_message})
def lockscreen(request): if request.method == 'GET': try: request.session['locked'] = True # 锁定屏幕 if 'referer_url' not in request.session: referer_url = request.META.get('HTTP_REFERER', reverse('server:index')) request.session['referer_url'] = referer_url except Exception: pass return render(request, 'user/lockscreen.html') elif request.method == 'POST': try: password = request.POST.get('password', None) if password: user = User.objects.get(pk=request.session['userid']) if user.password == hash_code(password): request.session['locked'] = False return_url = request.session.get('referer_url', reverse('server:index')) try: del request.session['referer_url'] except Exception: pass return redirect(return_url) else: return render(request, 'user/lockscreen.html', {'error_message': '请输入正确的密码'}) else: return render(request, 'user/lockscreen.html', {'error_message': '请输入密码'}) except Exception: pass return redirect(reverse('user:lockscreen'))
def main(): # 使用django配置文件进行设置 os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'devops.settings') # 让django初始化 import django django.setup() from user.models import User from util.tool import hash_code print('初始化开始...') username = '******' nickname = '超级管理员' password = hash_code('123456') email = '*****@*****.**' sex = 'male' enabled = True role = 1 if User.objects.filter(username=username).count() > 0: print('已存在 {} 账号,无需初始化,退出...'.format(username)) else: user = User() user.username = username user.nickname = nickname user.password = password user.email = email user.sex = sex user.enabled = enabled user.role = role user.save() print('已创建账号:{0},密码:{1}'.format(username, password)) print('初始化结束...')
def login(request): if request.session.get('islogin', None): # 不允许重复登录 return redirect(reverse('server:index')) if request.method == "POST": login_form = LoginForm(request.POST) error_message = '请检查填写的内容!' if login_form.is_valid(): username = login_form.cleaned_data.get('username') password = login_form.cleaned_data.get('password') try: user = User.objects.get(username=username) if not user.enabled: error_message = '用户已禁用!' event_log(user, 3, '用户 [{}] 已禁用'.format(username), request.META.get('REMOTE_ADDR', None), request.META.get('HTTP_USER_AGENT', None)) return render(request, 'user/login.html', locals()) except Exception: error_message = '用户不存在!' event_log(None, 3, '用户 [{}] 不存在'.format(username), request.META.get('REMOTE_ADDR', None), request.META.get('HTTP_USER_AGENT', None)) return render(request, 'user/login.html', locals()) # if user.password == password: if user.password == hash_code(password): data = {'last_login_time': timezone.now()} User.objects.filter(username=username).update(**data) request.session.set_expiry(0) request.session['issuperuser'] = False if user.role == 1: # 超级管理员 request.session['issuperuser'] = True request.session['islogin'] = True request.session['userid'] = user.id request.session['username'] = user.username request.session['nickname'] = user.nickname request.session['locked'] = False # 锁定屏幕 now = int(time.time()) request.session['logintime'] = now request.session['lasttime'] = now event_log(user, 1, '用户 [{}] 登陆成功'.format(username), request.META.get('REMOTE_ADDR', None), request.META.get('HTTP_USER_AGENT', None)) return redirect(reverse('server:index')) else: error_message = '密码错误!' event_log(user, 3, '用户 [{}] 密码错误'.format(username), request.META.get('REMOTE_ADDR', None), request.META.get('HTTP_USER_AGENT', None)) return render(request, 'user/login.html', locals()) else: event_log(None, 3, '登陆表单验证错误', request.META.get('REMOTE_ADDR', None), request.META.get('HTTP_USER_AGENT', None)) return render(request, 'user/login.html', locals()) return render(request, 'user/login.html')
def login(request): if request.session.get('islogin', None): # 不允许重复登录 return redirect(reverse('assets:index')) if request.method == "POST": login_form = LoginForm(request.POST) error_message = '请检查填写的内容!' if login_form.is_valid(): username = login_form.cleaned_data.get('username') password = login_form.cleaned_data.get('password') try: user = User.objects.get(username=username) if user.status == 1: error_message = '用户已禁用!' login_event_log(user, 3, '用户 {} 已禁用'.format(username), request.META.get('REMOTE_ADDR', None), request.META.get('HTTP_USER_AGENT', None)) return render(request, 'login/login.html', locals()) except BaseException: error_message = '用户不存在!' login_event_log(None, 3, '用户 {} 不存在'.format(username), request.META.get('REMOTE_ADDR', None), request.META.get('HTTP_USER_AGENT', None)) return render(request, 'login/login.html', locals()) if user.password == hash_code(password): request.session.set_expiry(0) request.session['islogin'] = True request.session['userid'] = user.id request.session['username'] = user.username request.session['nickname'] = user.nickname now = int(time.time()) request.session['logintime'] = now request.session['lasttime'] = now login_event_log(user, 1, '用户 {} 登陆成功'.format(username), request.META.get('REMOTE_ADDR', None), request.META.get('HTTP_USER_AGENT', None)) return redirect(reverse('assets:index')) else: error_message = '密码错误!' login_event_log(user, 3, '用户 {} 密码错误'.format(username), request.META.get('REMOTE_ADDR', None), request.META.get('HTTP_USER_AGENT', None)) return render(request, 'login/login.html', locals()) else: login_event_log(None, 3, '登陆表单验证错误', request.META.get('REMOTE_ADDR', None), request.META.get('HTTP_USER_AGENT', None)) return render(request, 'login/login.html', locals()) return render(request, 'login/login.html')
def main(): # 使用django配置文件进行设置 os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'devops.settings') # 让django初始化 import django django.setup() from user.models import User from server.models import RemoteUser, RemoteUserBindHost from util.tool import hash_code from util.crypto import encrypt print('初始化开始...') username = '******' nickname = '超级管理员' password = hash_code('123456') email = '*****@*****.**' sex = 'male' enabled = True role = 1 if User.objects.filter(username=username).count() > 0: print('已存在 {} 账号,无需初始化,退出...'.format(username)) else: user = User() user.username = username user.nickname = nickname user.password = password user.email = email user.sex = sex user.enabled = enabled user.role = role user.save() print('已创建管理员账号:root,密码:123456') data = { 'username': '******', 'password': hash_code('123456'), 'nickname': '运维工程师', 'email': '*****@*****.**', 'sex': 'male', 'enabled': True, 'role': 2, } User.objects.create(**data) print('已创建普通账号:leffss,密码:123456') data = { 'name': '通用root账号', 'username': '******', 'password': encrypt('123456'), 'enabled': False, } remote_user = RemoteUser.objects.create(**data) print('已创建远程账号:root,密码:123456') hosts = { 'k8s1': '192.168.223.111', 'k8s2': '192.168.223.112', 'k8s3': '192.168.223.113', 'k8s4': '192.168.223.114', 'k8s5': '192.168.223.115', 'k8s6': '192.168.223.116', 'k8s7': '192.168.223.117', 'k8s8': '192.168.223.118', } for k, v in hosts.items(): data = { 'hostname': k, 'type': 6, 'ip': v, 'protocol': 1, 'env': 2, 'platform': 1, 'port': 22, 'release': 'CentOS 7', 'remote_user': remote_user } RemoteUserBindHost.objects.create(**data) print('已创建远程主机:{}_{}'.format(k, v)) print('初始化结束...')
def user_add(request): adduser_form = AddUserForm(request.POST) if adduser_form.is_valid(): log_user = request.session.get('username') username = adduser_form.cleaned_data.get('username') newpasswd = adduser_form.cleaned_data.get('newpasswd') newpasswdagain = adduser_form.cleaned_data.get('newpasswdagain') if newpasswd != newpasswdagain: error_message = '两次密码不一致!' return JsonResponse({"code": 400, "err": error_message}) nickname = adduser_form.cleaned_data.get('nickname') email = adduser_form.cleaned_data.get('email') phone = adduser_form.cleaned_data.get('phone') weixin = adduser_form.cleaned_data.get('weixin') qq = adduser_form.cleaned_data.get('qq') sex = adduser_form.cleaned_data.get('sex') memo = adduser_form.cleaned_data.get('memo') enabled = adduser_form.cleaned_data.get('enabled') role = adduser_form.cleaned_data.get('role') groups = adduser_form.cleaned_data.get('groups') if groups: try: groups = [int(group) for group in groups.split(',')] except Exception: error_message = '请检查填写的内容!' return JsonResponse({"code": 401, "err": error_message}) else: groups = None hosts = adduser_form.cleaned_data.get('hosts') if hosts: try: hosts = [int(host) for host in hosts.split(',')] except Exception: error_message = '请检查填写的内容!' return JsonResponse({"code": 401, "err": error_message}) else: hosts = None data = { 'username': username, 'password': hash_code(newpasswd), 'nickname': nickname, 'email': email, 'phone': phone, 'weixin': weixin, 'qq': qq, 'sex': sex, 'memo': memo, 'enabled': enabled, 'role': role, } try: if User.objects.filter(username=username).count() > 0: error_message = '用户名已存在' return JsonResponse({"code": 402, "err": error_message}) user = User.objects.get(username=log_user) update_user = User.objects.create(**data) if groups: # 更新组多对多字段 update_groups = Group.objects.filter(id__in=groups) update_user.groups.set(update_groups) else: update_user.groups.clear() if hosts: # 更新主机多对多字段 update_hosts = RemoteUserBindHost.objects.filter(id__in=hosts) update_user.remote_user_bind_hosts.set(update_hosts) else: update_user.remote_user_bind_hosts.clear() update_user.save() login_event_log(user, 6, '用户 [{}] 添加成功'.format(update_user.username), request.META.get('REMOTE_ADDR', None), request.META.get('HTTP_USER_AGENT', None)) return JsonResponse({"code": 200, "err": ""}) except Exception: # print(traceback.format_exc()) error_message = '未知错误!' return JsonResponse({"code": 403, "err": error_message}) else: error_message = '请检查填写的内容!' return JsonResponse({"code": 404, "err": error_message})