fix: password check (#4497)

* fix: password check

* add doc

* fix: password check
This commit is contained in:
Archer
2025-04-10 11:49:35 +08:00
committed by GitHub
parent 199f454b6b
commit ec3bcfa124
8 changed files with 144 additions and 14 deletions

View File

@@ -5,7 +5,7 @@ import { useTranslation } from 'next-i18next';
import { useForm } from 'react-hook-form';
import { useRequest2 } from '@fastgpt/web/hooks/useRequest';
import { updatePasswordByOld } from '@/web/support/user/api';
import { PasswordRule } from '@/web/support/user/login/constants';
import { checkPasswordRule } from '@/web/support/user/login/constants';
import { useToast } from '@fastgpt/web/hooks/useToast';
type FormType = {
@@ -70,9 +70,11 @@ const UpdatePswModal = ({ onClose }: { onClose: () => void }) => {
placeholder={t('account_info:password_tip')}
{...register('newPsw', {
required: true,
pattern: {
value: PasswordRule,
message: t('account_info:password_tip')
validate: (val) => {
if (!checkPasswordRule(val)) {
return t('login:password_tip');
}
return true;
}
})}
></Input>

View File

@@ -1,7 +1,7 @@
import React, { Dispatch } from 'react';
import { FormControl, Box, Input, Button } from '@chakra-ui/react';
import { useForm } from 'react-hook-form';
import { LoginPageTypeEnum, PasswordRule } from '@/web/support/user/login/constants';
import { LoginPageTypeEnum, checkPasswordRule } from '@/web/support/user/login/constants';
import { postFindPassword } from '@/web/support/user/api';
import { useSendCode } from '@/web/support/user/hooks/useSendCode';
import type { ResLogin } from '@/global/support/api/userRes.d';
@@ -138,9 +138,11 @@ const RegisterForm = ({ setPageType, loginSuccess }: Props) => {
placeholder={t('login:password_tip')}
{...register('password', {
required: true,
pattern: {
value: PasswordRule,
message: t('login:password_tip')
validate: (val) => {
if (!checkPasswordRule(val)) {
return t('login:password_tip');
}
return true;
}
})}
></Input>

View File

@@ -1,7 +1,7 @@
import React, { Dispatch } from 'react';
import { FormControl, Box, Input, Button } from '@chakra-ui/react';
import { useForm } from 'react-hook-form';
import { LoginPageTypeEnum, PasswordRule } from '@/web/support/user/login/constants';
import { LoginPageTypeEnum, checkPasswordRule } from '@/web/support/user/login/constants';
import { postRegister } from '@/web/support/user/api';
import { useSendCode } from '@/web/support/user/hooks/useSendCode';
import type { ResLogin } from '@/global/support/api/userRes';
@@ -166,9 +166,11 @@ const RegisterForm = ({ setPageType, loginSuccess }: Props) => {
placeholder={t('login:password_tip')}
{...register('password', {
required: true,
pattern: {
value: PasswordRule,
message: t('login:password_tip')
validate: (val) => {
if (!checkPasswordRule(val)) {
return t('login:password_tip');
}
return true;
}
})}
></Input>

View File

@@ -0,0 +1,48 @@
import { NextAPI } from '@/service/middleware/entry';
import { authCert } from '@fastgpt/service/support/permission/auth/common';
import { NextApiRequest, NextApiResponse } from 'next';
import { MongoResourcePermission } from '@fastgpt/service/support/permission/schema';
import { TeamPermission } from '@fastgpt/global/support/permission/user/controller';
import {
TeamApikeyCreatePermissionVal,
TeamAppCreatePermissionVal,
TeamDatasetCreatePermissionVal
} from '@fastgpt/global/support/permission/user/constant';
import { retryFn } from '@fastgpt/global/common/system/utils';
async function handler(req: NextApiRequest, _res: NextApiResponse) {
await authCert({ req, authRoot: true });
// 更新团队权限:
// 目前所有有 TeamWritePermission 的,都需要添加三个新的权限。
const rps = await MongoResourcePermission.find({
resourceType: 'team',
teamId: { $exists: true },
resourceId: null
});
for await (const rp of rps) {
const per = new TeamPermission({ per: rp.permission });
console.log(per.hasWritePer, per.value);
if (per.hasWritePer) {
const newPer = per.addPer(
TeamAppCreatePermissionVal,
TeamDatasetCreatePermissionVal,
TeamApikeyCreatePermissionVal
);
rp.permission = newPer.value;
try {
await retryFn(async () => {
await rp.save();
});
} catch (error) {
console.log('更新权限异常', error);
}
}
}
return { success: true };
}
export default NextAPI(handler);

View File

@@ -5,5 +5,21 @@ export enum LoginPageTypeEnum {
wechat = 'wechat'
}
export const PasswordRule =
/^(?:(?=.*\d)(?=.*[a-z])|(?=.*\d)(?=.*[A-Z])|(?=.*\d)(?=.*[!@#$%^&*_])|(?=.*[a-z])(?=.*[A-Z])|(?=.*[a-z])(?=.*[!@#$%^&*_])|(?=.*[A-Z])(?=.*[!@#$%^&*_]))[\dA-Za-z!@#$%^&*_]{6,}$/;
export const checkPasswordRule = (password: string) => {
const patterns = [
/\d/, // Contains digits
/[a-z]/, // Contains lowercase letters
/[A-Z]/, // Contains uppercase letters
/[!@#$%^&*()_+=-]/ // Contains special characters
];
const validChars = /^[\dA-Za-z!@#$%^&*()_+=-]{6,100}$/;
// Check length and valid characters
if (!validChars.test(password)) return false;
// Count how many patterns are satisfied
const matchCount = patterns.filter((pattern) => pattern.test(password)).length;
// Must satisfy at least 2 patterns
return matchCount >= 2;
};