password check

.idea/misc.xml

@@ -1,4 +1,4 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <project version="4">
-  <component name="ProjectRootManager" version="2" project-jdk-name="Python 3.7 (hy_env)" project-jdk-type="Python SDK" />
+  <component name="ProjectRootManager" version="2" project-jdk-name="Python 3.9 (st-cloud)" project-jdk-type="Python SDK" />
 </project>

.idea/st_cloud.iml

@@ -16,7 +16,7 @@
     <content url="file://$MODULE_DIR$">
       <excludeFolder url="file://$MODULE_DIR$/venv" />
     </content>
-    <orderEntry type="jdk" jdkName="Python 3.7 (hy_env)" jdkType="Python SDK" />
+    <orderEntry type="jdk" jdkName="Python 3.9 (st-cloud)" jdkType="Python SDK" />
     <orderEntry type="sourceFolder" forTests="false" />
   </component>
   <component name="TemplatesService">

account/views.py

@@ -11,6 +11,8 @@ from utils.http import make_json_response
 from .models import get_user
 from django.views.decorators.http import require_POST
 from .decorators import login_required
+from string import printable, ascii_letters, digits
+import string
 
 
 def auth_with_username_or_email(username, password):
@@ -21,6 +23,12 @@ def auth_with_username_or_email(username, password):
     return user
 
 
+def check_password(password):
+    if set(password).isdisjoint(ascii_letters) and set(password).isdisjoint(digits):
+        return False
+    return set(password).issubset(printable) and len(password) >= 8
+
+
 @secure_transport
 # @debug_view('password', 'email')
 @require_POST
@@ -37,6 +45,9 @@ def register(request):
     if User.objects.filter(email=email):
         return make_json_response(code=302, error='邮箱已存在')
 
+    if not check_password(password):
+        return make_json_response(code=304, error='密码长度不能小于8, 必须包含数字和英文字符')
+
     try:
         User.objects.create(username=username, password=password, email=email)
         print('注册成功')
@@ -97,7 +108,7 @@ def logout(request):
 
 
 @secure_transport
-@debug_view('email')
+# @debug_view('email')
 @require_POST
 def send_email_verification_code(request):
     data = request.POST
@@ -121,7 +132,7 @@ def send_email_verification_code(request):
 
 
 @secure_transport
-@debug_view()
+# @debug_view()
 @require_POST
 def check_token(request):
     data = request.POST
@@ -141,13 +152,16 @@ def check_token(request):
 
 
 @secure_transport
-@debug_view('password')
+# @debug_view('password')
 @require_POST
 def reset_password(request):
     data = request.POST
     username = data.get('username')
     password = data.get('password')
     token = data.get('token')
+
+    if not check_password(password):
+        return make_json_response(code=304, error='密码长度不能小于8, 必须包含数字和英文字符')
     try:
         user = User.objects.get(username=username)
     except:

file/models.py

@@ -26,6 +26,8 @@ class File(models.Model):
     # 文件大小
     file_size = models.CharField(max_length=16)
 
+    key = models.CharField(max_length=1024)
+
     owner = models.ForeignKey(User, on_delete=models.DO_NOTHING, related_name='files')
 
     group = models.ForeignKey(Group, on_delete=models.DO_NOTHING, related_name='files', null=True)

file/views.py

@@ -24,6 +24,7 @@ BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
 def upload_file(request):
     data = request.POST
     user = get_user(request)
+    key = data.get('token')
     try:
         file_obj = request.FILES.get('file')
     except:
@@ -45,7 +46,8 @@ def upload_file(request):
                                file_size=file_size,
                                file_type=file_type,
                                owner=user,
-                               group=folder.group)
+                               group=folder.group,
+                               key=key)
     # TODO: 文件hash
     try:
         file_dir = BASE_DIR + '/' + str(file.file_id)