Yuerchu/findreve
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

优化登录的安全性

Browse Source
This commit is contained in:
于小丘
2025-08-11 14:44:33 +08:00
parent c94b1fd71f
commit c648ad35ec
2 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
routes/session.py
View File

@@ -1,7 +1,7 @@
# 导入库 # 导入库
from typing import Annotated from typing import Annotated
from datetime import datetime, timedelta, timezone from datetime import datetime, timedelta, timezone
from fastapi import Depends, HTTPException, status from fastapi import Depends, HTTPException
from fastapi.security import OAuth2PasswordRequestForm from fastapi.security import OAuth2PasswordRequestForm
from fastapi import APIRouter from fastapi import APIRouter
import jwt, JWT import jwt, JWT

3
tool.py
View File

@@ -3,6 +3,7 @@ import binascii
import logging import logging
from datetime import datetime, timezone from datetime import datetime, timezone
import os import os
import secrets
def format_phone( def format_phone(
phone: str, phone: str,
@@ -96,7 +97,7 @@ def verify_password(
pwdhash = binascii.hexlify(pwdhash).decode('ascii') pwdhash = binascii.hexlify(pwdhash).decode('ascii')
if debug: if debug:
logging.info(f"原密码: {provided_password}, 哈希值: {pwdhash}, 存储哈希值: {stored_password}") logging.info(f"原密码: {provided_password}, 哈希值: {pwdhash}, 存储哈希值: {stored_password}")
return pwdhash == stored_password return secrets.compare_digest(pwdhash, stored_password)
def format_time_diff( def format_time_diff(
target_time: datetime | str target_time: datetime | str