237899745/zsglpt
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: admin auth UX, password policy, deps, db pool

Browse Source
This commit is contained in:
yuyx
2025-12-17 23:53:11 +08:00
parent 9028f7e272
commit 5851120f87
6 changed files with 46 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
routes/api_user.py
View File

@@ -5,7 +5,7 @@ from __future__ import annotations
import database
import email_service
from app_logger import get_logger
from app_security import require_ip_not_locked, validate_email
from app_security import require_ip_not_locked, validate_email, validate_password
from flask import Blueprint, jsonify, request
from flask_login import current_user, login_required
from routes.pages import render_app_spa_or_legacy
@@ -119,8 +119,9 @@ def change_user_password():
if not current_password or not new_password:
return jsonify({"error": "请填写完整信息"}), 400
if len(new_password) < 6:
return jsonify({"error": "新密码至少6位"}), 400
is_valid, error_msg = validate_password(new_password)
if not is_valid:
return jsonify({"error": error_msg}), 400
user = database.get_user_by_id(current_user.id)
if not user:
@@ -290,4 +291,3 @@ def get_run_stats():
"today_attachments": stats.get("total_attachments", 0),
}
)