feat:login captcha

sunlin92 · sunlin92 · commit 23ae9a886f2e · 2021-11-17T22:09:23.000+08:00
diff --git a/app/api/cms/user.py b/app/api/cms/user.py
@@ -4,15 +4,15 @@
     :copyright: © 2020 by the Lin team.
     :license: MIT, see LICENSE for more details.
 """
-from operator import and_
-
+from flask import current_app, request
 from flask_jwt_extended import (
     create_access_token,
     create_refresh_token,
     get_current_user,
     get_jwt_identity,
     verify_jwt_refresh_token_in_request,
 )
+from itsdangerous import JSONWebSignatureSerializer as JWSSerializer
 from lin import manager, permission_meta
 from lin.db import db
 from lin.exception import Duplicated, Failed, NotFound, ParameterError, Success
@@ -21,6 +21,7 @@
 from lin.redprint import Redprint
 
 from app.exception.api import RefreshFailed
+from app.util.captcha import CaptchaTool
 from app.util.common import split_group
 from app.validator.form import (
     ChangePasswordForm,
@@ -48,13 +49,20 @@ def register():
 
 
 @user_api.route("/login", methods=["POST"])
-@permission_meta(name="登录", module="用户", mount=False)
 def login():
     form = LoginForm().validate_for_api()
+    # 校对验证码
+    if current_app.config.get("LOGIN_CAPTCHA"):
+        tag = request.headers.get("tag")
+        secret_key = current_app.config.get("SECRET_KEY")
+        serializer = JWSSerializer(secret_key)
+        if form.captcha.data != serializer.loads(tag):
+            raise Failed("验证码校验失败")
+
     user = manager.user_model.verify(form.username.data, form.password.data)
     # 用户未登录，此处不能用装饰器记录日志
     Log.create_log(
-        message=f"{user.username}登陆成功获取了令牌",
+        message=f"{user.username}登录成功获取了令牌",
         user_id=user.id,
         username=user.username,
         status_code=200,
@@ -169,3 +177,17 @@ def _register_user(form: RegisterForm):
             user_group.user_id = user.id
             user_group.group_id = group_id
             db.session.add(user_group)
+
+
+@user_api.route("/captcha", methods=["GET", "POST"])
+def get_captcha():
+    """
+    获取图形验证码
+    """
+    if not current_app.config.get("LOGIN_CAPTCHA"):
+        return {"tag": "", "image": ""}
+    image, code = CaptchaTool().get_verify_code()
+    secret_key = current_app.config.get("SECRET_KEY")
+    serializer = JWSSerializer(secret_key)
+    tag = serializer.dumps(code)
+    return {"tag": tag, "image": image}
diff --git a/app/config/base.py b/app/config/base.py
@@ -32,6 +32,8 @@ class BaseConfig(object):
     # 令牌配置
     JWT_ACCESS_TOKEN_EXPIRES = timedelta(hours=1)
 
+    # 启用验证码登录
+    LOGIN_CAPTCHA = True
     # 默认文件上传配置
     FILE = {
         "STORE_DIR": "assets",
diff --git a/app/util/captcha.py b/app/util/captcha.py
@@ -0,0 +1,62 @@
+import base64
+import io
+import random
+import string
+
+from PIL import Image, ImageDraw, ImageFont
+
+
+class CaptchaTool:
+    """
+    生成图片验证码
+    """
+
+    def __init__(self, width=50, height=12):
+
+        self.width = width
+        self.height = height
+        # 新图片对象
+        self.im = Image.new("RGB", (width, height), "white")
+        # 字体
+        self.font = ImageFont.load_default()
+        # draw对象
+        self.draw = ImageDraw.Draw(self.im)
+
+    def draw_lines(self, num=3):
+        """
+        划线
+        """
+        for num in range(num):
+            x1 = random.randint(0, self.width / 2)
+            y1 = random.randint(0, self.height / 2)
+            x2 = random.randint(0, self.width)
+            y2 = random.randint(self.height / 2, self.height)
+            self.draw.line(((x1, y1), (x2, y2)), fill="black", width=1)
+
+    def get_verify_code(self):
+        """
+        生成验证码图形
+        """
+        # 设置随机4位数字验证码
+        code = "".join(random.sample(string.digits, 4))
+        # 绘制字符串
+        for item in range(4):
+            self.draw.text(
+                (6 + random.randint(-3, 3) + 10 * item, 2 + random.randint(-2, 2)),
+                text=code[item],
+                fill=(
+                    random.randint(32, 127),
+                    random.randint(32, 127),
+                    random.randint(32, 127),
+                ),
+                font=self.font,
+            )
+        # 划线
+        # self.draw_lines()
+        # 重新设置图片大小
+        self.im = self.im.resize((100, 24))
+        # 图片转为base64字符串
+        buffered = io.BytesIO()
+        self.im.save(buffered, format="JPEG")
+        img_str = b"data:image/png;base64," + base64.b64encode(buffered.getvalue())
+        return img_str, code
diff --git a/app/validator/form.py b/app/validator/form.py
@@ -66,6 +66,7 @@ def validate_group_ids(self, value):
 class LoginForm(Form):
     username = StringField(validators=[DataRequired()])
     password = PasswordField("密码", validators=[DataRequired(message="密码不可为空")])
+    captcha = StringField()
 
 
 # 重置密码校验
