From 61b1d93718f86332a5a99e61b975f8515715256c Mon Sep 17 00:00:00 2001 From: Viajero-tect <2737079298@qq.com> Date: Mon, 10 Nov 2025 09:31:54 +0800 Subject: [PATCH] =?UTF-8?q?=E6=96=B0=E5=A2=9E=E2=80=9C=E6=95=B0=E6=8D=AE?= =?UTF-8?q?=E7=BC=96=E8=BE=91=E2=80=9D?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Achievement_Inputing/settings.py | 16 +++++++++++++ Achievement_Inputing/urls.py | 1 + accounts/es_client.py | 39 ++++++++++++++------------------ 3 files changed, 34 insertions(+), 22 deletions(-) diff --git a/Achievement_Inputing/settings.py b/Achievement_Inputing/settings.py index f034975..a9ce614 100644 --- a/Achievement_Inputing/settings.py +++ b/Achievement_Inputing/settings.py @@ -39,6 +39,8 @@ INSTALLED_APPS = [ 'django.contrib.staticfiles', 'accounts', 'main', + 'elastic', + 'django_elasticsearch_dsl', ] MIDDLEWARE = [ @@ -132,3 +134,17 @@ X_FRAME_OPTIONS = 'DENY' # https://docs.djangoproject.com/en/5.2/ref/settings/#default-auto-field DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField' + +# Elasticsearch configuration +ELASTICSEARCH_DSL = { + 'default': { + 'hosts': 'localhost:9200' + }, +} + +# Elasticsearch index settings +ELASTICSEARCH_INDEX_NAMES = { + 'elastic.documents.AchievementDocument': 'wordsearch266666', + 'elastic.documents.UserDocument': 'users', + 'elastic.documents.NewsDocument': 'elastic_news', +} diff --git a/Achievement_Inputing/urls.py b/Achievement_Inputing/urls.py index 9d29e93..4d400e9 100644 --- a/Achievement_Inputing/urls.py +++ b/Achievement_Inputing/urls.py @@ -22,5 +22,6 @@ urlpatterns = [ path('admin/', admin.site.urls), path('accounts/', include('accounts.urls', namespace='accounts')), path('main/', include('main.urls', namespace='main')), + path('elastic/', include('elastic.urls', namespace='elastic')), path('', main_home, name='root_home'), ] diff --git a/accounts/es_client.py b/accounts/es_client.py index f3296b1..37eba58 100644 --- a/accounts/es_client.py +++ b/accounts/es_client.py @@ -1,5 +1,6 @@ import base64 import hashlib +from elastic.es_connect import get_user_by_username as es_get_user_by_username def _salt_for_username(username: str) -> bytes: @@ -12,27 +13,21 @@ def _derive_password(password_plain: str, salt: bytes) -> bytes: def get_user_by_username(username: str): """ - Placeholder for ES lookup. Returns fixed JSON for a demo user. - In production this should query ES with the given mapping. - - Demo user: - - username: admin - - password: Password123! (stored as PBKDF2-derived secret only) - - user_id: 1 - - premission: 0 (admin) + 从Elasticsearch获取用户数据 """ - if username != 'admin': - return None - + # 首先尝试从ES获取用户数据 + es_user = es_get_user_by_username(username) salt = _salt_for_username(username) - # Demo: derive and store secret from a known password for the placeholder - derived = _derive_password('Password123!', salt) - return { - 'user_id': 1, - 'username': 'admin', - # Store only the derived secret, not the plaintext password - 'password': base64.b64encode(derived).decode('ascii'), - 'premission': 0, - # Expose salt to the client during challenge so both sides derive consistently - 'salt': base64.b64encode(salt).decode('ascii'), - } \ No newline at end of file + derived = _derive_password(es_user.get('password', ''), salt) + if es_user: + # 如果ES中有用户数据,使用ES中的密码 + return { + 'user_id': es_user.get('user_id', 0), + 'username': es_user.get('username', ''), + 'password': base64.b64encode(derived).decode('ascii'), + 'premission': es_user.get('permission', 1), + 'salt': base64.b64encode(salt).decode('ascii'), + } + + + return None \ No newline at end of file