动态生成密钥对，对密码进行加密

pythonzm · pythonzm · commit 26d68fa2ff12 · 2019-09-06T10:07:55.000+08:00
diff --git a/commons/views.py b/commons/views.py
@@ -43,11 +43,12 @@ def login(request):
         if request.session.get('username') and request.session.get('lock'):
             del request.session['lock']
             del request.session['username']
-        return render(request, 'login.html')
+        return render(request, 'login.html', {'public_key': crypt.gen_pri_pub_key})
     elif request.method == 'POST':
         username = request.POST.get('username')
         password = request.POST.get('password')
         de_password = crypt.de_js_encrypt(password)
+
         login_ip = request.META.get('REMOTE_ADDR')
         # code = request.POST.get('code')
         remember_me = request.POST.get('remember_me')
@@ -134,7 +135,8 @@ def system_log(request):
 # datatables服务端分页
 @admin_auth
 def get_system_log(request):
-    mongo = MongoOps(settings.MONGODB_HOST, settings.MONGODB_PORT, settings.RECORD_DB, settings.RECORD_COLL)
+    mongo = MongoOps(settings.MONGODB_HOST, settings.MONGODB_PORT, settings.RECORD_DB, settings.RECORD_COLL,
+                     settings.MONGODB_USER, settings.MONGODB_PASS)
     draw = int(request.GET.get('draw'))  # 记录操作次數
     start = int(request.GET.get('start'))  # 起始位置
     length = int(request.GET.get('length'))  # 每页长度
diff --git a/templates/login.html b/templates/login.html
@@ -108,16 +108,11 @@
 
     function encry_pwd(pwd) {
         let crypt = new JSEncrypt();
-        crypt.setKey("-----BEGIN PUBLIC KEY-----\n" +
-            "MIGeMA0GCSqGSIb3DQEBAQUAA4GMADCBiAKBgGhvDNv1H/3EGeNcS+ju3Ytx7QlW\n" +
-            "tvUi3KqV5U73md9G4Gyw+izQuvYYnZ/rDZrHocLB2fVcSZKKj8vNxkkpNqv00OJC\n" +
-            "GbwzGcOtXOpsRpiY2qhd0kvRwglnN84h9kWq8C6oMe/eWwZkpsCQJMmtiHeHdzSU\n" +
-            "xHkf4mpwxUfVDqF5AgMBAAE=\n" +
-            "-----END PUBLIC KEY-----");
+        crypt.setPublicKey(`{{ public_key }}`);
 
         // Encrypt the data with the public key.
         return crypt.encrypt(pwd)
     }
 </script>
 </body>
-</html>
+</html>
diff --git a/utils/__pycache__/crypt_pwd.cpython-36.opt-1.pyc b/utils/__pycache__/crypt_pwd.cpython-36.opt-1.pyc
diff --git a/utils/crypt_pwd.py b/utils/crypt_pwd.py
@@ -63,35 +63,31 @@ def decrypt_pwd(self, encrypted_pwd):
         decrypt_pwd = str(aes.decrypt(decrypt_base64), encoding='utf-8')
         return decrypt_pwd.rstrip()
 
+    @property
+    def gen_pri_pub_key(self):
+        rsa = RSA.generate(1024)
+        private_key = rsa.exportKey().decode('utf8')
+        with open('pri.pem', 'w') as f:
+            f.write(private_key)
+        public_key = rsa.publickey().exportKey().decode('utf8')
+        return public_key
+
     @staticmethod
     def de_js_encrypt(en_pwd):
         """
         解密通过jsencrypt.js文件加密的密码
         :param en_pwd:
         :return:
         """
-
-        key = """-----BEGIN RSA PRIVATE KEY-----
-MIICWwIBAAKBgGhvDNv1H/3EGeNcS+ju3Ytx7QlWtvUi3KqV5U73md9G4Gyw+izQ
-uvYYnZ/rDZrHocLB2fVcSZKKj8vNxkkpNqv00OJCGbwzGcOtXOpsRpiY2qhd0kvR
-wglnN84h9kWq8C6oMe/eWwZkpsCQJMmtiHeHdzSUxHkf4mpwxUfVDqF5AgMBAAEC
-gYBKjjUs9qN/JDejJCohQh4xxgSGLTzyZpAIzHhnVsaoKs5faj1AL0e6Fzq4hzMw
-M6LdCk2TJ+5ySq97vQz5AA5B5nf0y4zokCwYn5vdFVVtZeyiVeY0LYSpEvBS0xHY
-G3SJWLjMEtql2k1xJ8/1jvFkMx5SJKzruFFTvkRKn4bRAQJBANAuL2HZDjgcqgeF
-M7pQOKR+MxJzkN0hWBap1yJ5HQnUPqsEyBD3/BIcffCk2rQkfxnMT7gbnbiWVUd7
-/Ioh+FkCQQCAbClrx7wQW26JMjRqSBVyHWm1RoYDi0/USs7B9mct2KNGkPVr8dAB
-nm/glt5Rs9ay2QHbI103TjSPP938xs4hAkB6oup4utQcjA5B1d8uH3nutQVDFl89
-VRo+Z5j7jttjYev09SEileOhi7VJIORRgLp7KRfBPkuAZNciAFE50l8pAkBYE9bE
-yRQ+07aX+grg6ddrkKizX08Cl0WFAFmVxf02AGLbPwhTpGFY+uUYT+DigEk8GIGh
-XjvMdqKtrMv/VgqBAkEAjqQqCyiK1R9INladDpt8PjAJZecr1PLVdulyzlHvMm2l
-CHd72qhDwZUKVQck56xLGpPVPBGyyMl+cjRhZ+mnIQ==
------END RSA PRIVATE KEY-----"""
-
-        rsakey = RSA.importKey(key)  # 导入私钥
+        with open('pri.pem') as f:
+            private_key = f.read()
+        rsakey = RSA.importKey(private_key)  # 导入私钥
         cipher = PKCS1_v1_5.new(rsakey)  # 生成对象
+
         missing_padding = len(en_pwd) % 4
         if missing_padding:
             en_pwd += '=' * (4 - missing_padding)
-        text = cipher.decrypt(base64.b64decode(en_pwd.encode('utf-8')), "ERROR")  # 将密文解密成明文，返回的是一个bytes类型数据，需要自己转换成str
+        decode_data = base64.b64decode(en_pwd.encode('utf8'))
 
+        text = cipher.decrypt(decode_data, "ERROR")  # 将密文解密成明文，返回的是一个bytes类型数据，需要自己转换成str
         return text.decode('utf-8')
