修复squid_passwd明文存储问题
This commit is contained in:
parent
72d03723cd
commit
7261b2d2a5
41
app.py
41
app.py
@ -77,7 +77,7 @@ def read_squid_file():
|
|||||||
if len(parts) == 2:
|
if len(parts) == 2:
|
||||||
# 从users.json中获取明文密码
|
# 从users.json中获取明文密码
|
||||||
users_data = load_users_data()
|
users_data = load_users_data()
|
||||||
plain_password = next((u['password'] for u in users_data if u['username'] == parts[0]), parts[1])
|
plain_password = next((u['password'] for u in users_data if u['username'] == parts[0]), None)
|
||||||
users.append(User(parts[0], plain_password, is_active))
|
users.append(User(parts[0], plain_password, is_active))
|
||||||
except FileNotFoundError:
|
except FileNotFoundError:
|
||||||
pass
|
pass
|
||||||
@ -85,14 +85,47 @@ def read_squid_file():
|
|||||||
|
|
||||||
|
|
||||||
def write_squid_file(users):
|
def write_squid_file(users):
|
||||||
|
"""只更新squid_passwd文件的状态(是否注释),不修改密码内容"""
|
||||||
|
try:
|
||||||
|
# 读取现有加密密码
|
||||||
|
with open(SQUID_PASSWD_FILE, 'r') as f:
|
||||||
|
existing_lines = f.readlines()
|
||||||
|
|
||||||
|
# 创建用户名到密码的映射
|
||||||
|
existing_passwords = {}
|
||||||
|
for line in existing_lines:
|
||||||
|
line = line.strip()
|
||||||
|
if not line:
|
||||||
|
continue
|
||||||
|
active = not line.startswith('#')
|
||||||
|
if not active:
|
||||||
|
line = line[1:]
|
||||||
|
parts = line.split(':', 1)
|
||||||
|
if len(parts) == 2:
|
||||||
|
existing_passwords[parts[0]] = parts[1]
|
||||||
|
|
||||||
|
# 写入新文件,保持加密密码不变
|
||||||
with open(SQUID_PASSWD_FILE, 'w') as f:
|
with open(SQUID_PASSWD_FILE, 'w') as f:
|
||||||
for user in users:
|
for user in users:
|
||||||
line = f"{'#' if not user.is_active else ''}{user.name}:{user.password}\n"
|
encrypted_password = existing_passwords.get(user.name, user.password)
|
||||||
|
line = f"{'#' if not user.is_active else ''}{user.name}:{encrypted_password}\n"
|
||||||
f.write(line)
|
f.write(line)
|
||||||
|
except FileNotFoundError:
|
||||||
|
# 如果文件不存在,创建新文件
|
||||||
|
with open(SQUID_PASSWD_FILE, 'w') as f:
|
||||||
|
for user in users:
|
||||||
|
# 首次创建时需要使用htpasswd命令生成加密密码
|
||||||
|
subprocess.run(['htpasswd', '-b', SQUID_PASSWD_FILE, user.name, user.password], check=True)
|
||||||
|
# 如果不是活跃用户,需要添加注释
|
||||||
|
if not user.is_active:
|
||||||
|
with open(SQUID_PASSWD_FILE, 'r') as f_read:
|
||||||
|
content = f_read.read()
|
||||||
|
with open(SQUID_PASSWD_FILE, 'w') as f_write:
|
||||||
|
f_write.write(f"#{content}")
|
||||||
|
|
||||||
|
|
||||||
def load_users_data():
|
def load_users_data():
|
||||||
"""加载用户数据"""
|
"""加载用户明文数据"""
|
||||||
try:
|
try:
|
||||||
with open(USERS_FILE, 'r') as f:
|
with open(USERS_FILE, 'r') as f:
|
||||||
return json.load(f)
|
return json.load(f)
|
||||||
@ -101,7 +134,7 @@ def load_users_data():
|
|||||||
|
|
||||||
|
|
||||||
def save_users_to_json(users):
|
def save_users_to_json(users):
|
||||||
"""保存用户信息到JSON文件"""
|
"""保存用户明文信息到JSON文件"""
|
||||||
users_data = [{'username': u.name, 'password': u.password, 'active': u.is_active} for u in users]
|
users_data = [{'username': u.name, 'password': u.password, 'active': u.is_active} for u in users]
|
||||||
with open(USERS_FILE, 'w') as f:
|
with open(USERS_FILE, 'w') as f:
|
||||||
json.dump(users_data, f, indent=4)
|
json.dump(users_data, f, indent=4)
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user