From a7239b17f448e4edb859deae83292735477e0a7b Mon Sep 17 00:00:00 2001 From: "yangqiyong@vip.qq.com" Date: Wed, 12 Mar 2025 10:42:31 +0800 Subject: [PATCH 1/2] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E5=AF=86=E7=A0=81?= =?UTF-8?q?=E9=87=8D=E7=BD=AE=E5=90=8E=EF=BC=8C=E6=95=B0=E6=8D=AE=E5=BA=93?= =?UTF-8?q?=E6=9C=AA=E6=9B=B4=E6=96=B0=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../console/auth/forgot_password.py | 61 +++++++++++-------- 1 file changed, 36 insertions(+), 25 deletions(-) diff --git a/api/controllers/console/auth/forgot_password.py b/api/controllers/console/auth/forgot_password.py index 773ee65727..b822e87df2 100644 --- a/api/controllers/console/auth/forgot_password.py +++ b/api/controllers/console/auth/forgot_password.py @@ -5,7 +5,7 @@ from flask import request from flask_restful import Resource, reqparse # type: ignore from sqlalchemy import select from sqlalchemy.orm import Session - +from sqlalchemy.exc import SQLAlchemyError from constants.languages import languages from controllers.console import api from controllers.console.auth.error import ( @@ -119,30 +119,41 @@ class ForgotPasswordResetApi(Resource): password_hashed = hash_password(new_password, salt) base64_password_hashed = base64.b64encode(password_hashed).decode() - with Session(db.engine) as session: - account = session.execute(select(Account).filter_by(email=reset_data.get("email"))).scalar_one_or_none() - if account: - account.password = base64_password_hashed - account.password_salt = base64_salt - db.session.commit() - tenant = TenantService.get_join_tenants(account) - if not tenant and not FeatureService.get_system_features().is_allow_create_workspace: - tenant = TenantService.create_tenant(f"{account.name}'s Workspace") - TenantService.create_tenant_member(tenant, account, role="owner") - account.current_tenant = tenant - tenant_was_created.send(tenant) - else: - try: - account = AccountService.create_account_and_tenant( - email=reset_data.get("email", ""), - name=reset_data.get("email", ""), - password=password_confirm, - interface_language=languages[0], - ) - except WorkSpaceNotAllowedCreateError: - pass - except AccountRegisterError: - raise AccountInFreezeError() + try: + with Session(db.engine) as session: + # 查询匹配的账户信息 + account = session.execute(select(Account).filter_by(email=reset_data.get("email"))).scalar_one_or_none() + if account: + # 更新账户密码和盐值 + account.password = base64_password_hashed + account.password_salt = base64_salt + session.commit() + + # 获取账户加入的租户 + tenant = TenantService.get_join_tenants(account) + + # 如果账户没有加入租户且系统不允许创建工作区,则创建新租户 + if not tenant and not FeatureService.get_system_features().is_allow_create_workspace: + tenant = TenantService.create_tenant(f"{account.name}'s Workspace") + TenantService.create_tenant_member(tenant, account, role="owner") + account.current_tenant = tenant + # 发送租户创建事件通知 + tenant_was_created.send(tenant) + else: + try: + account = AccountService.create_account_and_tenant( + email=reset_data.get("email", ""), + name=reset_data.get("email", ""), + password=password_confirm, + interface_language=languages[0], + ) + except WorkSpaceNotAllowedCreateError: + pass + except AccountRegisterError: + raise AccountInFreezeError() + except SQLAlchemyError as e: + # 处理数据库操作异常 + session.rollback() # 回滚事务 return {"result": "success"} From f0212047d2908864c0cde199ba3fc062e80083c2 Mon Sep 17 00:00:00 2001 From: "yangqiyong@vip.qq.com" Date: Wed, 12 Mar 2025 12:13:49 +0800 Subject: [PATCH 2/2] Fixed the issue that the database was not updated after password reset --- api/controllers/console/auth/forgot_password.py | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/api/controllers/console/auth/forgot_password.py b/api/controllers/console/auth/forgot_password.py index b822e87df2..9f3683d63c 100644 --- a/api/controllers/console/auth/forgot_password.py +++ b/api/controllers/console/auth/forgot_password.py @@ -5,7 +5,7 @@ from flask import request from flask_restful import Resource, reqparse # type: ignore from sqlalchemy import select from sqlalchemy.orm import Session -from sqlalchemy.exc import SQLAlchemyError +from sqlalchemy.exc import SQLAlchemyError from constants.languages import languages from controllers.console import api from controllers.console.auth.error import ( @@ -121,23 +121,23 @@ class ForgotPasswordResetApi(Resource): try: with Session(db.engine) as session: - # 查询匹配的账户信息 + # Retrieve matching account information account = session.execute(select(Account).filter_by(email=reset_data.get("email"))).scalar_one_or_none() if account: - # 更新账户密码和盐值 + # update account password and salt value. account.password = base64_password_hashed account.password_salt = base64_salt session.commit() - # 获取账户加入的租户 + # get the tenants joined by the account. tenant = TenantService.get_join_tenants(account) - # 如果账户没有加入租户且系统不允许创建工作区,则创建新租户 + # If the account has not joined a tenant and the system does not allow workspace creation, create a new tenant if not tenant and not FeatureService.get_system_features().is_allow_create_workspace: tenant = TenantService.create_tenant(f"{account.name}'s Workspace") TenantService.create_tenant_member(tenant, account, role="owner") account.current_tenant = tenant - # 发送租户创建事件通知 + # send tenant creation event notification. tenant_was_created.send(tenant) else: try: @@ -152,8 +152,8 @@ class ForgotPasswordResetApi(Resource): except AccountRegisterError: raise AccountInFreezeError() except SQLAlchemyError as e: - # 处理数据库操作异常 - session.rollback() # 回滚事务 + # handle database operation exceptions. + session.rollback() return {"result": "success"}