PreRev 5.6 - 0727 密码加密，自登陆，云端凭据保存

Author: BiDuang

models/user.py

@@ -9,11 +9,14 @@ class Login_Form(BaseModel):
     password: str
 
 
-class FSC_UserDeposit(BaseModel):
-    isAccepted: bool
+class Cloud_Reigister_Form(BaseModel):
+    pica_form: Login_Form
+    jm_form: Login_Form
+    username: str
+    password: str
 
 
-class Pica_Register_Form(FSC_UserDeposit, BaseModel):
+class Pica_Register_Form(BaseModel):
     # 哔咔注册不再需要真实的邮箱和邮箱验证，用户忘记密码将直接导致账户遗失
     email: str
     password: str

router/FSCDatabase.py

@@ -1,9 +1,13 @@
+import bcrypt
+from Crypto.Cipher import AES
+from Crypto.Util.Padding import pad, unpad
+from binascii import b2a_hex, a2b_hex
 from fastapi import APIRouter, Response
 
 from core.ComikNetDB import AsyncMySQL
 from models.requests import StandardResponse
 from models.album import Origin
-from models.user import UserHistory
+from models.user import UserHistory, Login_Form, Cloud_Reigister_Form
 
 router = APIRouter(prefix="/cloud")
 
@@ -20,6 +24,44 @@ async def shutdown():
     await db.close()
 
 
+@router.post("/login")
+async def user_login(body: Login_Form):
+    res = await db.search(
+        "UID, Password",
+        "user",
+        f'Username="{body.username}"',
+        "1",
+    )
+
+    if res == ():
+        return StandardResponse(status_code=401, error_msg="User not found")
+
+    if bcrypt.checkpw(body.password.encode(), res[0]["Password"].encode()):
+        return StandardResponse(status_code=200, data={"UID": res[0]["UID"]})
+    else:
+        return StandardResponse(status_code=401, error_msg="Wrong password")
+
+
+@router.post("/register")
+async def user_register(body: Cloud_Reigister_Form):
+    cloud_hashed = bcrypt.hashpw(body.password.encode(), bcrypt.gensalt()).decode()
+    aes = AES.new(pad(body.password.encode(), 32), AES.MODE_ECB)
+    jm_encrypted_pwd = b2a_hex(
+        aes.encrypt(pad(body.jm_form.password.encode(), 32))
+    ).decode()
+    pica_encrypted_pwd = b2a_hex(
+        aes.encrypt(pad(body.pica_form.password.encode(), 32))
+    ).decode()
+
+    await db.insert(
+        "user",
+        "Username, Password, JM_Username, JM_Password, Pica_Username, Pica_Password",
+        f'"{body.username}","{cloud_hashed}","{body.jm_form.username}","{jm_encrypted_pwd}","{body.pica_form.username}","{pica_encrypted_pwd}"',
+    )
+
+    return Response(status_code=201)
+
+
 @router.get("/history/user")
 async def get_history(
     uid: str, page: int = 1, isReverse: bool = False
@@ -46,18 +88,24 @@ async def delete_history(uid: str):
 @router.post("/record")
 async def update_history(uid: str, origin: Origin, aid: int, cid: int):
     res = await db.search(
-        "*", "history", f"UID={uid} AND Origin=\"{origin.value}\" AND AID={aid}", "1", "update_time DESC"
+        "*",
+        "history",
+        f'UID={uid} AND Origin="{origin.value}" AND AID={aid}',
+        "1",
+        "update_time DESC",
     )
 
     if res == ():
         await db.insert(
             "history",
             "UID, Origin, AID, CID, Update_Time",
-            f"{uid},\"{origin.value}\",{aid},{cid},NOW()",
+            f'{uid},"{origin.value}",{aid},{cid},NOW()',
         )
     else:
         await db.update(
-            "history", f"CID={cid} AND Origin=\"{origin.value}\", update_time=NOW()", f"UID={uid} AND AID={aid}"
+            "history",
+            f'CID={cid} AND Origin="{origin.value}", update_time=NOW()',
+            f"UID={uid} AND AID={aid}",
         )
 
     return Response(status_code=201)