commit by Kalman.CHENG ☆

2025-09-11 15:10:25 +08:00
parent 5d64aa2648
commit 453b023aee
6 changed files with 175 additions and 12 deletions
--- a/dsLightRag/Routes/TeachingModel/api/LoginController.py
+++ b/dsLightRag/Routes/TeachingModel/api/LoginController.py
@@ -108,13 +108,14 @@ async def login(request: Request, response: Response):
    if not username or not password:
        return {"success": False, "message": "用户名和密码不能为空"}

-    password = md5_encrypt(password)
-    select_user_sql: str = "SELECT person_id, person_name, identity_id, login_name, xb, bureau_id, org_id, pwdmd5 FROM t_sys_loginperson WHERE login_name = '" + username + "' AND b_use = 1"
+    # password = md5_encrypt(password)
+    password = get_ldap_password(password)
+    select_user_sql: str = "SELECT person_id, person_name, identity_id, login_name, xb, bureau_id, org_id, pwdmd5, pwd, city_id, area_id, bureau_id FROM t_sys_loginperson WHERE login_name = '" + username + "' AND b_use = 1"
    userlist = await find_by_sql(select_user_sql,())
    user = userlist[0] if userlist else None
    logging.info(f"查询结果: {user}")
-    if user and user['pwdmd5'] == password:  # 验证的cas用户密码，md5加密的版本
-        token = create_access_token({"user_id": user['person_id'], "identity_id": user['identity_id']})
+    if user and user['pwd'] == password:  # 验证的cas用户密码，md5加密的版本
+        token = create_access_token({"user_id": user['person_id'], "identity_id": user['identity_id'], "city_id": user['city_id'], "area_id": user['area_id'], "bureau_id": user['bureau_id']})
        CookieUtil.set_cookie(
            res=response,
            key="auth_token",