novalon-manage-system/update_password_via_api.py

#!/usr/bin/env python3
"""
使用 Python bcrypt 库生成正确的密码哈希并更新数据库
"""
import bcrypt
import requests
import json

def generate_password_hash(password, strength=12):
    """生成 BCrypt 密码哈希"""
    salt = bcrypt.gensalt(strength)
    hash_result = bcrypt.hashpw(password.encode('utf-8'), salt)
    return hash_result.decode('utf-8')

def update_user_password(username, password_hash):
    """通过 API 更新用户密码"""
    url = "http://localhost:8084/api/users/password"
    headers = {"Content-Type": "application/json"}
    data = {
        "username": username,
        "password": password_hash
    }
    
    try:
        response = requests.post(url, json=data, headers=headers)
        print(f"更新用户 {username} 密码: {response.status_code}")
        if response.status_code == 200:
            print(f"成功: {response.json()}")
        else:
            print(f"失败: {response.text}")
    except Exception as e:
        print(f"更新密码时出错: {e}")

if __name__ == '__main__':
    # 生成管理员密码哈希
    admin_password = "admin123"
    admin_hash = generate_password_hash(admin_password, 12)
    
    print(f"管理员密码: {admin_password}")
    print(f"管理员哈希: {admin_hash}")
    print(f"哈希长度: {len(admin_hash)}")
    
    # 解析哈希格式
    parts = admin_hash.split('$')
    if len(parts) >= 3:
        print(f"算法: {parts[1]}")
        print(f"Strength: {parts[2][:2]}")
    
    # 验证密码
    is_valid = bcrypt.checkpw(admin_password.encode('utf-8'), admin_hash.encode('utf-8'))
    print(f"密码验证: {is_valid}")
    
    # 生成测试用户密码哈希
    test_password = "test123"
    test_hash = generate_password_hash(test_password, 12)
    
    print(f"\n测试用户密码: {test_password}")
    print(f"测试用户哈希: {test_hash}")
    
    # 更新用户密码
    print("\n=== 更新用户密码 ===")
    update_user_password("admin", admin_hash)
    update_user_password("testmultiencoder", test_hash)