| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148 |
- #!/usr/bin/env python3
- """
- 身份证号解密工具
- 仅供管理员在必要时使用,用于解密数据库中的身份证号
- 需要配置正确的AES密钥
- """
- import sys
- import os
- from dotenv import load_dotenv
- # 加载环境变量
- load_dotenv()
- # 添加项目路径
- sys.path.insert(0, os.path.dirname(os.path.abspath(__file__)))
- from app.services.encryption_service import encryption_service
- from app.database import SessionLocal
- from app.models.user import User
- def decrypt_user_id_card(user_id: str = None, username: str = None):
- """
- 解密用户的身份证号
-
- Args:
- user_id: 用户ID
- username: 用户名(如果不提供user_id)
- """
- db = SessionLocal()
- try:
- # 查询用户
- if user_id:
- user = db.query(User).filter(User.id == user_id).first()
- elif username:
- user = db.query(User).filter(User.username == username).first()
- else:
- print("错误: 必须提供 user_id 或 username")
- return
-
- if not user:
- print("错误: 用户不存在")
- return
-
- if not user.id_card:
- print(f"用户 {user.username} 未提交身份证号")
- return
-
- # 解密身份证号
- try:
- decrypted_id_card = encryption_service.aes_decrypt(user.id_card)
- print("=" * 60)
- print("用户信息")
- print("=" * 60)
- print(f"用户ID: {user.id}")
- print(f"用户名: {user.username}")
- print(f"真实姓名: {user.real_name or '未填写'}")
- print(f"认证状态: {user.is_verified}")
- print(f"身份证号: {decrypted_id_card}")
- print("=" * 60)
- except Exception as e:
- print(f"解密失败: {str(e)}")
- print("可能原因:")
- print("1. AES密钥不正确")
- print("2. 数据已损坏")
- print("3. 这是旧数据(未加密)")
- finally:
- db.close()
- def list_verified_users():
- """列出所有已认证的用户"""
- db = SessionLocal()
- try:
- users = db.query(User).filter(
- User.is_verified == "verified"
- ).all()
-
- if not users:
- print("没有已认证的用户")
- return
-
- print("=" * 80)
- print("已认证用户列表")
- print("=" * 80)
- print(f"{'用户ID':<40} {'用户名':<15} {'真实姓名':<10} {'身份证号':<20}")
- print("-" * 80)
-
- for user in users:
- try:
- if user.id_card:
- decrypted_id_card = encryption_service.aes_decrypt(user.id_card)
- else:
- decrypted_id_card = "未填写"
- except:
- decrypted_id_card = "解密失败"
-
- print(f"{user.id:<40} {user.username:<15} {user.real_name or '未填写':<10} {decrypted_id_card:<20}")
-
- print("=" * 80)
- print(f"共 {len(users)} 个已认证用户")
- print("=" * 80)
- finally:
- db.close()
- def main():
- """主函数"""
- if len(sys.argv) < 2:
- print("=" * 60)
- print("身份证号解密工具")
- print("=" * 60)
- print()
- print("用法:")
- print(" 1. 按用户ID解密:")
- print(" python decrypt_id_card.py <user_id>")
- print()
- print(" 2. 按用户名解密:")
- print(" python decrypt_id_card.py --username <username>")
- print()
- print(" 3. 列出所有已认证用户:")
- print(" python decrypt_id_card.py --list")
- print()
- print("=" * 60)
- print("注意事项:")
- print("1. 此工具仅供管理员使用")
- print("2. 需要正确配置 AES_ENCRYPTION_KEY")
- print("3. 请妥善保管解密后的数据")
- print("=" * 60)
- return
-
- command = sys.argv[1]
-
- if command == "--list":
- list_verified_users()
- elif command == "--username":
- if len(sys.argv) < 3:
- print("错误: 请提供用户名")
- return
- decrypt_user_id_card(username=sys.argv[2])
- else:
- # 假设是user_id
- decrypt_user_id_card(user_id=command)
- if __name__ == "__main__":
- main()
|
