feat: 계정 생성 시 랜덤한 비밀번호를 사용하도록 수정

Author: MU-Software

app/admin_api/serializers/user.py

@@ -1,7 +1,7 @@
 import functools
 import typing
 
-from core.const.account import INITIAL_ADMIN_PASSWORD
+from core.const.account import generate_random_password
 from core.const.serializer import COMMON_ADMIN_FIELDS
 from core.serializer.base_abstract_serializer import BaseAbstractSerializer
 from core.serializer.json_schema_serializer import JsonSchemaSerializer
@@ -36,7 +36,9 @@ class Meta:
         }
 
     def create(self, validated_data: dict[str, typing.Any]) -> UserExt:
-        return UserExt.objects.create_user(**validated_data, password=INITIAL_ADMIN_PASSWORD)
+        password = generate_random_password()
+        self._generated_password = password
+        return UserExt.objects.create_user(**validated_data, password=password)
 
 
 class UserAdminSignInSerializerData(typing.TypedDict):

app/admin_api/views/user.py

@@ -1,13 +1,11 @@
-import secrets
-import string
-
 from admin_api.serializers.user import (
     OrganizationAdminSerializer,
     UserAdminPasswordChangeSerializer,
     UserAdminPasswordResetResponseSerializer,
     UserAdminSerializer,
     UserAdminSignInSerializer,
 )
+from core.const.account import generate_random_password
 from core.const.tag import OpenAPITag
 from core.permissions import IsSuperUser
 from core.viewset.json_schema_viewset import JsonSchemaViewSet
@@ -34,6 +32,16 @@ class UserAdminViewSet(
     permission_classes = [IsSuperUser]
     queryset = UserExt.objects.filter(is_active=True)
 
+    def create(self, request: request.Request, *args: tuple, **kwargs: dict) -> response.Response:
+        serializer = self.get_serializer(data=request.data)
+        serializer.is_valid(raise_exception=True)
+        self.perform_create(serializer)
+
+        data = serializer.data
+        data["password"] = serializer._generated_password
+        headers = self.get_success_headers(data)
+        return response.Response(data=data, status=status.HTTP_201_CREATED, headers=headers)
+
     @extend_schema(tags=[OpenAPITag.ADMIN_ACCOUNT], responses={status.HTTP_200_OK: UserAdminSerializer})
     @decorators.action(detail=False, methods=["GET"], permission_classes=[])
     def me(self, request: request.Request, *args: tuple, **kwargs: dict) -> response.Response:
@@ -67,8 +75,7 @@ def signout(self, request: request.Request, *args: tuple, **kwargs: dict) -> res
     )
     @decorators.action(detail=True, methods=["DELETE"], url_path="password")
     def reset_password(self, *args: tuple, **kwargs: dict) -> response.Response:
-        alphabet = string.ascii_letters + string.digits + string.punctuation
-        new_password = "".join(secrets.choice(alphabet) for _ in range(16))
+        new_password = generate_random_password()
 
         user: UserExt = self.get_object()
         user.set_password(new_password)

app/core/const/account.py

@@ -1 +1,7 @@
-INITIAL_ADMIN_PASSWORD = "pyconkradmin12!@"  # nosec: B105
+import secrets
+import string
+
+
+def generate_random_password(length: int = 16) -> str:
+    alphabet = string.ascii_letters + string.digits + string.punctuation
+    return "".join(secrets.choice(alphabet) for _ in range(length))