diff --git a/core/src/main/java/com/dite/znpt/constant/Message.java b/core/src/main/java/com/dite/znpt/constant/Message.java index e0e5adc..7e4c060 100644 --- a/core/src/main/java/com/dite/znpt/constant/Message.java +++ b/core/src/main/java/com/dite/znpt/constant/Message.java @@ -28,6 +28,8 @@ public class Message implements Serializable { public static final String MOBILE_EXIST = "手机号码已经存在,请重新输入"; public static final String EMAIL_EXIST = "邮箱已经存在,请重新输入"; public static final String IDENTITY_CARD_EXIST = "身份证已经存在,请重新输入"; + public static final String OLD_PASSWORD_EQUAL_NEW_PASSWORD = "身份证已经存在,请重新输入"; + public static final String OLD_PASSWORD_IS_ERROR = "旧密码错误,请重新输入"; public static final String DEPT_PARENT_NOT_EXIST = "父级部门不存在"; public static final String DEPT_ID_NOT_EXIST = "部门id不存在"; public static final String POST_ID_NOT_EXIST = "岗位id不存在"; diff --git a/core/src/main/java/com/dite/znpt/domain/vo/LoginReq.java b/core/src/main/java/com/dite/znpt/domain/vo/LoginReq.java index c434484..4a6b6fe 100644 --- a/core/src/main/java/com/dite/znpt/domain/vo/LoginReq.java +++ b/core/src/main/java/com/dite/znpt/domain/vo/LoginReq.java @@ -25,6 +25,6 @@ public class LoginReq implements Serializable { private String account; @NotBlank(message = "密码不能为空") - @ApiModelProperty("密码,密文传输,采用aes加密,秘钥为账号") + @ApiModelProperty("密码,密文传输,密码加密采用aes(加密模式ECB,填充方式PKCS#7)加密传输,加密密钥产生逻辑:对账号做md5()计算,然后取值8-24位。") private String password; } diff --git a/core/src/main/java/com/dite/znpt/domain/vo/ModifyPasswordReq.java b/core/src/main/java/com/dite/znpt/domain/vo/ModifyPasswordReq.java new file mode 100644 index 0000000..cd60a05 --- /dev/null +++ b/core/src/main/java/com/dite/znpt/domain/vo/ModifyPasswordReq.java @@ -0,0 +1,34 @@ +package com.dite.znpt.domain.vo; + +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import lombok.Data; + +import javax.validation.constraints.NotBlank; +import java.io.Serial; +import java.io.Serializable; + +/** + * @author Bear.G + * @date 2025/5/22/周四 17:36 + * @description + */ +@Data +@ApiModel("修改密码请求实体") +public class ModifyPasswordReq implements Serializable { + + @Serial + private static final long serialVersionUID = -5458522057381605255L; + + @NotBlank(message = "账号不能为空") + @ApiModelProperty("账号") + private String account; + + @NotBlank(message = "旧密码不能为空") + @ApiModelProperty("旧密码,密文传输,密码加密采用aes(加密模式ECB,填充方式PKCS#7)加密传输,加密密钥产生逻辑:对账号做md5()计算,然后取值8-24位。") + private String oldPassword; + + @NotBlank(message = "新密码不能为空") + @ApiModelProperty("新密码,密文传输,密码加密采用aes(加密模式ECB,填充方式PKCS#7)加密传输,加密密钥产生逻辑:对账号做md5()计算,然后取值8-24位。") + private String newPassword; +} diff --git a/core/src/main/java/com/dite/znpt/service/AuthService.java b/core/src/main/java/com/dite/znpt/service/AuthService.java index dd54c0d..956913a 100644 --- a/core/src/main/java/com/dite/znpt/service/AuthService.java +++ b/core/src/main/java/com/dite/znpt/service/AuthService.java @@ -4,6 +4,7 @@ import cn.dev33.satoken.stp.SaTokenInfo; import cn.hutool.core.lang.tree.Tree; import com.dite.znpt.domain.Result; import com.dite.znpt.domain.vo.LoginReq; +import com.dite.znpt.domain.vo.ModifyPasswordReq; import com.dite.znpt.domain.vo.UserInfo; import java.util.List; @@ -17,6 +18,8 @@ public interface AuthService { Result doLogin(LoginReq req); + void modifyPassword(ModifyPasswordReq req); + void doLogout(); List> getMenuInfo(String userId); diff --git a/core/src/main/java/com/dite/znpt/service/impl/AuthServiceImpl.java b/core/src/main/java/com/dite/znpt/service/impl/AuthServiceImpl.java index 29591f1..d5b52a7 100644 --- a/core/src/main/java/com/dite/znpt/service/impl/AuthServiceImpl.java +++ b/core/src/main/java/com/dite/znpt/service/impl/AuthServiceImpl.java @@ -1,27 +1,35 @@ package com.dite.znpt.service.impl; +import cn.dev33.satoken.secure.SaSecureUtil; import cn.dev33.satoken.stp.SaTokenInfo; import cn.dev33.satoken.stp.StpUtil; import cn.dev33.satoken.stp.parameter.SaLoginParameter; import cn.hutool.core.collection.CollUtil; import cn.hutool.core.lang.tree.Tree; +import cn.hutool.core.util.RandomUtil; import cn.hutool.core.util.StrUtil; import cn.hutool.crypto.SecureUtil; import cn.hutool.http.useragent.UserAgent; -import cn.hutool.http.useragent.UserAgentInfo; import cn.hutool.http.useragent.UserAgentUtil; import com.baomidou.mybatisplus.core.toolkit.Wrappers; import com.dite.znpt.constant.Constants; +import com.dite.znpt.constant.Message; import com.dite.znpt.converts.Converts; import com.dite.znpt.domain.Result; -import com.dite.znpt.domain.entity.*; +import com.dite.znpt.domain.entity.DeptEntity; +import com.dite.znpt.domain.entity.MenuEntity; +import com.dite.znpt.domain.entity.RoleMenuEntity; +import com.dite.znpt.domain.entity.UserEntity; import com.dite.znpt.domain.vo.LoginReq; +import com.dite.znpt.domain.vo.ModifyPasswordReq; import com.dite.znpt.domain.vo.RoleResp; import com.dite.znpt.domain.vo.UserInfo; import com.dite.znpt.enums.TerminalTypeEnum; +import com.dite.znpt.exception.ServiceException; import com.dite.znpt.service.*; import lombok.AllArgsConstructor; import org.springframework.stereotype.Service; +import org.springframework.transaction.annotation.Transactional; import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; @@ -52,23 +60,21 @@ public class AuthServiceImpl implements AuthService { @Override public Result doLogin(LoginReq req) { - String key = SecureUtil.md5(req.getAccount()).substring(8,24); UserEntity user = userService.getOne(Wrappers.lambdaQuery(UserEntity.class).eq(UserEntity::getAccount, req.getAccount()).eq(UserEntity::getDelFlag, Constants.DEL_FLAG_0)); if(null == user){ return Result.error(Constants.ACCOUNT_ERROR_EXCEPTION, Constants.ACCOUNT_ERROR_EXCEPTION_MESSAGE); } - try { - String password = SecureUtil.aes(key.getBytes()).decryptStr(req.getPassword()); - String pwdCiphertext = SecureUtil.md5(req.getAccount().concat(password).concat(user.getSalt())); - if(!pwdCiphertext.equals(user.getPassword())){ - return Result.error(Constants.PASSWORD_ERROR_EXCEPTION, Constants.PASSWORD_ERROR_EXCEPTION_MESSAGE); - } - }catch (Exception e){ - return Result.error(Constants.PASSWORD_EXCEPTION, Constants.PASSWORD_EXCEPTION_MESSAGE); - } if(!user.getStatus().equals(Constants.STATUS_0)){ return Result.error(Constants.USER_DISABLE_EXCEPTION, Constants.USER_DISABLE_EXCEPTION_MESSAGE); } + + String key = SecureUtil.md5(req.getAccount()).substring(8,24); + String password = SecureUtil.aes(key.getBytes()).decryptStr(req.getPassword()); + String pwdCiphertext = SecureUtil.md5(req.getAccount().concat(password).concat(user.getSalt())); + if(!pwdCiphertext.equals(user.getPassword())){ + return Result.error(Constants.PASSWORD_ERROR_EXCEPTION, Constants.PASSWORD_ERROR_EXCEPTION_MESSAGE); + } + if(user.getIsDefaultPassword()){ return Result.error(Constants.DEFAULT_PASSWORD_EXCEPTION, Constants.DEFAULT_PASSWORD_EXCEPTION_MESSAGE); } @@ -80,6 +86,34 @@ public class AuthServiceImpl implements AuthService { return Result.ok(StpUtil.getTokenInfo()); } + @Transactional(rollbackFor = Exception.class) + @Override + public void modifyPassword(ModifyPasswordReq req) { + if(req.getOldPassword().equals(req.getNewPassword())){ + throw new ServiceException(Message.OLD_PASSWORD_EQUAL_NEW_PASSWORD); + } + UserEntity user = userService.getOne(Wrappers.lambdaQuery(UserEntity.class).eq(UserEntity::getAccount, req.getAccount()).eq(UserEntity::getDelFlag, Constants.DEL_FLAG_0)); + if(null == user){ + throw new ServiceException(Constants.ACCOUNT_ERROR_EXCEPTION_MESSAGE); + } + if(!user.getStatus().equals(Constants.STATUS_0)){ + throw new ServiceException(Constants.USER_DISABLE_EXCEPTION_MESSAGE); + } + String key = SecureUtil.md5(req.getAccount()).substring(8,24); + String oldPassword = SecureUtil.aes(key.getBytes()).decryptStr(req.getOldPassword()); + String pwdCiphertext = SecureUtil.md5(req.getAccount().concat(oldPassword).concat(user.getSalt())); + if(!pwdCiphertext.equals(user.getPassword())){ + throw new ServiceException(Message.OLD_PASSWORD_IS_ERROR); + } + String newPassword = SecureUtil.aes(key.getBytes()).decryptStr(req.getNewPassword()); + String salt = RandomUtil.randomString(req.getAccount(), 4); + user.setSalt(salt); + user.setPassword(SaSecureUtil.md5(req.getAccount().concat(newPassword).concat(salt))); + user.setIsDefaultPassword(Boolean.FALSE); + userService.updateById(user); + + } + @Override public void doLogout() { StpUtil.logout(); diff --git a/web/src/main/java/com/dite/znpt/web/controller/AuthController.java b/web/src/main/java/com/dite/znpt/web/controller/AuthController.java index 745b7a2..405eb8c 100644 --- a/web/src/main/java/com/dite/znpt/web/controller/AuthController.java +++ b/web/src/main/java/com/dite/znpt/web/controller/AuthController.java @@ -5,6 +5,7 @@ import cn.dev33.satoken.stp.StpUtil; import cn.hutool.core.lang.tree.Tree; import com.dite.znpt.domain.Result; import com.dite.znpt.domain.vo.LoginReq; +import com.dite.znpt.domain.vo.ModifyPasswordReq; import com.dite.znpt.domain.vo.UserInfo; import com.dite.znpt.service.AuthService; import io.swagger.annotations.Api; @@ -13,6 +14,7 @@ import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; import javax.annotation.Resource; +import javax.validation.Valid; import java.util.List; /** @@ -30,10 +32,17 @@ public class AuthController { @ApiOperation(value = "登录",httpMethod = "POST", notes = "密码加密采用aes(加密模式ECB,填充方式PKCS#7)加密传输,加密密钥产生逻辑:对账号做md5()计算,然后取值8-24位。demo数据:账号:admin,加密后的密码:Csq+AVwlEzX3r5vfxL7d/g== 账号:tino,加密后的密码:owbegSu4cMJRD4CiWO+WyQ==") @PostMapping("/login") - public Result login(@Validated @RequestBody LoginReq req) { + public Result login(@Valid @RequestBody LoginReq req) { return authService.doLogin(req); } + @ApiOperation(value = "修改密码", httpMethod = "PUT") + @PutMapping("/modify-password") + public Result modifyPassword(@Valid @RequestBody ModifyPasswordReq req){ + authService.modifyPassword(req); + return Result.ok(); + } + @GetMapping("/userInfo") @ApiOperation(value = "获取用户信息",httpMethod = "GET") public Result userInfo() {