新增修改密码接口
This commit is contained in:
高雄
parent
a0b239f34e
commit
693e09ca61
|
|
@ -28,6 +28,8 @@ public class Message implements Serializable {
|
|||
public static final String MOBILE_EXIST = "手机号码已经存在,请重新输入";
|
||||
public static final String EMAIL_EXIST = "邮箱已经存在,请重新输入";
|
||||
public static final String IDENTITY_CARD_EXIST = "身份证已经存在,请重新输入";
|
||||
public static final String OLD_PASSWORD_EQUAL_NEW_PASSWORD = "身份证已经存在,请重新输入";
|
||||
public static final String OLD_PASSWORD_IS_ERROR = "旧密码错误,请重新输入";
|
||||
public static final String DEPT_PARENT_NOT_EXIST = "父级部门不存在";
|
||||
public static final String DEPT_ID_NOT_EXIST = "部门id不存在";
|
||||
public static final String POST_ID_NOT_EXIST = "岗位id不存在";
|
||||
|
|
|
|||
|
|
@ -25,6 +25,6 @@ public class LoginReq implements Serializable {
|
|||
private String account;
|
||||
|
||||
@NotBlank(message = "密码不能为空")
|
||||
@ApiModelProperty("密码,密文传输,采用aes加密,秘钥为账号")
|
||||
@ApiModelProperty("密码,密文传输,密码加密采用aes(加密模式ECB,填充方式PKCS#7)加密传输,加密密钥产生逻辑:对账号做md5()计算,然后取值8-24位。")
|
||||
private String password;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -0,0 +1,34 @@
|
|||
package com.dite.znpt.domain.vo;
|
||||
|
||||
import io.swagger.annotations.ApiModel;
|
||||
import io.swagger.annotations.ApiModelProperty;
|
||||
import lombok.Data;
|
||||
|
||||
import javax.validation.constraints.NotBlank;
|
||||
import java.io.Serial;
|
||||
import java.io.Serializable;
|
||||
|
||||
/**
|
||||
* @author Bear.G
|
||||
* @date 2025/5/22/周四 17:36
|
||||
* @description
|
||||
*/
|
||||
@Data
|
||||
@ApiModel("修改密码请求实体")
|
||||
public class ModifyPasswordReq implements Serializable {
|
||||
|
||||
@Serial
|
||||
private static final long serialVersionUID = -5458522057381605255L;
|
||||
|
||||
@NotBlank(message = "账号不能为空")
|
||||
@ApiModelProperty("账号")
|
||||
private String account;
|
||||
|
||||
@NotBlank(message = "旧密码不能为空")
|
||||
@ApiModelProperty("旧密码,密文传输,密码加密采用aes(加密模式ECB,填充方式PKCS#7)加密传输,加密密钥产生逻辑:对账号做md5()计算,然后取值8-24位。")
|
||||
private String oldPassword;
|
||||
|
||||
@NotBlank(message = "新密码不能为空")
|
||||
@ApiModelProperty("新密码,密文传输,密码加密采用aes(加密模式ECB,填充方式PKCS#7)加密传输,加密密钥产生逻辑:对账号做md5()计算,然后取值8-24位。")
|
||||
private String newPassword;
|
||||
}
|
||||
|
|
@ -4,6 +4,7 @@ import cn.dev33.satoken.stp.SaTokenInfo;
|
|||
import cn.hutool.core.lang.tree.Tree;
|
||||
import com.dite.znpt.domain.Result;
|
||||
import com.dite.znpt.domain.vo.LoginReq;
|
||||
import com.dite.znpt.domain.vo.ModifyPasswordReq;
|
||||
import com.dite.znpt.domain.vo.UserInfo;
|
||||
|
||||
import java.util.List;
|
||||
|
|
@ -17,6 +18,8 @@ public interface AuthService {
|
|||
|
||||
Result<SaTokenInfo> doLogin(LoginReq req);
|
||||
|
||||
void modifyPassword(ModifyPasswordReq req);
|
||||
|
||||
void doLogout();
|
||||
|
||||
List<Tree<String>> getMenuInfo(String userId);
|
||||
|
|
|
|||
|
|
@ -1,27 +1,35 @@
|
|||
package com.dite.znpt.service.impl;
|
||||
|
||||
import cn.dev33.satoken.secure.SaSecureUtil;
|
||||
import cn.dev33.satoken.stp.SaTokenInfo;
|
||||
import cn.dev33.satoken.stp.StpUtil;
|
||||
import cn.dev33.satoken.stp.parameter.SaLoginParameter;
|
||||
import cn.hutool.core.collection.CollUtil;
|
||||
import cn.hutool.core.lang.tree.Tree;
|
||||
import cn.hutool.core.util.RandomUtil;
|
||||
import cn.hutool.core.util.StrUtil;
|
||||
import cn.hutool.crypto.SecureUtil;
|
||||
import cn.hutool.http.useragent.UserAgent;
|
||||
import cn.hutool.http.useragent.UserAgentInfo;
|
||||
import cn.hutool.http.useragent.UserAgentUtil;
|
||||
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
|
||||
import com.dite.znpt.constant.Constants;
|
||||
import com.dite.znpt.constant.Message;
|
||||
import com.dite.znpt.converts.Converts;
|
||||
import com.dite.znpt.domain.Result;
|
||||
import com.dite.znpt.domain.entity.*;
|
||||
import com.dite.znpt.domain.entity.DeptEntity;
|
||||
import com.dite.znpt.domain.entity.MenuEntity;
|
||||
import com.dite.znpt.domain.entity.RoleMenuEntity;
|
||||
import com.dite.znpt.domain.entity.UserEntity;
|
||||
import com.dite.znpt.domain.vo.LoginReq;
|
||||
import com.dite.znpt.domain.vo.ModifyPasswordReq;
|
||||
import com.dite.znpt.domain.vo.RoleResp;
|
||||
import com.dite.znpt.domain.vo.UserInfo;
|
||||
import com.dite.znpt.enums.TerminalTypeEnum;
|
||||
import com.dite.znpt.exception.ServiceException;
|
||||
import com.dite.znpt.service.*;
|
||||
import lombok.AllArgsConstructor;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
import org.springframework.web.context.request.RequestContextHolder;
|
||||
import org.springframework.web.context.request.ServletRequestAttributes;
|
||||
|
||||
|
|
@ -52,23 +60,21 @@ public class AuthServiceImpl implements AuthService {
|
|||
|
||||
@Override
|
||||
public Result<SaTokenInfo> doLogin(LoginReq req) {
|
||||
String key = SecureUtil.md5(req.getAccount()).substring(8,24);
|
||||
UserEntity user = userService.getOne(Wrappers.lambdaQuery(UserEntity.class).eq(UserEntity::getAccount, req.getAccount()).eq(UserEntity::getDelFlag, Constants.DEL_FLAG_0));
|
||||
if(null == user){
|
||||
return Result.error(Constants.ACCOUNT_ERROR_EXCEPTION, Constants.ACCOUNT_ERROR_EXCEPTION_MESSAGE);
|
||||
}
|
||||
try {
|
||||
String password = SecureUtil.aes(key.getBytes()).decryptStr(req.getPassword());
|
||||
String pwdCiphertext = SecureUtil.md5(req.getAccount().concat(password).concat(user.getSalt()));
|
||||
if(!pwdCiphertext.equals(user.getPassword())){
|
||||
return Result.error(Constants.PASSWORD_ERROR_EXCEPTION, Constants.PASSWORD_ERROR_EXCEPTION_MESSAGE);
|
||||
}
|
||||
}catch (Exception e){
|
||||
return Result.error(Constants.PASSWORD_EXCEPTION, Constants.PASSWORD_EXCEPTION_MESSAGE);
|
||||
}
|
||||
if(!user.getStatus().equals(Constants.STATUS_0)){
|
||||
return Result.error(Constants.USER_DISABLE_EXCEPTION, Constants.USER_DISABLE_EXCEPTION_MESSAGE);
|
||||
}
|
||||
|
||||
String key = SecureUtil.md5(req.getAccount()).substring(8,24);
|
||||
String password = SecureUtil.aes(key.getBytes()).decryptStr(req.getPassword());
|
||||
String pwdCiphertext = SecureUtil.md5(req.getAccount().concat(password).concat(user.getSalt()));
|
||||
if(!pwdCiphertext.equals(user.getPassword())){
|
||||
return Result.error(Constants.PASSWORD_ERROR_EXCEPTION, Constants.PASSWORD_ERROR_EXCEPTION_MESSAGE);
|
||||
}
|
||||
|
||||
if(user.getIsDefaultPassword()){
|
||||
return Result.error(Constants.DEFAULT_PASSWORD_EXCEPTION, Constants.DEFAULT_PASSWORD_EXCEPTION_MESSAGE);
|
||||
}
|
||||
|
|
@ -80,6 +86,34 @@ public class AuthServiceImpl implements AuthService {
|
|||
return Result.ok(StpUtil.getTokenInfo());
|
||||
}
|
||||
|
||||
@Transactional(rollbackFor = Exception.class)
|
||||
@Override
|
||||
public void modifyPassword(ModifyPasswordReq req) {
|
||||
if(req.getOldPassword().equals(req.getNewPassword())){
|
||||
throw new ServiceException(Message.OLD_PASSWORD_EQUAL_NEW_PASSWORD);
|
||||
}
|
||||
UserEntity user = userService.getOne(Wrappers.lambdaQuery(UserEntity.class).eq(UserEntity::getAccount, req.getAccount()).eq(UserEntity::getDelFlag, Constants.DEL_FLAG_0));
|
||||
if(null == user){
|
||||
throw new ServiceException(Constants.ACCOUNT_ERROR_EXCEPTION_MESSAGE);
|
||||
}
|
||||
if(!user.getStatus().equals(Constants.STATUS_0)){
|
||||
throw new ServiceException(Constants.USER_DISABLE_EXCEPTION_MESSAGE);
|
||||
}
|
||||
String key = SecureUtil.md5(req.getAccount()).substring(8,24);
|
||||
String oldPassword = SecureUtil.aes(key.getBytes()).decryptStr(req.getOldPassword());
|
||||
String pwdCiphertext = SecureUtil.md5(req.getAccount().concat(oldPassword).concat(user.getSalt()));
|
||||
if(!pwdCiphertext.equals(user.getPassword())){
|
||||
throw new ServiceException(Message.OLD_PASSWORD_IS_ERROR);
|
||||
}
|
||||
String newPassword = SecureUtil.aes(key.getBytes()).decryptStr(req.getNewPassword());
|
||||
String salt = RandomUtil.randomString(req.getAccount(), 4);
|
||||
user.setSalt(salt);
|
||||
user.setPassword(SaSecureUtil.md5(req.getAccount().concat(newPassword).concat(salt)));
|
||||
user.setIsDefaultPassword(Boolean.FALSE);
|
||||
userService.updateById(user);
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public void doLogout() {
|
||||
StpUtil.logout();
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ import cn.dev33.satoken.stp.StpUtil;
|
|||
import cn.hutool.core.lang.tree.Tree;
|
||||
import com.dite.znpt.domain.Result;
|
||||
import com.dite.znpt.domain.vo.LoginReq;
|
||||
import com.dite.znpt.domain.vo.ModifyPasswordReq;
|
||||
import com.dite.znpt.domain.vo.UserInfo;
|
||||
import com.dite.znpt.service.AuthService;
|
||||
import io.swagger.annotations.Api;
|
||||
|
|
@ -13,6 +14,7 @@ import org.springframework.validation.annotation.Validated;
|
|||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
import javax.validation.Valid;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
|
|
@ -30,10 +32,17 @@ public class AuthController {
|
|||
|
||||
@ApiOperation(value = "登录",httpMethod = "POST", notes = "密码加密采用aes(加密模式ECB,填充方式PKCS#7)加密传输,加密密钥产生逻辑:对账号做md5()计算,然后取值8-24位。demo数据:账号:admin,加密后的密码:Csq+AVwlEzX3r5vfxL7d/g== 账号:tino,加密后的密码:owbegSu4cMJRD4CiWO+WyQ==")
|
||||
@PostMapping("/login")
|
||||
public Result<SaTokenInfo> login(@Validated @RequestBody LoginReq req) {
|
||||
public Result<SaTokenInfo> login(@Valid @RequestBody LoginReq req) {
|
||||
return authService.doLogin(req);
|
||||
}
|
||||
|
||||
@ApiOperation(value = "修改密码", httpMethod = "PUT")
|
||||
@PutMapping("/modify-password")
|
||||
public Result<?> modifyPassword(@Valid @RequestBody ModifyPasswordReq req){
|
||||
authService.modifyPassword(req);
|
||||
return Result.ok();
|
||||
}
|
||||
|
||||
@GetMapping("/userInfo")
|
||||
@ApiOperation(value = "获取用户信息",httpMethod = "GET")
|
||||
public Result<UserInfo> userInfo() {
|
||||
|
|
|
|||
Loading…
Reference in New Issue