16639036659
2024-01-04 a290320e826c0059709522d47753ada32b82d07d
src/main/java/com/gkhy/labRiskManage/domain/account/service/impl/UserDomainServiceImpl.java
@@ -287,28 +287,70 @@
        }
        return doList;
    }
    //2024 修改密码弱口令问题
    @Override
    @Transactional
    public boolean updateUserPwd(Long uid, String oldPwd, String newPwd) {
        if(uid == null || oldPwd == null || newPwd == null || oldPwd.isEmpty() || newPwd.isEmpty())
            throw new BusinessException(this.getClass(), ResultCode.PARAM_ERROR_NULL.getCode(), "参数缺失");
        if (newPwd.length() < 8){
            throw new BusinessException(this.getClass(),ResultCode.PARAM_ERROR_ILLEGAL.getCode(),"密码长度不够");
        }
        if (!newPwd.matches(".*[A-Z].*")){
            throw new BusinessException(this.getClass(),ResultCode.PARAM_ERROR_ILLEGAL.getCode(),"密码至少包含大小写字母、数字、特殊字符");
        }
        if (!newPwd.matches(".*[a-z].*")){
            throw new BusinessException(this.getClass(),ResultCode.PARAM_ERROR_ILLEGAL.getCode(),"密码至少包含大小写字母、数字、特殊字符");
        }
        if (!newPwd.matches(".*\\d.*")){
            throw new BusinessException(this.getClass(),ResultCode.PARAM_ERROR_ILLEGAL.getCode(),"密码至少包含大小写字母、数字、特殊字符");
        }
        if (!newPwd.matches(".*[!@#$%^&*.()?+`~<>,-].*")){
            throw new BusinessException(this.getClass(),ResultCode.PARAM_ERROR_ILLEGAL.getCode(),"密码至少包含大小写字母、数字、特殊字符");
        }
        Optional<User> userOptional = userRepository.findById(uid);
        if(!userOptional.isPresent()){
            throw new BusinessException(this.getClass(), ResultCode.BUSINESS_ERROR_ACCOUNT_NOT_EXIST.getCode(), "用户不存在");
        }
        User user = userOptional.get();
        //验证旧密码
        String hash = String.valueOf(Hashing.hmacMd5(user.getSalt().getBytes(StandardCharsets.UTF_8)).hashString(oldPwd,
                StandardCharsets.UTF_8));
        String hash = genPasswordHash(oldPwd, user.getSalt());
        if(!hash.equals(user.getHash()))
            throw new BusinessException(this.getClass(), ResultCode.BUSINESS_ERROR_NOT_ALLOWED.getCode(), "旧密码错误");
        String newSalt = String.valueOf(Hashing.hmacMd5("".getBytes()).hashString(""+uid+Range.atLeast(1)+System.nanoTime(),
                StandardCharsets.UTF_8));
        String newHash = String.valueOf(Hashing.hmacMd5(newSalt.getBytes(StandardCharsets.UTF_8)).hashString(newPwd,
                StandardCharsets.UTF_8));
        if(userRepository.updatePassword(uid,newHash,newSalt, LocalDateTime.now()) == 1){
        String newHash = genPasswordHash(newPwd, user.getSalt());
        if(userRepository.updatePassword(uid,newHash, user.getSalt(), LocalDateTime.now()) == 1){
//            deleteUserCache(uid);
            return true;
        }else {
            throw new BusinessException(this.getClass(), ResultCode.SYSTEM_ERROR_DATABASE_FAIL.getCode(), "数据库错误");
        }
    }
    // todo 2024 密码重置问题
    @Override
    public boolean resetUserPassword(Long uid, Long currentUserId) {
        if(uid == null){
            throw new BusinessException(this.getClass(), ResultCode.PARAM_ERROR_NULL.getCode(), "参数缺失");
        }
        Optional<User> userOptional = userRepository.findById(uid);
        //验证用户是否存在
        if(!userOptional.isPresent()){
            throw new BusinessException(this.getClass(), ResultCode.BUSINESS_ERROR_ACCOUNT_NOT_EXIST.getCode(), "用户不存在");
        }
        User user = userOptional.get();
        //设置初始密码
        String newPwd = "Gs@123456";
        String newHash = genPasswordHash(newPwd, user.getSalt());
//        Integer integer = userRepository.resetPassword(uid, newHash, LocalDateTime.now());
        if(userRepository.resetPassword(uid, newHash, LocalDateTime.now()) == 1){
            return true;
        }else {
            throw new BusinessException(this.getClass(), ResultCode.SYSTEM_ERROR_DATABASE_FAIL.getCode(), "数据库错误");
@@ -346,14 +388,14 @@
        User user = userOptional.get();
        /*if(user.getRoleId() != null && user.getRoleId().equals(roleId))
            throw new BusinessException(this.getClass(), ResultCode.BUSINESS_ERROR_NOT_ALLOWED.getCode(), "用户角色未发生改变");*/
        //todo:校验角色信息
        //校验角色信息
        /*if(userRepository.updateUserRole(uid,roleId,LocalDateTime.now()) != null){
//            deleteUserCache(uid);
            return true;
        }*/
        return false;
    }
    //2024 登录校验问题
    @Override
    public boolean checkPassword(String pwd, String hash, String salt) {
        if(pwd == null || pwd.isEmpty() || salt == null || salt.isEmpty() || hash == null || hash.isEmpty())
@@ -361,7 +403,7 @@
        if(Hashing.hmacMd5(salt.getBytes(StandardCharsets.UTF_8)).hashString(pwd, StandardCharsets.UTF_8).toString().equals(hash)){
            return true;
        }else {
            return true;
            return false;
        }
    }
@@ -561,6 +603,7 @@
    }
    /**
     * 用户查询
     */