From a290320e826c0059709522d47753ada32b82d07d Mon Sep 17 00:00:00 2001
From: 16639036659 <577530412@qq.com>
Date: 星期四, 04 一月 2024 15:59:46 +0800
Subject: [PATCH] 登录检验,弱口令,初始密码,修改,重置
---
src/main/java/com/gkhy/labRiskManage/application/account/service/impl/AccountAppServiceImpl.java | 70 +++++++++++++++++++++++++++++++++--
1 files changed, 66 insertions(+), 4 deletions(-)
diff --git a/src/main/java/com/gkhy/labRiskManage/application/account/service/impl/AccountAppServiceImpl.java b/src/main/java/com/gkhy/labRiskManage/application/account/service/impl/AccountAppServiceImpl.java
index a1a49b1..af217c3 100644
--- a/src/main/java/com/gkhy/labRiskManage/application/account/service/impl/AccountAppServiceImpl.java
+++ b/src/main/java/com/gkhy/labRiskManage/application/account/service/impl/AccountAppServiceImpl.java
@@ -16,6 +16,7 @@
import com.gkhy.labRiskManage.application.account.dto.respDto.LoginRespDto;
import com.gkhy.labRiskManage.application.account.dto.respDto.TokenInfoDto;
import com.gkhy.labRiskManage.domain.account.converter.UserRoleBindConverter;
+import com.gkhy.labRiskManage.domain.account.entity.User;
import com.gkhy.labRiskManage.domain.account.enums.IdentityStatusEnum;
import com.gkhy.labRiskManage.domain.account.enums.UserStatusEnum;
import com.gkhy.labRiskManage.application.account.service.AccountAppService;
@@ -28,19 +29,23 @@
import com.gkhy.labRiskManage.domain.account.model.bo.UpdateUserBO;
import com.gkhy.labRiskManage.domain.account.model.dto.SysUserRoleBindDomainDTO;
+import com.gkhy.labRiskManage.domain.account.repository.jpa.UserRepository;
import com.gkhy.labRiskManage.domain.account.service.SysUserIdentityBindDomainService;
import com.gkhy.labRiskManage.domain.account.service.UserDomainService;
import com.gkhy.labRiskManage.domain.account.model.dto.UserInfoDomainDTO;
import com.gkhy.labRiskManage.domain.account.service.UserRoleDomainService;
+import com.gkhy.labRiskManage.domain.riskReport.utils.GetRoleTagUtils;
import org.redisson.api.RedissonClient;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.util.CollectionUtils;
+import org.springframework.util.ObjectUtils;
import java.util.ArrayList;
import java.util.List;
+import java.util.Optional;
@Service
public class AccountAppServiceImpl implements AccountAppService {
@@ -68,6 +73,7 @@
@Autowired
private UserRoleBindConverter converter;
+
@Override
public SearchResult<UserInfoAppRespDTO> findUserByLoginName(String loginName){
@@ -152,7 +158,11 @@
@Override
@Transactional
- public Result updateUserPassword(ChangePasswdReqDto dto) {
+ public Result updateUserPassword(ChangePasswdReqDto dto, Long currentUserId) {
+ //人员校验
+ if (!currentUserId.equals(dto.getUid())){
+ throw new BusinessException(this.getClass(), ResultCode.PARAM_ERROR_NULL.getCode(), "修改密码遇到错误");
+ }
Result result = new Result<>();
if(userDomainService.updateUserPwd(dto.getUid(),dto.getOldPwd(),dto.getNewPwd()) == true){
result.setSuccess();
@@ -160,6 +170,36 @@
result.setCode(ResultCode.SYSTEM_ERROR.getCode());
result.setMsg("修改密码失败");
}
+ return result;
+ }
+
+ @Override
+ public Result resetUserPassword(ChangePasswdReqDto dto, Long currentUserId) {
+ //todo 身份校验
+
+ if (currentUserId.equals(53)){
+ throw new BusinessException(this.getClass(), ResultCode.PARAM_ERROR.getCode() ,"管理员用户不可重置");
+ }
+ UserInfoDomainDTO userInfo = userDomainService.getUserById(currentUserId);
+
+ if (ObjectUtils.isEmpty(userInfo)){
+ throw new BusinessException(this.getClass(), ResultCode.PARAM_ERROR.getCode() ,"用户不存在");
+ }
+
+ int roleTag = GetRoleTagUtils.GetRoleTagUtils(userInfo);
+ if (roleTag < 2){
+ throw new BusinessException(this.getClass(), ResultCode.PARAM_ERROR.getCode() ,"无权限重置");
+ }
+
+ Result result = new Result<>();
+
+ if(userDomainService.resetUserPassword(dto.getUid(), currentUserId) == true){
+ result.setSuccess();
+ }else {
+ result.setCode(ResultCode.SYSTEM_ERROR.getCode());
+ result.setMsg("重置密码失败");
+ }
+
return result;
}
@@ -216,7 +256,6 @@
result.setMsg("用户不存在");
return result;
}
-
if(!userDomainService.checkPassword(loginReqAppDTO.getPwd(), userInfoDomainDTO.getHash(), userInfoDomainDTO.getSalt())){
result.setCode(ResultCode.BUSINESS_ERROR_NOT_ALLOWED.getCode());
result.setMsg("密码错误");
@@ -252,13 +291,14 @@
loginRespDto.setRealName(userInfoDomainDTO.getRealName());
loginRespDto.setTk(tokenInfoDto.getTk());
loginRespDto.setRoles(converter.userRoleBindConverter(userInfoDomainDTO.getRoles()));
- //todo:获取其他需返回的信息
+ //获取其他需返回的信息
result.setSuccess();
result.setData(loginRespDto);
return result;
}
+
@Override
public Result logout(Long userId) {
@@ -293,8 +333,26 @@
createUserBO.setRealName(createNewUserAppReqDTO.getRealName());
//如果没有提供密码,初始密码为“123456”
if(createNewUserAppReqDTO.getPwd() == null || createNewUserAppReqDTO.getPwd().isEmpty()){
- createNewUserAppReqDTO.setPwd("123456");
+ createNewUserAppReqDTO.setPwd("Gs@123456");
}
+
+ //todo 2024 弱口令问题处理
+ if (createNewUserAppReqDTO.getPwd().length() < 8){
+ throw new BusinessException(this.getClass(),ResultCode.PARAM_ERROR_ILLEGAL.getCode(),"密码长度不够");
+ }
+ if (!createNewUserAppReqDTO.getPwd().matches(".*[A-Z].*")){
+ throw new BusinessException(this.getClass(),ResultCode.PARAM_ERROR_ILLEGAL.getCode(),"密码需要包含大小写字母、数字、特殊符号");
+ }
+ if (!createNewUserAppReqDTO.getPwd().matches(".*[a-z].*")){
+ throw new BusinessException(this.getClass(),ResultCode.PARAM_ERROR_ILLEGAL.getCode(),"密码需要包含大小写字母、数字、特殊符号");
+ }
+ if (!createNewUserAppReqDTO.getPwd().matches(".*\\d.*")){
+ throw new BusinessException(this.getClass(),ResultCode.PARAM_ERROR_ILLEGAL.getCode(),"密码需要包含大小写字母、数字、特殊符号");
+ }
+ if (!createNewUserAppReqDTO.getPwd().matches(".*[!@#$%^&*.()?+`~<>,-].*")){
+ throw new BusinessException(this.getClass(),ResultCode.PARAM_ERROR_ILLEGAL.getCode(),"密码需要包含大小写字母、数字、特殊符号");
+ }
+
createUserBO.setPwd(createNewUserAppReqDTO.getPwd());
createUserBO.setPhone(createNewUserAppReqDTO.getPhone());
createUserBO.setIdType(createNewUserAppReqDTO.getIdType());
@@ -366,6 +424,8 @@
return result;
}
+
+
@Transactional
@Override
public Result deleteUser(Long userId) {
@@ -406,4 +466,6 @@
}
+
+
}
--
Gitblit v1.9.2