diff --git a/api-admin/src/main/java/com/glxp/sale/admin/controller/auth/AuthAdminController.java b/api-admin/src/main/java/com/glxp/sale/admin/controller/auth/AuthAdminController.java index b032ff1..8fb7d02 100644 --- a/api-admin/src/main/java/com/glxp/sale/admin/controller/auth/AuthAdminController.java +++ b/api-admin/src/main/java/com/glxp/sale/admin/controller/auth/AuthAdminController.java @@ -2,7 +2,6 @@ package com.glxp.sale.admin.controller.auth; import com.github.pagehelper.PageInfo; import com.glxp.sale.admin.annotation.AuthRuleAnnotation; -import com.glxp.sale.admin.dao.inout.WarehouseUserDao; import com.glxp.sale.admin.entity.auth.AuthAdmin; import com.glxp.sale.admin.entity.auth.AuthRole; import com.glxp.sale.admin.entity.auth.AuthRoleAdmin; @@ -18,16 +17,13 @@ import com.glxp.sale.admin.req.inventory.FilterInvUserRequest; import com.glxp.sale.admin.res.PageSimpleResponse; import com.glxp.sale.admin.res.auth.AuthAdminResponse; import com.glxp.sale.admin.res.auth.AuthAdminRoleResponse; -import com.glxp.sale.admin.res.inventory.InvWarehouseResponse; import com.glxp.sale.admin.service.auth.AuthAdminService; import com.glxp.sale.admin.service.auth.AuthRoleAdminService; import com.glxp.sale.admin.service.auth.AuthRoleService; import com.glxp.sale.admin.service.auth.CustomerInfoService; -import com.glxp.sale.admin.service.basic.BussinessTypeService; import com.glxp.sale.admin.service.inout.WarehouseUserService; import com.glxp.sale.admin.service.inventory.InvBusUserService; import com.glxp.sale.admin.service.inventory.InvSubWarehouseService; -import com.glxp.sale.admin.service.inventory.InvWarehouseService; import com.glxp.sale.admin.util.PasswordUtils; import com.glxp.sale.common.enums.ResultEnum; import com.glxp.sale.common.res.BaseResponse; @@ -42,6 +38,7 @@ import javax.annotation.Resource; import javax.servlet.http.HttpServletRequest; import javax.validation.Valid; import java.util.*; +import java.util.regex.Pattern; import java.util.stream.Collectors; /** @@ -276,7 +273,12 @@ public class AuthAdminController { AuthAdmin authAdmin = new AuthAdmin(); BeanUtils.copyProperties(authAdminSaveRequest, authAdmin); if (authAdmin.getPassWord() != null) { + boolean matches = Pattern.matches("^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z\\\\W_.*%@!]+$)(?![a-z0-9]+$)(?![a-z\\\\W_.;*%@!]+$)(?![0-9\\\\W_.;*%@!]+$)[a-zA-Z0-9\\\\W_.;*%@!]{8,20}$", authAdmin.getPassWord()); + if(!matches){ + return ResultVOUtils.error(ResultEnum.PARAM_VERIFY_FALL, "密码需要包含大写字母、小写字符、数字、特殊字符(含_.%@!)其中任意三种,长度8-20位"); + } authAdmin.setPassWord(PasswordUtils.authAdminPwd(authAdmin.getPassWord())); + authAdmin.setLastUpdatePwdTime(new Date()); } authAdmin.setLastModifyTime(new Date()); boolean b = authAdminService.updateAuthAdmin(authAdmin); @@ -308,8 +310,8 @@ public class AuthAdminController { if (authAdminSaveRequest.getId() == null) { return ResultVOUtils.error(ResultEnum.PARAM_VERIFY_FALL, "参数错误!"); } - InvSubWarehouseEntity invSubWarehouseEntity=invSubWarehouseService.filterGroupInvSubAndcode(authAdminSaveRequest.getLocSubInvCode()); - if(invSubWarehouseEntity!=null){ + InvSubWarehouseEntity invSubWarehouseEntity = invSubWarehouseService.filterGroupInvSubAndcode(authAdminSaveRequest.getLocSubInvCode()); + if (invSubWarehouseEntity != null) { authAdminSaveRequest.setLocInvCode(invSubWarehouseEntity.getParentId()); } AuthAdmin authAdmin = new AuthAdmin(); @@ -332,20 +334,18 @@ public class AuthAdminController { public BaseResponse delete(@RequestBody AuthAdminSaveRequest authAdminSaveRequest) { - - - FilterInvUserRequest warehouseUser=new FilterInvUserRequest(); + FilterInvUserRequest warehouseUser = new FilterInvUserRequest(); warehouseUser.setUserid(authAdminSaveRequest.getId()); - List warehouseUserEntityList=warehouseUserService.filterWarehouseUsers(warehouseUser); - if(warehouseUserEntityList.size()==0){ - FilterInvBusUserRequest invBusUserEntity=new FilterInvBusUserRequest(); - invBusUserEntity.setUserId(authAdminSaveRequest.getId()+""); - List invBusUserList=invBusUserService.filterInvBusUser(invBusUserEntity); - if(invBusUserList.size()>0){ - return ResultVOUtils.error(999,"该用户存在关联单据信息,请先解除再删除"); + List warehouseUserEntityList = warehouseUserService.filterWarehouseUsers(warehouseUser); + if (warehouseUserEntityList.size() == 0) { + FilterInvBusUserRequest invBusUserEntity = new FilterInvBusUserRequest(); + invBusUserEntity.setUserId(authAdminSaveRequest.getId() + ""); + List invBusUserList = invBusUserService.filterInvBusUser(invBusUserEntity); + if (invBusUserList.size() > 0) { + return ResultVOUtils.error(999, "该用户存在关联单据信息,请先解除再删除"); } - }else{ - return ResultVOUtils.error(999,"该用户存在关联仓库信息,请先解除再删除"); + } else { + return ResultVOUtils.error(999, "该用户存在关联仓库信息,请先解除再删除"); } diff --git a/api-admin/src/main/java/com/glxp/sale/admin/controller/auth/LoginController.java b/api-admin/src/main/java/com/glxp/sale/admin/controller/auth/LoginController.java index 782ac0f..bb6ac34 100644 --- a/api-admin/src/main/java/com/glxp/sale/admin/controller/auth/LoginController.java +++ b/api-admin/src/main/java/com/glxp/sale/admin/controller/auth/LoginController.java @@ -1,5 +1,6 @@ package com.glxp.sale.admin.controller.auth; +import cn.hutool.core.date.DateUnit; import cn.hutool.core.util.StrUtil; import com.glxp.sale.admin.annotation.AuthRuleAnnotation; import com.glxp.sale.admin.dao.auth.AuthLicenseDao; @@ -146,6 +147,8 @@ public class LoginController { loginResponse.setToken(token); loginResponse.setDept(authAdmin.getDept()); loginResponse.setDeptName(authAdmin.getDeptName()); + loginResponse.setNeedChangePwd(cn.hutool.core.date.DateUtil.between(authAdmin.getLastUpdatePwdTime() == null ? cn.hutool.core.date.DateUtil.date():authAdmin.getLastUpdatePwdTime() + , cn.hutool.core.date.DateUtil.date(), DateUnit.DAY)>=90); return ResultVOUtils.success(loginResponse); } @@ -300,7 +303,8 @@ public class LoginController { authAdminUp.setId(authAdmin.getId()); String newPwd = PasswordUtils.authAdminPwd(updatePasswordRequest.getNewPassword()); authAdminUp.setPassWord(newPwd); - authAdmin.setLastModifyTime(new Date()); + authAdminUp.setLastModifyTime(new Date()); + authAdminUp.setLastUpdatePwdTime(new Date()); boolean b = authAdminService.updateAuthAdmin(authAdminUp); if (b) { return ResultVOUtils.success(); diff --git a/api-admin/src/main/java/com/glxp/sale/admin/controller/auth/RegisterController.java b/api-admin/src/main/java/com/glxp/sale/admin/controller/auth/RegisterController.java index f3932b8..bd7d29c 100644 --- a/api-admin/src/main/java/com/glxp/sale/admin/controller/auth/RegisterController.java +++ b/api-admin/src/main/java/com/glxp/sale/admin/controller/auth/RegisterController.java @@ -49,6 +49,7 @@ import javax.annotation.Resource; import javax.servlet.http.HttpSession; import javax.validation.Valid; import java.util.*; +import java.util.regex.Pattern; @RestController @Slf4j @@ -230,6 +231,10 @@ public class RegisterController { if (!phoneNum.equals(userRegisterEntity.getMobile())) { return ResultVOUtils.error(500, "手机号与获取验证码不一致"); } + boolean matches = Pattern.matches("^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z\\\\W_.*%@!]+$)(?![a-z0-9]+$)(?![a-z\\\\W_.;*%@!]+$)(?![0-9\\\\W_.;*%@!]+$)[a-zA-Z0-9\\\\W_.;*%@!]{8,20}$", userRegisterEntity.getPassword()); + if(!matches){ + return ResultVOUtils.error(500, "密码需要包含大写字母、小写字符、数字、特殊字符(含_.%@!)其中任意三种,长度8-20位"); + } boolean isExitPhone = userRegisterService.isExit(userRegisterEntity.getMobile()); if (isExitPhone) { return ResultVOUtils.error(500, "该手机号已被注册"); @@ -267,7 +272,7 @@ public class RegisterController { } userRegisterEntity.setUserName(userName); UserRegisterEntity userRegisterEntity1 = userRegisterService.selectByMobile(userRegisterEntity.getMobile()); - if(userRegisterEntity1!=null){ + if (userRegisterEntity1 != null) { userRegisterService.deleteByMobile(userRegisterEntity.getMobile()); } boolean b = userRegisterService.insertUserRegister(userRegisterEntity); @@ -297,26 +302,27 @@ public class RegisterController { if ((System.currentTimeMillis() - lastTime) > 1000 * 60 * 5) { return ResultVOUtils.error(500, "验证码已过期,请重新获取"); } - if (checkCode != resetPasswdRequest.getCheckCode()) { - return ResultVOUtils.error(500, "验证码错误,请重新获取"); - } - if (!phoneNum.equals(resetPasswdRequest.getMobile())) { - return ResultVOUtils.error(500, "手机号与获取验证码不一致"); - } - AuthAdmin authAdmin = authAdminService.findByUserName(resetPasswdRequest.getUserName()); - if (authAdmin == null) { - return ResultVOUtils.error(500, "该用户不存在"); + if (checkCode != resetPasswdRequest.getCheckCode() || !phoneNum.equals(resetPasswdRequest.getMobile())) { + return ResultVOUtils.error(500, "验证码错误"); } - CustomerContactEntity customerContactEntity = customerContactService.selectById(Long.valueOf(String.valueOf(authAdmin.getCustomerId()))); - if (customerContactEntity != null && customerContactEntity.getMobile().equals(phoneNum)) { - authAdmin.setPassWord(resetPasswdRequest.getPassword()); - authAdmin.setLastModifyTime(new Date()); - authAdminService.updateAuthAdmin(authAdmin); - } else { - return ResultVOUtils.error(500, "手机号与该用户不匹配"); + try { + AuthAdmin authAdmin = authAdminService.findByUserName(resetPasswdRequest.getUserName()); + if (authAdmin == null) { + return ResultVOUtils.error(500, "该用户不存在"); + } + CustomerContactEntity customerContactEntity = customerContactService.selectById(Long.valueOf(String.valueOf(authAdmin.getCustomerId()))); + if (customerContactEntity != null && customerContactEntity.getMobile().equals(phoneNum)) { + authAdmin.setPassWord(resetPasswdRequest.getPassword()); + authAdmin.setLastModifyTime(new Date()); + authAdmin.setLastUpdatePwdTime(new Date()); + authAdminService.updateAuthAdmin(authAdmin); + } else { + return ResultVOUtils.error(500, "手机号与该用户不匹配"); + } + return ResultVOUtils.success("密码修改成功"); + } finally { + redisUtil.del(Constant.CAPTCHAS + resetPasswdRequest.getMobile()); } - - return ResultVOUtils.success("密码修改成功"); } @PostMapping("salewarehouse/register/check") @@ -381,6 +387,7 @@ public class RegisterController { authAdmin.setEmployeeName(userRegisterEntity.getNickName()); authAdmin.setUserFlag(1); authAdmin.setLastModifyTime(new Date()); + authAdmin.setLastUpdatePwdTime(new Date(userRegisterEntity.getRegisterTime())); authAdminService.insertAuthAdmin(authAdmin); authAdmin = authAdminService.findByUserName(authAdmin.getUserName()); diff --git a/api-admin/src/main/java/com/glxp/sale/admin/entity/auth/AuthAdmin.java b/api-admin/src/main/java/com/glxp/sale/admin/entity/auth/AuthAdmin.java index ec4efa5..cc3f2a8 100644 --- a/api-admin/src/main/java/com/glxp/sale/admin/entity/auth/AuthAdmin.java +++ b/api-admin/src/main/java/com/glxp/sale/admin/entity/auth/AuthAdmin.java @@ -24,6 +24,10 @@ public class AuthAdmin { private Integer userFlag; private Date lastModifyTime; + /** + * 最后一次修改密码时间 + */ + private Date lastUpdatePwdTime; private String comments; private String employeeName; private String CustomerId; diff --git a/api-admin/src/main/java/com/glxp/sale/admin/req/auth/AuthAdminSaveRequest.java b/api-admin/src/main/java/com/glxp/sale/admin/req/auth/AuthAdminSaveRequest.java index 9369242..9517aaa 100644 --- a/api-admin/src/main/java/com/glxp/sale/admin/req/auth/AuthAdminSaveRequest.java +++ b/api-admin/src/main/java/com/glxp/sale/admin/req/auth/AuthAdminSaveRequest.java @@ -3,7 +3,6 @@ package com.glxp.sale.admin.req.auth; import lombok.Data; import javax.validation.constraints.NotEmpty; -import javax.validation.constraints.NotNull; import java.util.List; /** diff --git a/api-admin/src/main/java/com/glxp/sale/admin/req/auth/ResetPasswdRequest.java b/api-admin/src/main/java/com/glxp/sale/admin/req/auth/ResetPasswdRequest.java index b7e4966..c3795a0 100644 --- a/api-admin/src/main/java/com/glxp/sale/admin/req/auth/ResetPasswdRequest.java +++ b/api-admin/src/main/java/com/glxp/sale/admin/req/auth/ResetPasswdRequest.java @@ -2,12 +2,24 @@ package com.glxp.sale.admin.req.auth; import lombok.Data; +import javax.validation.constraints.NotEmpty; +import javax.validation.constraints.Pattern; + @Data public class ResetPasswdRequest { + @NotEmpty(message = "密码不能为空") + @Pattern(regexp = "^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z\\\\W_.*%@!]+$)(?![a-z0-9]+$)(?![a-z\\\\W_.;*%@!]+$)(?![0-9\\\\W_.;*%@!]+$)[a-zA-Z0-9\\\\W_.;*%@!]{8,20}$" + , message = "密码需要包含大写字母、小写字符、数字、特殊字符(含_.%@!)其中任意三种,长度8-20位") private String password; + @NotEmpty(message = "手机号不能为空") private String mobile; + @NotEmpty(message = "确认密码不能为空") + @Pattern(regexp = "^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z\\\\W_.*%@!]+$)(?![a-z0-9]+$)(?![a-z\\\\W_.;*%@!]+$)(?![0-9\\\\W_.;*%@!]+$)[a-zA-Z0-9\\\\W_.;*%@!]{8,20}$" + , message = "密码需要包含大写字母、小写字符、数字、特殊字符(含_.%@!)其中任意三种,长度8-20位") private String confirmPassword; - private int checkCode; + @NotEmpty(message = "验证码不能为空") + private int checkCode; + @NotEmpty(message = "用户名不能为空") private String userName; } diff --git a/api-admin/src/main/java/com/glxp/sale/admin/req/auth/UpdatePasswordRequest.java b/api-admin/src/main/java/com/glxp/sale/admin/req/auth/UpdatePasswordRequest.java index fa7890b..b3c6bdb 100644 --- a/api-admin/src/main/java/com/glxp/sale/admin/req/auth/UpdatePasswordRequest.java +++ b/api-admin/src/main/java/com/glxp/sale/admin/req/auth/UpdatePasswordRequest.java @@ -4,6 +4,7 @@ import lombok.Data; import javax.validation.constraints.NotEmpty; import javax.validation.constraints.NotNull; +import javax.validation.constraints.Pattern; /** * 修改密码的表单 @@ -18,6 +19,8 @@ public class UpdatePasswordRequest { private String oldPassword; @NotEmpty(message = "请输入新密码") + @Pattern(regexp = "^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z\\\\W_.*%@!]+$)(?![a-z0-9]+$)(?![a-z\\\\W_.;*%@!]+$)(?![0-9\\\\W_.;*%@!]+$)[a-zA-Z0-9\\\\W_.;*%@!]{8,20}$" + , message = "密码需要包含大写字母、小写字符、数字、特殊字符(含_.%@!)其中任意三种,长度8-20位") private String newPassword; } diff --git a/api-admin/src/main/java/com/glxp/sale/admin/res/auth/LoginResponse.java b/api-admin/src/main/java/com/glxp/sale/admin/res/auth/LoginResponse.java index d02be45..9f4aaee 100644 --- a/api-admin/src/main/java/com/glxp/sale/admin/res/auth/LoginResponse.java +++ b/api-admin/src/main/java/com/glxp/sale/admin/res/auth/LoginResponse.java @@ -10,4 +10,6 @@ public class LoginResponse { private String dept; private String deptName; + private boolean needChangePwd = false; + } diff --git a/api-admin/src/main/resources/mybatis/mapper/auth/AuthAdminDao.xml b/api-admin/src/main/resources/mybatis/mapper/auth/AuthAdminDao.xml index 320912e..8c4049e 100644 --- a/api-admin/src/main/resources/mybatis/mapper/auth/AuthAdminDao.xml +++ b/api-admin/src/main/resources/mybatis/mapper/auth/AuthAdminDao.xml @@ -143,6 +143,7 @@ lastLoginIp=#{lastLoginIp}, lastLoginTime=#{lastLoginTime}, lastModifyTime=#{lastModifyTime}, + lastUpdatePwdTime=#{lastUpdatePwdTime}, userFlag=#{userFlag}, employeeName=#{employeeName}, locInvCode=#{locInvCode}, diff --git a/api-admin/src/main/resources/schemas/schema_v2.2.sql b/api-admin/src/main/resources/schemas/schema_v2.2.sql index 96d4762..dc54e9c 100644 --- a/api-admin/src/main/resources/schemas/schema_v2.2.sql +++ b/api-admin/src/main/resources/schemas/schema_v2.2.sql @@ -16,3 +16,6 @@ CALL Pro_Temp_ColumnWork('basic_udirel', 'useMuti', 'tinyint', 1); CALL Pro_Temp_ColumnWork('basic_udirel', 'useNum', 'int', 1); +CALL Pro_Temp_ColumnWork('auth_user', 'lastUpdatePwdTime', 'datetime ', 1); + +