等保用户密码相关问题

2 years ago · b58ce6b018
parent e55462b303
commit b58ce6b018
10 changed files with 75 additions and 40 deletions
--- a/api-admin/src/main/java/com/glxp/sale/admin/controller/auth/AuthAdminController.java
+++ b/api-admin/src/main/java/com/glxp/sale/admin/controller/auth/AuthAdminController.java
@ -2,7 +2,6 @@ package com.glxp.sale.admin.controller.auth;

 import com.github.pagehelper.PageInfo;
 import com.glxp.sale.admin.annotation.AuthRuleAnnotation;
-import com.glxp.sale.admin.dao.inout.WarehouseUserDao;
 import com.glxp.sale.admin.entity.auth.AuthAdmin;
 import com.glxp.sale.admin.entity.auth.AuthRole;
 import com.glxp.sale.admin.entity.auth.AuthRoleAdmin;
@ -18,16 +17,13 @@ import com.glxp.sale.admin.req.inventory.FilterInvUserRequest;
 import com.glxp.sale.admin.res.PageSimpleResponse;
 import com.glxp.sale.admin.res.auth.AuthAdminResponse;
 import com.glxp.sale.admin.res.auth.AuthAdminRoleResponse;
-import com.glxp.sale.admin.res.inventory.InvWarehouseResponse;
 import com.glxp.sale.admin.service.auth.AuthAdminService;
 import com.glxp.sale.admin.service.auth.AuthRoleAdminService;
 import com.glxp.sale.admin.service.auth.AuthRoleService;
 import com.glxp.sale.admin.service.auth.CustomerInfoService;
-import com.glxp.sale.admin.service.basic.BussinessTypeService;
 import com.glxp.sale.admin.service.inout.WarehouseUserService;
 import com.glxp.sale.admin.service.inventory.InvBusUserService;
 import com.glxp.sale.admin.service.inventory.InvSubWarehouseService;
-import com.glxp.sale.admin.service.inventory.InvWarehouseService;
 import com.glxp.sale.admin.util.PasswordUtils;
 import com.glxp.sale.common.enums.ResultEnum;
 import com.glxp.sale.common.res.BaseResponse;
@ -42,6 +38,7 @@ import javax.annotation.Resource;
 import javax.servlet.http.HttpServletRequest;
 import javax.validation.Valid;
 import java.util.*;
+import java.util.regex.Pattern;
 import java.util.stream.Collectors;

 /**
@ -276,7 +273,12 @@ public class AuthAdminController {
        AuthAdmin authAdmin = new AuthAdmin();
        BeanUtils.copyProperties(authAdminSaveRequest, authAdmin);
        if (authAdmin.getPassWord() != null) {
+            boolean matches = Pattern.matches("^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z\\\\W_.*%@!]+$)(?![a-z0-9]+$)(?![a-z\\\\W_.;*%@!]+$)(?![0-9\\\\W_.;*%@!]+$)[a-zA-Z0-9\\\\W_.;*%@!]{8,20}$", authAdmin.getPassWord());
+            if(!matches){
+                return ResultVOUtils.error(ResultEnum.PARAM_VERIFY_FALL, "密码需要包含大写字母、小写字符、数字、特殊字符(含_.%@!)其中任意三种,长度8-20位");
+            }
            authAdmin.setPassWord(PasswordUtils.authAdminPwd(authAdmin.getPassWord()));
+            authAdmin.setLastUpdatePwdTime(new Date());
        }
        authAdmin.setLastModifyTime(new Date());
        boolean b = authAdminService.updateAuthAdmin(authAdmin);
@ -332,8 +334,6 @@ public class AuthAdminController {
    public BaseResponse delete(@RequestBody AuthAdminSaveRequest authAdminSaveRequest) {


-
-
        FilterInvUserRequest warehouseUser = new FilterInvUserRequest();
        warehouseUser.setUserid(authAdminSaveRequest.getId());
        List<WarehouseUserEntity> warehouseUserEntityList = warehouseUserService.filterWarehouseUsers(warehouseUser);
--- a/api-admin/src/main/java/com/glxp/sale/admin/controller/auth/LoginController.java
+++ b/api-admin/src/main/java/com/glxp/sale/admin/controller/auth/LoginController.java
@ -1,5 +1,6 @@
 package com.glxp.sale.admin.controller.auth;

+import cn.hutool.core.date.DateUnit;
 import cn.hutool.core.util.StrUtil;
 import com.glxp.sale.admin.annotation.AuthRuleAnnotation;
 import com.glxp.sale.admin.dao.auth.AuthLicenseDao;
@ -146,6 +147,8 @@ public class LoginController {
        loginResponse.setToken(token);
        loginResponse.setDept(authAdmin.getDept());
        loginResponse.setDeptName(authAdmin.getDeptName());
+        loginResponse.setNeedChangePwd(cn.hutool.core.date.DateUtil.between(authAdmin.getLastUpdatePwdTime() == null ? cn.hutool.core.date.DateUtil.date():authAdmin.getLastUpdatePwdTime()
+                , cn.hutool.core.date.DateUtil.date(), DateUnit.DAY)>=90);
        return ResultVOUtils.success(loginResponse);
    }

@ -300,7 +303,8 @@ public class LoginController {
        authAdminUp.setId(authAdmin.getId());
        String newPwd = PasswordUtils.authAdminPwd(updatePasswordRequest.getNewPassword());
        authAdminUp.setPassWord(newPwd);
-        authAdmin.setLastModifyTime(new Date());
+        authAdminUp.setLastModifyTime(new Date());
+        authAdminUp.setLastUpdatePwdTime(new Date());
        boolean b = authAdminService.updateAuthAdmin(authAdminUp);
        if (b) {
            return ResultVOUtils.success();
--- a/api-admin/src/main/java/com/glxp/sale/admin/controller/auth/RegisterController.java
+++ b/api-admin/src/main/java/com/glxp/sale/admin/controller/auth/RegisterController.java
@ -49,6 +49,7 @@ import javax.annotation.Resource;
 import javax.servlet.http.HttpSession;
 import javax.validation.Valid;
 import java.util.*;
+import java.util.regex.Pattern;

@RestController
@Slf4j
@ -230,6 +231,10 @@ public class RegisterController {
        if (!phoneNum.equals(userRegisterEntity.getMobile())) {
            return ResultVOUtils.error(500, "手机号与获取验证码不一致");
        }
+        boolean matches = Pattern.matches("^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z\\\\W_.*%@!]+$)(?![a-z0-9]+$)(?![a-z\\\\W_.;*%@!]+$)(?![0-9\\\\W_.;*%@!]+$)[a-zA-Z0-9\\\\W_.;*%@!]{8,20}$", userRegisterEntity.getPassword());
+        if(!matches){
+            return ResultVOUtils.error(500, "密码需要包含大写字母、小写字符、数字、特殊字符(含_.%@!)其中任意三种,长度8-20位");
+        }
        boolean isExitPhone = userRegisterService.isExit(userRegisterEntity.getMobile());
        if (isExitPhone) {
            return ResultVOUtils.error(500, "该手机号已被注册");
@ -297,12 +302,10 @@ public class RegisterController {
        if ((System.currentTimeMillis() - lastTime) > 1000 * 60 * 5) {
            return ResultVOUtils.error(500, "验证码已过期，请重新获取");
        }
-        if (checkCode != resetPasswdRequest.getCheckCode()) {
-            return ResultVOUtils.error(500, "验证码错误，请重新获取");
-        }
-        if (!phoneNum.equals(resetPasswdRequest.getMobile())) {
-            return ResultVOUtils.error(500, "手机号与获取验证码不一致");
+        if (checkCode != resetPasswdRequest.getCheckCode() || !phoneNum.equals(resetPasswdRequest.getMobile())) {
+            return ResultVOUtils.error(500, "验证码错误");
        }
+        try {
            AuthAdmin authAdmin = authAdminService.findByUserName(resetPasswdRequest.getUserName());
            if (authAdmin == null) {
                return ResultVOUtils.error(500, "该用户不存在");
@ -311,12 +314,15 @@ public class RegisterController {
            if (customerContactEntity != null && customerContactEntity.getMobile().equals(phoneNum)) {
                authAdmin.setPassWord(resetPasswdRequest.getPassword());
                authAdmin.setLastModifyTime(new Date());
+                authAdmin.setLastUpdatePwdTime(new Date());
                authAdminService.updateAuthAdmin(authAdmin);
            } else {
                return ResultVOUtils.error(500, "手机号与该用户不匹配");
            }
-
            return ResultVOUtils.success("密码修改成功");
+        } finally {
+            redisUtil.del(Constant.CAPTCHAS + resetPasswdRequest.getMobile());
+        }
    }

    @PostMapping("salewarehouse/register/check")
@ -381,6 +387,7 @@ public class RegisterController {
        authAdmin.setEmployeeName(userRegisterEntity.getNickName());
        authAdmin.setUserFlag(1);
        authAdmin.setLastModifyTime(new Date());
+        authAdmin.setLastUpdatePwdTime(new Date(userRegisterEntity.getRegisterTime()));
        authAdminService.insertAuthAdmin(authAdmin);
        authAdmin = authAdminService.findByUserName(authAdmin.getUserName());

--- a/api-admin/src/main/java/com/glxp/sale/admin/entity/auth/AuthAdmin.java
+++ b/api-admin/src/main/java/com/glxp/sale/admin/entity/auth/AuthAdmin.java
@ -24,6 +24,10 @@ public class AuthAdmin {
    private Integer userFlag;

    private Date lastModifyTime;
+    /**
+     * 最后一次修改密码时间
+     */
+    private Date lastUpdatePwdTime;
    private String comments;
    private String employeeName;
    private String CustomerId;
--- a/api-admin/src/main/java/com/glxp/sale/admin/req/auth/AuthAdminSaveRequest.java
+++ b/api-admin/src/main/java/com/glxp/sale/admin/req/auth/AuthAdminSaveRequest.java
@ -3,7 +3,6 @@ package com.glxp.sale.admin.req.auth;
 import lombok.Data;

 import javax.validation.constraints.NotEmpty;
-import javax.validation.constraints.NotNull;
 import java.util.List;

 /**
--- a/api-admin/src/main/java/com/glxp/sale/admin/req/auth/ResetPasswdRequest.java
+++ b/api-admin/src/main/java/com/glxp/sale/admin/req/auth/ResetPasswdRequest.java
@ -2,12 +2,24 @@ package com.glxp.sale.admin.req.auth;

 import lombok.Data;

+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.Pattern;
+
@Data
 public class ResetPasswdRequest {

+    @NotEmpty(message = "密码不能为空")
+    @Pattern(regexp = "^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z\\\\W_.*%@!]+$)(?![a-z0-9]+$)(?![a-z\\\\W_.;*%@!]+$)(?![0-9\\\\W_.;*%@!]+$)[a-zA-Z0-9\\\\W_.;*%@!]{8,20}$"
+            , message = "密码需要包含大写字母、小写字符、数字、特殊字符(含_.%@!)其中任意三种,长度8-20位")
    private String password;
+    @NotEmpty(message = "手机号不能为空")
    private String mobile;
+    @NotEmpty(message = "确认密码不能为空")
+    @Pattern(regexp = "^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z\\\\W_.*%@!]+$)(?![a-z0-9]+$)(?![a-z\\\\W_.;*%@!]+$)(?![0-9\\\\W_.;*%@!]+$)[a-zA-Z0-9\\\\W_.;*%@!]{8,20}$"
+            , message = "密码需要包含大写字母、小写字符、数字、特殊字符(含_.%@!)其中任意三种,长度8-20位")
    private String confirmPassword;
+    @NotEmpty(message = "验证码不能为空")
    private int checkCode;
+    @NotEmpty(message = "用户名不能为空")
    private String userName;
 }
--- a/api-admin/src/main/java/com/glxp/sale/admin/req/auth/UpdatePasswordRequest.java
+++ b/api-admin/src/main/java/com/glxp/sale/admin/req/auth/UpdatePasswordRequest.java
@ -4,6 +4,7 @@ import lombok.Data;

 import javax.validation.constraints.NotEmpty;
 import javax.validation.constraints.NotNull;
+import javax.validation.constraints.Pattern;

 /**
 * 修改密码的表单
@ -18,6 +19,8 @@ public class UpdatePasswordRequest {
    private String oldPassword;

    @NotEmpty(message = "请输入新密码")
+    @Pattern(regexp = "^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z\\\\W_.*%@!]+$)(?![a-z0-9]+$)(?![a-z\\\\W_.;*%@!]+$)(?![0-9\\\\W_.;*%@!]+$)[a-zA-Z0-9\\\\W_.;*%@!]{8,20}$"
+            , message = "密码需要包含大写字母、小写字符、数字、特殊字符(含_.%@!)其中任意三种,长度8-20位")
    private String newPassword;

 }
--- a/api-admin/src/main/java/com/glxp/sale/admin/res/auth/LoginResponse.java
+++ b/api-admin/src/main/java/com/glxp/sale/admin/res/auth/LoginResponse.java
@ -10,4 +10,6 @@ public class LoginResponse {
    private String dept;
    private String deptName;

+    private boolean needChangePwd = false;
+
 }
--- a/api-admin/src/main/resources/mybatis/mapper/auth/AuthAdminDao.xml
+++ b/api-admin/src/main/resources/mybatis/mapper/auth/AuthAdminDao.xml
@ -143,6 +143,7 @@
            <if test="lastLoginIp != null">lastLoginIp=#{lastLoginIp},</if>
            <if test="lastLoginTime != null">lastLoginTime=#{lastLoginTime},</if>
            <if test="lastModifyTime != null">lastModifyTime=#{lastModifyTime},</if>
+            <if test="lastUpdatePwdTime != null">lastUpdatePwdTime=#{lastUpdatePwdTime},</if>
            <if test="userFlag != null">userFlag=#{userFlag},</if>
            <if test="employeeName != null">employeeName=#{employeeName},</if>
            <if test="locInvCode != null">locInvCode=#{locInvCode},</if>
--- a/api-admin/src/main/resources/schemas/schema_v2.2.sql
+++ b/api-admin/src/main/resources/schemas/schema_v2.2.sql
@ -16,3 +16,6 @@ CALL Pro_Temp_ColumnWork('basic_udirel', 'useMuti', 'tinyint', 1);
 CALL Pro_Temp_ColumnWork('basic_udirel', 'useNum', 'int', 1);


+CALL Pro_Temp_ColumnWork('auth_user', 'lastUpdatePwdTime', 'datetime ', 1);
+
+