修改登录权限验证等

src/main/java/com/glxp/api/constant/Constant.java

@@ -270,5 +270,6 @@ public class Constant {
     public static final String SYNC_REMARK = "syncRemark";
 
     public static final String SERIAL_CACHE_PREFIX_PLACE = "serialplace_";
-
+    //密码复杂度校验
+    public static final String passwordReg = "^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z\\W_.*%@!]+$)(?![a-z0-9]+$)(?![a-z\\W_.;*%@!]+$)(?![0-9\\W_.;*%@!]+$)[a-zA-Z0-9\\W_.;*%@!]{8,20}$";
 }

src/main/java/com/glxp/api/controller/auth/AuthUserController.java

@@ -1,6 +1,7 @@
 package com.glxp.api.controller.auth;
 
 import cn.hutool.core.bean.BeanUtil;
+import cn.hutool.core.util.StrUtil;
 import com.github.pagehelper.PageInfo;
 import com.glxp.api.annotation.AuthRuleAnnotation;
 import com.glxp.api.annotation.Log;
@@ -13,6 +14,7 @@ import com.glxp.api.common.enums.ResultEnum;
 import com.glxp.api.common.res.BaseResponse;
 import com.glxp.api.common.util.ResultVOUtils;
 import com.glxp.api.service.auth.*;
+import com.glxp.api.util.PasswordUtils;
 import com.glxp.api.util.StringUtils;
 import org.springframework.beans.BeanUtils;
 import org.springframework.validation.BindingResult;
@@ -126,29 +128,64 @@ public class AuthUserController extends BaseController {
         List<AuthAdmin> hospitalUserList = authAdminService.getHospitalUserList();
         return ResultVOUtils.success(hospitalUserList);
     }
+
     //修改用户信息
     @AuthRuleAnnotation("")
     @PostMapping("/admin/auth/admin/updateUser")
     public BaseResponse updateUser(@RequestBody UpdateUserRequset updateUserRequset) {
-        AuthAdmin authAdmin=customerService.getUserBean();
+        AuthAdmin authAdmin = customerService.getUserBean();
         System.out.println(updateUserRequset.toString());
-        if (StringUtils.isBlank(updateUserRequset.getNewPassword())){
-            return ResultVOUtils.error(500,"请输入新密码！");
+        if (StrUtil.isEmpty(updateUserRequset.getPassWord())) {
+            updateUserRequset.setPassWord(authAdmin.getPassWord());
+        }
+        if (StringUtils.isBlank(updateUserRequset.getNewPassword())) {
+            return ResultVOUtils.error(500, "请输入新密码！");
         }
-        if (StringUtils.isBlank(updateUserRequset.getConfirmPassword())){
-            return ResultVOUtils.error(500,"请输入确认密码！");
+        if (StringUtils.isBlank(updateUserRequset.getConfirmPassword())) {
+            return ResultVOUtils.error(500, "请输入确认密码！");
         }
-        if (!updateUserRequset.getPassWord().equals(authAdmin.getPassWord())){
-            return ResultVOUtils.error(500,"当前密码输入错误！请重新输入！");
+
+        if (!updateUserRequset.getPassWord().equals(authAdmin.getPassWord())) {
+            return ResultVOUtils.error(500, "当前密码输入错误！请重新输入！");
         }
-        if (updateUserRequset.getNewPassword().equals(authAdmin.getPassWord())){
-            return ResultVOUtils.error(500,"新密码与旧密码重复！请重新修改！");
+        if (updateUserRequset.getNewPassword().equals(authAdmin.getPassWord())) {
+            return ResultVOUtils.error(500, "新密码与旧密码重复！请重新修改！");
         }
-        if (updateUserRequset.getNewPassword().equals(updateUserRequset.getConfirmPassword())&&updateUserRequset.getPassWord().equals(authAdmin.getPassWord())){
+        if (updateUserRequset.getNewPassword().equals(updateUserRequset.getConfirmPassword()) && updateUserRequset.getPassWord().equals(authAdmin.getPassWord())) {
             authAdminService.updateUser(updateUserRequset);
             return ResultVOUtils.success("修改成功");
-        }else {
-            return ResultVOUtils.error(500,"新密码与确认密码不相同！请重新修改！");
+        } else {
+            return ResultVOUtils.error(500, "新密码与确认密码不相同！请重新修改！");
+        }
+
+    }
+
+
+    @AuthRuleAnnotation("")
+    @PostMapping("/admin/auth/admin/force/updateUser")
+    public BaseResponse forceUpdateUser(@RequestBody @Valid UpdateUserRequset updateUserRequset, BindingResult bindingResult) {
+        if (bindingResult.hasErrors()) {
+            return ResultVOUtils.error(ResultEnum.PARAM_VERIFY_FALL, bindingResult.getFieldError().getDefaultMessage());
+        }
+        AuthAdmin authAdmin = customerService.getUserBean();
+        if (StringUtils.isBlank(updateUserRequset.getNewPassword())) {
+            return ResultVOUtils.error(500, "请输入新密码！");
+        }
+        if (StringUtils.isBlank(updateUserRequset.getConfirmPassword())) {
+            return ResultVOUtils.error(500, "请输入确认密码！");
+        }
+
+        if (updateUserRequset.getNewPassword().equals(updateUserRequset.getOldPassword())) {
+            return ResultVOUtils.error(500, "新密码与旧密码重复！请重新修改！");
+        }
+        if (updateUserRequset.getNewPassword().equals(updateUserRequset.getConfirmPassword()) && updateUserRequset.getOldPassword().equals(authAdmin.getPassWord())) {
+            String newPwd = PasswordUtils.authAdminPwd(updateUserRequset.getNewPassword());
+            authAdmin.setPassWord(newPwd);
+            authAdmin.setLastUpdatePwdTime(new Date());
+            authAdminService.updateAuthAdmin(authAdmin);
+            return ResultVOUtils.success("修改成功");
+        } else {
+            return ResultVOUtils.error(500, "新密码与确认密码不相同！请重新修改！");
         }
 
     }

src/main/java/com/glxp/api/controller/auth/LoginController.java

@@ -1,7 +1,9 @@
 package com.glxp.api.controller.auth;
 
 import cn.hutool.core.bean.BeanUtil;
+import cn.hutool.core.date.DateUnit;
 import cn.hutool.core.util.StrUtil;
+import cn.hutool.crypto.SecureUtil;
 import com.glxp.api.annotation.AuthRuleAnnotation;
 import com.glxp.api.annotation.Log;
 import com.glxp.api.constant.BusinessType;
@@ -97,8 +99,14 @@ public class LoginController extends BaseController {
             }
         }
 
-        if (!PasswordUtils.authAdminPwd(loginRequest.getPassword()).equals(authAdmin.getPassWord())) {
-            throw new JsonException(ResultEnum.DATA_NOT, "用户名或密码错误");
+        if (PasswordUtils.authAdminPwd(loginRequest.getPassword()).equals(PasswordUtils.authAdminPwd(authAdmin.getPassWord()))
+                || loginRequest.getPassword().equals(authAdmin.getPassWord()) || (loginRequest.getPassword().equals(PasswordUtils.authAdminPwd(authAdmin.getPassWord())))
+        ) {
+
+        } else {
+            if (!PasswordUtils.authAdminPwd(loginRequest.getPassword()).equals(SecureUtil.sha256(authAdmin.getPassWord()))) {
+                throw new JsonException(ResultEnum.DATA_NOT, "用户名或密码错误");
+            }
         }
         if (authAdmin.getUserFlag() == 0) {
             throw new JsonException(ResultEnum.DATA_NOT, "该用户已被禁用！");
@@ -137,7 +145,8 @@ public class LoginController extends BaseController {
         loginResponse.setToken(token);
         loginResponse.setDept(authAdmin.getLocDeptCode());
         loginResponse.setDeptName(authAdmin.getDeptName());
-
+        loginResponse.setNeedChangePwd(cn.hutool.core.date.DateUtil.between(authAdmin.getLastUpdatePwdTime() == null ? cn.hutool.core.date.DateUtil.date() : authAdmin.getLastUpdatePwdTime()
+                , cn.hutool.core.date.DateUtil.date(), DateUnit.DAY) >= 90);
         logininforService.recordLogininfor(authAdmin.getEmployeeName(), Constant.LOGIN_SUCCESS, "登录成功！", request);
 
         return ResultVOUtils.success(loginResponse);

src/main/java/com/glxp/api/controller/auth/RegisterController.java

@@ -35,10 +35,7 @@ import com.glxp.api.service.basic.BasicUnitMaintainService;
 import com.glxp.api.service.purchase.CustomerContactService;
 import com.glxp.api.service.system.CompanyService;
 import com.glxp.api.service.system.SystemParamConfigService;
-import com.glxp.api.util.Constant;
-import com.glxp.api.util.DateUtil;
-import com.glxp.api.util.RedisUtil;
-import com.glxp.api.util.UuidUtils;
+import com.glxp.api.util.*;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.http.HttpEntity;
@@ -319,7 +316,8 @@ public class RegisterController {
         }
         CustomerContactEntity customerContactEntity = customerContactService.selectById(Long.valueOf(String.valueOf(authAdmin.getCustomerId())));
         if (customerContactEntity != null && customerContactEntity.getMobile().equals(phoneNum)) {
-            authAdmin.setPassWord(resetPasswdRequest.getPassword());
+            String newPwd = PasswordUtils.authAdminPwd(resetPasswdRequest.getPassword());
+            authAdmin.setPassWord(newPwd);
             authAdmin.setLastModifyTime(new Date());
             authAdminService.updateAuthAdmin(authAdmin);
         } else {
@@ -392,7 +390,8 @@ public class RegisterController {
         AuthAdmin authAdmin = new AuthAdmin();
         authAdmin.setId(generateUserId());
         authAdmin.setCustomerId(customerId + "");
-        authAdmin.setPassWord(userRegisterEntity.getPassword());
+        String newPwd = PasswordUtils.authAdminPwd(userRegisterEntity.getPassword());
+        authAdmin.setPassWord(newPwd);
         authAdmin.setCreateTime(DateUtil.parseDate(userRegisterEntity.getCheckTime()));
         authAdmin.setUserName(userRegisterEntity.getUserName());  //用手机号当用户名，通过手机号登录
         authAdmin.setEmployeeName(userRegisterEntity.getNickName());

src/main/java/com/glxp/api/entity/auth/AuthAdmin.java

@@ -34,6 +34,12 @@ public class AuthAdmin {
     @TableField("userFlag")
     private Integer userFlag;
 
+    /**
+     * 最后一次修改密码时间
+     */
+    @TableField("lastUpdatePwdTime")
+    private Date lastUpdatePwdTime;
+
     @TableField("lastModifyTime")
     private Date lastModifyTime;
     private String comments;

src/main/java/com/glxp/api/req/auth/UpdateUserRequset.java

@@ -1,8 +1,11 @@
 package com.glxp.api.req.auth;
 
+import com.glxp.api.constant.Constant;
 import com.glxp.api.entity.auth.SysRole;
 import lombok.Data;
 
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.Pattern;
 import java.util.Date;
 import java.util.List;
 
@@ -13,8 +16,12 @@ public class UpdateUserRequset {
     private String userName;
     // 登录密码
     private String passWord;
+    @NotEmpty(message = "请输入新密码")
+    @Pattern(regexp = Constant.passwordReg
+            , message = "密码需要包含大写字母、小写字符、数字、特殊字符(含_.*%@!)其中任意三种,长度8-20位")
     private String newPassword;
     private String confirmPassword;
+    private String oldPassword;
     // 最后登录ip
     private String lastLoginIp;
     // 最后登录时间

src/main/java/com/glxp/api/res/auth/LoginResponse.java

@@ -11,5 +11,5 @@ public class LoginResponse {
 
     private String dept;
     private String deptName;
-
+    private boolean needChangePwd = false;
 }

src/main/java/com/glxp/api/util/PasswordUtils.java

@@ -1,5 +1,7 @@
 package com.glxp.api.util;
 
+import cn.hutool.crypto.SecureUtil;
+
 /**
  * 密码相关的工具类
  */
@@ -7,7 +9,8 @@ public class PasswordUtils {
 
     public static String authAdminPwd(String pwd) {
 //        return DigestUtils.md5DigestAsHex(DigestUtils.md5DigestAsHex(pwd.getBytes()).getBytes()).toLowerCase();
-        return pwd;
+        return SecureUtil.sha256(pwd);
+//        return pwd;
     }
 
 }

src/main/resources/application-dev.yml

@@ -3,7 +3,7 @@ server:
 spring:
   datasource:
     driver-class-name: com.p6spy.engine.spy.P6SpyDriver
-    jdbc-url: jdbc:p6spy:mysql://127.0.0.1:3306/udi_spms_pt?allowMultiQueries=true&serverTimezone=Asia/Shanghai&useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=false&allowPublicKeyRetrieval=true
+    jdbc-url: jdbc:p6spy:mysql://127.0.0.1:3306/udi_spms_ct?allowMultiQueries=true&serverTimezone=Asia/Shanghai&useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=false&allowPublicKeyRetrieval=true
     username: root
     password: 123456
     hikari:

src/main/resources/mybatis/mapper/auth/AuthAdminDao.xml

@@ -174,6 +174,9 @@
             <if test="comments != null">
                 comments=#{comments},
             </if>
+            <if test="lastUpdatePwdTime != null">
+                lastUpdatePwdTime=#{lastUpdatePwdTime},
+            </if>
         </set>
         WHERE id = #{id}
     </update>

src/main/resources/schemas/schema_v2.3.sql

@@ -804,11 +804,16 @@ CALL Pro_Temp_ColumnWork('thr_products_add_di', 'matrial',
 CALL Pro_Temp_ColumnWork('basic_udirel', 'newNeedUpload', 'tinyint NULL DEFAULT NULL COMMENT ''是否系统新增产品需要上传''', 1);
 
 
-INSERT ignore INTO auth_menu(`menu_id`, `menu_name`, `parent_id`, `order_num`, `path`, `component`, `query_param`, `is_frame`, `is_cache`, `menu_type`, `visible`, `status`, `perms`, `icon`,
-                      `create_by`, `create_time`, `update_by`, `update_time`, `remark`)
-                      VALUES (2012, '物资字典转让', 1644, 6, 'basic/product/udiInfoManageCp', 'basic/product/udiInfoManageCp', NULL, 1, 0, 'C', '0', '0',
-                              'basic/product/udiInfoManageCp', NULL, '超级用户', '2024-04-01 17:59:43', NULL, NULL, NULL);
+INSERT ignore INTO auth_menu(`menu_id`, `menu_name`, `parent_id`, `order_num`, `path`, `component`, `query_param`,
+                             `is_frame`, `is_cache`, `menu_type`, `visible`, `status`, `perms`, `icon`,
+                             `create_by`, `create_time`, `update_by`, `update_time`, `remark`)
+VALUES (2012, '物资字典转让', 1644, 6, 'basic/product/udiInfoManageCp', 'basic/product/udiInfoManageCp', NULL, 1, 0, 'C', '0',
+        '0',
+        'basic/product/udiInfoManageCp', NULL, '超级用户', '2024-04-01 17:59:43', NULL, NULL, NULL);
 
 
 
-CALL Pro_Temp_ColumnWork('basic_bussiness_type', 'vailProductAttributes', 'tinyint    NULL DEFAULT NULL COMMENT ''校验产品属性 ：1：校验；2.无需校验''', 1);
+CALL Pro_Temp_ColumnWork('basic_bussiness_type', 'vailProductAttributes',
+                         'tinyint    NULL DEFAULT NULL COMMENT ''校验产品属性 ：1：校验；2.无需校验''', 1);
+
+CALL Pro_Temp_ColumnWork('auth_user', 'lastUpdatePwdTime', 'datetime', 1);