超时修改密码

src/main/java/com/glxp/api/constant/Constant.java

@@ -295,4 +295,7 @@ public class Constant {
     public static final String ORDER_THIRD_STOCK = "stock";    //内部码
 
     public static final String SYNC_REMARK = "syncRemark";
+
+    //密码复杂度校验
+    public static final String passwordReg = "^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z\\W_.*%@!]+$)(?![a-z0-9]+$)(?![a-z\\W_.;*%@!]+$)(?![0-9\\W_.;*%@!]+$)[a-zA-Z0-9\\W_.;*%@!]{8,20}$";
 }

src/main/java/com/glxp/api/controller/auth/AuthUserController.java

@@ -138,7 +138,11 @@ public class AuthUserController extends BaseController {
     //修改用户信息
     @AuthRuleAnnotation("")
     @PostMapping("/admin/auth/admin/updateUser")
-    public BaseResponse updateUser(@RequestBody UpdateUserRequset updateUserRequset) {
+    public BaseResponse updateUser(@RequestBody @Valid UpdateUserRequset updateUserRequset,BindingResult bindingResult) {
+        if (bindingResult.hasErrors()) {
+            return ResultVOUtils.error(ResultEnum.PARAM_VERIFY_FALL.getCode(),
+                    bindingResult.getFieldError().getDefaultMessage());
+        }
         AuthAdmin authAdmin = customerService.getUserBean();
         System.out.println(updateUserRequset.toString());
         if (StringUtils.isBlank(updateUserRequset.getNewPassword())) {

src/main/java/com/glxp/api/controller/auth/LoginController.java

@@ -1,5 +1,7 @@
 package com.glxp.api.controller.auth;
 
+import cn.hutool.core.date.DateUnit;
+import cn.hutool.crypto.SecureUtil;
 import org.springframework.beans.BeanUtils;
 import cn.hutool.core.util.StrUtil;
 import com.glxp.api.annotation.AuthRuleAnnotation;
@@ -79,10 +81,14 @@ public class LoginController extends BaseController {
         if (authAdmin == null) {
             throw new JsonException(ResultEnum.DATA_NOT, "用户名或密码错误");
         }
-
+// &&  !PasswordUtils.authAdminPwd(loginRequest.getPassword()).equals(authAdmin.getPassWord())
-        if (!PasswordUtils.authAdminPwd(loginRequest.getPassword()).equals(authAdmin.getPassWord())) {
+        if (!PasswordUtils.authAdminPwd(loginRequest.getPassword()).equals(SecureUtil.sha256(authAdmin.getPassWord()))) {
             throw new JsonException(ResultEnum.DATA_NOT, "用户名或密码错误");
         }
+
+//        if (!PasswordUtils.authAdminPwd(loginRequest.getPassword()).equals(authAdmin.getPassWord())) {
+//            throw new JsonException(ResultEnum.DATA_NOT, "用户名或密码错误");
+//        }
         if (authAdmin.getUserFlag() == 0) {
             throw new JsonException(ResultEnum.DATA_NOT, "该用户已被禁用！");
         }
@@ -109,7 +115,7 @@ public class LoginController extends BaseController {
 
         Map<String, Object> claims = new HashMap<>();
         claims.put("admin_id", authAdmin.getId());
-        String token = JwtUtils.createToken(claims, 86400L); // 一天后过期
+        String token = JwtUtils.createToken(claims, 1800l); // 一天后过期
 
         Map<String, Object> map = new HashMap<>();
         map.put("id", authAdmin.getId());
@@ -120,7 +126,8 @@ public class LoginController extends BaseController {
         loginResponse.setToken(token);
         loginResponse.setDept(authAdmin.getLocDeptCode());
         loginResponse.setDeptName(authAdmin.getDeptName());
-
+        loginResponse.setNeedChangePwd(cn.hutool.core.date.DateUtil.between(authAdmin.getLastUpdatePwdTime() == null ? cn.hutool.core.date.DateUtil.date() : authAdmin.getLastUpdatePwdTime()
+                , cn.hutool.core.date.DateUtil.date(), DateUnit.DAY) >= 90);
         logininforService.recordLogininfor(authAdmin.getEmployeeName(), Constant.LOGIN_SUCCESS, "登录成功！", request);
 
         return ResultVOUtils.success(loginResponse);
@@ -370,6 +377,7 @@ public class LoginController extends BaseController {
 
         AuthAdmin authAdminUp = new AuthAdmin();
         authAdminUp.setId(authAdmin.getId());
+        authAdminUp.setLastUpdatePwdTime(new Date());
         String newPwd = PasswordUtils.authAdminPwd(updatePasswordRequest.getNewPassword());
         authAdminUp.setPassWord(newPwd);
         authAdmin.setLastModifyTime(new Date());

src/main/java/com/glxp/api/entity/auth/AuthAdmin.java

@@ -33,7 +33,11 @@ public class AuthAdmin {
     // 状态
     @TableField("userFlag")
     private Integer userFlag;
-
+    /**
+     * 最后一次修改密码时间
+     */
+    @TableField("lastUpdatePwdTime")
+    private Date lastUpdatePwdTime;
     @TableField("lastModifyTime")
     private Date lastModifyTime;
     private String comments;

src/main/java/com/glxp/api/req/auth/UpdatePasswordRequest.java

@@ -1,9 +1,11 @@
 package com.glxp.api.req.auth;
 
+import com.glxp.api.constant.Constant;
 import lombok.Data;
 
 import javax.validation.constraints.NotEmpty;
 import javax.validation.constraints.NotNull;
+import javax.validation.constraints.Pattern;
 
 /**
  * 修改密码的表单
@@ -18,6 +20,8 @@ public class UpdatePasswordRequest {
     private String oldPassword;
 
     @NotEmpty(message = "请输入新密码")
+    @Pattern(regexp = Constant.passwordReg
+            , message = "密码需要包含大写字母、小写字符、数字、特殊字符(含_.*%@!)其中任意三种,长度8-20位")
     private String newPassword;
 
 }

src/main/java/com/glxp/api/req/auth/UpdateUserRequset.java

@@ -1,9 +1,12 @@
 package com.glxp.api.req.auth;
 
 import com.baomidou.mybatisplus.annotation.TableField;
+import com.glxp.api.constant.Constant;
 import com.glxp.api.entity.auth.SysRole;
 import lombok.Data;
 
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.Pattern;
 import java.util.Date;
 import java.util.List;
 
@@ -14,6 +17,9 @@ public class UpdateUserRequset {
     private String userName;
     // 登录密码
     private String passWord;
+    @NotEmpty(message = "请输入新密码")
+    @Pattern(regexp = Constant.passwordReg
+            , message = "密码需要包含大写字母、小写字符、数字、特殊字符(含_.*%@!)其中任意三种,长度8-20位")
     private String newPassword;
     private String confirmPassword;
     // 最后登录ip

src/main/java/com/glxp/api/res/auth/LoginResponse.java

@@ -25,5 +25,7 @@ public class LoginResponse {
      */
     private List<PdaMainItemEntity> menus;
 
+    private boolean needChangePwd = false;
+
 
 }

src/main/java/com/glxp/api/service/auth/impl/AuthAdminServiceImpl.java

@@ -89,6 +89,7 @@ public class AuthAdminServiceImpl extends ServiceImpl<AuthAdminDao, AuthAdmin> i
             }
         }
         authAdmin.setCreateTime(new Date());
+        authAdmin.setLastUpdatePwdTime(new Date());
         return authAdminDao.insertAuthAdmin(authAdmin);
     }
 

src/main/resources/mybatis/mapper/auth/AuthAdminDao.xml

@@ -38,7 +38,6 @@
             </if>
         </where>
         ORDER BY id DESC
-
     </select>
 
     <select id="findByUserName" parameterType="hashmap" resultType="com.glxp.api.entity.auth.AuthAdmin">
@@ -70,7 +69,8 @@
 
     <insert id="insertAuthAdmin" keyProperty="id" parameterType="com.glxp.api.entity.auth.AuthAdmin">
         INSERT INTO auth_user( id, userName, passWord, lastLoginIp, lastLoginTime, createTime, userFlag
-                             , employeeName, CustomerId, lastModifyTime, locDeptCode, locInvCode, comments)
+                             , employeeName, CustomerId, lastModifyTime, locDeptCode, locInvCode, comments
+                             , lastUpdatePwdTime)
                 values
                 (#{id}, #{userName},
         <choose>
@@ -105,15 +105,15 @@
         #{CustomerId},
         #{lastModifyTime},
         #{locDeptCode},
-        #{locInvCode}, #{comments})
+        #{locInvCode}, #{comments}, #{lastUpdatePwdTime})
     </insert>
 
     <insert id="replaceAuthAdmin" keyProperty="id" parameterType="com.glxp.api.entity.auth.AuthAdmin">
         replace
                 INTO auth_user(id, userName, passWord, lastLoginIp,
-                              lastLoginTime, createTime, userFlag, lastModifyTime, employeeName,CustomerId,locDeptCode,locInvCode,comments)
+                               lastLoginTime, createTime, userFlag, lastModifyTime, employeeName, CustomerId,
-        values (
+                               locDeptCode, locInvCode, comments, lastUpdatePwdTime)
-        #{id},
+        values (#{id},
                 #{userName},
                 #{passWord},
                 #{lastLoginIp},
@@ -125,8 +125,7 @@
                 #{CustomerId},
                 #{locDeptCode},
                 #{locInvCode},
-        #{comments}
+                #{comments}, #{lastUpdatePwdTime})
-        )
     </insert>
 
 
@@ -148,6 +147,9 @@
             <if test="lastModifyTime != null">
                 lastModifyTime=#{lastModifyTime},
             </if>
+            <if test="lastUpdatePwdTime != null">
+                lastUpdatePwdTime=#{lastUpdatePwdTime},
+            </if>
             <if test="userFlag != null">
                 userFlag=#{userFlag},
             </if>
@@ -191,14 +193,14 @@
 
     <select id="selectNotSelectUser" resultType="com.glxp.api.entity.auth.AuthAdmin">
         select *
-        from auth_user left join auth_dept_user on auth_user.id=auth_dept_user.userId
+        from auth_user
+                     left join auth_dept_user on auth_user.id = auth_dept_user.userId
         <where>
             userFlag != 0
             <if test="deptId != null and '' != deptId">
                 AND auth_dept_user.deptId = #{deptId}
             </if>
             <if test="userIds != null and userIds.size() != 0">
-
                 and auth_user.id not in
 
                 <foreach collection="userIds" item="item" open="(" separator="," close=")">

src/main/resources/schemas/schema_v2.3.sql

@@ -896,3 +896,7 @@ CALL Pro_Temp_ColumnWork('basic_bussiness_type', 'checkReview', 'tinyint', 1);
 CALL Pro_Temp_ColumnWork('basic_bussiness_type', 'secCheckReview', 'tinyint', 1);
 CALL Pro_Temp_ColumnWork('basic_bussiness_type', 'thrCheckReview', 'tinyint', 1);
 CALL Pro_Temp_ColumnWork('basic_bussiness_type', 'editType', 'tinyint', 1);
+
+CALL Pro_Temp_ColumnWork('auth_user', 'lastUpdatePwdTime', 'datetime', 1);
+
+