登录密码校验修改

1 year ago · 90153fcfe6
parent ec843e3b00
commit 90153fcfe6
2 changed files with 68 additions and 17 deletions
--- a/src/main/java/com/glxp/api/controller/auth/AuthUserController.java
+++ b/src/main/java/com/glxp/api/controller/auth/AuthUserController.java
@ -166,7 +166,11 @@ public class AuthUserController extends BaseController {
        if (updateUserRequset.getNewPassword().equals(authAdmin.getPassWord())) {
            return ResultVOUtils.error(500, "新密码与旧密码重复！请重新修改！");
        }
-        if (updateUserRequset.getNewPassword().equals(updateUserRequset.getConfirmPassword()) && updateUserRequset.getPassWord().equals(authAdmin.getPassWord())) {
+        if (updateUserRequset.getNewPassword().equals(updateUserRequset.getConfirmPassword()) &&
                PasswordUtils.authAdminPwd(updateUserRequset.getPassWord()).equals(PasswordUtils.authAdminPwd(authAdmin.getPassWord()))
                || updateUserRequset.getPassWord().equals(authAdmin.getPassWord())
                || updateUserRequset.getPassWord().equals(PasswordUtils.authAdminPwd(authAdmin.getPassWord()))
        ) {
            customerService.update(updateUserRequset);
            return ResultVOUtils.success("修改成功");
        } else {
@ -175,34 +179,81 @@ public class AuthUserController extends BaseController {
    }
 //    @AuthRuleAnnotation("")
 //    @PostMapping("/admin/auth/admin/force/updateUser")
 //    public BaseResponse forceUpdateUser(@RequestBody @Valid UpdateUserRequset updateUserRequset, BindingResult bindingResult) {
 //        if (bindingResult.hasErrors()) {
 //            return ResultVOUtils.error(ResultEnum.PARAM_VERIFY_FALL, bindingResult.getFieldError().getDefaultMessage());
 //        }
 //        AuthAdmin authAdmin = customerService.getUserBean();
 //        if (StringUtils.isBlank(updateUserRequset.getNewPassword())) {
 //            return ResultVOUtils.error(500, "请输入新密码！");
 //        }
 //        if (StringUtils.isBlank(updateUserRequset.getConfirmPassword())) {
 //            return ResultVOUtils.error(500, "请输入确认密码！");
 //        }
 //
 //        if (updateUserRequset.getNewPassword().equals(updateUserRequset.getOldPassword())) {
 //            return ResultVOUtils.error(500, "新密码与旧密码重复！请重新修改！");
 //        }
 //        if (updateUserRequset.getNewPassword().equals(updateUserRequset.getConfirmPassword())
 //                &&
 //                (
 //                        PasswordUtils.authAdminPwd(updateUserRequset.getOldPassword()).equals(PasswordUtils.authAdminPwd(authAdmin.getPassWord()))
 //                                || updateUserRequset.getOldPassword().equals(authAdmin.getPassWord())
 //                                || updateUserRequset.getOldPassword().equals(PasswordUtils.authAdminPwd(authAdmin.getPassWord()))
 //                )) {
 //            String newPwd = PasswordUtils.authAdminPwd(updateUserRequset.getNewPassword());
 //            authAdmin.setPassWord(newPwd);
 //            authAdmin.setLastUpdatePwdTime(new Date());
 //            authAdminService.updateAuthAdmin(authAdmin);
 //            return ResultVOUtils.success("修改成功");
 //        } else {
 //            return ResultVOUtils.error(500, "新密码与确认密码不相同！请重新修改！");
 //        }
 //
 //    }
    @AuthRuleAnnotation("")
    @PostMapping("/admin/auth/admin/force/updateUser")
-    public BaseResponse forceUpdateUser(@RequestBody @Valid UpdateUserRequset updateUserRequset, BindingResult bindingResult) {
+    public BaseResponse forceUpdateUser(@RequestBody @Valid UpdateUserRequset updateUserRequest, BindingResult bindingResult) {
        if (bindingResult.hasErrors()) {
            return ResultVOUtils.error(ResultEnum.PARAM_VERIFY_FALL, bindingResult.getFieldError().getDefaultMessage());
        }
        AuthAdmin authAdmin = customerService.getUserBean();
-        if (StringUtils.isBlank(updateUserRequset.getNewPassword())) {
+
        if (StringUtils.isBlank(updateUserRequest.getNewPassword())) {
            return ResultVOUtils.error(500, "请输入新密码！");
        }
-        if (StringUtils.isBlank(updateUserRequset.getConfirmPassword())) {
+        if (StringUtils.isBlank(updateUserRequest.getConfirmPassword())) {
            return ResultVOUtils.error(500, "请输入确认密码！");
        }
-        if (updateUserRequset.getNewPassword().equals(updateUserRequset.getOldPassword())) {
+        if (updateUserRequest.getNewPassword().equals(updateUserRequest.getOldPassword())) {
            return ResultVOUtils.error(500, "新密码与旧密码重复！请重新修改！");
        }
-        if (updateUserRequset.getNewPassword().equals(updateUserRequset.getConfirmPassword()) && updateUserRequset.getOldPassword().equals(authAdmin.getPassWord())) {
+
-            String newPwd = PasswordUtils.authAdminPwd(updateUserRequset.getNewPassword());
+        if (updateUserRequest.getNewPassword().equals(updateUserRequest.getConfirmPassword())) {
-            authAdmin.setPassWord(newPwd);
+            String encryptedOldPassword = PasswordUtils.authAdminPwd(updateUserRequest.getOldPassword());
-            authAdmin.setLastUpdatePwdTime(new Date());
+            String storedEncryptedPassword = PasswordUtils.authAdminPwd(authAdmin.getPassWord());
-            authAdminService.updateAuthAdmin(authAdmin);
+
-            return ResultVOUtils.success("修改成功");
+            if (encryptedOldPassword.equals(storedEncryptedPassword) ||
                    updateUserRequest.getOldPassword().equals(authAdmin.getPassWord()) ||
                    encryptedOldPassword.equals(authAdmin.getPassWord())) {
                String newEncryptedPassword = PasswordUtils.authAdminPwd(updateUserRequest.getNewPassword());
                authAdmin.setPassWord(newEncryptedPassword);
                authAdmin.setLastUpdatePwdTime(new Date());
                authAdminService.updateAuthAdmin(authAdmin);
                return ResultVOUtils.success("修改成功");
            } else {
                return ResultVOUtils.error(500, "旧密码不正确！");
            }
        } else {
            return ResultVOUtils.error(500, "新密码与确认密码不相同！请重新修改！");
        }
    }
 }
--- a/src/main/java/com/glxp/api/controller/auth/LoginController.java
+++ b/src/main/java/com/glxp/api/controller/auth/LoginController.java
@ -119,10 +119,10 @@ public class LoginController extends BaseController {
 //        authLoginService.listRuleByAdminId(authAdmin.getId());
 //        cn.hutool.core.date.DateUtil.between(authAdmin.getLastUpdatePwdTime() == null ?
-        if (cn.hutool.core.date.DateUtil.between(authAdmin.getLastUpdatePwdTime() == null ? cn.hutool.core.date.DateUtil.date() : authAdmin.getLastUpdatePwdTime()
+//        if (cn.hutool.core.date.DateUtil.between(authAdmin.getLastUpdatePwdTime() == null ? cn.hutool.core.date.DateUtil.date() : authAdmin.getLastUpdatePwdTime()
-                , cn.hutool.core.date.DateUtil.date(), DateUnit.DAY) >= 90) {
+//                , cn.hutool.core.date.DateUtil.date(), DateUnit.DAY) >= 90) {
-            return ResultVOUtils.error(509, "密码已过期，请修改密码");
+//            return ResultVOUtils.error(509, "密码已过期，请修改密码");
-        }
+//        }
        Map<String, Object> claims = new HashMap<>();
        claims.put("admin_id", authAdmin.getId());