等保用户密码相关问题

2 years ago · 6b6b6d0d44
parent 4dc36c2abb
commit 6b6b6d0d44
7 changed files with 27 additions and 1 deletions
--- a/api-admin/src/main/java/com/glxp/api/admin/controller/auth/AuthAdminController.java
+++ b/api-admin/src/main/java/com/glxp/api/admin/controller/auth/AuthAdminController.java
@ -27,6 +27,7 @@ import org.springframework.web.bind.annotation.*;
 import javax.annotation.Resource;
 import javax.validation.Valid;
 import java.util.*;
+import java.util.regex.Pattern;
 import java.util.stream.Collectors;

 /**
@ -189,7 +190,12 @@ public class AuthAdminController {
        AuthAdmin authAdmin = new AuthAdmin();
        BeanUtils.copyProperties(authAdminSaveRequest, authAdmin);
        if (authAdmin.getPassWord() != null) {
+            boolean matches = Pattern.matches("^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z\\\\W_.*%@!]+$)(?![a-z0-9]+$)(?![a-z\\\\W_.;*%@!]+$)(?![0-9\\\\W_.;*%@!]+$)[a-zA-Z0-9\\\\W_.;*%@!]{8,20}$", authAdmin.getPassWord());
+            if(!matches){
+                return ResultVOUtils.error(ResultEnum.PARAM_VERIFY_FALL, "密码需要包含大写字母、小写字符、数字、特殊字符(含_.%@!)其中任意三种,长度8-20位");
+            }
            authAdmin.setPassWord(PasswordUtils.authAdminPwd(authAdmin.getPassWord()));
+            authAdmin.setLastUpdatePwdTime(new Date());
        }
        authAdmin.setLastModifyTime(new Date());
        boolean b = authAdminService.updateAuthAdmin(authAdmin);
--- a/api-admin/src/main/java/com/glxp/api/admin/controller/auth/LoginController.java
+++ b/api-admin/src/main/java/com/glxp/api/admin/controller/auth/LoginController.java
@ -1,5 +1,6 @@
 package com.glxp.api.admin.controller.auth;

+import cn.hutool.core.date.DateUnit;
 import cn.hutool.core.util.StrUtil;
 import com.glxp.api.admin.entity.auth.AuthCheckEntity;
 import com.glxp.api.admin.entity.info.DeviceKeyEntity;
@ -115,6 +116,8 @@ public class LoginController {
        loginResponse.setToken(token);
        loginResponse.setDept(authAdmin.getDept());
        loginResponse.setDeptName(authAdmin.getDeptName());
+        loginResponse.setNeedChangePwd(cn.hutool.core.date.DateUtil.between(authAdmin.getLastUpdatePwdTime() == null ? cn.hutool.core.date.DateUtil.date():authAdmin.getLastUpdatePwdTime()
+                , cn.hutool.core.date.DateUtil.date(), DateUnit.DAY)>=90);
        return ResultVOUtils.success(loginResponse);
    }

@ -265,7 +268,8 @@ public class LoginController {
        authAdminUp.setId(authAdmin.getId());
        String newPwd = PasswordUtils.authAdminPwd(updatePasswordRequest.getNewPassword());
        authAdminUp.setPassWord(newPwd);
-        authAdmin.setLastModifyTime(new Date());
+        authAdminUp.setLastModifyTime(new Date());
+        authAdminUp.setLastUpdatePwdTime(new Date());
        boolean b = authAdminService.updateAuthAdmin(authAdminUp);
        if (b) {
            return ResultVOUtils.success();
--- a/api-admin/src/main/java/com/glxp/api/admin/entity/auth/AuthAdmin.java
+++ b/api-admin/src/main/java/com/glxp/api/admin/entity/auth/AuthAdmin.java
@ -18,6 +18,10 @@ public class AuthAdmin {
    private String lastLoginIp;
    // 最后登录时间
    private Date lastLoginTime;
+    /**
+     * 最后一次修改密码时间
+     */
+    private Date lastUpdatePwdTime;
    // 创建时间
    private Date createTime;
    // 状态
--- a/api-admin/src/main/java/com/glxp/api/admin/req/auth/UpdatePasswordRequest.java
+++ b/api-admin/src/main/java/com/glxp/api/admin/req/auth/UpdatePasswordRequest.java
@ -4,6 +4,7 @@ import lombok.Data;

 import javax.validation.constraints.NotEmpty;
 import javax.validation.constraints.NotNull;
+import javax.validation.constraints.Pattern;

 /**
 * 修改密码的表单
@ -18,6 +19,8 @@ public class UpdatePasswordRequest {
    private String oldPassword;

    @NotEmpty(message = "请输入新密码")
+    @Pattern(regexp = "^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z\\\\W_.*%@!]+$)(?![a-z0-9]+$)(?![a-z\\\\W_.;*%@!]+$)(?![0-9\\\\W_.;*%@!]+$)[a-zA-Z0-9\\\\W_.;*%@!]{8,20}$"
+            , message = "密码需要包含大写字母、小写字符、数字、特殊字符(含_.%@!)其中任意三种,长度8-20位")
    private String newPassword;

 }
--- a/api-admin/src/main/java/com/glxp/api/admin/res/auth/LoginResponse.java
+++ b/api-admin/src/main/java/com/glxp/api/admin/res/auth/LoginResponse.java
@ -12,4 +12,7 @@ public class LoginResponse {
    private String dept;
    private String deptName;

+    private boolean needChangePwd = false;
+
+
 }
--- a/api-admin/src/main/resources/mybatis/mapper/auth/AuthAdminDao.xml
+++ b/api-admin/src/main/resources/mybatis/mapper/auth/AuthAdminDao.xml
@ -130,6 +130,7 @@
            <if test="lastLoginIp != null">lastLoginIp=#{lastLoginIp},</if>
            <if test="lastLoginTime != null">lastLoginTime=#{lastLoginTime},</if>
            <if test="lastModifyTime != null">lastModifyTime=#{lastModifyTime},</if>
+            <if test="lastUpdatePwdTime != null">lastUpdatePwdTime=#{lastUpdatePwdTime},</if>
            <if test="userFlag != null">userFlag=#{userFlag},</if>
            <if test="employeeName != null">employeeName=#{employeeName},</if>
            <if test="locInvCode != null">locInvCode=#{locInvCode},</if>
--- a/api-admin/src/main/resources/schemas/schema_v2.1.sql
+++ b/api-admin/src/main/resources/schemas/schema_v2.1.sql
@ -37,3 +37,8 @@ create table if not exists `io_code_lost`  (
                                               `nameCode` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci NULL DEFAULT NULL,
                                               PRIMARY KEY (`id`) USING BTREE
 ) ENGINE = InnoDB AUTO_INCREMENT = 3 CHARACTER SET = utf8mb4 COLLATE = utf8mb4_0900_ai_ci COMMENT = '扫码缺失字段信息补齐表' ROW_FORMAT = DYNAMIC;
+
+
+
+CALL Pro_Temp_ColumnWork('auth_user', 'lastUpdatePwdTime', 'datetime ', 1);
+