From 76826a7536718cdc8b66e89296f9847181432b39 Mon Sep 17 00:00:00 2001
From: heheng <475597332@qq.com>
Date: Tue, 08 Apr 2025 10:26:01 +0800
Subject: [PATCH] 逻辑调整
---
src/main/java/com/gkhy/labRiskManage/domain/account/service/impl/UserDomainServiceImpl.java | 81 +++++++++++++++++++++++++++++++++++-----
1 files changed, 71 insertions(+), 10 deletions(-)
diff --git a/src/main/java/com/gkhy/labRiskManage/domain/account/service/impl/UserDomainServiceImpl.java b/src/main/java/com/gkhy/labRiskManage/domain/account/service/impl/UserDomainServiceImpl.java
index b74ce16..42a3c4d 100644
--- a/src/main/java/com/gkhy/labRiskManage/domain/account/service/impl/UserDomainServiceImpl.java
+++ b/src/main/java/com/gkhy/labRiskManage/domain/account/service/impl/UserDomainServiceImpl.java
@@ -38,6 +38,7 @@
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.util.ObjectUtils;
+import org.springframework.util.StringUtils;
import javax.persistence.criteria.*;
import java.nio.charset.StandardCharsets;
@@ -157,6 +158,9 @@
user.setPhone(updateUserBO.getPhone());
user.setIdentityStatus(updateUserBO.getIdentityStatus());
user.setQualificationAttId(updateUserBO.getQualificationAttId());
+ if (!ObjectUtils.isEmpty(updateUserBO.getPwd())){
+ user.setHash(genPasswordHash(updateUserBO.getPwd(), user.getSalt()));
+ }
//写库
User saveUserRs = userRepository.save(user);
return userInfoDomainConverter.toUserInfoDTO(saveUserRs);
@@ -287,28 +291,70 @@
}
return doList;
}
-
+ //2024 修改密码弱口令问题
@Override
@Transactional
public boolean updateUserPwd(Long uid, String oldPwd, String newPwd) {
if(uid == null || oldPwd == null || newPwd == null || oldPwd.isEmpty() || newPwd.isEmpty())
throw new BusinessException(this.getClass(), ResultCode.PARAM_ERROR_NULL.getCode(), "参数缺失");
+
+ if (newPwd.length() < 8){
+ throw new BusinessException(this.getClass(),ResultCode.PARAM_ERROR_ILLEGAL.getCode(),"密码长度不够");
+ }
+ if (!newPwd.matches(".*[A-Z].*")){
+ throw new BusinessException(this.getClass(),ResultCode.PARAM_ERROR_ILLEGAL.getCode(),"密码至少包含大小写字母、数字、特殊字符");
+ }
+ if (!newPwd.matches(".*[a-z].*")){
+ throw new BusinessException(this.getClass(),ResultCode.PARAM_ERROR_ILLEGAL.getCode(),"密码至少包含大小写字母、数字、特殊字符");
+ }
+ if (!newPwd.matches(".*\\d.*")){
+ throw new BusinessException(this.getClass(),ResultCode.PARAM_ERROR_ILLEGAL.getCode(),"密码至少包含大小写字母、数字、特殊字符");
+ }
+ if (!newPwd.matches(".*[!@#$%^&*.()?+`~<>,-].*")){
+ throw new BusinessException(this.getClass(),ResultCode.PARAM_ERROR_ILLEGAL.getCode(),"密码至少包含大小写字母、数字、特殊字符");
+ }
+
Optional<User> userOptional = userRepository.findById(uid);
if(!userOptional.isPresent()){
throw new BusinessException(this.getClass(), ResultCode.BUSINESS_ERROR_ACCOUNT_NOT_EXIST.getCode(), "用户不存在");
}
User user = userOptional.get();
//验证旧密码
- String hash = String.valueOf(Hashing.hmacMd5(user.getSalt().getBytes(StandardCharsets.UTF_8)).hashString(oldPwd,
- StandardCharsets.UTF_8));
+ String hash = genPasswordHash(oldPwd, user.getSalt());
if(!hash.equals(user.getHash()))
throw new BusinessException(this.getClass(), ResultCode.BUSINESS_ERROR_NOT_ALLOWED.getCode(), "旧密码错误");
- String newSalt = String.valueOf(Hashing.hmacMd5("".getBytes()).hashString(""+uid+Range.atLeast(1)+System.nanoTime(),
- StandardCharsets.UTF_8));
- String newHash = String.valueOf(Hashing.hmacMd5(newSalt.getBytes(StandardCharsets.UTF_8)).hashString(newPwd,
- StandardCharsets.UTF_8));
- if(userRepository.updatePassword(uid,newHash,newSalt, LocalDateTime.now()) == 1){
+
+ String newHash = genPasswordHash(newPwd, user.getSalt());
+ if(userRepository.updatePassword(uid,newHash, user.getSalt(), LocalDateTime.now()) == 1){
// deleteUserCache(uid);
+ return true;
+ }else {
+ throw new BusinessException(this.getClass(), ResultCode.SYSTEM_ERROR_DATABASE_FAIL.getCode(), "数据库错误");
+ }
+ }
+
+ // todo 2024 密码重置问题
+ @Override
+ public boolean resetUserPassword(Long uid, Long currentUserId) {
+
+ if(uid == null){
+ throw new BusinessException(this.getClass(), ResultCode.PARAM_ERROR_NULL.getCode(), "参数缺失");
+ }
+
+ Optional<User> userOptional = userRepository.findById(uid);
+ //验证用户是否存在
+ if(!userOptional.isPresent()){
+ throw new BusinessException(this.getClass(), ResultCode.BUSINESS_ERROR_ACCOUNT_NOT_EXIST.getCode(), "用户不存在");
+ }
+ User user = userOptional.get();
+
+ //设置初始密码
+ String newPwd = "Gs@123456";
+ String newHash = genPasswordHash(newPwd, user.getSalt());
+
+// Integer integer = userRepository.resetPassword(uid, newHash, LocalDateTime.now());
+
+ if(userRepository.resetPassword(uid, newHash, LocalDateTime.now()) == 1){
return true;
}else {
throw new BusinessException(this.getClass(), ResultCode.SYSTEM_ERROR_DATABASE_FAIL.getCode(), "数据库错误");
@@ -346,14 +392,14 @@
User user = userOptional.get();
/*if(user.getRoleId() != null && user.getRoleId().equals(roleId))
throw new BusinessException(this.getClass(), ResultCode.BUSINESS_ERROR_NOT_ALLOWED.getCode(), "用户角色未发生改变");*/
- //todo:校验角色信息
+ //校验角色信息
/*if(userRepository.updateUserRole(uid,roleId,LocalDateTime.now()) != null){
// deleteUserCache(uid);
return true;
}*/
return false;
}
-
+ //2024 登录校验问题
@Override
public boolean checkPassword(String pwd, String hash, String salt) {
if(pwd == null || pwd.isEmpty() || salt == null || salt.isEmpty() || hash == null || hash.isEmpty())
@@ -561,6 +607,7 @@
}
+
/**
* 用户查询
*/
@@ -579,6 +626,20 @@
return BeanCopyUtils.copyBean(userInfo, UserInfoDomainDTO.class);
}
+ @Override
+ public List<UserInfoDomainDTO> getUserInfoByIds(List<Long> evaluateUserIds, String info) {
+ if (ObjectUtils.isEmpty(evaluateUserIds)){
+ throw new BusinessException(this.getClass(), ResultCode.PARAM_ERROR_NULL.getCode(), "请求参数不能为空");
+ }
+
+ List<User> userInfoByIds = userRepository.getUserInfoByIds(evaluateUserIds);
+
+ if (ObjectUtils.isEmpty(userInfoByIds)){
+ throw new BusinessException(this.getClass(), ResultCode.PARAM_ERROR.getCode(), info + "不存在,请检查是否输入有误或人员已被删除");
+ }
+ return BeanCopyUtils.copyBeanList(userInfoByIds, UserInfoDomainDTO.class);
+ }
+
/**
* 清除REDIS缓存的用户数据
--
Gitblit v1.9.2