From 66ed5cbc834ee948c68570f0b2a13440ea9d408c Mon Sep 17 00:00:00 2001 From: wangyu <727842003@qq.com> Date: Wed, 13 Jan 2021 23:41:53 +0800 Subject: [PATCH] =?UTF-8?q?fix:=20=E5=AF=86=E7=A0=81=E5=BC=BA=E5=BA=A6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../framework/controller/UserController.java | 26 ++++++++++++++++++ .../framework/domain/UserPasswordDto.java | 3 +++ .../framework/service/UserService.java | 3 +++ .../framework/utils/StrengthUtils.java | 27 +++++++++++++++++++ 4 files changed, 59 insertions(+) create mode 100644 flyfish-user/src/main/java/com/flyfish/framework/utils/StrengthUtils.java diff --git a/flyfish-user/src/main/java/com/flyfish/framework/controller/UserController.java b/flyfish-user/src/main/java/com/flyfish/framework/controller/UserController.java index 1996c5c..b28d212 100644 --- a/flyfish-user/src/main/java/com/flyfish/framework/controller/UserController.java +++ b/flyfish-user/src/main/java/com/flyfish/framework/controller/UserController.java @@ -5,15 +5,19 @@ import com.flyfish.framework.configuration.annotations.CurrentUser; import com.flyfish.framework.domain.UserPasswordDto; import com.flyfish.framework.domain.UserQo; import com.flyfish.framework.domain.base.IUser; +import com.flyfish.framework.domain.po.Role; import com.flyfish.framework.domain.po.User; +import com.flyfish.framework.enums.UserStatus; import com.flyfish.framework.service.UserService; import com.flyfish.framework.utils.Assert; +import com.flyfish.framework.utils.StrengthUtils; import org.springframework.security.core.context.ReactiveSecurityContextHolder; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.web.bind.annotation.*; import reactor.core.publisher.Mono; import javax.annotation.Resource; +import java.util.Optional; @RestController @RequestMapping("/users") @@ -22,6 +26,28 @@ public class UserController extends BaseController { @Resource private PasswordEncoder passwordEncoder; + /** + * 重置密码逻辑 + * + * @param body 请求体 + * @param user 用户 + * @return 结果 + */ + @PutMapping("{id}/passwords") + public Result resetPassword(@PathVariable String id, @RequestBody User body, @CurrentUser User user) { + Assert.hasText(body.getPassword(), "重置密码必需携带密码!"); + Assert.isTrue(Optional.ofNullable(user.getRoles()).map(roles -> roles.stream().anyMatch(Role::getAdmin)) + .orElse(false), "您没有管理员权限,无法重置密码!"); + Assert.isTrue(StrengthUtils.isValid(body.getPassword())); + User updating = new User(); + updating.setId(id); + updating.setStatus(UserStatus.NORMAL); + updating.setErrorCount(0); + updating.setPassword(passwordEncoder.encode(body.getPassword())); + service.updateSelectiveById(updating); + return Result.ok(); + } + /** * 修改密码逻辑 * diff --git a/flyfish-user/src/main/java/com/flyfish/framework/domain/UserPasswordDto.java b/flyfish-user/src/main/java/com/flyfish/framework/domain/UserPasswordDto.java index 270c7f9..a02da64 100644 --- a/flyfish-user/src/main/java/com/flyfish/framework/domain/UserPasswordDto.java +++ b/flyfish-user/src/main/java/com/flyfish/framework/domain/UserPasswordDto.java @@ -1,9 +1,11 @@ package com.flyfish.framework.domain; +import com.flyfish.framework.utils.StrengthUtils; import lombok.Getter; import lombok.Setter; import javax.validation.constraints.NotBlank; +import javax.validation.constraints.Pattern; /** * 修改密码dto @@ -17,5 +19,6 @@ public class UserPasswordDto { private String oldPassword; @NotBlank(message = "新密码不可为空!") + @Pattern(regexp = StrengthUtils.PATTERN, message = "密码强度不够,至少应该包含数字、大小写字母、符号组合!") private String password; } diff --git a/flyfish-user/src/main/java/com/flyfish/framework/service/UserService.java b/flyfish-user/src/main/java/com/flyfish/framework/service/UserService.java index 681519f..be7e47d 100644 --- a/flyfish-user/src/main/java/com/flyfish/framework/service/UserService.java +++ b/flyfish-user/src/main/java/com/flyfish/framework/service/UserService.java @@ -5,6 +5,8 @@ import com.flyfish.framework.domain.po.User; import com.flyfish.framework.enums.UserType; import com.flyfish.framework.repository.UserRepository; import com.flyfish.framework.service.impl.BaseServiceImpl; +import com.flyfish.framework.utils.Assert; +import com.flyfish.framework.utils.StrengthUtils; import org.apache.commons.lang3.StringUtils; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.stereotype.Service; @@ -32,6 +34,7 @@ public class UserService extends BaseServiceImpl { @Override public User create(User entity) { if (null == entity.getId() && StringUtils.isNotBlank(entity.getPassword())) { + Assert.isTrue(StrengthUtils.isValid(entity.getPassword()), "密码强度不够,至少应该包含数字、大小写字母、符号组合"); entity.setPassword(passwordEncoder.encode(entity.getPassword())); } if (null == entity.getType()) { diff --git a/flyfish-user/src/main/java/com/flyfish/framework/utils/StrengthUtils.java b/flyfish-user/src/main/java/com/flyfish/framework/utils/StrengthUtils.java new file mode 100644 index 0000000..9dffb40 --- /dev/null +++ b/flyfish-user/src/main/java/com/flyfish/framework/utils/StrengthUtils.java @@ -0,0 +1,27 @@ +package com.flyfish.framework.utils; + +import java.util.regex.Pattern; + +/** + * 密码强度工具 + * + * @author wangyu + */ +public abstract class StrengthUtils { + + public static final String PATTERN = "^(?![a-zA-z]+$)(?!\\d+$)(?![,.!?~`_+=@#$%^&*;<>':]+$)(?![a-zA-z\\d]+$)(?![a-zA-z,.!?~`_+=@#$%^&*;<>':]+$)(?![\\d,.!?~`_+=@#$%^&*;<>':]+$)[a-zA-Z\\d,.!?~`_+=@#$%^&*;<>':]{8,16}$"; + + /** + * 此处传入密码明文判定密码可用性 + * + * @param password 密码 + * @return 结果 + */ + public static boolean isValid(String password) { + return LazyHolder.validRegex.matcher(password).matches(); + } + + private static class LazyHolder { + private static final Pattern validRegex = Pattern.compile(PATTERN); + } +}