From a994b7d56b9a5fd48fc1f95b7a2fd14808ccc0fa Mon Sep 17 00:00:00 2001
From: wangyu <727842003@qq.com>
Date: Mon, 11 Jan 2021 23:49:44 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20=E4=BF=AE=E6=AD=A3?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../flyfish/framework/controller/UserController.java | 12 +++++++++---
 .../flyfish/framework/domain/UserPasswordDto.java    |  4 ++++
 2 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/flyfish-user/src/main/java/com/flyfish/framework/controller/UserController.java b/flyfish-user/src/main/java/com/flyfish/framework/controller/UserController.java
index 82751c7..1996c5c 100644
--- a/flyfish-user/src/main/java/com/flyfish/framework/controller/UserController.java
+++ b/flyfish-user/src/main/java/com/flyfish/framework/controller/UserController.java
@@ -9,13 +9,19 @@ import com.flyfish.framework.domain.po.User;
 import com.flyfish.framework.service.UserService;
 import com.flyfish.framework.utils.Assert;
 import org.springframework.security.core.context.ReactiveSecurityContextHolder;
+import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.web.bind.annotation.*;
 import reactor.core.publisher.Mono;
 
+import javax.annotation.Resource;
+
 @RestController
 @RequestMapping("/users")
 public class UserController extends BaseController<User, UserQo> {
 
+    @Resource
+    private PasswordEncoder passwordEncoder;
+
     /**
      * 修改密码逻辑
      *
@@ -26,13 +32,13 @@ public class UserController extends BaseController<User, UserQo> {
     @PutMapping("/passwords")
     public Result<Void> changePassword(@RequestBody UserPasswordDto passwordDto, @CurrentUser User user) {
         // 检查原密码
-        Assert.isTrue(user.getPassword().equals(passwordDto.getOldPassword()), "原密码不正确！");
-        Assert.isTrue(!user.getPassword().equals(passwordDto.getPassword()), "新密码和旧密码一致，输入个新的吧！");
+        Assert.isTrue(passwordEncoder.matches(passwordDto.getOldPassword(), user.getPassword()), "原密码不正确！");
+        Assert.isTrue(!passwordEncoder.matches(passwordDto.getPassword(), user.getPassword()), "新密码和旧密码一致，输入个新的吧！");
         userContext.setUser(user);
         // 更新密码
         User updating = new User();
         updating.setId(user.getId());
-        updating.setPassword(passwordDto.getPassword());
+        updating.setPassword(passwordEncoder.encode(passwordDto.getPassword()));
         service.updateSelectiveById(updating);
         return Result.ok();
     }
diff --git a/flyfish-user/src/main/java/com/flyfish/framework/domain/UserPasswordDto.java b/flyfish-user/src/main/java/com/flyfish/framework/domain/UserPasswordDto.java
index 7d2604a..270c7f9 100644
--- a/flyfish-user/src/main/java/com/flyfish/framework/domain/UserPasswordDto.java
+++ b/flyfish-user/src/main/java/com/flyfish/framework/domain/UserPasswordDto.java
@@ -3,6 +3,8 @@ package com.flyfish.framework.domain;
 import lombok.Getter;
 import lombok.Setter;
 
+import javax.validation.constraints.NotBlank;
+
 /**
  * 修改密码dto
  * @author wangyu
@@ -11,7 +13,9 @@ import lombok.Setter;
 @Setter
 public class UserPasswordDto {
 
+    @NotBlank(message = "旧密码不可为空！")
     private String oldPassword;
 
+    @NotBlank(message = "新密码不可为空！")
     private String password;
 }