修改密码接口修改。登录接口修改，增加密码安全校验，增加密码超时校验

85d7a031 · wang_jiaxing · 778a7cc6 · 85d7a031 · 85d7a031 · 85d7a031
Commit 85d7a031 authored Sep 01, 2022 by wang_jiaxing
7 changed files
--- a/src/main/java/org/springblade/core/secure/AuthInfo.java
+++ b/src/main/java/org/springblade/core/secure/AuthInfo.java
@@ -63,4 +63,7 @@ public class AuthInfo {
 	@ApiModelProperty(value = "ip")
 	@TableField(exist = false)
 	private String ip ;
+	@ApiModelProperty(value = "是否超时")
+	@TableField(exist = false)
+	private String isCs ;
 }
--- a/src/main/java/org/springblade/founder/ydjwhc/controller/ZbxxjsController.java
+++ b/src/main/java/org/springblade/founder/ydjwhc/controller/ZbxxjsController.java
@@ -13,7 +13,7 @@ import org.springframework.web.bind.annotation.RestController;
 import java.util.List;
 @RestController
-@RequestMapping("/zbxxjs") //周边信息检索
+@RequestMapping("zbxxjs") //周边信息检索
 public class ZbxxjsController {
 	@Autowired

--- a/src/main/java/org/springblade/modules/auth/utils/TokenUtil.java
+++ b/src/main/java/org/springblade/modules/auth/utils/TokenUtil.java
@@ -27,6 +27,10 @@ import org.springframework.web.context.request.ServletRequestAttributes;
 import javax.servlet.http.HttpServletRequest;
 import java.net.InetAddress;
+import java.text.SimpleDateFormat;
+import java.time.LocalDate;
+import java.time.temporal.ChronoUnit;
+import java.util.Date;
 import java.util.HashMap;
 import java.util.Map;
@@ -91,6 +95,8 @@ public class TokenUtil {
 		authInfo.setUnitname(user.getUnitname());
 		authInfo.setRealname(user.getTrueName());
 		authInfo.setPhone(user.getTelephone());
+		SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd");
+		authInfo.setIsCs(user.getPasswordGxsj() == null ? "1" : ChronoUnit.MONTHS.between(LocalDate.parse(sdf.format(user.getPasswordGxsj())), LocalDate.parse(sdf.format(new Date()))) < 3 ? "0" : "1");
 		try {
 			authInfo.setIp(getIp());
 		} catch (Exception e) {

--- a/src/main/java/org/springblade/modules/system/entity/SysNewUser.java
+++ b/src/main/java/org/springblade/modules/system/entity/SysNewUser.java
@@ -8,6 +8,7 @@ import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;
 import org.springblade.founder.entity.BaseModel;
+import java.util.Date;
 import java.util.List;
@@ -103,6 +104,7 @@ public class SysNewUser extends BaseModel {
 	private List<String> userMenus;
 	private String userMenusStr;
+	private Date passwordGxsj;
 	//登录人员

--- a/src/main/java/org/springblade/modules/system/mapper/SysUserMapper.xml
+++ b/src/main/java/org/springblade/modules/system/mapper/SysUserMapper.xml
@@ -250,7 +250,8 @@
        <if test="zbzxDwdm != null and zbzxDwdm != ''"> zbzx_dwdm = #{ zbzxDwdm , jdbcType=VARCHAR }, </if>
        <if test="grdf != null and grdf != ''"> grdf = #{ grdf , jdbcType=VARCHAR }, </if>
-        gxsj=now()
+        gxsj=now(),
+        passwordGxsj=now()
        where id=#{id ,jdbcType=VARCHAR }
    </update>

--- a/src/main/java/org/springblade/modules/system/mapper/UserMapper.xml
+++ b/src/main/java/org/springblade/modules/system/mapper/UserMapper.xml
@@ -95,7 +95,8 @@
                jgz_photo_zm as jgzPhotoZm,
                jgz_photo_fm as jgzPhotoFm,
                zbzx_dwdm as zbzxDwdm,
-                grdf as grdf
+                grdf as grdf,
+                passwordGxsj as passwordGxsj
                FROM sys_user
                where open_flag='1' and scbz='0'
                and username = #{account} and password =  #{password}

--- a/src/main/java/org/springblade/modules/system/service/impl/UserServiceImpl.java
+++ b/src/main/java/org/springblade/modules/system/service/impl/UserServiceImpl.java
@@ -21,6 +21,7 @@ import com.baomidou.mybatisplus.core.conditions.Wrapper;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import com.baomidou.mybatisplus.extension.exceptions.ApiException;
+import jdk.nashorn.internal.runtime.regexp.RegExp;
 import lombok.AllArgsConstructor;
 import org.apache.commons.lang.StringUtils;
 import org.springblade.common.constant.CommonConstant;
@@ -282,6 +283,7 @@ public class UserServiceImpl extends BaseServiceImpl<UserMapper, User> implement
 	@Override
 	@DS("db1")
 	public String updatePassword(String userId, String oldPassword, String newPassword, String newPassword1) {
+		String pattern = "(?=.*[0-9])(?=.*[A-Z])(?=.*[a-z])(?=.*[^a-zA-Z0-9]).{8,32}";
 		XzxtUser userXzxt = SecureUtil.getUserXzxt();
 		userId = userXzxt.getIdentitycard();
 		if (StringUtils.isEmpty(newPassword) || !newPassword.equals(newPassword1)){
@@ -293,6 +295,9 @@ public class UserServiceImpl extends BaseServiceImpl<UserMapper, User> implement
 		if (StringUtils.isEmpty(oldPassword)){
 			return "201#原密码不能为空";
 		}
+		if (!newPassword.matches(pattern)) {
+			return "201#密码中必须包含大小写字母、数字、特殊字符，且长度在8-32位，请重新修改密码！";
+		}
 		try {
 			SysNewUser user = sysUserMapper.getUserByZjhm(userId);
 			if (user == null){
@@ -305,7 +310,7 @@ public class UserServiceImpl extends BaseServiceImpl<UserMapper, User> implement
 				return "201#新密码不能和旧密码相同";
 			}
 			SysNewUser newUser = new SysNewUser();
-			newUser.setId(userId);
+			newUser.setId(user.getId());
 			newUser.setPassword(DigestUtil.encrypt(newPassword));
 			sysUserMapper.updateUserNewMySQL(newUser);
 		} catch (Exception e) {