diff --git a/smart-health-modules/cloud-upms/cloud-upms-biz/src/main/java/cn/sh/stc/sict/cloud/upms/config/UserPwdProperties.java b/smart-health-modules/cloud-upms/cloud-upms-biz/src/main/java/cn/sh/stc/sict/cloud/upms/config/UserPwdProperties.java new file mode 100644 index 0000000000000000000000000000000000000000..7c1b98c978fbb585607f785fc55b5f598eea55cb --- /dev/null +++ b/smart-health-modules/cloud-upms/cloud-upms-biz/src/main/java/cn/sh/stc/sict/cloud/upms/config/UserPwdProperties.java @@ -0,0 +1,39 @@ +package cn.sh.stc.sict.cloud.upms.config; + +import cn.hutool.core.date.DateUtil; +import lombok.Data; +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.cloud.context.config.annotation.RefreshScope; +import org.springframework.stereotype.Component; + +import java.util.Date; + +/** + * 用户密码修改提示 配置属性 + */ +@Data +@Component +@RefreshScope +@ConfigurationProperties(prefix = "user.pwd") +public class UserPwdProperties { + /** + * 是否进行密码修改提示 + */ + private Boolean limitFlag; + /** + * 上次修改超过{{limitDays}}天,锁定用户 + */ + private Integer limitDays; + /** + * 上次修改超过{{tipsDays}}天,开始提示用户修改密码 + */ + private Integer tipsDays; + + public boolean getTips(Date lastPwdTime) { + long offsetDays = DateUtil.betweenDay(lastPwdTime, DateUtil.date(), true); + if (offsetDays > tipsDays) { + return true; + } + return false; + } +} diff --git a/smart-health-modules/cloud-upms/cloud-upms-biz/src/main/java/cn/sh/stc/sict/cloud/upms/controller/web/SysUserBaseController.java b/smart-health-modules/cloud-upms/cloud-upms-biz/src/main/java/cn/sh/stc/sict/cloud/upms/controller/web/SysUserBaseController.java index b4013cf25b9aaed5fec4cf1b6bc77de725ec5cce..9917f3a3379545a84e2449ec4111f7ab55e8cafb 100644 --- a/smart-health-modules/cloud-upms/cloud-upms-biz/src/main/java/cn/sh/stc/sict/cloud/upms/controller/web/SysUserBaseController.java +++ b/smart-health-modules/cloud-upms/cloud-upms-biz/src/main/java/cn/sh/stc/sict/cloud/upms/controller/web/SysUserBaseController.java @@ -1,11 +1,16 @@ package cn.sh.stc.sict.cloud.upms.controller.web; +import cn.hutool.core.date.DateUtil; +import cn.hutool.core.util.ObjectUtil; import cn.hutool.core.util.StrUtil; import cn.sh.stc.sict.cloud.common.core.constant.Constant; import cn.sh.stc.sict.cloud.common.core.constant.enums.BizCodeConstant; import cn.sh.stc.sict.cloud.common.core.util.NumberUtil; import cn.sh.stc.sict.cloud.common.log.annotation.SysLog; +import cn.sh.stc.sict.cloud.common.security.service.SictUser; import cn.sh.stc.sict.cloud.common.security.util.SecurityUtils; +import cn.sh.stc.sict.cloud.upms.config.UserPwdProperties; +import cn.sh.stc.sict.cloud.upms.dto.ChangePasswordDTO; import cn.sh.stc.sict.cloud.upms.dto.CurrentUser; import cn.sh.stc.sict.cloud.upms.dto.UserDTO; import cn.sh.stc.sict.cloud.upms.model.HpMenu; @@ -53,10 +58,11 @@ public class SysUserBaseController { * 3. 角色配置 * 4. 重置密码(加密处理) */ - private SysUserBaseService sysUserBaseService; - private HpRoleService hpRoleService; - private HpUserRoleService hpUserRoleService; - private HpMenuService hpMenuService; + private final SysUserBaseService sysUserBaseService; + private final HpRoleService hpRoleService; + private final HpUserRoleService hpUserRoleService; + private final HpMenuService hpMenuService; + private final UserPwdProperties userPwdProperties; private static final PasswordEncoder ENCODER = new BCryptPasswordEncoder(); @ApiOperation("分页查询 系统基础用户表") @@ -118,8 +124,11 @@ public class SysUserBaseController { dto.setUser(user); dto.setRoleList(roleList); dto.setMenuList(menuList); - - return new R(dto).setBizCode(BizCodeConstant.USER_PWD_LIMIT.getCode()); + if (userPwdProperties.getLimitFlag() && ObjectUtil.isNotNull(user.getLastPwdTime()) && userPwdProperties.getTips(user.getLastPwdTime())) { + return new R(dto).setBizCode(BizCodeConstant.USER_PWD_LIMIT.getCode()); + } else { + return new R(dto); + } } @@ -135,6 +144,54 @@ public class SysUserBaseController { return new R(); } + @SysLog + @ApiOperation("修改用户密码") + @PutMapping("/password") + public R changePassword(@RequestBody ChangePasswordDTO password) { + + if (StrUtil.isBlank(password.getNewPassword()) || StrUtil.isBlank(password.getOldPassword())) { + return new R<>().error("新密码或旧密码不能为空!"); + } + + if (StrUtil.equals(password.getNewPassword(), password.getOldPassword())) { + return new R<>().error("新密码不能与旧密码相同!"); + } + + SictUser user = SecurityUtils.getUser(); + SysUserBase userBase = sysUserBaseService.getById(user.getId()); + if (userBase == null) { + return new R<>().error("用户不存在!"); + } + + if (!ENCODER.matches(password.getOldPassword(), userBase.getPasswd())) { + return new R<>().error("旧密码不正确!"); + } + + userBase.setPasswd(ENCODER.encode(password.getNewPassword())); + userBase.setLastPwdTime(DateUtil.date()); + sysUserBaseService.updateById(userBase); + sysUserBaseService.initRedisByUserName(userBase.getUserName()); + return new R<>().success(""); + } + + @SysLog + @ApiOperation("重置密码") + @PutMapping("/reset/password") + @PreAuthorize("@pms.hasPermission('ROLE_admin')") + public R resetPassword(@RequestParam("userId") Long userId) { + SysUserBase user = sysUserBaseService.getById(userId); + if (ObjectUtil.isNull(user) || NumberUtil.isNullOrZero(user.getId())) { + return new R<>().error("未找到用户信息!"); + } + SysUserBase update = new SysUserBase(); + update.setId(userId); + update.setPasswd(ENCODER.encode(Constant.DEFAULT_PASSWORD)); + update.setLastPwdTime(DateUtil.date()); + sysUserBaseService.updateById(update); + sysUserBaseService.initRedisByUserName(user.getUserName()); + return new R<>().success(""); + } + /** * 通过id删除系统基础用户表 * diff --git a/smart-health-modules/cloud-upms/cloud-upms-biz/src/main/java/cn/sh/stc/sict/cloud/upms/dto/ChangePasswordDTO.java b/smart-health-modules/cloud-upms/cloud-upms-biz/src/main/java/cn/sh/stc/sict/cloud/upms/dto/ChangePasswordDTO.java new file mode 100644 index 0000000000000000000000000000000000000000..1bf0c45ee11b225b45874f4014f6a7d3c601fee2 --- /dev/null +++ b/smart-health-modules/cloud-upms/cloud-upms-biz/src/main/java/cn/sh/stc/sict/cloud/upms/dto/ChangePasswordDTO.java @@ -0,0 +1,15 @@ +package cn.sh.stc.sict.cloud.upms.dto; + +import lombok.Data; + +/** + * @author 75 + * @Description + * @Date 2021/5/17 11:00 + **/ +@Data +public class ChangePasswordDTO { + private Long userId; + private String oldPassword; + private String newPassword; +} diff --git a/smart-health-modules/cloud-upms/cloud-upms-biz/src/main/java/cn/sh/stc/sict/cloud/upms/service/SysUserBaseService.java b/smart-health-modules/cloud-upms/cloud-upms-biz/src/main/java/cn/sh/stc/sict/cloud/upms/service/SysUserBaseService.java index e45174907cbfa338182fc35fa53e3a75e20f4c97..ab3b3ec902b16db22c8fbe0c06d73bb3d9671fcc 100644 --- a/smart-health-modules/cloud-upms/cloud-upms-biz/src/main/java/cn/sh/stc/sict/cloud/upms/service/SysUserBaseService.java +++ b/smart-health-modules/cloud-upms/cloud-upms-biz/src/main/java/cn/sh/stc/sict/cloud/upms/service/SysUserBaseService.java @@ -20,5 +20,7 @@ public interface SysUserBaseService extends IService { boolean saveDto(UserDTO dto); boolean exist(SysUserBase user); + + void initRedisByUserName(String userName); } diff --git a/smart-health-modules/cloud-upms/cloud-upms-biz/src/main/java/cn/sh/stc/sict/cloud/upms/service/impl/SysUserBaseServiceImpl.java b/smart-health-modules/cloud-upms/cloud-upms-biz/src/main/java/cn/sh/stc/sict/cloud/upms/service/impl/SysUserBaseServiceImpl.java index 18829965ae1e0dc5fb46ea9df268d5d274608c8e..3d533ee352ee666479ee9e9251c5263042da40d2 100644 --- a/smart-health-modules/cloud-upms/cloud-upms-biz/src/main/java/cn/sh/stc/sict/cloud/upms/service/impl/SysUserBaseServiceImpl.java +++ b/smart-health-modules/cloud-upms/cloud-upms-biz/src/main/java/cn/sh/stc/sict/cloud/upms/service/impl/SysUserBaseServiceImpl.java @@ -6,6 +6,7 @@ import cn.hutool.core.util.ObjectUtil; import cn.hutool.core.util.StrUtil; import cn.hutool.json.JSONUtil; import cn.sh.stc.sict.cloud.common.core.constant.Constant; +import cn.sh.stc.sict.cloud.common.core.constant.RedisCacheConstant; import cn.sh.stc.sict.cloud.common.core.constant.UserConstant; import cn.sh.stc.sict.cloud.common.core.constant.enums.LoginTypeEnum; import cn.sh.stc.sict.cloud.common.core.dto.WDUserInfo; @@ -28,6 +29,7 @@ import lombok.extern.slf4j.Slf4j; import me.chanjar.weixin.common.bean.oauth2.WxOAuth2AccessToken; import me.chanjar.weixin.common.error.WxErrorException; import me.chanjar.weixin.mp.api.WxMpService; +import org.springframework.data.redis.core.StringRedisTemplate; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.stereotype.Service; @@ -45,6 +47,7 @@ public class SysUserBaseServiceImpl extends ServiceImpl 0; } + @Override + public void initRedisByUserName(String userName) { + String key = RedisCacheConstant.USER_DETAILS + "::" + userName + ":*"; + stringRedisTemplate.delete(stringRedisTemplate.keys(key)); + } + private UserInfo getByPhone(String phone) { LambdaQueryWrapper wrapper = new LambdaQueryWrapper<>(); wrapper.eq(SysUserBase::getPhone, phone);