调整

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java

@@ -3,6 +3,7 @@ package com.ruoyi.web.controller.system;
 import cn.hutool.core.bean.BeanUtil;
 import cn.hutool.core.collection.CollUtil;
 import cn.hutool.core.util.IdUtil;
+import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.constant.CacheConstants;
 import com.ruoyi.common.constant.Constants;
 import com.ruoyi.common.core.domain.AjaxResult;
@@ -10,6 +11,7 @@ import com.ruoyi.common.core.domain.R;
 import com.ruoyi.common.core.domain.entity.SysMenu;
 import com.ruoyi.common.core.domain.model.*;
 import com.ruoyi.common.core.redis.RedisCache;
+import com.ruoyi.common.enums.BusinessType;
 import com.ruoyi.common.exception.ServiceException;
 import com.ruoyi.common.utils.SecurityUtils;
 import com.ruoyi.framework.web.service.SysLoginService;
@@ -137,7 +139,8 @@ public class SysLoginController {
         return R.ok();
     }
 
-    @ApiOperation(value = "修改密码（忘记密码）")
+    @Log(title = "修改密码", businessType = BusinessType.UPDATE)
+    @ApiOperation(value = "修改密码（使用手机验证码修改）")
     @PostMapping("/changePassword")
     public R changePassword(@Validated @RequestBody PasswordChangeVO vo) {
         loginService.validateSmsVerificationCode(vo.getPhoneNumber(), vo.getCode());
@@ -147,6 +150,35 @@ public class SysLoginController {
         return R.ok();
     }
 
+    @Log(title = "修改密码", businessType = BusinessType.UPDATE)
+    @ApiOperation(value = "修改密码（使用原密码修改）")
+    @PostMapping("/changePassword2")
+    public R changePassword2(@Validated @RequestBody PasswordChange2VO vo) {
+        LoginUser loginUser = SecurityUtils.getLoginUser();
+        String password = loginUser.getPassword();
+        if (!SecurityUtils.matchesPassword(password, vo.getOldPassword())) {
+            return R.fail("修改密码失败，旧密码错误");
+        }
+        if (SecurityUtils.matchesPassword(password, vo.getNewPassword())) {
+            return R.fail("新密码不能与旧密码相同");
+        }
+        userService.resetPassword(loginUser.getUserId(), vo.getNewPassword());
+        tokenService.deleteCacheUser(loginUser.getUserId());
+        return R.ok();
+    }
+
+    @Log(title = "修改头像", businessType = BusinessType.UPDATE)
+    @ApiOperation(value = "修改头像")
+    @PostMapping("/changeAvatar")
+    public R changeAvatar(@Validated @RequestBody AvatarChangeVO vo) {
+        LoginUser loginUser = SecurityUtils.getLoginUser();
+        boolean success = userService.updateUserAvatar(loginUser.getUsername(), vo.getAvatar());
+        if (success) {
+            return R.ok();
+        }
+        return R.fail();
+    }
+
     /**
      * 获取用户信息
      *

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysProfileController.java

@@ -24,8 +24,8 @@ import java.util.Map;
  *
  * @author ruoyi
  */
-@RestController
-@RequestMapping("/rest/v1/sys/user/profile")
+//@RestController
+//@RequestMapping("/rest/v1/sys/user/profile")
 public class SysProfileController extends BaseController {
     @Autowired
     private ISysUserService userService;

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/vo/AvatarChangeVO.java

@@ -0,0 +1,21 @@
+package com.ruoyi.web.controller.system.vo;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+import javax.validation.constraints.NotEmpty;
+
+/**
+ * @author liangyq
+ * @date 2025-06-05 15:41
+ */
+@ApiModel
+@Data
+public class AvatarChangeVO {
+
+    @NotEmpty(message = "头像不能为空")
+    @ApiModelProperty("头像（图片上传到公有桶：avatar目录下）")
+    private String avatar;
+
+}

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/vo/PasswordChange2VO.java

@@ -0,0 +1,25 @@
+package com.ruoyi.web.controller.system.vo;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.Pattern;
+
+/**
+ * @author liangyq
+ * @date 2025-06-05 15:41
+ */
+@ApiModel
+@Data
+public class PasswordChange2VO {
+
+    @NotEmpty(message = "旧密码不能为空")
+    @ApiModelProperty("旧密码")
+    private String oldPassword;
+
+    @NotEmpty(message = "新密码不能为空")
+    @ApiModelProperty("新密码")
+    private String newPassword;
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/LogAspect.java

@@ -87,7 +87,7 @@ public class LogAspect
         try
         {
             // 获取当前的用户
-            LoginUser loginUser = SecurityUtils.getLoginUser();
+            String loginUsername = SecurityUtils.getUsernameSafe();
 
             // *========数据库日志=========*//
             SysOperLog operLog = new SysOperLog();
@@ -96,10 +96,9 @@ public class LogAspect
             String ip = IpUtils.getIpAddr();
             operLog.setOperIp(ip);
             operLog.setOperUrl(StringUtils.substring(ServletUtils.getRequest().getRequestURI(), 0, 255));
-            if (loginUser != null)
+            if (loginUsername != null)
             {
-                operLog.setOperName(loginUser.getUsername());
-                SysUser currentUser = loginUser.getUser();
+                operLog.setOperName(loginUsername);
             }
 
             if (e != null)

ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java

@@ -114,7 +114,7 @@ public class SecurityConfig
                 requests.antMatchers("/rest/v1/login/loginByUname", "/rest/v1/login/loginBySms",
                         "/rest/v1/login/sendSmsVerificationCode", "/rest/v1/reg/registerStore", "/rest/v1/reg/registerSeller", "/rest/v1/reg/registerAgent",
                         "/rest/v1/reg/sendSmsVerificationCode", "/rest/v1/reg/isPhoneNumberRegistered", "/rest/v1/captcha/image",
-                        "/rest/v1/login/getBrowserId", "/rest/v1/login/getTokenByBrowserId").permitAll()
+                        "/rest/v1/login/getBrowserId", "/rest/v1/login/getTokenByBrowserId", "/rest/v1/login/changePassword").permitAll()
                         // 静态资源，可匿名访问
                         .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll()
                         .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll()

ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java

@@ -293,7 +293,7 @@ public class SysUserServiceImpl implements ISysUserService {
                     .eq(SysUser::getDelFlag, Constants.UNDELETED));
             if (user != null) {
                 user.setAvatar(avatar);
-                updateUserBase(user, false);
+                updateUserBase(user, true);
                 return true;
             }
         }

sql/ry_20240629.sql

@@ -12,7 +12,7 @@ create table sys_user (
   email             varchar(50)     default ''                 comment '用户邮箱',
   phonenumber       varchar(11)     default ''                 comment '手机号码',
   sex               char(1)         default '0'                comment '用户性别（0男 1女 2未知）',
-  avatar            varchar(100)    default ''                 comment '头像地址',
+  avatar            varchar(256)    default ''                 comment '头像地址',
   password          varchar(100)    default ''                 comment '密码',
   status            char(1)         default '0'                comment '帐号状态（0正常 1停用）',
   del_flag          char(1)         default '0'                comment '删除标志（0代表存在 2代表删除）',