diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java index 082d41120..2a3216d02 100644 --- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java +++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java @@ -3,6 +3,7 @@ package com.ruoyi.web.controller.system; import cn.hutool.core.bean.BeanUtil; import cn.hutool.core.collection.CollUtil; import cn.hutool.core.util.IdUtil; +import com.ruoyi.common.annotation.Log; import com.ruoyi.common.constant.CacheConstants; import com.ruoyi.common.constant.Constants; import com.ruoyi.common.core.domain.AjaxResult; @@ -10,6 +11,7 @@ import com.ruoyi.common.core.domain.R; import com.ruoyi.common.core.domain.entity.SysMenu; import com.ruoyi.common.core.domain.model.*; import com.ruoyi.common.core.redis.RedisCache; +import com.ruoyi.common.enums.BusinessType; import com.ruoyi.common.exception.ServiceException; import com.ruoyi.common.utils.SecurityUtils; import com.ruoyi.framework.web.service.SysLoginService; @@ -137,7 +139,8 @@ public class SysLoginController { return R.ok(); } - @ApiOperation(value = "修改密码(忘记密码)") + @Log(title = "修改密码", businessType = BusinessType.UPDATE) + @ApiOperation(value = "修改密码(使用手机验证码修改)") @PostMapping("/changePassword") public R changePassword(@Validated @RequestBody PasswordChangeVO vo) { loginService.validateSmsVerificationCode(vo.getPhoneNumber(), vo.getCode()); @@ -147,6 +150,35 @@ public class SysLoginController { return R.ok(); } + @Log(title = "修改密码", businessType = BusinessType.UPDATE) + @ApiOperation(value = "修改密码(使用原密码修改)") + @PostMapping("/changePassword2") + public R changePassword2(@Validated @RequestBody PasswordChange2VO vo) { + LoginUser loginUser = SecurityUtils.getLoginUser(); + String password = loginUser.getPassword(); + if (!SecurityUtils.matchesPassword(password, vo.getOldPassword())) { + return R.fail("修改密码失败,旧密码错误"); + } + if (SecurityUtils.matchesPassword(password, vo.getNewPassword())) { + return R.fail("新密码不能与旧密码相同"); + } + userService.resetPassword(loginUser.getUserId(), vo.getNewPassword()); + tokenService.deleteCacheUser(loginUser.getUserId()); + return R.ok(); + } + + @Log(title = "修改头像", businessType = BusinessType.UPDATE) + @ApiOperation(value = "修改头像") + @PostMapping("/changeAvatar") + public R changeAvatar(@Validated @RequestBody AvatarChangeVO vo) { + LoginUser loginUser = SecurityUtils.getLoginUser(); + boolean success = userService.updateUserAvatar(loginUser.getUsername(), vo.getAvatar()); + if (success) { + return R.ok(); + } + return R.fail(); + } + /** * 获取用户信息 * diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysProfileController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysProfileController.java index adee9e331..74427d86a 100644 --- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysProfileController.java +++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysProfileController.java @@ -24,8 +24,8 @@ import java.util.Map; * * @author ruoyi */ -@RestController -@RequestMapping("/rest/v1/sys/user/profile") +//@RestController +//@RequestMapping("/rest/v1/sys/user/profile") public class SysProfileController extends BaseController { @Autowired private ISysUserService userService; diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/vo/AvatarChangeVO.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/vo/AvatarChangeVO.java new file mode 100644 index 000000000..093a6c82e --- /dev/null +++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/vo/AvatarChangeVO.java @@ -0,0 +1,21 @@ +package com.ruoyi.web.controller.system.vo; + +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import lombok.Data; + +import javax.validation.constraints.NotEmpty; + +/** + * @author liangyq + * @date 2025-06-05 15:41 + */ +@ApiModel +@Data +public class AvatarChangeVO { + + @NotEmpty(message = "头像不能为空") + @ApiModelProperty("头像(图片上传到公有桶:avatar目录下)") + private String avatar; + +} diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/vo/PasswordChange2VO.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/vo/PasswordChange2VO.java new file mode 100644 index 000000000..6d97ac46c --- /dev/null +++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/vo/PasswordChange2VO.java @@ -0,0 +1,25 @@ +package com.ruoyi.web.controller.system.vo; + +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import lombok.Data; + +import javax.validation.constraints.NotEmpty; +import javax.validation.constraints.Pattern; + +/** + * @author liangyq + * @date 2025-06-05 15:41 + */ +@ApiModel +@Data +public class PasswordChange2VO { + + @NotEmpty(message = "旧密码不能为空") + @ApiModelProperty("旧密码") + private String oldPassword; + + @NotEmpty(message = "新密码不能为空") + @ApiModelProperty("新密码") + private String newPassword; +} diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/LogAspect.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/LogAspect.java index a5cde5d53..a1280c6d2 100644 --- a/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/LogAspect.java +++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/LogAspect.java @@ -87,7 +87,7 @@ public class LogAspect try { // 获取当前的用户 - LoginUser loginUser = SecurityUtils.getLoginUser(); + String loginUsername = SecurityUtils.getUsernameSafe(); // *========数据库日志=========*// SysOperLog operLog = new SysOperLog(); @@ -96,10 +96,9 @@ public class LogAspect String ip = IpUtils.getIpAddr(); operLog.setOperIp(ip); operLog.setOperUrl(StringUtils.substring(ServletUtils.getRequest().getRequestURI(), 0, 255)); - if (loginUser != null) + if (loginUsername != null) { - operLog.setOperName(loginUser.getUsername()); - SysUser currentUser = loginUser.getUser(); + operLog.setOperName(loginUsername); } if (e != null) diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java index 802c91265..2385d5a60 100644 --- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java +++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java @@ -114,7 +114,7 @@ public class SecurityConfig requests.antMatchers("/rest/v1/login/loginByUname", "/rest/v1/login/loginBySms", "/rest/v1/login/sendSmsVerificationCode", "/rest/v1/reg/registerStore", "/rest/v1/reg/registerSeller", "/rest/v1/reg/registerAgent", "/rest/v1/reg/sendSmsVerificationCode", "/rest/v1/reg/isPhoneNumberRegistered", "/rest/v1/captcha/image", - "/rest/v1/login/getBrowserId", "/rest/v1/login/getTokenByBrowserId").permitAll() + "/rest/v1/login/getBrowserId", "/rest/v1/login/getTokenByBrowserId", "/rest/v1/login/changePassword").permitAll() // 静态资源,可匿名访问 .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll() .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll() diff --git a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java index dbafcfb46..45e0cfdf1 100644 --- a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java +++ b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java @@ -293,7 +293,7 @@ public class SysUserServiceImpl implements ISysUserService { .eq(SysUser::getDelFlag, Constants.UNDELETED)); if (user != null) { user.setAvatar(avatar); - updateUserBase(user, false); + updateUserBase(user, true); return true; } } diff --git a/sql/ry_20240629.sql b/sql/ry_20240629.sql index e59090979..96f98bb2c 100644 --- a/sql/ry_20240629.sql +++ b/sql/ry_20240629.sql @@ -12,7 +12,7 @@ create table sys_user ( email varchar(50) default '' comment '用户邮箱', phonenumber varchar(11) default '' comment '手机号码', sex char(1) default '0' comment '用户性别(0男 1女 2未知)', - avatar varchar(100) default '' comment '头像地址', + avatar varchar(256) default '' comment '头像地址', password varchar(100) default '' comment '密码', status char(1) default '0' comment '帐号状态(0正常 1停用)', del_flag char(1) default '0' comment '删除标志(0代表存在 2代表删除)',