pull/1121/head
梁宇奇
parent
aa7257fc68
commit
cb7d85cfe0
|
|
@ -17,6 +17,7 @@ import com.ruoyi.common.enums.BusinessType;
|
|||
import com.ruoyi.common.exception.ServiceException;
|
||||
import com.ruoyi.common.utils.SecurityUtils;
|
||||
import com.ruoyi.framework.web.service.SysLoginService;
|
||||
import com.ruoyi.framework.web.service.SysPasswordService;
|
||||
import com.ruoyi.framework.web.service.TokenService;
|
||||
import com.ruoyi.system.service.ISysMenuService;
|
||||
import com.ruoyi.system.service.ISysRoleService;
|
||||
|
|
@ -62,6 +63,8 @@ public class SysLoginController {
|
|||
private RedisCache redisCache;
|
||||
@Autowired
|
||||
private AliAuthManager aliAuthManager;
|
||||
@Autowired
|
||||
private SysPasswordService passwordService;
|
||||
|
||||
/**
|
||||
* 登录方法
|
||||
|
|
@ -180,7 +183,8 @@ public class SysLoginController {
|
|||
public R changePassword(@Validated @RequestBody PasswordChangeVO vo) {
|
||||
loginService.validateSmsVerificationCode(vo.getPhoneNumber(), vo.getCode());
|
||||
UserInfo user = userService.getUserByPhoneNumber(vo.getPhoneNumber());
|
||||
userService.resetPassword(user.getUserId(), vo.getNewPassword());
|
||||
String username = userService.resetPassword(user.getUserId(), vo.getNewPassword());
|
||||
passwordService.clearLoginRecordCache(username);
|
||||
tokenService.deleteCacheUser(user.getUserId());
|
||||
return R.ok();
|
||||
}
|
||||
|
|
@ -197,7 +201,8 @@ public class SysLoginController {
|
|||
if (SecurityUtils.matchesPassword(password, vo.getNewPassword())) {
|
||||
return R.fail("新密码不能与旧密码相同");
|
||||
}
|
||||
userService.resetPassword(loginUser.getUserId(), vo.getNewPassword());
|
||||
String username = userService.resetPassword(loginUser.getUserId(), vo.getNewPassword());
|
||||
passwordService.clearLoginRecordCache(username);
|
||||
tokenService.deleteCacheUser(loginUser.getUserId());
|
||||
return R.ok();
|
||||
}
|
||||
|
|
|
|||
|
|
@ -19,6 +19,7 @@ import com.ruoyi.common.core.page.PageVO;
|
|||
import com.ruoyi.common.enums.BusinessType;
|
||||
import com.ruoyi.common.utils.poi.ExcelUtil;
|
||||
import com.ruoyi.framework.web.service.SysLoginService;
|
||||
import com.ruoyi.framework.web.service.SysPasswordService;
|
||||
import com.ruoyi.framework.web.service.TokenService;
|
||||
import com.ruoyi.system.service.ISysRoleService;
|
||||
import com.ruoyi.system.service.ISysUserService;
|
||||
|
|
@ -57,6 +58,8 @@ public class SysUserController extends BaseController {
|
|||
private TokenService tokenService;
|
||||
@Autowired
|
||||
private SysLoginService loginService;
|
||||
@Autowired
|
||||
private SysPasswordService passwordService;
|
||||
|
||||
@PreAuthorize("@ss.hasAnyRoles('admin,general_admin')")
|
||||
@ApiOperation(value = "用户分页查询 - 管理员")
|
||||
|
|
@ -167,7 +170,8 @@ public class SysUserController extends BaseController {
|
|||
@Log(title = "用户管理", businessType = BusinessType.UPDATE)
|
||||
@PostMapping("/resetPwd")
|
||||
public R resetPwd(@Validated @RequestBody PwdResetVO vo) {
|
||||
userService.resetPassword(vo.getId(), vo.getNewPwd());
|
||||
String username = userService.resetPassword(vo.getId(), vo.getNewPwd());
|
||||
passwordService.clearLoginRecordCache(username);
|
||||
return R.ok();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -83,7 +83,7 @@ user:
|
|||
# 密码最大错误次数
|
||||
maxRetryCount: 5
|
||||
# 密码锁定时间(默认10分钟)
|
||||
lockTime: 10
|
||||
lockTime: 30
|
||||
|
||||
# Spring配置
|
||||
spring:
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@ user.jcaptcha.expire=验证码已失效
|
|||
user.not.exists=用户不存在/密码错误
|
||||
user.password.not.match=用户不存在/密码错误
|
||||
user.password.retry.limit.count=密码输入错误{0}次
|
||||
user.password.retry.limit.exceed=密码输入错误{0}次,帐户锁定{1}分钟
|
||||
user.password.retry.limit.exceed=账号已锁定,请{0}分钟后重试或找回密码
|
||||
user.password.delete=对不起,您的账号已被删除
|
||||
user.blocked=用户已封禁,请联系管理员
|
||||
role.blocked=角色已封禁,请联系管理员
|
||||
|
|
|
|||
|
|
@ -9,8 +9,8 @@ public class UserPasswordRetryLimitExceedException extends UserException
|
|||
{
|
||||
private static final long serialVersionUID = 1L;
|
||||
|
||||
public UserPasswordRetryLimitExceedException(int retryLimitCount, int lockTime)
|
||||
public UserPasswordRetryLimitExceedException(Object lockTime)
|
||||
{
|
||||
super("user.password.retry.limit.exceed", new Object[] { retryLimitCount, lockTime });
|
||||
super("user.password.retry.limit.exceed", new Object[] { lockTime });
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -256,7 +256,7 @@ public class SysLoginService {
|
|||
public void validateSmsVerificationCode(String phoneNumber, String code) {
|
||||
boolean match = smsClient.matchVerificationCode(CacheConstants.SMS_LOGIN_CAPTCHA_CODE_KEY, phoneNumber, code);
|
||||
if (!match) {
|
||||
throw new ServiceException("验证码错误");
|
||||
throw new ServiceException("验证码错误或已过期");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,5 +1,6 @@
|
|||
package com.ruoyi.framework.web.service;
|
||||
|
||||
import cn.hutool.core.util.StrUtil;
|
||||
import com.ruoyi.common.constant.CacheConstants;
|
||||
import com.ruoyi.common.core.domain.entity.SysUser;
|
||||
import com.ruoyi.common.core.redis.RedisCache;
|
||||
|
|
@ -44,7 +45,8 @@ public class SysPasswordService
|
|||
{
|
||||
String username = user.getUserName();
|
||||
|
||||
Integer retryCount = redisCache.getCacheObject(getCacheKey(username));
|
||||
String cacheKey = getCacheKey(username);
|
||||
Integer retryCount = redisCache.getCacheObject(cacheKey);
|
||||
|
||||
if (retryCount == null)
|
||||
{
|
||||
|
|
@ -53,13 +55,14 @@ public class SysPasswordService
|
|||
|
||||
if (retryCount >= Integer.valueOf(maxRetryCount).intValue())
|
||||
{
|
||||
throw new UserPasswordRetryLimitExceedException(maxRetryCount, lockTime);
|
||||
long expire = redisCache.getExpire(cacheKey) / 60;
|
||||
throw new UserPasswordRetryLimitExceedException(expire);
|
||||
}
|
||||
|
||||
if (!matches(user, password))
|
||||
{
|
||||
retryCount = retryCount + 1;
|
||||
redisCache.setCacheObject(getCacheKey(username), retryCount, lockTime, TimeUnit.MINUTES);
|
||||
redisCache.setCacheObject(cacheKey, retryCount, lockTime, TimeUnit.MINUTES);
|
||||
throw new UserPasswordNotMatchException();
|
||||
}
|
||||
else
|
||||
|
|
@ -76,9 +79,13 @@ public class SysPasswordService
|
|||
|
||||
public void clearLoginRecordCache(String loginName)
|
||||
{
|
||||
if (redisCache.hasKey(getCacheKey(loginName)))
|
||||
if (StrUtil.isEmpty(loginName)) {
|
||||
return;
|
||||
}
|
||||
String cacheKey = getCacheKey(loginName);
|
||||
if (redisCache.hasKey(cacheKey))
|
||||
{
|
||||
redisCache.deleteObject(getCacheKey(loginName));
|
||||
redisCache.deleteObject(cacheKey);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -93,8 +93,9 @@ public interface ISysUserService {
|
|||
*
|
||||
* @param userId
|
||||
* @param password
|
||||
* @return username
|
||||
*/
|
||||
void resetPassword(Long userId, String password);
|
||||
String resetPassword(Long userId, String password);
|
||||
|
||||
/**
|
||||
* 更新登录信息
|
||||
|
|
|
|||
|
|
@ -176,14 +176,14 @@ public class SysUserServiceImpl implements ISysUserService {
|
|||
|
||||
@Transactional(rollbackFor = Exception.class)
|
||||
@Override
|
||||
public void resetPassword(Long userId, String password) {
|
||||
public String resetPassword(Long userId, String password) {
|
||||
if (userId == null || StrUtil.isEmpty(password)) {
|
||||
return;
|
||||
return null;
|
||||
}
|
||||
SysUser user = userMapper.selectById(userId);
|
||||
user.setPassword(SecurityUtils.encryptPassword(password));
|
||||
updateUserBase(user, true);
|
||||
return;
|
||||
return user.getUserName();
|
||||
}
|
||||
|
||||
@Transactional(rollbackFor = Exception.class)
|
||||
|
|
|
|||
|
|
@ -365,7 +365,7 @@ public class AssetServiceImpl implements IAssetService {
|
|||
private void validateSmsVerificationCode(String phoneNumber, String code) {
|
||||
boolean match = smsClient.matchVerificationCode(CacheConstants.SMS_ASSET_CAPTCHA_CODE_KEY, phoneNumber, code);
|
||||
if (!match) {
|
||||
throw new ServiceException("验证码错误");
|
||||
throw new ServiceException("验证码错误或已过期");
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue