P2022036_Service.git

13693261870

2022-10-14 ecf63aff47102489b5b067effc1214fccb6173ba

已修改3个文件

	src/main/java/com/lf/server/controller/sys/UserController.java	81 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	src/main/java/com/lf/server/service/sys/UserService.java	64 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	src/main/resources/templates/login.html	2 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史

 src/main/java/com/lf/server/controller/sys/UserController.java

@@ -126,6 +126,35 @@
    }

    @SysLog()
    @ApiOperation(value = "根据ID查询")
    @ApiImplicitParams({
            @ApiImplicitParam(name = "id", value = "ID", dataType = "Integer", paramType = "query", example = "1")
    })
    @GetMapping(value = "/selectUser")
    public ResponseMsg<UserEntity> selectUser(int id) {
        try {
            UserEntity userEntity = userService.selectUser(id);

            return success(userEntity);
        } catch (Exception ex) {
            return fail(ex.getMessage(), null);
        }
    }

    @SysLog()
    @ApiOperation(value = "查询所有")
    @GetMapping(value = "/selectUserAll")
    public ResponseMsg<List<UserEntity>> selectUserAll() {
        try {
            List<UserEntity> list = userService.selectUserAll();

            return success(list);
        } catch (Exception ex) {
            return fail(ex.getMessage(), null);
        }
    }

    @SysLog()
    @ApiOperation(value = "插入一条")
    @ApiImplicitParams({
            @ApiImplicitParam(name = "entity", value = "实体类", dataType = "com.lf.server.entity.data.UserEntity", paramType = "body", example = "")
@@ -133,6 +162,11 @@
    @PostMapping(value = "/insertUser", produces = "application/json; charset=UTF-8")
    public ResponseMsg<Integer> insertUser(@RequestBody UserEntity entity, HttpServletRequest req) {
        try {
            String str = userService.ValidateNewPwd(entity);
            if (str != null) {
                return fail(str, -1);
            }

            UserEntity ue = tokenService.getCurrentUser(req);
            if (ue != null) {
                entity.setCreateUser(ue.getId());
@@ -154,9 +188,18 @@
    @PostMapping(value = "/insertUsers", produces = "application/json; charset=UTF-8")
    public ResponseMsg<Integer> insertUsers(@RequestBody List<UserEntity> list, HttpServletRequest req) {
        try {
            if (list == null || list.isEmpty()) {
                return fail("实体类集合为空", -1);
            }

            UserEntity ue = tokenService.getCurrentUser(req);
            if (ue != null) {
                for (UserEntity entity : list) {
            for (UserEntity entity : list) {
                String str = userService.ValidateNewPwd(entity);
                if (str != null) {
                    return fail(str, -1);
                }

                if (ue != null) {
                    entity.setCreateUser(ue.getId());
                }
            }
@@ -214,6 +257,11 @@
    @PostMapping(value = "/updateUser", produces = "application/json; charset=UTF-8")
    public ResponseMsg<Integer> updateUser(@RequestBody UserEntity entity, HttpServletRequest req) {
        try {
            String str = userService.ValidateOldPwd(entity);
            if (str != null) {
                return fail(str, -1);
            }

            UserEntity ue = tokenService.getCurrentUser(req);
            if (ue != null) {
                entity.setUpdateUser(ue.getId());
@@ -224,35 +272,6 @@
            return success(count);
        } catch (Exception ex) {
            return fail(ex.getMessage(), -1);
        }
    }

    @SysLog()
    @ApiOperation(value = "根据ID查询")
    @ApiImplicitParams({
            @ApiImplicitParam(name = "id", value = "ID", dataType = "Integer", paramType = "query", example = "1")
    })
    @GetMapping(value = "/selectUser")
    public ResponseMsg<UserEntity> selectUser(int id) {
        try {
            UserEntity userEntity = userService.selectUser(id);

            return success(userEntity);
        } catch (Exception ex) {
            return fail(ex.getMessage(), null);
        }
    }

    @SysLog()
    @ApiOperation(value = "查询所有")
    @GetMapping(value = "/selectUserAll")
    public ResponseMsg<List<UserEntity>> selectUserAll() {
        try {
            List<UserEntity> list = userService.selectUserAll();

            return success(list);
        } catch (Exception ex) {
            return fail(ex.getMessage(), null);
        }
    }


 src/main/java/com/lf/server/service/sys/UserService.java

@@ -1,6 +1,8 @@
package com.lf.server.service.sys;

import com.lf.server.entity.sys.UserEntity;
import com.lf.server.helper.Md5Helper;
import com.lf.server.helper.RsaHelper;
import com.lf.server.helper.StringHelper;
import com.lf.server.mapper.sys.UserMapper;
import org.springframework.beans.factory.annotation.Autowired;
@@ -91,4 +93,66 @@

        return userMapper.selectByPageForRole(uname, roleid, depid, limit, offset);
    }

    /**
     * 验证新用户密码
     */
    public String ValidateNewPwd(UserEntity entity) {
        if (entity == null) {
            return "没有找到用户";
        }
        if (StringHelper.isEmpty(entity.getPwd())) {
            return "密码不能为空";
        }

        try {
            String pwd = RsaHelper.decrypt(entity.getPwd());
            if (!StringHelper.checkPwdValid(pwd)) {
                return "密码不符合要求";
            }

            String newPwd = Md5Helper.reverse(Md5Helper.generate(pwd));
            entity.setPwd(newPwd);

            return null;
        } catch (Exception ex) {
            return "密码解密失败";
        }
    }

    /**
     * 验证老用户密码
     */
    public String ValidateOldPwd(UserEntity entity) {
        if (entity == null) {
            return "没有找到用户";
        }
        if (StringHelper.isEmpty(entity.getPwd())) {
            return "用户密码不能为空";
        }

        try {
            String pwd = RsaHelper.decrypt(entity.getPwd());
            String salt = RsaHelper.decrypt(entity.getSalt());

            UserEntity ue = selectUser(entity.getId());
            if (ue == null) {
                return "没有找到用户";
            }
            if (!Md5Helper.validatePassword(pwd, ue.getPwd())) {
                return "旧密码输入错误";
            }
            if (!StringHelper.checkPwdValid(salt)) {
                return "密码不符合要求";
            }

            String newPwd = Md5Helper.reverse(Md5Helper.generate(salt));
            entity.setPwd(newPwd);
            entity.setSalt("");

            return null;
        } catch (Exception ex) {
            return "密码解密失败";
        }
    }
}

 src/main/resources/templates/login.html

@@ -355,7 +355,7 @@
    // 密码是否合规
    function isValid(pwd) {
      if (pwd) {
        var regex = new RegExp('^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z\W!@#$%^&*`~()\\-_+=,.?;<>]+$)(?![a-z0-9]+$)(?![a-z\W!@#$%^&*`~()\\-_+=,.?;<>]+$)(?![0-9\W!@#$%^&*`~()\\-_+=,.?;<>]+$)[a-zA-Z0-9\W!@#$%^&*`~()\\-_+=,.?;<>]{16,30}$');
        var regex = new RegExp('^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z\W!@#$%^&*`~()\\-_+=,.?;<>]+$)(?![a-z0-9]+$)(?![a-z\W!@#$%^&*`~()\\-_+=,.?;<>]+$)(?![0-9\W!@#$%^&*`~()\\-_+=,.?;<>]+$)[a-zA-Z0-9\W!@#$%^&*`~()\\-_+=,.?;<>]{8,20}$');
        return regex.test(pwd)
      }
      return false;

			@@ -126,6 +126,35 @@
			}

			@SysLog()
			@ApiOperation(value = "根据ID查询")
			@ApiImplicitParams({
			@ApiImplicitParam(name = "id", value = "ID", dataType = "Integer", paramType = "query", example = "1")
			})
			@GetMapping(value = "/selectUser")
			public ResponseMsg<UserEntity> selectUser(int id) {
			try {
			UserEntity userEntity = userService.selectUser(id);

			return success(userEntity);
			} catch (Exception ex) {
			return fail(ex.getMessage(), null);
			}
			}

			@SysLog()
			@ApiOperation(value = "查询所有")
			@GetMapping(value = "/selectUserAll")
			public ResponseMsg<List<UserEntity>> selectUserAll() {
			try {
			List<UserEntity> list = userService.selectUserAll();

			return success(list);
			} catch (Exception ex) {
			return fail(ex.getMessage(), null);
			}
			}

			@SysLog()
			@ApiOperation(value = "插入一条")
			@ApiImplicitParams({
			@ApiImplicitParam(name = "entity", value = "实体类", dataType = "com.lf.server.entity.data.UserEntity", paramType = "body", example = "")
			@@ -133,6 +162,11 @@
			@PostMapping(value = "/insertUser", produces = "application/json; charset=UTF-8")
			public ResponseMsg<Integer> insertUser(@RequestBody UserEntity entity, HttpServletRequest req) {
			try {
			String str = userService.ValidateNewPwd(entity);
			if (str != null) {
			return fail(str, -1);
			}

			UserEntity ue = tokenService.getCurrentUser(req);
			if (ue != null) {
			entity.setCreateUser(ue.getId());
			@@ -154,9 +188,18 @@
			@PostMapping(value = "/insertUsers", produces = "application/json; charset=UTF-8")
			public ResponseMsg<Integer> insertUsers(@RequestBody List<UserEntity> list, HttpServletRequest req) {
			try {
			if (list == null \|\| list.isEmpty()) {
			return fail("实体类集合为空", -1);
			}

			UserEntity ue = tokenService.getCurrentUser(req);
			if (ue != null) {
			for (UserEntity entity : list) {
			for (UserEntity entity : list) {
			String str = userService.ValidateNewPwd(entity);
			if (str != null) {
			return fail(str, -1);
			}

			if (ue != null) {
			entity.setCreateUser(ue.getId());
			}
			}
			@@ -214,6 +257,11 @@
			@PostMapping(value = "/updateUser", produces = "application/json; charset=UTF-8")
			public ResponseMsg<Integer> updateUser(@RequestBody UserEntity entity, HttpServletRequest req) {
			try {
			String str = userService.ValidateOldPwd(entity);
			if (str != null) {
			return fail(str, -1);
			}

			UserEntity ue = tokenService.getCurrentUser(req);
			if (ue != null) {
			entity.setUpdateUser(ue.getId());
			@@ -224,35 +272,6 @@
			return success(count);
			} catch (Exception ex) {
			return fail(ex.getMessage(), -1);
			}
			}

			@SysLog()
			@ApiOperation(value = "根据ID查询")
			@ApiImplicitParams({
			@ApiImplicitParam(name = "id", value = "ID", dataType = "Integer", paramType = "query", example = "1")
			})
			@GetMapping(value = "/selectUser")
			public ResponseMsg<UserEntity> selectUser(int id) {
			try {
			UserEntity userEntity = userService.selectUser(id);

			return success(userEntity);
			} catch (Exception ex) {
			return fail(ex.getMessage(), null);
			}
			}

			@SysLog()
			@ApiOperation(value = "查询所有")
			@GetMapping(value = "/selectUserAll")
			public ResponseMsg<List<UserEntity>> selectUserAll() {
			try {
			List<UserEntity> list = userService.selectUserAll();

			return success(list);
			} catch (Exception ex) {
			return fail(ex.getMessage(), null);
			}
			}

			@@ -1,6 +1,8 @@
			package com.lf.server.service.sys;

			import com.lf.server.entity.sys.UserEntity;
			import com.lf.server.helper.Md5Helper;
			import com.lf.server.helper.RsaHelper;
			import com.lf.server.helper.StringHelper;
			import com.lf.server.mapper.sys.UserMapper;
			import org.springframework.beans.factory.annotation.Autowired;
			@@ -91,4 +93,66 @@

			return userMapper.selectByPageForRole(uname, roleid, depid, limit, offset);
			}

			/**
			* 验证新用户密码
			*/
			public String ValidateNewPwd(UserEntity entity) {
			if (entity == null) {
			return "没有找到用户";
			}
			if (StringHelper.isEmpty(entity.getPwd())) {
			return "密码不能为空";
			}

			try {
			String pwd = RsaHelper.decrypt(entity.getPwd());
			if (!StringHelper.checkPwdValid(pwd)) {
			return "密码不符合要求";
			}

			String newPwd = Md5Helper.reverse(Md5Helper.generate(pwd));
			entity.setPwd(newPwd);

			return null;
			} catch (Exception ex) {
			return "密码解密失败";
			}
			}

			/**
			* 验证老用户密码
			*/
			public String ValidateOldPwd(UserEntity entity) {
			if (entity == null) {
			return "没有找到用户";
			}
			if (StringHelper.isEmpty(entity.getPwd())) {
			return "用户密码不能为空";
			}

			try {
			String pwd = RsaHelper.decrypt(entity.getPwd());
			String salt = RsaHelper.decrypt(entity.getSalt());

			UserEntity ue = selectUser(entity.getId());
			if (ue == null) {
			return "没有找到用户";
			}
			if (!Md5Helper.validatePassword(pwd, ue.getPwd())) {
			return "旧密码输入错误";
			}
			if (!StringHelper.checkPwdValid(salt)) {
			return "密码不符合要求";
			}

			String newPwd = Md5Helper.reverse(Md5Helper.generate(salt));
			entity.setPwd(newPwd);
			entity.setSalt("");

			return null;
			} catch (Exception ex) {
			return "密码解密失败";
			}
			}
			}

			@@ -355,7 +355,7 @@
			// 密码是否合规
			function isValid(pwd) {
			if (pwd) {
			var regex = new RegExp('^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z\W!@#$%^&`~()\\-_+=,.?;<>]+$)(?![a-z0-9]+$)(?![a-z\W!@#$%^&`~()\\-_+=,.?;<>]+$)(?![0-9\W!@#$%^&`~()\\-_+=,.?;<>]+$)[a-zA-Z0-9\W!@#$%^&`~()\\-_+=,.?;<>]{16,30}$');
			var regex = new RegExp('^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z\W!@#$%^&`~()\\-_+=,.?;<>]+$)(?![a-z0-9]+$)(?![a-z\W!@#$%^&`~()\\-_+=,.?;<>]+$)(?![0-9\W!@#$%^&`~()\\-_+=,.?;<>]+$)[a-zA-Z0-9\W!@#$%^&`~()\\-_+=,.?;<>]{8,20}$');
			return regex.test(pwd)
			}
			return false;