I3_YF_SEAT
/
impp-core
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

refactor(core): 支持用户密码过期

Browse Source 
commit21.4.7
yun-zuoyi
wynne1005 4 years ago
parent 9f317beec3
commit 480fadb6b5
7 changed files with 158 additions and 42 deletions
Show Stats Download Patch File Download Diff File

5
modules/i3plus-core-api/src/main/java/cn/estsh/i3plus/core/api/iservice/busi/ISysUserPasswordService.java
Unescape Escape View File

@ -4,8 +4,6 @@ import cn.estsh.i3plus.pojo.platform.bean.SysUserPassword;
import cn.estsh.impp.framework.base.service.ICrudService;
import io.swagger.annotations.ApiOperation;
import java.util.List;
/**
* @Description :
* @Reference :
@ -24,6 +22,9 @@ public interface ISysUserPasswordService extends ICrudService<SysUserPassword> {
@ApiOperation(value = "修改用户密码")
void updatePassword(Long userId,String password,String newPwd);
@ApiOperation(value = "修改用户密码")
void updatePassword(String loginName,String password,String newPwd);
@ApiOperation(value = "重置用户密码")
void updatePassword(Long userId,String password);

5
modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/controller/base/WhiteController.java
Unescape Escape View File

@ -47,6 +47,7 @@ import io.swagger.annotations.ApiOperation;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.CredentialsException;
import org.apache.shiro.authc.ExpiredCredentialsException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
@ -316,8 +317,10 @@ public class WhiteController extends CoreBaseController {
} catch (IncorrectCredentialsException e) {
result = ResultBean.fail(ImppExceptionEnum.LOGIN_EXCEPTION_USER_PASSWORD);
userPasswordUtil.checkLoginErrorNumber(loginModel.getLoginName(), result, e);
userLoginStatus = CommonEnumUtil.USER_LOGIN_STATUS.WRONG_PASSWORD;
} catch (ExpiredCredentialsException e) {
result = ResultBean.fail(ImppExceptionEnum.LOGIN_EXCEPTION_PASSWORD_EXPIRED);
userLoginStatus = CommonEnumUtil.USER_LOGIN_STATUS.WRONG_USERNAME_OR_PASSWORD;
} catch (CredentialsException e) {
// 用户名或密码错误
result = ResultBean.fail(ImppExceptionEnum.LOGIN_EXCEPTION_USER_NAME);

19
modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/controller/busi/PersonnelController.java
Unescape Escape View File

@ -89,6 +89,7 @@ public class PersonnelController extends CoreBaseController {
/**
*
*
* @param model
* @return
*/
@ -147,6 +148,7 @@ public class PersonnelController extends CoreBaseController {
user.setOrganizeNameRdd(userOrganize.getName());
user.setOrganizeCode(userOrganize.getOrganizeCode());
user.setUserInfoId(info.getId());
user.setUserPasswordLastModifyTime(TimeTool.getNowTime(true));
refreshSysUserPassword(user);
personnelService.saveSysUser(user);
@ -167,6 +169,7 @@ public class PersonnelController extends CoreBaseController {
/**
*
*
* @param model
* @return
*/
@ -256,6 +259,7 @@ public class PersonnelController extends CoreBaseController {
/**
*
*
* @param model
* @return
*/
@ -290,6 +294,7 @@ public class PersonnelController extends CoreBaseController {
/**
*
*
* @param id id
* @return
*/
@ -330,6 +335,7 @@ public class PersonnelController extends CoreBaseController {
/**
*
*
* @param id id
* @return
*/
@ -359,6 +365,7 @@ public class PersonnelController extends CoreBaseController {
/**
*
*
* @param id id
* @return
*/
@ -389,6 +396,7 @@ public class PersonnelController extends CoreBaseController {
/**
* id
*
* @param ids id
* @return
*/
@ -434,6 +442,7 @@ public class PersonnelController extends CoreBaseController {
/**
*
*
* @param id id
* @return
*/
@ -464,6 +473,7 @@ public class PersonnelController extends CoreBaseController {
/**
* id
*
* @param ids ids
* @return
*/
@ -509,6 +519,7 @@ public class PersonnelController extends CoreBaseController {
/**
*
*
* @param model
* @return
*/
@ -538,6 +549,7 @@ public class PersonnelController extends CoreBaseController {
/**
*
*
* @param model
* @return
*/
@ -564,6 +576,7 @@ public class PersonnelController extends CoreBaseController {
/**
*
*
* @param model
* @return
*/
@ -582,6 +595,7 @@ public class PersonnelController extends CoreBaseController {
/**
*
*
* @param model
* @return
*/
@ -600,6 +614,7 @@ public class PersonnelController extends CoreBaseController {
/**
*
*
* @param model
* @return
*/
@ -618,6 +633,7 @@ public class PersonnelController extends CoreBaseController {
/**
*
*
* @return
*/
@GetMapping(value = "/user/get-organize-list")
@ -781,6 +797,7 @@ public class PersonnelController extends CoreBaseController {
/**
* code
*
* @param code
* @return
*/
@ -801,6 +818,7 @@ public class PersonnelController extends CoreBaseController {
/**
*
*
* @return
*/
@GetMapping(value = "/organize/list")
@ -820,6 +838,7 @@ public class PersonnelController extends CoreBaseController {
/**
*
*
* @return
*/
@GetMapping(value = "/license")

43
modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/controller/busi/SysUserController.java
Unescape Escape View File

@ -1,8 +1,13 @@
package cn.estsh.i3plus.core.apiservice.controller.busi;
import cn.estsh.i3plus.core.api.iservice.busi.*;
import cn.estsh.i3plus.core.apiservice.util.SysUserPasswordUtil;
import cn.estsh.i3plus.core.api.iservice.busi.ICoreMemTreeService;
import cn.estsh.i3plus.core.api.iservice.busi.IPersonnelService;
import cn.estsh.i3plus.core.api.iservice.busi.ISysMessageService;
import cn.estsh.i3plus.core.api.iservice.busi.ISysUserInfoService;
import cn.estsh.i3plus.core.api.iservice.busi.ISysUserPasswordService;
import cn.estsh.i3plus.core.api.iservice.busi.ISysUserService;
import cn.estsh.i3plus.platform.common.convert.ConvertBean;
import cn.estsh.i3plus.platform.common.exception.ImppExceptionEnum;
import cn.estsh.i3plus.platform.common.tool.EncryptTool;
import cn.estsh.i3plus.platform.common.tool.StringTool;
import cn.estsh.i3plus.platform.common.tool.TimeTool;
@ -13,12 +18,16 @@ import cn.estsh.i3plus.pojo.base.common.Pager;
import cn.estsh.i3plus.pojo.base.enumutil.CommonEnumUtil;
import cn.estsh.i3plus.pojo.base.enumutil.ImppEnumUtil;
import cn.estsh.i3plus.pojo.base.enumutil.ResourceEnumUtil;
import cn.estsh.i3plus.pojo.platform.bean.*;
import cn.estsh.i3plus.pojo.platform.bean.SessionUser;
import cn.estsh.i3plus.pojo.platform.bean.SysMessage;
import cn.estsh.i3plus.pojo.platform.bean.SysRefUserDepartment;
import cn.estsh.i3plus.pojo.platform.bean.SysRefUserRole;
import cn.estsh.i3plus.pojo.platform.bean.SysUser;
import cn.estsh.i3plus.pojo.platform.bean.SysUserInfo;
import cn.estsh.impp.framework.base.controller.CoreBaseController;
import cn.estsh.impp.framework.boot.auth.AuthUtil;
import cn.estsh.impp.framework.boot.exception.ImppBusiException;
import cn.estsh.impp.framework.boot.exception.ImppExceptionBuilder;
import cn.estsh.i3plus.platform.common.exception.ImppExceptionEnum;
import cn.estsh.impp.framework.boot.util.ResultBean;
import cn.estsh.impp.framework.boot.util.ValidatorBean;
import io.swagger.annotations.Api;
@ -27,7 +36,13 @@ import org.apache.commons.lang3.RandomStringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import java.util.ArrayList;
import java.util.List;
@ -270,6 +285,24 @@ public class SysUserController extends CoreBaseController{
}
}
@PutMapping(value = "/update-expired-password")
@ApiOperation(value = "修改密码", notes = "修改当前登录用户密码")
public ResultBean updateSysUserPassword(String loginName,String password,String newPwd) {
try {
// 数据校验
ValidatorBean.checkNotNull(password, "旧密码不能为空");
ValidatorBean.checkNotNull(newPwd, "新密码不能为空");
ValidatorBean.checkNotNull(loginName, "用户名不能为空");
userPasswordService.updatePassword(loginName,password,newPwd.trim());
return ResultBean.success("操作成功").setCode(ResourceEnumUtil.MESSAGE.SUCCESS.getCode());
} catch(ImppBusiException busExcep){
return ResultBean.fail(busExcep);
}catch(Exception e){
return ImppExceptionBuilder.newInstance().buildExceptionResult(e);
}
}
/**
*
* @return

42
modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/serviceimpl/base/login/strategy/DefaultLoginStrategy.java
Unescape Escape View File

@ -2,24 +2,32 @@ package cn.estsh.i3plus.core.apiservice.serviceimpl.base.login.strategy;
import cn.estsh.i3plus.core.api.iservice.base.ISystemLoginService;
import cn.estsh.i3plus.core.api.iservice.base.ISystemLoginStrategyService;
import cn.estsh.i3plus.core.api.iservice.busi.ILicenseClickService;
import cn.estsh.i3plus.core.api.iservice.busi.ISysUserService;
import cn.estsh.i3plus.platform.common.util.CommonConstWords;
import cn.estsh.i3plus.pojo.base.bean.BaseThreadLocal;
import cn.estsh.i3plus.pojo.base.enumutil.CommonEnumUtil;
import cn.estsh.i3plus.pojo.model.platform.SysLoginModel;
import cn.estsh.i3plus.pojo.platform.bean.SessionUser;
import cn.estsh.i3plus.pojo.platform.bean.SysConfig;
import cn.estsh.i3plus.pojo.platform.bean.SysUser;
import cn.estsh.impp.framework.boot.auth.AuthUtil;
import cn.estsh.impp.framework.boot.exception.ImppBusiException;
import cn.estsh.impp.framework.boot.util.ImppRedis;
import cn.estsh.impp.framework.boot.util.RedisCacheTool;
import cn.estsh.impp.framework.boot.util.ResultBean;
import cn.estsh.impp.framework.boot.util.ValidatorBean;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.authc.ExpiredCredentialsException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.text.DateFormat;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.function.BiFunction;
import static cn.estsh.i3plus.platform.common.util.CommonConstWords.DEFAULT_LANGUAGE;
@ -37,9 +45,6 @@ public class DefaultLoginStrategy implements ISystemLoginStrategyService {
protected ImppRedis redisCore;
@Autowired
private ILicenseClickService licenseClickService;
@Autowired
private ISysUserService userService;
@Autowired
@ -65,6 +70,9 @@ public class DefaultLoginStrategy implements ISystemLoginStrategyService {
if (sessionMode != CommonEnumUtil.SESSION_MODE.SEIZE.getValue()) {
AuthUtil.logout();
}
// 已经对用户名和密码做过验证了
// 获取系统参数【密码过期时间】 进行密码有效时间判断
validatePasswordIsExpired(loginModel.getLoginName());
SessionUser user = userService.loginUser(
loginModel.getLoginName().trim(),
@ -84,4 +92,30 @@ public class DefaultLoginStrategy implements ISystemLoginStrategyService {
return result;
};
}
private void validatePasswordIsExpired(String loginName) {
SysConfig passwordExpireSwitch = RedisCacheTool.getSysConfigByConfigCode(CommonConstWords.CONFIG_PWD_EXPIRE_SWITCH);
if (passwordExpireSwitch != null
&& CommonEnumUtil.TRUE_OR_FALSE.TRUE.getValue() == Integer.parseInt(passwordExpireSwitch.getConfigValue())) {
SysConfig passwordExpireDays = RedisCacheTool.getSysConfigByConfigCode(CommonConstWords.CONFIG_PWD_EXPIRE_DAY_TIME);
if (passwordExpireDays != null && Integer.parseInt(passwordExpireDays.getConfigValue()) > 0) {
SysUser user = userService.getSysUserByLoginName(loginName);
if (StringUtils.isEmpty(user.getUserPasswordLastModifyTime())) {
throw new ExpiredCredentialsException("用户密码过期 请重新设置新密码");
} else {
DateFormat df = new SimpleDateFormat(CommonConstWords.DATE_TIME_FORMAT_HH_MM_SS_RISK);
Date lastModifyDate = null;
try {
lastModifyDate = df.parse(user.getUserPasswordLastModifyTime());
} catch (ParseException e) {
throw new ImppBusiException("验证用户密码登录时间,时间解析错误");
}
long dayGap = System.currentTimeMillis() - lastModifyDate.getTime() / (60 * 60 * 1000 * 24);
if ((int) dayGap >= Integer.parseInt(passwordExpireDays.getConfigValue())) {
throw new ExpiredCredentialsException("用户密码过期 请重新设置新密码");
}
}
}
}
}
}

21
modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/serviceimpl/busi/SysUserSavePasswordService.java
Unescape Escape View File

@ -15,14 +15,11 @@ import cn.estsh.impp.framework.base.service.CrudService;
import cn.estsh.impp.framework.boot.auth.AuthUtil;
import cn.estsh.impp.framework.boot.exception.ImppExceptionBuilder;
import cn.estsh.impp.framework.boot.util.ValidatorBean;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Primary;
import org.springframework.stereotype.Service;
import java.util.List;
/**
* @Description :
* @Reference :
@ -68,6 +65,23 @@ public class SysUserSavePasswordService extends CrudService<SysUserPassword> imp
}
@Override
public void updatePassword(String loginName, String password, String newPwd) {
SysUser user= userService.getSysUserByLoginName(loginName);
SysUserPassword userPassword = userPasswordRDao.getById(user.getUserLoginPasswordId());
ValidatorBean.checkNotNull(userPassword,"不存在的用户密码信息");
if(StringUtils.equals(userPassword.getUserPassword(),password)){
throw ImppExceptionBuilder.newInstance()
.setSystemID(CommonEnumUtil.SOFT_TYPE.CORE.getCode())
.setErrorCode(ImppExceptionEnum.NOT_CONFIG_EXCEPTION.getCode())
.setErrorDetail("原始密码错误")
.setErrorSolution("请重新操作")
.build();
}
updatePassword(user.getId(), newPwd);
}
@Override
public void updatePassword(Long userId, String password) {
SysUser user = userService.getSysUserById(userId);
ValidatorBean.checkNotNull(user,"不存在的用户信息");
@ -88,6 +102,7 @@ public class SysUserSavePasswordService extends CrudService<SysUserPassword> imp
SysUserPassword save = userPasswordRDao.save(pwd);
user.setUserLoginPasswordId(save.getId());
user.setUserPasswordLastModifyTime(TimeTool.getNowTime(true));
ConvertBean.serviceModelUpdate(user,AuthUtil.getSessionUser().getUserName());
userService.updateSysUser(user);
}

21
modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/serviceimpl/busi/SysUserService.java
Unescape Escape View File

@ -1,9 +1,9 @@
package cn.estsh.i3plus.core.apiservice.serviceimpl.busi;
import cn.estsh.i3plus.core.api.iservice.busi.*;
import cn.estsh.i3plus.core.apiservice.dao.IUserPermissionDao;
import cn.estsh.i3plus.core.apiservice.util.SysUserPasswordUtil;
import cn.estsh.i3plus.platform.common.convert.ConvertBean;
import cn.estsh.i3plus.platform.common.exception.ImppExceptionEnum;
import cn.estsh.i3plus.platform.common.tool.EncryptTool;
import cn.estsh.i3plus.platform.common.tool.StringTool;
import cn.estsh.i3plus.platform.common.tool.TimeTool;
@ -20,11 +20,15 @@ import cn.estsh.i3plus.pojo.base.shirotoken.UserToken;
import cn.estsh.i3plus.pojo.base.tool.DdlPreparedPack;
import cn.estsh.i3plus.pojo.base.tool.HqlPack;
import cn.estsh.i3plus.pojo.platform.bean.*;
import cn.estsh.i3plus.pojo.platform.repository.*;
import cn.estsh.i3plus.pojo.platform.repository.SysLogUserLoginRepository;
import cn.estsh.i3plus.pojo.platform.repository.SysRefUserDepartmentRepository;
import cn.estsh.i3plus.pojo.platform.repository.SysRefUserPositionRepository;
import cn.estsh.i3plus.pojo.platform.repository.SysRefUserRoleRepository;
import cn.estsh.i3plus.pojo.platform.repository.SysUserInfoRepository;
import cn.estsh.i3plus.pojo.platform.repository.SysUserRepository;
import cn.estsh.i3plus.pojo.platform.sqlpack.CoreHqlPack;
import cn.estsh.impp.framework.boot.auth.AuthUtil;
import cn.estsh.impp.framework.boot.exception.ImppExceptionBuilder;
import cn.estsh.i3plus.platform.common.exception.ImppExceptionEnum;
import cn.estsh.impp.framework.boot.util.ImppRedis;
import cn.estsh.impp.framework.boot.util.RedisCacheTool;
import cn.estsh.impp.framework.boot.util.ValidatorBean;
@ -42,7 +46,15 @@ import org.springframework.transaction.annotation.Propagation;
import org.springframework.transaction.annotation.Transactional;
import javax.annotation.Resource;
import java.util.*;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Comparator;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.stream.Collectors;
@ -124,7 +136,6 @@ public class SysUserService implements ISysUserService {
BaseToken token = getToken(loginName, password, languageCode, loginPlatform);
SessionUser sessionUser = AuthUtil.login(token);
SysUser user = this.getSysUserByLoginName(loginName);
if (user == null) {
throw new CredentialsException("用户不存在");
}

Write Preview
Loading…
Cancel
Save