mirror of
https://github.com/continew-org/continew-admin.git
synced 2025-09-08 12:57:13 +08:00
feat: SecureUtils 新增 decryptPasswordByRsaPrivateKey 方法统一处理密码解密
This commit is contained in:
@@ -36,7 +36,6 @@ import top.continew.admin.system.enums.PasswordPolicyEnum;
|
||||
import top.continew.admin.system.model.entity.user.UserDO;
|
||||
import top.continew.admin.system.model.resp.ClientResp;
|
||||
import top.continew.starter.cache.redisson.util.RedisUtils;
|
||||
import top.continew.starter.core.util.ExceptionUtils;
|
||||
import top.continew.starter.core.util.validation.CheckUtils;
|
||||
import top.continew.starter.core.util.validation.ValidationUtils;
|
||||
|
||||
@@ -58,12 +57,11 @@ public class AccountLoginHandler extends AbstractLoginHandler<AccountLoginReq> {
|
||||
@Override
|
||||
public LoginResp login(AccountLoginReq req, ClientResp client, HttpServletRequest request) {
|
||||
// 解密密码
|
||||
String rawPassword = ExceptionUtils.exToNull(() -> SecureUtils.decryptByRsaPrivateKey(req.getPassword()));
|
||||
ValidationUtils.throwIfBlank(rawPassword, "密码解密失败");
|
||||
String password = SecureUtils.decryptPasswordByRsaPrivateKey(req.getPassword(), "密码解密失败");
|
||||
// 验证用户名密码
|
||||
String username = req.getUsername();
|
||||
UserDO user = userService.getByUsername(username);
|
||||
boolean isError = ObjectUtil.isNull(user) || !passwordEncoder.matches(rawPassword, user.getPassword());
|
||||
boolean isError = ObjectUtil.isNull(user) || !passwordEncoder.matches(password, user.getPassword());
|
||||
// 检查账号锁定状态
|
||||
this.checkUserLocked(req.getUsername(), request, isError);
|
||||
ValidationUtils.throwIf(isError, "用户名或密码不正确");
|
||||
|
||||
@@ -18,7 +18,6 @@ package top.continew.admin.system.api;
|
||||
|
||||
import cn.dev33.satoken.stp.StpUtil;
|
||||
import cn.hutool.core.collection.ListUtil;
|
||||
import cn.hutool.core.util.ReUtil;
|
||||
import com.baomidou.mybatisplus.core.conditions.Wrapper;
|
||||
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
@@ -28,7 +27,6 @@ import top.continew.admin.common.api.tenant.PackageMenuApi;
|
||||
import top.continew.admin.common.api.tenant.TenantApi;
|
||||
import top.continew.admin.common.api.tenant.TenantDataApi;
|
||||
import top.continew.admin.common.constant.GlobalConstants;
|
||||
import top.continew.admin.common.constant.RegexConstants;
|
||||
import top.continew.admin.common.enums.DataScopeEnum;
|
||||
import top.continew.admin.common.enums.DisEnableStatusEnum;
|
||||
import top.continew.admin.common.enums.GenderEnum;
|
||||
@@ -47,8 +45,6 @@ import top.continew.admin.system.service.FileService;
|
||||
import top.continew.admin.system.service.RoleMenuService;
|
||||
import top.continew.admin.system.service.UserRoleService;
|
||||
import top.continew.starter.core.util.CollUtils;
|
||||
import top.continew.starter.core.util.ExceptionUtils;
|
||||
import top.continew.starter.core.util.validation.ValidationUtils;
|
||||
import top.continew.starter.extension.tenant.util.TenantUtils;
|
||||
|
||||
import java.time.LocalDateTime;
|
||||
@@ -187,15 +183,12 @@ public class TenantDataApiForSystemImpl implements TenantDataApi {
|
||||
*/
|
||||
private Long initUserData(TenantDTO tenant, Long deptId) {
|
||||
// 解密密码
|
||||
String rawPassword = ExceptionUtils.exToNull(() -> SecureUtils.decryptByRsaPrivateKey(tenant.getPassword()));
|
||||
ValidationUtils.throwIfNull(rawPassword, "密码解密失败");
|
||||
ValidationUtils.throwIf(!ReUtil
|
||||
.isMatch(RegexConstants.PASSWORD, rawPassword), "密码长度为 8-32 个字符,支持大小写字母、数字、特殊字符,至少包含字母和数字");
|
||||
String password = SecureUtils.decryptPasswordByRsaPrivateKey(tenant.getPassword(), "密码解密失败", true);
|
||||
// 初始化用户
|
||||
UserDO user = new UserDO();
|
||||
user.setUsername(tenant.getUsername());
|
||||
user.setNickname(RoleCodeEnum.TENANT_ADMIN.getDescription());
|
||||
user.setPassword(rawPassword);
|
||||
user.setPassword(password);
|
||||
user.setGender(GenderEnum.UNKNOWN);
|
||||
user.setDescription("系统初始用户");
|
||||
user.setStatus(DisEnableStatusEnum.ENABLE);
|
||||
|
||||
@@ -17,7 +17,6 @@
|
||||
package top.continew.admin.system.controller;
|
||||
|
||||
import cn.dev33.satoken.annotation.SaCheckPermission;
|
||||
import cn.hutool.core.util.ReUtil;
|
||||
import io.swagger.v3.oas.annotations.Operation;
|
||||
import io.swagger.v3.oas.annotations.Parameter;
|
||||
import io.swagger.v3.oas.annotations.enums.ParameterIn;
|
||||
@@ -31,7 +30,6 @@ import org.springframework.validation.annotation.Validated;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
import org.springframework.web.multipart.MultipartFile;
|
||||
import top.continew.admin.common.base.controller.BaseController;
|
||||
import top.continew.admin.common.constant.RegexConstants;
|
||||
import top.continew.admin.common.util.SecureUtils;
|
||||
import top.continew.admin.system.model.query.UserQuery;
|
||||
import top.continew.admin.system.model.req.user.UserImportReq;
|
||||
@@ -43,7 +41,6 @@ import top.continew.admin.system.model.resp.user.UserImportParseResp;
|
||||
import top.continew.admin.system.model.resp.user.UserImportResp;
|
||||
import top.continew.admin.system.model.resp.user.UserResp;
|
||||
import top.continew.admin.system.service.UserService;
|
||||
import top.continew.starter.core.util.ExceptionUtils;
|
||||
import top.continew.starter.core.util.validation.ValidationUtils;
|
||||
import top.continew.starter.extension.crud.annotation.CrudRequestMapping;
|
||||
import top.continew.starter.extension.crud.enums.Api;
|
||||
@@ -68,11 +65,8 @@ public class UserController extends BaseController<UserService, UserResp, UserDe
|
||||
@Override
|
||||
@Operation(summary = "新增数据", description = "新增数据")
|
||||
public IdResp<Long> create(@RequestBody @Valid UserReq req) {
|
||||
String rawPassword = ExceptionUtils.exToNull(() -> SecureUtils.decryptByRsaPrivateKey(req.getPassword()));
|
||||
ValidationUtils.throwIfNull(rawPassword, "密码解密失败");
|
||||
ValidationUtils.throwIf(!ReUtil
|
||||
.isMatch(RegexConstants.PASSWORD, rawPassword), "密码长度为 8-32 个字符,支持大小写字母、数字、特殊字符,至少包含字母和数字");
|
||||
req.setPassword(rawPassword);
|
||||
String password = SecureUtils.decryptPasswordByRsaPrivateKey(req.getPassword(), "密码解密失败", true);
|
||||
req.setPassword(password);
|
||||
return super.create(req);
|
||||
}
|
||||
|
||||
@@ -103,11 +97,8 @@ public class UserController extends BaseController<UserService, UserResp, UserDe
|
||||
@SaCheckPermission("system:user:resetPwd")
|
||||
@PatchMapping("/{id}/password")
|
||||
public void resetPassword(@RequestBody @Valid UserPasswordResetReq req, @PathVariable Long id) {
|
||||
String rawNewPassword = ExceptionUtils.exToNull(() -> SecureUtils.decryptByRsaPrivateKey(req.getNewPassword()));
|
||||
ValidationUtils.throwIfNull(rawNewPassword, "新密码解密失败");
|
||||
ValidationUtils.throwIf(!ReUtil
|
||||
.isMatch(RegexConstants.PASSWORD, rawNewPassword), "密码长度为 8-32 个字符,支持大小写字母、数字、特殊字符,至少包含字母和数字");
|
||||
req.setNewPassword(rawNewPassword);
|
||||
String newPassword = SecureUtils.decryptPasswordByRsaPrivateKey(req.getNewPassword(), "新密码解密失败", true);
|
||||
req.setNewPassword(newPassword);
|
||||
baseService.resetPassword(req, id);
|
||||
}
|
||||
|
||||
|
||||
@@ -49,7 +49,6 @@ import top.continew.admin.system.service.UserSocialService;
|
||||
import top.continew.starter.cache.redisson.util.RedisUtils;
|
||||
import top.continew.starter.core.exception.BadRequestException;
|
||||
import top.continew.starter.core.util.CollUtils;
|
||||
import top.continew.starter.core.util.ExceptionUtils;
|
||||
import top.continew.starter.core.util.validation.ValidationUtils;
|
||||
|
||||
import java.io.IOException;
|
||||
@@ -91,41 +90,33 @@ public class UserProfileController {
|
||||
@Operation(summary = "修改密码", description = "修改用户登录密码")
|
||||
@PatchMapping("/password")
|
||||
public void updatePassword(@RequestBody @Valid UserPasswordUpdateReq updateReq) {
|
||||
String rawOldPassword = ExceptionUtils.exToNull(() -> SecureUtils.decryptByRsaPrivateKey(updateReq
|
||||
.getOldPassword()));
|
||||
ValidationUtils.throwIfNull(rawOldPassword, DECRYPT_FAILED);
|
||||
String rawNewPassword = ExceptionUtils.exToNull(() -> SecureUtils.decryptByRsaPrivateKey(updateReq
|
||||
.getNewPassword()));
|
||||
ValidationUtils.throwIfNull(rawNewPassword, "新密码解密失败");
|
||||
userService.updatePassword(rawOldPassword, rawNewPassword, UserContextHolder.getUserId());
|
||||
String oldPassword = SecureUtils.decryptPasswordByRsaPrivateKey(updateReq.getOldPassword(), DECRYPT_FAILED);
|
||||
String newPassword = SecureUtils.decryptPasswordByRsaPrivateKey(updateReq.getNewPassword(), "新密码解密失败");
|
||||
userService.updatePassword(oldPassword, newPassword, UserContextHolder.getUserId());
|
||||
}
|
||||
|
||||
@Operation(summary = "修改手机号", description = "修改手机号")
|
||||
@PatchMapping("/phone")
|
||||
public void updatePhone(@RequestBody @Valid UserPhoneUpdateReq updateReq) {
|
||||
String rawOldPassword = ExceptionUtils.exToNull(() -> SecureUtils.decryptByRsaPrivateKey(updateReq
|
||||
.getOldPassword()));
|
||||
ValidationUtils.throwIfBlank(rawOldPassword, DECRYPT_FAILED);
|
||||
String oldPassword = SecureUtils.decryptPasswordByRsaPrivateKey(updateReq.getOldPassword(), DECRYPT_FAILED);
|
||||
String captchaKey = CacheConstants.CAPTCHA_KEY_PREFIX + updateReq.getPhone();
|
||||
String captcha = RedisUtils.get(captchaKey);
|
||||
ValidationUtils.throwIfBlank(captcha, CAPTCHA_EXPIRED);
|
||||
ValidationUtils.throwIfNotEqualIgnoreCase(updateReq.getCaptcha(), captcha, "验证码不正确");
|
||||
RedisUtils.delete(captchaKey);
|
||||
userService.updatePhone(updateReq.getPhone(), rawOldPassword, UserContextHolder.getUserId());
|
||||
userService.updatePhone(updateReq.getPhone(), oldPassword, UserContextHolder.getUserId());
|
||||
}
|
||||
|
||||
@Operation(summary = "修改邮箱", description = "修改用户邮箱")
|
||||
@PatchMapping("/email")
|
||||
public void updateEmail(@RequestBody @Valid UserEmailUpdateReq updateReq) {
|
||||
String rawOldPassword = ExceptionUtils.exToNull(() -> SecureUtils.decryptByRsaPrivateKey(updateReq
|
||||
.getOldPassword()));
|
||||
ValidationUtils.throwIfBlank(rawOldPassword, DECRYPT_FAILED);
|
||||
String oldPassword = SecureUtils.decryptPasswordByRsaPrivateKey(updateReq.getOldPassword(), DECRYPT_FAILED);
|
||||
String captchaKey = CacheConstants.CAPTCHA_KEY_PREFIX + updateReq.getEmail();
|
||||
String captcha = RedisUtils.get(captchaKey);
|
||||
ValidationUtils.throwIfBlank(captcha, CAPTCHA_EXPIRED);
|
||||
ValidationUtils.throwIfNotEqualIgnoreCase(updateReq.getCaptcha(), captcha, "验证码不正确");
|
||||
RedisUtils.delete(captchaKey);
|
||||
userService.updateEmail(updateReq.getEmail(), rawOldPassword, UserContextHolder.getUserId());
|
||||
userService.updateEmail(updateReq.getEmail(), oldPassword, UserContextHolder.getUserId());
|
||||
}
|
||||
|
||||
@Operation(summary = "查询绑定的三方账号", description = "查询绑定的三方账号")
|
||||
|
||||
Reference in New Issue
Block a user