refactor: 取消用户默认密码，改为表单填写密码

1.修复 Sonar 扫描问题
2.优化部分代码

continew-admin-webapi/src/main/java/top/charles7c/continew/admin/webapi/auth/SocialAuthController.java

@@ -63,7 +63,7 @@ public class SocialAuthController {
     @Operation(summary = "三方账号登录授权", description = "三方账号登录授权")
     @Parameter(name = "source", description = "来源", example = "gitee", in = ParameterIn.PATH)
     @GetMapping("/{source}")
-    public R authorize(@PathVariable String source) {
+    public R<String> authorize(@PathVariable String source) {
         AuthRequest authRequest = this.getAuthRequest(source);
         return R.ok("操作成功", authRequest.authorize(AuthStateUtils.createState()));
     }

continew-admin-webapi/src/main/java/top/charles7c/continew/admin/webapi/common/CaptchaController.java

@@ -105,7 +105,7 @@ public class CaptchaController {
 
     @Operation(summary = "获取邮箱验证码", description = "发送验证码到指定邮箱")
     @GetMapping("/mail")
-    public R getMailCaptcha(@NotBlank(message = "邮箱不能为空") @Pattern(regexp = RegexPool.EMAIL, message = "邮箱格式错误") String email) throws MessagingException {
+    public R<Void> getMailCaptcha(@NotBlank(message = "邮箱不能为空") @Pattern(regexp = RegexPool.EMAIL, message = "邮箱格式错误") String email) throws MessagingException {
         String limitKeyPrefix = CacheConstants.LIMIT_KEY_PREFIX;
         String captchaKeyPrefix = CacheConstants.CAPTCHA_KEY_PREFIX;
         String limitCaptchaKey = limitKeyPrefix + captchaKeyPrefix + email;
@@ -129,9 +129,9 @@ public class CaptchaController {
 
     @Operation(summary = "获取短信验证码", description = "发送验证码到指定手机号")
     @GetMapping("/sms")
-    public R getSmsCaptcha(@NotBlank(message = "手机号不能为空") @Pattern(regexp = RegexPool.MOBILE, message = "手机号格式错误") String phone,
-                           CaptchaVO captchaReq,
-                           HttpServletRequest request) {
+    public R<Void> getSmsCaptcha(@NotBlank(message = "手机号不能为空") @Pattern(regexp = RegexPool.MOBILE, message = "手机号格式错误") String phone,
+                                 CaptchaVO captchaReq,
+                                 HttpServletRequest request) {
         // 行为验证码校验
         ResponseModel verificationRes = captchaService.verification(captchaReq);
         ValidationUtils.throwIfNotEqual(verificationRes.getRepCode(), RepCodeEnum.SUCCESS.getCode(), verificationRes

continew-admin-webapi/src/main/java/top/charles7c/continew/admin/webapi/monitor/OnlineUserController.java

@@ -62,7 +62,7 @@ public class OnlineUserController {
     @Parameter(name = "token", description = "令牌", example = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJsb2dpblR5cGUiOiJsb2dpbiIsImxvZ2luSWQiOjEsInJuU3RyIjoiTUd6djdyOVFoeHEwdVFqdFAzV3M5YjVJRzh4YjZPSEUifQ.7q7U3ouoN7WPhH2kUEM7vPe5KF3G_qavSG-vRgIxKvE", in = ParameterIn.PATH)
     @SaCheckPermission("monitor:online:user:delete")
     @DeleteMapping("/{token}")
-    public R kickout(@PathVariable String token) {
+    public R<Void> kickout(@PathVariable String token) {
         String currentToken = StpUtil.getTokenValue();
         CheckUtils.throwIfEqual(token, currentToken, "不能强退自己");
         StpUtil.kickoutByTokenValue(token);

continew-admin-webapi/src/main/java/top/charles7c/continew/admin/webapi/system/AnnouncementController.java

@@ -56,8 +56,8 @@ public class AnnouncementController extends BaseController<AnnouncementService,
 
     @Override
     @SaCheckPermission("system:announcement:update")
-    public R update(@Validated(ValidateGroup.Crud.Update.class) @RequestBody AnnouncementReq req,
-                    @PathVariable Long id) {
+    public R<Void> update(@Validated(ValidateGroup.Crud.Update.class) @RequestBody AnnouncementReq req,
+                          @PathVariable Long id) {
         this.checkTime(req);
         return super.update(req, id);
     }

continew-admin-webapi/src/main/java/top/charles7c/continew/admin/webapi/system/MenuController.java

@@ -55,7 +55,7 @@ public class MenuController extends BaseController<MenuService, MenuResp, MenuRe
 
     @Override
     @SaCheckPermission("system:menu:update")
-    public R update(@Validated(ValidateGroup.Crud.Update.class) @RequestBody MenuReq req, @PathVariable Long id) {
+    public R<Void> update(@Validated(ValidateGroup.Crud.Update.class) @RequestBody MenuReq req, @PathVariable Long id) {
         this.checkPath(req);
         return super.update(req, id);
     }

continew-admin-webapi/src/main/java/top/charles7c/continew/admin/webapi/system/MessageController.java

@@ -61,7 +61,7 @@ public class MessageController {
     @Operation(summary = "删除数据", description = "删除数据")
     @Parameter(name = "ids", description = "ID 列表", example = "1,2", in = ParameterIn.PATH)
     @DeleteMapping("/{ids}")
-    public R delete(@PathVariable List<Long> ids) {
+    public R<Void> delete(@PathVariable List<Long> ids) {
         baseService.delete(ids);
         return R.ok("删除成功");
     }
@@ -69,7 +69,7 @@ public class MessageController {
     @Operation(summary = "标记已读", description = "将消息标记为已读状态")
     @Parameter(name = "ids", description = "消息ID列表", example = "1,2", in = ParameterIn.QUERY)
     @PatchMapping("/read")
-    public R readMessage(@RequestParam(required = false) List<Long> ids) {
+    public R<Void> readMessage(@RequestParam(required = false) List<Long> ids) {
         messageUserService.readMessage(ids);
         return R.ok();
     }

continew-admin-webapi/src/main/java/top/charles7c/continew/admin/webapi/system/OptionController.java

@@ -59,7 +59,7 @@ public class OptionController {
     @Operation(summary = "修改参数", description = "修改参数")
     @SaCheckPermission("system:config:update")
     @PatchMapping
-    public R update(@Validated @RequestBody List<OptionReq> req) {
+    public R<Void> update(@Validated @RequestBody List<OptionReq> req) {
         optionService.update(req);
         return R.ok();
     }
@@ -67,7 +67,7 @@ public class OptionController {
     @Operation(summary = "重置参数", description = "重置参数")
     @SaCheckPermission("system:config:reset")
     @PatchMapping("/value")
-    public R resetValue(@Validated @RequestBody OptionResetValueReq req) {
+    public R<Void> resetValue(@Validated @RequestBody OptionResetValueReq req) {
         optionService.resetValue(req);
         return R.ok();
     }

continew-admin-webapi/src/main/java/top/charles7c/continew/admin/webapi/system/UserCenterController.java

@@ -80,14 +80,14 @@ public class UserCenterController {
 
     @Operation(summary = "修改基础信息", description = "修改用户基础信息")
     @PatchMapping("/basic/info")
-    public R updateBasicInfo(@Validated @RequestBody UserBasicInfoUpdateReq req) {
+    public R<Void> updateBasicInfo(@Validated @RequestBody UserBasicInfoUpdateReq req) {
         userService.updateBasicInfo(req, LoginHelper.getUserId());
         return R.ok("修改成功");
     }
 
     @Operation(summary = "修改密码", description = "修改用户登录密码")
     @PatchMapping("/password")
-    public R updatePassword(@Validated @RequestBody UserPasswordUpdateReq updateReq) {
+    public R<Void> updatePassword(@Validated @RequestBody UserPasswordUpdateReq updateReq) {
         String rawOldPassword = ExceptionUtils.exToNull(() -> SecureUtils.decryptByRsaPrivateKey(updateReq
             .getOldPassword()));
         ValidationUtils.throwIfNull(rawOldPassword, "当前密码解密失败");
@@ -97,12 +97,12 @@ public class UserCenterController {
         ValidationUtils.throwIf(!ReUtil
             .isMatch(RegexConstants.PASSWORD, rawNewPassword), "密码长度为 6 到 32 位，可以包含字母、数字、下划线，特殊字符，同时包含字母和数字");
         userService.updatePassword(rawOldPassword, rawNewPassword, LoginHelper.getUserId());
-        return R.ok("修改成功");
+        return R.ok("修改成功，请牢记你的新密码");
     }
 
     @Operation(summary = "修改手机号", description = "修改手机号")
     @PatchMapping("/phone")
-    public R updatePhone(@Validated @RequestBody UserPhoneUpdateReq updateReq) {
+    public R<Void> updatePhone(@Validated @RequestBody UserPhoneUpdateReq updateReq) {
         String rawCurrentPassword = ExceptionUtils.exToNull(() -> SecureUtils.decryptByRsaPrivateKey(updateReq
             .getCurrentPassword()));
         ValidationUtils.throwIfBlank(rawCurrentPassword, "当前密码解密失败");
@@ -117,7 +117,7 @@ public class UserCenterController {
 
     @Operation(summary = "修改邮箱", description = "修改用户邮箱")
     @PatchMapping("/email")
-    public R updateEmail(@Validated @RequestBody UserEmailUpdateRequest updateReq) {
+    public R<Void> updateEmail(@Validated @RequestBody UserEmailUpdateRequest updateReq) {
         String rawCurrentPassword = ExceptionUtils.exToNull(() -> SecureUtils.decryptByRsaPrivateKey(updateReq
             .getCurrentPassword()));
         ValidationUtils.throwIfBlank(rawCurrentPassword, "当前密码解密失败");
@@ -147,7 +147,7 @@ public class UserCenterController {
     @Operation(summary = "绑定三方账号", description = "绑定三方账号")
     @Parameter(name = "source", description = "来源", example = "gitee", in = ParameterIn.PATH)
     @PostMapping("/social/{source}")
-    public R bindSocial(@PathVariable String source, @RequestBody AuthCallback callback) {
+    public R<Void> bindSocial(@PathVariable String source, @RequestBody AuthCallback callback) {
         AuthRequest authRequest = authRequestFactory.get(source);
         AuthResponse<AuthUser> response = authRequest.login(callback);
         ValidationUtils.throwIf(!response.ok(), response.getMsg());
@@ -159,7 +159,7 @@ public class UserCenterController {
     @Operation(summary = "解绑三方账号", description = "解绑三方账号")
     @Parameter(name = "source", description = "来源", example = "gitee", in = ParameterIn.PATH)
     @DeleteMapping("/social/{source}")
-    public R unbindSocial(@PathVariable String source) {
+    public R<Void> unbindSocial(@PathVariable String source) {
         userSocialService.deleteBySourceAndUserId(source, LoginHelper.getUserId());
         return R.ok("解绑成功");
     }

continew-admin-webapi/src/main/java/top/charles7c/continew/admin/webapi/system/UserController.java

@@ -16,26 +16,28 @@
 
 package top.charles7c.continew.admin.webapi.system;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
+import cn.hutool.core.util.ReUtil;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.enums.ParameterIn;
 import io.swagger.v3.oas.annotations.tags.Tag;
-
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.PatchMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RestController;
-
-import cn.dev33.satoken.annotation.SaCheckPermission;
-
-import top.charles7c.continew.admin.common.constant.SysConstants;
+import top.charles7c.continew.admin.common.constant.RegexConstants;
+import top.charles7c.continew.admin.common.util.SecureUtils;
 import top.charles7c.continew.admin.system.model.query.UserQuery;
+import top.charles7c.continew.admin.system.model.req.UserPasswordResetReq;
 import top.charles7c.continew.admin.system.model.req.UserReq;
 import top.charles7c.continew.admin.system.model.req.UserRoleUpdateReq;
 import top.charles7c.continew.admin.system.model.resp.UserDetailResp;
 import top.charles7c.continew.admin.system.model.resp.UserResp;
 import top.charles7c.continew.admin.system.service.UserService;
+import top.charles7c.continew.starter.core.util.ExceptionUtils;
+import top.charles7c.continew.starter.core.util.validate.ValidationUtils;
 import top.charles7c.continew.starter.extension.crud.annotation.CrudRequestMapping;
 import top.charles7c.continew.starter.extension.crud.controller.BaseController;
 import top.charles7c.continew.starter.extension.crud.util.ValidateGroup;
@@ -56,24 +58,34 @@ public class UserController extends BaseController<UserService, UserResp, UserDe
     @Override
     @SaCheckPermission("system:user:add")
     public R<Long> add(@Validated(ValidateGroup.Crud.Add.class) @RequestBody UserReq req) {
+        String rawPassword = ExceptionUtils.exToNull(() -> SecureUtils.decryptByRsaPrivateKey(req.getPassword()));
+        ValidationUtils.throwIfNull(rawPassword, "密码解密失败");
+        ValidationUtils.throwIf(!ReUtil
+            .isMatch(RegexConstants.PASSWORD, rawPassword), "密码长度为 6 到 32 位，可以包含字母、数字、下划线，特殊字符，同时包含字母和数字");
+        req.setPassword(rawPassword);
         Long id = baseService.add(req);
-        return R.ok(String.format("新增成功，请牢记默认密码：%s", SysConstants.DEFAULT_PASSWORD), id);
+        return R.ok("新增成功", id);
     }
 
     @Operation(summary = "重置密码", description = "重置用户登录密码为默认密码")
     @Parameter(name = "id", description = "ID", example = "1", in = ParameterIn.PATH)
     @SaCheckPermission("system:user:password:reset")
     @PatchMapping("/{id}/password")
-    public R resetPassword(@PathVariable Long id) {
-        baseService.resetPassword(id);
-        return R.ok(String.format("重置密码成功，请牢记默认密码：%s", SysConstants.DEFAULT_PASSWORD));
+    public R<Void> resetPassword(@Validated @RequestBody UserPasswordResetReq req, @PathVariable Long id) {
+        String rawNewPassword = ExceptionUtils.exToNull(() -> SecureUtils.decryptByRsaPrivateKey(req.getNewPassword()));
+        ValidationUtils.throwIfNull(rawNewPassword, "新密码解密失败");
+        ValidationUtils.throwIf(!ReUtil
+            .isMatch(RegexConstants.PASSWORD, rawNewPassword), "密码长度为 6 到 32 位，可以包含字母、数字、下划线，特殊字符，同时包含字母和数字");
+        req.setNewPassword(rawNewPassword);
+        baseService.resetPassword(req, id);
+        return R.ok("重置密码成功");
     }
 
     @Operation(summary = "分配角色", description = "为用户新增或移除角色")
     @Parameter(name = "id", description = "ID", example = "1", in = ParameterIn.PATH)
     @SaCheckPermission("system:user:role:update")
     @PatchMapping("/{id}/role")
-    public R updateRole(@Validated @RequestBody UserRoleUpdateReq updateReq, @PathVariable Long id) {
+    public R<Void> updateRole(@Validated @RequestBody UserRoleUpdateReq updateReq, @PathVariable Long id) {
         baseService.updateRole(updateReq, id);
         return R.ok("分配成功");
     }

continew-admin-webapi/src/main/java/top/charles7c/continew/admin/webapi/tool/GeneratorController.java

@@ -89,7 +89,7 @@ public class GeneratorController {
     @Parameter(name = "tableName", description = "表名称", required = true, example = "sys_user", in = ParameterIn.PATH)
     @SaCheckPermission("tool:generator:list")
     @PostMapping("/config/{tableName}")
-    public R saveConfig(@Validated @RequestBody GenConfigReq req, @PathVariable String tableName) {
+    public R<Void> saveConfig(@Validated @RequestBody GenConfigReq req, @PathVariable String tableName) {
         generatorService.saveConfig(req, tableName);
         return R.ok("保存成功");
     }
@@ -106,7 +106,7 @@ public class GeneratorController {
     @Parameter(name = "tableName", description = "表名称", required = true, example = "sys_user", in = ParameterIn.PATH)
     @SaCheckPermission("tool:generator:list")
     @PostMapping("/{tableName}")
-    public R generate(@PathVariable String tableName) {
+    public R<Void> generate(@PathVariable String tableName) {
         ValidationUtils.throwIf(projectProperties.isProduction(), "仅支持在开发环境生成代码");
         generatorService.generate(tableName);
         return R.ok("生成成功，请查看生成代码是否正确");

continew-admin-webapi/src/main/resources/config/application-dev.yml

@@ -258,8 +258,4 @@ spring.servlet:
     max-request-size: 20MB
 ## 头像支持格式配置
 avatar:
-  support-suffix:
-    - jpg
-    - jpeg
-    - png
-    - gif
+  support-suffix: jpg,jpeg,png,gif

continew-admin-webapi/src/main/resources/config/application-prod.yml

@@ -258,8 +258,4 @@ spring.servlet:
     max-request-size: 20MB
 ## 头像支持格式配置
 avatar:
-  support-suffix:
-    - jpg
-    - jpeg
-    - png
-    - gif
+  support-suffix: jpg,jpeg,png,gif