✨ 完善修改密码

2023-10-06 19:38:45 +08:00 · 2023-10-06 19:38:45 +08:00 · 265ef73cf3
parent dd47862b3a
commit 265ef73cf3
5 changed files with 21 additions and 61 deletions
--- a/eiam-console/src/main/console-fe/src/pages/user/Profile/components/ModifyPassword.tsx
+++ b/eiam-console/src/main/console-fe/src/pages/user/Profile/components/ModifyPassword.tsx
@ -15,7 +15,7 @@
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
-import { FieldNames } from '../constant';
+import { FieldNames, ServerExceptionStatus } from '../constant';
 import { changePassword } from '../service';
 import { ModalForm, ProFormInstance, ProFormText } from '@ant-design/pro-components';
 import { App, Spin } from 'antd';
@ -35,7 +35,7 @@ const ModifyPassword = (props: {
  setVisible: (visible: boolean) => void;
 }) => {
  const intl = useIntl();
-  const { message } = App.useApp();
+  const useApp = App.useApp();
  const { visible, setVisible, setRefresh } = props;
  const [loading, setLoading] = useState<boolean>(false);
  const formRef = useRef<ProFormInstance>();
@ -70,13 +70,19 @@ const ModifyPassword = (props: {
        },
      }}
      onFinish={async (formData: Record<string, any>) => {
-        const { success, result } = await changePassword({
+        const { success, result, status, message } = await changePassword({
          oldPassword: formData[FieldNames.NEW_PASSWORD] as string,
          newPassword: formData[FieldNames.OLD_PASSWORD] as string,
        });
        if (!success && status === ServerExceptionStatus.PASSWORD_VALIDATED_FAIL_ERROR) {
          formRef.current?.setFields([{ name: FieldNames.OLD_PASSWORD, errors: [`${message}`] }]);
          return Promise.reject();
        }
        if (success && result) {
          setVisible(false);
-          message.success(intl.formatMessage({ id: 'page.user.profile.modify_password.success' }));
+          useApp.message.success(
            intl.formatMessage({ id: 'page.user.profile.modify_password.success' }),
          );
          setRefresh(true);
          return Promise.resolve();
        }
--- a/eiam-console/src/main/java/cn/topiam/employee/console/controller/user/UserProfileController.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/controller/user/UserProfileController.java
@ -54,18 +54,6 @@ public class UserProfileController {
        return ApiRestResult.ok(result);
    }
    /**
     * 准备修改密码
     *
     * @return {@link  ApiRestResult}
     */
    @Audit(type = EventType.PREPARE_MODIFY_PASSWORD)
    @Operation(summary = "准备修改账户密码")
    @PostMapping("/prepare_change_password")
    public ApiRestResult<Boolean> prepareChangePassword(@RequestBody @Validated PrepareChangePasswordRequest param) {
        return ApiRestResult.ok(userProfileService.prepareChangePassword(param));
    }
    /**
     * 修改密码
     *
--- a/eiam-console/src/main/java/cn/topiam/employee/console/pojo/update/user/ChangePasswordRequest.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/pojo/update/user/ChangePasswordRequest.java
@ -52,14 +52,7 @@ public class ChangePasswordRequest implements Serializable {
    /**
     * 验证码
     */
-    @NotEmpty(message = "验证码不能为空")
+    @NotEmpty(message = "旧密码不能为空")
-    @Parameter(description = "验证码")
+    @Parameter(description = "旧密码")
-    private String               verifyCode;
+    private String               oldPassword;
    /**
     * 消息类型
     */
    @NotNull(message = "消息类型不能为空")
    @Parameter(description = "消息类型")
    private MessageNoticeChannel channel;
 }
--- a/eiam-console/src/main/java/cn/topiam/employee/console/service/user/UserProfileService.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/service/user/UserProfileService.java
@ -75,14 +75,6 @@ public interface UserProfileService {
     */
    Boolean changeEmail(ChangeEmailRequest param);
    /**
     * 修改密码预认证
     *
     * @param param {@link PrepareChangePasswordRequest}
     * @return {@link Boolean}
     */
    Boolean prepareChangePassword(PrepareChangePasswordRequest param);
    /**
     * 忘记密码发送验证码
     *
--- a/eiam-console/src/main/java/cn/topiam/employee/console/service/user/impl/UserProfileServiceImpl.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/service/user/impl/UserProfileServiceImpl.java
@ -22,6 +22,7 @@ import java.util.*;
 import java.util.concurrent.Executor;
 import java.util.concurrent.TimeUnit;
 import cn.topiam.employee.support.security.password.exception.PasswordInvalidException;
 import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@ -73,7 +74,6 @@ import static cn.topiam.employee.support.util.PhoneNumberUtils.isPhoneValidate;
 * @author TopIAM
 * Created by support@topiam.cn on  2022/10/3 22:20
 */
@Slf4j
@Service
 public class UserProfileServiceImpl implements UserProfileService {
@ -97,15 +97,10 @@ public class UserProfileServiceImpl implements UserProfileService {
    public Boolean changePassword(ChangePasswordRequest param) {
        //获取用户
        AdministratorEntity administrator = getCurrentUser();
-        Boolean checkOtp = otpContextHelp.checkOtp(
+        //校验旧密码
-            MessageNoticeChannel.SMS == param.getChannel() ? SmsType.UPDATE_PASSWORD.getCode()
+        if (!passwordEncoder.matches(param.getOldPassword(),administrator.getPassword())){
-                : MailType.UPDATE_PASSWORD.getCode(),
+            logger.error("用户ID: [{}] 用户名: [{}] 修改密码失败，原密码错误",administrator.getId(),administrator.getUsername());
-            param.getChannel(),
+            throw new PasswordValidatedFailException("旧密码错误");
            MessageNoticeChannel.SMS == param.getChannel() ? administrator.getPhone()
                : administrator.getEmail(),
            param.getVerifyCode());
        if (!checkOtp) {
            throw new InfoValidityFailException(EX000102.getMessage());
        }
        //修改密码
        administratorRepository.updatePassword(Long.valueOf(SecurityUtils.getCurrentUser().getId()),
@ -222,20 +217,6 @@ public class UserProfileServiceImpl implements UserProfileService {
        return true;
    }
    @Override
    public Boolean prepareChangePassword(PrepareChangePasswordRequest param) {
        AdministratorEntity user = getCurrentUser();
        // 发送短信验证码
        if (MessageNoticeChannel.SMS == param.getChannel()) {
            otpContextHelp.sendOtp(user.getPhone(), SmsType.UPDATE_PASSWORD.getCode(),
                MessageNoticeChannel.SMS);
        } else {
            otpContextHelp.sendOtp(user.getEmail(), MailType.UPDATE_PASSWORD.getCode(),
                MessageNoticeChannel.MAIL);
        }
        return true;
    }
    @Override
    public Boolean forgetPasswordCode(String recipient) {
        if (isEmailValidate(recipient)) {
@ -246,7 +227,7 @@ public class UserProfileServiceImpl implements UserProfileService {
                    MessageNoticeChannel.MAIL);
                return true;
            }
-            log.warn("忘记密码: 邮箱: [{}] 不存在", recipient);
+            logger.warn("忘记密码: 邮箱: [{}] 不存在", recipient);
        } else if (isPhoneValidate(recipient)) {
            // 验证在库中是否有手机号
            Optional<AdministratorEntity> byPhone = administratorRepository
@ -256,9 +237,9 @@ public class UserProfileServiceImpl implements UserProfileService {
                    MessageNoticeChannel.SMS);
                return true;
            }
-            log.warn("忘记密码: 手机号: [{}] 不存在", recipient);
+            logger.warn("忘记密码: 手机号: [{}] 不存在", recipient);
        }
-        log.error("忘记密码: 接受者: [{}] 格式错误", recipient);
+        logger.error("忘记密码: 接受者: [{}] 格式错误", recipient);
        throw new BadParamsException("请输入正确的手机号或邮箱");
    }