gitee
/
roses
mirror of https://gitee.com/stylefeng/roses
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

【7.0.4】【c】增加c端用户密码校验逻辑

pull/22/head
fengshuonan 2021-07-06 23:00:38 +08:00
parent 22a387dc3b
commit 112c21826b
2 changed files with 16 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
kernel-s-customer/customer-api/src/main/java/cn/stylefeng/roses/kernel/customer/api/constants/CustomerConstants.java
View File

@ -47,4 +47,9 @@ public interface CustomerConstants {
*/ */
String CUSTOMER_CACHE_PREFIX = "customer:"; String CUSTOMER_CACHE_PREFIX = "customer:";
/**
* bcrypt
*/
String DEFAULT_EMPTY_PASSWORD = "-1";
} }

20
kernel-s-customer/customer-business/src/main/java/cn/stylefeng/roses/kernel/customer/modular/service/impl/CustomerServiceImpl.java
View File

@ -15,6 +15,7 @@ import cn.stylefeng.roses.kernel.auth.api.pojo.auth.LoginResponse;
import cn.stylefeng.roses.kernel.auth.api.pojo.login.LoginUser; import cn.stylefeng.roses.kernel.auth.api.pojo.login.LoginUser;
import cn.stylefeng.roses.kernel.cache.api.CacheOperatorApi; import cn.stylefeng.roses.kernel.cache.api.CacheOperatorApi;
import cn.stylefeng.roses.kernel.customer.api.OldPasswordValidateApi; import cn.stylefeng.roses.kernel.customer.api.OldPasswordValidateApi;
import cn.stylefeng.roses.kernel.customer.api.constants.CustomerConstants;
import cn.stylefeng.roses.kernel.customer.api.exception.CustomerException; import cn.stylefeng.roses.kernel.customer.api.exception.CustomerException;
import cn.stylefeng.roses.kernel.customer.api.exception.enums.CustomerExceptionEnum; import cn.stylefeng.roses.kernel.customer.api.exception.enums.CustomerExceptionEnum;
import cn.stylefeng.roses.kernel.customer.api.expander.CustomerConfigExpander; import cn.stylefeng.roses.kernel.customer.api.expander.CustomerConfigExpander;
@ -163,15 +164,16 @@ public class CustomerServiceImpl extends ServiceImpl<CustomerMapper, Customer> i
throw new CustomerException(CustomerExceptionEnum.CANT_FIND_CUSTOMER, loginRequest.getAccount()); throw new CustomerException(CustomerExceptionEnum.CANT_FIND_CUSTOMER, loginRequest.getAccount());
} }
// 校验用户密码 // 如果开启了旧版密码并且bcrypt密码是空
Boolean passwordFlag = passwordStoredEncryptApi.checkPassword(loginRequest.getPassword(), customer.getPassword()); if (CustomerConfigExpander.getOldPasswordValidate()
if (!passwordFlag) { && customer.getPassword().equals(CustomerConstants.DEFAULT_EMPTY_PASSWORD)) {
// 如果开启了旧版密码校验,则再校验一次 if (!oldPasswordValidateApi.validatePassword(loginRequest.getPassword(), customer.getOldPassword(), customer.getOldPasswordSalt())) {
if (CustomerConfigExpander.getOldPasswordValidate()) { throw new AuthException(AuthExceptionEnum.USERNAME_PASSWORD_ERROR);
if (!oldPasswordValidateApi.validatePassword(loginRequest.getPassword(), customer.getOldPassword(), customer.getOldPasswordSalt())) { }
throw new AuthException(AuthExceptionEnum.USERNAME_PASSWORD_ERROR); } else {
} // 校验用户密码
} else { Boolean passwordFlag = passwordStoredEncryptApi.checkPassword(loginRequest.getPassword(), customer.getPassword());
if (!passwordFlag) {
throw new AuthException(AuthExceptionEnum.USERNAME_PASSWORD_ERROR); throw new AuthException(AuthExceptionEnum.USERNAME_PASSWORD_ERROR);
} }
} }