diff --git a/kernel-s-customer/customer-api/src/main/java/cn/stylefeng/roses/kernel/customer/api/OldPasswordValidateApi.java b/kernel-s-customer/customer-api/src/main/java/cn/stylefeng/roses/kernel/customer/api/OldPasswordValidateApi.java new file mode 100644 index 000000000..516e848d6 --- /dev/null +++ b/kernel-s-customer/customer-api/src/main/java/cn/stylefeng/roses/kernel/customer/api/OldPasswordValidateApi.java @@ -0,0 +1,19 @@ +package cn.stylefeng.roses.kernel.customer.api; + +/** + * 旧版密码校验api + * + * @author fengshuonan + * @date 2021/7/6 22:01 + */ +public interface OldPasswordValidateApi { + + /** + * 校验密码 + * + * @author fengshuonan + * @date 2021/7/6 22:02 + */ + boolean validatePassword(String passwordOriginal, String passwordEncrypt, String salt); + +} diff --git a/kernel-s-customer/customer-api/src/main/java/cn/stylefeng/roses/kernel/customer/api/expander/CustomerConfigExpander.java b/kernel-s-customer/customer-api/src/main/java/cn/stylefeng/roses/kernel/customer/api/expander/CustomerConfigExpander.java index c987e15c4..39c3c2922 100644 --- a/kernel-s-customer/customer-api/src/main/java/cn/stylefeng/roses/kernel/customer/api/expander/CustomerConfigExpander.java +++ b/kernel-s-customer/customer-api/src/main/java/cn/stylefeng/roses/kernel/customer/api/expander/CustomerConfigExpander.java @@ -81,4 +81,14 @@ public class CustomerConfigExpander { return ConfigContext.me().getSysConfigValueWithDefault("CUSTOMER_CACHE_EXPIRED_SECONDS", Long.class, 3600L); } + /** + * 是否开启旧版密码校验 + * + * @author fengshuonan + * @date 2021/7/6 22:00 + */ + public static Boolean getOldPasswordValidate() { + return ConfigContext.me().getSysConfigValueWithDefault("CUSTOMER_OPEN_OLD_PASSWORD_VALIDATE", Boolean.class, Boolean.FALSE); + } + } diff --git a/kernel-s-customer/customer-business/src/main/java/cn/stylefeng/roses/kernel/customer/modular/entity/Customer.java b/kernel-s-customer/customer-business/src/main/java/cn/stylefeng/roses/kernel/customer/modular/entity/Customer.java index 8bac2b3a4..9434943c2 100644 --- a/kernel-s-customer/customer-business/src/main/java/cn/stylefeng/roses/kernel/customer/modular/entity/Customer.java +++ b/kernel-s-customer/customer-business/src/main/java/cn/stylefeng/roses/kernel/customer/modular/entity/Customer.java @@ -43,6 +43,20 @@ public class Customer extends BaseEntity { @ChineseDescription("密码") private String password; + /** + * 旧网站密码(可选) + */ + @TableField("old_password") + @ChineseDescription("旧网站密码") + private String oldPassword; + + /** + * 旧网站密码盐(可选) + */ + @TableField("old_password_salt") + @ChineseDescription("旧网站密码盐") + private String oldPasswordSalt; + /** * 昵称(显示名称) */ diff --git a/kernel-s-customer/customer-business/src/main/java/cn/stylefeng/roses/kernel/customer/modular/service/OldPasswordValidateService.java b/kernel-s-customer/customer-business/src/main/java/cn/stylefeng/roses/kernel/customer/modular/service/OldPasswordValidateService.java new file mode 100644 index 000000000..6987f19e9 --- /dev/null +++ b/kernel-s-customer/customer-business/src/main/java/cn/stylefeng/roses/kernel/customer/modular/service/OldPasswordValidateService.java @@ -0,0 +1,21 @@ +package cn.stylefeng.roses.kernel.customer.modular.service; + +import cn.hutool.crypto.SecureUtil; +import cn.stylefeng.roses.kernel.customer.api.OldPasswordValidateApi; +import org.springframework.stereotype.Service; + +/** + * 旧验证码校验 + * + * @author fengshuonan + * @date 2021/7/6 22:03 + */ +@Service +public class OldPasswordValidateService implements OldPasswordValidateApi { + + @Override + public boolean validatePassword(String passwordOriginal, String passwordEncrypt, String salt) { + return SecureUtil.md5(passwordOriginal + salt).equals(passwordEncrypt); + } + +} diff --git a/kernel-s-customer/customer-business/src/main/java/cn/stylefeng/roses/kernel/customer/modular/service/impl/CustomerServiceImpl.java b/kernel-s-customer/customer-business/src/main/java/cn/stylefeng/roses/kernel/customer/modular/service/impl/CustomerServiceImpl.java index 323c360ce..752179271 100644 --- a/kernel-s-customer/customer-business/src/main/java/cn/stylefeng/roses/kernel/customer/modular/service/impl/CustomerServiceImpl.java +++ b/kernel-s-customer/customer-business/src/main/java/cn/stylefeng/roses/kernel/customer/modular/service/impl/CustomerServiceImpl.java @@ -14,6 +14,7 @@ import cn.stylefeng.roses.kernel.auth.api.pojo.auth.LoginRequest; import cn.stylefeng.roses.kernel.auth.api.pojo.auth.LoginResponse; import cn.stylefeng.roses.kernel.auth.api.pojo.login.LoginUser; import cn.stylefeng.roses.kernel.cache.api.CacheOperatorApi; +import cn.stylefeng.roses.kernel.customer.api.OldPasswordValidateApi; import cn.stylefeng.roses.kernel.customer.api.exception.CustomerException; import cn.stylefeng.roses.kernel.customer.api.exception.enums.CustomerExceptionEnum; import cn.stylefeng.roses.kernel.customer.api.expander.CustomerConfigExpander; @@ -99,6 +100,9 @@ public class CustomerServiceImpl extends ServiceImpl i @Resource private DragCaptchaApi dragCaptchaApi; + @Resource + private OldPasswordValidateApi oldPasswordValidateApi; + @Override @Transactional(rollbackFor = Exception.class) public void reg(CustomerRequest customerRequest) { @@ -162,7 +166,14 @@ public class CustomerServiceImpl extends ServiceImpl i // 校验用户密码 Boolean passwordFlag = passwordStoredEncryptApi.checkPassword(loginRequest.getPassword(), customer.getPassword()); if (!passwordFlag) { - throw new AuthException(AuthExceptionEnum.USERNAME_PASSWORD_ERROR); + // 如果开启了旧版密码校验,则再校验一次 + if (CustomerConfigExpander.getOldPasswordValidate()) { + if (!oldPasswordValidateApi.validatePassword(loginRequest.getPassword(), customer.getOldPassword(), customer.getOldPasswordSalt())) { + throw new AuthException(AuthExceptionEnum.USERNAME_PASSWORD_ERROR); + } + } else { + throw new AuthException(AuthExceptionEnum.USERNAME_PASSWORD_ERROR); + } } // 校验用户状态