【7.2.2】更新C端密码校验的逻辑

pull/29/head
fengshuonan 2022-03-23 09:56:04 +08:00
parent 0a4c074e43
commit 611b970530
1 changed files with 10 additions and 1 deletions

View File

@ -331,13 +331,22 @@ public class CustomerServiceImpl extends ServiceImpl<CustomerMapper, Customer> i
// 校验旧密码是否正确
Boolean passwordRightFlag = passwordStoredEncryptApi.checkPassword(customerInfoRequest.getOldPassword(), customer.getPassword());
if (!passwordRightFlag) {
// 上一代密码校验md5
boolean lastPasswordRightFlag = oldPasswordValidateApi.validatePassword(customerInfoRequest.getOldPassword(), customer.getOldPassword(), customer.getOldPasswordSalt());
if (!passwordRightFlag && !lastPasswordRightFlag) {
throw new CustomerException(CustomerExceptionEnum.PWD_ERROR);
}
// 更新密码
String encryptPwd = passwordStoredEncryptApi.encrypt(customerInfoRequest.getNewPassword());
customer.setPassword(encryptPwd);
// 如果有上一代密码,则清空掉
customer.setOldPassword(CustomerConstants.DEFAULT_EMPTY_PASSWORD);
customer.setOldPasswordSalt(CustomerConstants.DEFAULT_EMPTY_PASSWORD);
this.updateById(customer);
// 清除缓存中的用户信息