mirror of https://gitee.com/stylefeng/roses
【8.0.1】【system】更新获取历史密码盐的方法
fengshuonan
parent
c9a8c7c5a5
commit
edf07ddd76
|
|
@ -1,8 +1,6 @@
|
||||||
package cn.stylefeng.roses.kernel.sys.modular.security.service;
|
package cn.stylefeng.roses.kernel.sys.modular.security.service;
|
||||||
|
|
||||||
import cn.stylefeng.roses.kernel.db.api.pojo.page.PageResult;
|
|
||||||
import cn.stylefeng.roses.kernel.sys.modular.security.entity.SysUserPasswordRecord;
|
import cn.stylefeng.roses.kernel.sys.modular.security.entity.SysUserPasswordRecord;
|
||||||
import cn.stylefeng.roses.kernel.sys.modular.security.pojo.request.SysUserPasswordRecordRequest;
|
|
||||||
import com.baomidou.mybatisplus.extension.service.IService;
|
import com.baomidou.mybatisplus.extension.service.IService;
|
||||||
|
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
@ -16,59 +14,11 @@ import java.util.List;
|
||||||
public interface SysUserPasswordRecordService extends IService<SysUserPasswordRecord> {
|
public interface SysUserPasswordRecordService extends IService<SysUserPasswordRecord> {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 新增用户历史密码记录
|
* 获取最近几次的密码记录
|
||||||
*
|
*
|
||||||
* @param sysUserPasswordRecordRequest 请求参数
|
|
||||||
* @author fengshuonan
|
* @author fengshuonan
|
||||||
* @date 2023/10/04 23:28
|
* @since 2023/10/5 20:01
|
||||||
*/
|
*/
|
||||||
void add(SysUserPasswordRecordRequest sysUserPasswordRecordRequest);
|
List<SysUserPasswordRecord> getRecentRecords(Long userId, Integer times);
|
||||||
|
|
||||||
/**
|
|
||||||
* 删除用户历史密码记录
|
|
||||||
*
|
|
||||||
* @param sysUserPasswordRecordRequest 请求参数
|
|
||||||
* @author fengshuonan
|
|
||||||
* @date 2023/10/04 23:28
|
|
||||||
*/
|
|
||||||
void del(SysUserPasswordRecordRequest sysUserPasswordRecordRequest);
|
|
||||||
|
|
||||||
/**
|
|
||||||
* 编辑用户历史密码记录
|
|
||||||
*
|
|
||||||
* @param sysUserPasswordRecordRequest 请求参数
|
|
||||||
* @author fengshuonan
|
|
||||||
* @date 2023/10/04 23:28
|
|
||||||
*/
|
|
||||||
void edit(SysUserPasswordRecordRequest sysUserPasswordRecordRequest);
|
|
||||||
|
|
||||||
/**
|
|
||||||
* 查询详情用户历史密码记录
|
|
||||||
*
|
|
||||||
* @param sysUserPasswordRecordRequest 请求参数
|
|
||||||
* @author fengshuonan
|
|
||||||
* @date 2023/10/04 23:28
|
|
||||||
*/
|
|
||||||
SysUserPasswordRecord detail(SysUserPasswordRecordRequest sysUserPasswordRecordRequest);
|
|
||||||
|
|
||||||
/**
|
|
||||||
* 获取用户历史密码记录列表
|
|
||||||
*
|
|
||||||
* @param sysUserPasswordRecordRequest 请求参数
|
|
||||||
* @return List<SysUserPasswordRecord> 返回结果
|
|
||||||
* @author fengshuonan
|
|
||||||
* @date 2023/10/04 23:28
|
|
||||||
*/
|
|
||||||
List<SysUserPasswordRecord> findList(SysUserPasswordRecordRequest sysUserPasswordRecordRequest);
|
|
||||||
|
|
||||||
/**
|
|
||||||
* 获取用户历史密码记录分页列表
|
|
||||||
*
|
|
||||||
* @param sysUserPasswordRecordRequest 请求参数
|
|
||||||
* @return PageResult<SysUserPasswordRecord> 返回结果
|
|
||||||
* @author fengshuonan
|
|
||||||
* @date 2023/10/04 23:28
|
|
||||||
*/
|
|
||||||
PageResult<SysUserPasswordRecord> findPage(SysUserPasswordRecordRequest sysUserPasswordRecordRequest);
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,8 @@
|
||||||
package cn.stylefeng.roses.kernel.sys.modular.security.service.impl;
|
package cn.stylefeng.roses.kernel.sys.modular.security.service.impl;
|
||||||
|
|
||||||
|
import cn.stylefeng.roses.kernel.auth.api.context.LoginContext;
|
||||||
import cn.stylefeng.roses.kernel.auth.api.expander.LoginConfigExpander;
|
import cn.stylefeng.roses.kernel.auth.api.expander.LoginConfigExpander;
|
||||||
|
import cn.stylefeng.roses.kernel.auth.api.password.PasswordStoredEncryptApi;
|
||||||
import cn.stylefeng.roses.kernel.config.api.ConfigServiceApi;
|
import cn.stylefeng.roses.kernel.config.api.ConfigServiceApi;
|
||||||
import cn.stylefeng.roses.kernel.sys.api.SecurityConfigService;
|
import cn.stylefeng.roses.kernel.sys.api.SecurityConfigService;
|
||||||
import cn.stylefeng.roses.kernel.sys.api.exception.SysException;
|
import cn.stylefeng.roses.kernel.sys.api.exception.SysException;
|
||||||
|
|
@ -12,6 +14,7 @@ import org.springframework.stereotype.Service;
|
||||||
|
|
||||||
import javax.annotation.Resource;
|
import javax.annotation.Resource;
|
||||||
import java.util.Date;
|
import java.util.Date;
|
||||||
|
import java.util.List;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 系统配置的业务
|
* 系统配置的业务
|
||||||
|
|
@ -28,6 +31,9 @@ public class SecurityConfigServiceImpl implements SecurityConfigService {
|
||||||
@Resource
|
@Resource
|
||||||
private SysUserPasswordRecordService sysUserPasswordRecordService;
|
private SysUserPasswordRecordService sysUserPasswordRecordService;
|
||||||
|
|
||||||
|
@Resource
|
||||||
|
private PasswordStoredEncryptApi passwordStoredEncryptApi;
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public SecurityConfig getSecurityConfig() {
|
public SecurityConfig getSecurityConfig() {
|
||||||
|
|
||||||
|
|
@ -133,9 +139,22 @@ public class SecurityConfigServiceImpl implements SecurityConfigService {
|
||||||
throw new SysException(SecurityStrategyExceptionEnum.NUMBER_SYMBOL, securityConfig.getPasswordMinNumberCount());
|
throw new SysException(SecurityStrategyExceptionEnum.NUMBER_SYMBOL, securityConfig.getPasswordMinNumberCount());
|
||||||
}
|
}
|
||||||
|
|
||||||
// 6. 如果是修改密码,则校验密码是否和最近几次的密码相同 todo
|
// 6. 如果是修改密码,则校验密码是否和最近几次的密码相同
|
||||||
|
Integer passwordMinCantRepeatTimes = securityConfig.getPasswordMinCantRepeatTimes();
|
||||||
|
|
||||||
|
// 如果为0则不用校验
|
||||||
|
if (passwordMinCantRepeatTimes == null || passwordMinCantRepeatTimes.equals(0)) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
List<SysUserPasswordRecord> recentRecords = sysUserPasswordRecordService.getRecentRecords(
|
||||||
|
LoginContext.me().getLoginUser().getUserId(), passwordMinCantRepeatTimes);
|
||||||
|
for (SysUserPasswordRecord recentRecord : recentRecords) {
|
||||||
|
Boolean resultTrue = passwordStoredEncryptApi.checkPasswordWithSalt(password, recentRecord.getHistoryPasswordSalt(),
|
||||||
|
recentRecord.getHistoryPassword());
|
||||||
|
if (resultTrue) {
|
||||||
|
throw new SysException(SecurityStrategyExceptionEnum.PASSWORD_REPEAT, passwordMinCantRepeatTimes);
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
|
||||||
|
|
@ -1,21 +1,14 @@
|
||||||
package cn.stylefeng.roses.kernel.sys.modular.security.service.impl;
|
package cn.stylefeng.roses.kernel.sys.modular.security.service.impl;
|
||||||
|
|
||||||
import cn.hutool.core.bean.BeanUtil;
|
|
||||||
import cn.hutool.core.util.ObjectUtil;
|
|
||||||
import cn.stylefeng.roses.kernel.db.api.factory.PageFactory;
|
|
||||||
import cn.stylefeng.roses.kernel.db.api.factory.PageResultFactory;
|
|
||||||
import cn.stylefeng.roses.kernel.db.api.pojo.page.PageResult;
|
|
||||||
import cn.stylefeng.roses.kernel.rule.exception.base.ServiceException;
|
|
||||||
import cn.stylefeng.roses.kernel.sys.modular.security.entity.SysUserPasswordRecord;
|
import cn.stylefeng.roses.kernel.sys.modular.security.entity.SysUserPasswordRecord;
|
||||||
import cn.stylefeng.roses.kernel.sys.modular.security.enums.SysUserPasswordRecordExceptionEnum;
|
|
||||||
import cn.stylefeng.roses.kernel.sys.modular.security.mapper.SysUserPasswordRecordMapper;
|
import cn.stylefeng.roses.kernel.sys.modular.security.mapper.SysUserPasswordRecordMapper;
|
||||||
import cn.stylefeng.roses.kernel.sys.modular.security.pojo.request.SysUserPasswordRecordRequest;
|
|
||||||
import cn.stylefeng.roses.kernel.sys.modular.security.service.SysUserPasswordRecordService;
|
import cn.stylefeng.roses.kernel.sys.modular.security.service.SysUserPasswordRecordService;
|
||||||
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
|
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
|
||||||
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
|
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
|
||||||
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
|
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
|
||||||
import org.springframework.stereotype.Service;
|
import org.springframework.stereotype.Service;
|
||||||
|
|
||||||
|
import java.util.ArrayList;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -25,82 +18,28 @@ import java.util.List;
|
||||||
* @date 2023/10/04 23:28
|
* @date 2023/10/04 23:28
|
||||||
*/
|
*/
|
||||||
@Service
|
@Service
|
||||||
public class SysUserPasswordRecordServiceImpl extends ServiceImpl<SysUserPasswordRecordMapper, SysUserPasswordRecord> implements SysUserPasswordRecordService {
|
public class SysUserPasswordRecordServiceImpl extends ServiceImpl<SysUserPasswordRecordMapper, SysUserPasswordRecord> implements
|
||||||
|
SysUserPasswordRecordService {
|
||||||
@Override
|
|
||||||
public void add(SysUserPasswordRecordRequest sysUserPasswordRecordRequest) {
|
|
||||||
SysUserPasswordRecord sysUserPasswordRecord = new SysUserPasswordRecord();
|
|
||||||
BeanUtil.copyProperties(sysUserPasswordRecordRequest, sysUserPasswordRecord);
|
|
||||||
this.save(sysUserPasswordRecord);
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void del(SysUserPasswordRecordRequest sysUserPasswordRecordRequest) {
|
public List<SysUserPasswordRecord> getRecentRecords(Long userId, Integer times) {
|
||||||
SysUserPasswordRecord sysUserPasswordRecord = this.querySysUserPasswordRecord(sysUserPasswordRecordRequest);
|
|
||||||
this.removeById(sysUserPasswordRecord.getRecordId());
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
if (times == null || times.equals(0)) {
|
||||||
public void edit(SysUserPasswordRecordRequest sysUserPasswordRecordRequest) {
|
return new ArrayList<>();
|
||||||
SysUserPasswordRecord sysUserPasswordRecord = this.querySysUserPasswordRecord(sysUserPasswordRecordRequest);
|
|
||||||
BeanUtil.copyProperties(sysUserPasswordRecordRequest, sysUserPasswordRecord);
|
|
||||||
this.updateById(sysUserPasswordRecord);
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public SysUserPasswordRecord detail(SysUserPasswordRecordRequest sysUserPasswordRecordRequest) {
|
|
||||||
return this.querySysUserPasswordRecord(sysUserPasswordRecordRequest);
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public PageResult<SysUserPasswordRecord> findPage(SysUserPasswordRecordRequest sysUserPasswordRecordRequest) {
|
|
||||||
LambdaQueryWrapper<SysUserPasswordRecord> wrapper = createWrapper(sysUserPasswordRecordRequest);
|
|
||||||
Page<SysUserPasswordRecord> pageList = this.page(PageFactory.defaultPage(), wrapper);
|
|
||||||
return PageResultFactory.createPageResult(pageList);
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public List<SysUserPasswordRecord> findList(SysUserPasswordRecordRequest sysUserPasswordRecordRequest) {
|
|
||||||
LambdaQueryWrapper<SysUserPasswordRecord> wrapper = this.createWrapper(sysUserPasswordRecordRequest);
|
|
||||||
return this.list(wrapper);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* 获取信息
|
|
||||||
*
|
|
||||||
* @author fengshuonan
|
|
||||||
* @date 2023/10/04 23:28
|
|
||||||
*/
|
|
||||||
private SysUserPasswordRecord querySysUserPasswordRecord(SysUserPasswordRecordRequest sysUserPasswordRecordRequest) {
|
|
||||||
SysUserPasswordRecord sysUserPasswordRecord = this.getById(sysUserPasswordRecordRequest.getRecordId());
|
|
||||||
if (ObjectUtil.isEmpty(sysUserPasswordRecord)) {
|
|
||||||
throw new ServiceException(SysUserPasswordRecordExceptionEnum.SYS_USER_PASSWORD_RECORD_NOT_EXISTED);
|
|
||||||
}
|
}
|
||||||
return sysUserPasswordRecord;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
LambdaQueryWrapper<SysUserPasswordRecord> sysUserPasswordRecordLambdaQueryWrapper = new LambdaQueryWrapper<>();
|
||||||
* 创建查询wrapper
|
sysUserPasswordRecordLambdaQueryWrapper.eq(SysUserPasswordRecord::getUserId, userId);
|
||||||
*
|
|
||||||
* @author fengshuonan
|
|
||||||
* @date 2023/10/04 23:28
|
|
||||||
*/
|
|
||||||
private LambdaQueryWrapper<SysUserPasswordRecord> createWrapper(SysUserPasswordRecordRequest sysUserPasswordRecordRequest) {
|
|
||||||
LambdaQueryWrapper<SysUserPasswordRecord> queryWrapper = new LambdaQueryWrapper<>();
|
|
||||||
|
|
||||||
Long recordId = sysUserPasswordRecordRequest.getRecordId();
|
Page<SysUserPasswordRecord> recordPage = new Page<>(1, times);
|
||||||
Long userId = sysUserPasswordRecordRequest.getUserId();
|
Page<SysUserPasswordRecord> page = this.page(recordPage, sysUserPasswordRecordLambdaQueryWrapper);
|
||||||
String historyPassword = sysUserPasswordRecordRequest.getHistoryPassword();
|
|
||||||
String historyPasswordSalt = sysUserPasswordRecordRequest.getHistoryPasswordSalt();
|
|
||||||
String updatePasswordTime = sysUserPasswordRecordRequest.getUpdatePasswordTime();
|
|
||||||
|
|
||||||
queryWrapper.eq(ObjectUtil.isNotNull(recordId), SysUserPasswordRecord::getRecordId, recordId);
|
List<SysUserPasswordRecord> records = page.getRecords();
|
||||||
queryWrapper.eq(ObjectUtil.isNotNull(userId), SysUserPasswordRecord::getUserId, userId);
|
if (records != null && records.size() > 0) {
|
||||||
queryWrapper.like(ObjectUtil.isNotEmpty(historyPassword), SysUserPasswordRecord::getHistoryPassword, historyPassword);
|
return records;
|
||||||
queryWrapper.like(ObjectUtil.isNotEmpty(historyPasswordSalt), SysUserPasswordRecord::getHistoryPasswordSalt, historyPasswordSalt);
|
}
|
||||||
queryWrapper.eq(ObjectUtil.isNotNull(updatePasswordTime), SysUserPasswordRecord::getUpdatePasswordTime, updatePasswordTime);
|
|
||||||
|
|
||||||
return queryWrapper;
|
return new ArrayList<>();
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue