mirror of
https://gitee.com/dromara/MaxKey.git
synced 2025-12-07 01:18:27 +08:00
新增密码强度
This commit is contained in:
shibanglin
parent
9abc0f43bd
commit
2f2ecf363f
@ -1,19 +1,19 @@
|
||||
/*
|
||||
* Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
|
||||
*
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
|
||||
|
||||
package org.maxkey.web.contorller;
|
||||
|
||||
@ -24,9 +24,13 @@ import org.maxkey.constants.ConstsOperateResult;
|
||||
import org.maxkey.constants.ConstsPasswordSetType;
|
||||
import org.maxkey.entity.ChangePassword;
|
||||
import org.maxkey.entity.Message;
|
||||
import org.maxkey.entity.PasswordPolicy;
|
||||
import org.maxkey.entity.UserInfo;
|
||||
import org.maxkey.persistence.repository.PasswordPolicyValidator;
|
||||
import org.maxkey.persistence.service.HistorySystemLogsService;
|
||||
import org.maxkey.persistence.service.PasswordPolicyService;
|
||||
import org.maxkey.persistence.service.UserInfoService;
|
||||
import org.maxkey.web.WebContext;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
@ -41,34 +45,48 @@ import org.springframework.web.bind.annotation.ResponseBody;
|
||||
@RequestMapping(value={"/config"})
|
||||
public class ChangePasswodController {
|
||||
final static Logger _logger = LoggerFactory.getLogger(ChangePasswodController.class);
|
||||
|
||||
|
||||
@Autowired
|
||||
private UserInfoService userInfoService;
|
||||
|
||||
|
||||
@Autowired
|
||||
HistorySystemLogsService systemLog;
|
||||
|
||||
|
||||
@Autowired
|
||||
private PasswordPolicyService passwordPolicyService;
|
||||
|
||||
@RequestMapping(value={"/passwordpolicy"}, produces = {MediaType.APPLICATION_JSON_VALUE})
|
||||
public ResponseEntity<?> passwordpolicy(@CurrentUser UserInfo currentUser){
|
||||
PasswordPolicy passwordPolicy = passwordPolicyService.get(currentUser.getInstId());
|
||||
//构建密码强度说明
|
||||
passwordPolicy.buildMessage();
|
||||
return new Message<PasswordPolicy>(passwordPolicy).buildResponse();
|
||||
}
|
||||
|
||||
|
||||
@ResponseBody
|
||||
@RequestMapping(value = { "/changePassword" }, produces = {MediaType.APPLICATION_JSON_VALUE})
|
||||
public ResponseEntity<?> changePasswod(
|
||||
@RequestBody ChangePassword changePassword,
|
||||
@CurrentUser UserInfo currentUser) {
|
||||
|
||||
changePassword.setUserId(currentUser.getId());
|
||||
changePassword.setUsername(currentUser.getUsername());
|
||||
changePassword.setInstId(currentUser.getInstId());
|
||||
changePassword.setPasswordSetType(ConstsPasswordSetType.PASSWORD_NORMAL);
|
||||
if(userInfoService.changePassword(changePassword)) {
|
||||
systemLog.insert(
|
||||
ConstsEntryType.USERINFO,
|
||||
changePassword,
|
||||
ConstsOperateAction.CHANGE_PASSWORD,
|
||||
ConstsOperateResult.SUCCESS,
|
||||
currentUser);
|
||||
return new Message<ChangePassword>().buildResponse();
|
||||
}else {
|
||||
return new Message<ChangePassword>(Message.ERROR).buildResponse();
|
||||
}
|
||||
|
||||
changePassword.setUserId(currentUser.getId());
|
||||
changePassword.setUsername(currentUser.getUsername());
|
||||
changePassword.setInstId(currentUser.getInstId());
|
||||
changePassword.setPasswordSetType(ConstsPasswordSetType.PASSWORD_NORMAL);
|
||||
if(userInfoService.changePassword(changePassword)) {
|
||||
systemLog.insert(
|
||||
ConstsEntryType.USERINFO,
|
||||
changePassword,
|
||||
ConstsOperateAction.CHANGE_PASSWORD,
|
||||
ConstsOperateResult.SUCCESS,
|
||||
currentUser);
|
||||
return new Message<ChangePassword>().buildResponse();
|
||||
}else {
|
||||
String message = (String) WebContext.getAttribute(PasswordPolicyValidator.PASSWORD_POLICY_VALIDATE_RESULT);
|
||||
_logger.info("-message:",message);
|
||||
return new Message<ChangePassword>(Message.ERROR,message).buildResponse();
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -24,11 +24,14 @@ import org.maxkey.authn.jwt.AuthTokenService;
|
||||
import org.maxkey.configuration.EmailConfig;
|
||||
import org.maxkey.entity.ChangePassword;
|
||||
import org.maxkey.entity.Message;
|
||||
import org.maxkey.entity.PasswordPolicy;
|
||||
import org.maxkey.entity.UserInfo;
|
||||
import org.maxkey.password.onetimepwd.AbstractOtpAuthn;
|
||||
import org.maxkey.password.onetimepwd.MailOtpAuthnService;
|
||||
import org.maxkey.password.sms.SmsOtpAuthnService;
|
||||
import org.maxkey.persistence.service.PasswordPolicyService;
|
||||
import org.maxkey.persistence.service.UserInfoService;
|
||||
import org.maxkey.web.WebContext;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
@ -78,11 +81,42 @@ public class ForgotPasswordContorller {
|
||||
|
||||
@Autowired
|
||||
SmsOtpAuthnService smsOtpAuthnService;
|
||||
|
||||
|
||||
|
||||
|
||||
@ResponseBody
|
||||
|
||||
|
||||
@Autowired
|
||||
private PasswordPolicyService passwordPolicyService;
|
||||
|
||||
@RequestMapping(value={"/passwordpolicy"}, produces = {MediaType.APPLICATION_JSON_VALUE})
|
||||
public ResponseEntity<?> passwordpolicy(){
|
||||
PasswordPolicy passwordPolicy = passwordPolicyService.get(WebContext.getInst().getId());
|
||||
//构建密码强度说明
|
||||
passwordPolicy.buildMessage();
|
||||
return new Message<PasswordPolicy>(passwordPolicy).buildResponse();
|
||||
}
|
||||
|
||||
|
||||
@ResponseBody
|
||||
@RequestMapping(value = { "/validateCaptcha" }, produces = {MediaType.APPLICATION_JSON_VALUE})
|
||||
public ResponseEntity<?> validateCaptcha(
|
||||
@RequestParam String userId,
|
||||
@RequestParam String state,
|
||||
@RequestParam String captcha,
|
||||
@RequestParam String otpCaptcha) {
|
||||
_logger.debug("forgotpassword /forgotpassword/validateCaptcha.");
|
||||
_logger.debug(" userId {}: " ,userId);
|
||||
UserInfo userInfo = userInfoService.get(userId);
|
||||
if(userInfo != null) {
|
||||
AbstractOtpAuthn smsOtpAuthn = smsOtpAuthnService.getByInstId(userInfo.getInstId());
|
||||
if (otpCaptcha == null || !smsOtpAuthn.validate(userInfo, otpCaptcha)) {
|
||||
return new Message<ChangePassword>(Message.FAIL).buildResponse();
|
||||
}
|
||||
return new Message<ChangePassword>(Message.SUCCESS).buildResponse();
|
||||
}
|
||||
return new Message<ChangePassword>(Message.FAIL).buildResponse();
|
||||
}
|
||||
|
||||
|
||||
@ResponseBody
|
||||
@RequestMapping(value = { "/produceOtp" }, produces = {MediaType.APPLICATION_JSON_VALUE})
|
||||
public ResponseEntity<?> produceOtp(
|
||||
@RequestParam String mobile,
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user