新增密码强度

2025-12-07 01:18:27 +08:00 · 2023-03-07 11:37:38 +08:00 · 2023-03-07 11:37:38 +08:00 · 2f2ecf363f
commit 2f2ecf363f
parent 9abc0f43bd
2 changed files with 80 additions and 28 deletions
--- a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/ChangePasswodController.java
+++ b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/ChangePasswodController.java
@ -24,9 +24,13 @@ import org.maxkey.constants.ConstsOperateResult;
 import org.maxkey.constants.ConstsPasswordSetType;
 import org.maxkey.entity.ChangePassword;
 import org.maxkey.entity.Message;
 import org.maxkey.entity.PasswordPolicy;
 import org.maxkey.entity.UserInfo;
 import org.maxkey.persistence.repository.PasswordPolicyValidator;
 import org.maxkey.persistence.service.HistorySystemLogsService;
 import org.maxkey.persistence.service.PasswordPolicyService;
 import org.maxkey.persistence.service.UserInfoService;
 import org.maxkey.web.WebContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@ -48,6 +52,18 @@ public class ChangePasswodController {
 	@Autowired
 	HistorySystemLogsService systemLog;
 	@Autowired
 	private PasswordPolicyService passwordPolicyService;
 	@RequestMapping(value={"/passwordpolicy"}, produces = {MediaType.APPLICATION_JSON_VALUE})
 	public ResponseEntity<?> passwordpolicy(@CurrentUser UserInfo currentUser){
 		PasswordPolicy passwordPolicy = passwordPolicyService.get(currentUser.getInstId());
 		//构建密码强度说明
 		passwordPolicy.buildMessage();
 		return new Message<PasswordPolicy>(passwordPolicy).buildResponse();
 	}
 	@ResponseBody
 	@RequestMapping(value = { "/changePassword" }, produces = {MediaType.APPLICATION_JSON_VALUE})
 	public ResponseEntity<?> changePasswod(
@ -67,7 +83,9 @@ public class ChangePasswodController {
 					currentUser);
 			return new Message<ChangePassword>().buildResponse();
 		}else {
-				return new Message<ChangePassword>(Message.ERROR).buildResponse();
+			String message = (String) WebContext.getAttribute(PasswordPolicyValidator.PASSWORD_POLICY_VALIDATE_RESULT);
 			_logger.info("-message:",message);
 			return new Message<ChangePassword>(Message.ERROR,message).buildResponse();
 		}
 	}
--- a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/ForgotPasswordContorller.java
+++ b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/ForgotPasswordContorller.java
@ -24,11 +24,14 @@ import org.maxkey.authn.jwt.AuthTokenService;
 import org.maxkey.configuration.EmailConfig;
 import org.maxkey.entity.ChangePassword;
 import org.maxkey.entity.Message;
 import org.maxkey.entity.PasswordPolicy;
 import org.maxkey.entity.UserInfo;
 import org.maxkey.password.onetimepwd.AbstractOtpAuthn;
 import org.maxkey.password.onetimepwd.MailOtpAuthnService;
 import org.maxkey.password.sms.SmsOtpAuthnService;
 import org.maxkey.persistence.service.PasswordPolicyService;
 import org.maxkey.persistence.service.UserInfoService;
 import org.maxkey.web.WebContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@ -80,6 +83,37 @@ public class ForgotPasswordContorller {
    SmsOtpAuthnService smsOtpAuthnService;
 	@Autowired
 	private PasswordPolicyService passwordPolicyService;
 	@RequestMapping(value={"/passwordpolicy"}, produces = {MediaType.APPLICATION_JSON_VALUE})
 	public ResponseEntity<?> passwordpolicy(){
 		PasswordPolicy passwordPolicy = passwordPolicyService.get(WebContext.getInst().getId());
 		//构建密码强度说明
 		passwordPolicy.buildMessage();
 		return new Message<PasswordPolicy>(passwordPolicy).buildResponse();
 	}
 	@ResponseBody
 	@RequestMapping(value = { "/validateCaptcha" }, produces = {MediaType.APPLICATION_JSON_VALUE})
 	public ResponseEntity<?> validateCaptcha(
 			@RequestParam String userId,
 			@RequestParam String state,
 			@RequestParam String captcha,
 			@RequestParam String otpCaptcha) {
 		_logger.debug("forgotpassword  /forgotpassword/validateCaptcha.");
 		_logger.debug(" userId {}: " ,userId);
 		UserInfo userInfo = userInfoService.get(userId);
 		if(userInfo != null) {
 			AbstractOtpAuthn smsOtpAuthn = smsOtpAuthnService.getByInstId(userInfo.getInstId());
 			if (otpCaptcha == null || !smsOtpAuthn.validate(userInfo, otpCaptcha)) {
 				return new Message<ChangePassword>(Message.FAIL).buildResponse();
 			}
 			return new Message<ChangePassword>(Message.SUCCESS).buildResponse();
 		}
 		return new Message<ChangePassword>(Message.FAIL).buildResponse();
 	}
 	@ResponseBody