新增密码强度

2025-12-07 01:18:27 +08:00 · 2023-03-07 11:37:38 +08:00 · 2023-03-07 11:37:38 +08:00 · 2f2ecf363f
commit 2f2ecf363f
parent 9abc0f43bd
2 changed files with 80 additions and 28 deletions
--- a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/ChangePasswodController.java
+++ b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/ChangePasswodController.java
@ -24,9 +24,13 @@ import org.maxkey.constants.ConstsOperateResult;
 import org.maxkey.constants.ConstsPasswordSetType;
 import org.maxkey.entity.ChangePassword;
 import org.maxkey.entity.Message;
 import org.maxkey.entity.PasswordPolicy;
 import org.maxkey.entity.UserInfo;
 import org.maxkey.persistence.repository.PasswordPolicyValidator;
 import org.maxkey.persistence.service.HistorySystemLogsService;
 import org.maxkey.persistence.service.PasswordPolicyService;
 import org.maxkey.persistence.service.UserInfoService;
 import org.maxkey.web.WebContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@ -48,27 +52,41 @@ public class ChangePasswodController {
 	@Autowired
 	HistorySystemLogsService systemLog;
 	@Autowired
 	private PasswordPolicyService passwordPolicyService;
 	@RequestMapping(value={"/passwordpolicy"}, produces = {MediaType.APPLICATION_JSON_VALUE})
 	public ResponseEntity<?> passwordpolicy(@CurrentUser UserInfo currentUser){
 		PasswordPolicy passwordPolicy = passwordPolicyService.get(currentUser.getInstId());
 		//构建密码强度说明
 		passwordPolicy.buildMessage();
 		return new Message<PasswordPolicy>(passwordPolicy).buildResponse();
 	}
 	@ResponseBody
 	@RequestMapping(value = { "/changePassword" }, produces = {MediaType.APPLICATION_JSON_VALUE})
 	public ResponseEntity<?> changePasswod(
 			@RequestBody ChangePassword changePassword,
 			@CurrentUser UserInfo currentUser) {
-			changePassword.setUserId(currentUser.getId());
+		changePassword.setUserId(currentUser.getId());
-			changePassword.setUsername(currentUser.getUsername());
+		changePassword.setUsername(currentUser.getUsername());
-			changePassword.setInstId(currentUser.getInstId());
+		changePassword.setInstId(currentUser.getInstId());
-			changePassword.setPasswordSetType(ConstsPasswordSetType.PASSWORD_NORMAL);
+		changePassword.setPasswordSetType(ConstsPasswordSetType.PASSWORD_NORMAL);
-			if(userInfoService.changePassword(changePassword)) {
+		if(userInfoService.changePassword(changePassword)) {
-				systemLog.insert(
+			systemLog.insert(
-						ConstsEntryType.USERINFO, 
+					ConstsEntryType.USERINFO,
-						changePassword, 
+					changePassword,
-						ConstsOperateAction.CHANGE_PASSWORD, 
+					ConstsOperateAction.CHANGE_PASSWORD,
-						ConstsOperateResult.SUCCESS, 
+					ConstsOperateResult.SUCCESS,
-						currentUser);
+					currentUser);
-				return new Message<ChangePassword>().buildResponse();
+			return new Message<ChangePassword>().buildResponse();
-			}else {
+		}else {
-				return new Message<ChangePassword>(Message.ERROR).buildResponse();
+			String message = (String) WebContext.getAttribute(PasswordPolicyValidator.PASSWORD_POLICY_VALIDATE_RESULT);
-			}	
+			_logger.info("-message:",message);
 			return new Message<ChangePassword>(Message.ERROR,message).buildResponse();
 		}
 	}
 }
--- a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/ForgotPasswordContorller.java
+++ b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/ForgotPasswordContorller.java
@ -24,11 +24,14 @@ import org.maxkey.authn.jwt.AuthTokenService;
 import org.maxkey.configuration.EmailConfig;
 import org.maxkey.entity.ChangePassword;
 import org.maxkey.entity.Message;
 import org.maxkey.entity.PasswordPolicy;
 import org.maxkey.entity.UserInfo;
 import org.maxkey.password.onetimepwd.AbstractOtpAuthn;
 import org.maxkey.password.onetimepwd.MailOtpAuthnService;
 import org.maxkey.password.sms.SmsOtpAuthnService;
 import org.maxkey.persistence.service.PasswordPolicyService;
 import org.maxkey.persistence.service.UserInfoService;
 import org.maxkey.web.WebContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@ -80,9 +83,40 @@ public class ForgotPasswordContorller {
    SmsOtpAuthnService smsOtpAuthnService;
 	@Autowired
 	private PasswordPolicyService passwordPolicyService;
 	@RequestMapping(value={"/passwordpolicy"}, produces = {MediaType.APPLICATION_JSON_VALUE})
 	public ResponseEntity<?> passwordpolicy(){
 		PasswordPolicy passwordPolicy = passwordPolicyService.get(WebContext.getInst().getId());
 		//构建密码强度说明
 		passwordPolicy.buildMessage();
 		return new Message<PasswordPolicy>(passwordPolicy).buildResponse();
 	}
-    @ResponseBody
+	@ResponseBody
 	@RequestMapping(value = { "/validateCaptcha" }, produces = {MediaType.APPLICATION_JSON_VALUE})
 	public ResponseEntity<?> validateCaptcha(
 			@RequestParam String userId,
 			@RequestParam String state,
 			@RequestParam String captcha,
 			@RequestParam String otpCaptcha) {
 		_logger.debug("forgotpassword  /forgotpassword/validateCaptcha.");
 		_logger.debug(" userId {}: " ,userId);
 		UserInfo userInfo = userInfoService.get(userId);
 		if(userInfo != null) {
 			AbstractOtpAuthn smsOtpAuthn = smsOtpAuthnService.getByInstId(userInfo.getInstId());
 			if (otpCaptcha == null || !smsOtpAuthn.validate(userInfo, otpCaptcha)) {
 				return new Message<ChangePassword>(Message.FAIL).buildResponse();
 			}
 			return new Message<ChangePassword>(Message.SUCCESS).buildResponse();
 		}
 		return new Message<ChangePassword>(Message.FAIL).buildResponse();
 	}
 	@ResponseBody
 	@RequestMapping(value = { "/produceOtp" }, produces = {MediaType.APPLICATION_JSON_VALUE})
    public ResponseEntity<?> produceOtp(
    			@RequestParam String mobile,