admin/MaxKey
1
0
Fork 0
mirror of https://gitee.com/dromara/MaxKey.git synced 2025-12-07 09:28:49 +08:00
Code Issues Packages Projects Releases Wiki Activity

新增密码强度

Browse Source
This commit is contained in:
shibanglin 2023-03-07 11:37:38 +08:00
parent 9abc0f43bd
commit 2f2ecf363f
2 changed files with 80 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/ChangePasswodController.java
View File

@ -1,19 +1,19 @@
/* /*
* Copyright [2022] [MaxKey of copyright http://www.maxkey.top] * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
* You may obtain a copy of the License at * You may obtain a copy of the License at
* *
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
* *
* Unless required by applicable law or agreed to in writing, software * Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, * distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
*/ */
package org.maxkey.web.contorller; package org.maxkey.web.contorller;
@ -24,9 +24,13 @@ import org.maxkey.constants.ConstsOperateResult;
import org.maxkey.constants.ConstsPasswordSetType; import org.maxkey.constants.ConstsPasswordSetType;
import org.maxkey.entity.ChangePassword; import org.maxkey.entity.ChangePassword;
import org.maxkey.entity.Message; import org.maxkey.entity.Message;
import org.maxkey.entity.PasswordPolicy;
import org.maxkey.entity.UserInfo; import org.maxkey.entity.UserInfo;
import org.maxkey.persistence.repository.PasswordPolicyValidator;
import org.maxkey.persistence.service.HistorySystemLogsService; import org.maxkey.persistence.service.HistorySystemLogsService;
import org.maxkey.persistence.service.PasswordPolicyService;
import org.maxkey.persistence.service.UserInfoService; import org.maxkey.persistence.service.UserInfoService;
import org.maxkey.web.WebContext;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
@ -41,34 +45,48 @@ import org.springframework.web.bind.annotation.ResponseBody;
@RequestMapping(value={"/config"}) @RequestMapping(value={"/config"})
public class ChangePasswodController { public class ChangePasswodController {
final static Logger _logger = LoggerFactory.getLogger(ChangePasswodController.class); final static Logger _logger = LoggerFactory.getLogger(ChangePasswodController.class);
@Autowired @Autowired
private UserInfoService userInfoService; private UserInfoService userInfoService;
@Autowired @Autowired
HistorySystemLogsService systemLog; HistorySystemLogsService systemLog;
@Autowired
private PasswordPolicyService passwordPolicyService;
@RequestMapping(value={"/passwordpolicy"}, produces = {MediaType.APPLICATION_JSON_VALUE})
public ResponseEntity<?> passwordpolicy(@CurrentUser UserInfo currentUser){
PasswordPolicy passwordPolicy = passwordPolicyService.get(currentUser.getInstId());
//构建密码强度说明
passwordPolicy.buildMessage();
return new Message<PasswordPolicy>(passwordPolicy).buildResponse();
}
@ResponseBody @ResponseBody
@RequestMapping(value = { "/changePassword" }, produces = {MediaType.APPLICATION_JSON_VALUE}) @RequestMapping(value = { "/changePassword" }, produces = {MediaType.APPLICATION_JSON_VALUE})
public ResponseEntity<?> changePasswod( public ResponseEntity<?> changePasswod(
@RequestBody ChangePassword changePassword, @RequestBody ChangePassword changePassword,
@CurrentUser UserInfo currentUser) { @CurrentUser UserInfo currentUser) {
changePassword.setUserId(currentUser.getId()); changePassword.setUserId(currentUser.getId());
changePassword.setUsername(currentUser.getUsername()); changePassword.setUsername(currentUser.getUsername());
changePassword.setInstId(currentUser.getInstId()); changePassword.setInstId(currentUser.getInstId());
changePassword.setPasswordSetType(ConstsPasswordSetType.PASSWORD_NORMAL); changePassword.setPasswordSetType(ConstsPasswordSetType.PASSWORD_NORMAL);
if(userInfoService.changePassword(changePassword)) { if(userInfoService.changePassword(changePassword)) {
systemLog.insert( systemLog.insert(
ConstsEntryType.USERINFO, ConstsEntryType.USERINFO,
changePassword, changePassword,
ConstsOperateAction.CHANGE_PASSWORD, ConstsOperateAction.CHANGE_PASSWORD,
ConstsOperateResult.SUCCESS, ConstsOperateResult.SUCCESS,
currentUser); currentUser);
return new Message<ChangePassword>().buildResponse(); return new Message<ChangePassword>().buildResponse();
}else { }else {
return new Message<ChangePassword>(Message.ERROR).buildResponse(); String message = (String) WebContext.getAttribute(PasswordPolicyValidator.PASSWORD_POLICY_VALIDATE_RESULT);
} _logger.info("-message:",message);
return new Message<ChangePassword>(Message.ERROR,message).buildResponse();
}
} }
} }

44
maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/ForgotPasswordContorller.java
View File

@ -24,11 +24,14 @@ import org.maxkey.authn.jwt.AuthTokenService;
import org.maxkey.configuration.EmailConfig; import org.maxkey.configuration.EmailConfig;
import org.maxkey.entity.ChangePassword; import org.maxkey.entity.ChangePassword;
import org.maxkey.entity.Message; import org.maxkey.entity.Message;
import org.maxkey.entity.PasswordPolicy;
import org.maxkey.entity.UserInfo; import org.maxkey.entity.UserInfo;
import org.maxkey.password.onetimepwd.AbstractOtpAuthn; import org.maxkey.password.onetimepwd.AbstractOtpAuthn;
import org.maxkey.password.onetimepwd.MailOtpAuthnService; import org.maxkey.password.onetimepwd.MailOtpAuthnService;
import org.maxkey.password.sms.SmsOtpAuthnService; import org.maxkey.password.sms.SmsOtpAuthnService;
import org.maxkey.persistence.service.PasswordPolicyService;
import org.maxkey.persistence.service.UserInfoService; import org.maxkey.persistence.service.UserInfoService;
import org.maxkey.web.WebContext;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
@ -78,11 +81,42 @@ public class ForgotPasswordContorller {
@Autowired @Autowired
SmsOtpAuthnService smsOtpAuthnService; SmsOtpAuthnService smsOtpAuthnService;
@Autowired
private PasswordPolicyService passwordPolicyService;
@ResponseBody
@RequestMapping(value={"/passwordpolicy"}, produces = {MediaType.APPLICATION_JSON_VALUE})
public ResponseEntity<?> passwordpolicy(){
PasswordPolicy passwordPolicy = passwordPolicyService.get(WebContext.getInst().getId());
//构建密码强度说明
passwordPolicy.buildMessage();
return new Message<PasswordPolicy>(passwordPolicy).buildResponse();
}
@ResponseBody
@RequestMapping(value = { "/validateCaptcha" }, produces = {MediaType.APPLICATION_JSON_VALUE})
public ResponseEntity<?> validateCaptcha(
@RequestParam String userId,
@RequestParam String state,
@RequestParam String captcha,
@RequestParam String otpCaptcha) {
_logger.debug("forgotpassword /forgotpassword/validateCaptcha.");
_logger.debug(" userId {}: " ,userId);
UserInfo userInfo = userInfoService.get(userId);
if(userInfo != null) {
AbstractOtpAuthn smsOtpAuthn = smsOtpAuthnService.getByInstId(userInfo.getInstId());
if (otpCaptcha == null || !smsOtpAuthn.validate(userInfo, otpCaptcha)) {
return new Message<ChangePassword>(Message.FAIL).buildResponse();
}
return new Message<ChangePassword>(Message.SUCCESS).buildResponse();
}
return new Message<ChangePassword>(Message.FAIL).buildResponse();
}
@ResponseBody
@RequestMapping(value = { "/produceOtp" }, produces = {MediaType.APPLICATION_JSON_VALUE}) @RequestMapping(value = { "/produceOtp" }, produces = {MediaType.APPLICATION_JSON_VALUE})
public ResponseEntity<?> produceOtp( public ResponseEntity<?> produceOtp(
@RequestParam String mobile, @RequestParam String mobile,