调整修改密码接口

2022-09-09 18:45:00 +08:00 · 2022-09-09 18:45:00 +08:00 · 7a97610ca9
parent b7b87d406c
commit 7a97610ca9
3 changed files with 24 additions and 8 deletions
--- a/server/like-front/src/main/java/com/mdd/front/controller/UserController.java
+++ b/server/like-front/src/main/java/com/mdd/front/controller/UserController.java
@ -73,12 +73,13 @@ public class UserController {
     */
    @PostMapping("/changePwd")
    public Object changePwd(@RequestBody Map<String, String> params) {
+        Assert.notNull(params.get("oldPassword"), "oldPassword参数缺失");
        Assert.notNull(params.get("password"), "password参数缺失");
        if(!Pattern.matches("^(?![0-9]+$)(?![a-zA-Z]+$)[0-9A-Za-z]{6,20}$", params.get("password"))){
            throw new OperateException("密码必须是6-20字母+数字组合!");
        }
        Integer userId = LikeFrontThreadLocal.getUserId();
-        iUserService.changePwd(params.get("password"), userId);
+        iUserService.changePwd(params.get("password"), params.get("oldPassword"), userId);
        return AjaxResult.success();
    }

--- a/server/like-front/src/main/java/com/mdd/front/service/IUserService.java
+++ b/server/like-front/src/main/java/com/mdd/front/service/IUserService.java
@ -42,9 +42,10 @@ public interface IUserService {
     *
     * @author fzr
     * @param password 新密码
+     * @param oldPassword 旧密码
     * @param userId 用户ID
     */
-    void changePwd(String password, Integer userId);
+    void changePwd(String password, String oldPassword, Integer userId);

    /**
     * 绑定手机
--- a/server/like-front/src/main/java/com/mdd/front/service/impl/UserServiceImpl.java
+++ b/server/like-front/src/main/java/com/mdd/front/service/impl/UserServiceImpl.java
@ -23,6 +23,7 @@ import com.mdd.front.vo.user.UserInfoVo;
 import me.chanjar.weixin.common.error.WxErrorException;
 import org.springframework.beans.BeanUtils;
 import org.springframework.stereotype.Service;
+import org.springframework.util.Assert;

 import javax.annotation.Resource;
 import java.util.LinkedHashMap;
@ -172,15 +173,28 @@ public class UserServiceImpl implements IUserService {
     * @param userId 用户ID
     */
    @Override
-    public void changePwd(String password, Integer userId) {
+    public void changePwd(String password, String oldPassword, Integer userId) {
+        User user = userMapper.selectOne(new QueryWrapper<User>()
+                .select("id,password,salt")
+                .eq("id", userId)
+                .eq("is_delete", 0)
+                .last("limit 1"));
+
+        Assert.notNull(user, "用户不存在");
+        String oldPwd = ToolsUtil.makeMd5(oldPassword.trim()+user.getSalt());
+        if (!oldPwd.equals(user.getPassword())) {
+            throw new OperateException("原密码不正确!");
+        }
+
        String salt = ToolsUtil.randomString(5);
        String pwd  = ToolsUtil.makeMd5(password.trim()+salt);

-        User user = new User();
-        user.setPassword(pwd);
-        user.setSalt(salt);
-        user.setUpdateTime(System.currentTimeMillis() / 1000);
-        userMapper.updateById(user);
+        User u = new User();
+        u.setId(userId);
+        u.setPassword(pwd);
+        u.setSalt(salt);
+        u.setUpdateTime(System.currentTimeMillis() / 1000);
+        userMapper.updateById(u);
    }

    /**