alis
/
alis-ruoyi-up
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!424 fix 个人信息修改密码接口,隐藏新旧密码参数明文

Browse Source 
Merge pull request !424 from Bleachtred/5.X
feature/model
疯狂的狮子Li 1 year ago committed by Gitee
parent 23b7e5f8c7 977e9a119c
commit 2c64c66ed1
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 35 additions and 6 deletions
Show Stats Download Patch File Download Diff File

12
ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/controller/system/SysProfileController.java
Unescape Escape View File

@ -11,6 +11,7 @@ import org.dromara.common.log.enums.BusinessType;
import org.dromara.common.satoken.utils.LoginHelper; import org.dromara.common.satoken.utils.LoginHelper;
import org.dromara.common.web.core.BaseController; import org.dromara.common.web.core.BaseController;
import org.dromara.system.domain.bo.SysUserBo; import org.dromara.system.domain.bo.SysUserBo;
import org.dromara.system.domain.bo.SysUserPasswordBo;
import org.dromara.system.domain.bo.SysUserProfileBo; import org.dromara.system.domain.bo.SysUserProfileBo;
import org.dromara.system.domain.vo.AvatarVo; import org.dromara.system.domain.vo.AvatarVo;
import org.dromara.system.domain.vo.ProfileVo; import org.dromara.system.domain.vo.ProfileVo;
@ -76,22 +77,21 @@ public class SysProfileController extends BaseController {
/** /**
* *
* *
* @param newPassword * @param bo
* @param oldPassword
*/ */
@Log(title = "个人信息", businessType = BusinessType.UPDATE) @Log(title = "个人信息", businessType = BusinessType.UPDATE)
@PutMapping("/updatePwd") @PutMapping("/updatePwd")
public R<Void> updatePwd(String oldPassword, String newPassword) { public R<Void> updatePwd(@Validated @RequestBody SysUserPasswordBo bo) {
SysUserVo user = userService.selectUserById(LoginHelper.getUserId()); SysUserVo user = userService.selectUserById(LoginHelper.getUserId());
String password = user.getPassword(); String password = user.getPassword();
if (!BCrypt.checkpw(oldPassword, password)) { if (!BCrypt.checkpw(bo.getOldPassword(), password)) {
return R.fail("修改密码失败,旧密码错误"); return R.fail("修改密码失败,旧密码错误");
} }
if (BCrypt.checkpw(newPassword, password)) { if (BCrypt.checkpw(bo.getNewPassword(), password)) {
return R.fail("新密码不能与旧密码相同"); return R.fail("新密码不能与旧密码相同");
} }
if (userService.resetUserPwd(user.getUserId(), BCrypt.hashpw(newPassword)) > 0) { if (userService.resetUserPwd(user.getUserId(), BCrypt.hashpw(bo.getNewPassword())) > 0) {
return R.ok(); return R.ok();
} }
return R.fail("修改密码异常,请联系管理员"); return R.fail("修改密码异常,请联系管理员");

29
ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/bo/SysUserPasswordBo.java
Unescape Escape View File

@ -0,0 +1,29 @@
package org.dromara.system.domain.bo;
import jakarta.validation.constraints.NotBlank;
import lombok.Data;
import java.io.Serial;
import java.io.Serializable;
/**
* bo
*/
@Data
public class SysUserPasswordBo implements Serializable {
@Serial
private static final long serialVersionUID = 1L;
/**
*
*/
@NotBlank(message = "旧密码不能为空")
private String oldPassword;
/**
*
*/
@NotBlank(message = "新密码不能为空")
private String newPassword;
}
Write Preview
Loading…
Cancel
Save