You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
package com.example.demo.serviceImpl;
import com.example.demo.domain.entity.Admin;import com.example.demo.domain.vo.Password;import com.example.demo.domain.vo.Result;import com.example.demo.mapper.AdminMapper;import com.example.demo.service.AdminService;import lombok.RequiredArgsConstructor;import org.springframework.beans.factory.annotation.Autowired;import org.springframework.security.authentication.AuthenticationManager;import org.springframework.security.authentication.BadCredentialsException;import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;import org.springframework.security.core.Authentication;import org.springframework.security.core.userdetails.UsernameNotFoundException;import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;import org.springframework.stereotype.Service;import org.apache.commons.lang3.StringUtils;import org.slf4j.Logger;import org.slf4j.LoggerFactory;
import java.time.LocalDateTime;import java.util.Date;import java.util.regex.Pattern;
@Service@RequiredArgsConstructorpublic class AdminServiceImpl implements AdminService {
@Autowired private AuthenticationManager authenticationManager; private final AdminMapper adminMapper;
@Override public Admin login(Admin admin) throws Exception { String account = admin.getAccount(); String inputMachineId = admin.getMachineId();
if (StringUtils.isBlank(account)) { throw new IllegalArgumentException("账号不能为空"); }
Admin adminInDB = adminMapper.getAdmin(account); System.out.println("adminInDB:" + adminInDB); if (adminInDB == null) { throw new RuntimeException("无此精网号"); }
// 校验机器权限
if (!hasPermissionToMachine(adminInDB, inputMachineId)) { throw new RuntimeException("你没有使用该机器的权限!"); }
try { System.out.println("admin:" + account); System.out.println("admin:" + admin.getPassword()); UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(account, admin.getPassword()); Authentication authentication = authenticationManager.authenticate(token); return (Admin) authentication.getPrincipal();
} catch (Exception e) { System.out.println("密码错误" + e.getMessage()); throw new RuntimeException("登录失败,请稍后再试", e); } }
@Override public String getId(String account) { return adminMapper.getAdmin(account).getId().toString(); }
private boolean hasPermissionToMachine(Admin admin, String targetMachineId) { if (targetMachineId == null || admin.getMachineId() == null) { return false; } String[] machineIds = admin.getMachineId().split(","); for (String id : machineIds) { if (targetMachineId.equals(id)) { return true; } } return false; }
private static final String PASSWORD_REGEX = "^(?![0-9]+$)(?![a-zA-Z]+$)(?!\\W+$).{8,16}$"; private static final Pattern PASSWORD_PATTERN = Pattern.compile(PASSWORD_REGEX);
@Override public Result updatePassword(Password password) {
String oldPassword = password.getOldPassword(); String newPassword = password.getNewPassword(); String againPassword = password.getAgainPassword(); if(oldPassword == null || newPassword == null || againPassword == null ||password.getAccount() == null) { return Result.error("输入不能为空"); } if (oldPassword.equals(newPassword)) { return Result.error("新密码不能与旧密码相同"); } // 检查两次输入的新密码是否一致
if (!newPassword.equals(againPassword)) { return Result.error("两次输入的新密码不一致"); } // 检查新密码是否符合复杂度要求
if (!PASSWORD_PATTERN.matcher(newPassword).matches()) { return Result.error("新密码必须为8-16位数字、字母或符号组成,且至少包含其中两种"); } if(adminMapper.getAdmin(password.getAccount())==null) { return Result.error("用户不存在"); } try { // 创建认证令牌并验证旧密码
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(password.getAccount(), oldPassword); Authentication authentication = authenticationManager.authenticate(token);
// 获取认证后的用户信息
Admin admin = (Admin) authentication.getPrincipal();
BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder(); // 使用Spring管理的密码编码器(不要手动new)
String encodedPassword = passwordEncoder.encode(newPassword);
// 更新数据库中的密码
admin.setPassword(encodedPassword); admin.setUpdateTime(new Date()); // 更新修改时间
adminMapper.updatePassword(admin);
return Result.success("密码修改成功");
} catch (BadCredentialsException e) { // 旧密码验证失败
return Result.error("原密码错误"); } catch (Exception e) { return Result.error("密码更新失败"); } }
@Override public Integer resetPassword(Password password) {
String newPassword = password.getNewPassword(); if(newPassword == null ||password.getAccount() == null) { return 0; }
// 检查新密码是否符合复杂度要求
if (!PASSWORD_PATTERN.matcher(newPassword).matches()) { return 0; } if(adminMapper.getAdmin(password.getAccount())==null) { return 0; } try { // 获取认证后的用户信息
Admin admin = adminMapper.getAdmin(password.getAccount());
BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder(); // 使用Spring管理的密码编码器(不要手动new)
String encodedPassword = passwordEncoder.encode(newPassword);
// 更新数据库中的密码
admin.setPassword(encodedPassword); admin.setUpdateTime(new Date()); // 更新修改时间
adminMapper.updatePassword(admin);
return 1; } catch (Exception e) { return 0; } }}
|
