密码修改

1 month ago · 47d0e611c8
5 changed files with 96 additions and 7 deletions
--- a/src/main/java/com/example/demo/controller/AdminController.java
+++ b/src/main/java/com/example/demo/controller/AdminController.java
@ -3,6 +3,7 @@ package com.example.demo.controller;
 import com.example.demo.Util.JWTUtil;
 import com.example.demo.Util.TokenPayload;
 import com.example.demo.domain.entity.Admin;
 import com.example.demo.domain.vo.Password;
 import com.example.demo.domain.vo.Result;
 import com.example.demo.service.AdminService;
 import com.fasterxml.jackson.core.JsonProcessingException;
@ -29,6 +30,7 @@ import org.springframework.web.bind.annotation.*;
 public class AdminController {
    @Autowired
    private AdminService adminService;
    @PostMapping("/login")
    public Result login(@RequestBody Admin admin) {
@ -44,6 +46,7 @@ public class AdminController {
            return Result.error(e.getMessage());
        }
    }
    @PostMapping("/userinfo")
    public UserDetails getUserInfo(@RequestHeader("token") String token1) {
@ -69,4 +72,17 @@ public class AdminController {
            return Result.error(e.getMessage());
        }
    }
    @PostMapping("/password")
    public Result updatePassword(@RequestBody Password password){
        try {
            return adminService.updatePassword(password);
        } catch (Exception e) {
            return Result.error("输入不能为空，请检查");
        }
    }
 }
--- a/src/main/java/com/example/demo/mapper/AdminMapper.java
+++ b/src/main/java/com/example/demo/mapper/AdminMapper.java
@ -16,5 +16,7 @@ public interface AdminMapper {
    Admin getAdmin(String  account);
    Admin selectByName(String account);
    Integer getId(String account);
    void updatePassword(Admin admin);
 }
--- a/src/main/java/com/example/demo/service/AdminService.java
+++ b/src/main/java/com/example/demo/service/AdminService.java
@ -1,6 +1,8 @@
 package com.example.demo.service;
 import com.example.demo.domain.entity.Admin;
 import com.example.demo.domain.vo.Password;
 import com.example.demo.domain.vo.Result;
 /**
 * @program: GOLD
@ -14,4 +16,6 @@ public interface AdminService {
    Admin login(Admin admin)throws Exception;
    String getId(String account);
    Result updatePassword(Password password);
 }
--- a/src/main/java/com/example/demo/serviceImpl/AdminServiceImpl.java
+++ b/src/main/java/com/example/demo/serviceImpl/AdminServiceImpl.java
@ -1,18 +1,27 @@
 package com.example.demo.serviceImpl;
 import com.example.demo.domain.entity.Admin;
 import com.example.demo.domain.vo.Password;
 import com.example.demo.domain.vo.Result;
 import com.example.demo.mapper.AdminMapper;
 import com.example.demo.service.AdminService;
 import lombok.RequiredArgsConstructor;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.stereotype.Service;
 import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import java.time.LocalDateTime;
 import java.util.Date;
 import java.util.regex.Pattern;
@Service
@RequiredArgsConstructor
 public class AdminServiceImpl implements AdminService {
@ -72,4 +81,54 @@ public class AdminServiceImpl implements AdminService {
        }
        return false;
    }
    private static final String PASSWORD_REGEX = "^(?![0-9]+$)(?![a-zA-Z]+$)(?!\\W+$).{8,16}$";
    private static final Pattern PASSWORD_PATTERN = Pattern.compile(PASSWORD_REGEX);
    @Override
    public Result updatePassword(Password password) {
        String oldPassword = password.getOldPassword();
        String newPassword = password.getNewPassword();
        String againPassword = password.getAgainPassword();
        // 检查两次输入的新密码是否一致
        if (!newPassword.equals(againPassword)) {
            return Result.error("两次输入的新密码不一致");
        }
        // 检查新密码是否符合复杂度要求
        if (!PASSWORD_PATTERN.matcher(newPassword).matches()) {
            return Result.error("新密码必须为8-16位数字、字母或符号组成，且至少包含其中两种");
        }
        if(adminMapper.getAdmin(password.getAccount())==null)
        {
            return Result.error("用户不存在");
        }
        try {
            // 创建认证令牌并验证旧密码
            UsernamePasswordAuthenticationToken token =
                    new UsernamePasswordAuthenticationToken(password.getAccount(), oldPassword);
            Authentication authentication = authenticationManager.authenticate(token);
            // 获取认证后的用户信息
            Admin admin = (Admin) authentication.getPrincipal();
            BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
            // 使用Spring管理的密码编码器（不要手动new）
            String encodedPassword = passwordEncoder.encode(newPassword);
            // 更新数据库中的密码
            admin.setPassword(encodedPassword);
            admin.setUpdateTime(new Date()); // 更新修改时间
            adminMapper.updatePassword(admin);
            return Result.success("密码修改成功");
        } catch (BadCredentialsException e) {
            // 旧密码验证失败
            return Result.error("原密码错误");
        }
        catch (Exception e) {
            return Result.error("密码更新失败");
        }
    }
 }
--- a/src/main/resources/mapper/AdminMapper.xml
+++ b/src/main/resources/mapper/AdminMapper.xml
@ -14,4 +14,12 @@
        select id from admin
        where account=#{account}
    </select>
    <!--更新用户密码-->
    <update id="updatePassword">
        update admin
        set password = #{password},
            update_time = #{updateTime}
        where account = #{account}
    </update>
 </mapper>