huangqizhen
/
gold-java
2
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
141 Commits
39 Branches
0 Tags
3.1 MiB
 
Tree: f9082c8f64
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'f9082c8f64'
${ noResults }
gold-java/src/main/java/com/example/demo/serviceImpl/AdminServiceImpl.java

178 lines
6.6 KiB
Raw Blame History

package com.example.demo.serviceImpl;
import com.example.demo.domain.entity.Admin;
import com.example.demo.domain.vo.Password;
import com.example.demo.domain.vo.Result;
import com.example.demo.mapper.AdminMapper;
import com.example.demo.service.AdminService;
import lombok.RequiredArgsConstructor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Service;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.time.LocalDateTime;
import java.util.Date;
import java.util.regex.Pattern;
@Service
@RequiredArgsConstructor
public class AdminServiceImpl implements AdminService {
@Autowired
private AuthenticationManager authenticationManager;
private final AdminMapper adminMapper;
@Override
public Admin login(Admin admin) throws Exception {
String account = admin.getAccount();
String inputMachineId = admin.getMachineId();
if (StringUtils.isBlank(account)) {
throw new IllegalArgumentException("账号不能为空");
}
Admin adminInDB = adminMapper.getAdmin(account);
System.out.println("adminInDB:" + adminInDB);
if (adminInDB == null) {
throw new RuntimeException("无此精网号");
}
// 校验机器权限
if (!hasPermissionToMachine(adminInDB, inputMachineId)) {
throw new RuntimeException("你没有使用该机器的权限!");
}
try {
System.out.println("admin:" + account);
System.out.println("admin:" + admin.getPassword());
UsernamePasswordAuthenticationToken token =
new UsernamePasswordAuthenticationToken(account, admin.getPassword());
Authentication authentication = authenticationManager.authenticate(token);
return (Admin) authentication.getPrincipal();
} catch (Exception e) {
System.out.println("密码错误" + e.getMessage());
throw new RuntimeException("登录失败,请稍后再试", e);
}
}
@Override
public String getId(String account) {
return adminMapper.getAdmin(account).getId().toString();
}
private boolean hasPermissionToMachine(Admin admin, String targetMachineId) {
if (targetMachineId == null || admin.getMachineId() == null) {
return false;
}
String[] machineIds = admin.getMachineId().split(",");
for (String id : machineIds) {
if (targetMachineId.equals(id)) {
return true;
}
}
return false;
}
private static final String PASSWORD_REGEX = "^(?![0-9]+$)(?![a-zA-Z]+$)(?!\\W+$).{8,16}$";
private static final Pattern PASSWORD_PATTERN = Pattern.compile(PASSWORD_REGEX);
@Override
public Result updatePassword(Password password) {
String oldPassword = password.getOldPassword();
String newPassword = password.getNewPassword();
String againPassword = password.getAgainPassword();
if(oldPassword == null || newPassword == null || againPassword == null ||password.getAccount() == null) {
return Result.error("输入不能为空");
}
if (oldPassword.equals(newPassword)) {
return Result.error("新密码不能与旧密码相同");
}
// 检查两次输入的新密码是否一致
if (!newPassword.equals(againPassword)) {
return Result.error("两次输入的新密码不一致");
}
// 检查新密码是否符合复杂度要求
if (!PASSWORD_PATTERN.matcher(newPassword).matches()) {
return Result.error("新密码必须为8-16位数字、字母或符号组成,且至少包含其中两种");
}
if(adminMapper.getAdmin(password.getAccount())==null)
{
return Result.error("用户不存在");
}
try {
// 创建认证令牌并验证旧密码
UsernamePasswordAuthenticationToken token =
new UsernamePasswordAuthenticationToken(password.getAccount(), oldPassword);
Authentication authentication = authenticationManager.authenticate(token);
// 获取认证后的用户信息
Admin admin = (Admin) authentication.getPrincipal();
BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
// 使用Spring管理的密码编码器(不要手动new)
String encodedPassword = passwordEncoder.encode(newPassword);
// 更新数据库中的密码
admin.setPassword(encodedPassword);
admin.setUpdateTime(new Date()); // 更新修改时间
adminMapper.updatePassword(admin);
return Result.success("密码修改成功");
} catch (BadCredentialsException e) {
// 旧密码验证失败
return Result.error("原密码错误");
}
catch (Exception e) {
return Result.error("密码更新失败");
}
}
@Override
public Integer resetPassword(Password password) {
String newPassword = password.getNewPassword();
if(newPassword == null ||password.getAccount() == null) {
return 0;
}
// 检查新密码是否符合复杂度要求
if (!PASSWORD_PATTERN.matcher(newPassword).matches()) {
return 0;
}
if(adminMapper.getAdmin(password.getAccount())==null)
{
return 0;
}
try {
// 获取认证后的用户信息
Admin admin = adminMapper.getAdmin(password.getAccount());
BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
// 使用Spring管理的密码编码器(不要手动new)
String encodedPassword = passwordEncoder.encode(newPassword);
// 更新数据库中的密码
admin.setPassword(encodedPassword);
admin.setUpdateTime(new Date()); // 更新修改时间
adminMapper.updatePassword(admin);
return 1;
}
catch (Exception e) {
return 0;
}
}
}