From bf95ef962f4835ee2e576fc6318c28a3280d40b8 Mon Sep 17 00:00:00 2001 From: sxu <602087911@qq.com> Date: Fri, 25 Apr 2025 16:08:52 +0800 Subject: [PATCH] =?UTF-8?q?=E5=AF=86=E7=A0=81=E5=A4=8D=E6=9D=82=E5=BA=A6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../service/impl/CustInfoServiceImpl.java | 117 ++++++++++++------ 1 file changed, 77 insertions(+), 40 deletions(-) diff --git a/bonus-modules/bonus-smart-canteen/src/main/java/com/bonus/canteen/core/customer/service/impl/CustInfoServiceImpl.java b/bonus-modules/bonus-smart-canteen/src/main/java/com/bonus/canteen/core/customer/service/impl/CustInfoServiceImpl.java index a26a6cad..75d2732a 100644 --- a/bonus-modules/bonus-smart-canteen/src/main/java/com/bonus/canteen/core/customer/service/impl/CustInfoServiceImpl.java +++ b/bonus-modules/bonus-smart-canteen/src/main/java/com/bonus/canteen/core/customer/service/impl/CustInfoServiceImpl.java @@ -206,9 +206,30 @@ public class CustInfoServiceImpl extends ServiceImpl i content.setNewPassword(AesEncryptUtil.aesDecode(content.getNewPassword())); String oldPassword = content.getOldPassword(); String newPassword = content.getNewPassword(); - AjaxResult pwdCheckResult = validatePassword(oldPassword, newPassword); - if (ajaxResult.isError()) { - return pwdCheckResult; + // 1. 检查密码长度 + log.error("开始验证密码长度"); + if (!isPasswordLengthValid(newPassword)) { + return AjaxResult.error(500, "密码长度应为6至16位!"); + } + // 2. 检查密码字符类型 + log.error("开始验证密码字符"); + if (!isPasswordCharacterValid(newPassword)) { + return AjaxResult.error(500, "密码必须包含大、小字母、数字、特殊字符!"); + } + // 3. 检查常见弱密码 + log.error("开始验证弱密码片段"); + if (containsWeakPassword(newPassword.toLowerCase())) { + return AjaxResult.error(500, "密码包含常见的弱密码片段!"); + } + // 4. 检查连续字符 + log.error("开始验证密码连续字符"); + if (containsConsecutiveCharacters(newPassword.toLowerCase(), 3)) { + return AjaxResult.error(500, "密码不能包含超过3位连续字符!"); + } + // 5. 检查新旧密码是否相同 + log.error("开始验证新旧密码"); + if (StringUtils.isNotEmpty(oldPassword) && SecurityUtils.matchesPassword(newPassword, oldPassword)) { + return AjaxResult.error(500, "新密码不能与原密码相同!"); } if (Objects.equals(oldPassword, newPassword)) { log.error("小程序修改密码错误:两次密码不能一致"); @@ -235,40 +256,40 @@ public class CustInfoServiceImpl extends ServiceImpl i return ajaxResult; } - public AjaxResult validatePassword(String oldPassword, String newPassword) { - // 1. 检查密码长度 - log.error("开始验证密码长度"); - if (!isPasswordLengthValid(newPassword)) { - return AjaxResult.error("密码长度应为6至16位!"); - } - - // 2. 检查密码字符类型 - log.error("开始验证密码字符"); - if (!isPasswordCharacterValid(newPassword)) { - return AjaxResult.error("密码必须包含大、小字母、数字、特殊字符!"); - } - - // 3. 检查常见弱密码 - log.error("开始验证弱密码片段"); - if (containsWeakPassword(newPassword.toLowerCase())) { - return AjaxResult.error("密码包含常见的弱密码片段!"); - } - - // 4. 检查连续字符 - log.error("开始验证密码连续字符"); - if (containsConsecutiveCharacters(newPassword.toLowerCase(), 3)) { - return AjaxResult.error("密码不能包含超过3位连续字符!"); - } - - // 5. 检查新旧密码是否相同 - log.error("开始验证新旧密码"); - if (StringUtils.isNotEmpty(oldPassword) && SecurityUtils.matchesPassword(newPassword, oldPassword)) { - return AjaxResult.error("新密码不能与原密码相同!"); - } - - log.error("完成密码复杂度验证"); - return AjaxResult.success(); - } +// public AjaxResult validatePassword(String oldPassword, String newPassword) { +// // 1. 检查密码长度 +// log.error("开始验证密码长度"); +// if (!isPasswordLengthValid(newPassword)) { +// return AjaxResult.error(500, "密码长度应为6至16位!"); +// } +// +// // 2. 检查密码字符类型 +// log.error("开始验证密码字符"); +// if (!isPasswordCharacterValid(newPassword)) { +// return AjaxResult.error(500, "密码必须包含大、小字母、数字、特殊字符!"); +// } +// +// // 3. 检查常见弱密码 +// log.error("开始验证弱密码片段"); +// if (containsWeakPassword(newPassword.toLowerCase())) { +// return AjaxResult.error(500, "密码包含常见的弱密码片段!"); +// } +// +// // 4. 检查连续字符 +// log.error("开始验证密码连续字符"); +// if (containsConsecutiveCharacters(newPassword.toLowerCase(), 3)) { +// return AjaxResult.error(500, "密码不能包含超过3位连续字符!"); +// } +// +// // 5. 检查新旧密码是否相同 +// log.error("开始验证新旧密码"); +// if (StringUtils.isNotEmpty(oldPassword) && SecurityUtils.matchesPassword(newPassword, oldPassword)) { +// return AjaxResult.error(500, "新密码不能与原密码相同!"); +// } +// +// log.error("完成密码复杂度验证"); +// return AjaxResult.success(); +// } private boolean isPasswordLengthValid(String password) { return password.length() >= 6 && password.length() <= 16; @@ -450,9 +471,25 @@ public class CustInfoServiceImpl extends ServiceImpl i ajaxResult.put("code", "500"); } else { String newPassword = content.getNewPassword(); - AjaxResult pwdCheckResult = validatePassword(null, newPassword); - if (ajaxResult.isError()) { - return pwdCheckResult; + // 1. 检查密码长度 + log.error("开始验证密码长度"); + if (!isPasswordLengthValid(newPassword)) { + return AjaxResult.error(500, "密码长度应为6至16位!"); + } + // 2. 检查密码字符类型 + log.error("开始验证密码字符"); + if (!isPasswordCharacterValid(newPassword)) { + return AjaxResult.error(500, "密码必须包含大、小字母、数字、特殊字符!"); + } + // 3. 检查常见弱密码 + log.error("开始验证弱密码片段"); + if (containsWeakPassword(newPassword.toLowerCase())) { + return AjaxResult.error(500, "密码包含常见的弱密码片段!"); + } + // 4. 检查连续字符 + log.error("开始验证密码连续字符"); + if (containsConsecutiveCharacters(newPassword.toLowerCase(), 3)) { + return AjaxResult.error(500, "密码不能包含超过3位连续字符!"); } BCryptPasswordEncoder bCrypt = new BCryptPasswordEncoder(); String password = bCrypt.encode(newPassword);