bonus
/
Bonus-Cloud
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

密码校验问题处理

This commit is contained in:
sxu 2025-07-09 11:32:27 +08:00
parent 2b39f566d3
commit 80d5adc94b
2 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
bonus-auth/src/main/java/com/bonus/auth/service/PasswordValidatorService.java
View File

@ -8,6 +8,7 @@ import com.bonus.common.core.exception.CaptchaException;
import com.bonus.common.core.exception.ServiceException;
import com.bonus.common.core.text.Convert;
import com.bonus.common.core.utils.StringUtils;
import com.bonus.common.core.utils.encryption.Sm4Utils;
import com.bonus.common.core.utils.ip.IpUtils;
import com.bonus.common.core.web.domain.AjaxResult;
import com.bonus.common.redis.service.RedisService;
@ -47,10 +48,11 @@ public class PasswordValidatorService {
* 对新密码进行校验返回布尔值表示密码是否符合要求
*
* @param username 用户名不能包含在密码中
* @param newPassword 新密码
* @param decryptedNewPassword 新密码
* @return 如果密码符合策略要求则返回 AjaxResult.success否则返回错误提示
*/
public AjaxResult validatePassword(String username, String newPassword) {
public AjaxResult validatePassword(String username, String decryptedNewPassword) {
String newPassword = Sm4Utils.decrypt(decryptedNewPassword);
if (!isPasswordLengthValid(newPassword)) {
return AjaxResult.error("密码长度应为" + systemConfig.getPasswordConfig().getMinLength() + "" + systemConfig.getPasswordConfig().getMaxLength() + "位!");
}

5
bonus-modules/bonus-system/src/main/java/com/bonus/system/service/impl/PasswordValidatorServiceImpl.java
View File

@ -1,6 +1,7 @@
package com.bonus.system.service.impl;
import com.bonus.common.core.utils.DateUtils;
import com.bonus.common.core.utils.encryption.Sm4Utils;
import com.bonus.common.core.web.domain.AjaxResult;
import com.bonus.common.security.utils.SecurityUtils;
import com.bonus.config.SystemConfig;
@ -31,7 +32,9 @@ public class PasswordValidatorServiceImpl implements PasswordValidatorService {
private PasswordValidatorMapper passwordValidatorMapper;
@Override
public AjaxResult validatePassword(Long userId, String username, String oldPassword, String newPassword) {
public AjaxResult validatePassword(Long userId, String username, String decryptedOldPassword, String decryptedNewPassword) {
String oldPassword = Sm4Utils.decrypt(decryptedOldPassword);
String newPassword = Sm4Utils.decrypt(decryptedNewPassword);
// 1. 检查密码长度
if (!isPasswordLengthValid(newPassword)) {
return AjaxResult.error("密码长度应为" + systemConfig.getPasswordConfig().getMinLength() + "" + systemConfig.getPasswordConfig().getMaxLength() + "位!");