diff --git a/bonus-auth/src/main/java/com/bonus/auth/service/PasswordValidatorService.java b/bonus-auth/src/main/java/com/bonus/auth/service/PasswordValidatorService.java index 749bca6..8adff10 100644 --- a/bonus-auth/src/main/java/com/bonus/auth/service/PasswordValidatorService.java +++ b/bonus-auth/src/main/java/com/bonus/auth/service/PasswordValidatorService.java @@ -56,7 +56,7 @@ public class PasswordValidatorService { } if (!containsRequiredCharacters(newPassword)) { - return AjaxResult.error(getCharacterRequirementErrorMessage()); + return AjaxResult.error(getCharacterRequirementErrorMessage(newPassword)); } if (containsWeakPassword(newPassword)) { @@ -111,17 +111,24 @@ public class PasswordValidatorService { /** * 根据配置返回密码不符合要求时的错误提示信息 */ - private String getCharacterRequirementErrorMessage() { - if (systemConfig.getPasswordConfig().isRequireUpperCase()) { + private String getCharacterRequirementErrorMessage(String newPassword) { + boolean hasUpperCase = false, hasLowerCase = false, hasDigit = false, hasSpecialChar = false; + for (char c : newPassword.toCharArray()) { + if (Character.isUpperCase(c)) hasUpperCase = true; + if (Character.isLowerCase(c)) hasLowerCase = true; + if (Character.isDigit(c)) hasDigit = true; + if ("!@#$%^&*()-_=+[{]};:'\",<.>/?".indexOf(c) >= 0) hasSpecialChar = true; + } + if (systemConfig.getPasswordConfig().isRequireUpperCase() && !hasUpperCase) { return "密码必须包含大写字母!"; } - if (systemConfig.getPasswordConfig().isRequireLowerCase()) { + if (systemConfig.getPasswordConfig().isRequireLowerCase() && !hasLowerCase) { return "密码必须包含小写字母!"; } - if (systemConfig.getPasswordConfig().isRequireDigit()) { + if (systemConfig.getPasswordConfig().isRequireDigit() && !hasDigit) { return "密码必须包含数字!"; } - if (systemConfig.getPasswordConfig().isRequireSpecialChar()) { + if (systemConfig.getPasswordConfig().isRequireSpecialChar() && !hasSpecialChar) { return "密码必须包含特殊字符!"; } return "密码不符合字符要求!"; diff --git a/bonus-modules/bonus-system/src/main/java/com/bonus/system/service/impl/PasswordValidatorServiceImpl.java b/bonus-modules/bonus-system/src/main/java/com/bonus/system/service/impl/PasswordValidatorServiceImpl.java index 17953a3..2e6063f 100644 --- a/bonus-modules/bonus-system/src/main/java/com/bonus/system/service/impl/PasswordValidatorServiceImpl.java +++ b/bonus-modules/bonus-system/src/main/java/com/bonus/system/service/impl/PasswordValidatorServiceImpl.java @@ -39,7 +39,7 @@ public class PasswordValidatorServiceImpl implements PasswordValidatorService { // 2. 检查密码字符类型 if (!isPasswordCharacterValid(newPassword)) { - return AjaxResult.error(getCharacterRequirementErrorMessage()); + return AjaxResult.error(getCharacterRequirementErrorMessage(newPassword)); } // 3. 检查常见弱密码 @@ -103,17 +103,24 @@ public class PasswordValidatorServiceImpl implements PasswordValidatorService { /** * 根据配置返回密码不符合要求时的错误提示信息 */ - private String getCharacterRequirementErrorMessage() { - if (systemConfig.getPasswordConfig().isRequireUpperCase()) { + private String getCharacterRequirementErrorMessage(String newPassword) { + boolean hasUpperCase = false, hasLowerCase = false, hasDigit = false, hasSpecialChar = false; + for (char c : newPassword.toCharArray()) { + if (Character.isUpperCase(c)) hasUpperCase = true; + if (Character.isLowerCase(c)) hasLowerCase = true; + if (Character.isDigit(c)) hasDigit = true; + if ("!@#$%^&*()-_=+[{]};:'\",<.>/?".indexOf(c) >= 0) hasSpecialChar = true; + } + if (systemConfig.getPasswordConfig().isRequireUpperCase() && !hasUpperCase) { return "密码必须包含大写字母!"; } - if (systemConfig.getPasswordConfig().isRequireLowerCase()) { + if (systemConfig.getPasswordConfig().isRequireLowerCase() && !hasLowerCase) { return "密码必须包含小写字母!"; } - if (systemConfig.getPasswordConfig().isRequireDigit()) { + if (systemConfig.getPasswordConfig().isRequireDigit() && !hasDigit) { return "密码必须包含数字!"; } - if (systemConfig.getPasswordConfig().isRequireSpecialChar()) { + if (systemConfig.getPasswordConfig().isRequireSpecialChar() && !hasSpecialChar) { return "密码必须包含特殊字符!"; } return "密码不符合字符要求!";