用户登录问题修改

2024-11-06 09:06:56 +08:00 · 2024-11-06 09:06:56 +08:00 · d57ab0ea5c
parent 4437989842
commit d57ab0ea5c
18 changed files with 292 additions and 115 deletions
--- a/bonus-api/bonus-api-system/src/main/java/com/bonus/system/api/RemoteUserService.java
+++ b/bonus-api/bonus-api-system/src/main/java/com/bonus/system/api/RemoteUserService.java
@ -108,6 +108,16 @@ public interface RemoteUserService {
    @PutMapping("/user/")
    public AjaxResult edit(@Validated @RequestBody SysUser user, @RequestHeader(SecurityConstants.FROM_SOURCE) String source);
    /**
     * 修改用户
     *
     * @param user   修改用户的用户信息
     * @param source 请求来源
     * @return 修改用户影响的行数或错误信息
     */
    @PostMapping("/user/systemUpdateUser")
    public AjaxResult systemUpdateUser(@Validated @RequestBody SysUser user, @RequestHeader(SecurityConstants.FROM_SOURCE) String source);
    /**
     * 删除用户
     *
--- a/bonus-api/bonus-api-system/src/main/java/com/bonus/system/api/factory/RemoteUserFallbackFactory.java
+++ b/bonus-api/bonus-api-system/src/main/java/com/bonus/system/api/factory/RemoteUserFallbackFactory.java
@ -99,6 +99,18 @@ public class RemoteUserFallbackFactory implements FallbackFactory<RemoteUserServ
                return AjaxResult.error("修改用户失败:" + throwable.getMessage());
            }
            /**
             * 修改用户
             *
             * @param user   修改用户的用户信息
             * @param source 请求来源
             * @return 修改用户影响的行数或错误信息
             */
            @Override
            public AjaxResult systemUpdateUser(SysUser user, String source) {
                return AjaxResult.error("修改用户失败:" + throwable.getMessage());
            }
            @Override
            public AjaxResult remove(Long[] userIds, String source) {
                return AjaxResult.error("删除用户失败:" + throwable.getMessage());
--- a/bonus-auth/src/main/java/com/bonus/auth/service/SysPasswordService.java
+++ b/bonus-auth/src/main/java/com/bonus/auth/service/SysPasswordService.java
@ -46,10 +46,7 @@ public class SysPasswordService {
    public void validate(SysUser user, String password, long startTime) {
        String username = user.getUserName();
-        Integer retryCount = redisService.getCacheObject(getCacheKey(username));
+        int retryCount = redisService.getCacheObject(getCacheKey(username));
        if (retryCount == null) {
            retryCount = 0;
        }
        // 基本锁定时间为 lockTime
        long dynamicLockTime = lockTime;
--- a/bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/utils/encryption/Sm4Utils.java
+++ b/bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/utils/encryption/Sm4Utils.java
@ -7,50 +7,71 @@ import cn.hutool.crypto.symmetric.SM4;
 import com.bonus.common.core.utils.StringUtils;
 /**
- * sm4 加解密 工具类
+ * @author bonus
 * @author 黑子
 */
 public class Sm4Utils {
   private static  String S1="3b893ea109d729ba7eb1a841649b5e6d";
    private static String S2="2cc0c5f9f1749f1632efa9f63e9013cd";
    /**
-     * 解密
+     * 必须是16字节
     * @param encodeText
     * @return
     */
-    public  static  String decode(String encodeText){
+    private static final String KEY = "78d1295afa99449b99d6f83820e6965c";
        try{
            if(StringUtils.isEmpty(encodeText)){
                return "";
            }
            SM4 sm4 = new SM4(Mode.CBC, Padding.PKCS5Padding, HexUtil.decodeHex(S1),HexUtil.decodeHex(S2));
            return sm4.decryptStr(encodeText);
        }catch (Exception e){
            return  encodeText;
        }
    }
    /**
-     * 加密
+     * 加密数据，使用固定盐
-     * @param encodeText
+     *
-     * @return
+     * @param plainText 明文，待加密的字符串
     * @return 加密后的密文（包含盐），Hex 编码格式
     */
-    public  static  String encode(String encodeText){
+    public static String encrypt(String plainText) {
-        try{
+        try {
-            if(StringUtils.isEmpty(encodeText)){
+            String salt = StringUtils.randomUUID();
-                return "";
+            // 初始化SM4加密工具
-            }
+            SM4 sm4 = new SM4(Mode.CBC, Padding.PKCS5Padding, HexUtil.decodeHex(KEY),HexUtil.decodeHex(salt));
-            SM4 sm4 = new SM4(Mode.CBC, Padding.PKCS5Padding, HexUtil.decodeHex(S1),HexUtil.decodeHex(S2));
+            // 加密带盐的明文
-            return sm4.encryptHex(encodeText);
+            byte[] encryptedData = sm4.encrypt(plainText);
-        }catch (Exception e){
+            // 返回带盐的加密结果（Hex编码）
-            return  encodeText;
+            return HexUtil.encodeHexStr(encryptedData)+salt;
        } catch (Exception e) {
            e.printStackTrace();
            return null; // 发生异常时返回null
        }
    }
    /**
     * 解密数据，使用固定盐
     *
     * @param cipherText 密文（包含盐），Hex 编码格式的字符串
     * @return 解密后的明文字符串
     */
    public static String decrypt(String cipherText) {
        try {
            // 提取盐，后32个字符
            String salt = cipherText.length() > 32 ?
                    cipherText.substring(cipherText.length() - 32) :
                    cipherText; // 如果字符串长度小于32，返回整个字符串
-//    public static void main(String[] args) {
+            // 去掉盐，获取原始的密文部分
-//        String msg= encode("1234567890");
+            String originalHex = cipherText.substring(0, cipherText.length() - 32);
-//        System.err.println(msg);
+            // 初始化SM4解密工具
-//
+            SM4 sm4 = new SM4(Mode.CBC, Padding.PKCS5Padding, HexUtil.decodeHex(KEY), HexUtil.decodeHex(salt));
-//    }
+            // 解密数据
            byte[] decryptedData = sm4.decrypt(originalHex);
            return new String(decryptedData);
        } catch (Exception e) {
            e.printStackTrace();
            return null; // 发生异常时返回null
        }
    }
    // 测试方法，演示加密和解密过程
    public static void main(String[] args) {
        String plainText = "Hello, SM4 encryption with fixed salt!";
        System.out.println("原文: " + plainText);
        // 加密明文
        String encryptedText = Sm4Utils.encrypt(plainText);
        System.out.println("加密后: " + encryptedText);
        // 解密密文
        String decryptedText = Sm4Utils.decrypt("224c59bb4aa36a42d6639cf31986521d8fc838bc299483ffef95ae38c7d16e43d8bc9862b0f9dc94c88ed69b4575f1b3");
        System.out.println("解密后: " + decryptedText);
    }
 }
--- a/bonus-common/bonus-common-security/src/main/java/com/bonus/common/security/interceptor/ParamSecureHandler.java
+++ b/bonus-common/bonus-common-security/src/main/java/com/bonus/common/security/interceptor/ParamSecureHandler.java
@ -25,7 +25,7 @@ import static org.springframework.http.MediaType.MULTIPART_FORM_DATA_VALUE;
 public class ParamSecureHandler implements AsyncHandlerInterceptor {
    private static final String [] WHITE_URL = {
-            "/login", "/isAdmin", "/isLogin", "/register","/operlog/addLogs"};
+            "/login", "/isAdmin", "/isLogin", "/register","/operlog/addLogs","/job"};
    private String rnd = null;
    public static String ur = "/";
--- a/bonus-common/bonus-common-security/src/main/java/com/bonus/common/security/service/TokenService.java
+++ b/bonus-common/bonus-common-security/src/main/java/com/bonus/common/security/service/TokenService.java
@ -7,9 +7,12 @@ import com.bonus.common.core.utils.ServletUtils;
 import com.bonus.common.core.utils.StringUtils;
 import com.bonus.common.core.utils.ip.IpUtils;
 import com.bonus.common.core.utils.uuid.IdUtils;
 import com.bonus.common.core.web.domain.AjaxResult;
 import com.bonus.common.redis.service.RedisService;
 import com.bonus.common.security.utils.SecurityUtils;
 import com.bonus.config.SystemConfig;
 import com.bonus.system.api.RemoteUserService;
 import com.bonus.system.api.domain.SysUser;
 import com.bonus.system.api.model.LoginUser;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@ -18,6 +21,7 @@ import org.springframework.stereotype.Component;
 import javax.annotation.Resource;
 import javax.servlet.http.HttpServletRequest;
 import java.util.Date;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.concurrent.TimeUnit;
@ -38,6 +42,9 @@ public class TokenService {
    @Autowired
    private RedisService redisService;
    @Resource
    RemoteUserService remoteUserService;
    protected static final long MILLIS_SECOND = 1000;
    protected static final long MILLIS_MINUTE = 60 * MILLIS_SECOND;
@ -76,6 +83,10 @@ public class TokenService {
        rspMap.put("isLogin", isLogin(String.valueOf(userId)));
        //对token进行存储
        redisService.setCacheObject(LOGIN_USER_KEY + userId, token, systemConfig.getTokenTime(), TimeUnit.MINUTES);
        SysUser sysUser = new SysUser();
        sysUser.setUserId(loginUser.getSysUser().getUserId());
        sysUser.setLoginDate(new Date());
        AjaxResult edit = remoteUserService.systemUpdateUser(sysUser, SecurityConstants.INNER);
        return rspMap;
    }
--- a/bonus-common/bonus-common-security/src/main/java/com/bonus/common/security/utils/SecurityUtils.java
+++ b/bonus-common/bonus-common-security/src/main/java/com/bonus/common/security/utils/SecurityUtils.java
@ -1,13 +1,14 @@
 package com.bonus.common.security.utils;
 import javax.servlet.http.HttpServletRequest;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import com.bonus.common.core.constant.SecurityConstants;
 import com.bonus.common.core.constant.TokenConstants;
 import com.bonus.common.core.context.SecurityContextHolder;
 import com.bonus.common.core.utils.ServletUtils;
 import com.bonus.common.core.utils.StringUtils;
 import com.bonus.system.api.model.LoginUser;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import javax.servlet.http.HttpServletRequest;
 /**
 * 权限获取工具类
@ -120,7 +121,7 @@ public class SecurityUtils
        //$2a$10$zvlw3Mu8M.j.MhAChrYwluj88ziX6lVD3AoRrBQpwKMcdIZvKMoR2
 //        String msg= encryptPassword("Admin@1234");
        String msg= encryptPassword("Bonus$2024");
-        boolean rest = matchesPassword("admin123","$2a$10$5azz92OgGRyRUETz/ZJeZu1exkggPYUDRssvreywTjKk.0Pmn2Q16");
+        boolean rest = matchesPassword("Bonus$2024","$2a$10$8JaKSUAU.K.mceU1.YQbd.wP4EJzbrsIscjAwPlfDR7wAWV6s/BGa");
        System.err.println(msg);
        System.err.println(rest);
    }
--- a/bonus-gateway/src/main/java/com/bonus/gateway/filter/RequestCoverFilter.java
+++ b/bonus-gateway/src/main/java/com/bonus/gateway/filter/RequestCoverFilter.java
@ -1,8 +1,8 @@
 package com.bonus.gateway.filter;
 import com.bonus.common.core.exception.CaptchaException;
 import com.bonus.common.core.utils.encryption.AesCbcUtils;
 import com.bonus.common.core.utils.encryption.Sm3Util;
 import com.bonus.common.core.utils.encryption.Sm4Utils;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.cloud.gateway.filter.GatewayFilterChain;
@ -150,17 +150,21 @@ public class RequestCoverFilter implements GlobalFilter, Ordered {
            // 解密请求体
            if ( encrypt) {
                try {
-                    requestBody = AesCbcUtils.decrypt(requestBody, sKey, encoding, ivParameter, cipherAlgorithm, keyAlgorithm);
+                    requestBody = Sm4Utils.decrypt(requestBody);
                } catch (Exception e) {
                    log.error("解密请求体时发生错误: {}", e.getMessage(), e);
                    exchange.getResponse().setStatusCode(HttpStatus.INTERNAL_SERVER_ERROR);
                    return exchange.getResponse().setComplete();
                }
            }
            if (ObjectUtils.isEmpty(requestBody)) {
                return exchange.getResponse().setComplete();
            }
            String providedHmac = requestBody.split("\\|")[1];
            requestBody = requestBody.split("\\|")[0];
            // 校验数据完整性
            if (integrality) {
                String providedHmac = exchange.getRequest().getHeaders().getFirst(HMAC_HEADER_NAME);
                integrityVerification(providedHmac, requestBody);
            }
@ -241,17 +245,17 @@ public class RequestCoverFilter implements GlobalFilter, Ordered {
            // 解密查询参数
            if (encrypt) {
                try {
-                    query = AesCbcUtils.decrypt(query, sKey, encoding, ivParameter, cipherAlgorithm, keyAlgorithm);
+                    query = Sm4Utils.decrypt(query);
                } catch (Exception e) {
                    log.error("解密查询参数时发生错误: {}", e.getMessage(), e);
                    throw new CaptchaException("请求参数不正确");
                }
            }
            // 校验数据完整性
            // 校验数据完整性
            if (integrality) {
-                String providedHmac = exchange.getRequest().getHeaders().getFirst(HMAC_HEADER_NAME);
+                integrityVerification(query.split("\\|")[1], query.split("\\|")[0]);
                integrityVerification(providedHmac, query);
            }
            if (ObjectUtils.isEmpty(query)) {
--- a/bonus-gateway/src/main/java/com/bonus/gateway/filter/ResponseEncryptFilter.java
+++ b/bonus-gateway/src/main/java/com/bonus/gateway/filter/ResponseEncryptFilter.java
@ -1,6 +1,6 @@
 package com.bonus.gateway.filter;
-import com.bonus.common.core.utils.encryption.AesCbcUtils;
+import com.bonus.common.core.utils.encryption.Sm4Utils;
 import lombok.extern.slf4j.Slf4j;
 import org.reactivestreams.Publisher;
 import org.springframework.beans.factory.annotation.Value;
@ -140,7 +140,7 @@ public class ResponseEncryptFilter implements GlobalFilter, Ordered {
                        // 将响应数据加密
                        String responseData = new String(content, StandardCharsets.UTF_8);
-                        responseData = AesCbcUtils.encrypt(responseData, sKey, encoding, ivParameter, cipherAlgorithm, keyAlgorithm);
+                        responseData = Sm4Utils.encrypt(responseData);
                        byte[] encryptedContent = responseData.getBytes(StandardCharsets.UTF_8);
                        // 设置加密后的内容长度
                        originalResponse.getHeaders().setContentLength(encryptedContent.length);
--- a/bonus-modules/bonus-job/src/main/java/com/bonus/job/config/ScheduleConfig.java
+++ b/bonus-modules/bonus-job/src/main/java/com/bonus/job/config/ScheduleConfig.java
@ -1,57 +1,58 @@
-//package com.bonus.job.config;
+package com.bonus.job.config;
-//
+
-//import java.util.Properties;
+import org.springframework.context.annotation.Bean;
-//import javax.sql.DataSource;
+import org.springframework.context.annotation.Configuration;
-//import org.springframework.context.annotation.Bean;
+import org.springframework.scheduling.quartz.SchedulerFactoryBean;
-//import org.springframework.context.annotation.Configuration;
+
-//import org.springframework.scheduling.quartz.SchedulerFactoryBean;
+import javax.sql.DataSource;
-//
+import java.util.Properties;
-///**
+
-// * 定时任务配置（单机部署建议删除此类和qrtz数据库表，默认走内存会最高效）
+/**
-// * 
+ * 定时任务配置（单机部署建议删除此类和qrtz数据库表，默认走内存会最高效）
-// * @author bonus
+ *
-// */
+ * @author bonus
-//@Configuration
+ */
-//public class ScheduleConfig
+@Configuration
-//{
+public class ScheduleConfig
-//    @Bean
+{
-//    public SchedulerFactoryBean schedulerFactoryBean(DataSource dataSource)
+    @Bean
-//    {
+    public SchedulerFactoryBean schedulerFactoryBean(DataSource dataSource)
-//        SchedulerFactoryBean factory = new SchedulerFactoryBean();
+    {
-//        factory.setDataSource(dataSource);
+        SchedulerFactoryBean factory = new SchedulerFactoryBean();
-//
+        factory.setDataSource(dataSource);
-//        // quartz参数
+
-//        Properties prop = new Properties();
+        // quartz参数
-//        prop.put("org.quartz.scheduler.instanceName", "bonusScheduler");
+        Properties prop = new Properties();
-//        prop.put("org.quartz.scheduler.instanceId", "AUTO");
+        prop.put("org.quartz.scheduler.instanceName", "bonusScheduler");
-//        // 线程池配置
+        prop.put("org.quartz.scheduler.instanceId", "AUTO");
-//        prop.put("org.quartz.threadPool.class", "org.quartz.simpl.SimpleThreadPool");
+        // 线程池配置
-//        prop.put("org.quartz.threadPool.threadCount", "20");
+        prop.put("org.quartz.threadPool.class", "org.quartz.simpl.SimpleThreadPool");
-//        prop.put("org.quartz.threadPool.threadPriority", "5");
+        prop.put("org.quartz.threadPool.threadCount", "20");
-//        // JobStore配置
+        prop.put("org.quartz.threadPool.threadPriority", "5");
-//        prop.put("org.quartz.jobStore.class", "org.springframework.scheduling.quartz.LocalDataSourceJobStore");
+        // JobStore配置
-//        // 集群配置
+        prop.put("org.quartz.jobStore.class", "org.springframework.scheduling.quartz.LocalDataSourceJobStore");
-//        prop.put("org.quartz.jobStore.isClustered", "true");
+        // 集群配置
-//        prop.put("org.quartz.jobStore.clusterCheckinInterval", "15000");
+        prop.put("org.quartz.jobStore.isClustered", "true");
-//        prop.put("org.quartz.jobStore.maxMisfiresToHandleAtATime", "10");
+        prop.put("org.quartz.jobStore.clusterCheckinInterval", "15000");
-//        prop.put("org.quartz.jobStore.txIsolationLevelSerializable", "true");
+        prop.put("org.quartz.jobStore.maxMisfiresToHandleAtATime", "10");
-//
+        prop.put("org.quartz.jobStore.txIsolationLevelSerializable", "true");
-//        // sqlserver 启用
+
-//        // prop.put("org.quartz.jobStore.selectWithLockSQL", "SELECT * FROM {0}LOCKS UPDLOCK WHERE LOCK_NAME = ?");
+        // sqlserver 启用
-//        prop.put("org.quartz.jobStore.misfireThreshold", "12000");
+        // prop.put("org.quartz.jobStore.selectWithLockSQL", "SELECT * FROM {0}LOCKS UPDLOCK WHERE LOCK_NAME = ?");
-//        prop.put("org.quartz.jobStore.tablePrefix", "QRTZ_");
+        prop.put("org.quartz.jobStore.misfireThreshold", "12000");
-//        factory.setQuartzProperties(prop);
+        prop.put("org.quartz.jobStore.tablePrefix", "QRTZ_");
-//
+        factory.setQuartzProperties(prop);
-//        factory.setSchedulerName("bonusScheduler");
+
-//        // 延时启动
+        factory.setSchedulerName("bonusScheduler");
-//        factory.setStartupDelay(1);
+        // 延时启动
-//        factory.setApplicationContextSchedulerContextKey("applicationContextKey");
+        factory.setStartupDelay(1);
-//        // 可选，QuartzScheduler
+        factory.setApplicationContextSchedulerContextKey("applicationContextKey");
-//        // 启动时更新己存在的Job，这样就不用每次修改targetObject后删除qrtz_job_details表对应记录了
+        // 可选，QuartzScheduler
-//        factory.setOverwriteExistingJobs(true);
+        // 启动时更新己存在的Job，这样就不用每次修改targetObject后删除qrtz_job_details表对应记录了
-//        // 设置自动启动，默认为true
+        factory.setOverwriteExistingJobs(true);
-//        factory.setAutoStartup(true);
+        // 设置自动启动，默认为true
-//
+        factory.setAutoStartup(true);
-//        return factory;
+
-//    }
+        return factory;
-//}
+    }
 }
--- a/bonus-modules/bonus-job/src/main/java/com/bonus/job/mapper/SysJobMapper.java
+++ b/bonus-modules/bonus-job/src/main/java/com/bonus/job/mapper/SysJobMapper.java
@ -1,7 +1,9 @@
 package com.bonus.job.mapper;
 import java.util.List;
 import com.bonus.job.domain.SysJob;
 import com.bonus.system.api.domain.SysUser;
 import java.util.List;
 /**
 * 调度任务信息 数据层
@ -64,4 +66,12 @@ public interface SysJobMapper
     * @return 结果
     */
    public int insertJob(SysJob job);
    List<SysUser> selectUserList();
    /**
     * 修改用户状态
     * @param userId 用户id
     */
    public int updateUser(Long userId);
 }
--- a/bonus-modules/bonus-job/src/main/java/com/bonus/job/task/SysTask.java
+++ b/bonus-modules/bonus-job/src/main/java/com/bonus/job/task/SysTask.java
@ -0,0 +1,55 @@
 package com.bonus.job.task;
 import com.bonus.common.core.utils.DateUtils;
 import com.bonus.job.mapper.SysJobMapper;
 import com.bonus.system.api.domain.SysUser;
 import org.apache.commons.lang3.ObjectUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.stereotype.Component;
 import javax.annotation.Resource;
 import java.util.Date;
 import java.util.List;
 /**
 * 定时任务调度测试
 * 
 * @author bonus
 */
@Component("sysTask")
 public class SysTask
 {
    protected final Logger logger = LoggerFactory.getLogger(this.getClass());
    /**
     * 30天
     */
    final static int LAST_LOGIN_TIME_INTERVAL = 30*24*60;
    @Resource
    private SysJobMapper mapper;
    public void checkUserLastLoginTime(){
        try{
            List<SysUser> sysUsers = mapper.selectUserList();
            sysUsers.forEach(item -> {
                Date loginDate = item.getLoginDate();
                if (ObjectUtils.isEmpty(item.getLoginDate())){
                    loginDate = item.getCreateTime();
                }
                long minutes = DateUtils.minutesBetween(loginDate, DateUtils.getNowDate());
                if (minutes >= LAST_LOGIN_TIME_INTERVAL){
                    int i = mapper.updateUser(item.getUserId());
                    if (i>0){
                        logger.error("修改用户状态,用户id为：{},用户名为：{}",item.getUserId(),item.getUserName());
                    }else {
                        logger.error("修改用户状态失败,用户id为：{},用户名为：{}",item.getUserId(),item.getUserName());
                    }
                }
            });
        }
        catch (Exception e){
            logger.error("修改用户状态异常，{}",e.getMessage());
        }
    }
 }
--- a/bonus-modules/bonus-job/src/main/resources/mapper/job/SysJobMapper.xml
+++ b/bonus-modules/bonus-job/src/main/resources/mapper/job/SysJobMapper.xml
@ -80,7 +80,8 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
 		where job_id = #{jobId}
 	</update>
- 	<insert id="insertJob" parameterType="SysJob" useGeneratedKeys="true" keyProperty="jobId">
+
 	<insert id="insertJob" parameterType="SysJob" useGeneratedKeys="true" keyProperty="jobId">
 		insert into sys_job(
 			<if test="jobId != null and jobId != 0">job_id,</if>
 			<if test="jobName != null and jobName != ''">job_name,</if>
@ -108,4 +109,14 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
 		)
 	</insert>
 	<select id="selectUserList" resultType="com.bonus.system.api.domain.SysUser">
 		select user_id AS userId, login_date AS loginDate ,user_name AS userName,create_time AS createTime
 			from sys_user
 		where del_flag = '0' AND  status='0'
 	</select>
 	<update id="updateUser">
 		UPDATE sys_user set status ='1'
 		WHERE user_id = #{userId}
 	</update>
 </mapper> 
--- a/bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysUserController.java
+++ b/bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysUserController.java
@ -331,7 +331,6 @@ public class SysUserController extends BaseController {
        }
        return error("系统异常,请联系管理员");
    }
    /**
     * 删除用户
     */
@ -477,6 +476,21 @@ public class SysUserController extends BaseController {
        return error("系统异常,请联系管理员");
    }
    /**
     * 修改用户审批状态
     */
    @RequiresPermissionsOrInnerAuth(innerAuth = @InnerAuth, requiresPermissions = @RequiresPermissions("system:user:systemUpdateUser"))
    @PostMapping("/systemUpdateUser")
    public AjaxResult systemUpdateUser(@RequestBody SysUser user) {
        try {
            return success(userService.systemUpdateUser(user));
        } catch (Exception e) {
            logger.error(e.toString(), e);
        }
        return error("系统异常,请联系管理员");
    }
    @GetMapping("/checkPasswordStatus")
    public AjaxResult checkPasswordStatus() {
        // 1. 先检查是否是首次登录
--- a/bonus-modules/bonus-system/src/main/java/com/bonus/system/mapper/SysUserMapper.java
+++ b/bonus-modules/bonus-system/src/main/java/com/bonus/system/mapper/SysUserMapper.java
@ -1,8 +1,5 @@
 package com.bonus.system.mapper;
 import java.util.List;
 import com.bonus.system.api.domain.SysDept;
 import com.bonus.system.api.domain.SysUser;
 import org.apache.ibatis.annotations.Param;
@ -157,4 +154,5 @@ public interface SysUserMapper {
    Integer approvalStatus(Long userId);
    int systemUpdateUser(SysUser user);
 }
--- a/bonus-modules/bonus-system/src/main/java/com/bonus/system/service/ISysUserService.java
+++ b/bonus-modules/bonus-system/src/main/java/com/bonus/system/service/ISysUserService.java
@ -1,8 +1,10 @@
 package com.bonus.system.service;
 import com.bonus.common.core.domain.R;
 import com.bonus.common.core.web.domain.AjaxResult;
 import com.bonus.system.api.domain.SysUser;
 import org.apache.poi.ss.formula.functions.T;
 import org.aspectj.weaver.loadtime.Aj;
 import java.util.List;
@ -232,4 +234,8 @@ public interface ISysUserService {
    public String importUser(List<SysUser> userList, Boolean isUpdateSupport, String operName);
    R<T> approvalStatus(Long userId);
    public AjaxResult systemUpdateUser(SysUser user);
 }
--- a/bonus-modules/bonus-system/src/main/java/com/bonus/system/service/impl/SysUserServiceImpl.java
+++ b/bonus-modules/bonus-system/src/main/java/com/bonus/system/service/impl/SysUserServiceImpl.java
@ -7,6 +7,7 @@ import com.bonus.common.core.utils.SpringUtils;
 import com.bonus.common.core.utils.StringUtils;
 import com.bonus.common.core.utils.bean.BeanValidators;
 import com.bonus.common.core.utils.sms.SmsUtils;
 import com.bonus.common.core.web.domain.AjaxResult;
 import com.bonus.common.core.web.domain.BaseEntity;
 import com.bonus.common.datascope.annotation.DataScope;
 import com.bonus.common.datascope.utils.CommonDataPermissionInfo;
@ -592,6 +593,21 @@ public class SysUserServiceImpl implements ISysUserService {
        }
    }
    /**
     * @param user
     * @return
     */
    @Override
    public AjaxResult systemUpdateUser(SysUser user) {
        try{
            int num =  userMapper.systemUpdateUser(user);
            return num>0?AjaxResult.success():AjaxResult.error();
        }catch (Exception e){
            log.error(e.getMessage());
            return AjaxResult.error();
        }
    }
    /**
     * 发送简单邮件
     *
--- a/bonus-modules/bonus-system/src/main/resources/mapper/system/SysUserMapper.xml
+++ b/bonus-modules/bonus-system/src/main/resources/mapper/system/SysUserMapper.xml
@ -288,6 +288,16 @@
            status='0'
        where user_id = #{userId}
    </update>
    <update id="systemUpdateUser">
        update sys_user
        <set>
            <if test="status != null and status != ''">status = #{status},</if>
            <if test="loginIp != null and loginIp != ''">login_ip = #{loginIp},</if>
            <if test="loginDate != null">login_date = #{loginDate},</if>
            update_time = sysdate()
        </set>
        where user_id = #{userId}
    </update>
    <delete id="deleteUserById" parameterType="Long">
        update sys_user