diff --git a/securitycontrol-commons/securitycontrol-commons-entity/src/main/java/com/securitycontrol/entity/background/vo/VerifyPwdVo.java b/securitycontrol-commons/securitycontrol-commons-entity/src/main/java/com/securitycontrol/entity/background/vo/VerifyPwdVo.java new file mode 100644 index 0000000..027ebd6 --- /dev/null +++ b/securitycontrol-commons/securitycontrol-commons-entity/src/main/java/com/securitycontrol/entity/background/vo/VerifyPwdVo.java @@ -0,0 +1,23 @@ +package com.securitycontrol.entity.background.vo; + +import io.swagger.annotations.ApiModelProperty; +import lombok.Data; + +/** + * 用户登录对象 + * + * @author czc + */ +@Data +public class VerifyPwdVo { + /** + * 用户密码 + */ + private String password; + + /** + * 用户ID + */ + private Long userId; + +} diff --git a/securitycontrol-commons/securitycontrol-commons-security/src/main/java/com/securitycontrol/common/security/interceptor/ParamSecureHandler.java b/securitycontrol-commons/securitycontrol-commons-security/src/main/java/com/securitycontrol/common/security/interceptor/ParamSecureHandler.java index ac20a4e..707bd35 100644 --- a/securitycontrol-commons/securitycontrol-commons-security/src/main/java/com/securitycontrol/common/security/interceptor/ParamSecureHandler.java +++ b/securitycontrol-commons/securitycontrol-commons-security/src/main/java/com/securitycontrol/common/security/interceptor/ParamSecureHandler.java @@ -53,7 +53,7 @@ public class ParamSecureHandler implements AsyncHandlerInterceptor { /** * 越权 放权的请求 指定的前缀 -公共的请求+数据接口 */ - public static String[] WHITE_URL=new String[]{"/sys/select/","/dataCenter/inter/"}; + public static String[] WHITE_URL=new String[]{"/sys/select/","/dataCenter/inter/","/back/verify/"}; /** * 越权白名单路径->指定的路径 diff --git a/securitycontrol-model/securitycontrol-background/src/main/java/com/securitycontrol/background/controller/VerifyController.java b/securitycontrol-model/securitycontrol-background/src/main/java/com/securitycontrol/background/controller/VerifyController.java new file mode 100644 index 0000000..80aa9bd --- /dev/null +++ b/securitycontrol-model/securitycontrol-background/src/main/java/com/securitycontrol/background/controller/VerifyController.java @@ -0,0 +1,42 @@ +package com.securitycontrol.background.controller; + +import com.securitycontrol.common.core.web.domain.AjaxResult; +import com.securitycontrol.common.security.utils.SecurityUtils; +import com.securitycontrol.entity.background.vo.VerifyPwdVo; +import org.apache.commons.lang3.StringUtils; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RestController; + +import java.util.Objects; + +/** + * @className:a + * @author:cwchen + * @date:2024-09-11-16:55 + * @version:1.0 + * @description: 验证当前登录人的密码是否正确 + */ +@RestController +@RequestMapping("/back/verify/") +public class VerifyController { + + @PostMapping("verifyPwd") + public AjaxResult verifyPwd(@RequestBody VerifyPwdVo vo){ + if(StringUtils.isBlank(vo.getPassword()) || vo.getUserId() == null){ + return AjaxResult.error("参数不完整"); + } + if(SecurityUtils.getLoginUser()!=null && SecurityUtils.getLoginUser().getSysUser()!=null){ + String password = SecurityUtils.getLoginUser().getSysUser().getPassword(); + Long userId = SecurityUtils.getLoginUser().getSysUser().getUserId(); + if(Objects.equals(userId,vo.getUserId()) && SecurityUtils.matchesPassword(vo.getPassword(),password)){ + return AjaxResult.success("密码正确"); + }else{ + return AjaxResult.error("密码错误"); + } + } + return AjaxResult.success("密码错误"); + } + +}