验证密码

2024-09-11 18:17:50 +08:00 · 2024-09-11 18:17:50 +08:00 · e64207f70b
parent 8be434b6c7
commit e64207f70b
3 changed files with 66 additions and 1 deletions
--- a/securitycontrol-commons/securitycontrol-commons-entity/src/main/java/com/securitycontrol/entity/background/vo/VerifyPwdVo.java
+++ b/securitycontrol-commons/securitycontrol-commons-entity/src/main/java/com/securitycontrol/entity/background/vo/VerifyPwdVo.java
@ -0,0 +1,23 @@
 package com.securitycontrol.entity.background.vo;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;
 /**
 * 用户登录对象
 *
 * @author czc
 */
@Data
 public class VerifyPwdVo {
    /**
     * 用户密码
     */
    private String password;
    /**
     * 用户ID
     */
    private Long userId;
 }
--- a/securitycontrol-commons/securitycontrol-commons-security/src/main/java/com/securitycontrol/common/security/interceptor/ParamSecureHandler.java
+++ b/securitycontrol-commons/securitycontrol-commons-security/src/main/java/com/securitycontrol/common/security/interceptor/ParamSecureHandler.java
@ -53,7 +53,7 @@ public class ParamSecureHandler implements AsyncHandlerInterceptor {
    /**
     * 越权 放权的请求 指定的前缀 -公共的请求+数据接口
     */
-    public static String[] WHITE_URL=new String[]{"/sys/select/","/dataCenter/inter/"};
+    public static String[] WHITE_URL=new String[]{"/sys/select/","/dataCenter/inter/","/back/verify/"};
    /**
     * 越权白名单路径->指定的路径
--- a/securitycontrol-model/securitycontrol-background/src/main/java/com/securitycontrol/background/controller/VerifyController.java
+++ b/securitycontrol-model/securitycontrol-background/src/main/java/com/securitycontrol/background/controller/VerifyController.java
@ -0,0 +1,42 @@
 package com.securitycontrol.background.controller;
 import com.securitycontrol.common.core.web.domain.AjaxResult;
 import com.securitycontrol.common.security.utils.SecurityUtils;
 import com.securitycontrol.entity.background.vo.VerifyPwdVo;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 import java.util.Objects;
 /**
 * @className:a
 * @author:cwchen
 * @date:2024-09-11-16:55
 * @version:1.0
 * @description: 验证当前登录人的密码是否正确
 */
@RestController
@RequestMapping("/back/verify/")
 public class VerifyController {
    @PostMapping("verifyPwd")
    public AjaxResult verifyPwd(@RequestBody VerifyPwdVo vo){
        if(StringUtils.isBlank(vo.getPassword()) || vo.getUserId() == null){
            return AjaxResult.error("参数不完整");
        }
        if(SecurityUtils.getLoginUser()!=null && SecurityUtils.getLoginUser().getSysUser()!=null){
            String password = SecurityUtils.getLoginUser().getSysUser().getPassword();
            Long userId = SecurityUtils.getLoginUser().getSysUser().getUserId();
            if(Objects.equals(userId,vo.getUserId()) && SecurityUtils.matchesPassword(vo.getPassword(),password)){
                return AjaxResult.success("密码正确");
            }else{
                return AjaxResult.error("密码错误");
            }
        }
        return AjaxResult.success("密码错误");
    }
 }