diff --git a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/serviceimpl/UserServiceImpl.java b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/serviceimpl/UserServiceImpl.java index 12cb429..54747a8 100644 --- a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/serviceimpl/UserServiceImpl.java +++ b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/serviceimpl/UserServiceImpl.java @@ -15,10 +15,7 @@ import com.electromagnetic.industry.software.common.enums.PublishEnum; import com.electromagnetic.industry.software.common.exception.BizException; import com.electromagnetic.industry.software.common.pojo.UserLoginInfo; import com.electromagnetic.industry.software.common.resp.ElectromagneticResult; -import com.electromagnetic.industry.software.common.util.AESUtils; -import com.electromagnetic.industry.software.common.util.ElectromagneticResultUtil; -import com.electromagnetic.industry.software.common.util.SignUtils; -import com.electromagnetic.industry.software.common.util.UserThreadLocal; +import com.electromagnetic.industry.software.common.util.*; import com.electromagnetic.industry.software.manage.mapper.RoleMapper; import com.electromagnetic.industry.software.manage.mapper.TokenMapper; import com.electromagnetic.industry.software.manage.mapper.UserMapper; @@ -326,12 +323,12 @@ public class UserServiceImpl extends ServiceImpl implements Us public ElectromagneticResult changePassword(String userId, String newPassword) { User user = this.getById(userId); Assert.notNull(user, StrFormatter.format("用户ID {} 无效", userId)); - String decodeNewPwd = AESUtils.decrypt(newPassword, UserConstants.SECRET_KEY); + + Assert.isTrue(!decodeNewPwd.contains(user.getUserAccount()), "密码最小长度为8,必须至少包含一个大写字母、一个小写字母、一个特殊字符、数字、不可包含账号"); + Assert.isTrue(EleCommonUtil.isPwdValid(decodeNewPwd), "密码最小长度为8,必须至少包含一个大写字母、一个小写字母、一个特殊字符、数字、不可包含账号"); user.setUserPwd(SignUtils.MD5(decodeNewPwd + user.getSalt())); - boolean success = this.updateById(user); - UserThreadLocal.setSuccessInfo("", userId, StrFormatter.format("修改了用户密码")); return ElectromagneticResultUtil.success(success); } diff --git a/electromagnetic-common/src/main/java/com/electromagnetic/industry/software/common/util/EleCommonUtil.java b/electromagnetic-common/src/main/java/com/electromagnetic/industry/software/common/util/EleCommonUtil.java index 79a503b..a6fbc27 100644 --- a/electromagnetic-common/src/main/java/com/electromagnetic/industry/software/common/util/EleCommonUtil.java +++ b/electromagnetic-common/src/main/java/com/electromagnetic/industry/software/common/util/EleCommonUtil.java @@ -28,9 +28,12 @@ public final class EleCommonUtil { private static final Map PARSE_MAP = new HashMap<>(); // 正则表达式模式,匹配中文字符、下划线、连字符、加号、数字和英文字符 private static final String PATTERN = "^[\\u4e00-\\u9fa5a-zA-Z0-9._\\-+]+$"; + // 密码最小长度为8,必须至少包含一个大写字母、一个小写字母、一个特殊字符、数字、不可包含账号 + private static final String PWD_PATTERN_STR = "^(?=.*[a-z])(?=.*[A-Z])(?=.*\\d)(?=.*[@$!%*?&])[A-Za-z\\d@$!%*?&]{8,}$"; private static final String TIME_FORMAT1 = "yyMMddHHmmssSSS"; // 编译正则表达式 private static final Pattern NAME_PATTERN = Pattern.compile(PATTERN); + private static final Pattern PWD_PATTERN = Pattern.compile(PWD_PATTERN_STR); static { PARSE_MAP.put("doc", new WordParse()); @@ -52,6 +55,13 @@ public final class EleCommonUtil { PARSE_MAP.put("pdf", new PdfParse()); } + public static boolean isPwdValid(final String pwd) { + if (StrUtil.isBlank(pwd)) { + return false; + } + return pwd.matches(PWD_PATTERN_STR); + } + public static boolean isFileNameValid(String fileFullName) { if (StrUtil.isEmpty(fileFullName) || fileFullName.length() > 32) { return false;