sdx/wucaixing-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

修改密码

Browse Source
This commit is contained in:
18980591175
2026-05-15 10:05:01 +08:00
parent d3b4466497
commit 2c89af8019
1 changed files with 52 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

90
src/main/java/org/dromara/system/controller/system/SysProfileController.java
View File

@@ -148,10 +148,35 @@ public class SysProfileController extends BaseController {
@PutMapping("/updatePwd") @PutMapping("/updatePwd")
public R<Void> updatePwd(@Validated @RequestBody SysUserPasswordBo bo) { public R<Void> updatePwd(@Validated @RequestBody SysUserPasswordBo bo) {
Long userId = LoginHelper.getUserId(); Long userId = LoginHelper.getUserId();
// 如果是超级管理员,走原来的密码修改逻辑
if (LoginHelper.isSuperAdmin(userId)) { if (LoginHelper.isSuperAdmin(userId)) {
return updateAdminPwd(bo, userId); SysUserVo user = userService.selectUserById(userId);
String password = user.getPassword();
if (!BCrypt.checkpw(bo.getOldPassword(), password)) {
return R.fail("修改密码失败,旧密码错误");
}
if (BCrypt.checkpw(bo.getNewPassword(), password)) {
return R.fail("新密码不能与旧密码相同");
}
int rows = DataPermissionHelper.ignore(() -> userService.resetUserPwd(user.getUserId(), BCrypt.hashpw(bo.getNewPassword()), null));
if (rows > 0) {
return R.ok();
}
return R.fail("修改密码异常,请联系管理员");
} }
return updateCurrentLoginPortPwd(bo, bo.getPortId());
// 普通用户,修改当前登录端口的子密码
// 优先使用前端传来的 portId
Long targetPortId = bo.getPortId();
if (targetPortId == null) {
targetPortId = LoginHelper.getLoginUser().getCompanyRoleId();
}
if (targetPortId == null) {
return R.fail("无法确定修改的目标企业请指定portId");
}
return updateSubPwd(bo, targetPortId);
} }
/** /**
@@ -165,43 +190,29 @@ public class SysProfileController extends BaseController {
@Log(title = "个人信息", businessType = BusinessType.UPDATE) @Log(title = "个人信息", businessType = BusinessType.UPDATE)
@PutMapping("/updateSubPwd") @PutMapping("/updateSubPwd")
public R<Void> updateSubPwd(@Validated @RequestBody SysUserPasswordBo bo, @RequestParam(required = false) Long portId) { public R<Void> updateSubPwd(@Validated @RequestBody SysUserPasswordBo bo, @RequestParam(required = false) Long portId) {
Long requestedPortId = portId != null ? portId : bo.getPortId();
return updateCurrentLoginPortPwd(bo, requestedPortId);
}
private R<Void> updateAdminPwd(SysUserPasswordBo bo, Long userId) {
SysUserVo user = userService.selectUserById(userId);
String password = user.getPassword();
if (!BCrypt.checkpw(bo.getOldPassword(), password)) {
return R.fail("修改密码失败,旧密码错误");
}
if (BCrypt.checkpw(bo.getNewPassword(), password)) {
return R.fail("新密码不能与旧密码相同");
}
int rows = DataPermissionHelper.ignore(() -> userService.resetUserPwd(user.getUserId(), BCrypt.hashpw(bo.getNewPassword()), null));
if (rows > 0) {
return R.ok();
}
return R.fail("修改密码异常,请联系管理员");
}
private R<Void> updateCurrentLoginPortPwd(SysUserPasswordBo bo, Long requestedPortId) {
Long userId = LoginHelper.getUserId(); Long userId = LoginHelper.getUserId();
if (LoginHelper.getLoginUser() == null || LoginHelper.getLoginUser().getCompanyRoleId() == null) { Long targetPortId = portId;
return R.fail("当前登录账号未绑定端口,无法修改密码"); if (targetPortId == null) {
targetPortId = LoginHelper.getLoginUser().getCompanyRoleId();
} }
Long currentPortId = LoginHelper.getLoginUser().getCompanyRoleId(); if (targetPortId == null) {
if (requestedPortId != null && !requestedPortId.equals(currentPortId)) { return R.fail("无法确定修改的目标企业请指定portId");
return R.fail("只能修改当前登录账号密码");
} }
SysUserLoginPort currentPort = sysUserLoginPortService.getById(currentPortId); // Fetch port
if (currentPort == null || !userId.equals(currentPort.getUserId())) { SysUserLoginPort port = sysUserLoginPortService.getById(targetPortId);
return R.fail("当前登录账号不存在或无权修改"); if (port == null || !port.getUserId().equals(userId)) {
return R.fail("未找到对应企业端口或无权修改");
} }
String currentSubPwd = currentPort.getSubPassword(); // Check old password
String currentSubPwd = port.getSubPassword();
if (StringUtils.isBlank(currentSubPwd)) { if (StringUtils.isBlank(currentSubPwd)) {
// 如果没有设置子密码,视为未设置密码或无法修改(需根据业务决定,这里假设必须先有子密码)
// 或者,如果为空,允许直接设置?
// 考虑到用户迁移,如果为空,可能允许使用空密码验证?或者要求联系管理员重置。
// 这里遵循用户指令:完全依赖子密码。如果为空,可能无法通过旧密码验证。
// 但为了首次设置,如果为空,允许旧密码为空?
if (StringUtils.isNotBlank(bo.getOldPassword())) { if (StringUtils.isNotBlank(bo.getOldPassword())) {
return R.fail("修改密码失败,旧密码错误"); return R.fail("修改密码失败,旧密码错误");
} }
@@ -209,16 +220,17 @@ public class SysProfileController extends BaseController {
if (!BCrypt.checkpw(bo.getOldPassword(), currentSubPwd)) { if (!BCrypt.checkpw(bo.getOldPassword(), currentSubPwd)) {
return R.fail("修改密码失败,旧密码错误"); return R.fail("修改密码失败,旧密码错误");
} }
if (BCrypt.checkpw(bo.getNewPassword(), currentSubPwd)) {
return R.fail("新密码不能与旧密码相同");
}
} }
currentPort.setSubPassword(BCrypt.hashpw(bo.getNewPassword())); if (BCrypt.checkpw(bo.getNewPassword(), currentSubPwd)) {
if (sysUserLoginPortService.updateById(currentPort)) { return R.fail("新密码不能与旧密码相同");
return R.ok();
} }
return R.fail("修改密码异常,请联系管理员");
// Update
port.setSubPassword(BCrypt.hashpw(bo.getNewPassword()));
sysUserLoginPortService.updateById(port);
return R.ok();
} }
/** /**