sdx/wucaixing-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

修改密码

Browse Source
This commit is contained in:
18980591175
2026-05-15 10:05:01 +08:00
parent d3b4466497
commit 2c89af8019
1 changed files with 52 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

84
src/main/java/org/dromara/system/controller/system/SysProfileController.java
View File

@@ -148,28 +148,8 @@ public class SysProfileController extends BaseController {
@PutMapping("/updatePwd")
public R<Void> updatePwd(@Validated @RequestBody SysUserPasswordBo bo) {
Long userId = LoginHelper.getUserId();
// 如果是超级管理员,走原来的密码修改逻辑
if (LoginHelper.isSuperAdmin(userId)) {
return updateAdminPwd(bo, userId);
}
return updateCurrentLoginPortPwd(bo, bo.getPortId());
}
/**
* 修改子密码
*
* @param bo 新旧密码
* @param portId 端口ID
*/
@RepeatSubmit
@ApiEncrypt
@Log(title = "个人信息", businessType = BusinessType.UPDATE)
@PutMapping("/updateSubPwd")
public R<Void> updateSubPwd(@Validated @RequestBody SysUserPasswordBo bo, @RequestParam(required = false) Long portId) {
Long requestedPortId = portId != null ? portId : bo.getPortId();
return updateCurrentLoginPortPwd(bo, requestedPortId);
}
private R<Void> updateAdminPwd(SysUserPasswordBo bo, Long userId) {
SysUserVo user = userService.selectUserById(userId);
String password = user.getPassword();
if (!BCrypt.checkpw(bo.getOldPassword(), password)) {
@@ -185,23 +165,54 @@ public class SysProfileController extends BaseController {
return R.fail("修改密码异常,请联系管理员");
}
private R<Void> updateCurrentLoginPortPwd(SysUserPasswordBo bo, Long requestedPortId) {
// 普通用户,修改当前登录端口的子密码
// 优先使用前端传来的 portId
Long targetPortId = bo.getPortId();
if (targetPortId == null) {
targetPortId = LoginHelper.getLoginUser().getCompanyRoleId();
}
if (targetPortId == null) {
return R.fail("无法确定修改的目标企业请指定portId");
}
return updateSubPwd(bo, targetPortId);
}
/**
* 修改子密码
*
* @param bo 新旧密码
* @param portId 端口ID
*/
@RepeatSubmit
@ApiEncrypt
@Log(title = "个人信息", businessType = BusinessType.UPDATE)
@PutMapping("/updateSubPwd")
public R<Void> updateSubPwd(@Validated @RequestBody SysUserPasswordBo bo, @RequestParam(required = false) Long portId) {
Long userId = LoginHelper.getUserId();
if (LoginHelper.getLoginUser() == null || LoginHelper.getLoginUser().getCompanyRoleId() == null) {
return R.fail("当前登录账号未绑定端口,无法修改密码");
Long targetPortId = portId;
if (targetPortId == null) {
targetPortId = LoginHelper.getLoginUser().getCompanyRoleId();
}
Long currentPortId = LoginHelper.getLoginUser().getCompanyRoleId();
if (requestedPortId != null && !requestedPortId.equals(currentPortId)) {
return R.fail("只能修改当前登录账号密码");
if (targetPortId == null) {
return R.fail("无法确定修改的目标企业请指定portId");
}
SysUserLoginPort currentPort = sysUserLoginPortService.getById(currentPortId);
if (currentPort == null || !userId.equals(currentPort.getUserId())) {
return R.fail("当前登录账号不存在或无权修改");
// Fetch port
SysUserLoginPort port = sysUserLoginPortService.getById(targetPortId);
if (port == null || !port.getUserId().equals(userId)) {
return R.fail("未找到对应企业端口或无权修改");
}
String currentSubPwd = currentPort.getSubPassword();
// Check old password
String currentSubPwd = port.getSubPassword();
if (StringUtils.isBlank(currentSubPwd)) {
// 如果没有设置子密码,视为未设置密码或无法修改(需根据业务决定,这里假设必须先有子密码)
// 或者,如果为空,允许直接设置?
// 考虑到用户迁移,如果为空,可能允许使用空密码验证?或者要求联系管理员重置。
// 这里遵循用户指令:完全依赖子密码。如果为空,可能无法通过旧密码验证。
// 但为了首次设置,如果为空,允许旧密码为空?
if (StringUtils.isNotBlank(bo.getOldPassword())) {
return R.fail("修改密码失败,旧密码错误");
}
@@ -209,17 +220,18 @@ public class SysProfileController extends BaseController {
if (!BCrypt.checkpw(bo.getOldPassword(), currentSubPwd)) {
return R.fail("修改密码失败,旧密码错误");
}
}
if (BCrypt.checkpw(bo.getNewPassword(), currentSubPwd)) {
return R.fail("新密码不能与旧密码相同");
}
}
currentPort.setSubPassword(BCrypt.hashpw(bo.getNewPassword()));
if (sysUserLoginPortService.updateById(currentPort)) {
// Update
port.setSubPassword(BCrypt.hashpw(bo.getNewPassword()));
sysUserLoginPortService.updateById(port);
return R.ok();
}
return R.fail("修改密码异常,请联系管理员");
}
/**
* 头像上传