修改密码

2026-05-15 10:03:54 +08:00
parent 3ec6216b0d
commit d3b4466497
2 changed files with 166 additions and 51 deletions
--- a/src/main/java/org/dromara/system/controller/system/SysProfileController.java
+++ b/src/main/java/org/dromara/system/controller/system/SysProfileController.java
@@ -148,35 +148,10 @@ public class SysProfileController extends BaseController {
    @PutMapping("/updatePwd")
    public R<Void> updatePwd(@Validated @RequestBody SysUserPasswordBo bo) {
        Long userId = LoginHelper.getUserId();
-        // 如果是超级管理员，走原来的密码修改逻辑
        if (LoginHelper.isSuperAdmin(userId)) {
-            SysUserVo user = userService.selectUserById(userId);
-            String password = user.getPassword();
-            if (!BCrypt.checkpw(bo.getOldPassword(), password)) {
-                return R.fail("修改密码失败，旧密码错误");
-            }
-            if (BCrypt.checkpw(bo.getNewPassword(), password)) {
-                return R.fail("新密码不能与旧密码相同");
-            }
-            int rows = DataPermissionHelper.ignore(() -> userService.resetUserPwd(user.getUserId(), BCrypt.hashpw(bo.getNewPassword()), null));
-            if (rows > 0) {
-                return R.ok();
-            }
-            return R.fail("修改密码异常，请联系管理员");
+            return updateAdminPwd(bo, userId);
        }
-
-        // 普通用户，修改当前登录端口的子密码
-        // 优先使用前端传来的 portId
-        Long targetPortId = bo.getPortId();
-        if (targetPortId == null) {
-            targetPortId = LoginHelper.getLoginUser().getCompanyRoleId();
-        }
-
-        if (targetPortId == null) {
-            return R.fail("无法确定修改的目标企业，请指定portId");
-        }
-
-        return updateSubPwd(bo, targetPortId);
+        return updateCurrentLoginPortPwd(bo, bo.getPortId());
    }

    /**
@@ -190,29 +165,43 @@ public class SysProfileController extends BaseController {
    @Log(title = "个人信息", businessType = BusinessType.UPDATE)
    @PutMapping("/updateSubPwd")
    public R<Void> updateSubPwd(@Validated @RequestBody SysUserPasswordBo bo, @RequestParam(required = false) Long portId) {
+        Long requestedPortId = portId != null ? portId : bo.getPortId();
+        return updateCurrentLoginPortPwd(bo, requestedPortId);
+    }
+
+    private R<Void> updateAdminPwd(SysUserPasswordBo bo, Long userId) {
+        SysUserVo user = userService.selectUserById(userId);
+        String password = user.getPassword();
+        if (!BCrypt.checkpw(bo.getOldPassword(), password)) {
+            return R.fail("修改密码失败，旧密码错误");
+        }
+        if (BCrypt.checkpw(bo.getNewPassword(), password)) {
+            return R.fail("新密码不能与旧密码相同");
+        }
+        int rows = DataPermissionHelper.ignore(() -> userService.resetUserPwd(user.getUserId(), BCrypt.hashpw(bo.getNewPassword()), null));
+        if (rows > 0) {
+            return R.ok();
+        }
+        return R.fail("修改密码异常，请联系管理员");
+    }
+
+    private R<Void> updateCurrentLoginPortPwd(SysUserPasswordBo bo, Long requestedPortId) {
        Long userId = LoginHelper.getUserId();
-        Long targetPortId = portId;
-        if (targetPortId == null) {
-            targetPortId = LoginHelper.getLoginUser().getCompanyRoleId();
+        if (LoginHelper.getLoginUser() == null || LoginHelper.getLoginUser().getCompanyRoleId() == null) {
+            return R.fail("当前登录账号未绑定端口，无法修改密码");
        }
-        if (targetPortId == null) {
-            return R.fail("无法确定修改的目标企业，请指定portId");
+        Long currentPortId = LoginHelper.getLoginUser().getCompanyRoleId();
+        if (requestedPortId != null && !requestedPortId.equals(currentPortId)) {
+            return R.fail("只能修改当前登录账号密码");
        }

-        // Fetch port
-        SysUserLoginPort port = sysUserLoginPortService.getById(targetPortId);
-        if (port == null || !port.getUserId().equals(userId)) {
-            return R.fail("未找到对应企业端口或无权修改");
+        SysUserLoginPort currentPort = sysUserLoginPortService.getById(currentPortId);
+        if (currentPort == null || !userId.equals(currentPort.getUserId())) {
+            return R.fail("当前登录账号不存在或无权修改");
        }

-        // Check old password
-        String currentSubPwd = port.getSubPassword();
+        String currentSubPwd = currentPort.getSubPassword();
        if (StringUtils.isBlank(currentSubPwd)) {
-            // 如果没有设置子密码，视为未设置密码或无法修改（需根据业务决定，这里假设必须先有子密码）
-            // 或者，如果为空，允许直接设置？
-            // 考虑到用户迁移，如果为空，可能允许使用空密码验证？或者要求联系管理员重置。
-            // 这里遵循用户指令：完全依赖子密码。如果为空，可能无法通过旧密码验证。
-            // 但为了首次设置，如果为空，允许旧密码为空？
            if (StringUtils.isNotBlank(bo.getOldPassword())) {
                return R.fail("修改密码失败，旧密码错误");
            }
@@ -220,17 +209,16 @@ public class SysProfileController extends BaseController {
            if (!BCrypt.checkpw(bo.getOldPassword(), currentSubPwd)) {
                return R.fail("修改密码失败，旧密码错误");
            }
+            if (BCrypt.checkpw(bo.getNewPassword(), currentSubPwd)) {
+                return R.fail("新密码不能与旧密码相同");
+            }
        }

-        if (BCrypt.checkpw(bo.getNewPassword(), currentSubPwd)) {
-            return R.fail("新密码不能与旧密码相同");
+        currentPort.setSubPassword(BCrypt.hashpw(bo.getNewPassword()));
+        if (sysUserLoginPortService.updateById(currentPort)) {
+            return R.ok();
        }
-
-        // Update
-        port.setSubPassword(BCrypt.hashpw(bo.getNewPassword()));
-        sysUserLoginPortService.updateById(port);
-
-        return R.ok();
+        return R.fail("修改密码异常，请联系管理员");
    }

    /**