新增忘记/修改密码功能

sop-business/src/main/java/com/qmth/sop/business/entity/SysUser.java

@@ -43,6 +43,10 @@ public class SysUser extends BaseEntity implements Serializable {
     @ApiModelProperty(value = "密码")
     private String password;
 
+    @ApiModelProperty(value = "新密码")
+    @TableField(exist = false)
+    private String newPassword;
+
     @ApiModelProperty(value = "手机号")
     @Length(message = "手机号码不能超过{max}个字符", max = 25)
     private String mobileNumber;
@@ -75,6 +79,14 @@ public class SysUser extends BaseEntity implements Serializable {
     @NotNull(message = "请选择角色")
     private Long[] roleIds;
 
+    public String getNewPassword() {
+        return newPassword;
+    }
+
+    public void setNewPassword(String newPassword) {
+        this.newPassword = newPassword;
+    }
+
     public Long[] getRoleIds() {
         return roleIds;
     }

sop-business/src/main/java/com/qmth/sop/business/service/SysUserService.java

@@ -112,4 +112,12 @@ public interface SysUserService extends IService<SysUser> {
      * @return
      */
     List<UserRoleNameResult> selectRoleNames(List<Long> userIds);
+
+    /**
+     * 修改用户密码
+     *
+     * @param sysUser
+     * @return
+     */
+    Boolean updatePassword(SysUser sysUser) throws NoSuchAlgorithmException;
 }

sop-business/src/main/java/com/qmth/sop/business/service/impl/SysOrgServiceImpl.java

@@ -171,6 +171,11 @@ public class SysOrgServiceImpl extends ServiceImpl<SysOrgMapper, SysOrg> impleme
         }
         SysOrg sysOrg = this.getById(org.getId());
         Optional.ofNullable(sysOrg).orElseThrow(() -> ExceptionResultEnum.ORG_NO_DATA.exception());
-        return this.update(new UpdateWrapper<SysOrg>().lambda().set(SysOrg::getEnable, org.getEnable()).eq(SysOrg::getId, org.getId()));
+
+        SysUser requestUser = (SysUser) ServletUtil.getRequestUser();
+        return this.update(new UpdateWrapper<SysOrg>().lambda().set(SysOrg::getEnable, org.getEnable())
+                .eq(SysOrg::getId, org.getId())
+                .set(SysOrg::getUpdateId, requestUser.getId())
+                .set(SysOrg::getUpdateTime, System.currentTimeMillis()));
     }
 }

sop-business/src/main/java/com/qmth/sop/business/service/impl/SysRoleServiceImpl.java

@@ -12,7 +12,10 @@ import com.qmth.sop.business.entity.SysRolePrivilege;
 import com.qmth.sop.business.entity.SysUser;
 import com.qmth.sop.business.entity.SysUserRole;
 import com.qmth.sop.business.mapper.SysRoleMapper;
-import com.qmth.sop.business.service.*;
+import com.qmth.sop.business.service.SysRolePrivilegeService;
+import com.qmth.sop.business.service.SysRoleService;
+import com.qmth.sop.business.service.SysUserRoleService;
+import com.qmth.sop.business.service.SysUserService;
 import com.qmth.sop.common.enums.ExceptionResultEnum;
 import com.qmth.sop.common.enums.FieldUniqueEnum;
 import com.qmth.sop.common.util.ResultUtil;
@@ -86,6 +89,7 @@ public class SysRoleServiceImpl extends ServiceImpl<SysRoleMapper, SysRole> impl
     @Override
     @Transactional
     public Boolean saveRole(SysRolePrivilegeParams sysRolePrivilegeParams) {
+        boolean success = false;
         try {
             SysUser sysUser = (SysUser) ServletUtil.getRequestUser();
             SysRole role = new SysRole(sysRolePrivilegeParams);
@@ -98,19 +102,23 @@ public class SysRoleServiceImpl extends ServiceImpl<SysRoleMapper, SysRole> impl
                 role.setDefaultRole(sysRoleDb.getDefaultRole());
                 role.setInterpret(sysRoleDb.getType().getTitle());
                 role.updateInfo(sysUser.getId());
-                this.updateById(role);
-                commonCacheService.updateRoleCache(role.getId());
-                boolean isChange = sysRolePrivilegeService.saveBatch(role);//角色权限
-                if (isChange) {
-                    commonCacheService.updateRolePrivilegeCache(role.getId());
-                    //绑定该角色的用户都需要清除鉴权缓存
-                    List<SysUserRole> sysUserRoleList = sysUserRoleService.listByRoleId(role.getId());
-                    sysUserService.removeUserInfoBatch(sysUserRoleList.stream().map(SysUserRole::getUserId).collect(Collectors.toList()), true);
+                success = this.updateById(role);
+                if (success) {
+                    commonCacheService.updateRoleCache(role.getId());
+                    boolean isChange = sysRolePrivilegeService.saveBatch(role);//角色权限
+                    if (isChange) {
+                        commonCacheService.updateRolePrivilegeCache(role.getId());
+                        //绑定该角色的用户都需要清除鉴权缓存
+                        List<SysUserRole> sysUserRoleList = sysUserRoleService.listByRoleId(role.getId());
+                        sysUserService.removeUserInfoBatch(sysUserRoleList.stream().map(SysUserRole::getUserId).collect(Collectors.toList()), true);
+                    }
                 }
             } else {
                 role.insertInfo(sysUser.getId());
-                this.save(role);
-                sysRolePrivilegeService.saveBatch(role);//角色权限
+                success = this.save(role);
+                if (success) {
+                    sysRolePrivilegeService.saveBatch(role);//角色权限
+                }
             }
         } catch (Exception e) {
             if (e instanceof DuplicateKeyException) {
@@ -123,7 +131,7 @@ public class SysRoleServiceImpl extends ServiceImpl<SysRoleMapper, SysRole> impl
                 ResultUtil.error(e.getMessage());
             }
         }
-        return true;
+        return success;
     }
 
     /**

sop-business/src/main/java/com/qmth/sop/business/service/impl/SysUserServiceImpl.java

@@ -369,13 +369,19 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
         SysUser sysUserDb = this.getById(sysUser.getId());
         Optional.ofNullable(sysUserDb).orElseThrow(() -> ExceptionResultEnum.USER_NO_EXISTS.exception());
 
-        this.update(new UpdateWrapper<SysUser>().lambda().set(SysUser::getEnable, sysUser.getEnable()).eq(SysUser::getId, sysUser.getId()));
-        commonCacheService.updateUserCache(sysUser.getId());
-        //如果状态为禁用，需要踢下线重新登录
-        if (!sysUser.getEnable()) {
-            this.removeUserInfo(sysUser.getId(), true);
+        SysUser requestUser = (SysUser) ServletUtil.getRequestUser();
+        boolean success = this.update(new UpdateWrapper<SysUser>().lambda().set(SysUser::getEnable, sysUser.getEnable())
+                .eq(SysUser::getId, sysUser.getId())
+                .set(SysUser::getUpdateId, requestUser.getId())
+                .set(SysUser::getUpdateTime, System.currentTimeMillis()));
+        if (success) {
+            commonCacheService.updateUserCache(sysUser.getId());
+            //如果状态为禁用，需要踢下线重新登录
+            if (!sysUser.getEnable()) {
+                this.removeUserInfo(sysUser.getId(), true);
+            }
         }
-        return true;
+        return success;
     }
 
     @Override
@@ -393,4 +399,43 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
     public List<UserRoleNameResult> selectRoleNames(List<Long> userIds) {
         return this.baseMapper.selectRoleNames(userIds);
     }
+
+    /**
+     * 修改用户密码
+     *
+     * @param sysUser
+     * @return
+     * @throws NoSuchAlgorithmException
+     */
+    @Override
+    @Transactional
+    public Boolean updatePassword(SysUser sysUser) throws NoSuchAlgorithmException {
+        Optional.ofNullable(sysUser).orElseThrow(() -> ExceptionResultEnum.ERROR.exception("参数不能为空"));
+        Optional.ofNullable(sysUser.getId()).orElseThrow(() -> ExceptionResultEnum.ERROR.exception("id不能为空"));
+        Optional.ofNullable(sysUser.getPassword()).orElseThrow(() -> ExceptionResultEnum.ERROR.exception("旧密码不能为空"));
+        Optional.ofNullable(sysUser.getNewPassword()).orElseThrow(() -> ExceptionResultEnum.ERROR.exception("新密码不能为空"));
+
+        SysUser sysUserDb = this.getById(sysUser.getId());
+        Optional.ofNullable(sysUserDb).orElseThrow(() -> ExceptionResultEnum.USER_NO_EXISTS.exception());
+
+        if (!Objects.equals(sysUserDb.getPassword(), sysUser.getPassword())) {
+            throw ExceptionResultEnum.ERROR.exception("输入的旧密码不正确");
+        }
+
+        if (Objects.equals(sysUserDb.getPassword(), sysUser.getNewPassword())) {
+            throw ExceptionResultEnum.ERROR.exception("新密码不能与旧密码一致");
+        }
+
+        SysUser requestUser = (SysUser) ServletUtil.getRequestUser();
+        boolean success = this.update(new UpdateWrapper<SysUser>().lambda().set(SysUser::getPassword, sysUser.getNewPassword())
+                .eq(SysUser::getId, sysUser.getId())
+                .set(SysUser::getUpdateId, requestUser.getId())
+                .set(SysUser::getUpdateTime, System.currentTimeMillis()));
+        if (success) {
+            commonCacheService.updateUserCache(sysUser.getId());
+            //修改密码后，需要踢下线重新登录
+            this.removeUserInfo(sysUser.getId(), true);
+        }
+        return success;
+    }
 }

sop-business/src/main/resources/db/log/wangliang_update_log.sql

@@ -277,6 +277,18 @@ UPDATE sys_privilege
 SET name='删除', url='Delete', `type`='LINK', parent_id=16, `sequence`=2, property='AUTH', related='290', enable=1, default_auth=0, front_display=1
 WHERE id=126;
 
+UPDATE sys_privilege
+SET name='修改密码', url='UpdatePwd', `type`='LINK', parent_id=15, `sequence`=3, property=NULL, related='18', enable=1, default_auth=0, front_display=1
+WHERE id=17;
+UPDATE sys_privilege
+SET name='用户修改密码', url='/api/admin/user/update_password', `type`='URL', parent_id=15, `sequence`=4, property='AUTH', related=NULL, enable=1, default_auth=1, front_display=0
+WHERE id=18;
+
+INSERT INTO sys_privilege
+(id, name, url, `type`, parent_id, `sequence`, property, related, enable, default_auth, front_display)
+VALUES(3000, '修改密码', '/api/admin/common/update_password', 'URL', 64, 13, 'SYS', NULL, 1, 1, 0);
+
+
 
 
 

sop-server/src/main/java/com/qmth/sop/server/api/SysController.java

@@ -1,6 +1,7 @@
 package com.qmth.sop.server.api;
 
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.google.gson.reflect.TypeToken;
@@ -110,7 +111,6 @@ public class SysController {
                 throw ExceptionResultEnum.ERROR.exception("查出多个用户");
             }
             sysUser = sysUserList.get(0);
-            Optional.ofNullable(sysUser).orElseThrow(() -> ExceptionResultEnum.ERROR.exception("未查询到用户"));
 
             if (!Objects.equals(sysUser.getPassword(), login.getPassword())) {
                 throw ExceptionResultEnum.ERROR.exception("用户名或密码错误");
@@ -130,7 +130,6 @@ public class SysController {
                 throw ExceptionResultEnum.ERROR.exception("查出多个用户");
             }
             sysUser = sysUserList.get(0);
-            Optional.ofNullable(sysUser).orElseThrow(() -> ExceptionResultEnum.ERROR.exception("未查询到用户"));
 
             // 校验验证码
             sysUserService.checkSmsCode(sysUser.getId(), sysUser.getMobileNumber(), login.getCode());
@@ -220,12 +219,12 @@ public class SysController {
     @RequestMapping(value = "/get_verify_code", method = RequestMethod.POST)
     @ApiResponses({@ApiResponse(code = 200, message = "返回信息", response = Object.class)})
     @Aac(auth = BOOL.FALSE)
-    public Result getVerifyCode(@RequestBody LoginParam loginParam) {
-        Optional.ofNullable(loginParam.getMobileNumber()).orElseThrow(() -> ExceptionResultEnum.ERROR.exception("手机号不能为空"));
-        List<SysUser> userList = sysUserService.list(new QueryWrapper<SysUser>().lambda().eq(SysUser::getMobileNumber, loginParam.getMobileNumber()));
+    public Result getVerifyCode(@RequestBody LoginParam login) {
+        Optional.ofNullable(login.getMobileNumber()).orElseThrow(() -> ExceptionResultEnum.ERROR.exception("手机号不能为空"));
+        List<SysUser> userList = sysUserService.list(new QueryWrapper<SysUser>().lambda().eq(SysUser::getMobileNumber, login.getMobileNumber()));
 
-        if (!loginParam.getMobileNumber().matches(SystemConstant.REGULAR_EXPRESSION_OF_PHONE)) {
-            throw ExceptionResultEnum.ERROR.exception("手机号[" + loginParam.getMobileNumber() + "]不符合输入规范");
+        if (!login.getMobileNumber().matches(SystemConstant.REGULAR_EXPRESSION_OF_PHONE)) {
+            throw ExceptionResultEnum.ERROR.exception("手机号[" + login.getMobileNumber() + "]不符合输入规范");
         }
 
         //用户不存在
@@ -240,7 +239,7 @@ public class SysController {
         if (!sysUser.getEnable()) {
             throw ExceptionResultEnum.ERROR.exception("手机号被禁用");
         }
-        return ResultUtil.ok(basicVerifyCodeService.sendVeirfyCode(loginParam.getMobileNumber(), sysUser));
+        return ResultUtil.ok(basicVerifyCodeService.sendVeirfyCode(login.getMobileNumber(), sysUser));
     }
 
     @ApiOperation(value = "查询用户权限")
@@ -289,4 +288,55 @@ public class SysController {
         }.getType());
         return ResultUtil.ok(orgDtoNotTreeList);
     }
+
+    @ApiOperation(value = "忘记密码")
+    @RequestMapping(value = "/forget_password", method = RequestMethod.POST)
+    @ApiResponses({@ApiResponse(code = 200, message = "返回信息", response = Object.class)})
+    @Aac(auth = BOOL.FALSE)
+    @Transactional
+    public Result forgetPassword(@RequestBody LoginParam login) throws NoSuchAlgorithmException {
+        Optional.ofNullable(login.getMobileNumber()).orElseThrow(() -> ExceptionResultEnum.ERROR.exception("手机号不能为空"));
+        Optional.ofNullable(login.getCode()).orElseThrow(() -> ExceptionResultEnum.ERROR.exception("验证码不能为空"));
+        Optional.ofNullable(login.getPassword()).orElseThrow(() -> ExceptionResultEnum.ERROR.exception("密码不能为空"));
+
+        SysConfig sysConfig = commonCacheService.addSysConfigCache(SystemConstant.SMS_NORMAL_CODE);
+        Optional.ofNullable(sysConfig).orElseThrow(() -> ExceptionResultEnum.ERROR.exception("未配置万能短信验证码"));
+
+        List<SysUser> sysUserList = sysUserService.list(new QueryWrapper<SysUser>().lambda().eq(SysUser::getMobileNumber, login.getMobileNumber()));
+        if (CollectionUtils.isEmpty(sysUserList)) {
+            throw ExceptionResultEnum.ERROR.exception("用户不存在");
+        }
+        if (sysUserList.size() > 1) {
+            throw ExceptionResultEnum.ERROR.exception("查出多个用户");
+        }
+        SysUser sysUser = sysUserList.get(0);
+
+        // 校验验证码
+        sysUserService.checkSmsCode(sysUser.getId(), sysUser.getMobileNumber(), login.getCode());
+
+        if (!Objects.equals(sysConfig.getConfigValue().trim(), login.getCode().trim())) {
+            sysUserService.expiredVerifyCode(sysUser.getId(), sysUser.getMobileNumber());
+        }
+
+        if (!Objects.equals(sysUser.getPassword(), login.getPassword())) {
+            boolean success = sysUserService.update(new UpdateWrapper<SysUser>().lambda().eq(SysUser::getId, sysUser.getId())
+                    .set(SysUser::getPassword, login.getPassword())
+                    .set(SysUser::getUpdateTime, System.currentTimeMillis()));
+            if (success) {
+                commonCacheService.updateUserCache(sysUser.getId());
+                //修改密码后，需要踢下线重新登录
+                sysUserService.removeUserInfo(sysUser.getId(), true);
+            }
+            return ResultUtil.ok(success);
+        } else {
+            return ResultUtil.ok(true);
+        }
+    }
+
+    @ApiOperation(value = "修改密码")
+    @RequestMapping(value = "/update_password", method = RequestMethod.POST)
+    @ApiResponses({@ApiResponse(code = 200, message = "返回信息", response = Object.class)})
+    public Result updatePassword(@RequestBody SysUser sysUser) throws NoSuchAlgorithmException {
+        return ResultUtil.ok(sysUserService.updatePassword(sysUser));
+    }
 }

sop-server/src/main/java/com/qmth/sop/server/api/SysUserController.java

@@ -62,4 +62,11 @@ public class SysUserController {
     public Result enable(@RequestBody SysUser sysUser) throws NoSuchAlgorithmException {
         return ResultUtil.ok(sysUserService.enable(sysUser));
     }
+
+    @ApiOperation(value = "修改密码")
+    @RequestMapping(value = "/update_password", method = RequestMethod.POST)
+    @ApiResponses({@ApiResponse(code = 200, message = "返回信息", response = Object.class)})
+    public Result updatePassword(@RequestBody SysUser sysUser) throws NoSuchAlgorithmException {
+        return ResultUtil.ok(sysUserService.updatePassword(sysUser));
+    }
 }