修改用户名密码

ibzuaa-provider/ibzuaa-provider-api/src/main/java/cn/ibizlab/api/rest/extensions/ClientAuthenticationResource.java

@@ -3,18 +3,26 @@ package cn.ibizlab.api.rest.extensions;
 
 import cn.ibizlab.core.uaa.extensions.service.SysAppService;
 import cn.ibizlab.core.uaa.extensions.service.UAACoreService;
+import cn.ibizlab.util.domain.IBZUSER;
+import cn.ibizlab.util.errors.BadRequestAlertException;
 import cn.ibizlab.util.helper.CachedBeanCopier;
 import cn.ibizlab.util.security.*;
 import cn.ibizlab.util.service.AuthenticationUserService;
+import cn.ibizlab.util.service.IBZUSERService;
 import com.alibaba.fastjson.JSONObject;
+import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
 import org.springframework.http.ResponseEntity;
+import org.springframework.util.DigestUtils;
+import org.springframework.util.StringUtils;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
+import java.util.List;
+
 /**
  * 客户端登录认证
  */
@@ -43,6 +51,12 @@ public class ClientAuthenticationResource
     @Autowired
     UAACoreService uaaCoreService;
 
+    @Autowired
+    private IBZUSERService ibzuserService;
+
+    @Value("${ibiz.auth.pwencrymode:0}")
+    private int pwencrymode;
+
     @PostMapping(value = "v7/login")
     public ResponseEntity<AuthenticationInfo> login(@Validated @RequestBody AuthorizationLogin authorizationLogin){
         userDetailsService.resetByUsername(authorizationLogin.getUsername());
@@ -58,6 +72,37 @@ public class ClientAuthenticationResource
         return ResponseEntity.ok().body(new AuthenticationInfo(token,user2));
     }
 
+    @PostMapping(value = "v7/changepwd")
+    public ResponseEntity<Boolean> changepwd(@Validated @RequestBody JSONObject jsonObject){
+        String oldpwd = jsonObject.getString("oldpwd");// 旧密码
+        String newpwd = jsonObject.getString("newpwd");// 新密码
+        // 空校验
+        if (StringUtils.isEmpty(oldpwd))
+            throw new BadRequestAlertException("旧密码为空", "ClientAuthenticationResource", "");
+        if (StringUtils.isEmpty(newpwd))
+            throw new BadRequestAlertException("新密码为空", "ClientAuthenticationResource", "");
+        // 获取当前登录用户并加密旧密码
+        AuthenticationUser authenticationUser = AuthenticationUser.getAuthenticationUser();
+        if(pwencrymode==1)
+            oldpwd = DigestUtils.md5DigestAsHex(oldpwd.getBytes());
+        else if(pwencrymode==2)
+            oldpwd = DigestUtils.md5DigestAsHex(String.format("%1$s||%2$s", authenticationUser.getUsername(), oldpwd).getBytes());
+        if(!authenticationUser.getPassword().equals( oldpwd )){
+            throw new BadRequestAlertException("用户名密码错误","IBZUSER",authenticationUser.getUsername());
+        }
+        // 加密新密码
+        if(pwencrymode==1)
+            newpwd = DigestUtils.md5DigestAsHex(newpwd.getBytes());
+        else if(pwencrymode==2)
+            newpwd = DigestUtils.md5DigestAsHex(String.format("%1$s||%2$s", authenticationUser.getUsername(), newpwd).getBytes());
+        // 修改密码
+        IBZUSER ibzuser = new IBZUSER();
+        ibzuser.setUserid(authenticationUser.getUserid());
+        ibzuser.setPassword(newpwd);
+        ibzuserService.save(ibzuser);
+        return ResponseEntity.ok(true);
+    }
+
     @PostMapping(value = "uaa/login")
     public ResponseEntity<AuthenticationUser> uaalogin(@Validated @RequestBody AuthorizationLogin authorizationLogin){
         userDetailsService.resetByUsername(authorizationLogin.getUsername());