feat: 密码强度校验/密码过期时间功能
This commit is contained in:
TsMask
@@ -194,8 +194,8 @@ func (s *SysProfileController) UpdateProfile(c *gin.Context) {
|
||||
// @Security TokenAuth
|
||||
// @Summary Personal Reset Password
|
||||
// @Description Personal Reset Password
|
||||
// @Router /system/user/profile/updatePwd [put]
|
||||
func (s *SysProfileController) UpdatePassword(c *gin.Context) {
|
||||
// @Router /system/user/profile/password [put]
|
||||
func (s *SysProfileController) PasswordUpdate(c *gin.Context) {
|
||||
language := reqctx.AcceptLanguage(c)
|
||||
var body struct {
|
||||
OldPassword string `json:"oldPassword" binding:"required"` // 旧密码
|
||||
@@ -247,3 +247,65 @@ func (s *SysProfileController) UpdatePassword(c *gin.Context) {
|
||||
}
|
||||
c.JSON(200, resp.Err(nil))
|
||||
}
|
||||
|
||||
// 强制重置密码
|
||||
//
|
||||
// PUT /password-force
|
||||
func (s *SysProfileController) PasswordForce(c *gin.Context) {
|
||||
language := reqctx.AcceptLanguage(c)
|
||||
var body struct {
|
||||
Password string `json:"password" binding:"required"`
|
||||
}
|
||||
if err := c.ShouldBindBodyWithJSON(&body); err != nil {
|
||||
errMsgs := fmt.Sprintf("bind err: %s", resp.FormatBindError(err))
|
||||
c.JSON(422, resp.CodeMsg(40422, errMsgs))
|
||||
return
|
||||
}
|
||||
|
||||
// 检查用户密码策略强度
|
||||
ok, errMsg := s.sysUserService.ValidatePasswordPolicy(body.Password, language)
|
||||
if !ok {
|
||||
c.JSON(200, resp.ErrMsg(errMsg))
|
||||
return
|
||||
}
|
||||
|
||||
// 登录用户信息
|
||||
loginUser, err := reqctx.LoginUser(c)
|
||||
if err != nil {
|
||||
c.JSON(401, resp.CodeMsg(401, i18n.TKey(language, err.Error())))
|
||||
return
|
||||
}
|
||||
|
||||
// 检查是否存在
|
||||
userInfo := s.sysUserService.FindById(loginUser.UserId)
|
||||
if userInfo.UserId != loginUser.UserId {
|
||||
// c.JSON(200, resp.ErrMsg("没有权限访问用户数据!"))
|
||||
c.JSON(200, resp.ErrMsg(i18n.TKey(language, "user.noData")))
|
||||
return
|
||||
}
|
||||
|
||||
// 首次登录
|
||||
forcePasswdChange := userInfo.LoginCount <= 2
|
||||
// 非首次登录,判断密码是否过期
|
||||
if !forcePasswdChange {
|
||||
alert, _ := s.sysUserService.ValidatePasswordExpireTime(userInfo.PasswordUpdateTime)
|
||||
forcePasswdChange = alert
|
||||
}
|
||||
if !forcePasswdChange {
|
||||
c.JSON(403, resp.ErrMsg("not matching the amendment"))
|
||||
return
|
||||
}
|
||||
|
||||
userInfo.Password = body.Password
|
||||
userInfo.UpdateBy = reqctx.LoginUserToUserName(c)
|
||||
rows := s.sysUserService.Update(userInfo)
|
||||
if rows > 0 {
|
||||
// 更新缓存用户信息
|
||||
userInfo.Password = ""
|
||||
// 移除令牌信息
|
||||
token.Remove(reqctx.Authorization(c))
|
||||
c.JSON(200, resp.Ok(nil))
|
||||
return
|
||||
}
|
||||
c.JSON(200, resp.Err(nil))
|
||||
}
|
||||
|
||||
@@ -189,13 +189,19 @@ func (s *SysUserController) Add(c *gin.Context) {
|
||||
c.JSON(400, resp.ErrMsg(msg))
|
||||
return
|
||||
}
|
||||
if !regular.ValidPassword(body.Password) {
|
||||
// msg := fmt.Sprintf("新增用户【%s】失败,登录密码至少包含大小写字母、数字、特殊符号,且不少于6位", body.UserName)
|
||||
msg := fmt.Sprintf("New user [%s] failed, the login password contains at least upper and lower case letters, numbers, special symbols, and not less than 6 bits", body.UserName)
|
||||
c.JSON(400, resp.ErrMsg(msg))
|
||||
// if !regular.ValidPassword(body.Password) {
|
||||
// // msg := fmt.Sprintf("新增用户【%s】失败,登录密码至少包含大小写字母、数字、特殊符号,且不少于6位", body.UserName)
|
||||
// msg := fmt.Sprintf("New user [%s] failed, the login password contains at least upper and lower case letters, numbers, special symbols, and not less than 6 bits", body.UserName)
|
||||
// c.JSON(400, resp.ErrMsg(msg))
|
||||
// return
|
||||
// }
|
||||
|
||||
// 检查用户密码策略强度
|
||||
ok, errMsg := s.sysUserService.ValidatePasswordPolicy(body.Password, language)
|
||||
if !ok {
|
||||
c.JSON(200, resp.ErrMsg(errMsg))
|
||||
return
|
||||
}
|
||||
|
||||
// 检查用户登录账号是否唯一
|
||||
uniqueUserName := s.sysUserService.CheckUniqueByUserName(body.UserName, 0)
|
||||
if !uniqueUserName {
|
||||
@@ -431,11 +437,17 @@ func (s *SysUserController) Password(c *gin.Context) {
|
||||
return
|
||||
}
|
||||
|
||||
if !regular.ValidPassword(body.Password) {
|
||||
c.JSON(200, resp.ErrMsg("Login password contains at least upper and lower case letters, numbers, special symbols, and not less than 6 digits"))
|
||||
// if !regular.ValidPassword(body.Password) {
|
||||
// c.JSON(200, resp.ErrMsg("Login password contains at least upper and lower case letters, numbers, special symbols, and not less than 6 digits"))
|
||||
// return
|
||||
// }
|
||||
|
||||
// 检查用户密码策略强度
|
||||
ok, errMsg := s.sysUserService.ValidatePasswordPolicy(body.Password, language)
|
||||
if !ok {
|
||||
c.JSON(200, resp.ErrMsg(errMsg))
|
||||
return
|
||||
}
|
||||
|
||||
// 检查是否存在
|
||||
userInfo := s.sysUserService.FindById(body.UserId)
|
||||
if userInfo.UserId != body.UserId {
|
||||
|
||||
Reference in New Issue
Block a user