员工删除

个人中心 修改密码
商品设置热门

eladmin-system/src/main/java/cn/ysk/cashier/system/domain/vo/UserPassVo.java

@@ -1,18 +1,3 @@
-/*
- *  Copyright 2019-2020 Zheng Jie
- *
- *  Licensed under the Apache License, Version 2.0 (the "License");
- *  you may not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS,
- *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
 package cn.ysk.cashier.system.domain.vo;
 
 import lombok.Data;
@@ -25,6 +10,9 @@ import lombok.Data;
 @Data
 public class UserPassVo {
 
+    //staff
+    private String loginType;
+
     private String oldPass;
 
     private String newPass;

eladmin-system/src/main/java/cn/ysk/cashier/system/rest/UserController.java

@@ -1,26 +1,15 @@
-/*
- *  Copyright 2019-2020 Zheng Jie
- *
- *  Licensed under the Apache License, Version 2.0 (the "License");
- *  you may not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS,
- *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
 package cn.ysk.cashier.system.rest;
 
 import cn.hutool.core.collection.CollectionUtil;
+import cn.ysk.cashier.config.security.security.TokenProvider;
+import cn.ysk.cashier.config.security.service.OnlineUserService;
+import cn.ysk.cashier.repository.shop.TbPlussShopStaffRepository;
 import cn.ysk.cashier.system.domain.Dept;
 import cn.ysk.cashier.system.domain.User;
 import cn.ysk.cashier.system.domain.vo.UserPassVo;
 import cn.ysk.cashier.system.service.dto.UserDto;
 import cn.ysk.cashier.system.service.dto.UserQueryCriteria;
+import cn.ysk.cashier.utils.MD5Utils;
 import cn.ysk.cashier.utils.PageUtil;
 import cn.ysk.cashier.utils.RsaUtils;
 import cn.ysk.cashier.utils.SecurityUtils;
@@ -37,16 +26,20 @@ import cn.ysk.cashier.system.service.dto.RoleSmallDto;
 import cn.ysk.cashier.system.service.VerifyService;
 import cn.ysk.cashier.system.service.UserService;
 import cn.ysk.cashier.utils.enums.CodeEnum;
+import org.apache.commons.lang3.StringUtils;
 import org.springframework.data.domain.Pageable;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.transaction.annotation.Transactional;
 import org.springframework.util.CollectionUtils;
 import org.springframework.util.ObjectUtils;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.multipart.MultipartFile;
+
+import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.util.*;
@@ -68,6 +61,9 @@ public class UserController {
     private final DeptService deptService;
     private final RoleService roleService;
     private final VerifyService verificationCodeService;
+    private final OnlineUserService onlineUserService;
+    private final TbPlussShopStaffRepository shopStaffRepository;
+    private final TokenProvider tokenProvider;
 
     @ApiOperation("导出用户数据")
     @GetMapping(value = "/download")
@@ -155,17 +151,27 @@ public class UserController {
 
     @ApiOperation("修改密码")
     @PostMapping(value = "/updatePass")
-    public ResponseEntity<Object> updateUserPass(@RequestBody UserPassVo passVo) throws Exception {
-        String oldPass = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey,passVo.getOldPass());
-        String newPass = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey,passVo.getNewPass());
-        UserDto user = userService.findByName(SecurityUtils.getCurrentUsername());
-        if(!passwordEncoder.matches(oldPass, user.getPassword())){
+    @Transactional
+    public ResponseEntity<Object> updateUserPass(HttpServletRequest request, @RequestBody UserPassVo passVo) throws Exception {
+        String currentUsername = SecurityUtils.getCurrentUsername();
+        UserDto user = userService.findByName(currentUsername);
+        String oldPass = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey, passVo.getOldPass());
+        String newPass = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey, passVo.getNewPass());
+        if (!passwordEncoder.matches(oldPass, user.getPassword())) {
             throw new BadRequestException("修改失败，旧密码错误");
         }
-        if(passwordEncoder.matches(newPass, user.getPassword())){
+        if (passwordEncoder.matches(newPass, user.getPassword())) {
             throw new BadRequestException("新密码不能与旧密码相同");
         }
+        String encPass = MD5Utils.encrypt( passVo.getNewPass());
+        if (StringUtils.isNotBlank(passVo.getLoginType()) && passVo.getLoginType().equals("staff")) {
+            String[] split = currentUsername.split("@");
+            shopStaffRepository.updatePassAndShopId(split[1],split[0],encPass,System.currentTimeMillis());
+        }else {
+            shopStaffRepository.updatePass(currentUsername,encPass,System.currentTimeMillis());
+        }
         userService.updatePass(user.getUsername(),passwordEncoder.encode(newPass));
+        onlineUserService.logout(tokenProvider.getToken(request));
         return new ResponseEntity<>(HttpStatus.OK);
     }