From 91fc6643a8724a9ec6b49f93e346e1939b93b70f Mon Sep 17 00:00:00 2001 From: wangw <1594593906@qq.com> Date: Mon, 27 Apr 2026 10:08:16 +0800 Subject: [PATCH] =?UTF-8?q?=E5=88=9B=E5=BB=BA=E5=BA=97=E9=93=BA=E5=AF=86?= =?UTF-8?q?=E7=A0=81=E5=BC=BA=E5=BA=A6=E6=A0=A1=E9=AA=8C=20=E4=BF=AE?= =?UTF-8?q?=E6=94=B9=E5=AF=86=E7=A0=81=20=E5=8F=AF=E9=80=9A=E8=BF=87?= =?UTF-8?q?=E9=AA=8C=E8=AF=81=E7=A0=81=20=E5=8F=91=E9=80=81=E9=AA=8C?= =?UTF-8?q?=E8=AF=81=E7=A0=81=E7=B1=BB=E5=9E=8B=E9=99=90=E5=88=B6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../controller/admin/CommonController.java | 11 +++++++- .../controller/admin/ShopInfoController.java | 4 +-- .../czg/controller/admin/SysController.java | 28 ++++++++++++++----- .../account/dto/user/SysUserEditPwdDTO.java | 12 ++++---- .../czg/account/service/ShopInfoService.java | 4 +-- .../main/java/com/czg/utils/CzgStrUtils.java | 16 +++++++++++ .../service/impl/CommonServiceImpl.java | 6 ++-- .../service/impl/ShopInfoServiceImpl.java | 24 +++++++++++----- .../service/impl/SysUserServiceImpl.java | 18 ++++++++---- .../service/impl/UserInfoServiceImpl.java | 8 +++--- 10 files changed, 93 insertions(+), 38 deletions(-) diff --git a/cash-api/account-server/src/main/java/com/czg/controller/admin/CommonController.java b/cash-api/account-server/src/main/java/com/czg/controller/admin/CommonController.java index cf6d3e6cc..ee1962acc 100644 --- a/cash-api/account-server/src/main/java/com/czg/controller/admin/CommonController.java +++ b/cash-api/account-server/src/main/java/com/czg/controller/admin/CommonController.java @@ -1,5 +1,6 @@ package com.czg.controller.admin; +import cn.hutool.core.util.StrUtil; import com.czg.account.service.CommonService; import com.czg.resp.CzgResult; import com.czg.service.account.util.AliOssUtil; @@ -8,6 +9,8 @@ import org.apache.commons.io.FilenameUtils; import org.springframework.web.bind.annotation.*; import org.springframework.web.multipart.MultipartFile; +import java.util.List; + /** * 公共接口 * @author Administrator @@ -20,13 +23,19 @@ public class CommonController { @Resource private AliOssUtil aliOssUtil; + private static final List SMS_CODE_TYPE = List.of("editShopInfoOpePwd", "wxMiniPwd", "shopPwd"); + /** * 发送验证码 - * @param type 验证码类型 + * @param type 验证码类型 目前 + * editShopInfoOpePwd 店铺操作密码 + * wxMiniPwd 微信小程序用户登录密码 + * shopPwd 店铺登录密码 * @return 是否成功 */ @GetMapping("/sms") public CzgResult sendSms(@RequestParam String type) { + if(StrUtil.isEmpty(type) || !SMS_CODE_TYPE.contains(type)) return CzgResult.failure("验证码类型错误"); return CzgResult.success(commonService.sendSms(type)); } diff --git a/cash-api/account-server/src/main/java/com/czg/controller/admin/ShopInfoController.java b/cash-api/account-server/src/main/java/com/czg/controller/admin/ShopInfoController.java index 7502b17eb..b41f6cb4a 100644 --- a/cash-api/account-server/src/main/java/com/czg/controller/admin/ShopInfoController.java +++ b/cash-api/account-server/src/main/java/com/czg/controller/admin/ShopInfoController.java @@ -40,7 +40,7 @@ public class ShopInfoController { @SaAdminCheckRole("管理员") @SaAdminCheckPermission(parentName = "店铺管理接口", value = "shopInfo:list", name = "店铺列表") @GetMapping - public CzgResult> get(PageDTO pageDTO, String profiles, String phone, String shopName, Integer status, Integer isHeadShop) { + public CzgResult> get(PageDTO pageDTO, String profiles, String phone, String shopName, Integer status, Integer isHeadShop) { return CzgResult.success(shopInfoService.get(pageDTO, profiles, phone, shopName, status, isHeadShop)); } @@ -49,7 +49,7 @@ public class ShopInfoController { * */ @GetMapping("/otherShop") - public CzgResult> getShopByMainId(PageDTO pageDTO, String shopName, Integer status) { + public CzgResult> getShopByMainId(PageDTO pageDTO, String shopName, Integer status) { return CzgResult.success(shopInfoService.getShopByMainId(pageDTO, shopName, status)); } diff --git a/cash-api/account-server/src/main/java/com/czg/controller/admin/SysController.java b/cash-api/account-server/src/main/java/com/czg/controller/admin/SysController.java index 17b284ad2..45e9c41dd 100644 --- a/cash-api/account-server/src/main/java/com/czg/controller/admin/SysController.java +++ b/cash-api/account-server/src/main/java/com/czg/controller/admin/SysController.java @@ -1,11 +1,13 @@ package com.czg.controller.admin; +import cn.hutool.core.util.StrUtil; import com.czg.account.dto.user.SysUserAddDTO; import com.czg.account.dto.user.SysUserEditDTO; import com.czg.account.dto.user.SysUserEditPwdDTO; import com.czg.account.service.SysUserService; import com.czg.account.vo.SysUserDetailVO; import com.czg.annotation.SaAdminCheckRole; +import com.czg.exception.CzgException; import com.czg.resp.CzgResult; import com.mybatisflex.core.paginate.Page; import jakarta.annotation.Resource; @@ -17,6 +19,7 @@ import java.io.IOException; /** * 系统用户管理 + * * @author Administrator */ @RestController @@ -27,10 +30,11 @@ public class SysController { /** * 系统用户列表 - * @param key 名称或邮箱搜索 + * + * @param key 名称或邮箱搜索 * @param startTime 开始时间 - * @param endTime 结束时间 - * @param status 状态:1启用、0禁用 + * @param endTime 结束时间 + * @param status 状态:1启用、0禁用 * @return 分页数据 */ // @SaAdminCheckPermission("sysUser:list") @@ -42,6 +46,7 @@ public class SysController { /** * 员工相信信息 + * * @param id 用户id * @return 员工信息 */ @@ -53,6 +58,7 @@ public class SysController { /** * 系统账号修改 + * * @param sysUserEditDTO 修改信息 * @return 是否成功 */ @@ -65,16 +71,22 @@ public class SysController { /** * 登录账号密码修改 - * @param sysUserEditPwdDTO 修改西悉尼 + * + * @param sysUserEditPwdDTO 修改密码 + * 原密码与验证码 二选一 * @return 是否成功 */ @PutMapping("/pwd") public CzgResult editPwd(@RequestBody @Validated SysUserEditPwdDTO sysUserEditPwdDTO) { + if (StrUtil.isBlank(sysUserEditPwdDTO.getOriginalPassword()) || StrUtil.isBlank(sysUserEditPwdDTO.getCode())) { + throw new CzgException("原密码或验证码不能同时为空"); + } return CzgResult.success(sysUserService.editPwd(sysUserEditPwdDTO)); } /** * 系统用户删除 + * * @param id 用户id * @return 是否成功 */ @@ -87,6 +99,7 @@ public class SysController { /** * 系统用户添加 + * * @param sysUserAddDTO 添加信息 * @return 是否成功 */ @@ -98,10 +111,11 @@ public class SysController { /** * 系统用户导出 - * @param key 名称或邮箱搜索 + * + * @param key 名称或邮箱搜索 * @param startTime 开始时间 - * @param endTime 结束时间 - * @param status 状态:1启用、0禁用 + * @param endTime 结束时间 + * @param status 状态:1启用、0禁用 * @throws IOException IO异常 */ @SaAdminCheckRole("admin") diff --git a/cash-common/cash-common-service/src/main/java/com/czg/account/dto/user/SysUserEditPwdDTO.java b/cash-common/cash-common-service/src/main/java/com/czg/account/dto/user/SysUserEditPwdDTO.java index 0fc2fb4f0..1fd447c16 100644 --- a/cash-common/cash-common-service/src/main/java/com/czg/account/dto/user/SysUserEditPwdDTO.java +++ b/cash-common/cash-common-service/src/main/java/com/czg/account/dto/user/SysUserEditPwdDTO.java @@ -1,12 +1,8 @@ package com.czg.account.dto.user; import jakarta.validation.constraints.NotBlank; -import jakarta.validation.constraints.NotNull; -import jakarta.validation.constraints.Size; import lombok.Data; -import java.time.LocalDateTime; - /** * @author Administrator */ @@ -22,17 +18,21 @@ public class SysUserEditPwdDTO { */ // @NotBlank(message = "原密码不为空") private String originalPassword; + /** + * 验证码 + */ + private String code; /** * 确认密码 */ - @NotBlank(message = "确认密码不为空") + @NotBlank(message = "确认密码不能为空") private String checkPassword; /** * 密码 */ - @NotBlank(message = "确认密码不为空") + @NotBlank(message = "密码不能为空") private String password; diff --git a/cash-common/cash-common-service/src/main/java/com/czg/account/service/ShopInfoService.java b/cash-common/cash-common-service/src/main/java/com/czg/account/service/ShopInfoService.java index 7afb1669f..9723349b5 100644 --- a/cash-common/cash-common-service/src/main/java/com/czg/account/service/ShopInfoService.java +++ b/cash-common/cash-common-service/src/main/java/com/czg/account/service/ShopInfoService.java @@ -30,9 +30,9 @@ public interface ShopInfoService extends IService { */ boolean checkSwitch(Long shopId, ShopSwitchTypeEnum switchType) throws ValidateException; - Page get(PageDTO pageDTO, String profiles, String phone, String shopName, Integer status, Integer isHeadShop); + Page get(PageDTO pageDTO, String profiles, String phone, String shopName, Integer status, Integer isHeadShop); - Page getShopByMainId(PageDTO pageDTO, String shopName, Integer status); + Page getShopByMainId(PageDTO pageDTO, String shopName, Integer status); Boolean add(ShopInfoAddDTO shopInfoAddDTO); diff --git a/cash-common/cash-common-tools/src/main/java/com/czg/utils/CzgStrUtils.java b/cash-common/cash-common-tools/src/main/java/com/czg/utils/CzgStrUtils.java index 0bc925912..d580b165e 100644 --- a/cash-common/cash-common-tools/src/main/java/com/czg/utils/CzgStrUtils.java +++ b/cash-common/cash-common-tools/src/main/java/com/czg/utils/CzgStrUtils.java @@ -1,6 +1,8 @@ package com.czg.utils; +import cn.hutool.core.text.PasswdStrength; import cn.hutool.core.util.StrUtil; +import com.czg.exception.CzgException; import java.time.LocalDate; @@ -21,6 +23,7 @@ public class CzgStrUtils { /** * 获取当天是周几 + * * @return 周几 */ public static String getStrWeek() { @@ -31,4 +34,17 @@ public class CzgStrUtils { return "周" + chineseWeeks[dayOfWeek]; } + + public static void checkPwd(String pwd) { + if (StrUtil.isBlank(pwd)) { + throw new CzgException("密码不能为空"); + } + if (pwd.length() < 6) { + throw new CzgException("密码长度不能小于6"); + } + PasswdStrength.PASSWD_LEVEL level = PasswdStrength.getLevel(pwd); + if (level == PasswdStrength.PASSWD_LEVEL.EASY) { + throw new CzgException("密码强度弱,需包含字母、数字、特殊符号中至少两种"); + } + } } diff --git a/cash-service/account-service/src/main/java/com/czg/service/account/service/impl/CommonServiceImpl.java b/cash-service/account-service/src/main/java/com/czg/service/account/service/impl/CommonServiceImpl.java index 19faebe55..6ffb05d9b 100644 --- a/cash-service/account-service/src/main/java/com/czg/service/account/service/impl/CommonServiceImpl.java +++ b/cash-service/account-service/src/main/java/com/czg/service/account/service/impl/CommonServiceImpl.java @@ -1,6 +1,5 @@ package com.czg.service.account.service.impl; -import cn.hutool.core.util.RandomUtil; import cn.hutool.core.util.StrUtil; import com.czg.account.entity.SysUser; import com.czg.account.service.CommonService; @@ -10,6 +9,7 @@ import com.czg.exception.CzgException; import com.czg.sa.StpKit; import com.czg.service.RedisService; import com.czg.system.service.SmsService; +import com.czg.utils.CzgRandomUtils; import jakarta.annotation.Resource; import org.apache.dubbo.config.annotation.DubboReference; import org.springframework.stereotype.Service; @@ -37,9 +37,9 @@ public class CommonServiceImpl implements CommonService { if (val != null) { throw new CzgException("请勿频繁获取"); } - int code = RandomUtil.randomInt(100000, 1000000); + String code = CzgRandomUtils.randomNumber(6,true); redisService.set(key, code, 300); - smsService.sendCode(sysUser.getPhone(), String.valueOf(code)); + smsService.sendCode(sysUser.getPhone(), code); return true; } diff --git a/cash-service/account-service/src/main/java/com/czg/service/account/service/impl/ShopInfoServiceImpl.java b/cash-service/account-service/src/main/java/com/czg/service/account/service/impl/ShopInfoServiceImpl.java index 9804cb979..3e2d8fd71 100644 --- a/cash-service/account-service/src/main/java/com/czg/service/account/service/impl/ShopInfoServiceImpl.java +++ b/cash-service/account-service/src/main/java/com/czg/service/account/service/impl/ShopInfoServiceImpl.java @@ -26,6 +26,7 @@ import com.czg.service.account.mapper.ShopUserMapper; import com.czg.system.dto.SysParamsDTO; import com.czg.system.service.SysParamsService; import com.czg.utils.AssertUtil; +import com.czg.utils.CzgStrUtils; import com.czg.utils.GeoUtil; import com.czg.utils.PageUtil; import com.github.pagehelper.PageHelper; @@ -113,7 +114,7 @@ public class ShopInfoServiceImpl extends ServiceImpl i } @Override - public Page get(PageDTO pageDTO, String profiles, String phone, String shopName, Integer status, Integer isHeadShop) { + public Page get(PageDTO pageDTO, String profiles, String phone, String shopName, Integer status, Integer isHeadShop) { QueryWrapper queryWrapper = new QueryWrapper(); if (StrUtil.isNotBlank(profiles)) { queryWrapper.eq(ShopInfo::getProfiles, profiles); @@ -135,11 +136,13 @@ public class ShopInfoServiceImpl extends ServiceImpl i .eq(ShopInfo::getIsHeadShop, 1).ne(ShopInfo::getShopType, ShopTypeEnum.ONLY.getValue())); Map shopKv = shopAllList.stream().collect(Collectors.toMap(ShopInfo::getId, ShopInfo::getShopName)); queryWrapper.orderBy(ShopInfo::getCreateTime, false); - Page page = page(new Page<>(pageDTO.page(), pageDTO.size()), queryWrapper); + Page page = pageAs(new Page<>(pageDTO.page(), pageDTO.size()), queryWrapper, ShopDetailDTO.class); page.getRecords().forEach(shopInfo -> { ShopConfig shopConfig = shopConfigService.getById(shopInfo.getId()); BeanUtil.copyProperties(shopConfig, shopInfo); shopInfo.setHeadShopName(shopKv.get(shopInfo.getMainId())); + SysUser sysUser = sysUserService.getById(shopInfo.getId()); + shopInfo.setAccount(sysUser.getAccount()); }); return page; } @@ -190,7 +193,8 @@ public class ShopInfoServiceImpl extends ServiceImpl i if (count > 0) { throw new CzgException("账户已存在"); } - + //校验密码长度和强度 + CzgStrUtils.checkPwd(shopInfoAddDTO.getAccountPwd()); // 添加系统账号 shopInfoAddDTO.setRoleId(shopInfoAddDTO.getRoleId() == null ? 2L : shopInfoAddDTO.getRoleId()); SysUser sysUser = sysUserService.addUser(shopInfoAddDTO.getShopName(), shopInfoAddDTO.getAccountName(), shopInfoAddDTO.getAccountPwd(), shopInfoAddDTO.getPhone(), shopInfoAddDTO.getRoleId()); @@ -198,9 +202,10 @@ public class ShopInfoServiceImpl extends ServiceImpl i // 保存店铺信息 ShopInfo shopInfo = BeanUtil.copyProperties(shopInfoAddDTO, ShopInfo.class); shopInfo.setId(sysUser.getId()); - //设置激活码 shopInfo.setStatus(1); - shopInfo.setProfiles("release"); + if (StrUtil.isNotBlank(shopInfo.getProfiles())) { + shopInfo.setProfiles("release"); + } save(shopInfo); if (StrUtil.isNotBlank(shopInfoAddDTO.getActivateCode())) { activateShop(shopInfo, shopInfoAddDTO.getActivateCode()); @@ -391,7 +396,7 @@ public class ShopInfoServiceImpl extends ServiceImpl i } @Override - public Page getShopByMainId(PageDTO pageDTO, String shopName, Integer status) { + public Page getShopByMainId(PageDTO pageDTO, String shopName, Integer status) { Long loginId = (Long) StpKit.USER.getLoginId(); ShopInfo shopInfo = getById(loginId); QueryWrapper queryWrapper = new QueryWrapper(); @@ -408,7 +413,12 @@ public class ShopInfoServiceImpl extends ServiceImpl i } else { queryWrapper.eq(ShopInfo::getId, loginId); } - return page(new Page<>(pageDTO.page(), pageDTO.size()), queryWrapper); + Page page = pageAs(new Page<>(pageDTO.page(), pageDTO.size()), queryWrapper, ShopDetailDTO.class); + page.getRecords().forEach(dto -> { + SysUser sysUser = sysUserService.getById(shopInfo.getId()); + dto.setAccount(sysUser.getAccount()); + }); + return page; } @Override diff --git a/cash-service/account-service/src/main/java/com/czg/service/account/service/impl/SysUserServiceImpl.java b/cash-service/account-service/src/main/java/com/czg/service/account/service/impl/SysUserServiceImpl.java index c9155c0a5..3d7ddb312 100644 --- a/cash-service/account-service/src/main/java/com/czg/service/account/service/impl/SysUserServiceImpl.java +++ b/cash-service/account-service/src/main/java/com/czg/service/account/service/impl/SysUserServiceImpl.java @@ -14,12 +14,14 @@ import com.czg.account.entity.SysUser; import com.czg.account.entity.SysUsersRoles; import com.czg.account.service.SysUserService; import com.czg.account.vo.SysUserDetailVO; +import com.czg.config.RedisCst; import com.czg.exception.CzgException; import com.czg.sa.StpKit; import com.czg.service.RedisService; import com.czg.service.account.mapper.SysRoleMapper; import com.czg.service.account.mapper.SysUserMapper; import com.czg.service.account.mapper.SysUsersRolesMapper; +import com.czg.utils.CzgStrUtils; import com.czg.utils.PageUtil; import com.github.pagehelper.PageHelper; import com.github.pagehelper.PageInfo; @@ -34,8 +36,6 @@ import java.io.IOException; import java.net.URLEncoder; import java.util.List; -import static com.mybatisflex.core.query.QueryMethods.column; - /** * 系统用户 服务层实现。 * @@ -210,16 +210,22 @@ public class SysUserServiceImpl extends ServiceImpl impl throw new CzgException("修改失败"); } } - - if (StrUtil.isNotBlank(sysUserEditPwdDTO.getOriginalPassword()) && + if (StrUtil.isNotBlank(sysUserEditPwdDTO.getCode())) { + Object value = redisService.get(RedisCst.SMS_CODE + sysUser.getPhone() + ":shopPwd"); + if (!sysUserEditPwdDTO.getCode().equals(value)) { + throw new CzgException("验证码不正确"); + } + } else if (StrUtil.isNotBlank(sysUserEditPwdDTO.getOriginalPassword()) && !sysUser.getPassword().equals(SecureUtil.md5(sysUser.getId() + sysUserEditPwdDTO.getOriginalPassword()))) { throw new CzgException("原密码不正确"); + } else { + throw new CzgException("修改失败"); } if (!sysUserEditPwdDTO.getPassword().equals(sysUserEditPwdDTO.getCheckPassword())) { - throw new CzgException("两次密码不一致"); + throw new CzgException("新密码与确认密码不一致"); } - + CzgStrUtils.checkPwd(sysUserEditPwdDTO.getPassword()); sysUser.setPassword(SecureUtil.md5(sysUser.getId() + sysUserEditPwdDTO.getPassword())); boolean isUp = updateById(sysUser); if (isUp) { diff --git a/cash-service/account-service/src/main/java/com/czg/service/account/service/impl/UserInfoServiceImpl.java b/cash-service/account-service/src/main/java/com/czg/service/account/service/impl/UserInfoServiceImpl.java index 70fc3679e..8fc9c71f0 100644 --- a/cash-service/account-service/src/main/java/com/czg/service/account/service/impl/UserInfoServiceImpl.java +++ b/cash-service/account-service/src/main/java/com/czg/service/account/service/impl/UserInfoServiceImpl.java @@ -1,7 +1,6 @@ package com.czg.service.account.service.impl; import cn.hutool.core.bean.BeanUtil; -import cn.hutool.core.util.RandomUtil; import cn.hutool.core.util.StrUtil; import cn.hutool.crypto.SecureUtil; import com.czg.account.dto.user.userinfo.UserInfoAssetsSummaryDTO; @@ -19,6 +18,7 @@ import com.czg.service.account.mapper.ShopUserMapper; import com.czg.service.account.mapper.UserInfoMapper; import com.czg.service.account.util.AcAccountUtil; import com.czg.system.service.SmsService; +import com.czg.utils.CzgRandomUtils; import com.mybatisflex.core.query.QueryWrapper; import com.mybatisflex.spring.service.impl.ServiceImpl; import jakarta.annotation.Resource; @@ -81,9 +81,9 @@ public class UserInfoServiceImpl extends ServiceImpl i if (StrUtil.isBlank(userInfo.getPhone())) { throw new CzgException("账号未绑定手机号"); } - int code = RandomUtil.randomInt(100000, 1000000); - redisService.set("%s%s:%s".formatted(RedisCst.SMS_CODE, userInfo.getPhone(), type), String.valueOf(code), 300); - smsService.sendCode(userInfo.getPhone(), String.valueOf(code)); + String code = CzgRandomUtils.randomNumber(6, false); + redisService.set("%s%s:%s".formatted(RedisCst.SMS_CODE, userInfo.getPhone(), type), code, 300); + smsService.sendCode(userInfo.getPhone(), code); return true; }