|
|
@@ -184,6 +184,7 @@ public class UserService {
|
|
|
user.setShareRatio(sysConfigService.getBigDecimal("share_ratio"));
|
|
|
user.setAuthStatus(AuthStatus.NOT_AUTH);
|
|
|
if (StringUtils.isNotBlank(userRegister.getPassword())) {
|
|
|
+ checkPasswordStrength(userRegister.getPassword());
|
|
|
user.setPassword(passwordEncoder.encode(userRegister.getPassword()));
|
|
|
}
|
|
|
return save(user);
|
|
|
@@ -249,16 +250,6 @@ public class UserService {
|
|
|
return redisTemplate.opsForValue().get("register::" + phone);
|
|
|
}
|
|
|
|
|
|
- public User testPhoneRegister(String phone) {
|
|
|
- return create(UserRegister.builder()
|
|
|
- .avatar(Constants.DEFAULT_AVATAR)
|
|
|
- .username(RandomStringUtils.randomAlphabetic(32))
|
|
|
- .nickname(RandomStringUtils.randomAlphabetic(32))
|
|
|
- .phone(RandomStringUtils.randomNumeric(16))
|
|
|
- .password("123456")
|
|
|
- .build());
|
|
|
- }
|
|
|
-
|
|
|
public void del(Long id) {
|
|
|
User user = userRepo.findById(id).orElseThrow(new BusinessException("用户不存在"));
|
|
|
user.setDel(true);
|
|
|
@@ -427,6 +418,7 @@ public class UserService {
|
|
|
}
|
|
|
|
|
|
public String setPassword(Long userId, String password) {
|
|
|
+ checkPasswordStrength(password);
|
|
|
User user = userRepo.findById(userId).orElseThrow(new BusinessException("用户不存在"));
|
|
|
user.setPassword(passwordEncoder.encode(password));
|
|
|
user = save(user);
|
|
|
@@ -434,17 +426,49 @@ public class UserService {
|
|
|
}
|
|
|
|
|
|
public String setPassword(Long userId, String code, String password) {
|
|
|
+ checkPasswordStrength(password);
|
|
|
User user = userRepo.findById(userId).orElseThrow(new BusinessException("用户不存在"));
|
|
|
smsService.verify(user.getPhone(), code);
|
|
|
return setPassword(userId, password);
|
|
|
}
|
|
|
|
|
|
public String forgotPassword(String phone, String password, String code) {
|
|
|
+ checkPasswordStrength(password);
|
|
|
User user = userRepo.findByPhoneAndDelFalse(phone).orElseThrow(new BusinessException("手机号未注册"));
|
|
|
smsService.verify(user.getPhone(), code);
|
|
|
return setPassword(user.getId(), password);
|
|
|
}
|
|
|
|
|
|
+ public static void checkPasswordStrength(String password) {
|
|
|
+ if (StringUtils.isBlank(password)) throw new BusinessException("密码不能为空");
|
|
|
+ if (!Pattern.matches("^[a-zA-Z0-9!@#$%^&*]+$", password)) throw new BusinessException("密码含非法字符");
|
|
|
+ int upper = 0;
|
|
|
+ int lower = 0;
|
|
|
+ int digit = 0;
|
|
|
+ int special = 0;
|
|
|
+ char ch;
|
|
|
+
|
|
|
+ for (int i = 0; i < password.length(); i++) {
|
|
|
+ ch = password.charAt(i);
|
|
|
+ if (Character.isUpperCase(ch))
|
|
|
+ upper++;
|
|
|
+ else if (Character.isLowerCase(ch))
|
|
|
+ lower++;
|
|
|
+ else if (Character.isDigit(ch))
|
|
|
+ digit++;
|
|
|
+ else {
|
|
|
+ if (ch == '<' || ch == '>') {
|
|
|
+ throw new BusinessException("密码包含非法字符");
|
|
|
+ } else
|
|
|
+ special++;
|
|
|
+ }
|
|
|
+ }
|
|
|
+ if (upper > 0 && lower > 0 && digit > 0 && password.length() >= 8) {
|
|
|
+ return;
|
|
|
+ }
|
|
|
+ throw new BusinessException("密码长度至少为8位,且必须包含大小写字母和数字");
|
|
|
+ }
|
|
|
+
|
|
|
public void bindPhone(Long userId, String phone) {
|
|
|
User user = userRepo.findByIdAndDelFalse(userId).orElseThrow(new BusinessException("用户不存在"));
|
|
|
if (StringUtils.isNoneEmpty(user.getPhone())) {
|
