调整密码过期校验使用登陆时检测

xiangpei

2024-07-11 a2358870aca60abe779ea57c6f0c9133339fdc26

调整密码过期校验使用登陆时检测

 src/main/java/com/ycl/jxkg/config/spring/security/RestAuthenticationSuccessHandler.java

@@ -1,12 +1,16 @@
package com.ycl.jxkg.config.spring.security;

import com.baomidou.mybatisplus.extension.conditions.query.LambdaQueryChainWrapper;
import com.ycl.jxkg.base.SystemCode;
import com.ycl.jxkg.constants.CaffeineConstant;
import com.ycl.jxkg.domain.entity.SysConfig;
import com.ycl.jxkg.domain.entity.UserEventLog;
import com.ycl.jxkg.enums.general.YesOrNoEnum;
import com.ycl.jxkg.event.UserEvent;
import com.ycl.jxkg.mapper.SysConfigMapper;
import com.ycl.jxkg.service.UserService;
import com.ycl.jxkg.utils.CaffeineUtil;
import com.ycl.jxkg.utils.DateTimeUtil;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationEventPublisher;
@@ -14,6 +18,7 @@
import org.springframework.security.core.userdetails.User;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
import org.springframework.stereotype.Component;
import org.springframework.util.CollectionUtils;
import org.springframework.util.StringUtils;

import javax.servlet.ServletException;
@@ -21,6 +26,7 @@
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Date;
import java.util.List;


/**
@@ -35,6 +41,7 @@
    private final ApplicationEventPublisher eventPublisher;
    private final UserService userService;
    private final CaffeineUtil caffeineUtil;
    private final SysConfigMapper sysConfigMapper;

    /**
     * Instantiates a new Rest authentication success handler.
@@ -43,10 +50,11 @@
     * @param userService    the user service
     */
    @Autowired
    public RestAuthenticationSuccessHandler(ApplicationEventPublisher eventPublisher, UserService userService, CaffeineUtil caffeineUtil) {
    public RestAuthenticationSuccessHandler(ApplicationEventPublisher eventPublisher, UserService userService, CaffeineUtil caffeineUtil, SysConfigMapper sysConfigMapper) {
        this.eventPublisher = eventPublisher;
        this.userService = userService;
        this.caffeineUtil = caffeineUtil;
        this.sysConfigMapper = sysConfigMapper;
    }

    @Override
@@ -59,11 +67,19 @@
            caffeineUtil.put(CaffeineConstant.AUTH, springUser.getUsername(), sessionId);
            com.ycl.jxkg.domain.entity.User user = userService.getUserByUserName(springUser.getUsername());
            if (null != user) {
                List<SysConfig> configList = new LambdaQueryChainWrapper<>(sysConfigMapper)
                        .list();
                Integer passwordExpireDays = 30;
                if (configList.size() == 1) {
                    passwordExpireDays = configList.get(0).getPasswordExpireTime();
                }
                Date now = new Date();
                // 密码过期返回强制修改密码标识
                if (YesOrNoEnum.YES.equals(user.getNeedUpdatePassword())) {
                if (DateTimeUtil.getTwoTimeDiffDay(now, user.getLastUpdatePasswordTime()) > passwordExpireDays) {
                    RestUtil.response(response, 205, "密码过期，请修改密码", user.getId());
                    return;
                }

                UserEventLog userEventLog = new UserEventLog(user.getId(), user.getUserName(), user.getRealName(), new Date());
                userEventLog.setContent(user.getUserName() + " 登录了江西语音视频培训系统");
                eventPublisher.publishEvent(new UserEvent(userEventLog));

 src/main/java/com/ycl/jxkg/domain/entity/User.java

@@ -86,12 +86,6 @@
    @TableField("wx_open_id")
    private String wxOpenId;

    @TableField("need_update_password")
    /**
     * 是否需要修改密码
     */
    private YesOrNoEnum needUpdatePassword;

    @TableField("last_update_password_time")
    /**
     * 上一次修改密码的时间

 src/main/java/com/ycl/jxkg/job/PasswordExpireJob.java

File was deleted

 src/main/java/com/ycl/jxkg/service/impl/UserServiceImpl.java

@@ -89,6 +89,7 @@

    @Override
    public void insertUser(User user) {
        user.setLastUpdatePasswordTime(new Date());
        userMapper.insert(user);
        eventPublisher.publishEvent(new OnRegistrationCompleteEvent(user));
    }
@@ -96,6 +97,9 @@
    @Override
    @Transactional(rollbackFor = BusinessException.class)
    public void insertUsers(List<User> users) {
        users.stream().forEach(item -> {
            item.setLastUpdatePasswordTime(new Date());
        });
        userMapper.insertUsers(users);
        throw new BusinessException("test BusinessException roll back");
    }
@@ -189,7 +193,6 @@
        new LambdaUpdateChainWrapper<>(baseMapper)
                .eq(User::getId, form.getUserId())
                .set(User::getPassword, authenticationService.pwdEncode(form.getNewPassword()))
                .set(User::getNeedUpdatePassword, YesOrNoEnum.NO)
                .set(User::getLastUpdatePasswordTime, new Date())
                .update();
    }

 src/main/java/com/ycl/jxkg/utils/DateTimeUtil.java

@@ -164,4 +164,15 @@
    public static Long getTwoTimeDiffMS(Date bigDate, Date smallDate) {
        return bigDate.getTime() - smallDate.getTime();
    }

    /**
     * 计算两个时间之间的天数
     *
     * @param bigDate 大日期
     * @param smallDate 小日期
     * @return
     */
    public static Long getTwoTimeDiffDay(Date bigDate, Date smallDate) {
        return DateTimeUtil.getTwoTimeDiffMS(bigDate, smallDate) / (24 * 60 * 60 * 1000);
    }
}

 src/main/resources/mapper/UserMapper.xml

@@ -20,14 +20,13 @@
        <result column="last_active_time" jdbcType="TIMESTAMP" property="lastActiveTime"/>
        <result column="deleted" jdbcType="BIT" property="deleted"/>
        <result column="wx_open_id" jdbcType="VARCHAR" property="wxOpenId"/>
        <result column="need_update_password" property="needUpdatePassword" typeHandler="com.baomidou.mybatisplus.core.handlers.MybatisEnumTypeHandler"/>
        <result column="last_update_password_time" property="lastUpdatePasswordTime"/>
    </resultMap>
    <sql id="Base_Column_List">
        id
        , user_uuid, user_name, password, real_name, age, sex, birth_day, user_level, phone,
    role, status, image_path, create_time, modify_time, last_active_time, deleted, wx_open_id,
    need_update_password, last_update_password_time
    last_update_password_time
    </sql>


@@ -114,19 +113,19 @@
    <insert id="insertUser" parameterType="com.ycl.jxkg.domain.entity.User"
            useGeneratedKeys="true" keyProperty="id">
        insert into t_user
            (user_uuid, user_name, password, real_name, age, last_active_time)
        values (#{userUuid,jdbcType=VARCHAR}, #{userName}, #{password}, #{realName}, #{age}, #{lastActiveTime})
            (user_uuid, user_name, password, real_name, age, last_active_time, last_update_password_time)
        values (#{userUuid,jdbcType=VARCHAR}, #{userName}, #{password}, #{realName}, #{age}, #{lastActiveTime}, #{lastUpdatePasswordTime})
    </insert>

    <insert id="insertUsers" parameterType="java.util.List"
            useGeneratedKeys="true" keyProperty="id">
        insert into t_user
        (user_uuid,user_name,password,real_name,age,last_active_time)
        (user_uuid,user_name,password,real_name,age,last_active_time, last_update_password_time)
        values
        <foreach collection="list" item="item" index="index"
                 separator=",">
            (#{item.userUuid},#{item.userName},#{item.password},#{item.realName},#{item.age},
            #{item.lastActiveTime})
            #{item.lastActiveTime}, #{item.lastUpdatePasswordTime})
        </foreach>
    </insert>

@@ -208,15 +207,5 @@
        ORDER BY tcu.create_time
    </select>

    <update id="updatePasswordExpire">
        UPDATE
            t_user
        SET
            need_update_password = 1,last_update_password_time = #{now}
        WHERE
            last_update_password_time IS NOT NULL
          AND
            DATEDIFF(#{now}, last_update_password_time) > #{expireDay}
    </update>

</mapper>