...
|
...
|
@@ -81,4 +81,37 @@ public class AdminAccountController { |
|
|
tokenManager.deleteToken(USPIH_TOKEN_PREFIX + admin.getId());
|
|
|
return new ResponseEntity<>(ResultModel.ok(), HttpStatus.OK);
|
|
|
}
|
|
|
|
|
|
|
|
|
@AntiXSS
|
|
|
@RequestMapping(method = RequestMethod.PUT)
|
|
|
@ApiOperation(value = "USPIH Login and modify password")
|
|
|
public ResponseEntity<ResultModel> loginModPwd(@RequestParam String account, @RequestParam String password, @RequestParam String newpwd) {
|
|
|
Assert.notNull(account, "account can not be empty");
|
|
|
Assert.notNull(password, "password can not be empty");
|
|
|
|
|
|
XklAdminEntity admin = adminRepository.findByAccountAndStatus(account, Constants.STATUS_OK);
|
|
|
//未注册
|
|
|
if (admin == null) {
|
|
|
//提示用户名或密码错误
|
|
|
return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.OK);
|
|
|
}
|
|
|
String salt = admin.getSalt();
|
|
|
String pass_in_db = admin.getPwd();
|
|
|
String calcuPass = SecurityTool.getPassword(account, password, salt);
|
|
|
if (!calcuPass.equals(pass_in_db) ||//密码错误
|
|
|
admin.getStatus() != 1) {//用户无效
|
|
|
//提示用户名或密码错误
|
|
|
return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.OK);
|
|
|
}
|
|
|
salt = SecurityTool.genSalt();
|
|
|
String pass2Db = SecurityTool.getPassword(admin.getAccount(), newpwd, salt);
|
|
|
admin.setPwd(pass2Db);
|
|
|
admin.setSalt(salt);
|
|
|
adminRepository.save(admin);
|
|
|
//生成一个token,保存用户登录状态
|
|
|
TokenModel model = tokenManager.createToken(USPIH_TOKEN_PREFIX + admin.getId());
|
|
|
return new ResponseEntity<>(ResultModel.ok(model), HttpStatus.OK);
|
|
|
}
|
|
|
|
|
|
} |
...
|
...
|
|