Add admin user info

zhaoyue
Commit e463447a2f71f6c9c73afe16e308c7504d3fa953 2 parents d017ecb0 c507d600
Showing 2 changed files with 33 additions and 6 deletions
push.sh
src/main/java/com/xkl/controller/uspih/AdminAccountController.java
--- a/push.sh deleted 100644 → 0
View file @d017ecb
+++ b/push.sh deleted 100644 → 0
View file @d017ecb
-git add --all src/*
-git add push.sh
-git add pom.xml
-git commit -m "Add admin info inter"
-git push origin zhaoyue-dev
-git status
--- a/src/main/java/com/xkl/controller/uspih/AdminAccountController.java
View file @e463447
+++ b/src/main/java/com/xkl/controller/uspih/AdminAccountController.java
View file @e463447
@@ -81,4 +81,37 @@ public class AdminAccountController {
         tokenManager.deleteToken(USPIH_TOKEN_PREFIX + admin.getId());
         return new ResponseEntity<>(ResultModel.ok(), HttpStatus.OK);
     }
+
+
+    @AntiXSS
+    @RequestMapping(method = RequestMethod.PUT)
+    @ApiOperation(value = "USPIH Login and modify password")
+    public ResponseEntity<ResultModel> loginModPwd(@RequestParam String account, @RequestParam String password, @RequestParam String newpwd) {
+        Assert.notNull(account, "account can not be empty");
+        Assert.notNull(password, "password can not be empty");
+
+        XklAdminEntity admin = adminRepository.findByAccountAndStatus(account, Constants.STATUS_OK);
+        //未注册
+        if (admin == null) {
+            //提示用户名或密码错误
+            return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.OK);
+        }
+        String salt = admin.getSalt();
+        String pass_in_db = admin.getPwd();
+        String calcuPass = SecurityTool.getPassword(account, password, salt);
+        if (!calcuPass.equals(pass_in_db) ||//密码错误
+                admin.getStatus() != 1) {//用户无效
+            //提示用户名或密码错误
+            return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.OK);
+        }
+        salt = SecurityTool.genSalt();
+        String pass2Db = SecurityTool.getPassword(admin.getAccount(), newpwd, salt);
+        admin.setPwd(pass2Db);
+        admin.setSalt(salt);
+        adminRepository.save(admin);
+        //生成一个token，保存用户登录状态
+        TokenModel model = tokenManager.createToken(USPIH_TOKEN_PREFIX + admin.getId());
+        return new ResponseEntity<>(ResultModel.ok(model), HttpStatus.OK);
+    }
+
 }