lywsvip/hsweb-framework
1
0
Fork 0
mirror of https://github.com/hs-web/hsweb-framework.git synced 2026-05-17 03:42:26 +08:00
Code Issues Packages Projects Releases Wiki Activity

增加验证器PasswordValidator

Browse Source
This commit is contained in:
zhou-hao
2020-08-25 11:38:28 +08:00
parent 1254ba2379
commit a94aeba0c1
3 changed files with 29 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
hsweb-system/hsweb-system-authorization/hsweb-system-authorization-api/src/main/java/org/hswebframework/web/system/authorization/api/PasswordValidator.java Normal file
View File

@@ -0,0 +1,7 @@
package org.hswebframework.web.system.authorization.api;
public interface PasswordValidator {
void validate(String password);
}

7
hsweb-system/hsweb-system-authorization/hsweb-system-authorization-api/src/main/java/org/hswebframework/web/system/authorization/api/UsernameValidator.java Normal file
View File

@@ -0,0 +1,7 @@
package org.hswebframework.web.system.authorization.api;
public interface UsernameValidator {
void validate(String password);
}

15
hsweb-system/hsweb-system-authorization/hsweb-system-authorization-default/src/main/java/org/hswebframework/web/system/authorization/defaults/service/DefaultReactiveUserService.java
View File

@@ -9,6 +9,8 @@ import org.hswebframework.web.crud.service.GenericReactiveCrudService;
import org.hswebframework.web.exception.NotFoundException;
import org.hswebframework.web.id.IDGenerator;
import org.hswebframework.web.system.authorization.api.PasswordEncoder;
import org.hswebframework.web.system.authorization.api.PasswordValidator;
import org.hswebframework.web.system.authorization.api.UsernameValidator;
import org.hswebframework.web.system.authorization.api.entity.UserEntity;
import org.hswebframework.web.system.authorization.api.event.UserCreatedEvent;
import org.hswebframework.web.system.authorization.api.event.UserDeletedEvent;
@@ -34,6 +36,15 @@ public class DefaultReactiveUserService extends GenericReactiveCrudService<UserE
@Autowired(required = false)
private PasswordEncoder passwordEncoder = (password, salt) -> DigestUtils.md5Hex(String.format("hsweb.%s.framework.%s", password, salt));
@Autowired(required = false)
private PasswordValidator passwordValidator = (password) -> {
};
@Autowired(required = false)
private UsernameValidator usernameValidator = (username) -> {
};
@Autowired
private ApplicationEventPublisher eventPublisher;
@@ -60,6 +71,8 @@ public class DefaultReactiveUserService extends GenericReactiveCrudService<UserE
return Mono.defer(() -> {
userEntity.setSalt(IDGenerator.RANDOM.generate());
usernameValidator.validate(userEntity.getUsername());
passwordValidator.validate(userEntity.getPassword());
userEntity.setPassword(passwordEncoder.encode(userEntity.getPassword(), userEntity.getSalt()));
return Mono.just(userEntity)
.doOnNext(e -> e.tryValidate(CreateGroup.class))
@@ -80,6 +93,7 @@ public class DefaultReactiveUserService extends GenericReactiveCrudService<UserE
boolean passwordChanged = StringUtils.hasText(userEntity.getPassword());
if (passwordChanged) {
userEntity.setSalt(IDGenerator.RANDOM.generate());
passwordValidator.validate(userEntity.getPassword());
userEntity.setPassword(passwordEncoder.encode(userEntity.getPassword(), userEntity.getSalt()));
}
return getRepository()
@@ -138,6 +152,7 @@ public class DefaultReactiveUserService extends GenericReactiveCrudService<UserE
@Override
@Transactional(rollbackFor = Exception.class, transactionManager = TransactionManagers.r2dbcTransactionManager)
public Mono<Boolean> changePassword(String userId, String oldPassword, String newPassword) {
passwordValidator.validate(newPassword);
return findById(userId)
.switchIfEmpty(Mono.error(NotFoundException::new))
.filter(user -> passwordEncoder.encode(oldPassword, user.getSalt()).equals(user.getPassword()))