完成登出和修改密码功能

src/main/java/com/qkdata/biz/base/constants/ResultEnum.java

@@ -10,7 +10,7 @@ public enum ResultEnum implements BaseResponseEnum {
     CAPTCHA_ERROR("14004", "验证码错误"),
     MOBILE_ERROR("14005", "手机号不存在"),
     SMS_ERROR("14007", "短信发送失败"),
-    ACCOUNT_NOT_EXIST("14008","帐号不存在"),
+    ACCOUNT_OR_PWD_ERROR("14008","帐号或密码错误"),
     PWD_ERROR("14009","密码错误");
 
 

src/main/java/com/qkdata/biz/sys/controller/SysUserController.java

@@ -2,22 +2,27 @@ package com.qkdata.biz.sys.controller;
 
 import com.google.common.collect.Lists;
 import com.qkdata.biz.sys.entity.SysUserPO;
+import com.qkdata.biz.sys.model.PasswordModel;
 import com.qkdata.biz.sys.model.SysUserDTO;
+import com.qkdata.biz.sys.service.SysUserService;
 import com.qkdata.common.util.UserContext;
 import io.swagger.annotations.Api;
 import org.apache.shiro.SecurityUtils;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
+import org.apache.shiro.crypto.hash.Sha256Hash;
 import org.springframework.beans.BeanUtils;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.*;
 
+import javax.validation.Valid;
 import java.util.List;
 
 @Api
 @RestController
 @RequestMapping("/api/sys/user")
 public class SysUserController {
+    @Autowired
+    private SysUserService sysUserService;
 
     @GetMapping("/list")
 //    @RequiresPermissions("sys:user:list")
@@ -33,4 +38,14 @@ public class SysUserController {
         BeanUtils.copyProperties(userPO,dto);
         return dto;
     }
+
+    /**
+     * 修改登录用户密码
+     */
+    @PostMapping("/password")
+    public void password(@RequestBody @Valid PasswordModel form){
+        //更新密码
+        sysUserService.updatePassword(UserContext.getUser(), form.getPassword(), form.getNewPassword());
+
+    }
 }

src/main/java/com/qkdata/biz/sys/model/PasswordModel.java

+package com.qkdata.biz.sys.model;
+
+import lombok.Data;
+
+import javax.validation.constraints.NotBlank;
+
+@Data
+public class PasswordModel {
+    @NotBlank(message = "原密码不能为空")
+    private String password;
+    @NotBlank(message = "新密码不能为空")
+    private String newPassword;
+}
+

src/main/java/com/qkdata/biz/sys/service/ShiroService.java

@@ -70,7 +70,7 @@ public class ShiroService {
     public LoginUserInfo login(String username, String password) throws JsonProcessingException {
         SysUserPO userPO = getUserByUserName(username);
         if(userPO == null || !userPO.getPassword().equals(new Sha256Hash(password, userPO.getSalt()).toHex())) {
-            throw new BusinessException(ResultEnum.ACCOUNT_NOT_EXIST);
+            throw new BusinessException(ResultEnum.ACCOUNT_OR_PWD_ERROR);
         }
         if (userPO.getStatus() == AccountStatusEnum.DISABLE){
             throw new BusinessException(ResultEnum.ACCOUNT_OFF);

src/main/java/com/qkdata/biz/sys/service/SysUserService.java

+package com.qkdata.biz.sys.service;
+
+import com.qkdata.biz.base.constants.ResultEnum;
+import com.qkdata.biz.sys.entity.SysUserPO;
+import com.qkdata.biz.sys.repository.SysUserMapper;
+import com.qkdata.common.base.exception.BusinessException;
+import com.qkdata.common.base.service.impl.BaseServiceImpl;
+import com.qkdata.common.util.UserContext;
+import org.apache.shiro.crypto.hash.Sha256Hash;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.cache.annotation.CacheEvict;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+import tk.mybatis.mapper.common.Mapper;
+
+@Service
+@Transactional(readOnly = true)
+public class SysUserService extends BaseServiceImpl<SysUserPO,Long> {
+    @Autowired
+    private SysUserMapper sysUserMapper;
+
+    @Override
+    protected Mapper<SysUserPO> getMapper() {
+        return sysUserMapper;
+    }
+
+    @CacheEvict(cacheNames = "user_username",key = "#user.username")
+    @Transactional(readOnly = false)
+    public void updatePassword(SysUserPO user, String password, String newPassword) {
+        //sha256加密
+        String pwd = new Sha256Hash(password, UserContext.getUser().getSalt()).toHex();
+        if (!user.getPassword().equals(pwd)){
+            throw new BusinessException(ResultEnum.PWD_ERROR);
+        }
+        //sha256加密
+        String newPwd = new Sha256Hash(newPassword, UserContext.getUser().getSalt()).toHex();
+        user.setPassword(newPwd);
+        updateById(user);
+    }
+}

src/main/java/com/qkdata/biz/wsMessage/config/WebSocketConfig.java

@@ -2,10 +2,10 @@ package com.qkdata.biz.wsMessage.config;
 
 import com.auth0.jwt.interfaces.DecodedJWT;
 import com.fasterxml.jackson.databind.ObjectMapper;
-import com.qkdata.common.oauth.AuthorizationException;
 import com.qkdata.common.oauth.AuthorizationResponseEnum;
 import com.qkdata.common.jwt.JWTService;
 import com.qkdata.common.oauth.AuthorizedUser;
+import org.apache.shiro.authc.AuthenticationException;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Lazy;
@@ -123,7 +123,7 @@ public class WebSocketConfig implements WebSocketMessageBrokerConfigurer {
             AuthorizedUser authorizedUser = objectMapper.readValue(userJson, AuthorizedUser.class);
             return new MyPrincipal(authorizedUser.getUsername());
         } catch (IOException e) {
-            throw new AuthorizationException(AuthorizationResponseEnum.INVALID_CLAIM);
+            throw new AuthenticationException(AuthorizationResponseEnum.INVALID_CLAIM.text());
         }
     }