支持接口鉴权，支持修改密码，

2021-04-14 16:33:10 +08:00
parent 123ce171d2
commit cb5849d8a1
20 changed files with 752 additions and 16 deletions
--- a/src/main/java/com/genersoft/iot/vmp/vmanager/user/UserController.java
+++ b/src/main/java/com/genersoft/iot/vmp/vmanager/user/UserController.java
@@ -1,5 +1,7 @@
 package com.genersoft.iot.vmp.vmanager.user;

+import com.genersoft.iot.vmp.conf.security.SecurityUtils;
+import com.genersoft.iot.vmp.conf.security.dto.LoginUser;
 import com.genersoft.iot.vmp.service.IUserService;
 import com.genersoft.iot.vmp.storager.dao.dto.User;
 import io.swagger.annotations.Api;
@@ -8,11 +10,12 @@ import io.swagger.annotations.ApiImplicitParams;
 import io.swagger.annotations.ApiOperation;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.util.DigestUtils;
 import org.springframework.util.StringUtils;
-import org.springframework.web.bind.annotation.CrossOrigin;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
+
+import javax.security.sasl.AuthenticationException;

@Api(tags = "用户管理")
@CrossOrigin
@@ -21,21 +24,46 @@ import org.springframework.web.bind.annotation.RestController;
 public class UserController {

    @Autowired
-    private IUserService userService;
+    AuthenticationManager authenticationManager;

+    @Autowired
+    IUserService userService;

    @ApiOperation("登录")
    @ApiImplicitParams({
            @ApiImplicitParam(name = "username", value = "用户名", dataTypeClass = String.class),
-            @ApiImplicitParam(name = "password", value = "密码（32未md5加密）", dataTypeClass = String.class),
+            @ApiImplicitParam(name = "password", value = "密码（32位md5加密）", dataTypeClass = String.class),
    })
    @GetMapping("/login")
    public String login(String username, String password){
-        User user = userService.getUser(username, password);
+        LoginUser user = null;
+        try {
+            user = SecurityUtils.login(username, password, authenticationManager);
+        } catch (AuthenticationException e) {
+            e.printStackTrace();
+            return "fail";
+        }
        if (user != null) {
            return "success";
        }else {
            return "fail";
        }
    }
+
+    @ApiOperation("修改密码")
+    @ApiImplicitParams({
+            @ApiImplicitParam(name = "username", value = "用户名", dataTypeClass = String.class),
+            @ApiImplicitParam(name = "password", value = "密码（未md5加密的密码）", dataTypeClass = String.class),
+    })
+    @PostMapping("/changePassword")
+    public String changePassword(String password){
+        // 获取当前登录用户id
+        int userId = SecurityUtils.getUserId();
+        boolean result = userService.changePassword(userId, DigestUtils.md5DigestAsHex(password.getBytes()));
+        if (result) {
+            return "success";
+        }else {
+            return "fail";
+        }
+    }
 }