diff --git a/backend/framework/sdk/src/main/java/io/metersphere/sdk/controller/LoginController.java b/backend/framework/sdk/src/main/java/io/metersphere/sdk/controller/LoginController.java index 8130eb154d..5a2bf7f0c4 100644 --- a/backend/framework/sdk/src/main/java/io/metersphere/sdk/controller/LoginController.java +++ b/backend/framework/sdk/src/main/java/io/metersphere/sdk/controller/LoginController.java @@ -24,6 +24,7 @@ import org.apache.commons.lang3.StringUtils; import org.apache.shiro.SecurityUtils; import org.springframework.context.i18n.LocaleContextHolder; import org.springframework.http.HttpStatus; +import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; @RestController @@ -61,7 +62,7 @@ public class LoginController { @PostMapping(value = "/login") @Operation(summary = "登录") - public ResultHolder login(@RequestBody LoginRequest request) { + public ResultHolder login(@Validated @RequestBody LoginRequest request) { SessionUser sessionUser = SessionUtils.getUser(); if (sessionUser != null) { if (!StringUtils.equals(sessionUser.getId(), request.getUsername())) { diff --git a/backend/framework/sdk/src/main/java/io/metersphere/sdk/dto/LoginRequest.java b/backend/framework/sdk/src/main/java/io/metersphere/sdk/dto/LoginRequest.java index 89e3490dc8..155b2f3809 100644 --- a/backend/framework/sdk/src/main/java/io/metersphere/sdk/dto/LoginRequest.java +++ b/backend/framework/sdk/src/main/java/io/metersphere/sdk/dto/LoginRequest.java @@ -3,6 +3,7 @@ package io.metersphere.sdk.dto; import io.metersphere.sdk.util.RsaKey; import io.metersphere.sdk.util.RsaUtil; import jakarta.validation.constraints.NotBlank; +import jakarta.validation.constraints.Size; import lombok.Getter; import lombok.Setter; @@ -10,8 +11,10 @@ import lombok.Setter; @Setter public class LoginRequest { @NotBlank(message = "{user_name_is_null}") + @Size(max = 64, message = "{user_name_length_too_long}") private String username; @NotBlank(message = "{password_is_null}") + @Size(max = 256, message = "{password_length_too_long}") private String password; private String authenticate; diff --git a/backend/framework/sdk/src/main/java/io/metersphere/sdk/util/FilterChainUtils.java b/backend/framework/sdk/src/main/java/io/metersphere/sdk/util/FilterChainUtils.java index d40bb5a7ed..9f0e6f2ad0 100644 --- a/backend/framework/sdk/src/main/java/io/metersphere/sdk/util/FilterChainUtils.java +++ b/backend/framework/sdk/src/main/java/io/metersphere/sdk/util/FilterChainUtils.java @@ -28,7 +28,6 @@ public class FilterChainUtils { filterChainDefinitionMap.put("/sso/callback/**", "anon"); filterChainDefinitionMap.put("/license/validate", "anon"); filterChainDefinitionMap.put("/system/version/current", "anon"); - filterChainDefinitionMap.put("/system/parameter/get/base-info", "anon"); // for swagger filterChainDefinitionMap.put("/swagger-ui.html", "anon"); diff --git a/backend/framework/sdk/src/main/resources/i18n/commons_en_US.properties b/backend/framework/sdk/src/main/resources/i18n/commons_en_US.properties index 42d84c033b..b8200d868d 100644 --- a/backend/framework/sdk/src/main/resources/i18n/commons_en_US.properties +++ b/backend/framework/sdk/src/main/resources/i18n/commons_en_US.properties @@ -18,8 +18,10 @@ upload_file_fail_get_file_path_fail=Failed to upload the file, failed to get the user_email_already_exists=User email already exists user_id_is_null=User ID cannot be null user_name_is_null=User name cannot be null +user_name_length_too_long=User name length cannot exceed 64 characters user_email_is_null=User email cannot be null password_is_null=Password cannot be null +password_length_too_long=Password length cannot exceed 256 characters user_id_already_exists=User ID already exists password_modification_failed=The old password is wrong. Please re-enter it cannot_delete_current_user=Cannot delete the user currently logged in diff --git a/backend/framework/sdk/src/main/resources/i18n/commons_zh_CN.properties b/backend/framework/sdk/src/main/resources/i18n/commons_zh_CN.properties index b5920f3158..8e69ee8ecf 100644 --- a/backend/framework/sdk/src/main/resources/i18n/commons_zh_CN.properties +++ b/backend/framework/sdk/src/main/resources/i18n/commons_zh_CN.properties @@ -16,6 +16,8 @@ upload_file_fail_get_file_path_fail=文件上传失败,获取文件上传路 user_email_already_exists=用户邮箱已存在 user_id_is_null=用户ID不能为空 user_name_is_null=用户名不能为空 +user_name_length_too_long=用户名称长度不能超过64个字符 +password_length_too_long=密码长度不能超过256个字符 user_email_is_null=用户邮箱不能为空 password_is_null=密码不能为空 user_id_already_exists=用户id已存在 diff --git a/backend/framework/sdk/src/main/resources/i18n/commons_zh_TW.properties b/backend/framework/sdk/src/main/resources/i18n/commons_zh_TW.properties index 1f71ba53a1..a54480ecb9 100644 --- a/backend/framework/sdk/src/main/resources/i18n/commons_zh_TW.properties +++ b/backend/framework/sdk/src/main/resources/i18n/commons_zh_TW.properties @@ -16,8 +16,10 @@ upload_file_fail_get_file_path_fail=文件上傳失敗,獲取文件上傳路 user_email_already_exists=用戶郵箱已存在 user_id_is_null=用戶ID不能為空 user_name_is_null=用戶名不能為空 +user_name_length_too_long=用戶名称長度不能超過64個字符 user_email_is_null=用戶郵箱不能為空 password_is_null=密碼不能為空 +password_length_too_long=密碼長度不能超過256個字符 user_id_already_exists=用戶id已存在 password_modification_failed=舊密碼輸入錯誤,請重新輸入 cannot_delete_current_user=無法刪除當前登錄用戶