diff --git a/backend/framework/sdk/src/main/java/io/metersphere/sdk/config/RsaConfig.java b/backend/framework/sdk/src/main/java/io/metersphere/sdk/config/RsaConfig.java new file mode 100644 index 0000000000..5f07ed0abb --- /dev/null +++ b/backend/framework/sdk/src/main/java/io/metersphere/sdk/config/RsaConfig.java @@ -0,0 +1,19 @@ +package io.metersphere.sdk.config; + + +import org.springframework.boot.ApplicationArguments; +import org.springframework.boot.ApplicationRunner; +import org.springframework.context.annotation.Configuration; + +@Configuration +public class RsaConfig implements ApplicationRunner { +// @Resource +// private FileService fileService; + + @Override + public void run(ApplicationArguments args) throws Exception { +// // todo 从数据库中获取 RSA 密钥对 +// RsaKey value = fileService.checkRsaKey(); +// RsaUtil.setRsaKey(value); + } +} diff --git a/backend/framework/sdk/src/main/java/io/metersphere/sdk/controller/LoginController.java b/backend/framework/sdk/src/main/java/io/metersphere/sdk/controller/LoginController.java index b969d3a993..10be1eb015 100644 --- a/backend/framework/sdk/src/main/java/io/metersphere/sdk/controller/LoginController.java +++ b/backend/framework/sdk/src/main/java/io/metersphere/sdk/controller/LoginController.java @@ -14,6 +14,7 @@ import io.metersphere.sdk.util.SessionUtils; import io.metersphere.sdk.util.Translator; import jakarta.annotation.Resource; import jakarta.servlet.http.HttpServletResponse; +import org.apache.commons.lang3.BooleanUtils; import org.apache.commons.lang3.StringUtils; import org.apache.commons.lang3.reflect.MethodUtils; import org.apache.shiro.SecurityUtils; @@ -37,8 +38,8 @@ public class LoginController { if (StringUtils.isBlank(userDTO.getLanguage())) { userDTO.setLanguage(LocaleContextHolder.getLocale().toString()); } - // todo 跳转用户 -// baseUserService.autoSwitch(userDTO); + + baseUserService.autoSwitch(userDTO); SessionUser sessionUser = SessionUser.fromUser(userDTO, SessionUtils.getSessionId()); SessionUtils.putUser(sessionUser); // 用户只有工作空间权限 @@ -62,9 +63,9 @@ public class LoginController { } SecurityUtils.getSubject().getSession().setAttribute("authenticate", UserSource.LOCAL.name()); ResultHolder result = baseUserService.login(request); - // todo 登录是否提示修改密码 -// boolean changePassword = baseUserService.checkWhetherChangePasswordOrNot(request); -// result.setMessage(BooleanUtils.toStringTrueFalse(changePassword)); + // 检查管理员是否需要改密码 + boolean changePassword = baseUserService.checkWhetherChangePasswordOrNot(request); + result.setMessage(BooleanUtils.toStringTrueFalse(changePassword)); return result; } diff --git a/backend/framework/sdk/src/main/java/io/metersphere/sdk/service/BaseUserService.java b/backend/framework/sdk/src/main/java/io/metersphere/sdk/service/BaseUserService.java index d40f0fefe0..a12a5e6af0 100644 --- a/backend/framework/sdk/src/main/java/io/metersphere/sdk/service/BaseUserService.java +++ b/backend/framework/sdk/src/main/java/io/metersphere/sdk/service/BaseUserService.java @@ -107,7 +107,7 @@ public class BaseUserService { } } - private void autoSwitch(UserDTO user) { + public void autoSwitch(UserDTO user) { // 用户有 last_project_id 权限 if (hasLastProjectPermission(user)) { return; @@ -396,4 +396,15 @@ public class BaseUserService { return permissionDTO; } + public boolean checkWhetherChangePasswordOrNot(LoginRequest request) { + // 升级之后 admin 还使用弱密码也提示修改 + if (StringUtils.equals("admin", request.getUsername())) { + UserExample example = new UserExample(); + example.createCriteria().andIdEqualTo("admin") + .andPasswordEqualTo(CodingUtil.md5("metersphere")); + return userMapper.countByExample(example) > 0; + } + + return false; + } }