From d6c4645c06f559dc4ff7290d128d9a84f984c277 Mon Sep 17 00:00:00 2001
From: CaptainB <bin@fit2cloud.com>
Date: Fri, 2 Jun 2023 12:45:47 +0800
Subject: [PATCH] =?UTF-8?q?build:=20=E7=94=A8=E6=88=B7=E7=99=BB=E5=BD=95?=
 =?UTF-8?q?=E6=A3=80=E6=9F=A5=E6=98=AF=E5=90=A6=E9=9C=80=E8=A6=81=E4=BF=AE?=
 =?UTF-8?q?=E6=94=B9=E5=AF=86=E7=A0=81?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../io/metersphere/sdk/config/RsaConfig.java  | 19 +++++++++++++++++++
 .../sdk/controller/LoginController.java       | 11 ++++++-----
 .../sdk/service/BaseUserService.java          | 13 ++++++++++++-
 3 files changed, 37 insertions(+), 6 deletions(-)
 create mode 100644 backend/framework/sdk/src/main/java/io/metersphere/sdk/config/RsaConfig.java

diff --git a/backend/framework/sdk/src/main/java/io/metersphere/sdk/config/RsaConfig.java b/backend/framework/sdk/src/main/java/io/metersphere/sdk/config/RsaConfig.java
new file mode 100644
index 0000000000..5f07ed0abb
--- /dev/null
+++ b/backend/framework/sdk/src/main/java/io/metersphere/sdk/config/RsaConfig.java
@@ -0,0 +1,19 @@
+package io.metersphere.sdk.config;
+
+
+import org.springframework.boot.ApplicationArguments;
+import org.springframework.boot.ApplicationRunner;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+public class RsaConfig implements ApplicationRunner {
+//    @Resource
+//    private FileService fileService;
+
+    @Override
+    public void run(ApplicationArguments args) throws Exception {
+//        // todo 从数据库中获取 RSA 密钥对
+//        RsaKey value = fileService.checkRsaKey();
+//        RsaUtil.setRsaKey(value);
+    }
+}
diff --git a/backend/framework/sdk/src/main/java/io/metersphere/sdk/controller/LoginController.java b/backend/framework/sdk/src/main/java/io/metersphere/sdk/controller/LoginController.java
index b969d3a993..10be1eb015 100644
--- a/backend/framework/sdk/src/main/java/io/metersphere/sdk/controller/LoginController.java
+++ b/backend/framework/sdk/src/main/java/io/metersphere/sdk/controller/LoginController.java
@@ -14,6 +14,7 @@ import io.metersphere.sdk.util.SessionUtils;
 import io.metersphere.sdk.util.Translator;
 import jakarta.annotation.Resource;
 import jakarta.servlet.http.HttpServletResponse;
+import org.apache.commons.lang3.BooleanUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.commons.lang3.reflect.MethodUtils;
 import org.apache.shiro.SecurityUtils;
@@ -37,8 +38,8 @@ public class LoginController {
             if (StringUtils.isBlank(userDTO.getLanguage())) {
                 userDTO.setLanguage(LocaleContextHolder.getLocale().toString());
             }
-            // todo 跳转用户
-//            baseUserService.autoSwitch(userDTO);
+
+            baseUserService.autoSwitch(userDTO);
             SessionUser sessionUser = SessionUser.fromUser(userDTO, SessionUtils.getSessionId());
             SessionUtils.putUser(sessionUser);
             // 用户只有工作空间权限
@@ -62,9 +63,9 @@ public class LoginController {
         }
         SecurityUtils.getSubject().getSession().setAttribute("authenticate", UserSource.LOCAL.name());
         ResultHolder result = baseUserService.login(request);
-        // todo 登录是否提示修改密码
-//        boolean changePassword = baseUserService.checkWhetherChangePasswordOrNot(request);
-//        result.setMessage(BooleanUtils.toStringTrueFalse(changePassword));
+        // 检查管理员是否需要改密码
+        boolean changePassword = baseUserService.checkWhetherChangePasswordOrNot(request);
+        result.setMessage(BooleanUtils.toStringTrueFalse(changePassword));
         return result;
     }
 
diff --git a/backend/framework/sdk/src/main/java/io/metersphere/sdk/service/BaseUserService.java b/backend/framework/sdk/src/main/java/io/metersphere/sdk/service/BaseUserService.java
index d40f0fefe0..a12a5e6af0 100644
--- a/backend/framework/sdk/src/main/java/io/metersphere/sdk/service/BaseUserService.java
+++ b/backend/framework/sdk/src/main/java/io/metersphere/sdk/service/BaseUserService.java
@@ -107,7 +107,7 @@ public class BaseUserService {
         }
     }
 
-    private void autoSwitch(UserDTO user) {
+    public void autoSwitch(UserDTO user) {
         // 用户有 last_project_id 权限
         if (hasLastProjectPermission(user)) {
             return;
@@ -396,4 +396,15 @@ public class BaseUserService {
         return permissionDTO;
     }
 
+    public boolean checkWhetherChangePasswordOrNot(LoginRequest request) {
+        // 升级之后 admin 还使用弱密码也提示修改
+        if (StringUtils.equals("admin", request.getUsername())) {
+            UserExample example = new UserExample();
+            example.createCriteria().andIdEqualTo("admin")
+                    .andPasswordEqualTo(CodingUtil.md5("metersphere"));
+            return userMapper.countByExample(example) > 0;
+        }
+
+        return false;
+    }
 }