build: 用户登录检查是否需要修改密码

2023-06-02 12:45:47 +08:00 · 2023-06-02 12:45:47 +08:00 · d6c4645c06
parent 27fd5caca9
commit d6c4645c06
3 changed files with 37 additions and 6 deletions
--- a/backend/framework/sdk/src/main/java/io/metersphere/sdk/config/RsaConfig.java
+++ b/backend/framework/sdk/src/main/java/io/metersphere/sdk/config/RsaConfig.java
@ -0,0 +1,19 @@
+package io.metersphere.sdk.config;
+
+
+import org.springframework.boot.ApplicationArguments;
+import org.springframework.boot.ApplicationRunner;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+public class RsaConfig implements ApplicationRunner {
+//    @Resource
+//    private FileService fileService;
+
+    @Override
+    public void run(ApplicationArguments args) throws Exception {
+//        // todo 从数据库中获取 RSA 密钥对
+//        RsaKey value = fileService.checkRsaKey();
+//        RsaUtil.setRsaKey(value);
+    }
+}
--- a/backend/framework/sdk/src/main/java/io/metersphere/sdk/controller/LoginController.java
+++ b/backend/framework/sdk/src/main/java/io/metersphere/sdk/controller/LoginController.java
@ -14,6 +14,7 @@ import io.metersphere.sdk.util.SessionUtils;
 import io.metersphere.sdk.util.Translator;
 import jakarta.annotation.Resource;
 import jakarta.servlet.http.HttpServletResponse;
+import org.apache.commons.lang3.BooleanUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.commons.lang3.reflect.MethodUtils;
 import org.apache.shiro.SecurityUtils;
@ -37,8 +38,8 @@ public class LoginController {
            if (StringUtils.isBlank(userDTO.getLanguage())) {
                userDTO.setLanguage(LocaleContextHolder.getLocale().toString());
            }
-            // todo 跳转用户
-//            baseUserService.autoSwitch(userDTO);
+
+            baseUserService.autoSwitch(userDTO);
            SessionUser sessionUser = SessionUser.fromUser(userDTO, SessionUtils.getSessionId());
            SessionUtils.putUser(sessionUser);
            // 用户只有工作空间权限
@ -62,9 +63,9 @@ public class LoginController {
        }
        SecurityUtils.getSubject().getSession().setAttribute("authenticate", UserSource.LOCAL.name());
        ResultHolder result = baseUserService.login(request);
-        // todo 登录是否提示修改密码
-//        boolean changePassword = baseUserService.checkWhetherChangePasswordOrNot(request);
-//        result.setMessage(BooleanUtils.toStringTrueFalse(changePassword));
+        // 检查管理员是否需要改密码
+        boolean changePassword = baseUserService.checkWhetherChangePasswordOrNot(request);
+        result.setMessage(BooleanUtils.toStringTrueFalse(changePassword));
        return result;
    }

--- a/backend/framework/sdk/src/main/java/io/metersphere/sdk/service/BaseUserService.java
+++ b/backend/framework/sdk/src/main/java/io/metersphere/sdk/service/BaseUserService.java
@ -107,7 +107,7 @@ public class BaseUserService {
        }
    }

-    private void autoSwitch(UserDTO user) {
+    public void autoSwitch(UserDTO user) {
        // 用户有 last_project_id 权限
        if (hasLastProjectPermission(user)) {
            return;
@ -396,4 +396,15 @@ public class BaseUserService {
        return permissionDTO;
    }

+    public boolean checkWhetherChangePasswordOrNot(LoginRequest request) {
+        // 升级之后 admin 还使用弱密码也提示修改
+        if (StringUtils.equals("admin", request.getUsername())) {
+            UserExample example = new UserExample();
+            example.createCriteria().andIdEqualTo("admin")
+                    .andPasswordEqualTo(CodingUtil.md5("metersphere"));
+            return userMapper.countByExample(example) > 0;
+        }
+
+        return false;
+    }
 }