修改密码更新密保等级

sso-server/src/main/java/com/uas/sso/controller/BaseController.java

@@ -134,28 +134,6 @@ public class BaseController {
         return new ResponseEntity<byte[]>(bytes, headers, HttpStatus.CREATED);
     }
 
-    /**
-     * 校验密码强度
-     *
-     * @param password 密码
-     * @return PasswordStrength枚举
-     * @throws VisibleError 用户可见异常
-     */
-    protected PasswordStrength checkPasswordLevel(String password) throws VisibleError {
-        String strongRegex = "^(?=.{8,20})(((?=.*[0-9])(?=.*[a-z])(?=.*[A-Z]))|((?=.*[0-9])((?=.*[a-zA-Z]))(?=.*[^a-zA-Z0-9]))).*$";
-        String mediumRegex = "^(?=.{8,20})(((?=.*[0-9])(?=.*[a-z]))|((?=.*[0-9])(?=.*[A-Z]))).*$";
-        if (password == null) {
-            throw new VisibleError("密码不能为空");
-        }
-        if (password.matches(strongRegex)) {
-            return PasswordStrength.STRONG;
-        } else if (password.matches(mediumRegex)) {
-            return PasswordStrength.MEDIUM;
-        } else {
-            return PasswordStrength.WEAK;
-        }
-    }
-
     /**
      * 获取验证码tokenId
      *

sso-server/src/main/java/com/uas/sso/controller/LoginController.java

@@ -13,6 +13,7 @@ import com.uas.sso.service.*;
 import com.uas.sso.util.AccountTypeUtils;
 import com.uas.sso.util.BeanUtil;
 import com.uas.sso.util.CaptchaUtil;
+import com.uas.sso.util.PasswordLevelUtils;
 import com.uas.sso.web.waf.request.WafRequestWrapper;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.ui.ModelMap;
@@ -139,7 +140,7 @@ public class LoginController extends BaseController {
         }
 
         // 校验密码强度，如果和存储的不同，则保存
-        int strength = checkPasswordLevel(password).getValue();
+        int strength = PasswordLevelUtils.checkPasswordLevel(password).getValue();
         if (strength != user.getPasswordLevel()) {
             user.setPasswordLevel(strength);
             userService.save(user);

sso-server/src/main/java/com/uas/sso/controller/PersonalRegisterController.java

@@ -7,6 +7,7 @@ import com.uas.sso.entity.User;
 import com.uas.sso.logging.LoggerManager;
 import com.uas.sso.logging.RegisterBufferedLogger;
 import com.uas.sso.service.UserService;
+import com.uas.sso.util.PasswordLevelUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.ModelMap;
@@ -66,7 +67,7 @@ public class PersonalRegisterController extends BaseController {
         checkMobileCode(token, mobile, code);
 
         // 校验密码
-        if (PasswordStrength.WEAK.equals(checkPasswordLevel(password))) {
+        if (PasswordStrength.WEAK.equals(PasswordLevelUtils.checkPasswordLevel(password))) {
             return error("密码须为8-20字符的英文、数字混合");
         }
 

sso-server/src/main/java/com/uas/sso/controller/ResetPasswordController.java

@@ -10,6 +10,7 @@ import com.uas.sso.core.Status;
 import com.uas.sso.entity.*;
 import com.uas.sso.service.UserService;
 import com.uas.sso.util.CaptchaUtil;
+import com.uas.sso.util.PasswordLevelUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.ui.ModelMap;
 import org.springframework.util.StringUtils;
@@ -349,7 +350,7 @@ public class ResetPasswordController extends BaseController {
         }
 
         // 校验密码
-        PasswordStrength passwordStrength = checkPasswordLevel(password);
+        PasswordStrength passwordStrength = PasswordLevelUtils.checkPasswordLevel(password);
         if (PasswordStrength.WEAK.getValue() == passwordStrength.getValue()) {
             return error("密码须为8-20字符的英文、数字混合");
         }

sso-server/src/main/java/com/uas/sso/controller/UserspaceRegisterController.java

@@ -11,6 +11,7 @@ import com.uas.sso.logging.LoggerManager;
 import com.uas.sso.logging.RegisterBufferedLogger;
 import com.uas.sso.service.UserService;
 import com.uas.sso.service.UserspaceService;
+import com.uas.sso.util.PasswordLevelUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.ModelMap;
@@ -114,7 +115,7 @@ public class UserspaceRegisterController extends BaseController {
             }
 
             // 新用户要校验密码强度
-            PasswordStrength strength = checkPasswordLevel(password);
+            PasswordStrength strength = PasswordLevelUtils.checkPasswordLevel(password);
             if (PasswordStrength.WEAK.getValue() == strength.getValue()) {
                 return error("密码须为8-20字符的英文、数字混合");
             }

sso-server/src/main/java/com/uas/sso/service/impl/UserServiceImpl.java

@@ -18,6 +18,7 @@ import com.uas.sso.logging.UserBufferedLogger;
 import com.uas.sso.service.*;
 import com.uas.sso.util.AccountTypeUtils;
 import com.uas.sso.util.ExecuteUtils;
+import com.uas.sso.util.PasswordLevelUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.PageRequest;
@@ -501,6 +502,7 @@ public class UserServiceImpl implements UserService {
             throw new VisibleError("该用户不存在");
         }
         user.setPassword(getEncryPassword(Const.ENCRY_FORMAT, noEncryPwd, user.getSalt()));
+        user.setPasswordLevel(PasswordLevelUtils.checkPasswordLevel(noEncryPwd).getValue());
 
         user = syncUserInfo(user , noEncryPwd, "用户修改密码");
 

sso-server/src/main/java/com/uas/sso/util/PasswordLevelUtils.java

@@ -0,0 +1,36 @@
+package com.uas.sso.util;
+
+import com.uas.sso.core.PasswordStrength;
+import com.uas.sso.exception.VisibleError;
+
+/**
+ * @author wangmh
+ * @create 2018-04-24 16:15
+ * @desc 密码强度等级工具类
+ **/
+public class PasswordLevelUtils {
+
+
+    /**
+     * 校验密码强度
+     *
+     * @param password 密码
+     * @return PasswordStrength枚举
+     * @throws VisibleError 用户可见异常
+     */
+    public static PasswordStrength checkPasswordLevel(String password) throws VisibleError {
+        // todo 需要放入工具类
+        String strongRegex = "^(?=.{8,20})(((?=.*[0-9])(?=.*[a-z])(?=.*[A-Z]))|((?=.*[0-9])((?=.*[a-zA-Z]))(?=.*[^a-zA-Z0-9]))).*$";
+        String mediumRegex = "^(?=.{8,20})(((?=.*[0-9])(?=.*[a-z]))|((?=.*[0-9])(?=.*[A-Z]))).*$";
+        if (password == null) {
+            throw new VisibleError("密码不能为空");
+        }
+        if (password.matches(strongRegex)) {
+            return PasswordStrength.STRONG;
+        } else if (password.matches(mediumRegex)) {
+            return PasswordStrength.MEDIUM;
+        } else {
+            return PasswordStrength.WEAK;
+        }
+    }
+}