找回密码功能

jeeplus-platform/jeeplus-admin/src/main/java/com/jeeplus/security/config/WebSecurityConfig.java

@@ -75,7 +75,9 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
                         "/cwProjectReport/signatureCallBack/**",
                         "/app/sys/getCode",
                         "/sys/casLogin",
-                        "/app/luckyDraw/**").permitAll() // 允许请求无需认证
+                        "/app/luckyDraw/**",
+                        "/sys/saveNewPassword",
+                        "/sys/getPhoneCode").permitAll() // 允许请求无需认证
                 .antMatchers( HttpMethod.OPTIONS, "/**").permitAll()
                 .anyRequest().authenticated() // 所有请求都需要验证
                 .and ()

jeeplus-platform/jeeplus-admin/src/main/java/com/jeeplus/sys/controller/LoginController.java

@@ -5,7 +5,10 @@ package com.jeeplus.sys.controller;
 
 import cn.hutool.captcha.CaptchaUtil;
 import cn.hutool.captcha.LineCaptcha;
+import cn.hutool.core.collection.CollectionUtil;
+import cn.hutool.core.util.ObjectUtil;
 import cn.hutool.extra.servlet.ServletUtil;
+import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.jeeplus.aop.logging.annotation.ApiLog;
 import com.jeeplus.common.redis.RedisUtils;
 import com.jeeplus.common.utils.RequestUtils;
@@ -19,6 +22,7 @@ import com.jeeplus.sys.constant.CacheNames;
 import com.jeeplus.sys.constant.CommonConstants;
 import com.jeeplus.sys.constant.enums.LogTypeEnum;
 import com.jeeplus.sys.domain.SysConfig;
+import com.jeeplus.sys.domain.User;
 import com.jeeplus.sys.model.LoginForm;
 import com.jeeplus.sys.service.SysConfigService;
 import com.jeeplus.sys.service.UserService;
@@ -45,7 +49,10 @@ import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;
+import org.springframework.transaction.annotation.Transactional;
+import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.*;
+import org.springframework.web.servlet.mvc.support.RedirectAttributes;
 
 import javax.security.auth.login.AccountException;
 import javax.servlet.ServletOutputStream;
@@ -293,41 +300,81 @@ public class LoginController {
      * @return
      */
     @ApiOperation(value = "通过手机号获取验证码（忘记密码）")
-    @PostMapping(value = "/getPhoneCode")
-    public ResponseEntity<String> getPhoneCode(@RequestParam("mobile") String mobile, @RequestParam("type") String resetPassword) {
+    @GetMapping(value = "/sys/getPhoneCode")
+    public ResponseEntity<HashMap<String,Object>> getPhoneCode(@RequestParam("mobile") String mobile) {
+        HashMap<String,Object> j = new HashMap<String,Object>();
         //验证该手机号是否已经进行注册
+        User user = userService.getOne(new LambdaQueryWrapper<User>().eq(User::getMobile, mobile));
+        if (ObjectUtil.isNotEmpty( user )) {
+            //生成四位随机验证码
+            String randomCode = String.valueOf((int) (Math.random() * 9000 + 1000));
+
+            HashMap<String,Object> result = null;
+            try{
+                //调用工具类返回结果
+                result = UserUtils.sendRandomCodes(mobile, randomCode);
+                String statusCode = (String) result.get("statusCode");
+                if (("000000").equals(statusCode)) {
+                    j.put("success",true);
+                    j.put("message","短信发送成功!");
+                    //存放验证码
+                    //以手机号+为key 五分钟为时效 将验证码进行短期存储
+                    redisUtils.setEx(mobile+ "resetPassword", randomCode, 300, TimeUnit.SECONDS);
+                }else{
+                    j.put("success",false);
+                    j.put("message","短信发送失败，错误代码：101，请联系管理员!");
+                    j.put("ErrorXml",result);
+                }
+            }catch (Exception e){
+                e.printStackTrace();
+                j.put("success",false);
+                j.put("message","短信发送失败!");
+            }
+        } else {
+            j.put("success",false);
+            j.put("message","当前手机号未注册!");
+        }
+        return ResponseEntity.ok(j);
+    }
 
-        //生成四位随机验证码
-        String randomCode = String.valueOf((int) (Math.random() * 9000 + 1000));
-
-
+    @GetMapping(value = "/sys/saveNewPassword")
+    @ApiOperation(value = "保存新密码")
+    @Transactional(rollbackFor = Exception.class)
+    public ResponseEntity<HashMap<String,Object>> saveNewPassword(@RequestParam("mobile") String mobile,
+                                                  @RequestParam("code") String code,
+                                                  @RequestParam("newPassword") String newPassword) {
         HashMap<String,Object> j = new HashMap<String,Object>();
-
-        HashMap<String,Object> result = null;
-        try{
-            //调用工具类返回结果
-            result = UserUtils.sendRandomCodes(mobile, randomCode);
-            String statusCode = (String) result.get("statusCode");
-            //if (result.contains("Success") && result.contains("ok")) {
-            if (("000000").equals(statusCode)) {
-                j.put("success",true);
-                j.put("message","短信发送成功!");
-                //存放验证码
-                //以手机号+为key 五分钟为时效 将验证码进行短期存储
-                redisUtils.setEx(mobile+ "resetPassword", randomCode, 300, TimeUnit.SECONDS);
-            }else{
+        // 判断当前页面输入的验证码是否与redis中存储的验证码匹配
+        String redisCode = (String) redisUtils.get(mobile + "resetPassword");
+        if (StringUtils.isNotBlank(redisCode)) {
+            if (redisCode.equals( code )) {
+                // 进行密码修改操作
+                User user = userService.getOne(new LambdaQueryWrapper<User>().eq(User::getMobile, mobile));
+                if (ObjectUtil.isNotEmpty( user )) {
+                    if (StringUtils.isNotBlank( newPassword )) {
+                        user.setPassword(SecurityUtils.encryptPassword ( newPassword ));
+                        user.setUpPassword( "1" );
+                        userService.updateById( user ); // 修改密码
+                        redisUtils.delete(mobile + "resetPassword"); // 删除redis中的key
+                        j.put("success",true);
+                        j.put("message","密码修改成功!");
+                    } else {
+                        j.put("success",false);
+                        j.put("message","请输入有效密码!");
+                    }
+                } else {
+                    j.put("success",false);
+                    j.put("message","当前手机号未注册!");
+                }
+            } else {
                 j.put("success",false);
-                j.put("message","短信发送失败，错误代码：101，请联系管理员。!");
-                j.put("ErrorXml",result);
+                j.put("message","验证码输入不正确!");
             }
-        }catch (Exception e){
-            e.printStackTrace();
+        } else {
             j.put("success",false);
-            j.put("message","短信发送失败!");
+            j.put("message","当前手机验证码已失效，请重新发送验证码!");
         }
-
-
-        return ResponseEntity.ok(randomCode);
+        return ResponseEntity.ok(j);
     }
 
 }

jeeplus-web/src/main/resources/application-development.yml

@@ -244,3 +244,9 @@ judgement_category_id: 2920938119742709765
 approval_YC_category_id: 2932214418853044239
 #报告用印流程id(盐城)
 report_YC_category_id: 2933233458312618324
+
+rong_userid: 8a216da86715511501673e331c24171e
+rong_token: 3d7dc58c6a334ad6887317efbf847e41
+app_id: 8a216da86715511501673e331c741725
+template_id: 435329
+code_type: 1