il y a 5 ans · 4fb59091a8
--- a/xiaoan-common/src/main/java/com/xiaoan/common/interceptor/CommonInterceptor.java
+++ b/xiaoan-common/src/main/java/com/xiaoan/common/interceptor/CommonInterceptor.java
@@ -30,7 +30,7 @@ public class CommonInterceptor implements HandlerInterceptor {
 
				 
			
 
				 
			
 
				         // uat环境禁止访问api文档
			
 
				-        if (active.equals("dev")) {
			
 
				+        if (active.equals("uat")) {
			
 
				             log.info("访问api文档拦截");
			
 
				             return !request.getRequestURI().contains("doc.html");
			
 
				         }
			
--- a/xiaoan-domain/src/main/java/com/xiaoan/domain/dto/request/PasswordRequest.java
+++ b/xiaoan-domain/src/main/java/com/xiaoan/domain/dto/request/PasswordRequest.java
@@ -0,0 +1,19 @@
 
				+package com.xiaoan.domain.dto.request;
			
 
				+
			
 
				+import lombok.Data;
			
 
				+
			
 
				+import javax.validation.constraints.*;
			
 
				+
			
 
				+/**
			
 
				+ * Created by owen on 2020/2/18 0018 17:09
			
 
				+ */
			
 
				+@Data
			
 
				+public class PasswordRequest {
			
 
				+
			
 
				+
			
 
				+    private String oldPassword;
			
 
				+
			
 
				+    private String password;
			
 
				+
			
 
				+
			
 
				+}
			
--- a/xiaoan-web/src/main/java/com/xiaoan/web/backend/UserController.java
+++ b/xiaoan-web/src/main/java/com/xiaoan/web/backend/UserController.java
@@ -9,6 +9,7 @@ import com.xiaoan.common.model.PageDto;
 
				 import com.xiaoan.common.util.PasswordUtils;
			
 
				 import com.xiaoan.common.util.RegexpUtils;
			
 
				 import com.xiaoan.common.util.ResultJson;
			
 
				+import com.xiaoan.domain.dto.request.PasswordRequest;
			
 
				 import com.xiaoan.domain.dto.request.UserRequest;
			
 
				 import com.xiaoan.domain.backend.UserEntity;
			
 
				 import com.xiaoan.domain.dto.response.UserResponse;
			
@@ -207,10 +208,10 @@ public class UserController extends BaseController {
 
				 
			
 
				     @ApiOperation("修改密码")
			
 
				     @PostMapping("updatePwd")
			
 
				-    public ResultJson updatePwd(@RequestParam String oldPassword, @RequestParam String password){
			
 
				+    public ResultJson updatePwd(@RequestBody PasswordRequest param ){
			
 
				 
			
 
				 
			
 
				-        if (StringUtils.isBlank(oldPassword) || StringUtils.isBlank(password)){
			
 
				+        if (StringUtils.isBlank(param.getOldPassword()) || StringUtils.isBlank(param.getPassword())){
			
 
				             log.error("密码不能为空");
			
 
				             return new ResultJson(MsgCode.e_COMMON_3001, "密码不能为空");
			
 
				         }
			
@@ -219,12 +220,14 @@ public class UserController extends BaseController {
 
				         UserEntity userEntity = userService.findByUserName(getTokenUserName());
			
 
				 
			
 
				         // 验证原密码
			
 
				-        String decryptName = PasswordUtils.decrypt(userEntity.getPassword(), oldPassword, PasswordUtils.getStaticSalt());
			
 
				-        if (!userEntity.getUserName().equals(decryptName)) {
			
 
				+
			
 
				+        String pwd = PasswordUtils.decrypt(userEntity.getPassword(), userEntity.getUserName(), PasswordUtils.getStaticSalt());
			
 
				+        if (!pwd.equals(param.getOldPassword())) {
			
 
				+            log.error("密码错误");
			
 
				             return new ResultJson(MsgCode.e_ADMIN_4002, MsgCode.msg_ADMIN_4002);
			
 
				         }
			
 
				 
			
 
				-        userEntity.setPassword(PasswordUtils.encrypt(userEntity.getUserName(), password, PasswordUtils.getStaticSalt()));
			
 
				+        userEntity.setPassword(PasswordUtils.encrypt(userEntity.getUserName(), param.getPassword(), PasswordUtils.getStaticSalt()));
			
 
				         userService.update(userEntity);
			
 
				         return new ResultJson(MsgCode.SUCCESS_CODE, MsgCode.msg_SUCCESS);
			
 
				     }