更新必须使用强密码

boman-common/boman-common-core/src/main/java/com/boman/common/core/utils/PwdCheckUtil.java

@@ -0,0 +1,111 @@
+package com.boman.common.core.utils;
+
+/**
+ * @Author: tjf
+ * @Date: 2022/10/10 9:24
+ * @Describe:
+ */
+public class PwdCheckUtil {
+    //定义特殊字符
+    public static String SPECIAL_CHAR = "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~";
+
+    /**
+     * @brief   检测密码中字符长度
+     * @param[in] password            密码字符串
+     * @return  符合长度要求 返回true
+     */
+    public static boolean checkPasswordLength(String password, String minNum, String maxNum) {
+        boolean flag =false;
+        if (StringUtils.isBlank(maxNum))  {
+            minNum = StringUtils.isBlank(minNum) ? "0":minNum;
+            if (password.length() >= Integer.parseInt(minNum)) {
+                flag = true;
+            }
+        } else {
+            minNum = StringUtils.isBlank(minNum) ? "0":minNum;
+            if (password.length() >= Integer.parseInt(minNum) &&
+                    password.length() <= Integer.parseInt(maxNum)) {
+                flag = true;
+            }
+        }
+        return flag;
+    }
+
+    /**
+     * @brief   检测密码中是否包含数字
+     * @param[in] password            密码字符串
+     * @return  包含数字 返回true
+     */
+    public static boolean checkContainDigit(String password) {
+        char[] chPass = password.toCharArray();
+        for (int i = 0; i < chPass.length; i++) {
+            if (Character.isDigit(chPass[i])) {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    /**
+     * @brief   检测密码中是否包含字母（不区分大小写）
+     * @param[in] password            密码字符串
+     * @return  包含字母 返回true
+     */
+    public static boolean checkContainCase(String password) {
+        char[] chPass = password.toCharArray();
+        for (int i = 0; i < chPass.length; i++) {
+            if (Character.isLetter(chPass[i])) {
+                return true;
+            }
+        }
+        return false;
+    }
+
+
+    /**
+     * @brief   检测密码中是否包含小写字母
+     * @param[in] password            密码字符串
+     * @return  包含小写字母 返回true
+     */
+    public static boolean checkContainLowerCase(String password) {
+        char[] chPass = password.toCharArray();
+        for (int i = 0; i < chPass.length; i++) {
+            if (Character.isLowerCase(chPass[i])) {
+                return true;
+            }
+        }
+        return false;
+    }
+
+
+    /**
+     * @brief   检测密码中是否包含大写字母
+     * @param[in] password            密码字符串
+     * @return  包含大写字母 返回true
+     */
+    public static boolean checkContainUpperCase(String password) {
+        char[] chPass = password.toCharArray();
+        for (int i = 0; i < chPass.length; i++) {
+            if (Character.isUpperCase(chPass[i])) {
+                return true;
+            }
+        }
+        return false;
+    }
+
+
+    /**
+     * @brief   检测密码中是否包含特殊符号
+     * @param[in] password            密码字符串
+     * @return  包含特殊符号 返回true
+     */
+    public static boolean checkContainSpecialChar(String password) {
+        char[] chPass = password.toCharArray();
+        for (int i = 0; i < chPass.length; i++) {
+            if (SPECIAL_CHAR.indexOf(chPass[i]) != -1) {
+                return true;
+            }
+        }
+        return false;
+    }
+}

boman-common/boman-common-core/src/main/java/com/boman/common/core/utils/SecurityUtils.java

@@ -2,6 +2,7 @@ package com.boman.common.core.utils;
 
 import javax.servlet.http.HttpServletRequest;
 
+import jdk.internal.util.Preconditions;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import com.boman.domain.constant.CacheConstants;
 import com.boman.common.core.text.Convert;
@@ -86,10 +87,28 @@ public class SecurityUtils
         BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
         return passwordEncoder.matches(rawPassword, encodedPassword);
     }
-
-    public static void main(String[] args) {
-        BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
-        String encode = passwordEncoder.encode("123456");
-        System.out.println(encode);
+    /**
+     * @brief   检测密码复杂度是否为 强
+     * @param[in] password  密码字符串
+     * @return  符合长度要求 返回true
+     */
+    public static String checkStrongPwd(String pwd) {
+        try {
+            //如果密码为空返回1
+            if (StringUtils.isBlank(pwd)){
+                return "1";
+            }
+            if (!PwdCheckUtil.checkPasswordLength(pwd, "8", null)
+                    || !PwdCheckUtil.checkContainLowerCase(pwd)
+                    || !PwdCheckUtil.checkContainUpperCase(pwd)
+                    || !PwdCheckUtil.checkContainDigit(pwd)
+                    || !PwdCheckUtil.checkContainSpecialChar(pwd)
+            ) {
+                return "1";
+            }
+        } catch (Exception e) {
+            e.printStackTrace();
+        }
+        return "0";
     }
 }

boman-modules/boman-system/src/main/java/com/boman/system/controller/SysProfileController.java

@@ -25,6 +25,8 @@ import com.boman.domain.SysUser;
 import com.boman.system.api.model.LoginUser;
 import com.boman.system.service.ISysUserService;
 
+import static com.boman.common.core.utils.SecurityUtils.checkStrongPwd;
+
 /**
  * 个人信息 业务处理
  * 
@@ -96,6 +98,9 @@ public class SysProfileController extends BaseController
         {
             return AjaxResult.error("新密码不能与旧密码相同");
         }
+        if ("1".equals(checkStrongPwd(user.getPassword()))) {
+            return AjaxResult.error("密码必须包含数字、大小写字母、特殊符号且大于8位");
+        }
         if (userService.resetUserPwd(username, SecurityUtils.encryptPassword(newPassword)) > 0)
         {
             // 更新缓存用户密码

boman-modules/boman-system/src/main/java/com/boman/system/controller/SysUserController.java

@@ -30,6 +30,8 @@ import com.boman.domain.SysRole;
 import com.boman.domain.SysUser;
 import com.boman.system.api.model.LoginUser;
 
+import static com.boman.common.core.utils.SecurityUtils.checkStrongPwd;
+
 /**
  * 用户信息
  *
@@ -192,6 +194,8 @@ public class SysUserController extends BaseController {
         } else if (StringUtils.isNotEmpty(user.getEmail())
                 && UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user))) {
             return AjaxResult.error("新增用户'" + user.getUserName() + "'失败，邮箱账号已存在");
+        }else if ("1".equals(checkStrongPwd(user.getPassword()))) {
+            return AjaxResult.error("密码必须包含数字、大小写字母、特殊符号且大于8位");
         }
         user.setCreateBy(SecurityUtils.getUsername());
         user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
@@ -235,6 +239,9 @@ public class SysUserController extends BaseController {
     @PutMapping("/resetPwd")
     public AjaxResult resetPwd(@RequestBody SysUser user) {
 //        userService.checkUserAllowed(user);
+        if ("1".equals(checkStrongPwd(user.getPassword()))) {
+            return AjaxResult.error("密码必须包含数字、大小写字母、特殊符号且大于8位");
+        }
         user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
         user.setUpdateBy(SecurityUtils.getUsername());
         return toAjax(userService.resetPwd(user));