接入个人修改密码解密
This commit is contained in:
@@ -23,6 +23,7 @@ import com.ruoyi.common.utils.StringUtils;
|
|||||||
import com.ruoyi.common.utils.file.FileUploadUtils;
|
import com.ruoyi.common.utils.file.FileUploadUtils;
|
||||||
import com.ruoyi.common.utils.file.FileUtils;
|
import com.ruoyi.common.utils.file.FileUtils;
|
||||||
import com.ruoyi.common.utils.file.MimeTypeUtils;
|
import com.ruoyi.common.utils.file.MimeTypeUtils;
|
||||||
|
import com.ruoyi.framework.web.service.PasswordTransferCryptoService;
|
||||||
import com.ruoyi.framework.web.service.TokenService;
|
import com.ruoyi.framework.web.service.TokenService;
|
||||||
import com.ruoyi.system.service.ISysUserService;
|
import com.ruoyi.system.service.ISysUserService;
|
||||||
|
|
||||||
@@ -41,6 +42,9 @@ public class SysProfileController extends BaseController
|
|||||||
@Autowired
|
@Autowired
|
||||||
private TokenService tokenService;
|
private TokenService tokenService;
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
private PasswordTransferCryptoService passwordTransferCryptoService;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 个人信息
|
* 个人信息
|
||||||
*/
|
*/
|
||||||
@@ -92,8 +96,8 @@ public class SysProfileController extends BaseController
|
|||||||
@PutMapping("/updatePwd")
|
@PutMapping("/updatePwd")
|
||||||
public AjaxResult updatePwd(@RequestBody Map<String, String> params)
|
public AjaxResult updatePwd(@RequestBody Map<String, String> params)
|
||||||
{
|
{
|
||||||
String oldPassword = params.get("oldPassword");
|
String oldPassword = passwordTransferCryptoService.decrypt(params.get("oldPassword"));
|
||||||
String newPassword = params.get("newPassword");
|
String newPassword = passwordTransferCryptoService.decrypt(params.get("newPassword"));
|
||||||
LoginUser loginUser = getLoginUser();
|
LoginUser loginUser = getLoginUser();
|
||||||
Long userId = loginUser.getUserId();
|
Long userId = loginUser.getUserId();
|
||||||
SysUser user = userService.selectUserById(userId);
|
SysUser user = userService.selectUserById(userId);
|
||||||
|
|||||||
@@ -0,0 +1,72 @@
|
|||||||
|
package com.ruoyi.web.controller.system;
|
||||||
|
|
||||||
|
import static org.mockito.Mockito.mock;
|
||||||
|
import static org.mockito.Mockito.verify;
|
||||||
|
import static org.mockito.Mockito.when;
|
||||||
|
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.put;
|
||||||
|
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
||||||
|
|
||||||
|
import java.util.Collections;
|
||||||
|
import org.junit.jupiter.api.AfterEach;
|
||||||
|
import org.junit.jupiter.api.Test;
|
||||||
|
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||||
|
import org.springframework.security.core.context.SecurityContextHolder;
|
||||||
|
import org.springframework.test.util.ReflectionTestUtils;
|
||||||
|
import org.springframework.test.web.servlet.MockMvc;
|
||||||
|
import org.springframework.test.web.servlet.setup.MockMvcBuilders;
|
||||||
|
import com.ruoyi.common.core.domain.entity.SysUser;
|
||||||
|
import com.ruoyi.common.core.domain.model.LoginUser;
|
||||||
|
import com.ruoyi.common.utils.SecurityUtils;
|
||||||
|
import com.ruoyi.framework.web.service.PasswordTransferCryptoService;
|
||||||
|
import com.ruoyi.framework.web.service.TokenService;
|
||||||
|
import com.ruoyi.system.service.ISysUserService;
|
||||||
|
|
||||||
|
class SysProfileControllerPasswordTransferTest
|
||||||
|
{
|
||||||
|
@AfterEach
|
||||||
|
void tearDown()
|
||||||
|
{
|
||||||
|
SecurityContextHolder.clearContext();
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
void shouldDecryptPasswordsBeforeCheckingOldPassword() throws Exception
|
||||||
|
{
|
||||||
|
ISysUserService userService = mock(ISysUserService.class);
|
||||||
|
TokenService tokenService = mock(TokenService.class);
|
||||||
|
PasswordTransferCryptoService passwordTransferCryptoService = mock(PasswordTransferCryptoService.class);
|
||||||
|
when(passwordTransferCryptoService.decrypt("oldCipher")).thenReturn("oldPlain");
|
||||||
|
when(passwordTransferCryptoService.decrypt("newCipher")).thenReturn("newPlain");
|
||||||
|
when(userService.resetUserPwd(org.mockito.ArgumentMatchers.anyLong(), org.mockito.ArgumentMatchers.anyString()))
|
||||||
|
.thenReturn(1);
|
||||||
|
|
||||||
|
SysUser storedUser = new SysUser();
|
||||||
|
storedUser.setUserId(2L);
|
||||||
|
storedUser.setPassword(SecurityUtils.encryptPassword("oldPlain"));
|
||||||
|
when(userService.selectUserById(2L)).thenReturn(storedUser);
|
||||||
|
|
||||||
|
SysUser currentUser = new SysUser();
|
||||||
|
currentUser.setUserId(2L);
|
||||||
|
currentUser.setUserName("admin");
|
||||||
|
LoginUser loginUser = new LoginUser(2L, 1L, currentUser, Collections.emptySet());
|
||||||
|
SecurityContextHolder.getContext()
|
||||||
|
.setAuthentication(new UsernamePasswordAuthenticationToken(loginUser, null, Collections.emptyList()));
|
||||||
|
|
||||||
|
SysProfileController controller = new SysProfileController();
|
||||||
|
ReflectionTestUtils.setField(controller, "userService", userService);
|
||||||
|
ReflectionTestUtils.setField(controller, "tokenService", tokenService);
|
||||||
|
ReflectionTestUtils.setField(controller, "passwordTransferCryptoService", passwordTransferCryptoService);
|
||||||
|
|
||||||
|
MockMvc mockMvc = MockMvcBuilders.standaloneSetup(controller).build();
|
||||||
|
|
||||||
|
mockMvc.perform(put("/system/user/profile/updatePwd")
|
||||||
|
.contentType("application/json")
|
||||||
|
.content("{\"oldPassword\":\"oldCipher\",\"newPassword\":\"newCipher\"}"))
|
||||||
|
.andExpect(status().isOk());
|
||||||
|
|
||||||
|
verify(passwordTransferCryptoService).decrypt("oldCipher");
|
||||||
|
verify(passwordTransferCryptoService).decrypt("newCipher");
|
||||||
|
verify(userService).resetUserPwd(org.mockito.ArgumentMatchers.eq(2L), org.mockito.ArgumentMatchers.anyString());
|
||||||
|
verify(tokenService).setLoginUser(loginUser);
|
||||||
|
}
|
||||||
|
}
|
||||||
Reference in New Issue
Block a user