2 years ago · a1bab0652a
--- a/hsweb-authorization/hsweb-authorization-api/src/main/resources/i18n/authentication/messages_en.properties
+++ b/hsweb-authorization/hsweb-authorization-api/src/main/resources/i18n/authentication/messages_en.properties
@@ -2,6 +2,7 @@ error.access_denied=Access Denied
 
				 error.permission_denied=Permission Denied [{0}]:{1}
			
 
				 error.logged_in_elsewhere=User logged in elsewhere
			
 
				 error.illegal_password=Bad username or password
			
 
				+error.illegal_user_password=Bad Password
			
 
				 error.user_disabled=User is disabled
			
 
				 #
			
 
				 message.token_state_normal=Normal
			
--- a/hsweb-authorization/hsweb-authorization-api/src/main/resources/i18n/authentication/messages_zh.properties
+++ b/hsweb-authorization/hsweb-authorization-api/src/main/resources/i18n/authentication/messages_zh.properties
@@ -2,6 +2,7 @@ error.access_denied=权限不足,拒绝访问!
 
				 error.permission_denied=当前用户无权限[{0}]:{1}
			
 
				 error.logged_in_elsewhere=该用户已在其他地方登陆
			
 
				 error.illegal_password=用户名或密码错误
			
 
				+error.illegal_user_password=密码错误
			
 
				 error.user_disabled=用户已被禁用
			
 
				 #
			
 
				 message.token_state_normal=正常
			
--- a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-default/src/main/java/org/hswebframework/web/system/authorization/defaults/service/DefaultReactiveUserService.java
+++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-default/src/main/java/org/hswebframework/web/system/authorization/defaults/service/DefaultReactiveUserService.java
@@ -110,7 +110,7 @@ public class DefaultReactiveUserService extends GenericReactiveCrudService<UserE
 
				                     boolean updatePassword = StringUtils.hasText(newer.getPassword());
			
 
				 
			
 
				                     boolean passwordChanged = updatePassword &&
			
 
				-                           !Objects.equals(
			
 
				+                            !Objects.equals(
			
 
				                                     passwordEncoder.encode(newer.getPassword(), old.getSalt()),
			
 
				                                     old.getPassword()
			
 
				                             );
			
@@ -125,7 +125,7 @@ public class DefaultReactiveUserService extends GenericReactiveCrudService<UserE
 
				                             .set(newer)
			
 
				                             .where(newer::getId)
			
 
				                             .execute()
			
 
				-                            .flatMap(__ -> new UserModifiedEvent(old,newer, passwordChanged).publish(eventPublisher))
			
 
				+                            .flatMap(__ -> new UserModifiedEvent(old, newer, passwordChanged).publish(eventPublisher))
			
 
				                             .thenReturn(newer)
			
 
				                             .flatMap(e -> ClearUserAuthorizationCacheEvent
			
 
				                                     .of(e.getId())
			
@@ -192,12 +192,22 @@ public class DefaultReactiveUserService extends GenericReactiveCrudService<UserE
 
				         return findById(userId)
			
 
				                 .switchIfEmpty(Mono.error(NotFoundException::new))
			
 
				                 .filter(user -> passwordEncoder.encode(oldPassword, user.getSalt()).equals(user.getPassword()))
			
 
				-                .switchIfEmpty(Mono.error(() -> new ValidationException("密码错误")))
			
 
				-                .flatMap(user -> repository
			
 
				-                        .createUpdate()
			
 
				-                        .set(UserEntity::getPassword, passwordEncoder.encode(newPassword, user.getSalt()))
			
 
				-                        .where(user::getId)
			
 
				-                        .execute())
			
 
				+                .switchIfEmpty(Mono.error(() -> new ValidationException("error.illegal_user_password")))
			
 
				+                .flatMap(old -> {
			
 
				+                    String encodePwd = passwordEncoder.encode(newPassword, old.getSalt());
			
 
				+
			
 
				+                    boolean passwordChanged = !Objects.equals(encodePwd, old.getPassword());
			
 
				+                    UserEntity newer = old.copyTo(new UserEntity());
			
 
				+                    newer.setPassword(passwordEncoder.encode(newPassword, old.getSalt()));
			
 
				+                    return repository
			
 
				+                            .createUpdate()
			
 
				+                            .set(newer::getPassword)
			
 
				+                            .where(newer::getId)
			
 
				+                            .execute()
			
 
				+                            .flatMap(e -> new UserModifiedEvent(old, newer, passwordChanged)
			
 
				+                                    .publish(eventPublisher)
			
 
				+                                    .thenReturn(e));
			
 
				+                })
			
 
				                 .map(i -> i > 0);
			
 
				     }