Home Explore Help
Sign In
iot
/
hsweb-framework
4
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

增加验证器PasswordValidator

zhou-hao 4 years ago
parent
1254ba2379
commit
a94aeba0c1
3 changed files with 29 additions and 0 deletions
Split View Show Diff Stats
  1. 7 0
      hsweb-system/hsweb-system-authorization/hsweb-system-authorization-api/src/main/java/org/hswebframework/web/system/authorization/api/PasswordValidator.java
  2. 7 0
      hsweb-system/hsweb-system-authorization/hsweb-system-authorization-api/src/main/java/org/hswebframework/web/system/authorization/api/UsernameValidator.java
  3. 15 0
      hsweb-system/hsweb-system-authorization/hsweb-system-authorization-default/src/main/java/org/hswebframework/web/system/authorization/defaults/service/DefaultReactiveUserService.java

+ 7 - 0
hsweb-system/hsweb-system-authorization/hsweb-system-authorization-api/src/main/java/org/hswebframework/web/system/authorization/api/PasswordValidator.java
View File 

@@ -0,0 +1,7 @@
 
+package org.hswebframework.web.system.authorization.api;
 
+
 
+public interface PasswordValidator {
 
+
 
+    void validate(String password);
 
+
 
+}

+ 7 - 0
hsweb-system/hsweb-system-authorization/hsweb-system-authorization-api/src/main/java/org/hswebframework/web/system/authorization/api/UsernameValidator.java
View File 

@@ -0,0 +1,7 @@
 
+package org.hswebframework.web.system.authorization.api;
 
+
 
+public interface UsernameValidator {
 
+
 
+    void validate(String password);
 
+    
+}

+ 15 - 0
hsweb-system/hsweb-system-authorization/hsweb-system-authorization-default/src/main/java/org/hswebframework/web/system/authorization/defaults/service/DefaultReactiveUserService.java
View File 

@@ -9,6 +9,8 @@ import org.hswebframework.web.crud.service.GenericReactiveCrudService;
 
 import org.hswebframework.web.exception.NotFoundException;
 
 import org.hswebframework.web.id.IDGenerator;
 
 import org.hswebframework.web.system.authorization.api.PasswordEncoder;
 
+import org.hswebframework.web.system.authorization.api.PasswordValidator;
 
+import org.hswebframework.web.system.authorization.api.UsernameValidator;
 
 import org.hswebframework.web.system.authorization.api.entity.UserEntity;
 
 import org.hswebframework.web.system.authorization.api.event.UserCreatedEvent;
 
 import org.hswebframework.web.system.authorization.api.event.UserDeletedEvent;
 
@@ -34,6 +36,15 @@ public class DefaultReactiveUserService extends GenericReactiveCrudService<UserE
 
     @Autowired(required = false)
 
     private PasswordEncoder passwordEncoder = (password, salt) -> DigestUtils.md5Hex(String.format("hsweb.%s.framework.%s", password, salt));
 
 
+    @Autowired(required = false)
 
+    private PasswordValidator passwordValidator = (password) -> {
 
+    };
 
+
 
+    @Autowired(required = false)
 
+    private UsernameValidator usernameValidator = (username) -> {
 
+
 
+    };
 
+
 
     @Autowired
 
     private ApplicationEventPublisher eventPublisher;
 
 
@@ -60,6 +71,8 @@ public class DefaultReactiveUserService extends GenericReactiveCrudService<UserE
 
 
         return Mono.defer(() -> {
 
             userEntity.setSalt(IDGenerator.RANDOM.generate());
 
+            usernameValidator.validate(userEntity.getUsername());
 
+            passwordValidator.validate(userEntity.getPassword());
 
             userEntity.setPassword(passwordEncoder.encode(userEntity.getPassword(), userEntity.getSalt()));
 
             return Mono.just(userEntity)
 
                     .doOnNext(e -> e.tryValidate(CreateGroup.class))
 
@@ -80,6 +93,7 @@ public class DefaultReactiveUserService extends GenericReactiveCrudService<UserE
 
             boolean passwordChanged = StringUtils.hasText(userEntity.getPassword());
 
             if (passwordChanged) {
 
                 userEntity.setSalt(IDGenerator.RANDOM.generate());
 
+                passwordValidator.validate(userEntity.getPassword());
 
                 userEntity.setPassword(passwordEncoder.encode(userEntity.getPassword(), userEntity.getSalt()));
 
             }
 
             return getRepository()
 
@@ -138,6 +152,7 @@ public class DefaultReactiveUserService extends GenericReactiveCrudService<UserE
 
     @Override
 
     @Transactional(rollbackFor = Exception.class, transactionManager = TransactionManagers.r2dbcTransactionManager)
 
     public Mono<Boolean> changePassword(String userId, String oldPassword, String newPassword) {
 
+        passwordValidator.validate(newPassword);
 
         return findById(userId)
 
                 .switchIfEmpty(Mono.error(NotFoundException::new))
 
                 .filter(user -> passwordEncoder.encode(oldPassword, user.getSalt()).equals(user.getPassword()))