탐색 도움말
로그인
weiym
/
perms-system-server
1
0
포크 0
파일 이슈 0 풀 리퀘스트 0 위키
트리: 7dbe686aa8
브랜치 태그
perms-system...
/
internal
/
logic
/
auth
/
changePasswordLogic.go

changePasswordLogic.go 2.2 KB
히스토리 Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677 
  1. package auth
    2. 

  2. 

  3. import (
    4. 

  4. 	"context"
    5. 

  5. 	"fmt"
    6. 

  6. 

  7. 	"perms-system-server/internal/consts"
    8. 

  8. 	"perms-system-server/internal/middleware"
    9. 

  9. 	"perms-system-server/internal/response"
    10. 

  10. 	"perms-system-server/internal/svc"
    11. 

  11. 	"perms-system-server/internal/types"
    12. 

  12. 	"perms-system-server/internal/util"
    13. 

  13. 

  14. 	"github.com/zeromicro/go-zero/core/limit"
    15. 

  15. 	"github.com/zeromicro/go-zero/core/logx"
    16. 

  16. 	"golang.org/x/crypto/bcrypt"
    17. 

  17. )
    18. 

  18. 

  19. type ChangePasswordLogic struct {
    20. 

  20. 	logx.Logger
    21. 

  21. 	ctx    context.Context
    22. 

  22. 	svcCtx *svc.ServiceContext
    23. 

  23. }
    24. 

  24. 

  25. func NewChangePasswordLogic(ctx context.Context, svcCtx *svc.ServiceContext) *ChangePasswordLogic {
    26. 

  26. 	return &ChangePasswordLogic{
    27. 

  27. 		Logger: logx.WithContext(ctx),
    28. 

  28. 		ctx:    ctx,
    29. 

  29. 		svcCtx: svcCtx,
    30. 

  30. 	}
    31. 

  31. }
    32. 

  32. 

  33. // ChangePassword 修改密码。已登录用户验证原密码后设置新密码,同时递增 tokenVersion 使所有已签发令牌失效,强制重新登录。
    34. 

  34. func (l *ChangePasswordLogic) ChangePassword(req *types.ChangePasswordReq) error {
    35. 

  35. 	if msg := util.ValidatePassword(req.NewPassword); msg != "" {
    36. 

  36. 		return response.ErrBadRequest(msg)
    37. 

  37. 	}
    38. 

  38. 

  39. 	userId := middleware.GetUserId(l.ctx)
    40. 

  40. 

  41. 	if l.svcCtx.TokenOpLimiter != nil {
    42. 

  42. 		code, _ := l.svcCtx.TokenOpLimiter.Take(fmt.Sprintf("chpwd:%d", userId))
    43. 

  43. 		if code == limit.OverQuota {
    44. 

  44. 			return response.ErrTooManyRequests("操作过于频繁,请稍后再试")
    45. 

  45. 		}
    46. 

  46. 	}
    47. 

  47. 

  48. 	user, err := l.svcCtx.SysUserModel.FindOne(l.ctx, userId)
    49. 

  49. 	if err != nil {
    50. 

  50. 		return response.ErrNotFound("用户不存在")
    51. 

  51. 	}
    52. 

  52. 

  53. 	if user.Status != consts.StatusEnabled {
    54. 

  54. 		return response.ErrForbidden("账号已被冻结")
    55. 

  55. 	}
    56. 

  56. 

  57. 	if err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(req.OldPassword)); err != nil {
    58. 

  58. 		logx.WithContext(l.ctx).Infof("change-password old-password mismatch userId=%d", userId)
    59. 

  59. 		return response.ErrBadRequest("原密码错误")
    60. 

  60. 	}
    61. 

  61. 

  62. 	if req.OldPassword == req.NewPassword {
    63. 

  63. 		return response.ErrBadRequest("新密码不能与原密码相同")
    64. 

  64. 	}
    65. 

  65. 

  66. 	hashed, err := bcrypt.GenerateFromPassword([]byte(req.NewPassword), bcrypt.DefaultCost)
    67. 

  67. 	if err != nil {
    68. 

  68. 		return err
    69. 

  69. 	}
    70. 

  70. 

  71. 	if err := l.svcCtx.SysUserModel.UpdatePassword(l.ctx, userId, string(hashed), consts.MustChangePasswordNo); err != nil {
    72. 

  72. 		return err
    73. 

  73. 	}
    74. 

  74. 

  75. 	l.svcCtx.UserDetailsLoader.Clean(l.ctx, userId)
    76. 

  76. 	return nil
    77. 

  77. }
    78.