©2020-2024 ioDraw All rights reserved
dao层
/** * 查找用户登录问题 * @param username * @return */ String
selectQuestionByUsername(String username); /** * 校验问题答案是否正确 * @param username *
@param question * @param answer * @return */ int checkAnswer(@Param("username")
String username,@Param("question") String question,@Param("answer") String
answer); /** * 忘记密码中的重置密码 * @param username * @param passwordNew * @return */
int updatePasswordByUsername(@Param("username") String
username,@Param("passwordNew") String passwordNew); /** * 查找密码检测是否旧密码 * @param
password * @return */ int checkPassword(@Param("password")String
password,@Param("userId") Integer userId);
mybatis
<select id="selectQuestionByUsername" resultType="string"
parameterType="string"> select question from mmall_user where
username=#{username} </select> <!-- 多个参数要用map --> <select id="checkAnswer"
resultType="int" parameterType="map"> SELECT count(1) where
username=#{username} and question=#{question} and answer=#{answer} </select>
<update id="updatePasswordByUsername" parameterType="map"> update mmall_user
set password=#{passwordNew},update_time=now() where username=#{username}
</update> <select id="checkPassword" resultType="int" parameterType="map">
select count(1) from mmall_user where password=#{password} and id=#{userId}
</select>
业务层接口
/** * 查找问题 * @param username * @return */ ServerResponse selectQuestion(String
username); /** * 校验用户问题密码是否正确 * @param username * @param question * @param
answer * @return */ ServerResponse<String> checkAnswer(String username,String
question,String answer); /** * 忘记密码中重置密码 * @param username * @param passwordNew
* @param forgetToken * @return */ ServerResponse<String>
forgetRestPassword(String username,String passwordNew,String forgetToken); /**
* 旧密码中重置密码 * @param passwordOld * @param passwordNew * @param user * @return */
ServerResponse<String> resetPassword(String passwordOld,String passwordNew,User
user);
业务实现接口
public ServerResponse selectQuestion(String username){ ServerResponse
validResponse=this.checkValid(username,Const.USERNAME);
if(validResponse.isSuccess()){ //用户不存在 return
ServerResponse.createByErrorMessage("用户不存在"); } String
question=userMapper.selectQuestionByUsername(username);
if(StringUtils.isNotBlank(question)){ return
ServerResponse.createBySuccess(question); } return
ServerResponse.createByErrorMessage("找回密码的问题是空的"); } // public static void
main(String[] args) { // System.out.println(UUID.randomUUID().toString()); // }
public ServerResponse<String> checkAnswer(String username,String
question,String answer){ int
resultCount=userMapper.checkAnswer(username,question,answer); if(resultCount >0
){ //说明问题及问题答案是这个用户的,并且是正确的 String forgetToken= UUID.randomUUID().toString();
TokenCache.setKey(TokenCache.TOKEN_PREFIX+username,forgetToken); return
ServerResponse.createBySuccess(forgetToken); } return
ServerResponse.createByErrorMessage("问题的答案错误"); } public ServerResponse<String>
forgetRestPassword(String username,String passwordNew,String forgetToken){
if(StringUtils.isBlank(forgetToken)){ return
ServerResponse.createByErrorMessage("参数错误,token需要传递"); } ServerResponse
validResponse=this.checkValid(username,Const.USERNAME);
if(validResponse.isSuccess()){ //用户不存在 return
ServerResponse.createByErrorMessage("用户不存在"); } String
token=TokenCache.getKey(TokenCache.TOKEN_PREFIX+username);
if(StringUtils.isBlank(token)){ return
ServerResponse.createByErrorMessage("token无效或者过期"); }
if(StringUtils.equals(forgetToken,token)){ String
md5Password=MD5Util.MD5EncodeUtf8(passwordNew); int
rowCount=userMapper.updatePasswordByUsername(username,md5Password);
if(rowCount>0){ return ServerResponse.createBySuccessMessage("修改密码成功"); } }else
{ return ServerResponse.createByErrorMessage("token错误,请重新获取重置密码的token"); }
return ServerResponse.createByErrorMessage("修改密码失败"); } public
ServerResponse<String> resetPassword(String passwordOld,String passwordNew,User
user){
//防止横向越权,要检验一下这个用户的旧密码,一定要指定是这个用户,因为我们会查询一个count(1),如果不指定id,那么结果就是true啦count>0;
int
resultCount=userMapper.checkPassword(MD5Util.MD5EncodeUtf8(passwordOld),user.getId());
if(resultCount ==0){ return ServerResponse.createByErrorMessage("旧密码错误"); }
user.setPassword(MD5Util.MD5EncodeUtf8(passwordNew)); int
updateCount=userMapper.updateByPrimaryKeySelective(user); if(updateCount>0){
return ServerResponse.createBySuccessMessage("密码更新成功"); } return
ServerResponse.createByErrorMessage("密码更新失败"); }
controller层
/** * 获取用户信息 * @param session * @return */ @RequestMapping(value =
"get_user_info.do",method = RequestMethod.GET) @ResponseBody public
ServerResponse<User> getUserInfo(HttpSession session){ User user=(User)
session.getAttribute(Const.CURRENT_USER); if(user!=null){ return
ServerResponse.createBySuccess(user); } return
ServerResponse.createByErrorMessage("用户未登录"); } /** * 问题密码获取 * @param username
* @return */ @RequestMapping(value = "forget_get_question.do",method =
RequestMethod.GET) @ResponseBody public ServerResponse<String>
forgetGetQuestion(String username){ return
iUserService.selectQuestion(username); } /** * 校验问题答案 * @param username *
@param question * @param answer * @return */ @RequestMapping(value =
"forget_check_answer.do",method = RequestMethod.GET) @ResponseBody public
ServerResponse<String> forgetCheckAnswer(String username,String question,String
answer){ return iUserService.checkAnswer(username,question,answer); } /** *
忘记密码中的重置密码 * @param username * @param passwordNew * @param forgetToken *
@return */ @RequestMapping(value = "forget_reset_password.do",method =
RequestMethod.GET) @ResponseBody public ServerResponse<String>
forgetRestPassword(String username,String passwordNew,String forgetToken){
return iUserService.forgetRestPassword(username,passwordNew,forgetToken); } /**
* 旧密码重置密码 * @param session * @param passwordOld * @param passwordNew * @return
*/ @RequestMapping(value = "reset_password.do",method = RequestMethod.GET)
@ResponseBody public ServerResponse<String> resetPassword(HttpSession
session,String passwordOld,String passwordNew){ User
user=(User)session.getAttribute(Const.CURRENT_USER); if(user == null){ return
ServerResponse.createByErrorMessage("用户未登录"); } return
iUserService.resetPassword(passwordOld,passwordNew,user); }