diff --git a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/service/impl/UserServiceImpl.java b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/service/impl/UserServiceImpl.java index 5613c16e..9567664f 100644 --- a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/service/impl/UserServiceImpl.java +++ b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/service/impl/UserServiceImpl.java @@ -51,6 +51,8 @@ public class UserServiceImpl implements UserService { private static final int MINI_PASSWORD_LENGTH = 6; + private static final int MAX_PASSWORD_LENGTH = 72; + private final UserMapper userMapper; private final BCryptPasswordEncoder bCryptPasswordEncoder; @@ -74,6 +76,7 @@ public class UserServiceImpl implements UserService { if (existUserInfo != null) { throw new RuntimeException("用户名重复"); } + this.checkPasswordLength(requestParam.getPassword()); requestParam.setPassword(bCryptPasswordEncoder.encode(requestParam.getPassword())); UserInfo insertUser = BeanUtil.convert(requestParam, UserInfo.class); userMapper.insert(insertUser); @@ -84,9 +87,7 @@ public class UserServiceImpl implements UserService { @Transactional(rollbackFor = Exception.class) public void updateUser(UserReqDTO requestParam) { if (StringUtil.isNotBlank(requestParam.getPassword())) { - if (requestParam.getPassword().length() < MINI_PASSWORD_LENGTH) { - throw new RuntimeException("密码最少为6个字符"); - } + this.checkPasswordLength(requestParam.getPassword()); requestParam.setPassword(bCryptPasswordEncoder.encode(requestParam.getPassword())); } UserInfo updateUser = BeanUtil.convert(requestParam, UserInfo.class); @@ -129,4 +130,17 @@ public class UserServiceImpl implements UserService { result.setTempResources(permissionRespList.stream().map(PermissionRespDTO::getResource).collect(Collectors.toList())); return result; } + + protected void checkPasswordLength(String password) { + if (StringUtil.isBlank(password)) { + throw new RuntimeException("密码不可为空"); + } + if (password.length() < MINI_PASSWORD_LENGTH) { + throw new RuntimeException("密码最少为6个字符"); + } + if (password.length() > MAX_PASSWORD_LENGTH) { + throw new RuntimeException("密码最多为72个字符"); + } + } + } diff --git a/hippo4j-server/hippo4j-auth/src/test/java/cn/hippo4j/auth/service/impl/UserServiceImplTest.java b/hippo4j-server/hippo4j-auth/src/test/java/cn/hippo4j/auth/service/impl/UserServiceImplTest.java new file mode 100644 index 00000000..2af4a45c --- /dev/null +++ b/hippo4j-server/hippo4j-auth/src/test/java/cn/hippo4j/auth/service/impl/UserServiceImplTest.java @@ -0,0 +1,20 @@ +package cn.hippo4j.auth.service.impl; + +import org.junit.Assert; +import org.junit.jupiter.api.Test; + +class UserServiceImplTest { + + @Test + void checkPasswordLength() { + //密码为null、空串、过短、过长都会抛出异常 + UserServiceImpl userService = new UserServiceImpl(null, null, null); + Assert.assertThrows(RuntimeException.class, () -> userService.checkPasswordLength(null)); + Assert.assertThrows(RuntimeException.class, () -> userService.checkPasswordLength("")); + String shortPassword = "12345"; + Assert.assertThrows(RuntimeException.class, () -> userService.checkPasswordLength(shortPassword)); + String LongPassword = "fjhdjfghdsgahfgajdhsgafghdsbvhbervjdsvhdsbhfbhsdbhfbhsdbavbsbdhjfbhjsdbhfbsdbf"; + Assert.assertThrows(RuntimeException.class, () -> userService.checkPasswordLength(LongPassword)); + } + +} \ No newline at end of file diff --git a/hippo4j-ui/src/views/login/index.vue b/hippo4j-ui/src/views/login/index.vue index 7710cf18..01ac98d2 100755 --- a/hippo4j-ui/src/views/login/index.vue +++ b/hippo4j-ui/src/views/login/index.vue @@ -88,7 +88,9 @@ export default { const validatePassword = (rule, value, callback) => { if (value.length < 6) { callback(new Error('The password can not be less than 6 digits')); - } else { + } else if (value.length > 72) { + callback(new Error('The password can not be greater than 72 digits')); + }else { callback(); } };