Merge pull request #5504 from dataease/pr@dev@fixdatasource

fix: 修改密码时明文传输
2023-06-21 17:51:37 +08:00 · 2023-06-21 17:51:37 +08:00 · a380061a83
commit a380061a83
parent 193f9f6c44 7d2840703c
5 changed files with 11 additions and 11 deletions
--- a/backend/src/main/java/io/dataease/commons/license/DefaultLicenseService.java
+++ b/backend/src/main/java/io/dataease/commons/license/DefaultLicenseService.java
@ -57,18 +57,17 @@ public class DefaultLicenseService {
        }
    }

-    private static int runtimeExecCommand(StringBuilder result, List<String> command) throws Exception {
+    private static void runtimeExecCommand(StringBuilder result, List<String> command) throws Exception {
        Process proc = Runtime.getRuntime().exec(command.stream().collect(Collectors.joining(" ")));
        BufferedReader reader = new BufferedReader(new InputStreamReader(proc.getInputStream(), "utf-8"));
        String line = null;
        while ((line = reader.readLine()) != null) {
            result.append(line).append("\n");
        }
-        return proc.waitFor();
    }


-    private static int execCommand(StringBuilder result, List<String> command) throws Exception {
+    private static void execCommand(StringBuilder result, List<String> command) throws Exception {
        ProcessBuilder builder = new ProcessBuilder();
        builder.command(command);
        Process process = builder.start();
@ -77,9 +76,7 @@ public class DefaultLicenseService {
        while ((line = bufferedReader.readLine()) != null) {
            result.append(line).append("\n");
        }
-        int exitCode = process.waitFor();
        command.clear();
-        return exitCode;
    }

    public F2CLicenseResponse validateLicense() {
--- a/backend/src/main/java/io/dataease/controller/sys/SysUserController.java
+++ b/backend/src/main/java/io/dataease/controller/sys/SysUserController.java
@ -154,7 +154,6 @@ public class SysUserController {
    @ApiOperation("更新当前用户密码")
    @PostMapping("/updatePwd")
    public void updatePwd(@RequestBody SysUserPwdRequest request) {
-
        sysUserService.updatePwd(request);
    }

--- a/backend/src/main/java/io/dataease/service/sys/SysUserService.java
+++ b/backend/src/main/java/io/dataease/service/sys/SysUserService.java
@ -383,6 +383,8 @@ public class SysUserService {
     */
    @CacheEvict(value = AuthConstants.USER_CACHE_NAME, key = "'user' + #request.userId")
    public int updatePwd(SysUserPwdRequest request) {
+        request.setPassword(new String(java.util.Base64.getDecoder().decode(request.getPassword())));
+        request.setNewPassword(new String(java.util.Base64.getDecoder().decode(request.getNewPassword())));
        CurrentUserDto user = AuthUtils.getUser();

        if (ObjectUtils.isEmpty(user)) {
@ -407,7 +409,7 @@ public class SysUserService {
    public int adminUpdatePwd(SysUserPwdRequest request) {
        SysUser sysUser = new SysUser();
        sysUser.setUserId(request.getUserId());
-        sysUser.setPassword(CodingUtil.md5(request.getNewPassword()));
+        sysUser.setPassword(CodingUtil.md5(new String(java.util.Base64.getDecoder().decode(request.getNewPassword()))));
        return sysUserMapper.updateByPrimaryKeySelective(sysUser);
    }

--- a/frontend/src/views/system/user/PasswordUpdateForm.vue
+++ b/frontend/src/views/system/user/PasswordUpdateForm.vue
@ -27,6 +27,7 @@
 <script>
 import { updatePersonPwd } from '@/api/system/user'
 import dePwd from '@/components/deCustomCm/DePwd.vue'
+import { Base64 } from 'js-base64'
 export default {
  name: 'PasswordUpdateForm',
  components: { dePwd },
@ -89,8 +90,8 @@ export default {
      this.$refs.createUserForm.validate((valid) => {
        if (valid) {
          const param = {
-            password: this.form.oldPwd,
-            newPassword: this.form.newPwd
+            password: Base64.encode(this.form.oldPwd),
+            newPassword: Base64.encode(this.form.newPwd)
          }
          updatePersonPwd(param).then((res) => {
            this.$success(this.$t('commons.save_success'))
@ -108,4 +109,4 @@ export default {
    }
  }
 }
-</script>
+</script>
--- a/frontend/src/views/system/user/index.vue
+++ b/frontend/src/views/system/user/index.vue
@ -334,6 +334,7 @@ import DeLayoutContent from '@/components/business/DeLayoutContent'
 import { addOrder, formatOrders } from '@/utils/index'
 import { pluginLoaded, defaultPwd } from '@/api/user'
 import bus from '@/utils/bus'
+import { Base64 } from 'js-base64'
 /* import { ldapStatus, pluginLoaded } from '@/api/user' */
 import {
  userLists,
@ -510,7 +511,7 @@ export default {
        checkedCount > 0 && checkedCount < this.columnNames.length
    },
    resetPwd(userId) {
-      editPassword({ userId, newPassword: this.defaultPWD })
+      editPassword({ userId, newPassword: Base64.encode(this.defaultPWD) })
        .then((res) => {
          this.$success(this.$t('commons.modify_success'))
          this.initSearch()