This is an automated email from the ASF dual-hosted git repository.
wuzhiguo pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/bigtop-manager.git
The following commit(s) were added to refs/heads/main by this push:
new c7f44bdc BIGTOP-4478: Add API for change password (#250)
c7f44bdc is described below
commit c7f44bdc611e17ca47a0de605a299c9ddf5ee839
Author: ChunFuWu <[email protected]>
AuthorDate: Wed Jul 30 00:19:54 2025 +0800
BIGTOP-4478: Add API for change password (#250)
---
.../manager/server/controller/UserController.java | 20 ++++++++++++++++
.../manager/server/enums/ApiExceptionEnum.java | 4 ++++
.../bigtop/manager/server/enums/LocaleKeys.java | 4 ++++
.../server/model/converter/UserConverter.java | 4 ++++
.../dto/ChangePasswordDTO.java} | 24 +++++++------------
.../req/ChangePasswordReq.java} | 24 +++++++------------
.../bigtop/manager/server/service/UserService.java | 8 +++++++
.../server/service/impl/UserServiceImpl.java | 27 ++++++++++++++++++++++
.../main/resources/i18n/messages_en_US.properties | 4 ++++
.../main/resources/i18n/messages_zh_CN.properties | 4 ++++
10 files changed, 91 insertions(+), 32 deletions(-)
diff --git
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/controller/UserController.java
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/controller/UserController.java
index 23e70753..2ba6b4d8 100644
---
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/controller/UserController.java
+++
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/controller/UserController.java
@@ -19,13 +19,18 @@
package org.apache.bigtop.manager.server.controller;
import org.apache.bigtop.manager.server.annotations.Audit;
+import org.apache.bigtop.manager.server.enums.ApiExceptionEnum;
+import org.apache.bigtop.manager.server.exception.ApiException;
import org.apache.bigtop.manager.server.model.converter.UserConverter;
+import org.apache.bigtop.manager.server.model.dto.ChangePasswordDTO;
import org.apache.bigtop.manager.server.model.dto.UserDTO;
+import org.apache.bigtop.manager.server.model.req.ChangePasswordReq;
import org.apache.bigtop.manager.server.model.req.UserReq;
import org.apache.bigtop.manager.server.model.vo.UserVO;
import org.apache.bigtop.manager.server.service.UserService;
import org.apache.bigtop.manager.server.utils.ResponseEntity;
+import org.springframework.util.StringUtils;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PutMapping;
@@ -59,4 +64,19 @@ public class UserController {
UserDTO userDTO = UserConverter.INSTANCE.fromReq2DTO(userReq);
return ResponseEntity.success(userService.update(userDTO));
}
+
+ @Audit
+ @Operation(summary = "changePassword", description = "Change password")
+ @PutMapping("/change-password")
+ public ResponseEntity<UserVO> changePassword(@RequestBody @Validated
ChangePasswordReq changePasswordReq) {
+ if (!StringUtils.hasText(changePasswordReq.getPassword())
+ || !StringUtils.hasText(changePasswordReq.getNewPassword())
+ ||
!StringUtils.hasText(changePasswordReq.getConfirmPassword())) {
+ throw new ApiException(ApiExceptionEnum.PASSWORD_NOT_EMPTY);
+ }
+
+ ChangePasswordDTO changePasswordDTO =
UserConverter.INSTANCE.fromReq2DTO(changePasswordReq);
+ UserVO result = userService.changePassword(changePasswordDTO);
+ return ResponseEntity.success(result);
+ }
}
diff --git
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/enums/ApiExceptionEnum.java
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/enums/ApiExceptionEnum.java
index a4641c8c..b379d15b 100644
---
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/enums/ApiExceptionEnum.java
+++
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/enums/ApiExceptionEnum.java
@@ -29,6 +29,10 @@ public enum ApiExceptionEnum {
USERNAME_OR_PASSWORD_REQUIRED(10001, LocaleKeys.LOGIN_ACCOUNT_REQUIRED),
INCORRECT_USERNAME_OR_PASSWORD(10002, LocaleKeys.LOGIN_ACCOUNT_INCORRECT),
USER_IS_DISABLED(10003, LocaleKeys.LOGIN_ACCOUNT_DISABLED),
+ PASSWORD_NOT_EMPTY(10004, LocaleKeys.PASSWORD_NOT_EMPTY),
+ ORIGINAL_PASSWORD_SAME_AS_NEW_PASSWORD(10005,
LocaleKeys.ORIGINAL_PASSWORD_SAME_AS_NEW_PASSWORD),
+ TWO_PASSWORDS_NOT_MATCH(10006, LocaleKeys.TWO_PASSWORDS_NOT_MATCH),
+ ORIGINAL_PASSWORD_INCORRECT(10007, LocaleKeys.ORIGINAL_PASSWORD_INCORRECT),
// Cluster Exceptions -- 11000 ~ 11999
CLUSTER_NOT_FOUND(11000, LocaleKeys.CLUSTER_NOT_FOUND),
diff --git
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/enums/LocaleKeys.java
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/enums/LocaleKeys.java
index fbf5e5c1..5279b55f 100644
---
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/enums/LocaleKeys.java
+++
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/enums/LocaleKeys.java
@@ -33,6 +33,10 @@ public enum LocaleKeys {
LOGIN_ACCOUNT_REQUIRED("login.account.required"),
LOGIN_ACCOUNT_INCORRECT("login.account.incorrect"),
LOGIN_ACCOUNT_DISABLED("login.account.disabled"),
+ PASSWORD_NOT_EMPTY("password.not.empty"),
+
ORIGINAL_PASSWORD_SAME_AS_NEW_PASSWORD("original.password.same.as.new.password"),
+ TWO_PASSWORDS_NOT_MATCH("two.passwords.not.match"),
+ ORIGINAL_PASSWORD_INCORRECT("original.password.incorrect"),
CLUSTER_NOT_FOUND("cluster.not.found"),
CLUSTER_EXISTS("cluster.exists"),
diff --git
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/model/converter/UserConverter.java
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/model/converter/UserConverter.java
index a7cf141d..14dee9a6 100644
---
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/model/converter/UserConverter.java
+++
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/model/converter/UserConverter.java
@@ -20,7 +20,9 @@ package org.apache.bigtop.manager.server.model.converter;
import org.apache.bigtop.manager.dao.po.UserPO;
import org.apache.bigtop.manager.server.config.MapStructSharedConfig;
+import org.apache.bigtop.manager.server.model.dto.ChangePasswordDTO;
import org.apache.bigtop.manager.server.model.dto.UserDTO;
+import org.apache.bigtop.manager.server.model.req.ChangePasswordReq;
import org.apache.bigtop.manager.server.model.req.UserReq;
import org.apache.bigtop.manager.server.model.vo.UserVO;
@@ -38,4 +40,6 @@ public interface UserConverter {
UserVO fromPO2VO(UserPO userPO);
UserDTO fromReq2DTO(UserReq userReq);
+
+ ChangePasswordDTO fromReq2DTO(ChangePasswordReq changePasswordReq);
}
diff --git
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/service/UserService.java
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/model/dto/ChangePasswordDTO.java
similarity index 67%
copy from
bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/service/UserService.java
copy to
bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/model/dto/ChangePasswordDTO.java
index 97f7fed9..30bfdcb9 100644
---
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/service/UserService.java
+++
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/model/dto/ChangePasswordDTO.java
@@ -16,24 +16,16 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.apache.bigtop.manager.server.service;
+package org.apache.bigtop.manager.server.model.dto;
-import org.apache.bigtop.manager.server.model.dto.UserDTO;
-import org.apache.bigtop.manager.server.model.vo.UserVO;
+import lombok.Data;
-public interface UserService {
+@Data
+public class ChangePasswordDTO {
- /**
- * Get current login user
- *
- * @return User
- */
- UserVO current();
+ private String password;
- /**
- * Update a user
- *
- * @return user
- */
- UserVO update(UserDTO userDTO);
+ private String newPassword;
+
+ private String confirmPassword;
}
diff --git
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/service/UserService.java
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/model/req/ChangePasswordReq.java
similarity index 67%
copy from
bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/service/UserService.java
copy to
bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/model/req/ChangePasswordReq.java
index 97f7fed9..8c178132 100644
---
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/service/UserService.java
+++
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/model/req/ChangePasswordReq.java
@@ -16,24 +16,16 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.apache.bigtop.manager.server.service;
+package org.apache.bigtop.manager.server.model.req;
-import org.apache.bigtop.manager.server.model.dto.UserDTO;
-import org.apache.bigtop.manager.server.model.vo.UserVO;
+import lombok.Data;
-public interface UserService {
+@Data
+public class ChangePasswordReq {
- /**
- * Get current login user
- *
- * @return User
- */
- UserVO current();
+ private String password;
- /**
- * Update a user
- *
- * @return user
- */
- UserVO update(UserDTO userDTO);
+ private String newPassword;
+
+ private String confirmPassword;
}
diff --git
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/service/UserService.java
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/service/UserService.java
index 97f7fed9..421f6bd8 100644
---
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/service/UserService.java
+++
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/service/UserService.java
@@ -18,6 +18,7 @@
*/
package org.apache.bigtop.manager.server.service;
+import org.apache.bigtop.manager.server.model.dto.ChangePasswordDTO;
import org.apache.bigtop.manager.server.model.dto.UserDTO;
import org.apache.bigtop.manager.server.model.vo.UserVO;
@@ -36,4 +37,11 @@ public interface UserService {
* @return user
*/
UserVO update(UserDTO userDTO);
+
+ /**
+ * Change password
+ *
+ * @param changePasswordDTO changePasswordDTO
+ */
+ UserVO changePassword(ChangePasswordDTO changePasswordDTO);
}
diff --git
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/service/impl/UserServiceImpl.java
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/service/impl/UserServiceImpl.java
index 61568d19..9631fd40 100644
---
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/service/impl/UserServiceImpl.java
+++
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/service/impl/UserServiceImpl.java
@@ -24,9 +24,12 @@ import
org.apache.bigtop.manager.server.enums.ApiExceptionEnum;
import org.apache.bigtop.manager.server.exception.ApiException;
import org.apache.bigtop.manager.server.holder.SessionUserHolder;
import org.apache.bigtop.manager.server.model.converter.UserConverter;
+import org.apache.bigtop.manager.server.model.dto.ChangePasswordDTO;
import org.apache.bigtop.manager.server.model.dto.UserDTO;
import org.apache.bigtop.manager.server.model.vo.UserVO;
import org.apache.bigtop.manager.server.service.UserService;
+import org.apache.bigtop.manager.server.utils.PasswordUtils;
+import org.apache.bigtop.manager.server.utils.Pbkdf2Utils;
import org.springframework.stereotype.Service;
@@ -53,4 +56,28 @@ public class UserServiceImpl implements UserService {
userDao.partialUpdateById(userPO);
return UserConverter.INSTANCE.fromPO2VO(userPO);
}
+
+ @Override
+ public UserVO changePassword(ChangePasswordDTO changePasswordDTO) {
+ if
(changePasswordDTO.getPassword().equals(changePasswordDTO.getNewPassword())) {
+ throw new
ApiException(ApiExceptionEnum.ORIGINAL_PASSWORD_SAME_AS_NEW_PASSWORD);
+ }
+
+ if
(!changePasswordDTO.getNewPassword().equals(changePasswordDTO.getConfirmPassword()))
{
+ throw new ApiException(ApiExceptionEnum.TWO_PASSWORDS_NOT_MATCH);
+ }
+
+ Long id = SessionUserHolder.getUserId();
+ UserPO userPO = userDao.findOptionalById(id).orElseThrow(() -> new
ApiException(ApiExceptionEnum.NEED_LOGIN));
+
+ String password = Pbkdf2Utils.getPbkdf2Password(userPO.getUsername(),
changePasswordDTO.getPassword());
+ if (!PasswordUtils.checkBcryptPassword(password,
userPO.getPassword())) {
+ throw new
ApiException(ApiExceptionEnum.ORIGINAL_PASSWORD_INCORRECT);
+ }
+
+ String newPassword =
Pbkdf2Utils.getBcryptPassword(userPO.getUsername(),
changePasswordDTO.getNewPassword());
+ userPO.setPassword(newPassword);
+ userDao.partialUpdateById(userPO);
+ return UserConverter.INSTANCE.fromPO2VO(userPO);
+ }
}
diff --git
a/bigtop-manager-server/src/main/resources/i18n/messages_en_US.properties
b/bigtop-manager-server/src/main/resources/i18n/messages_en_US.properties
index e4701245..7b565abb 100644
--- a/bigtop-manager-server/src/main/resources/i18n/messages_en_US.properties
+++ b/bigtop-manager-server/src/main/resources/i18n/messages_en_US.properties
@@ -27,6 +27,10 @@ login.required=Please log in first
login.account.required=Username or password should not be empty
login.account.incorrect=Incorrect username or password
login.account.disabled=User is disabled
+password.not.empty=The password cannot be empty
+original.password.same.as.new.password=Original password is same as new
password
+two.passwords.not.match=Two passwords not match
+original.password.incorrect=Original password is incorrect
cluster.not.found=Cluster not exist
cluster.exists=Cluster already exists
diff --git
a/bigtop-manager-server/src/main/resources/i18n/messages_zh_CN.properties
b/bigtop-manager-server/src/main/resources/i18n/messages_zh_CN.properties
index 4bad9570..73e31063 100644
--- a/bigtop-manager-server/src/main/resources/i18n/messages_zh_CN.properties
+++ b/bigtop-manager-server/src/main/resources/i18n/messages_zh_CN.properties
@@ -27,6 +27,10 @@ login.required=请先登录
login.account.required=用户名或密码不能为空
login.account.incorrect=用户名或密码错误
login.account.disabled=用户已被禁用
+password.not.empty=密码不能为空
+original.password.same.as.new.password=原始密码不能与新密码相同
+two.passwords.not.match=两次密码输入不一致
+original.password.incorrect=原始密码错误
cluster.not.found=集群不存在
cluster.exists=集群已存在
