This is an automated email from the ASF dual-hosted git repository.

wuzhiguo pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/bigtop-manager.git


The following commit(s) were added to refs/heads/main by this push:
     new c7f44bdc BIGTOP-4478: Add API for change password (#250)
c7f44bdc is described below

commit c7f44bdc611e17ca47a0de605a299c9ddf5ee839
Author: ChunFuWu <[email protected]>
AuthorDate: Wed Jul 30 00:19:54 2025 +0800

    BIGTOP-4478: Add API for change password (#250)
---
 .../manager/server/controller/UserController.java  | 20 ++++++++++++++++
 .../manager/server/enums/ApiExceptionEnum.java     |  4 ++++
 .../bigtop/manager/server/enums/LocaleKeys.java    |  4 ++++
 .../server/model/converter/UserConverter.java      |  4 ++++
 .../dto/ChangePasswordDTO.java}                    | 24 +++++++------------
 .../req/ChangePasswordReq.java}                    | 24 +++++++------------
 .../bigtop/manager/server/service/UserService.java |  8 +++++++
 .../server/service/impl/UserServiceImpl.java       | 27 ++++++++++++++++++++++
 .../main/resources/i18n/messages_en_US.properties  |  4 ++++
 .../main/resources/i18n/messages_zh_CN.properties  |  4 ++++
 10 files changed, 91 insertions(+), 32 deletions(-)

diff --git 
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/controller/UserController.java
 
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/controller/UserController.java
index 23e70753..2ba6b4d8 100644
--- 
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/controller/UserController.java
+++ 
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/controller/UserController.java
@@ -19,13 +19,18 @@
 package org.apache.bigtop.manager.server.controller;
 
 import org.apache.bigtop.manager.server.annotations.Audit;
+import org.apache.bigtop.manager.server.enums.ApiExceptionEnum;
+import org.apache.bigtop.manager.server.exception.ApiException;
 import org.apache.bigtop.manager.server.model.converter.UserConverter;
+import org.apache.bigtop.manager.server.model.dto.ChangePasswordDTO;
 import org.apache.bigtop.manager.server.model.dto.UserDTO;
+import org.apache.bigtop.manager.server.model.req.ChangePasswordReq;
 import org.apache.bigtop.manager.server.model.req.UserReq;
 import org.apache.bigtop.manager.server.model.vo.UserVO;
 import org.apache.bigtop.manager.server.service.UserService;
 import org.apache.bigtop.manager.server.utils.ResponseEntity;
 
+import org.springframework.util.StringUtils;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PutMapping;
@@ -59,4 +64,19 @@ public class UserController {
         UserDTO userDTO = UserConverter.INSTANCE.fromReq2DTO(userReq);
         return ResponseEntity.success(userService.update(userDTO));
     }
+
+    @Audit
+    @Operation(summary = "changePassword", description = "Change password")
+    @PutMapping("/change-password")
+    public ResponseEntity<UserVO> changePassword(@RequestBody @Validated 
ChangePasswordReq changePasswordReq) {
+        if (!StringUtils.hasText(changePasswordReq.getPassword())
+                || !StringUtils.hasText(changePasswordReq.getNewPassword())
+                || 
!StringUtils.hasText(changePasswordReq.getConfirmPassword())) {
+            throw new ApiException(ApiExceptionEnum.PASSWORD_NOT_EMPTY);
+        }
+
+        ChangePasswordDTO changePasswordDTO = 
UserConverter.INSTANCE.fromReq2DTO(changePasswordReq);
+        UserVO result = userService.changePassword(changePasswordDTO);
+        return ResponseEntity.success(result);
+    }
 }
diff --git 
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/enums/ApiExceptionEnum.java
 
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/enums/ApiExceptionEnum.java
index a4641c8c..b379d15b 100644
--- 
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/enums/ApiExceptionEnum.java
+++ 
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/enums/ApiExceptionEnum.java
@@ -29,6 +29,10 @@ public enum ApiExceptionEnum {
     USERNAME_OR_PASSWORD_REQUIRED(10001, LocaleKeys.LOGIN_ACCOUNT_REQUIRED),
     INCORRECT_USERNAME_OR_PASSWORD(10002, LocaleKeys.LOGIN_ACCOUNT_INCORRECT),
     USER_IS_DISABLED(10003, LocaleKeys.LOGIN_ACCOUNT_DISABLED),
+    PASSWORD_NOT_EMPTY(10004, LocaleKeys.PASSWORD_NOT_EMPTY),
+    ORIGINAL_PASSWORD_SAME_AS_NEW_PASSWORD(10005, 
LocaleKeys.ORIGINAL_PASSWORD_SAME_AS_NEW_PASSWORD),
+    TWO_PASSWORDS_NOT_MATCH(10006, LocaleKeys.TWO_PASSWORDS_NOT_MATCH),
+    ORIGINAL_PASSWORD_INCORRECT(10007, LocaleKeys.ORIGINAL_PASSWORD_INCORRECT),
 
     // Cluster Exceptions -- 11000 ~ 11999
     CLUSTER_NOT_FOUND(11000, LocaleKeys.CLUSTER_NOT_FOUND),
diff --git 
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/enums/LocaleKeys.java
 
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/enums/LocaleKeys.java
index fbf5e5c1..5279b55f 100644
--- 
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/enums/LocaleKeys.java
+++ 
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/enums/LocaleKeys.java
@@ -33,6 +33,10 @@ public enum LocaleKeys {
     LOGIN_ACCOUNT_REQUIRED("login.account.required"),
     LOGIN_ACCOUNT_INCORRECT("login.account.incorrect"),
     LOGIN_ACCOUNT_DISABLED("login.account.disabled"),
+    PASSWORD_NOT_EMPTY("password.not.empty"),
+    
ORIGINAL_PASSWORD_SAME_AS_NEW_PASSWORD("original.password.same.as.new.password"),
+    TWO_PASSWORDS_NOT_MATCH("two.passwords.not.match"),
+    ORIGINAL_PASSWORD_INCORRECT("original.password.incorrect"),
 
     CLUSTER_NOT_FOUND("cluster.not.found"),
     CLUSTER_EXISTS("cluster.exists"),
diff --git 
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/model/converter/UserConverter.java
 
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/model/converter/UserConverter.java
index a7cf141d..14dee9a6 100644
--- 
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/model/converter/UserConverter.java
+++ 
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/model/converter/UserConverter.java
@@ -20,7 +20,9 @@ package org.apache.bigtop.manager.server.model.converter;
 
 import org.apache.bigtop.manager.dao.po.UserPO;
 import org.apache.bigtop.manager.server.config.MapStructSharedConfig;
+import org.apache.bigtop.manager.server.model.dto.ChangePasswordDTO;
 import org.apache.bigtop.manager.server.model.dto.UserDTO;
+import org.apache.bigtop.manager.server.model.req.ChangePasswordReq;
 import org.apache.bigtop.manager.server.model.req.UserReq;
 import org.apache.bigtop.manager.server.model.vo.UserVO;
 
@@ -38,4 +40,6 @@ public interface UserConverter {
     UserVO fromPO2VO(UserPO userPO);
 
     UserDTO fromReq2DTO(UserReq userReq);
+
+    ChangePasswordDTO fromReq2DTO(ChangePasswordReq changePasswordReq);
 }
diff --git 
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/service/UserService.java
 
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/model/dto/ChangePasswordDTO.java
similarity index 67%
copy from 
bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/service/UserService.java
copy to 
bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/model/dto/ChangePasswordDTO.java
index 97f7fed9..30bfdcb9 100644
--- 
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/service/UserService.java
+++ 
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/model/dto/ChangePasswordDTO.java
@@ -16,24 +16,16 @@
  * specific language governing permissions and limitations
  * under the License.
  */
-package org.apache.bigtop.manager.server.service;
+package org.apache.bigtop.manager.server.model.dto;
 
-import org.apache.bigtop.manager.server.model.dto.UserDTO;
-import org.apache.bigtop.manager.server.model.vo.UserVO;
+import lombok.Data;
 
-public interface UserService {
+@Data
+public class ChangePasswordDTO {
 
-    /**
-     * Get current login user
-     *
-     * @return User
-     */
-    UserVO current();
+    private String password;
 
-    /**
-     * Update a user
-     *
-     * @return user
-     */
-    UserVO update(UserDTO userDTO);
+    private String newPassword;
+
+    private String confirmPassword;
 }
diff --git 
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/service/UserService.java
 
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/model/req/ChangePasswordReq.java
similarity index 67%
copy from 
bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/service/UserService.java
copy to 
bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/model/req/ChangePasswordReq.java
index 97f7fed9..8c178132 100644
--- 
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/service/UserService.java
+++ 
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/model/req/ChangePasswordReq.java
@@ -16,24 +16,16 @@
  * specific language governing permissions and limitations
  * under the License.
  */
-package org.apache.bigtop.manager.server.service;
+package org.apache.bigtop.manager.server.model.req;
 
-import org.apache.bigtop.manager.server.model.dto.UserDTO;
-import org.apache.bigtop.manager.server.model.vo.UserVO;
+import lombok.Data;
 
-public interface UserService {
+@Data
+public class ChangePasswordReq {
 
-    /**
-     * Get current login user
-     *
-     * @return User
-     */
-    UserVO current();
+    private String password;
 
-    /**
-     * Update a user
-     *
-     * @return user
-     */
-    UserVO update(UserDTO userDTO);
+    private String newPassword;
+
+    private String confirmPassword;
 }
diff --git 
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/service/UserService.java
 
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/service/UserService.java
index 97f7fed9..421f6bd8 100644
--- 
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/service/UserService.java
+++ 
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/service/UserService.java
@@ -18,6 +18,7 @@
  */
 package org.apache.bigtop.manager.server.service;
 
+import org.apache.bigtop.manager.server.model.dto.ChangePasswordDTO;
 import org.apache.bigtop.manager.server.model.dto.UserDTO;
 import org.apache.bigtop.manager.server.model.vo.UserVO;
 
@@ -36,4 +37,11 @@ public interface UserService {
      * @return user
      */
     UserVO update(UserDTO userDTO);
+
+    /**
+     * Change password
+     *
+     * @param changePasswordDTO changePasswordDTO
+     */
+    UserVO changePassword(ChangePasswordDTO changePasswordDTO);
 }
diff --git 
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/service/impl/UserServiceImpl.java
 
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/service/impl/UserServiceImpl.java
index 61568d19..9631fd40 100644
--- 
a/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/service/impl/UserServiceImpl.java
+++ 
b/bigtop-manager-server/src/main/java/org/apache/bigtop/manager/server/service/impl/UserServiceImpl.java
@@ -24,9 +24,12 @@ import 
org.apache.bigtop.manager.server.enums.ApiExceptionEnum;
 import org.apache.bigtop.manager.server.exception.ApiException;
 import org.apache.bigtop.manager.server.holder.SessionUserHolder;
 import org.apache.bigtop.manager.server.model.converter.UserConverter;
+import org.apache.bigtop.manager.server.model.dto.ChangePasswordDTO;
 import org.apache.bigtop.manager.server.model.dto.UserDTO;
 import org.apache.bigtop.manager.server.model.vo.UserVO;
 import org.apache.bigtop.manager.server.service.UserService;
+import org.apache.bigtop.manager.server.utils.PasswordUtils;
+import org.apache.bigtop.manager.server.utils.Pbkdf2Utils;
 
 import org.springframework.stereotype.Service;
 
@@ -53,4 +56,28 @@ public class UserServiceImpl implements UserService {
         userDao.partialUpdateById(userPO);
         return UserConverter.INSTANCE.fromPO2VO(userPO);
     }
+
+    @Override
+    public UserVO changePassword(ChangePasswordDTO changePasswordDTO) {
+        if 
(changePasswordDTO.getPassword().equals(changePasswordDTO.getNewPassword())) {
+            throw new 
ApiException(ApiExceptionEnum.ORIGINAL_PASSWORD_SAME_AS_NEW_PASSWORD);
+        }
+
+        if 
(!changePasswordDTO.getNewPassword().equals(changePasswordDTO.getConfirmPassword()))
 {
+            throw new ApiException(ApiExceptionEnum.TWO_PASSWORDS_NOT_MATCH);
+        }
+
+        Long id = SessionUserHolder.getUserId();
+        UserPO userPO = userDao.findOptionalById(id).orElseThrow(() -> new 
ApiException(ApiExceptionEnum.NEED_LOGIN));
+
+        String password = Pbkdf2Utils.getPbkdf2Password(userPO.getUsername(), 
changePasswordDTO.getPassword());
+        if (!PasswordUtils.checkBcryptPassword(password, 
userPO.getPassword())) {
+            throw new 
ApiException(ApiExceptionEnum.ORIGINAL_PASSWORD_INCORRECT);
+        }
+
+        String newPassword = 
Pbkdf2Utils.getBcryptPassword(userPO.getUsername(), 
changePasswordDTO.getNewPassword());
+        userPO.setPassword(newPassword);
+        userDao.partialUpdateById(userPO);
+        return UserConverter.INSTANCE.fromPO2VO(userPO);
+    }
 }
diff --git 
a/bigtop-manager-server/src/main/resources/i18n/messages_en_US.properties 
b/bigtop-manager-server/src/main/resources/i18n/messages_en_US.properties
index e4701245..7b565abb 100644
--- a/bigtop-manager-server/src/main/resources/i18n/messages_en_US.properties
+++ b/bigtop-manager-server/src/main/resources/i18n/messages_en_US.properties
@@ -27,6 +27,10 @@ login.required=Please log in first
 login.account.required=Username or password should not be empty
 login.account.incorrect=Incorrect username or password
 login.account.disabled=User is disabled
+password.not.empty=The password cannot be empty
+original.password.same.as.new.password=Original password is same as new 
password
+two.passwords.not.match=Two passwords not match
+original.password.incorrect=Original password is incorrect
 
 cluster.not.found=Cluster not exist
 cluster.exists=Cluster already exists
diff --git 
a/bigtop-manager-server/src/main/resources/i18n/messages_zh_CN.properties 
b/bigtop-manager-server/src/main/resources/i18n/messages_zh_CN.properties
index 4bad9570..73e31063 100644
--- a/bigtop-manager-server/src/main/resources/i18n/messages_zh_CN.properties
+++ b/bigtop-manager-server/src/main/resources/i18n/messages_zh_CN.properties
@@ -27,6 +27,10 @@ login.required=请先登录
 login.account.required=用户名或密码不能为空
 login.account.incorrect=用户名或密码错误
 login.account.disabled=用户已被禁用
+password.not.empty=密码不能为空
+original.password.same.as.new.password=原始密码不能与新密码相同
+two.passwords.not.match=两次密码输入不一致
+original.password.incorrect=原始密码错误
 
 cluster.not.found=集群不存在
 cluster.exists=集群已存在

Reply via email to