From b9931cda30d13a02c29194bbf387f87b0a9d368b Mon Sep 17 00:00:00 2001
From: 疯狂的狮子Li <15040126243@163.com>
Date: 星期四, 30 六月 2022 15:25:22 +0800
Subject: [PATCH] !192 优化登出方法 Merge pull request !192 from zendwang/dev

---
 ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysProfileController.java |   16 ++++++++++++----
 1 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysProfileController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysProfileController.java
index c69f061..22b506f 100644
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysProfileController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysProfileController.java
@@ -1,5 +1,7 @@
 package com.ruoyi.web.controller.system;
 
+import cn.dev33.satoken.secure.BCrypt;
+import cn.hutool.core.io.FileUtil;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.constant.UserConstants;
 import com.ruoyi.common.core.controller.BaseController;
@@ -7,8 +9,8 @@
 import com.ruoyi.common.core.domain.entity.SysUser;
 import com.ruoyi.common.enums.BusinessType;
 import com.ruoyi.common.helper.LoginHelper;
-import com.ruoyi.common.utils.SecurityUtils;
 import com.ruoyi.common.utils.StringUtils;
+import com.ruoyi.common.utils.file.MimeTypeUtils;
 import com.ruoyi.system.domain.SysOss;
 import com.ruoyi.system.service.ISysOssService;
 import com.ruoyi.system.service.ISysUserService;
@@ -22,6 +24,7 @@
 import org.springframework.web.multipart.MultipartFile;
 
 import java.io.File;
+import java.util.Arrays;
 import java.util.HashMap;
 import java.util.Map;
 
@@ -92,13 +95,14 @@
         SysUser user = userService.selectUserById(LoginHelper.getUserId());
         String userName = user.getUserName();
         String password = user.getPassword();
-        if (!SecurityUtils.matchesPassword(oldPassword, password)) {
+        if (!BCrypt.checkpw(oldPassword, password)) {
             return R.fail("淇敼瀵嗙爜澶辫触锛屾棫瀵嗙爜閿欒");
         }
-        if (SecurityUtils.matchesPassword(newPassword, password)) {
+        if (BCrypt.checkpw(newPassword, password)) {
             return R.fail("鏂板瘑鐮佷笉鑳戒笌鏃у瘑鐮佺浉鍚�");
         }
-        if (userService.resetUserPwd(userName, SecurityUtils.encryptPassword(newPassword)) > 0) {
+
+        if (userService.resetUserPwd(userName, BCrypt.hashpw(newPassword)) > 0) {
             return R.ok();
         }
         return R.fail("淇敼瀵嗙爜寮傚父锛岃鑱旂郴绠＄悊鍛�");
@@ -116,6 +120,10 @@
     public R<Map<String, Object>> avatar(@RequestPart("avatarfile") MultipartFile file) {
         Map<String, Object> ajax = new HashMap<>();
         if (!file.isEmpty()) {
+            String extension = FileUtil.extName(file.getOriginalFilename());
+            if (!StringUtils.equalsAnyIgnoreCase(extension, MimeTypeUtils.IMAGE_EXTENSION)) {
+                return R.fail("鏂囦欢鏍煎紡涓嶆纭紝璇蜂笂浼�" + Arrays.toString(MimeTypeUtils.IMAGE_EXTENSION) + "鏍煎紡");
+            }
             SysOss oss = iSysOssService.upload(file);
             String avatar = oss.getUrl();
             if (userService.updateUserAvatar(getUsername(), avatar)) {

--
Gitblit v1.9.3