强密码验证

ygtx-admin/src/main/java/com/ygtx/web/controller/system/SysUserController.java

@@ -80,7 +80,7 @@ public class SysUserController extends BaseController
     @Log(title = "用户管理", businessType = BusinessType.EXPORT)
     @PreAuthorize("@ss.hasPermi('system:user:export')")
     @PostMapping("/export")
-    public void export(HttpServletResponse response, SysUser user, 
+    public void export(HttpServletResponse response, SysUser user,
                        @RequestParam(value = "exportFields", required = false) String exportFieldsStr)
     {
         List<SysUser> list = userService.selectUserList(user);
@@ -95,7 +95,7 @@ public class SysUserController extends BaseController
 
     /**
      * 获取用户导出字段列表
-     */ 
+     */
     @GetMapping("/exportFields")
     public AjaxResult getExportFields() {
         ExcelUtil<SysUser> util = new ExcelUtil<SysUser>(SysUser.class);
@@ -223,6 +223,9 @@ public class SysUserController extends BaseController
     @PutMapping("/resetPwd")
     public AjaxResult resetPwd(@RequestBody SysUser user)
     {
+        if(!SecurityUtils.validatePassword(user.getPassword())){
+            return AjaxResult.error("密码为8位及以上且必须包含大小写字母+特殊字符+数字相结合");
+        }
         userService.checkUserAllowed(user);
         userService.checkUserDataScope(user.getUserId());
         user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));

ygtx-ui/src/views/system/user/index.vue

@@ -354,7 +354,8 @@ const data = reactive({
   rules: {
     userName: [{ required: true, message: "工号不能为空", trigger: "blur" }, { min: 2, max: 20, message: "工号长度必须介于 2 和 20 之间", trigger: "blur" }],
     nickName: [{ required: true, message: "姓名不能为空", trigger: "blur" }],
-    password: [{ required: true, message: "用户密码不能为空", trigger: "blur" }, { min: 5, max: 20, message: "用户密码长度必须介于 5 和 20 之间", trigger: "blur" }, { pattern: /^[^<>"'|\\]+$/, message: "不能包含非法字符：< > \" ' \\\ |", trigger: "blur" }],
+    password: [{ required: true, message: "用户密码不能为空", trigger: "blur" }
+        , { validator: validatePassword, trigger: "blur" }],
     email: [{ type: "email", message: "请输入正确的邮箱地址", trigger: ["blur", "change"] }],
     phonenumber: [{ pattern: /^1[3|4|5|6|7|8|9][0-9]\d{8}$/, message: "请输入正确的手机号码", trigger: "blur" }]
   }
@@ -598,13 +599,7 @@ function handleResetPwd(row) {
     confirmButtonText: "确定",
     cancelButtonText: "取消",
     closeOnClickModal: false,
-    inputPattern: /^.{5,20}$/,
-    inputErrorMessage: "用户密码长度必须介于 5 和 20 之间",
-    inputValidator: (value) => {
-      if (/<|>|"|'|\||\\/.test(value)) {
-        return "不能包含非法字符：< > \" ' \\\ |"
-      }
-    },
+    inputValidator: validatePassword1,
   }).then(({ value }) => {
     resetUserPwd(row.userId, value).then(response => {
       proxy.$modal.msgSuccess("修改成功，新密码是：" + value)
@@ -757,6 +752,31 @@ function submitForm() {
   })
 }
 
+function validatePassword(rule, value, callback) {
+  if (checkPassword(value) === false) {
+    callback(new Error("密码为8位及以上且必须包含大小写字母+特殊字符+数字相结合"))
+  } else {
+    callback()
+  }
+}
+
+function validatePassword1(value) {
+  if (checkPassword(value) === false) {
+    return "密码为8位及以上且必须包含大小写字母+特殊字符+数字相结合";
+  }
+  return true;
+}
+
+function checkPassword(password) {
+    // 基础长度检查
+    if (!password || password.length < 8) {
+        return false;
+    }
+    // 正则表达式验证
+    const regex = /^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?])[A-Za-z\d!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?]{8,}$/;
+    return regex.test(password);
+}
+
 onMounted(() => {
   getDeptTree()
   getList()