springboot 实现密码找回功能
1、生成密码忘记修改地址,并发送至用户邮箱
/**
* 忘记密码
* @param forgetPasswordReq
* @return
*/
public Message forgetPassword(ForgetPasswordReq forgetPasswordReq) throws MessagingException {
String errorInfo = "";
// 验证邮箱是否存在
if(StringUtils.isEmpty(forgetPasswordReq.getEmail())){
errorInfo = "邮箱不能为空";
return new MessageBuilder.Builder().setStatus(Message.Code.STATUS_ERROR)
.setErrorCode(Message.Code.ERRORCODE)
.setError(errorInfo).builder();
}
// 验证邮箱是否重复
AccountExample accountForEmailExample = new AccountExample();
accountForEmailExample.createCriteria().andEmailEqualTo(forgetPasswordReq.getEmail()).andDelFlagEqualTo(0);
List accountForEmailList = accountMapper.selectByExample(accountForEmailExample);
if(null == accountForEmailList || accountForEmailList.size() == 0){
errorInfo = "邮箱不存在";
return new MessageBuilder.Builder().setStatus(Message.Code.STATUS_ERROR)
.setErrorCode(Message.Code.ERRORCODE)
.setError(errorInfo).builder();
}
// 生成忘记密码并修改密码的地址, 放入redis 5分钟失效
String forgetPasswordValue = UuidUtil.getUuid();
redisMapper.set(forgetPassword + forgetPasswordValue ,forgetPasswordReq.getEmail(), 300);
// 发送邮件到该邮箱
String mailTitle = "【数据湖】找回密码";
String mailContent = "" +
"" + "亲爱的数据湖用户您好" + "
" +
"
" +
" 您正在进行密码找回操作
" +
" 修改密码链接为:"
+ ssoWebAppUrl + forgetPasswordValue + "
" +
" 此链接5分钟内有效,请尽快操作
" +
" 若您遇到任何使用问题,请联系我们,客服电话:" + customerPhone + "
" +
" 感谢您使用数据湖服务!
" +
"
" +
" 此致
" +
" 数据湖团队
" +
" (此为系统邮件,请勿回复)" +
"";
Boolean sendMailFlag = mailService.sendHtml(forgetPasswordReq.getEmail() ,mailTitle, mailContent);
if(!sendMailFlag){
errorInfo = "邮件发送失败";
return new MessageBuilder.Builder().setStatus(Message.Code.STATUS_ERROR)
.setErrorCode(Message.Code.ERRORCODE)
.setError(errorInfo).builder();
}
return new MessageBuilder.Builder().setStatus(Message.Code.STATUS_OK).builder();
} 2、发送邮件
引入spring的邮件依赖
静态属性配置文件
3、邮件发送工具
/**
* @des 邮件服务service
* @author wxg
* @date 2020年4月2日
*
*/
@Service
public class MailService {
@Autowired(required = false)
JavaMailSender javaMailSender;
@Value("${mail.from}")
private String sendFrom;
/**
* 发送html格式邮件
* @param toMail
* @param mailTitle
* @param mailContent
* @return
*/
public boolean sendHtml(String toMail, String mailTitle ,String mailContent) throws MessagingException {
try {
MimeMessage message = javaMailSender.createMimeMessage();
MimeMessageHelper helper = new MimeMessageHelper(message, true,"GBK"); //解决乱码问题
helper.setFrom(sendFrom);
helper.setTo(toMail);
helper.setSubject(mailTitle);
//设置META解决乱码问题
helper.setText(mailContent, true);
this.javaMailSender.send(message);
} catch (Exception e){
return false;
}
return true;
}
/**
* 发送文本邮件
* @param toMail
* @param mailTitle
* @param mailContent
* @return
*/
public boolean send(String toMail, String mailTitle ,String mailContent) {
try {
//建立邮件消息
SimpleMailMessage mainMessage = new SimpleMailMessage();
//发送者
mainMessage.setFrom(sendFrom);
//接收者
mainMessage.setTo(toMail);
//发送的标题
mainMessage.setSubject(mailTitle);
//发送的内容
mainMessage.setText(mailContent);
javaMailSender.send(mainMessage);
} catch (Exception e){
return false;
}
return true;
}
4、发送邮件效果图
5、密码修改, 邮箱中点击url跳转时,验证url有效性
5.1、controller
/**
* 验证修改密码链接是否有效
* @param uuid
* @return
*/
@GetMapping("/verifForgetPasswordUrl/{uuid}")
public String verifForgetPasswordUrl(@PathVariable String uuid){
return JSONObject.toJSONString(accountLoginService.verifForgetPasswordUrl(uuid));
}
5.2、 service
/**
* 验证密码修改地址是否有效
* 用redis失效机制控制链接有效性
* @param uuid
* @return
*/
public Message verifForgetPasswordUrl(String uuid){
String email = redisMapper.get(forgetPassword + uuid);
if(StringUtils.isEmpty(email)){
return new MessageBuilder.Builder().setStatus(Message.Code.STATUS_ERROR)
.setErrorCode(Message.Code.ERRORCODE)
.setError("链接已失效").builder();
}
return new MessageBuilder.Builder().setStatus(Message.Code.STATUS_OK).builder();
}
6、修改密码
6.1、 controller
/**
* 修改密码
* @param
* @return
*/
@PutMapping("/modifyPassword")
public String modifyPassword(@RequestBody ModifyPasswordReq modifyPasswordReq){
return JSONObject.toJSONString(accountLoginService.modifyPassword(modifyPasswordReq));
}
6.2、service
/**
* 忘记密码->修改密码
* @param modifyPasswordReq
* @return
*/
public Message modifyPassword(ModifyPasswordReq modifyPasswordReq){
// 从redis中获取邮箱
String email = redisMapper.get(forgetPassword + modifyPasswordReq.getUuid());
if(StringUtils.isEmpty(email)){
return new MessageBuilder.Builder().setStatus(Message.Code.STATUS_ERROR)
.setErrorCode(Message.Code.ERRORCODE)
.setError("链接已失效").builder();
}
if(StringUtils.isEmpty(modifyPasswordReq.getNewPassword())){
return new MessageBuilder.Builder().setStatus(Message.Code.STATUS_ERROR)
.setErrorCode(Message.Code.ERRORCODE)
.setError("密码不能为空").builder();
}
if (StringUtils.isEmpty(modifyPasswordReq.getConfirmNewPassword())) {
return new MessageBuilder.Builder().setStatus(Message.Code.STATUS_ERROR)
.setErrorCode(Message.Code.ERRORCODE)
.setError("密码确认不能为空").builder();
}
// 链接有效,反查账号
AccountExample accountExample = new AccountExample();
accountExample.createCriteria().andEmailEqualTo(email).andDelFlagEqualTo(0);
List accountList = accountMapper.selectByExample(accountExample);
if(null != accountList && accountList.size() == 1){
Account oldAccount = accountList.get(0);
// 密码深度验证
String checkPasswordResult = checkPassword(oldAccount, modifyPasswordReq);
if(StringUtils.isNotEmpty(checkPasswordResult)){
return new MessageBuilder.Builder().setStatus(Message.Code.STATUS_ERROR)
.setErrorCode(Message.Code.ERRORCODE)
.setError(checkPasswordResult).builder();
}
// 修改密码,并记录上一次密码
Account newAccount = new Account();
newAccount.setAccountId(oldAccount.getAccountId());
newAccount.setPassword(modifyPasswordReq.getNewPassword());
newAccount.setLastPassword(oldAccount.getPassword());
accountMapper.updateByPrimaryKey(newAccount);
} else {
return new MessageBuilder.Builder().setStatus(Message.Code.STATUS_ERROR)
.setErrorCode(Message.Code.ERRORCODE)
.setError("账号数据异常").builder();
}
return new MessageBuilder.Builder().setStatus(Message.Code.STATUS_OK).builder();
}