feat(auth): 添加请求参数校验支持
- 在 AuthController 中为注册和登录接口添加 @Validated 注解 - 更新 DeviceController、RoleController 和 UserController 中的相关接口以支持参数校验 - 修改 AuthLoginRequest 中用户名校验的错误提示信息
This commit is contained in:
Chaos
@@ -6,8 +6,8 @@ import cn.nopj.chaos_api.dto.request.AuthRegisterRequest;
|
||||
import cn.nopj.chaos_api.dto.response.AuthTokenResponse;
|
||||
import cn.nopj.chaos_api.model.ApiResult;
|
||||
import cn.nopj.chaos_api.service.AuthService;
|
||||
import jakarta.validation.Valid;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.validation.annotation.Validated;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
@@ -34,7 +34,7 @@ public class AuthController {
|
||||
* @return 注册结果
|
||||
*/
|
||||
@PostMapping("/register")
|
||||
public ApiResult<?> register(@Valid @RequestBody AuthRegisterRequest authRegisterRequest) {
|
||||
public ApiResult<?> register(@RequestBody @Validated AuthRegisterRequest authRegisterRequest) {
|
||||
return ApiResult.success(authService.register(userConverter.convert(authRegisterRequest)));
|
||||
}
|
||||
/**
|
||||
@@ -44,7 +44,7 @@ public class AuthController {
|
||||
* @return 登录结果
|
||||
*/
|
||||
@PostMapping("/login")
|
||||
public ApiResult<AuthTokenResponse> login(@RequestBody AuthLoginRequest authLoginRequest) {
|
||||
public ApiResult<AuthTokenResponse> login(@RequestBody @Validated AuthLoginRequest authLoginRequest) {
|
||||
return ApiResult.success(authService.login(authLoginRequest.getUsername(), authLoginRequest.getPassword()));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -6,6 +6,7 @@ import cn.nopj.chaos_api.dto.response.DeviceResponse;
|
||||
import cn.nopj.chaos_api.model.ApiResult;
|
||||
import cn.nopj.chaos_api.service.DeviceService;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.validation.annotation.Validated;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
|
||||
@@ -28,7 +29,7 @@ public class DeviceController {
|
||||
* @return 新建设备信息结果
|
||||
*/
|
||||
@PostMapping("/create")
|
||||
public ApiResult<DeviceResponse> createDevice(@RequestBody CreateDriveRequest createDriveRequest){
|
||||
public ApiResult<DeviceResponse> createDevice(@RequestBody @Validated CreateDriveRequest createDriveRequest){
|
||||
return ApiResult.success(deviceService.createDevice(createDriveRequest));
|
||||
}
|
||||
|
||||
|
||||
@@ -7,6 +7,7 @@ import cn.nopj.chaos_api.service.UserRoleService;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.validation.annotation.Validated;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
@@ -30,7 +31,7 @@ public class RoleController {
|
||||
*/
|
||||
@PreAuthorize("hasAuthority('admin')")
|
||||
@RequestMapping("/setUserRole")
|
||||
public ApiResult<String> assignRolesToUser(@RequestBody SetUserRoleRequest request) {
|
||||
public ApiResult<String> assignRolesToUser(@RequestBody @Validated SetUserRoleRequest request) {
|
||||
userRoleService.assignRolesToUser(request);
|
||||
return ApiResult.success("用户角色设置成功");
|
||||
}
|
||||
@@ -41,7 +42,7 @@ public class RoleController {
|
||||
*/
|
||||
@PreAuthorize("hasAuthority('admin')")
|
||||
@RequestMapping("/cancelUserRole")
|
||||
public ApiResult<?> revokeRolesFromUser(@RequestBody SetUserRoleRequest request) {
|
||||
public ApiResult<?> revokeRolesFromUser(@RequestBody @Validated SetUserRoleRequest request) {
|
||||
return ApiResult.success("用户角色取消成功",userRoleService.revokeRolesFromUser(request));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -11,6 +11,7 @@ import cn.nopj.chaos_api.service.UserProfileServcie;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.validation.annotation.Validated;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import java.util.List;
|
||||
@@ -44,7 +45,7 @@ public class UserController {
|
||||
*/
|
||||
@PreAuthorize("hasAuthority('admin')")
|
||||
@PutMapping("/setUserPassword")
|
||||
ApiResult<String> setUserPassword(@RequestBody SetUserPasswordRequest request){
|
||||
ApiResult<String> setUserPassword(@RequestBody @Validated SetUserPasswordRequest request){
|
||||
userProfileServcie.setUserPassword(request.getUserId(), request.getPassword());
|
||||
return ApiResult.success("用户密码修改成功");
|
||||
}
|
||||
@@ -55,7 +56,7 @@ public class UserController {
|
||||
* @deprecated 废弃 修改用户名之后token会失效
|
||||
*/
|
||||
@PutMapping("/updateUsername")
|
||||
ApiResult<String> updateUsername(@RequestAttribute("currentUsername") String username,@RequestBody UpdateUsernameRequest request){
|
||||
ApiResult<String> updateUsername(@RequestAttribute("currentUsername") String username,@RequestBody @Validated UpdateUsernameRequest request){
|
||||
userProfileServcie.updateUsername(username, request.getUsername());
|
||||
return ApiResult.success("用户名更新成功");
|
||||
}
|
||||
@@ -77,7 +78,7 @@ public class UserController {
|
||||
* @return 用户信息
|
||||
*/
|
||||
@PatchMapping("/profile")
|
||||
ApiResult<UserProfileResponse> getUserInfo(@RequestAttribute("currentUsername") String username, @RequestBody UserProfileUpdateRequest request){
|
||||
ApiResult<UserProfileResponse> getUserInfo(@RequestAttribute("currentUsername") String username, @RequestBody @Validated UserProfileUpdateRequest request){
|
||||
return ApiResult.success(userProfileServcie.updateUserProfile(username,request));
|
||||
}
|
||||
|
||||
@@ -87,7 +88,7 @@ public class UserController {
|
||||
*/
|
||||
@PreAuthorize("hasAuthority('admin')")
|
||||
@PutMapping("/{userId}/nickname")
|
||||
ApiResult<UserProfileResponse> setNickname(@PathVariable Long userId, @RequestBody SetUserNicknameRequest request){
|
||||
ApiResult<UserProfileResponse> setNickname(@PathVariable Long userId, @RequestBody @Validated SetUserNicknameRequest request){
|
||||
return ApiResult.success(userProfileServcie.setUserNickname(userId,request.getNickname()));
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user