feat(auth): 添加请求参数校验支持
- 在 AuthController 中为注册和登录接口添加 @Validated 注解 - 更新 DeviceController、RoleController 和 UserController 中的相关接口以支持参数校验 - 修改 AuthLoginRequest 中用户名校验的错误提示信息
This commit is contained in:
Chaos
@@ -8,7 +8,7 @@ import lombok.Data;
|
|||||||
*/
|
*/
|
||||||
@Data
|
@Data
|
||||||
public class AuthLoginRequest {
|
public class AuthLoginRequest {
|
||||||
@Pattern(regexp = "^[a-zA-Z0-9_-]{5,16}$", message = "用户名需为5-16位字母、数字、_或-")
|
@Pattern(regexp = "^[a-zA-Z0-9_-]{5,16}$", message = "用户名校验失败")
|
||||||
private String username;
|
private String username;
|
||||||
@Pattern(regexp = "^.{8,16}$", message = "密码长度需为8-16位")
|
@Pattern(regexp = "^.{8,16}$", message = "密码长度需为8-16位")
|
||||||
private String password;
|
private String password;
|
||||||
|
|||||||
@@ -6,8 +6,8 @@ import cn.nopj.chaos_api.dto.request.AuthRegisterRequest;
|
|||||||
import cn.nopj.chaos_api.dto.response.AuthTokenResponse;
|
import cn.nopj.chaos_api.dto.response.AuthTokenResponse;
|
||||||
import cn.nopj.chaos_api.model.ApiResult;
|
import cn.nopj.chaos_api.model.ApiResult;
|
||||||
import cn.nopj.chaos_api.service.AuthService;
|
import cn.nopj.chaos_api.service.AuthService;
|
||||||
import jakarta.validation.Valid;
|
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
|
import org.springframework.validation.annotation.Validated;
|
||||||
import org.springframework.web.bind.annotation.PostMapping;
|
import org.springframework.web.bind.annotation.PostMapping;
|
||||||
import org.springframework.web.bind.annotation.RequestBody;
|
import org.springframework.web.bind.annotation.RequestBody;
|
||||||
import org.springframework.web.bind.annotation.RequestMapping;
|
import org.springframework.web.bind.annotation.RequestMapping;
|
||||||
@@ -34,7 +34,7 @@ public class AuthController {
|
|||||||
* @return 注册结果
|
* @return 注册结果
|
||||||
*/
|
*/
|
||||||
@PostMapping("/register")
|
@PostMapping("/register")
|
||||||
public ApiResult<?> register(@Valid @RequestBody AuthRegisterRequest authRegisterRequest) {
|
public ApiResult<?> register(@RequestBody @Validated AuthRegisterRequest authRegisterRequest) {
|
||||||
return ApiResult.success(authService.register(userConverter.convert(authRegisterRequest)));
|
return ApiResult.success(authService.register(userConverter.convert(authRegisterRequest)));
|
||||||
}
|
}
|
||||||
/**
|
/**
|
||||||
@@ -44,7 +44,7 @@ public class AuthController {
|
|||||||
* @return 登录结果
|
* @return 登录结果
|
||||||
*/
|
*/
|
||||||
@PostMapping("/login")
|
@PostMapping("/login")
|
||||||
public ApiResult<AuthTokenResponse> login(@RequestBody AuthLoginRequest authLoginRequest) {
|
public ApiResult<AuthTokenResponse> login(@RequestBody @Validated AuthLoginRequest authLoginRequest) {
|
||||||
return ApiResult.success(authService.login(authLoginRequest.getUsername(), authLoginRequest.getPassword()));
|
return ApiResult.success(authService.login(authLoginRequest.getUsername(), authLoginRequest.getPassword()));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -6,6 +6,7 @@ import cn.nopj.chaos_api.dto.response.DeviceResponse;
|
|||||||
import cn.nopj.chaos_api.model.ApiResult;
|
import cn.nopj.chaos_api.model.ApiResult;
|
||||||
import cn.nopj.chaos_api.service.DeviceService;
|
import cn.nopj.chaos_api.service.DeviceService;
|
||||||
import org.springframework.security.access.prepost.PreAuthorize;
|
import org.springframework.security.access.prepost.PreAuthorize;
|
||||||
|
import org.springframework.validation.annotation.Validated;
|
||||||
import org.springframework.web.bind.annotation.*;
|
import org.springframework.web.bind.annotation.*;
|
||||||
|
|
||||||
|
|
||||||
@@ -28,7 +29,7 @@ public class DeviceController {
|
|||||||
* @return 新建设备信息结果
|
* @return 新建设备信息结果
|
||||||
*/
|
*/
|
||||||
@PostMapping("/create")
|
@PostMapping("/create")
|
||||||
public ApiResult<DeviceResponse> createDevice(@RequestBody CreateDriveRequest createDriveRequest){
|
public ApiResult<DeviceResponse> createDevice(@RequestBody @Validated CreateDriveRequest createDriveRequest){
|
||||||
return ApiResult.success(deviceService.createDevice(createDriveRequest));
|
return ApiResult.success(deviceService.createDevice(createDriveRequest));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -7,6 +7,7 @@ import cn.nopj.chaos_api.service.UserRoleService;
|
|||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.security.access.prepost.PreAuthorize;
|
import org.springframework.security.access.prepost.PreAuthorize;
|
||||||
|
import org.springframework.validation.annotation.Validated;
|
||||||
import org.springframework.web.bind.annotation.RequestBody;
|
import org.springframework.web.bind.annotation.RequestBody;
|
||||||
import org.springframework.web.bind.annotation.RequestMapping;
|
import org.springframework.web.bind.annotation.RequestMapping;
|
||||||
import org.springframework.web.bind.annotation.RestController;
|
import org.springframework.web.bind.annotation.RestController;
|
||||||
@@ -30,7 +31,7 @@ public class RoleController {
|
|||||||
*/
|
*/
|
||||||
@PreAuthorize("hasAuthority('admin')")
|
@PreAuthorize("hasAuthority('admin')")
|
||||||
@RequestMapping("/setUserRole")
|
@RequestMapping("/setUserRole")
|
||||||
public ApiResult<String> assignRolesToUser(@RequestBody SetUserRoleRequest request) {
|
public ApiResult<String> assignRolesToUser(@RequestBody @Validated SetUserRoleRequest request) {
|
||||||
userRoleService.assignRolesToUser(request);
|
userRoleService.assignRolesToUser(request);
|
||||||
return ApiResult.success("用户角色设置成功");
|
return ApiResult.success("用户角色设置成功");
|
||||||
}
|
}
|
||||||
@@ -41,7 +42,7 @@ public class RoleController {
|
|||||||
*/
|
*/
|
||||||
@PreAuthorize("hasAuthority('admin')")
|
@PreAuthorize("hasAuthority('admin')")
|
||||||
@RequestMapping("/cancelUserRole")
|
@RequestMapping("/cancelUserRole")
|
||||||
public ApiResult<?> revokeRolesFromUser(@RequestBody SetUserRoleRequest request) {
|
public ApiResult<?> revokeRolesFromUser(@RequestBody @Validated SetUserRoleRequest request) {
|
||||||
return ApiResult.success("用户角色取消成功",userRoleService.revokeRolesFromUser(request));
|
return ApiResult.success("用户角色取消成功",userRoleService.revokeRolesFromUser(request));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -11,6 +11,7 @@ import cn.nopj.chaos_api.service.UserProfileServcie;
|
|||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.security.access.prepost.PreAuthorize;
|
import org.springframework.security.access.prepost.PreAuthorize;
|
||||||
|
import org.springframework.validation.annotation.Validated;
|
||||||
import org.springframework.web.bind.annotation.*;
|
import org.springframework.web.bind.annotation.*;
|
||||||
|
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
@@ -44,7 +45,7 @@ public class UserController {
|
|||||||
*/
|
*/
|
||||||
@PreAuthorize("hasAuthority('admin')")
|
@PreAuthorize("hasAuthority('admin')")
|
||||||
@PutMapping("/setUserPassword")
|
@PutMapping("/setUserPassword")
|
||||||
ApiResult<String> setUserPassword(@RequestBody SetUserPasswordRequest request){
|
ApiResult<String> setUserPassword(@RequestBody @Validated SetUserPasswordRequest request){
|
||||||
userProfileServcie.setUserPassword(request.getUserId(), request.getPassword());
|
userProfileServcie.setUserPassword(request.getUserId(), request.getPassword());
|
||||||
return ApiResult.success("用户密码修改成功");
|
return ApiResult.success("用户密码修改成功");
|
||||||
}
|
}
|
||||||
@@ -55,7 +56,7 @@ public class UserController {
|
|||||||
* @deprecated 废弃 修改用户名之后token会失效
|
* @deprecated 废弃 修改用户名之后token会失效
|
||||||
*/
|
*/
|
||||||
@PutMapping("/updateUsername")
|
@PutMapping("/updateUsername")
|
||||||
ApiResult<String> updateUsername(@RequestAttribute("currentUsername") String username,@RequestBody UpdateUsernameRequest request){
|
ApiResult<String> updateUsername(@RequestAttribute("currentUsername") String username,@RequestBody @Validated UpdateUsernameRequest request){
|
||||||
userProfileServcie.updateUsername(username, request.getUsername());
|
userProfileServcie.updateUsername(username, request.getUsername());
|
||||||
return ApiResult.success("用户名更新成功");
|
return ApiResult.success("用户名更新成功");
|
||||||
}
|
}
|
||||||
@@ -77,7 +78,7 @@ public class UserController {
|
|||||||
* @return 用户信息
|
* @return 用户信息
|
||||||
*/
|
*/
|
||||||
@PatchMapping("/profile")
|
@PatchMapping("/profile")
|
||||||
ApiResult<UserProfileResponse> getUserInfo(@RequestAttribute("currentUsername") String username, @RequestBody UserProfileUpdateRequest request){
|
ApiResult<UserProfileResponse> getUserInfo(@RequestAttribute("currentUsername") String username, @RequestBody @Validated UserProfileUpdateRequest request){
|
||||||
return ApiResult.success(userProfileServcie.updateUserProfile(username,request));
|
return ApiResult.success(userProfileServcie.updateUserProfile(username,request));
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -87,7 +88,7 @@ public class UserController {
|
|||||||
*/
|
*/
|
||||||
@PreAuthorize("hasAuthority('admin')")
|
@PreAuthorize("hasAuthority('admin')")
|
||||||
@PutMapping("/{userId}/nickname")
|
@PutMapping("/{userId}/nickname")
|
||||||
ApiResult<UserProfileResponse> setNickname(@PathVariable Long userId, @RequestBody SetUserNicknameRequest request){
|
ApiResult<UserProfileResponse> setNickname(@PathVariable Long userId, @RequestBody @Validated SetUserNicknameRequest request){
|
||||||
return ApiResult.success(userProfileServcie.setUserNickname(userId,request.getNickname()));
|
return ApiResult.success(userProfileServcie.setUserNickname(userId,request.getNickname()));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user