新增密码策略

2021-12-20 23:50:06 +08:00 · 2021-12-20 23:50:06 +08:00 · 75ac1e9770
commit 75ac1e9770
parent 64d606013d
5 changed files with 46 additions and 18 deletions
--- a/app/Http/Controllers/Api/SystemController.php
+++ b/app/Http/Controllers/Api/SystemController.php
@ -24,7 +24,7 @@ class SystemController extends AbstractController
     *
     * @apiParam {String} type
     * - get: 获取（默认）
-     * - save: 保存设置（参数：reg、login_code）
+     * - save: 保存设置（参数：reg、login_code、password_policy）

     * @apiSuccess {Number} ret     返回状态码（1正确、0错误）
     * @apiSuccess {String} msg     返回信息（错误描述）
@ -40,7 +40,7 @@ class SystemController extends AbstractController
            User::auth('admin');
            $all = Request::input();
            foreach ($all AS $key => $value) {
-                if (!in_array($key, ['reg', 'login_code'])) {
+                if (!in_array($key, ['reg', 'login_code', 'password_policy'])) {
                    unset($all[$key]);
                }
            }
@ -51,6 +51,7 @@ class SystemController extends AbstractController
        //
        $setting['reg'] = $setting['reg'] ?: 'open';
        $setting['login_code'] = $setting['login_code'] ?: 'auto';
+        $setting['password_policy'] = $setting['password_policy'] ?: 'simple';
        //
        return Base::retSuccess('success', $setting ?: json_decode('{}'));
    }
--- a/app/Http/Controllers/Api/UsersController.php
+++ b/app/Http/Controllers/Api/UsersController.php
@ -272,14 +272,10 @@ class UsersController extends AbstractController
        //
        $oldpass = trim(Request::input('oldpass'));
        $newpass = trim(Request::input('newpass'));
-        if (strlen($newpass) < 6) {
-            return Base::retError('密码设置不能小于6位数');
-        } elseif (strlen($newpass) > 32) {
-            return Base::retError('密码最多只能设置32位数');
-        }
        if ($oldpass == $newpass) {
            return Base::retError('新旧密码一致');
        }
+        User::passwordPolicy($newpass);
        //
        $verify = User::whereUserid($user->userid)->wherePassword(Base::md52($oldpass, User::token2encrypt()))->count();
        if (empty($verify)) {
@ -487,11 +483,7 @@ class UsersController extends AbstractController
        // 密码
        if (Arr::exists($data, 'password')) {
            $password = trim($data['password']);
-            if (strlen($password) < 6) {
-                return Base::retError('密码设置不能小于6位数');
-            } elseif (strlen($password) > 32) {
-                return Base::retError('密码最多只能设置32位数');
-            }
+            User::passwordPolicy($password);
            $upArray['encrypt'] = Base::generatePassword(6);
            $upArray['password'] = Base::md52($password, $upArray['encrypt']);
            $upArray['changepass'] = 1;
--- a/app/Models/User.php
+++ b/app/Models/User.php
@ -185,11 +185,7 @@ class User extends AbstractModel
            throw new ApiException('邮箱地址已存在');
        }
        //密码
-        if (strlen($password) < 6) {
-            throw new ApiException('密码设置不能小于6位数');
-        } elseif (strlen($password) > 32) {
-            throw new ApiException('密码最多只能设置32位数');
-        }
+        self::passwordPolicy($password);
        //开始注册
        $encrypt = Base::generatePassword(6);
        $inArray = [
@ -459,4 +455,35 @@ class User extends AbstractModel
                }
        }
    }
+
+    /**
+     * 检测密码策略是否符合
+     * @param $password
+     * @return void
+     */
+    public static function passwordPolicy($password)
+    {
+        if (strlen($password) < 6) {
+            throw new ApiException('密码设置不能小于6位数');
+        }
+        if (strlen($password) > 32) {
+            throw new ApiException('密码最多只能设置32位数');
+        }
+        // 复杂密码
+        $password_policy = Base::settingFind('system', 'password_policy');
+        if ($password_policy == 'complex') {
+            if (preg_match("/^[0-9]+$/", $password)) {
+                throw new ApiException('密码不能全是数字，请包含数字，字母大小写或者特殊字符');
+            }
+            if (preg_match("/^[a-zA-Z]+$/", $password)) {
+                throw new ApiException('密码不能全是字母，请包含数字，字母大小写或者特殊字符');
+            }
+            if (preg_match("/^[0-9A-Z]+$/", $password)) {
+                throw new ApiException('密码不能全是数字+大写字母，密码包含数字，字母大小写或者特殊字符');
+            }
+            if (preg_match("/^[0-9a-z]+$/", $password)) {
+                throw new ApiException('密码不能全是数字+小写字母，密码包含数字，字母大小写或者特殊字符');
+            }
+        }
+    }
 }
--- a/resources/assets/js/pages/manage/components/TeamManagement.vue
+++ b/resources/assets/js/pages/manage/components/TeamManagement.vue
@ -323,7 +323,7 @@ export default {
                    that.getLists();
                    resolve()
                }).catch(({msg}) => {
-                    $A.modalError(msg);
+                    $A.modalError(msg, 301);
                    that.loadIng--;
                    that.getLists();
                    resolve()
--- a/resources/assets/js/pages/manage/setting/system.vue
+++ b/resources/assets/js/pages/manage/setting/system.vue
@ -14,6 +14,14 @@
                    <Radio label="close">{{$L('关闭')}}</Radio>
                </RadioGroup>
            </FormItem>
+            <FormItem :label="$L('密码策略')" prop="passwordPolicy">
+                <RadioGroup v-model="formDatum.password_policy">
+                    <Radio label="simple">{{$L('简单')}}</Radio>
+                    <Radio label="complex">{{$L('复杂')}}</Radio>
+                </RadioGroup>
+                <div v-if="formDatum.password_policy == 'simple'" class="form-tip">{{$L('简单：大于或等于6个字符。')}}</div>
+                <div v-else-if="formDatum.password_policy == 'complex'" class="form-tip">{{$L('复杂：大于或等于6个字符，包含数字、字母大小写或者特殊字符。')}}</div>
+            </FormItem>
        </Form>
        <div class="setting-footer">
            <Button :loading="loadIng > 0" type="primary" @click="submitForm">{{$L('提交')}}</Button>