fix

2023-11-20 11:37:03 +08:00 · 2023-11-20 11:37:03 +08:00 · 5db55ed7af
commit 5db55ed7af
parent b3c4bedf4b
2 changed files with 25 additions and 5 deletions
--- a/server/ldap-admin/internal/logic/createldapuserlogic.go
+++ b/server/ldap-admin/internal/logic/createldapuserlogic.go
@ -7,6 +7,7 @@ import (
 	"fusenapi/utils/basic"
 	"fusenapi/utils/chinese_to_pinyin"
 	"fusenapi/utils/email"
+	"fusenapi/utils/encryption_decryption"
 	"fusenapi/utils/ldap_lib"
 	"strings"

@ -60,6 +61,11 @@ func (l *CreateLdapUserLogic) CreateLdapUser(req *types.CreateLdapUserReq, useri
 		return resp.SetStatusWithMessage(basic.CodeDbSqlErr, "获取自增用户id失败")
 	}
 	userDN := fmt.Sprintf("cn=%s,%s", req.Email, l.svcCtx.Config.Ldap.PeopleGroupDN)
+	pwd, err := encryption_decryption.CBCEncrypt(req.Password)
+	if err != nil {
+		logx.Error(err)
+		return resp.SetStatusWithMessage(basic.CodeServiceErr, "加密密码失败")
+	}
 	if err := ldapServer.Create(userDN, map[string][]string{
 		"objectClass":      {"person", "organizationalPerson", "inetOrgPerson", "posixAccount", "top", "shadowAccount"}, //固有属性
 		"shadowLastChange": {"19676"},                                                                                   //固有属性
@ -78,7 +84,7 @@ func (l *CreateLdapUserLogic) CreateLdapUser(req *types.CreateLdapUserReq, useri
 		"departmentNumber": {"0"},
 		"postalAddress":    {req.Avatar},
 		"mobile":           {req.Mobile},
-		"userPassword":     {req.Password},
+		"userPassword":     {"{crypt}" + pwd},
 	}); err != nil {
 		logx.Error(err)
 		return resp.SetStatusWithMessage(basic.CodeServiceErr, "添加用户失败,"+err.Error())
--- a/server/ldap-admin/internal/logic/updateldapuserlogic.go
+++ b/server/ldap-admin/internal/logic/updateldapuserlogic.go
@ -5,6 +5,7 @@ import (
 	"fusenapi/utils/auth"
 	"fusenapi/utils/basic"
 	"fusenapi/utils/chinese_to_pinyin"
+	"fusenapi/utils/encryption_decryption"
 	"fusenapi/utils/ldap_lib"
 	"strings"

@ -61,15 +62,28 @@ func (l *UpdateLdapUserLogic) UpdateLdapUser(req *types.UpdateLdapUserReq, useri
 	}
 	if req.Password != "" {
 		//查询个人信息
-		/*user, err := ldapServer.GetLdapUserInfo(req.UserDN)
+		user, err := ldapServer.GetLdapUserInfo(req.UserDN)
 		if err != nil {
 			logx.Error(err)
 			return resp.SetStatusWithMessage(basic.CodeServiceErr, err.Error())
-		}*/
+		}
+		//解密旧的密码
+		oldPwd, err := encryption_decryption.CBCDecrypt(user.Password[7:])
+		if err != nil {
+			logx.Error(err)
+			return resp.SetStatusWithMessage(basic.CodeServiceErr, "解密旧的密码出错")
+		}
 		//验证旧的密码
+		if oldPwd != req.OldPassword {
+			return resp.SetStatusWithMessage(basic.CodeServiceErr, "旧密码不对，请重新尝试")
+		}
 		//加密新的密码
-		//赋值属性
-		//attr["userPassword"] = []string{""}
+		newPwd, err := encryption_decryption.CBCEncrypt(req.Password)
+		if err != nil {
+			logx.Error(err)
+			return resp.SetStatusWithMessage(basic.CodeServiceErr, "加密密码失败")
+		}
+		attr["userPassword"] = []string{"{crypt}" + newPwd}
 	}
 	err := ldapServer.Update(req.UserDN, attr)
 	if err != nil {