fix: 密码修改接口改为@RequestBody
- UserController.updatePassword 改用PasswordRequest对象 - 符合安全规范:敏感数据使用POST body
This commit is contained in:
parent
e6eac0fc56
commit
162658daed
|
|
@ -3,6 +3,7 @@ package com.ether.pms.auth.controller;
|
||||||
import com.ether.pms.auth.entity.User;
|
import com.ether.pms.auth.entity.User;
|
||||||
import com.ether.pms.auth.service.UserService;
|
import com.ether.pms.auth.service.UserService;
|
||||||
import com.ether.pms.common.ApiResponse;
|
import com.ether.pms.common.ApiResponse;
|
||||||
|
import lombok.Data;
|
||||||
import lombok.RequiredArgsConstructor;
|
import lombok.RequiredArgsConstructor;
|
||||||
import org.springframework.http.ResponseEntity;
|
import org.springframework.http.ResponseEntity;
|
||||||
import org.springframework.web.bind.annotation.*;
|
import org.springframework.web.bind.annotation.*;
|
||||||
|
|
@ -46,9 +47,8 @@ public class UserController {
|
||||||
@PutMapping("/{id}/password")
|
@PutMapping("/{id}/password")
|
||||||
public ResponseEntity<ApiResponse<Void>> updatePassword(
|
public ResponseEntity<ApiResponse<Void>> updatePassword(
|
||||||
@PathVariable UUID id,
|
@PathVariable UUID id,
|
||||||
@RequestParam String oldPassword,
|
@RequestBody PasswordRequest request) {
|
||||||
@RequestParam String newPassword) {
|
userService.updatePassword(id, request.getOldPassword(), request.getNewPassword());
|
||||||
userService.updatePassword(id, oldPassword, newPassword);
|
|
||||||
return ResponseEntity.ok(ApiResponse.success());
|
return ResponseEntity.ok(ApiResponse.success());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -59,4 +59,10 @@ public class UserController {
|
||||||
userService.assignRoles(id, roleIds);
|
userService.assignRoles(id, roleIds);
|
||||||
return ResponseEntity.ok(ApiResponse.success());
|
return ResponseEntity.ok(ApiResponse.success());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Data
|
||||||
|
public static class PasswordRequest {
|
||||||
|
private String oldPassword;
|
||||||
|
private String newPassword;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue