feat(auth): 新增密码复杂度校验,注册/修改密码/新建用户/重置密码统一为8-20位且须含大小写字母/数字/特殊字符
This commit is contained in:
@@ -1,9 +1,9 @@
|
|||||||
/**
|
/**
|
||||||
* 判断url是否是http或https
|
* 判断url是否是http或https
|
||||||
* @param {string} path
|
* @param {string} path
|
||||||
* @returns {Boolean}
|
* @returns {Boolean}
|
||||||
*/
|
*/
|
||||||
export function isHttp(url) {
|
export function isHttp(url) {
|
||||||
return url.indexOf('http://') !== -1 || url.indexOf('https://') !== -1
|
return url.indexOf('http://') !== -1 || url.indexOf('https://') !== -1
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -12,7 +12,7 @@
|
|||||||
* @param {string} path
|
* @param {string} path
|
||||||
* @returns {Boolean}
|
* @returns {Boolean}
|
||||||
*/
|
*/
|
||||||
export function isExternal(path) {
|
export function isExternal(path) {
|
||||||
return /^(https?:|mailto:|tel:)/.test(path)
|
return /^(https?:|mailto:|tel:)/.test(path)
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -30,7 +30,8 @@ export function validUsername(str) {
|
|||||||
* @returns {Boolean}
|
* @returns {Boolean}
|
||||||
*/
|
*/
|
||||||
export function validURL(url) {
|
export function validURL(url) {
|
||||||
const reg = /^(https?|ftp):\/\/([a-zA-Z0-9.-]+(:[a-zA-Z0-9.&%$-]+)*@)*((25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]?)(\.(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])){3}|([a-zA-Z0-9-]+\.)*[a-zA-Z0-9-]+\.(com|edu|gov|int|mil|net|org|biz|arpa|info|name|pro|aero|coop|museum|[a-zA-Z]{2}))(:[0-9]+)*(\/($|[a-zA-Z0-9.,?'\\+&%$#=~_-]+))*$/
|
const reg =
|
||||||
|
/^(https?|ftp):\/\/([a-zA-Z0-9.-]+(:[a-zA-Z0-9.&%$-]+)*@)*((25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]?)(\.(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])){3}|([a-zA-Z0-9-]+\.)*[a-zA-Z0-9-]+\.(com|edu|gov|int|mil|net|org|biz|arpa|info|name|pro|aero|coop|museum|[a-zA-Z]{2}))(:[0-9]+)*(\/($|[a-zA-Z0-9.,?'\\+&%$#=~_-]+))*$/
|
||||||
return reg.test(url)
|
return reg.test(url)
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -66,7 +67,8 @@ export function validAlphabets(str) {
|
|||||||
* @returns {Boolean}
|
* @returns {Boolean}
|
||||||
*/
|
*/
|
||||||
export function validEmail(email) {
|
export function validEmail(email) {
|
||||||
const reg = /^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/
|
const reg =
|
||||||
|
/^(([^<>()[\]\\.,;:\s@"]+(\.[^<>()[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/
|
||||||
return reg.test(email)
|
return reg.test(email)
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -91,3 +93,65 @@ export function isArray(arg) {
|
|||||||
}
|
}
|
||||||
return Array.isArray(arg)
|
return Array.isArray(arg)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// ============ 密码复杂度校验 ============
|
||||||
|
// 规则(与 H5 端保持一致):
|
||||||
|
// 1. 长度 8-20 个字符
|
||||||
|
// 2. 不能包含空格
|
||||||
|
// 3. 必须同时包含:大写字母、小写字母、数字、特殊字符 四类
|
||||||
|
|
||||||
|
export const PASSWORD_MIN_LENGTH = 8
|
||||||
|
export const PASSWORD_MAX_LENGTH = 20
|
||||||
|
|
||||||
|
const REG_UPPER = /[A-Z]/
|
||||||
|
const REG_LOWER = /[a-z]/
|
||||||
|
const REG_NUMBER = /[0-9]/
|
||||||
|
// 特殊字符:非字母、非数字、非空白(即标点符号等)
|
||||||
|
const REG_SPECIAL = /[^A-Za-z0-9\s]/
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 校验密码复杂度,返回精确的失败原因
|
||||||
|
* @param {string} password
|
||||||
|
* @returns {{ valid: boolean, message: string }}
|
||||||
|
*/
|
||||||
|
export function validatePassword(password) {
|
||||||
|
if (password === undefined || password === null || password === '') {
|
||||||
|
return { valid: false, message: '密码不能为空' }
|
||||||
|
}
|
||||||
|
const value = String(password)
|
||||||
|
if (value.length < PASSWORD_MIN_LENGTH || value.length > PASSWORD_MAX_LENGTH) {
|
||||||
|
return { valid: false, message: `密码长度在 ${PASSWORD_MIN_LENGTH} 到 ${PASSWORD_MAX_LENGTH} 个字符` }
|
||||||
|
}
|
||||||
|
if (/\s/.test(value)) {
|
||||||
|
return { valid: false, message: '密码不能包含空格' }
|
||||||
|
}
|
||||||
|
if (!REG_UPPER.test(value)) {
|
||||||
|
return { valid: false, message: '密码必须包含大写字母' }
|
||||||
|
}
|
||||||
|
if (!REG_LOWER.test(value)) {
|
||||||
|
return { valid: false, message: '密码必须包含小写字母' }
|
||||||
|
}
|
||||||
|
if (!REG_NUMBER.test(value)) {
|
||||||
|
return { valid: false, message: '密码必须包含数字' }
|
||||||
|
}
|
||||||
|
if (!REG_SPECIAL.test(value)) {
|
||||||
|
return { valid: false, message: '密码必须包含特殊字符' }
|
||||||
|
}
|
||||||
|
return { valid: true, message: '' }
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Element Plus (async-validator) 自定义校验函数
|
||||||
|
* 用法:{ validator: passwordValidator, trigger: 'blur' }
|
||||||
|
* @param {object} rule
|
||||||
|
* @param {string} value
|
||||||
|
* @param {Function} callback
|
||||||
|
*/
|
||||||
|
export function passwordValidator(rule, value, callback) {
|
||||||
|
const { valid, message } = validatePassword(value)
|
||||||
|
if (valid) {
|
||||||
|
callback()
|
||||||
|
} else {
|
||||||
|
callback(new Error(message))
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|||||||
@@ -67,6 +67,7 @@
|
|||||||
<script setup>
|
<script setup>
|
||||||
import { ElMessageBox } from 'element-plus'
|
import { ElMessageBox } from 'element-plus'
|
||||||
import { getCodeImg, register } from '@/api/login'
|
import { getCodeImg, register } from '@/api/login'
|
||||||
|
import { passwordValidator } from '@/utils/validate'
|
||||||
|
|
||||||
const router = useRouter()
|
const router = useRouter()
|
||||||
const { proxy } = getCurrentInstance()
|
const { proxy } = getCurrentInstance()
|
||||||
@@ -95,7 +96,7 @@ const registerRules = {
|
|||||||
],
|
],
|
||||||
password: [
|
password: [
|
||||||
{ required: true, trigger: 'blur', message: '请输入您的密码' },
|
{ required: true, trigger: 'blur', message: '请输入您的密码' },
|
||||||
{ min: 5, max: 20, message: '用户密码长度必须介于 5 和 20 之间', trigger: 'blur' }
|
{ validator: passwordValidator, trigger: 'blur' }
|
||||||
],
|
],
|
||||||
confirmPassword: [
|
confirmPassword: [
|
||||||
{ required: true, trigger: 'blur', message: '请再次输入您的密码' },
|
{ required: true, trigger: 'blur', message: '请再次输入您的密码' },
|
||||||
@@ -127,7 +128,7 @@ function handleRegister() {
|
|||||||
})
|
})
|
||||||
.catch(() => {
|
.catch(() => {
|
||||||
loading.value = false
|
loading.value = false
|
||||||
if (captchaEnabled) {
|
if (captchaEnabled.value) {
|
||||||
getCode()
|
getCode()
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
|
|||||||
@@ -238,6 +238,7 @@
|
|||||||
<script setup name="User">
|
<script setup name="User">
|
||||||
import { getToken } from '@/utils/auth'
|
import { getToken } from '@/utils/auth'
|
||||||
import { changeUserStatus, listUser, resetUserPwd, delUser, getUser, updateUser, addUser, deptTreeSelect } from '@/api/system/user'
|
import { changeUserStatus, listUser, resetUserPwd, delUser, getUser, updateUser, addUser, deptTreeSelect } from '@/api/system/user'
|
||||||
|
import { passwordValidator } from '@/utils/validate'
|
||||||
import { onMounted } from 'vue'
|
import { onMounted } from 'vue'
|
||||||
const router = useRouter()
|
const router = useRouter()
|
||||||
const { proxy } = getCurrentInstance()
|
const { proxy } = getCurrentInstance()
|
||||||
@@ -304,7 +305,7 @@ const data = reactive({
|
|||||||
nickName: [{ required: true, message: '用户昵称不能为空', trigger: 'blur' }],
|
nickName: [{ required: true, message: '用户昵称不能为空', trigger: 'blur' }],
|
||||||
password: [
|
password: [
|
||||||
{ required: true, message: '用户密码不能为空', trigger: 'blur' },
|
{ required: true, message: '用户密码不能为空', trigger: 'blur' },
|
||||||
{ min: 5, max: 20, message: '用户密码长度必须介于 5 和 20 之间', trigger: 'blur' }
|
{ validator: passwordValidator, trigger: 'blur' }
|
||||||
],
|
],
|
||||||
email: [{ type: 'email', message: '请输入正确的邮箱地址', trigger: ['blur', 'change'] }],
|
email: [{ type: 'email', message: '请输入正确的邮箱地址', trigger: ['blur', 'change'] }],
|
||||||
phonenumber: [{ pattern: /^1[3|4|5|6|7|8|9][0-9]\d{8}$/, message: '请输入正确的手机号码', trigger: 'blur' }]
|
phonenumber: [{ pattern: /^1[3|4|5|6|7|8|9][0-9]\d{8}$/, message: '请输入正确的手机号码', trigger: 'blur' }]
|
||||||
@@ -418,8 +419,8 @@ function handleResetPwd(row) {
|
|||||||
confirmButtonText: '确定',
|
confirmButtonText: '确定',
|
||||||
cancelButtonText: '取消',
|
cancelButtonText: '取消',
|
||||||
closeOnClickModal: false,
|
closeOnClickModal: false,
|
||||||
inputPattern: /^.{5,20}$/,
|
inputPattern: /^(?=.*[A-Z])(?=.*[a-z])(?=.*[0-9])(?=.*[^A-Za-z0-9\s])\S{8,20}$/,
|
||||||
inputErrorMessage: '用户密码长度必须介于 5 和 20 之间'
|
inputErrorMessage: '密码需 8-20 位,且须同时含大小写字母、数字和特殊字符(不能含空格)'
|
||||||
})
|
})
|
||||||
.then(({ value }) => {
|
.then(({ value }) => {
|
||||||
resetUserPwd(row.userId, value).then((response) => {
|
resetUserPwd(row.userId, value).then((response) => {
|
||||||
@@ -507,7 +508,7 @@ function handleUpdate(row) {
|
|||||||
form.value.roleIds = response.roleIds
|
form.value.roleIds = response.roleIds
|
||||||
open.value = true
|
open.value = true
|
||||||
title.value = '修改用户'
|
title.value = '修改用户'
|
||||||
form.password = ''
|
form.value.password = ''
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
/** 提交按钮 */
|
/** 提交按钮 */
|
||||||
|
|||||||
@@ -18,6 +18,7 @@
|
|||||||
|
|
||||||
<script setup>
|
<script setup>
|
||||||
import { updateUserPwd } from '@/api/system/user'
|
import { updateUserPwd } from '@/api/system/user'
|
||||||
|
import { passwordValidator } from '@/utils/validate'
|
||||||
|
|
||||||
const { proxy } = getCurrentInstance()
|
const { proxy } = getCurrentInstance()
|
||||||
|
|
||||||
@@ -38,7 +39,7 @@ const rules = ref({
|
|||||||
oldPassword: [{ required: true, message: '旧密码不能为空', trigger: 'blur' }],
|
oldPassword: [{ required: true, message: '旧密码不能为空', trigger: 'blur' }],
|
||||||
newPassword: [
|
newPassword: [
|
||||||
{ required: true, message: '新密码不能为空', trigger: 'blur' },
|
{ required: true, message: '新密码不能为空', trigger: 'blur' },
|
||||||
{ min: 6, max: 20, message: '长度在 6 到 20 个字符', trigger: 'blur' }
|
{ validator: passwordValidator, trigger: 'blur' }
|
||||||
],
|
],
|
||||||
confirmPassword: [
|
confirmPassword: [
|
||||||
{ required: true, message: '确认密码不能为空', trigger: 'blur' },
|
{ required: true, message: '确认密码不能为空', trigger: 'blur' },
|
||||||
|
|||||||
Reference in New Issue
Block a user