feat(auth): 新增密码复杂度校验,注册/修改密码/新建用户/重置密码统一为8-20位且须含大小写字母/数字/特殊字符
This commit is contained in:
@@ -1,9 +1,9 @@
|
||||
/**
|
||||
* 判断url是否是http或https
|
||||
* 判断url是否是http或https
|
||||
* @param {string} path
|
||||
* @returns {Boolean}
|
||||
*/
|
||||
export function isHttp(url) {
|
||||
export function isHttp(url) {
|
||||
return url.indexOf('http://') !== -1 || url.indexOf('https://') !== -1
|
||||
}
|
||||
|
||||
@@ -12,7 +12,7 @@
|
||||
* @param {string} path
|
||||
* @returns {Boolean}
|
||||
*/
|
||||
export function isExternal(path) {
|
||||
export function isExternal(path) {
|
||||
return /^(https?:|mailto:|tel:)/.test(path)
|
||||
}
|
||||
|
||||
@@ -30,7 +30,8 @@ export function validUsername(str) {
|
||||
* @returns {Boolean}
|
||||
*/
|
||||
export function validURL(url) {
|
||||
const reg = /^(https?|ftp):\/\/([a-zA-Z0-9.-]+(:[a-zA-Z0-9.&%$-]+)*@)*((25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]?)(\.(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])){3}|([a-zA-Z0-9-]+\.)*[a-zA-Z0-9-]+\.(com|edu|gov|int|mil|net|org|biz|arpa|info|name|pro|aero|coop|museum|[a-zA-Z]{2}))(:[0-9]+)*(\/($|[a-zA-Z0-9.,?'\\+&%$#=~_-]+))*$/
|
||||
const reg =
|
||||
/^(https?|ftp):\/\/([a-zA-Z0-9.-]+(:[a-zA-Z0-9.&%$-]+)*@)*((25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]?)(\.(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])){3}|([a-zA-Z0-9-]+\.)*[a-zA-Z0-9-]+\.(com|edu|gov|int|mil|net|org|biz|arpa|info|name|pro|aero|coop|museum|[a-zA-Z]{2}))(:[0-9]+)*(\/($|[a-zA-Z0-9.,?'\\+&%$#=~_-]+))*$/
|
||||
return reg.test(url)
|
||||
}
|
||||
|
||||
@@ -66,7 +67,8 @@ export function validAlphabets(str) {
|
||||
* @returns {Boolean}
|
||||
*/
|
||||
export function validEmail(email) {
|
||||
const reg = /^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/
|
||||
const reg =
|
||||
/^(([^<>()[\]\\.,;:\s@"]+(\.[^<>()[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/
|
||||
return reg.test(email)
|
||||
}
|
||||
|
||||
@@ -91,3 +93,65 @@ export function isArray(arg) {
|
||||
}
|
||||
return Array.isArray(arg)
|
||||
}
|
||||
|
||||
// ============ 密码复杂度校验 ============
|
||||
// 规则(与 H5 端保持一致):
|
||||
// 1. 长度 8-20 个字符
|
||||
// 2. 不能包含空格
|
||||
// 3. 必须同时包含:大写字母、小写字母、数字、特殊字符 四类
|
||||
|
||||
export const PASSWORD_MIN_LENGTH = 8
|
||||
export const PASSWORD_MAX_LENGTH = 20
|
||||
|
||||
const REG_UPPER = /[A-Z]/
|
||||
const REG_LOWER = /[a-z]/
|
||||
const REG_NUMBER = /[0-9]/
|
||||
// 特殊字符:非字母、非数字、非空白(即标点符号等)
|
||||
const REG_SPECIAL = /[^A-Za-z0-9\s]/
|
||||
|
||||
/**
|
||||
* 校验密码复杂度,返回精确的失败原因
|
||||
* @param {string} password
|
||||
* @returns {{ valid: boolean, message: string }}
|
||||
*/
|
||||
export function validatePassword(password) {
|
||||
if (password === undefined || password === null || password === '') {
|
||||
return { valid: false, message: '密码不能为空' }
|
||||
}
|
||||
const value = String(password)
|
||||
if (value.length < PASSWORD_MIN_LENGTH || value.length > PASSWORD_MAX_LENGTH) {
|
||||
return { valid: false, message: `密码长度在 ${PASSWORD_MIN_LENGTH} 到 ${PASSWORD_MAX_LENGTH} 个字符` }
|
||||
}
|
||||
if (/\s/.test(value)) {
|
||||
return { valid: false, message: '密码不能包含空格' }
|
||||
}
|
||||
if (!REG_UPPER.test(value)) {
|
||||
return { valid: false, message: '密码必须包含大写字母' }
|
||||
}
|
||||
if (!REG_LOWER.test(value)) {
|
||||
return { valid: false, message: '密码必须包含小写字母' }
|
||||
}
|
||||
if (!REG_NUMBER.test(value)) {
|
||||
return { valid: false, message: '密码必须包含数字' }
|
||||
}
|
||||
if (!REG_SPECIAL.test(value)) {
|
||||
return { valid: false, message: '密码必须包含特殊字符' }
|
||||
}
|
||||
return { valid: true, message: '' }
|
||||
}
|
||||
|
||||
/**
|
||||
* Element Plus (async-validator) 自定义校验函数
|
||||
* 用法:{ validator: passwordValidator, trigger: 'blur' }
|
||||
* @param {object} rule
|
||||
* @param {string} value
|
||||
* @param {Function} callback
|
||||
*/
|
||||
export function passwordValidator(rule, value, callback) {
|
||||
const { valid, message } = validatePassword(value)
|
||||
if (valid) {
|
||||
callback()
|
||||
} else {
|
||||
callback(new Error(message))
|
||||
}
|
||||
}
|
||||
|
||||
@@ -67,6 +67,7 @@
|
||||
<script setup>
|
||||
import { ElMessageBox } from 'element-plus'
|
||||
import { getCodeImg, register } from '@/api/login'
|
||||
import { passwordValidator } from '@/utils/validate'
|
||||
|
||||
const router = useRouter()
|
||||
const { proxy } = getCurrentInstance()
|
||||
@@ -95,7 +96,7 @@ const registerRules = {
|
||||
],
|
||||
password: [
|
||||
{ required: true, trigger: 'blur', message: '请输入您的密码' },
|
||||
{ min: 5, max: 20, message: '用户密码长度必须介于 5 和 20 之间', trigger: 'blur' }
|
||||
{ validator: passwordValidator, trigger: 'blur' }
|
||||
],
|
||||
confirmPassword: [
|
||||
{ required: true, trigger: 'blur', message: '请再次输入您的密码' },
|
||||
@@ -127,7 +128,7 @@ function handleRegister() {
|
||||
})
|
||||
.catch(() => {
|
||||
loading.value = false
|
||||
if (captchaEnabled) {
|
||||
if (captchaEnabled.value) {
|
||||
getCode()
|
||||
}
|
||||
})
|
||||
|
||||
@@ -238,6 +238,7 @@
|
||||
<script setup name="User">
|
||||
import { getToken } from '@/utils/auth'
|
||||
import { changeUserStatus, listUser, resetUserPwd, delUser, getUser, updateUser, addUser, deptTreeSelect } from '@/api/system/user'
|
||||
import { passwordValidator } from '@/utils/validate'
|
||||
import { onMounted } from 'vue'
|
||||
const router = useRouter()
|
||||
const { proxy } = getCurrentInstance()
|
||||
@@ -304,7 +305,7 @@ const data = reactive({
|
||||
nickName: [{ required: true, message: '用户昵称不能为空', trigger: 'blur' }],
|
||||
password: [
|
||||
{ required: true, message: '用户密码不能为空', trigger: 'blur' },
|
||||
{ min: 5, max: 20, message: '用户密码长度必须介于 5 和 20 之间', trigger: 'blur' }
|
||||
{ validator: passwordValidator, trigger: 'blur' }
|
||||
],
|
||||
email: [{ type: 'email', message: '请输入正确的邮箱地址', trigger: ['blur', 'change'] }],
|
||||
phonenumber: [{ pattern: /^1[3|4|5|6|7|8|9][0-9]\d{8}$/, message: '请输入正确的手机号码', trigger: 'blur' }]
|
||||
@@ -418,8 +419,8 @@ function handleResetPwd(row) {
|
||||
confirmButtonText: '确定',
|
||||
cancelButtonText: '取消',
|
||||
closeOnClickModal: false,
|
||||
inputPattern: /^.{5,20}$/,
|
||||
inputErrorMessage: '用户密码长度必须介于 5 和 20 之间'
|
||||
inputPattern: /^(?=.*[A-Z])(?=.*[a-z])(?=.*[0-9])(?=.*[^A-Za-z0-9\s])\S{8,20}$/,
|
||||
inputErrorMessage: '密码需 8-20 位,且须同时含大小写字母、数字和特殊字符(不能含空格)'
|
||||
})
|
||||
.then(({ value }) => {
|
||||
resetUserPwd(row.userId, value).then((response) => {
|
||||
@@ -507,7 +508,7 @@ function handleUpdate(row) {
|
||||
form.value.roleIds = response.roleIds
|
||||
open.value = true
|
||||
title.value = '修改用户'
|
||||
form.password = ''
|
||||
form.value.password = ''
|
||||
})
|
||||
}
|
||||
/** 提交按钮 */
|
||||
|
||||
@@ -18,6 +18,7 @@
|
||||
|
||||
<script setup>
|
||||
import { updateUserPwd } from '@/api/system/user'
|
||||
import { passwordValidator } from '@/utils/validate'
|
||||
|
||||
const { proxy } = getCurrentInstance()
|
||||
|
||||
@@ -38,7 +39,7 @@ const rules = ref({
|
||||
oldPassword: [{ required: true, message: '旧密码不能为空', trigger: 'blur' }],
|
||||
newPassword: [
|
||||
{ required: true, message: '新密码不能为空', trigger: 'blur' },
|
||||
{ min: 6, max: 20, message: '长度在 6 到 20 个字符', trigger: 'blur' }
|
||||
{ validator: passwordValidator, trigger: 'blur' }
|
||||
],
|
||||
confirmPassword: [
|
||||
{ required: true, message: '确认密码不能为空', trigger: 'blur' },
|
||||
|
||||
Reference in New Issue
Block a user