1.添加修改密码时校验旧密码和验证码接口

cooleshow-auth/auth-api/src/main/java/com/yonge/cooleshow/auth/api/entity/UserPassword.java

@@ -0,0 +1,31 @@
+package com.yonge.cooleshow.auth.api.entity;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+import javax.validation.constraints.NotNull;
+
+@ApiModel("用户账号密码")
+@Data
+public class UserPassword {
+
+
+    @ApiModel("校验密码")
+    @Data
+    public static class CheckPassword {
+
+        @ApiModelProperty("密码")
+        @NotNull(message = "密码不能为空")
+        private String password;
+    }
+
+    @ApiModel("校验验证码")
+    @Data
+    public static class CheckVerityCode {
+
+        @ApiModelProperty("验证码")
+        @NotNull(message = "验证码不能为空")
+        private String code;
+    }
+}

cooleshow-auth/auth-server/src/main/java/com/yonge/cooleshow/auth/web/controller/UserController.java

@@ -6,6 +6,7 @@ import com.yonge.cooleshow.auth.api.dto.UpdatePasswordDto;
 import com.yonge.cooleshow.auth.api.dto.UserSetReq;
 import com.yonge.cooleshow.auth.api.entity.SysRole;
 import com.yonge.cooleshow.auth.api.entity.SysUser;
+import com.yonge.cooleshow.auth.api.entity.UserPassword;
 import com.yonge.cooleshow.auth.api.vo.UserSetVo;
 import com.yonge.cooleshow.auth.core.service.CustomTokenServices;
 import com.yonge.cooleshow.auth.service.SysConfigService;
@@ -40,6 +41,7 @@ import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
 import javax.validation.Valid;
@@ -672,4 +674,28 @@ public class UserController extends BaseController {
         result.put("customerServicePhone",sysConfigService.findConfigValue("customer_service_phone"));
         return succeed(result);
     }
+
+    @PostMapping("/checkPassword")
+    @ApiOperation(value = "校验密码")
+    public Object checkPassword(@Validated @RequestBody UserPassword.CheckPassword checkPassword){
+        AuthUser authUser = SecurityUtils.getUser();
+        SysUser sysUser = sysUserService.get(authUser.getUserId());
+        BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
+        if(!encoder.matches(checkPassword.getPassword(),sysUser.getPassword())){
+            throw new BizException("原密码错误");
+        }
+        return succeed();
+    }
+
+    @PostMapping("/checkVerityCode")
+    @ApiOperation(value = "校验验证码")
+    public Object checkVerityCode(@Validated @RequestBody UserPassword.CheckVerityCode checkVerityCode) {
+        AuthUser authUser = SecurityUtils.getUser();
+        SysUser sysUser = sysUserService.get(authUser.getUserId());
+        if (!smsCodeService.verifyValidCode(sysUser.getPhone(), checkVerityCode.getCode(),
+                "SMS_VERIFY_CODE_UPDATE_PSW")) {
+            return failed("验证码错误");
+        }
+        return succeed();
+    }
 }