public HttpHeaders doPasswd() {
AuthUserDetails authUserDetails = AuthContextHolder.getAuthUserDetails();
Assert.notNull(authUserDetails);
HttpServletRequest request = ServletActionContext.getRequest();
String oldpasswd = request.getParameter("oldpasswd");
String newpasswd = request.getParameter("newpasswd");
Assert.isTrue(StringUtils.isNotBlank(oldpasswd));
Assert.isTrue(StringUtils.isNotBlank(newpasswd));
User user = userService.findByUid(authUserDetails.getUid());
String encodedPasswd = userService.encodeUserPasswd(user, oldpasswd);
if (!encodedPasswd.equals(user.getPassword())) {
setModel(OperationResult.buildFailureResult("原密码不正确,请重新输入"));
} else {
userService.save(user, newpasswd);
setModel(OperationResult.buildSuccessResult("密码修改成功,请在下次登录使用新密码"));
}
return new DefaultHttpHeaders().disableCaching();
}
