revert ：取消合并用户管理，因为那是旧的版本

revert Merge remote-tracking branch 'origin/personal/lsd/UserManagement'

# Conflicts:
#	src/main/java/org/cmh/backend/authentication/controller/AuthenticationController.java
#	src/main/java/org/cmh/backend/authentication/repository/UserRepository.java
#	src/main/java/org/cmh/backend/authentication/service/UserService.java

pom.xml

@@ -164,17 +164,6 @@
 			<artifactId>mysql</artifactId>
 			<scope>test</scope>
 		</dependency>
-		<dependency>
-			<groupId>org.apache.poi</groupId>
-			<artifactId>poi-ooxml</artifactId>
-			<version>5.2.3</version> <!-- 请使用最新版本 -->
-		</dependency><!-- BY JERRY -->
-		<dependency>
-			<groupId>javax.servlet</groupId>
-			<artifactId>javax.servlet-api</artifactId>
-			<version>4.0.1</version> <!-- 请使用最新版本 -->
-			<scope>provided</scope>
-		</dependency>
 	</dependencies>
 
 	<build>

src/main/java/org/cmh/backend/Config/SecurityConfig.java

@@ -4,8 +4,6 @@ import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
-import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.SecurityFilterChain;
 
 @Configuration
@@ -13,22 +11,13 @@ public class SecurityConfig {
 
     @Bean
     public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
-        // Disable CSRF
+        // Use the new API to disable CSRF
         http.csrf(AbstractHttpConfigurer::disable)
-                // Permit all requests to all endpoints
+                // Permit all requests
                 .authorizeHttpRequests(authorize -> authorize
-                        .anyRequest().permitAll() // Allow all requests without authentication
-                )
-                // Disable form login
-                .formLogin(AbstractHttpConfigurer::disable)
-                // Disable logout
-                .logout(AbstractHttpConfigurer::disable);
+                        .anyRequest().permitAll()
+                );
 
         return http.build();
     }
-
-    @Bean
-    public PasswordEncoder passwordEncoder() {
-        return new BCryptPasswordEncoder();
-    }
 }

src/main/java/org/cmh/backend/MeetingManagement/controller/MeetingController.java

@@ -1,203 +0,0 @@
-package org.cmh.backend.MeetingManagement.controller;
-
-import org.cmh.backend.MeetingManagement.model.Meeting;
-import org.cmh.backend.MeetingManagement.service.MeetingService;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.http.HttpStatus;
-import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.*;
-
-import java.time.LocalDateTime;
-import java.time.OffsetDateTime;
-import java.time.format.DateTimeFormatter;
-import java.util.List;
-import java.util.Map;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
-import java.io.IOException;
-import org.apache.poi.xssf.usermodel.XSSFWorkbook;
-import org.apache.poi.xssf.usermodel.XSSFSheet;
-import org.apache.poi.xssf.usermodel.XSSFRow;
-import javax.servlet.http.HttpServletResponse;
-
-
-@RestController
-@RequestMapping("/meetings")
-public class MeetingController {
-
-    @Autowired
-    private MeetingService meetingService;
-
-    private DateTimeFormatter formatter = DateTimeFormatter.ISO_OFFSET_DATE_TIME;
-
-    @GetMapping("/listAll")
-    public ResponseEntity<List<Meeting>> listAll() {
-        List<Meeting> data = meetingService.getAllMeetings();
-        return ResponseEntity.ok(data);
-    }
-
-    @PostMapping("/addMeeting")
-    public ResponseEntity<Meeting> add(@RequestBody Map<String, String> credentials) {
-        try {
-            Meeting meeting = new Meeting();
-            if (credentials.get("id") != null) {
-                meeting.setId(Long.parseLong(credentials.get("id")));
-            }
-            meeting.setName(credentials.get("name"));
-            meeting.setOrganizer(credentials.get("organizer"));
-
-            // Parse startTime and endTime to OffsetDateTime, then convert to LocalDateTime
-            OffsetDateTime startTime = OffsetDateTime.parse(credentials.get("startTime"), formatter);
-            OffsetDateTime endTime = OffsetDateTime.parse(credentials.get("endTime"), formatter);
-            meeting.setStartTime(startTime.toLocalDateTime());
-            meeting.setEndTime(endTime.toLocalDateTime());
-
-            meeting.setContent(credentials.get("content"));
-            meeting.setStatus(credentials.get("status"));
-
-            Meeting meetingAdd = meetingService.createMeeting(meeting);
-            return new ResponseEntity<>(meetingAdd, HttpStatus.CREATED);
-        } catch (Exception e) {
-            return new ResponseEntity<>(null, HttpStatus.BAD_REQUEST);
-        }
-    }
-
-    @PostMapping("/deleteMeeting")
-    public ResponseEntity<String> delete(@RequestBody Map<String, String> credentials) {
-        try {
-            meetingService.deleteMeeting(Long.valueOf(credentials.get("id")));
-            return new ResponseEntity<>("success", HttpStatus.OK);
-        } catch (Exception e) {
-            return new ResponseEntity<>("failure", HttpStatus.BAD_REQUEST);
-        }
-    }
-
-
-    @PostMapping("/updateMeeting")
-    public ResponseEntity<Meeting> update(@RequestBody Map<String, String> credentials) {
-        try {
-            // Validate and parse id
-            String idStr = credentials.get("id");
-            if (idStr == null || idStr.isEmpty()) {
-                throw new IllegalArgumentException("ID cannot be null or empty");
-            }
-            Long id = Long.parseLong(idStr);
-
-            // Validate and parse other fields
-            String name = credentials.get("name");
-            if (name == null || name.isEmpty()) {
-                throw new IllegalArgumentException("Name cannot be null or empty");
-            }
-
-            String organizer = credentials.get("organizer");
-            if (organizer == null || organizer.isEmpty()) {
-                throw new IllegalArgumentException("Organizer cannot be null or empty");
-            }
-
-            String startTimeStr = credentials.get("startTime");
-            if (startTimeStr == null || startTimeStr.isEmpty()) {
-                throw new IllegalArgumentException("Start time cannot be null or empty");
-            }
-            LocalDateTime startTime = LocalDateTime.parse(startTimeStr, DateTimeFormatter.ISO_LOCAL_DATE_TIME);
-
-            String endTimeStr = credentials.get("endTime");
-            if (endTimeStr == null || endTimeStr.isEmpty()) {
-                throw new IllegalArgumentException("End time cannot be null or empty");
-            }
-            LocalDateTime endTime = LocalDateTime.parse(endTimeStr, DateTimeFormatter.ISO_LOCAL_DATE_TIME);
-
-            String content = credentials.get("content");
-            if (content == null || content.isEmpty()) {
-                throw new IllegalArgumentException("Content cannot be null or empty");
-            }
-
-            String status = credentials.get("status");
-            if (status == null || status.isEmpty()) {
-                throw new IllegalArgumentException("Status cannot be null or empty");
-            }
-
-            // Create and update meeting
-            Meeting meeting = new Meeting();
-            meeting.setId(id);
-            meeting.setName(name);
-            meeting.setOrganizer(organizer);
-            meeting.setStartTime(startTime);
-            meeting.setEndTime(endTime);
-            meeting.setContent(content);
-            meeting.setStatus(status);
-
-            Meeting updatedMeeting = meetingService.updateMeeting(meeting.getId(), meeting);
-            return new ResponseEntity<>(updatedMeeting, HttpStatus.OK);
-        } catch (IllegalArgumentException e) {
-            return new ResponseEntity<>(null, HttpStatus.BAD_REQUEST);
-        } catch (Exception e) {
-            e.printStackTrace(); // 打印异常信息
-            return new ResponseEntity<>(null, HttpStatus.INTERNAL_SERVER_ERROR);
-        }
-    }
-
-    @PostMapping("/getMeetingById")
-    public ResponseEntity<Meeting> getById(@RequestBody Map<String, String> credentials) {
-        try {
-            Meeting meeting = meetingService.getMeetingById(Long.valueOf(credentials.get("id"))).orElse(null);
-            return new ResponseEntity<>(meeting, HttpStatus.OK);
-        } catch (Exception e) {
-            return new ResponseEntity<>(null, HttpStatus.BAD_REQUEST);
-        }
-    }
-
-    @PostMapping("/searchMeetings")
-    public ResponseEntity<List<Meeting>> searchMeetings(@RequestBody Map<String, String> params) {
-        String name = params.get("name");
-        String organizer = params.get("organizer");
-        OffsetDateTime startTimeStr = OffsetDateTime.parse(params.get("startTime"),formatter);
-        LocalDateTime startTime1 = (startTimeStr.toLocalDateTime());
-        //LocalDateTime startTime = startTimeStr != null ? LocalDateTime.parse(startTimeStr) : null;
-
-        List<Meeting> meetings = meetingService.searchMeetings(name, organizer, startTime1);
-        return new ResponseEntity<>(meetings, HttpStatus.OK);
-    }
-
-    @PostMapping("/export")
-    public void exportMeetings(@RequestBody Map<String, String> params, HttpServletResponse response) {
-        String name = params.get("name");
-        String organizer = params.get("organizer");
-        String startTimeStr = params.get("startTime");
-        LocalDateTime startTime = startTimeStr != null ? LocalDateTime.parse(startTimeStr) : null;
-
-        List<Meeting> meetings = meetingService.searchMeetings(name, organizer, startTime);
-
-        // 生成Excel文件
-        try (XSSFWorkbook workbook = new XSSFWorkbook()) {
-            XSSFSheet sheet = workbook.createSheet("Meetings");
-            XSSFRow header = sheet.createRow(0);
-            header.createCell(0).setCellValue("会议ID");
-            header.createCell(1).setCellValue("会议名称");
-            header.createCell(2).setCellValue("组织者");
-            header.createCell(3).setCellValue("开始时间");
-            header.createCell(4).setCellValue("结束时间");
-            header.createCell(5).setCellValue("状态");
-
-            int rowIdx = 1;
-            for (Meeting meeting : meetings) {
-                XSSFRow row = sheet.createRow(rowIdx++);
-                row.createCell(0).setCellValue(meeting.getId());
-                row.createCell(1).setCellValue(meeting.getName());
-                row.createCell(2).setCellValue(meeting.getOrganizer());
-                row.createCell(3).setCellValue(meeting.getStartTime().toString());
-                row.createCell(4).setCellValue(meeting.getEndTime().toString());
-                row.createCell(5).setCellValue(meeting.getStatus());
-            }
-
-            response.setContentType("application/vnd.openxmlformats-officedocument.spreadsheetml.sheet");
-            response.setHeader("Content-Disposition", "attachment; filename=meetings.xlsx");
-            workbook.write(response.getOutputStream());
-        } catch (IOException e) {
-            e.printStackTrace();
-        }
-    }
-
-
-}

src/main/java/org/cmh/backend/MeetingManagement/model/Meeting.java

@@ -1,48 +0,0 @@
-package org.cmh.backend.MeetingManagement.model;
-
-import jakarta.persistence.Entity;
-import jakarta.persistence.GeneratedValue;
-import jakarta.persistence.GenerationType;
-import jakarta.persistence.Id;
-import lombok.Getter;
-import lombok.Setter;
-import java.time.LocalDateTime;
-
-@Setter
-@Getter
-@Entity
-public class Meeting {
-    @Id
-    @GeneratedValue(strategy = GenerationType.IDENTITY)
-    private Long id;
-    private String name;
-    private String organizer;
-    private LocalDateTime startTime;  // Changed to LocalDateTime
-    private LocalDateTime endTime;    // Changed to LocalDateTime
-    private String content;
-    private String status;
-
-    public Meeting() {}
-
-    public Meeting(String name, String organizer, LocalDateTime startTime, LocalDateTime endTime, String content, String status) {
-        this.name = name;
-        this.organizer = organizer;
-        this.startTime = startTime;
-        this.endTime = endTime;
-        this.content = content;
-        this.status = status;
-    }
-
-    @Override
-    public String toString() {
-        return "Meeting{" +
-                "id=" + id +
-                ", name='" + name + '\'' +
-                ", organizer='" + organizer + '\'' +
-                ", startTime=" + startTime +
-                ", endTime=" + endTime +
-                ", content='" + content + '\'' +
-                ", status='" + status + '\'' +
-                '}';
-    }
-}

src/main/java/org/cmh/backend/MeetingManagement/repository/MeetingRepository.java

@@ -1,15 +0,0 @@
-package org.cmh.backend.MeetingManagement.repository;
-
-import org.cmh.backend.MeetingManagement.model.Meeting;
-import org.springframework.data.jpa.repository.JpaRepository;
-import java.time.LocalDateTime;
-import java.util.List;
-import org.springframework.data.jpa.repository.Query;
-
-public interface MeetingRepository extends JpaRepository<Meeting, Long> {
-    @Query("SELECT m FROM Meeting m WHERE " +
-            "(?1 IS NULL OR m.name LIKE %?1%) AND " +
-            "(?2 IS NULL OR m.organizer LIKE %?2%) AND " +
-            "(?3 IS NULL OR m.startTime >= ?3)")
-    List<Meeting> searchMeetings(String name, String organizer, LocalDateTime startTime);
-}

src/main/java/org/cmh/backend/MeetingManagement/service/MeetingService.java

@@ -1,74 +0,0 @@
-package org.cmh.backend.MeetingManagement.service;
-
-import org.cmh.backend.MeetingManagement.model.Meeting;
-import org.cmh.backend.MeetingManagement.repository.MeetingRepository;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Service;
-
-import java.time.LocalDateTime;
-import java.util.List;
-import java.util.Optional;
-
-@Service
-public class MeetingService {
-    @Autowired
-    private MeetingRepository meetingRepository;
-
-    public List<Meeting> getAllMeetings() {
-        return meetingRepository.findAll();
-    }
-
-    public Optional<Meeting> getMeetingById(Long id) {
-        return meetingRepository.findById(id);
-    }
-
-    public Meeting createMeeting(Meeting meeting) {
-        validateMeeting(meeting);
-        return meetingRepository.save(meeting);
-    }
-
-    public Meeting updateMeeting(Long id, Meeting meetingDetails) {
-        validateMeeting(meetingDetails);
-        Meeting meeting = meetingRepository.findById(id)
-                .orElseThrow(() -> new RuntimeException("Meeting not found with id " + id));
-        meeting.setName(meetingDetails.getName());
-        meeting.setOrganizer(meetingDetails.getOrganizer());
-        meeting.setStartTime(meetingDetails.getStartTime());
-        meeting.setEndTime(meetingDetails.getEndTime());
-        meeting.setContent(meetingDetails.getContent());
-        meeting.setStatus(meetingDetails.getStatus());
-        return meetingRepository.save(meeting);
-    }
-
-    public void deleteMeeting(Long id) {
-        Meeting meeting = meetingRepository.findById(id)
-                .orElseThrow(() -> new RuntimeException("Meeting not found with id " + id));
-        meetingRepository.delete(meeting);
-    }
-
-    private void validateMeeting(Meeting meeting) {
-        if (meeting.getName() == null || meeting.getName().isEmpty()) {
-            throw new RuntimeException("会议名称不能为空");
-        }
-        if (meeting.getOrganizer() == null || meeting.getOrganizer().isEmpty()) {
-            throw new RuntimeException("组织者不能为空");
-        }
-        if (meeting.getStartTime() == null) {
-            throw new RuntimeException("开始时间不能为空");
-        }
-        if (meeting.getEndTime() == null) {
-            throw new RuntimeException("结束时间不能为空");
-        }
-        if (meeting.getStatus() == null || meeting.getStatus().isEmpty()) {
-            throw new RuntimeException("状态不能为空");
-        }
-    }
-
-
-        public List<Meeting> searchMeetings(String name, String organizer, LocalDateTime startTime) {
-            // 根据条件搜索会议
-            return meetingRepository.searchMeetings(name, organizer, startTime);
-        }
-    }
-
-

src/main/java/org/cmh/backend/NewsManagement/controller/FileController.java

@@ -0,0 +1,65 @@
+package org.cmh.backend.NewsManagement.controller;
+
+import org.cmh.backend.NewsManagement.dto.UploadFileResponse;
+import org.springframework.core.io.Resource;
+import org.springframework.core.io.UrlResource;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+import org.springframework.web.multipart.MultipartFile;
+
+import java.io.IOException;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+
+@RestController
+@CrossOrigin // 如果前端和后端不在同一个域名或端口下，需要启用跨域
+public class FileController {
+
+    private static final String UPLOAD_DIR = "uploads/";
+
+    @PostMapping("/news/uploadPic")
+    public ResponseEntity<UploadFileResponse> uploadFile(@RequestParam("file") MultipartFile file) {
+        if (file.isEmpty()) {
+            return new ResponseEntity<>(new UploadFileResponse("文件不能为空", null), HttpStatus.BAD_REQUEST);
+        }
+
+        try {
+            // 确保上传目录存在
+            Path uploadDirPath = Paths.get(UPLOAD_DIR);
+            if (!Files.exists(uploadDirPath)) {
+                Files.createDirectories(uploadDirPath);
+            }
+
+            // 生成文件路径
+            byte[] bytes = file.getBytes();
+            Path path = Paths.get(UPLOAD_DIR + file.getOriginalFilename());
+            Files.write(path, bytes);
+
+            // 返回成功信息
+            return new ResponseEntity<>(new UploadFileResponse("文件上传成功", "/api/news/files/" + file.getOriginalFilename()), HttpStatus.OK);
+        } catch (IOException e) {
+            return new ResponseEntity<>(new UploadFileResponse("文件上传失败", null), HttpStatus.INTERNAL_SERVER_ERROR);
+        }
+    }
+
+    @GetMapping("/news/files/{filename}")
+    public ResponseEntity<Resource> getFile(@PathVariable String filename) {
+        try {
+            Path filePath = Paths.get(UPLOAD_DIR).resolve(filename).normalize();
+            Resource resource = new UrlResource(filePath.toUri());
+
+            if (resource.exists() && resource.isReadable()) {
+                return ResponseEntity.ok()
+                        .header(HttpHeaders.CONTENT_DISPOSITION, "attachment; filename=\"" + resource.getFilename() + "\"")
+                        .body(resource);
+            } else {
+                return new ResponseEntity<>(HttpStatus.NOT_FOUND);
+            }
+        } catch (Exception e) {
+            return new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR);
+        }
+    }
+}

src/main/java/org/cmh/backend/NewsManagement/controller/NewsController.java

@@ -0,0 +1,104 @@
+package org.cmh.backend.NewsManagement.controller;
+
+import jakarta.persistence.EntityNotFoundException;
+import org.cmh.backend.NewsManagement.dto.GetNewsListResponse;
+import org.cmh.backend.NewsManagement.dto.MessageResponse;
+import org.cmh.backend.NewsManagement.dto.NewsRequest;
+import org.cmh.backend.NewsManagement.dto.SearchNewsRequest;
+import org.cmh.backend.NewsManagement.model.News;
+import org.cmh.backend.NewsManagement.service.NewsService;
+import org.cmh.backend.Utils.JwtUtil;
+import org.cmh.backend.Utils.JwtVerify;
+import org.cmh.backend.authentication.model.UserHS;
+import org.cmh.backend.authentication.service.UserService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.dao.DataIntegrityViolationException;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+
+import java.util.List;
+
+@RestController
+@RequestMapping("/news")
+public class NewsController {
+    @Autowired
+    private NewsService newsService;
+
+    @Autowired
+    private UserService userService;
+
+    @GetMapping
+    @JwtVerify
+    public ResponseEntity<GetNewsListResponse> getNewsByRange(@RequestParam Integer start, @RequestParam Integer end, @RequestParam String token) {
+        String username = JwtUtil.extractUsername(token);
+        UserHS user = userService.getUserByUsername(username);
+        // TODO:完善用户权限
+        if (user.getSuperAdmin()) {
+
+        } else {
+
+        }
+
+        if (start >= end) {
+            return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
+        }
+        long newsCount = newsService.getNewsCount();
+        return new ResponseEntity<>(new GetNewsListResponse(newsCount, newsService.getNewsByRange(start, end, user)), HttpStatus.OK);
+    }
+
+    @PostMapping("/search")
+    @JwtVerify
+    public ResponseEntity<GetNewsListResponse> searchNews(@RequestBody SearchNewsRequest request) {
+        List<News> newsList = newsService.searchNews(request);
+        long newsCount = newsList.size();
+        return new ResponseEntity<>(new GetNewsListResponse(newsCount, newsList), HttpStatus.OK);
+    }
+
+    @GetMapping("/{id}")
+    @JwtVerify
+    public ResponseEntity<News> getNewsPage(@PathVariable Long id, @RequestParam String token) {
+        try {
+            return new ResponseEntity<>(newsService.getNewsById(id), HttpStatus.OK);
+        } catch (EntityNotFoundException e) {
+            return new ResponseEntity<>(HttpStatus.NOT_FOUND);
+        }
+    }
+
+    @PostMapping
+    @JwtVerify
+    public ResponseEntity<MessageResponse> createNews(@RequestBody NewsRequest request) {
+        try {
+            newsService.createNews(request);
+        } catch (DataIntegrityViolationException e) {
+            return new ResponseEntity<>(new MessageResponse("创建失败，文章已存在或缺少字段"), HttpStatus.BAD_REQUEST);
+        } catch (Exception e) {
+            return new ResponseEntity<>(new MessageResponse("创建失败:" + e.getMessage()), HttpStatus.BAD_REQUEST);
+        }
+        return new ResponseEntity<>(new MessageResponse("创建成功"), HttpStatus.CREATED);
+    }
+
+    @PutMapping("/{id}")
+    @JwtVerify
+    public ResponseEntity<MessageResponse> updateNews(@PathVariable Long id, @RequestBody NewsRequest request) {
+        try {
+            newsService.updateNews(id, request);
+        } catch (DataIntegrityViolationException e) {
+            return new ResponseEntity<>(new MessageResponse("修改失败，新标题已存在或缺少字段"), HttpStatus.BAD_REQUEST);
+        } catch (Exception e) {
+            return new ResponseEntity<>(new MessageResponse("创建失败:" + e.getMessage()), HttpStatus.BAD_REQUEST);
+        }
+        return new ResponseEntity<>(new MessageResponse("修改成功"), HttpStatus.OK);
+    }
+
+    @DeleteMapping("/{id}")
+    @JwtVerify
+    public ResponseEntity<MessageResponse> deleteNews(@PathVariable Long id, @RequestParam String token) {
+        try {
+            newsService.deleteNews(id);
+        } catch (EntityNotFoundException e) {
+            return new ResponseEntity<>(new MessageResponse("删除失败，文章不存在"), HttpStatus.BAD_REQUEST);
+        }
+        return new ResponseEntity<>(new MessageResponse("删除成功"), HttpStatus.OK);
+    }
+}

src/main/java/org/cmh/backend/NewsManagement/dto/GetNewsListResponse.java

@@ -0,0 +1,17 @@
+package org.cmh.backend.NewsManagement.dto;
+
+
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.Setter;
+import org.cmh.backend.NewsManagement.model.News;
+
+import java.util.List;
+
+@Getter
+@Setter
+@AllArgsConstructor
+public class GetNewsListResponse {
+    Long newsCount;
+    List<News> newsList;
+}

src/main/java/org/cmh/backend/NewsManagement/dto/MessageResponse.java

@@ -0,0 +1,12 @@
+package org.cmh.backend.NewsManagement.dto;
+
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.Setter;
+
+@Getter
+@Setter
+@AllArgsConstructor
+public class MessageResponse {
+    String message;
+}

src/main/java/org/cmh/backend/NewsManagement/dto/NewsRequest.java

@@ -0,0 +1,16 @@
+package org.cmh.backend.NewsManagement.dto;
+
+import lombok.Getter;
+import lombok.Setter;
+import org.cmh.backend.Utils.JwtRequest;
+
+@Getter
+@Setter
+public class NewsRequest extends JwtRequest {
+    private String title;
+    private String summary;
+    private String content;
+    private String imagePath;
+    private String author;
+    private String tenant;
+}

src/main/java/org/cmh/backend/NewsManagement/dto/SearchNewsRequest.java

@@ -0,0 +1,15 @@
+package org.cmh.backend.NewsManagement.dto;
+
+import lombok.Getter;
+import lombok.Setter;
+import org.cmh.backend.Utils.JwtRequest;
+
+@Getter
+@Setter
+public class SearchNewsRequest extends JwtRequest {
+    private String author;
+    private String title;
+    private String imagePath;
+    private String summary;
+    private String sortBy;
+}

src/main/java/org/cmh/backend/NewsManagement/dto/UploadFileResponse.java

@@ -0,0 +1,16 @@
+package org.cmh.backend.NewsManagement.dto;
+
+
+import lombok.Getter;
+import lombok.Setter;
+
+@Getter
+@Setter
+public class UploadFileResponse extends MessageResponse {
+    private String url;
+
+    public UploadFileResponse(String message, String url) {
+        super(message);
+        this.url = url;
+    }
+}

src/main/java/org/cmh/backend/NewsManagement/model/News.java

@@ -0,0 +1,36 @@
+package org.cmh.backend.NewsManagement.model;
+
+import jakarta.persistence.*;
+import lombok.Getter;
+import lombok.Setter;
+import org.hibernate.annotations.CreationTimestamp;
+
+import java.time.LocalDateTime;
+
+@Setter
+@Getter
+@Entity
+public class News {
+    @Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    private Long id;
+
+    @Column(nullable = false, unique = true)
+    private String title;
+
+    @Column(nullable = false)
+    private String summary;
+
+    @Column(nullable = false)
+    private String content;
+
+    private String imagePath;
+
+    @Column(nullable = false)
+    private String author;
+
+    @CreationTimestamp
+    private LocalDateTime createdAt;
+    // TODO:添加外键绑定
+    private String tenant;
+}

src/main/java/org/cmh/backend/NewsManagement/repository/NewsRepository.java

@@ -0,0 +1,23 @@
+package org.cmh.backend.NewsManagement.repository;
+
+import org.cmh.backend.NewsManagement.model.News;
+import org.springframework.data.domain.Page;
+import org.springframework.data.domain.Pageable;
+import org.springframework.data.jpa.repository.JpaRepository;
+
+import java.util.List;
+
+public interface NewsRepository extends JpaRepository<News, Long> {
+    Page<News> findAllByOrderByIdDesc(Pageable pageable);
+
+    Page<News> findByTenantOrderByIdDesc(String tenant, Pageable pageable);
+
+    List<News> findByTitleContainingOrSummaryContainingOrAuthorContainingOrImagePathContainingAndTenantEquals(
+            String title,
+            String summary,
+            String author,
+            String imagePath,
+            String tenant);
+
+    List<News> findByTitleContainingOrSummaryContainingOrAuthorContainingOrImagePathContaining(String title, String summary, String author, String imagePath);
+}

src/main/java/org/cmh/backend/NewsManagement/service/NewsService.java

@@ -0,0 +1,175 @@
+package org.cmh.backend.NewsManagement.service;
+
+import jakarta.persistence.EntityManager;
+import jakarta.persistence.EntityNotFoundException;
+import jakarta.persistence.PersistenceContext;
+import jakarta.persistence.criteria.CriteriaBuilder;
+import jakarta.persistence.criteria.CriteriaQuery;
+import jakarta.persistence.criteria.Predicate;
+import jakarta.persistence.criteria.Root;
+import org.cmh.backend.NewsManagement.dto.NewsRequest;
+import org.cmh.backend.NewsManagement.dto.SearchNewsRequest;
+import org.cmh.backend.NewsManagement.model.News;
+import org.cmh.backend.NewsManagement.repository.NewsRepository;
+import org.cmh.backend.Utils.JwtUtil;
+import org.cmh.backend.authentication.model.UserHS;
+import org.cmh.backend.authentication.service.UserService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.domain.Page;
+import org.springframework.data.domain.PageRequest;
+import org.springframework.data.domain.Pageable;
+import org.springframework.stereotype.Service;
+
+import java.util.ArrayList;
+import java.util.List;
+
+@Service
+public class NewsService {
+    @Autowired
+    private NewsRepository newsRepository;
+
+    @Autowired
+    private UserService userService;
+
+    @PersistenceContext
+    private EntityManager entityManager;
+
+    public List<News> getNewsByRange(int start, int end, UserHS user) {
+        if (start < 0 || end <= start) {
+            throw new IllegalArgumentException("Invalid start or end range");
+        }
+
+        int pageSize = end - start; // 计算每页的大小
+        int startPageNumber = start / pageSize; // 计算起始页码
+        int endPageNumber = (end - 1) / pageSize; // 计算结束页码
+
+        List<News> result = new ArrayList<>();
+
+        for (int pageNumber = startPageNumber; pageNumber <= endPageNumber; pageNumber++) {
+            Pageable pageable = PageRequest.of(pageNumber, pageSize);
+            Page<News> newsPage = null;
+            if (user.getSuperAdmin()) {
+                newsPage = newsRepository.findAllByOrderByIdDesc(pageable);
+            } else {
+                newsPage = newsRepository.findByTenantOrderByIdDesc(user.getUsername(), pageable);
+            }
+
+            if (newsPage.hasContent()) {
+                result.addAll(newsPage.getContent());
+            } else {
+                break; // 如果没有更多内容，提前退出
+            }
+        }
+
+        int startIndex = start % pageSize;
+        int endIndex = startIndex + (end - start);
+
+        if (endIndex > result.size()) {
+            endIndex = result.size();
+        }
+
+        return result.subList(startIndex, endIndex);
+    }
+
+
+    public void createNews(NewsRequest request) {
+        News news = new News();
+        news.setTitle(request.getTitle());
+        news.setSummary(request.getSummary());
+        news.setContent(request.getContent());
+        news.setAuthor(request.getAuthor());
+        news.setImagePath(request.getImagePath());
+        news.setTenant(request.getTenant());
+        newsRepository.save(news);
+    }
+
+    public void updateNews(Long id, NewsRequest request) {
+        News news = newsRepository.findById(id).orElse(null);
+        if (news != null) {
+            news.setTitle(request.getTitle());
+            news.setSummary(request.getSummary());
+            news.setContent(request.getContent());
+            news.setAuthor(request.getAuthor());
+            news.setImagePath(request.getImagePath());
+            news.setTenant(request.getTenant());
+            newsRepository.save(news);
+        }
+    }
+
+    public void deleteNews(Long id) {
+        if (!newsRepository.existsById(id)) {
+            throw new EntityNotFoundException();
+        }
+        newsRepository.deleteById(id);
+    }
+
+    public News getNewsById(Long id) {
+        if (!newsRepository.existsById(id)) {
+            throw new EntityNotFoundException();
+        }
+        return newsRepository.findById(id).orElse(null);
+    }
+
+    public long getNewsCount() {
+        return newsRepository.count();
+    }
+
+    // TODO:完善用户权限
+//    public List<News> searchNews(SearchNewsRequest request) {
+//        String username = JwtUtil.extractUsername(request.getToken());
+//        UserHS user = userService.getUserByUsername(username);
+//        if (user.getSuperAdmin()) {
+//            return newsRepository.findByTitleContainingOrSummaryContainingOrAuthorContainingOrImagePathContaining(
+//                    request.getTitle(),
+//                    request.getSummary(),
+//                    request.getAuthor(),
+//                    request.getImagePath()
+//            );
+//        }
+//        return newsRepository.findByTitleContainingOrSummaryContainingOrAuthorContainingOrImagePathContainingAndTenantEquals(
+//                request.getTitle(),
+//                request.getSummary(),
+//                request.getAuthor(),
+//                request.getImagePath(),
+//                user.getUsername()
+//        );
+//    }
+    public List<News> searchNews(SearchNewsRequest request) {
+        String username = JwtUtil.extractUsername(request.getToken());
+        UserHS user = userService.getUserByUsername(username);
+
+        // Create a list to hold predicates
+        List<Predicate> predicates = new ArrayList<>();
+        // Create the query
+        CriteriaBuilder criteriaBuilder = entityManager.getCriteriaBuilder();
+        CriteriaQuery<News> criteriaQuery = criteriaBuilder.createQuery(News.class);
+        Root<News> root = criteriaQuery.from(News.class);
+
+        // Build the query conditionally based on non-empty fields
+        if (!request.getTitle().isEmpty()) {
+            predicates.add(criteriaBuilder.like(root.get("title"), "%" + request.getTitle() + "%"));
+        }
+        if (!request.getSummary().isEmpty()) {
+            predicates.add(criteriaBuilder.like(root.get("summary"), "%" + request.getSummary() + "%"));
+        }
+        if (!request.getAuthor().isEmpty()) {
+            predicates.add(criteriaBuilder.like(root.get("author"), "%" + request.getAuthor() + "%"));
+        }
+        if (!request.getImagePath().isEmpty()) {
+            predicates.add(criteriaBuilder.like(root.get("imagePath"), "%" + request.getImagePath() + "%"));
+        }
+
+        if (user.getSuperAdmin()) {
+            // Combine predicates with OR
+            criteriaQuery.where(criteriaBuilder.or(predicates.toArray(new Predicate[0])));
+        } else {
+            // Combine predicates with OR and add tenant condition
+            Predicate tenantPredicate = criteriaBuilder.equal(root.get("tenant"), user.getUsername());
+            predicates.add(tenantPredicate);
+            criteriaQuery.where(criteriaBuilder.and(predicates.toArray(new Predicate[0])));
+        }
+
+        // Execute the query
+        return entityManager.createQuery(criteriaQuery).getResultList();
+    }
+}

src/main/java/org/cmh/backend/authentication/controller/AuthenticationController.java

@@ -1,13 +1,109 @@
 package org.cmh.backend.authentication.controller;
 
 
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.RestController;
+import org.cmh.backend.Utils.JwtUtil;
+import org.cmh.backend.Utils.JwtVerify;
+import org.cmh.backend.authentication.dto.*;
+import org.cmh.backend.authentication.model.UserHS;
+import org.cmh.backend.authentication.service.UserService;
+import org.cmh.backend.authentication.service.VerificationCodeService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
 
 @RestController
 class AuthenticationController {
+
+    @Autowired
+    private UserService userService;
+
+    @Autowired
+    private VerificationCodeService verificationCodeService;
+
     @GetMapping("/hello")
-    public String hello(){
+    public String hello() {
         return "Hello SpringBoot!";
     }
+
+
+    @PostMapping("/register")
+    public ResponseEntity<RegisterResponse> register(@RequestBody RegisterRequest request) {
+        try {
+            boolean isRegistered = userService.registerUser(request);
+            if (isRegistered) {
+                return new ResponseEntity<>(new RegisterResponse("注册成功"), HttpStatus.OK);
+            } else {
+                return new ResponseEntity<>(new RegisterResponse("注册失败:用户已存在"), HttpStatus.BAD_REQUEST);
+            }
+        } catch (IllegalArgumentException e) {
+            return new ResponseEntity<>(new RegisterResponse("注册失败:输入格式有误"), HttpStatus.BAD_REQUEST);
+        } catch (Exception e) {
+            return new ResponseEntity<>(new RegisterResponse("注册失败:服务器错误"), HttpStatus.INTERNAL_SERVER_ERROR);
+        }
+
+    }
+
+    @PostMapping("/login")
+    public ResponseEntity<LoginResponse> login(@RequestBody LoginRequest loginRequest) {
+        boolean isValidUser = userService.loginUser(loginRequest.getUsername(), loginRequest.getPassword());
+
+        if (isValidUser) {
+            return new ResponseEntity<>(new LoginResponse("登录成功", JwtUtil.generateToken(loginRequest.getUsername())), HttpStatus.OK);
+        } else {
+            return new ResponseEntity<>(new LoginResponse("用户名或密码错误", null), HttpStatus.UNAUTHORIZED);
+        }
+    }
+
+    @GetMapping("/userProfile")
+    public ResponseEntity<UserProfileResponse> getUserProfile(@RequestParam String token) {
+        if (JwtUtil.isTokenValid(token)) {
+            UserHS user = userService.getUserByUsername(JwtUtil.extractUsername(token));
+            if (user != null) {
+                UserProfileResponse response = new UserProfileResponse(
+                        user.getUsername(),
+                        user.getNickname(),
+                        user.getGender(),
+                        user.getPhoneNumber(),
+                        user.getEmail(),
+                        user.getDepartment(),
+                        user.getRole(),
+                        user.getCreatedAt()
+                );
+                if (user.getSuperAdmin()) {
+                    response.setDepartment("超级管理员");
+                    response.setRole("超级管理员");
+                }
+                return new ResponseEntity<>(response, HttpStatus.OK);
+            }
+        }
+        return new ResponseEntity<>(HttpStatus.NOT_FOUND);
+    }
+
+    @PostMapping("/manageUserProfile")
+    @JwtVerify
+    public ResponseEntity<Object> manageUserProfile(@RequestBody ManageUserProfileRequest userProfileRequest) {
+        String username = JwtUtil.extractUsername(userProfileRequest.getToken());
+        boolean succeeded = userService.updateUserProfile(username, userProfileRequest);
+        if (succeeded) {
+            return new ResponseEntity<>(HttpStatus.OK);
+        }
+        return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
+    }
+
+    @PostMapping("/changePassword")
+    @JwtVerify
+    public ResponseEntity<Object> changePassword(@RequestBody ChangePasswordRequest changePasswordRequest) {
+        if (userService.changePassword(JwtUtil.extractUsername(changePasswordRequest.getToken()), changePasswordRequest)) {
+            return new ResponseEntity<>(HttpStatus.OK);
+        }
+        return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
+    }
+
+    @GetMapping("/getVerificationCode")
+    public ResponseEntity<VerificationCodeResponse> getVerificationCode() {
+        return new ResponseEntity<>(verificationCodeService.provideVerificationCode(), HttpStatus.OK);
+    }
+
+
 }

src/main/java/org/cmh/backend/authentication/dto/ChangePasswordRequest.java

@@ -0,0 +1,12 @@
+package org.cmh.backend.authentication.dto;
+
+import lombok.Getter;
+import lombok.Setter;
+import org.cmh.backend.Utils.JwtRequest;
+
+@Getter
+@Setter
+public class ChangePasswordRequest extends JwtRequest {
+    private String currentPassword;
+    private String newPassword;
+}

src/main/java/org/cmh/backend/authentication/dto/LoginRequest.java

@@ -0,0 +1,12 @@
+package org.cmh.backend.authentication.dto;
+
+import lombok.Getter;
+import lombok.Setter;
+
+@Getter
+@Setter
+public class LoginRequest {
+    private String username;
+    private String password;
+    private String verificationCode;
+}

src/main/java/org/cmh/backend/authentication/dto/LoginResponse.java

@@ -0,0 +1,13 @@
+package org.cmh.backend.authentication.dto;
+
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.Setter;
+
+@Getter
+@Setter
+@AllArgsConstructor
+public class LoginResponse {
+    private String message;
+    private String token;
+}

src/main/java/org/cmh/backend/authentication/dto/ManageUserProfileRequest.java

@@ -0,0 +1,16 @@
+package org.cmh.backend.authentication.dto;
+
+import lombok.Getter;
+import lombok.Setter;
+import org.cmh.backend.Utils.JwtRequest;
+
+@Getter
+@Setter
+public class ManageUserProfileRequest extends JwtRequest {
+    private String nickname;
+    private String gender;
+    private String phoneNumber;
+    private String email;
+    private String department;
+    private String role;
+}

src/main/java/org/cmh/backend/authentication/dto/RegisterRequest.java

@@ -0,0 +1,13 @@
+package org.cmh.backend.authentication.dto;
+
+import lombok.Getter;
+import lombok.Setter;
+
+@Getter
+@Setter
+public class RegisterRequest {
+    private String username;
+    private String password;
+    private String phoneNumber;
+    private String verificationCode;
+}

src/main/java/org/cmh/backend/authentication/dto/RegisterResponse.java

@@ -0,0 +1,12 @@
+package org.cmh.backend.authentication.dto;
+
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.Setter;
+
+@Getter
+@Setter
+@AllArgsConstructor
+public class RegisterResponse {
+    private String message;
+}

src/main/java/org/cmh/backend/authentication/dto/UserProfileResponse.java

@@ -0,0 +1,21 @@
+package org.cmh.backend.authentication.dto;
+
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.Setter;
+
+import java.time.LocalDateTime;
+
+@Getter
+@Setter
+@AllArgsConstructor
+public class UserProfileResponse {
+    private String username;
+    private String nickname;
+    private String gender;
+    private String phoneNumber;
+    private String email;
+    private String department;
+    private String role;
+    private LocalDateTime createdAt;
+}

src/main/java/org/cmh/backend/authentication/dto/VerificationCodeResponse.java

@@ -0,0 +1,13 @@
+package org.cmh.backend.authentication.dto;
+
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.Setter;
+
+@Getter
+@Setter
+@AllArgsConstructor
+public class VerificationCodeResponse {
+    private String code;
+    private String path;
+}

src/main/java/org/cmh/backend/authentication/model/User.java

@@ -1,39 +0,0 @@
-package org.cmh.backend.authentication.model;
-
-import jakarta.persistence.Entity;
-import jakarta.persistence.GeneratedValue;
-import jakarta.persistence.GenerationType;
-import jakarta.persistence.Id;
-
-@Entity
-public class User {
-    @Id
-    @GeneratedValue(strategy = GenerationType.IDENTITY)
-    private Long id;
-    private String username;
-    private String password;
-
-    public Long getId() {
-        return id;
-    }
-
-    public void setId(Long id) {
-        this.id = id;
-    }
-
-    public String getUsername() {
-        return username;
-    }
-
-    public void setUsername(String username) {
-        this.username = username;
-    }
-
-    public String getPassword() {
-        return password;
-    }
-
-    public void setPassword(String password) {
-        this.password = password;
-    }
-}

src/main/java/org/cmh/backend/authentication/model/UserHS.java

@@ -0,0 +1,29 @@
+package org.cmh.backend.authentication.model;
+
+import jakarta.persistence.Entity;
+import jakarta.persistence.GeneratedValue;
+import jakarta.persistence.GenerationType;
+import jakarta.persistence.Id;
+import lombok.Getter;
+import lombok.Setter;
+
+import java.time.LocalDateTime;
+
+@Setter
+@Getter
+@Entity
+public class UserHS {
+    @Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    private Long id;
+    private String username;
+    private String password;
+    private String nickname;
+    private String gender;
+    private String phoneNumber;
+    private String email;
+    private String department;
+    private String role;
+    private LocalDateTime createdAt;
+    private Boolean superAdmin = false;
+}

src/main/java/org/cmh/backend/authentication/repository/UserRepository.java

@@ -1,8 +1,8 @@
 package org.cmh.backend.authentication.repository;
 
-import org.cmh.backend.authentication.model.User;
+import org.cmh.backend.authentication.model.UserHS;
 import org.springframework.data.jpa.repository.JpaRepository;
 
-public interface UserRepository extends JpaRepository<User, Long> {
-    User findByUsername(String username);
+public interface UserRepository extends JpaRepository<UserHS, Long> {
+    UserHS findByUsername(String username);
 }

src/main/java/org/cmh/backend/authentication/service/UserService.java

@@ -1,33 +1,117 @@
 package org.cmh.backend.authentication.service;
 
-import org.cmh.backend.authentication.model.User;
+import org.cmh.backend.authentication.dto.ChangePasswordRequest;
+import org.cmh.backend.authentication.dto.ManageUserProfileRequest;
+import org.cmh.backend.authentication.dto.RegisterRequest;
+import org.cmh.backend.authentication.model.UserHS;
 import org.cmh.backend.authentication.repository.UserRepository;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
 
+import java.time.LocalDateTime;
+import java.util.regex.Pattern;
+
 @Service
 public class UserService {
     @Autowired
     private UserRepository userRepository;
 
-    @Autowired
-    private PasswordEncoder passwordEncoder;
+    private final PasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
 
-    // 获取用户信息通过用户名
-    public User getUserByUsername(String username) {
+    public UserHS getUserByUsername(String username) {
         return userRepository.findByUsername(username);
     }
 
-    // 保存用户信息
-    public void saveUser(User user) {
-        // 对密码进行加密
-        user.setPassword(passwordEncoder.encode(user.getPassword()));
-        userRepository.save(user);
+    public boolean registerUser(RegisterRequest request) {
+        String username = request.getUsername();
+        String password = request.getPassword();
+        String phoneNumber = request.getPhoneNumber();
+        // 验证用户名是否已存在
+        if (userRepository.findByUsername(username) != null) {
+            return false; // 用户已存在
+        }
+
+        // 验证输入格式
+        if (!isValidUsername(username) || !isValidPassword(password) || !isValidContactInfo(phoneNumber)) {
+            throw new IllegalArgumentException();
+        }
+
+        // 加密密码
+        String encodedPassword = passwordEncoder.encode(password);
+
+        // 创建新用户
+        UserHS newUser = new UserHS();
+        newUser.setUsername(username);
+        newUser.setPassword(encodedPassword);
+        newUser.setPhoneNumber(phoneNumber);
+        newUser.setCreatedAt(LocalDateTime.now());
+
+        userRepository.save(newUser);
+
+        return true;
     }
 
-    // 检查用户名是否已经存在
-    public boolean isUsernameTaken(String username) {
-        return userRepository.findByUsername(username) != null;
+    public boolean loginUser(String username, String password) {
+        UserHS user = userRepository.findByUsername(username);
+        return user != null && passwordEncoder.matches(password, user.getPassword());
     }
+
+    public boolean updateUserProfile(String username, ManageUserProfileRequest request) {
+        UserHS user = userRepository.findByUsername(username);
+        if (user != null) {
+            user.setNickname(request.getNickname());
+            user.setGender(request.getGender());
+            user.setPhoneNumber(request.getPhoneNumber());
+            user.setEmail(request.getEmail());
+            user.setDepartment(request.getDepartment());
+            user.setRole(request.getRole());
+            try {
+                userRepository.save(user);
+            } catch (Exception e) {
+                return false;
+            }
+            return true;
+        } else {
+            return false;
+        }
+    }
+
+    public boolean changePassword(String username, ChangePasswordRequest request) {
+        UserHS user = userRepository.findByUsername(username);
+        if (user != null) {
+            if (passwordEncoder.matches(request.getCurrentPassword(), user.getPassword())) {
+                if (isValidPassword(request.getNewPassword())) {
+                    String encodedPassword = passwordEncoder.encode(request.getNewPassword());
+                    user.setPassword(encodedPassword);
+                    try {
+                        userRepository.save(user);
+                    } catch (Exception e) {
+                        return false;
+                    }
+                    return true;
+                }
+            }
+        }
+        return false;
+    }
+
+
+    // 验证用户名格式
+    private boolean isValidUsername(String username) {
+        return username != null && username.length() >= 3 && username.length() <= 20;
+    }
+
+    // 验证密码格式
+    private boolean isValidPassword(String password) {
+        return password != null && password.length() >= 4;
+    }
+
+    // 验证联系方式格式（假设为电话号码）
+    private boolean isValidContactInfo(String contactInfo) {
+        String regex = "^\\+?[0-9. ()-]{7,25}$"; // 电话号码验证
+        return contactInfo != null && Pattern.matches(regex, contactInfo);
+    }
+
 }

src/main/java/org/cmh/backend/authentication/service/VerificationCodeService.java

@@ -0,0 +1,51 @@
+package org.cmh.backend.authentication.service;
+
+import jakarta.annotation.PostConstruct;
+import lombok.Getter;
+import org.cmh.backend.authentication.dto.VerificationCodeResponse;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Service;
+
+import java.io.IOException;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Random;
+import java.util.stream.Stream;
+
+@Service
+public class VerificationCodeService {
+
+    @Value("${verification.code.images.path}")
+    private String verificationCodeImagesPath;
+
+    @Getter
+    private List<String> verificationCodeList = new ArrayList<>();
+
+    @PostConstruct
+    public void init() {
+        loadVerificationCodeImages();
+    }
+
+    private void loadVerificationCodeImages() {
+        try (Stream<Path> paths = Files.list(Paths.get(verificationCodeImagesPath))) {
+            paths.filter(path -> path.toString().endsWith(".png"))
+                    .forEach(path -> verificationCodeList.add(path.getFileName().toString()));
+        } catch (IOException e) {
+            e.printStackTrace();
+        }
+    }
+
+    public VerificationCodeResponse provideVerificationCode() {
+        if (verificationCodeList.isEmpty()) {
+            return null;
+        }
+        Random random = new Random();
+        int code = random.nextInt(random.nextInt(verificationCodeList.size()));
+        String selectedCode = verificationCodeList.get(code);
+        return new VerificationCodeResponse(selectedCode.split("\\.")[0], "/verificationCodeImages/" + selectedCode);
+    }
+
+}