完成

src/main/java/com.huiju.welcome/controller/SysUserController.java

 import io.swagger.annotations.ApiImplicitParam;
 import io.swagger.annotations.ApiImplicitParams;
 import io.swagger.annotations.ApiOperation;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.StringUtils;
 import org.apache.http.HttpStatus;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
  */
 @RestController
 @RequestMapping("/")
+@Slf4j
 public class SysUserController extends BaseController {
 
     private final Logger logger = LoggerFactory.getLogger(TdSpecController.class);
         ResponseBean responseBean = new ResponseBean();
 
         sysUser.setCreateDate(LocalDateTime.now());
-
         boolean success = sysUserService.save(sysUser);
+
+        String defaultPwd = "123456";
+        String passwd = Encrypt.md5(Encrypt.md5(defaultPwd), sysUser.getUserId().toString());
+        log.info("创建新人员：{}, 默认密码：{},加密盐：{}, 加密后: {}", sysUser.getUsername(), defaultPwd, sysUser.getUserId().toString(), passwd);
+        sysUser.setPassword(passwd);
+        success = sysUserService.updateById(sysUser);
+
+
         if (!success) {
             responseBean.addError(HttpStatus.SC_INTERNAL_SERVER_ERROR, "新增用户失败");
             return responseBean;
         }
 
+        responseBean.addSuccess(sysUser);
+        return responseBean;
+    }
+
+    @ApiOperation(value = "修改密码", notes = "修改密码")
+    @ApiImplicitParams({
+            @ApiImplicitParam(paramType = "form", dataType = "String", name = "oldPwd", value = "旧密码"),
+            @ApiImplicitParam(paramType = "form", dataType = "String", name = "newPwd", value = "新密码")
+    })
+    @RequestMapping(value = "/updatePwd", method = RequestMethod.POST)
+    public ResponseBean updatePwd(@RequestParam String oldPwd, @RequestParam String newPwd, HttpSession session) {
+        ResponseBean responseBean = new ResponseBean();
+        if (StringUtils.isBlank(oldPwd)) {
+            responseBean.addError(HttpStatus.SC_BAD_REQUEST, "旧密码不能为空");
+        }
+        if (StringUtils.isBlank(newPwd)) {
+            responseBean.addError(HttpStatus.SC_BAD_REQUEST, "新密码不能为空");
+        }
+
+        Integer userId = (Integer) session.getAttribute("token-id");
+        SysUser currentUser = sysUserService.getById(userId);
+        oldPwd = Encrypt.md5(oldPwd);
+        // 密码校验
+        if (!checkPassword(oldPwd, currentUser)) {
+            responseBean.addError(HttpStatus.SC_BAD_REQUEST, "旧密码不正确");
+            return responseBean;
+        }
+
+        String passwd = Encrypt.md5(Encrypt.md5(newPwd), currentUser.getUserId().toString());
+        log.info("修改人员信息：{}, 新密码：{},加密盐：{}, 加密后: {}", currentUser.getUsername(), newPwd, currentUser.getUserId().toString(), passwd);
+        currentUser.setPassword(passwd);
+        boolean success = sysUserService.updateById(currentUser);
+
+
+        if (!success) {
+            responseBean.addError(HttpStatus.SC_INTERNAL_SERVER_ERROR, "修改密码失败");
+            return responseBean;
+        }
+
         return responseBean;
     }
 
     @RequestMapping(value = "/sysuser", method = RequestMethod.PUT)
     public ResponseBean update(@RequestBody SysUser sysUser, HttpServletRequest request) {
         ResponseBean responseBean = new ResponseBean();
+        sysUser.setPassword(null);
         boolean success = sysUserService.updateById(sysUser);
         if (!success) {
             responseBean.addError(HttpStatus.SC_INTERNAL_SERVER_ERROR, "更新用户失败");

src/main/java/com.huiju.welcome/utils/Encrypt.java

         }
         return encodeStr;
     }
+
+    public static void main(String[] args) {
+        System.out.println(md5("123456"));
+    }
 }