From e10efae34a92fdcb6451f1a6a823a72b8c394d43 Mon Sep 17 00:00:00 2001
From: yn147 <2270338776@qq.com>
Date: 星期四, 13 四月 2023 14:27:26 +0800
Subject: [PATCH] 密码加密
---
src/main/java/com/qxueyou/scc/user/service/impl/UserService.java | 37 +++++++++++++++++++++++++++++--------
1 files changed, 29 insertions(+), 8 deletions(-)
diff --git a/src/main/java/com/qxueyou/scc/user/service/impl/UserService.java b/src/main/java/com/qxueyou/scc/user/service/impl/UserService.java
index 3610bfb..7820d96 100644
--- a/src/main/java/com/qxueyou/scc/user/service/impl/UserService.java
+++ b/src/main/java/com/qxueyou/scc/user/service/impl/UserService.java
@@ -1,6 +1,7 @@
package com.qxueyou.scc.user.service.impl;
import java.util.List;
+import java.util.UUID;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
@@ -20,6 +21,7 @@
import com.qxueyou.scc.user.model.User;
import com.qxueyou.scc.user.model.UserReRoleUser;
import com.qxueyou.scc.user.service.IUserService;
+import org.springframework.util.DigestUtils;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
@@ -85,13 +87,18 @@
}
private User newUser(String name, String account, String mobilePhone, String password, Boolean sex, String orgId) {
-
+ //闅忔満瀛楃涓�
+ String salt= UUID.randomUUID().toString();
User user = new User();
TraceUtils.setCreateTrace(user);
user.setAccount(account);
user.setName(name);
+ //鐩愬��
+ user.setSalt(salt);
+ //瀵瑰瘑鐮佽繘琛屽姞瀵嗗鐞�
+ String newPassword= DigestUtils.md5DigestAsHex((salt+password).getBytes());
+ user.setPassword(newPassword);
user.setMobilePhone(mobilePhone);
- user.setPassword(password);
user.setSex(sex);
user.setOrganizationId(orgId);
save(user);
@@ -125,11 +132,18 @@
@Override
public Result updatePassword(String userId, String usedPass, String pass) {
User user = read(User.class, userId);
+ //闅忔満瀛楃涓�
+ String salt= UUID.randomUUID().toString();
+ //鐩愬��
+ user.setSalt(salt);
+ //瀵瑰瘑鐮佽繘琛屽姞瀵嗗鐞�
+ String newPassword= DigestUtils.md5DigestAsHex((salt+pass).getBytes());
+ String newPasswords= DigestUtils.md5DigestAsHex((salt+usedPass).getBytes());
if (StringUtils.isNotBlank(usedPass) && StringUtils.isNotBlank(pass)) {
- if (!user.getPassword().equals(usedPass)) {
+ if (!user.getPassword().equals(newPasswords)) {
return new Result(false, "杈撳叆鐨勬棫瀵嗙爜閿欒");
}
- user.setPassword(pass);
+ user.setPassword(newPassword);
}
TraceUtils.setUpdateTrace(user);
save(user);
@@ -177,8 +191,14 @@
public Result updatePassword(String userId, String password) {
User user = read(User.class, userId);
+ //闅忔満瀛楃涓�
+ String salt= UUID.randomUUID().toString();
+ //鐩愬��
+ user.setSalt(salt);
+ //瀵瑰瘑鐮佽繘琛屽姞瀵嗗鐞�
+ String newPassword= DigestUtils.md5DigestAsHex((salt+password).getBytes());
TraceUtils.setUpdateTrace(user);
- user.setPassword(password);
+ user.setPassword(newPassword);
save(user);
@@ -219,11 +239,12 @@
Boolean sex) {
User dbUser = read(User.class, userId);
-
+ String salt = dbUser.getSalt();
+ String newPassword= DigestUtils.md5DigestAsHex((salt+password).getBytes());
if (dbUser.getAccount().equals(account)) {
dbUser.setName(name);
dbUser.setMobilePhone(mobilePhone);
- dbUser.setPassword(password);
+ dbUser.setPassword(newPassword);
TraceUtils.setCreateTrace(dbUser);
save(dbUser);
return new Result(true, "success");
@@ -236,7 +257,7 @@
dbUser.setAccount(account);
dbUser.setName(name);
dbUser.setMobilePhone(mobilePhone);
- dbUser.setPassword(password);
+ dbUser.setPassword(newPassword);
TraceUtils.setCreateTrace(dbUser);
save(dbUser);
return new Result(true, "success");
--
Gitblit v1.8.0