密码验证加-

whyclxw

2025-05-28 e16302f9d475c7cc4dd18c5abf1a23cb5502e362

 src/main/java/com/whyc/controller/LoginController.java

@@ -17,13 +17,16 @@
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javax.swing.*;
import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;

@RequestMapping("login")
@RestController
@Api(tags = "登录")
public class LoginController {
public class LoginController extends BaseController{

    @Autowired
    private LoginService service;
@@ -35,17 +38,27 @@
    public Response login(@RequestParam String userName, String password,HttpServletRequest request){
        return service.login(userName,password,request);
    }
    @PostMapping("loginByRSA")
    @ApiOperation(value ="登录-账号密码加密")
    public Response loginByRSA(@RequestParam String userName, String password,String deliveredCode,HttpServletRequest request,Integer validCode){
        return service.loginByRSA(userName,password,deliveredCode,request,validCode);
    }

    @PostMapping("loginWithUKey")
    @ApiOperation(value ="登录-uKey-TODO")
    public Response loginWithUKey(@RequestParam String userName, String password,HttpServletRequest request){
        return service.loginWithUKey(userName,password,request);
    public Response loginWithUKey(@RequestParam String userName,
                                  @RequestParam String password,
                                  @RequestParam String uKeyId,
                                  HttpServletRequest request){
        return service.loginWithUKey(userName,password,uKeyId,request);
    }

    @GetMapping("/getRandom")
    @ApiOperation(value = "uKey校验前生成随机数")
    public Response getRandom(){
        int randomNum = (int)((Math.random()*9+1)*10000);
    public Response getRandom() throws NoSuchAlgorithmException {
        //int randomNum = (int)((Math.random()*9+1)*10000);
        SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
        int randomNum = random.nextInt(100000);
        ActionUtil.getSession().setAttribute("uKeyRandom",String.valueOf(randomNum));
        return new Response().set(1,randomNum);
    }
@@ -56,7 +69,8 @@
        //前端将字符\替换成了huodongwei,这里再转回来
        signDTO.setInPath(signDTO.getInPath().replace("huodongwei","\\"));
        //通过uKeyId获取公钥XY
        UserInf userInf = userService.getPublicXYByUKeyId(signDTO.getUKeyId());
        //UserInf userInf = userService.getPublicXYByUKeyId(signDTO.getUKeyId());
        UserInf userInf = userService.getUserByUKeyId(signDTO.getUKeyId());
        //获取之前生成的随机数
        String uKeyRandom = (String) ActionUtil.getSession().getAttribute("uKeyRandom");
        boolean b = com.whyc.softkey.jsyunew3.YtVerfiy(userInf.getUName(), uKeyRandom, signDTO.getPublicX(), signDTO.getPublicY(), signDTO.getSign(), signDTO.getInPath());
@@ -112,4 +126,24 @@
        response.setContentType("text/html;charset=utf-8");
        response.getWriter().write("您未获取到接口的调用授权,拒绝访问!");
    }

    @PostMapping("/check")
    @ApiOperation(value = "判断是否有另一同一账号登录的用户")
    public Response check(){
        Response response = service.checkUser();
        //当前用户
        HttpSession session = ActionUtil.getSession();
        UserInf uinf=(UserInf) session.getAttribute("user");
        if(response.getCode() == 1){
            session.invalidate();      //清除当前的session;            //清除session
        }
        return response;
    }

    @GetMapping("loginNoPass")
    @ApiOperation(value = "免密登录")
    public Response loginNoPass(@RequestParam int uId,HttpServletRequest request){
        return service.loginNoPass(uId,request);
    }

}