密码验证加-

whyclxw

2025-05-28 e16302f9d475c7cc4dd18c5abf1a23cb5502e362

 src/main/java/com/whyc/service/UserService.java

@@ -9,10 +9,7 @@
import com.whyc.constant.UserConstant;
import com.whyc.constant.YamlProperties;
import com.whyc.dto.Response;
import com.whyc.mapper.BaoJiGroupUserMapper;
import com.whyc.mapper.PermitGroupUserMapper;
import com.whyc.mapper.UserMapper;
import com.whyc.mapper.UserPermitGroupDataMapper;
import com.whyc.mapper.*;
import com.whyc.pojo.*;
import com.whyc.util.ActionUtil;
import com.whyc.util.RSAUtil;
@@ -21,6 +18,7 @@
import org.springframework.context.ApplicationContext;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.bind.annotation.RequestParam;

import javax.annotation.Resource;
import javax.servlet.ServletContext;
@@ -48,6 +46,9 @@

    @Resource
    private PermitGroupUserService permitGroupUserService;

    @Resource
    private PageParamMapper pageParamMapper;



@@ -102,6 +103,9 @@
            String pwd = RSAUtil.encrypt(dataArr[0],RSAUtil.getPublicKey());
            user.setUpassword(pwd);
            user.setUSnId(pwd);
            user.setPasswordUpdateTime(new Date());
            user.setCreateTime(new Date());
            user.setLastLoginTime(new Date());
            int flag = userMapper.insert(user);
            if (flag > 0) {
                //添加成功,分配到默认初始化权限组
@@ -220,6 +224,8 @@
        if( userOfMobilephone.getUId()!=0 && !userFound.getUId().equals(user.getUId())){
            return new Response().set(1,false,"手机号重复");
        }
        user.setUpassword(null);
        user.setUSnId(null);
        if(userMapper.updateById(user)>0){
            return new Response().set(1,true,"修改成功");
        }else{
@@ -265,6 +271,7 @@
    public UserInf getUserByUKeyId(String uKeyId){
        QueryWrapper queryWrapper = new QueryWrapper();
        queryWrapper.eq("uKey_ID",uKeyId);
        queryWrapper.last("limit 1");
        UserInf userInf = userMapper.selectOne(queryWrapper);
        return userInf;
    }
@@ -272,14 +279,16 @@
    public UserInf getUserByUserName(String userName){
        QueryWrapper queryWrapper = new QueryWrapper();
        queryWrapper.eq("Uname",userName);
        queryWrapper.last("limit 1");
        UserInf userInf = userMapper.selectOne(queryWrapper);
        return userInf;
    }

    public boolean bindUkey(UserInf userInf){
        UpdateWrapper updateWrapper = new UpdateWrapper();
        updateWrapper.set("uKey_ID",userInf.getUkeyId());
        updateWrapper.eq("uName",userInf.getUName());
        int affectRows = userMapper.update(userInf,updateWrapper);
        int affectRows = userMapper.update((UserInf) ActionUtil.objeNull,updateWrapper);
        return affectRows>0;
    }

@@ -308,14 +317,50 @@
        if(!ActionUtil.EncryptionMD5(newPwd).equals(passwordMD5)){
            throw new InvalidParameterException("参数校验失败");
        }
        if(!ActionUtil.filterPwd(newPwd)){
            return new Response().set(0,false,"新密码验证不通过(最少8个字符，至少1个大写字母，1个小写字母，1个数字和1个特殊字符)");
        }
        String pwd = RSAUtil.encrypt(newPwd,RSAUtil.getPublicKey());
        user.setUpassword(pwd);
        user.setUSnId(pwd);
        user.setPasswordUpdateTime(new Date());
        if (userMapper.updateById(user)>0){
            return new Response().set(1,"修改成功");
            return new Response().set(1,true,"新密码修改成功");
        }else {
            return new Response().set(0,"修改失败");
            return new Response().set(0,false,"新密码修改失败");
        }
    }
    //密码失效修改密码
    public Response updatePasswordByValidity(String uname, String oldPwd, String newPwd) throws UnsupportedEncodingException {
        //验证旧密码是否正确
        QueryWrapper<UserInf> queryWrapper = Wrappers.query();
        queryWrapper.select("uid","upassword").eq("uName",uname).last(" limit 1");
        UserInf user=userMapper.selectOne(queryWrapper);
        if(user==null){
            return new Response().set(0,false,"用户不存在");
        }
        String passwordDB =user.getUpassword();
        oldPwd = RSAUtil.decryptFront(oldPwd, RSAUtil.fontSeparator)[0];
        if(!RSAUtil.decrypt(passwordDB,RSAUtil.getPrivateKey()).equals(oldPwd)){
            return new Response().set(0,false,"旧密码输入错误");
        }
        String[] dataArr = RSAUtil.decryptFrontP(newPwd, RSAUtil.fontSeparator);
        newPwd = dataArr[0];
        String passwordMD5 = dataArr[1];
        if(!ActionUtil.filterPwd(newPwd)){
            return new Response().set(0,false,"新密码验证不通过(最少8个字符，至少1个大写字母，1个小写字母，1个数字和1个特殊字符)");
        }
        if(!ActionUtil.EncryptionMD5(newPwd).equals(passwordMD5)){
            throw new InvalidParameterException("参数校验失败");
        }
        String pwd = RSAUtil.encrypt(newPwd,RSAUtil.getPublicKey());
        user.setUpassword(pwd);
        user.setUSnId(pwd);
        user.setPasswordUpdateTime(new Date());
        if (userMapper.updateById(user)>0){
            return new Response().set(1,true,"新密码修改成功");
        }else {
            return new Response().set(0,false,"新密码修改失败");
        }
    }

@@ -497,4 +542,21 @@
    public void updatePasswordsTo3072(List<UserInf> userListWithNewPwd) {
        userMapper.updatePasswordsTo3072(userListWithNewPwd);
    }
    //验证密码的时效性
    public int checkPasswordValidity(UserInf uinf) {
        int flag=1;
        //获取系统设置的密码时效(57,15)
        QueryWrapper wrapper=new QueryWrapper();
        wrapper.eq("categoryId",15);
        wrapper.eq("id",57);
        wrapper.last("limit 1");
        PageParam pageParam=pageParamMapper.selectOne(wrapper);
        if(pageParam!=null){
            int dayDifference=ActionUtil.daysBetween(uinf.getPasswordUpdateTime(),new Date());
            if((pageParam.getStatus()>0)&&(dayDifference>pageParam.getStatus())){
                    flag= -1;
            }
        }
        return flag;
    }
}