Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
A
aserver
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
15所TongWeb
aserver
Commits
b7762403
Commit
b7762403
authored
Nov 02, 2020
by
成亚卿
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
登录密码验证
parent
e3320858
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
130 additions
and
2 deletions
+130
-2
IndexController.java
.../java/com/archser/aserver/controller/IndexController.java
+35
-1
UserService.java
src/main/java/com/archser/aserver/service/UserService.java
+76
-1
DM_UpdateSQL.xml
src/main/resources/DBUpdate/DM_UpdateSQL.xml
+14
-0
oracle.sql
src/main/resources/oracle.sql
+5
-0
No files found.
src/main/java/com/archser/aserver/controller/IndexController.java
View file @
b7762403
...
@@ -116,6 +116,8 @@ public class IndexController extends Controller {
...
@@ -116,6 +116,8 @@ public class IndexController extends Controller {
username
=
this
.
getPara
(
"username"
);
username
=
this
.
getPara
(
"username"
);
password
=
this
.
getPara
(
"password"
);
password
=
this
.
getPara
(
"password"
);
}
}
//校验密码是否符合强度设置
String
verify
=
password
;
password
=
HashKit
.
sha256
(
password
);
password
=
HashKit
.
sha256
(
password
);
User
user
=
User
.
dao
.
template
(
"getUser"
,
username
).
findFirst
();
User
user
=
User
.
dao
.
template
(
"getUser"
,
username
).
findFirst
();
if
(
user
==
null
)
{
if
(
user
==
null
)
{
...
@@ -260,7 +262,8 @@ public class IndexController extends Controller {
...
@@ -260,7 +262,8 @@ public class IndexController extends Controller {
}
catch
(
Exception
e
)
{
}
catch
(
Exception
e
)
{
e
.
printStackTrace
();
e
.
printStackTrace
();
}
}
this
.
renderJson
(
Ret
.
ok
(
"token"
,
jws
).
set
(
"callback"
,
callback
));
Boolean
aBoolean
=
userService
.
verifyPassword
(
verify
);
this
.
renderJson
(
Ret
.
ok
(
"token"
,
jws
).
set
(
"callback"
,
callback
).
set
(
"verify"
,
aBoolean
));
logService
.
saveAsLog
(
"login"
,
username
,
JwtInterceptor
.
getIpAddr
(
getRequest
()),
username
+
"登录"
+
app
+
"成功"
,
app
);
logService
.
saveAsLog
(
"login"
,
username
,
JwtInterceptor
.
getIpAddr
(
getRequest
()),
username
+
"登录"
+
app
+
"成功"
,
app
);
/**
/**
* 20200706 lidecai 将用户信息保存到Redis end
* 20200706 lidecai 将用户信息保存到Redis end
...
@@ -272,6 +275,35 @@ public class IndexController extends Controller {
...
@@ -272,6 +275,35 @@ public class IndexController extends Controller {
}
}
}
}
/**
* @Description: 验证密码强度
* @authorAndDate: ChengYaqing create on 2020/10/30 10:38
* @return void
*/
public
void
verifyPassword
()
{
String
password
=
getPara
(
"password"
);
if
(
password
==
null
||
""
.
equals
(
password
)||
"null"
.
equals
(
password
))
{
renderJson
(
Ret
.
fail
(
"msg"
,
"密码不能为空"
));
return
;
}
try
{
password
=
decrypt
(
password
);
}
catch
(
Exception
e1
)
{
e1
.
printStackTrace
();
password
=
this
.
getPara
(
"password"
);
}
try
{
String
verify
=
userService
.
verifyPasswordInfo
(
password
);
if
(
""
.
equals
(
verify
))
{
renderJson
(
Ret
.
ok
());
}
else
{
renderJson
(
Ret
.
fail
(
"msg"
,
verify
));
}
}
catch
(
Exception
e
)
{
renderJson
(
Ret
.
fail
(
"error"
,
e
.
getMessage
()));
}
}
// 密码正确时错误次数清零
// 密码正确时错误次数清零
private
void
setErrZero
(
User
user
)
{
private
void
setErrZero
(
User
user
)
{
Db
.
update
(
Db
.
getSqlPara
(
"updateForOk"
,
Kv
.
by
(
"id"
,
user
.
getId
())));
Db
.
update
(
Db
.
getSqlPara
(
"updateForOk"
,
Kv
.
by
(
"id"
,
user
.
getId
())));
...
@@ -473,4 +505,6 @@ public class IndexController extends Controller {
...
@@ -473,4 +505,6 @@ public class IndexController extends Controller {
Redis
.
use
().
del
(
userName
+
"_INFO"
);
Redis
.
use
().
del
(
userName
+
"_INFO"
);
renderJson
(
Ret
.
ok
());
renderJson
(
Ret
.
ok
());
}
}
}
}
src/main/java/com/archser/aserver/service/UserService.java
View file @
b7762403
...
@@ -11,6 +11,8 @@ import com.jfinal.kit.Kv;
...
@@ -11,6 +11,8 @@ import com.jfinal.kit.Kv;
import
com.jfinal.plugin.activerecord.Db
;
import
com.jfinal.plugin.activerecord.Db
;
import
com.jfinal.plugin.activerecord.Record
;
import
com.jfinal.plugin.activerecord.Record
;
import
com.jfinal.plugin.activerecord.tx.Tx
;
import
com.jfinal.plugin.activerecord.tx.Tx
;
import
java.util.regex.Matcher
;
import
java.util.regex.Pattern
;
public
class
UserService
{
public
class
UserService
{
...
@@ -82,7 +84,7 @@ public class UserService {
...
@@ -82,7 +84,7 @@ public class UserService {
* 判断用户是否有指定系统的权限
* 判断用户是否有指定系统的权限
*
*
* @param userId
* @param userId
* @param
menuName
* @param
userId
* @return
* @return
*/
*/
public
boolean
checkUserSystemPermission
(
int
userId
,
String
systemType
)
{
public
boolean
checkUserSystemPermission
(
int
userId
,
String
systemType
)
{
...
@@ -177,5 +179,78 @@ public class UserService {
...
@@ -177,5 +179,78 @@ public class UserService {
.
findFirst
();
.
findFirst
();
}
}
/**
* @Description: 校验密码强度符合规范
* @authorAndDate: ChengYaqing create on 2020/10/30 10:23
* @return java.lang.Boolean
*/
public
Boolean
verifyPassword
(
String
password
)
{
try
{
String
verify
=
verifyPasswordInfo
(
password
);
if
(
""
.
equals
(
verify
))
{
return
true
;
}
else
{
return
false
;
}
}
catch
(
Exception
e
)
{
e
.
printStackTrace
();
return
false
;
}
}
/**
* @Description: 校验密码强度
* @authorAndDate: ChengYaqing create on 2020/10/30 10:06
* @return java.lang.String
*/
public
String
verifyPasswordInfo
(
String
password
)
{
try
{
StringBuilder
info
=
new
StringBuilder
();
//获取规则设置
Record
strength
=
Db
.
findFirst
(
Db
.
getSql
(
"getSetPassword"
));
if
(
strength
==
null
)
{
return
""
;
}
Integer
size
=
strength
.
getInt
(
"lmin"
);
int
length
=
password
.
length
();
if
(
length
<
size
)
{
return
"密码长度不能小于"
+
size
;
}
if
(
length
>
32
)
{
return
"密码长度没必要大于32位"
;
}
String
contain
=
strength
.
getStr
(
"contain"
);
String
number
=
".*\\d+.*"
;
String
low
=
".*[a-z]+.*"
;
String
up
=
".*[A-Z]+.*"
;
String
spe
=
".*[ _`~!@#$%^&*()+=|{}':;',\\[\\].<>/?~!@#¥%……&*()——+|{}【】‘;:”“’。,、?]+.*"
;
if
(
contain
.
contains
(
"数字"
))
{
Pattern
p
=
Pattern
.
compile
(
number
);
Matcher
m
=
p
.
matcher
(
password
);
if
(!
m
.
matches
())
info
.
append
(
"数字、"
);
}
if
(
contain
.
contains
(
"小写字母"
))
{
Pattern
p
=
Pattern
.
compile
(
low
);
Matcher
m
=
p
.
matcher
(
password
);
if
(!
m
.
matches
())
info
.
append
(
"小写字母、"
);
}
if
(
contain
.
contains
(
"大写字母"
))
{
Pattern
p
=
Pattern
.
compile
(
up
);
Matcher
m
=
p
.
matcher
(
password
);
if
(!
m
.
matches
())
info
.
append
(
"大写字母、"
);
}
if
(
contain
.
contains
(
"特殊字符"
))
{
Pattern
p
=
Pattern
.
compile
(
spe
);
Matcher
m
=
p
.
matcher
(
password
);
if
(!
m
.
matches
())
info
.
append
(
"特殊字符、"
);
}
if
(
info
.
length
()==
0
)
{
return
""
;
}
else
{
String
verify
=
info
.
deleteCharAt
(
info
.
length
()
-
1
).
toString
();
return
"密码中缺少"
+
verify
;
}
}
catch
(
Exception
e
)
{
e
.
printStackTrace
();
throw
e
;
}
}
}
}
src/main/resources/DBUpdate/DM_UpdateSQL.xml
View file @
b7762403
...
@@ -2314,4 +2314,17 @@
...
@@ -2314,4 +2314,17 @@
COMMENT ON TABLE "AS_ANNUAL_SET" IS '年报设置表';
COMMENT ON TABLE "AS_ANNUAL_SET" IS '年报设置表';
</sql>
</sql>
</version>
</version>
<version
edition=
"97"
description=
"创建密码强度设置表"
>
<sql
creator=
"ChengYaqing"
createDate=
"20201102"
note=
"创建密码强度设置表"
>
CREATE TABLE "ARCHSER"."AS_SET_PASSWORD"
(
"ID" NUMBER(3,0),
"LMIN" NUMBER(3,0),
"CONTAIN" VARCHAR2(100)) STORAGE(ON "MAIN", CLUSTERBTR) ;
COMMENT ON COLUMN "ARCHSER"."AS_SET_PASSWORD"."CONTAIN" IS '选取类型,集合';
COMMENT ON COLUMN "ARCHSER"."AS_SET_PASSWORD"."ID" IS '值为固定值1';
COMMENT ON COLUMN "ARCHSER"."AS_SET_PASSWORD"."LMIN" IS '密码最小长度,最长为32';
</sql>
</version>
</update>
</update>
\ No newline at end of file
src/main/resources/oracle.sql
View file @
b7762403
...
@@ -300,3 +300,7 @@ select * from AS_MENU where ID in (
...
@@ -300,3 +300,7 @@ select * from AS_MENU where ID in (
#
include
(
"message.sql"
)
#
include
(
"message.sql"
)
#
sql
(
"getSetPassword"
)
select
*
from
AS_SET_PASSWORD
where
id
=
'1'
#
end
\ No newline at end of file
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment