power2.0
/
power_gm
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

弱密码强势修改密码

Browse Source
master
linjj 2 years ago
parent 783bb6a7ce
commit 0a575cd179
12 changed files with 351 additions and 15 deletions
Show Stats Download Patch File Download Diff File

23
power-admin/src/main/java/com/manage/controller/FontController.java
Unescape Escape View File

@ -885,4 +885,27 @@ public class FontController {
}
return null;
}
/**
* @description:
* @author linjj
* @date: 2023/7/10 16:43
*/
@RequestMapping(value = "updatePassword")
public String updatePassword(Model model , HttpServletRequest request){
return"/userDir/updatePassword1";
}
/**
* @description:
* @params: powerUser
* @author linjj
* @date: 2023/7/26 10:15
*/
@RequestMapping(value = "PrintLogin", method = RequestMethod.POST)
@ResponseBody
public Msg login(Power_User powerUser, HttpServletResponse response, HttpServletRequest request, Model model) {
return Msg.failUser2();
}
}

23
power-admin/src/main/java/com/manage/controller/LoginController.java
Unescape Escape View File

@ -4,12 +4,14 @@ import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.manage.bean.LoginVoRedis;
import com.manage.dao.Power_Login_SetMapper;
import com.manage.encrypt.Base64;
import com.manage.entity.*;
import com.manage.service.*;
import com.manage.service.cache.Cache;
import com.manage.service.cache.CacheManager;
import com.manage.util.*;
import com.manage.vo.*;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.poi.ss.usermodel.DateUtil;
import org.springframework.beans.BeanUtils;
@ -22,6 +24,7 @@ import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import redis.clients.jedis.Jedis;
import sun.security.provider.MD5;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@ -36,6 +39,10 @@ public class LoginController {
private long TOKEN_EXPIRE_TIME;
@Value("${sysFlag}")
private Integer sysFlag;
@Value("${SERVER_IP}")
private String SERVER_IP;
@Value("${SERVER_PORT}")
private String SERVER_PORT;
@Autowired
private Power_UserService powerUserService;
@Autowired
@ -74,6 +81,7 @@ public class LoginController {
@ResponseBody
public Msg login(Power_User powerUser, HttpServletResponse response, HttpServletRequest request, Model model) {
String userName = powerUser.getUserName();
String userPwd = powerUser.getUserPwd();
if (!userName.equals("admin")) {
String s = "00" + userName;
powerUser.setUserName(s);
@ -141,7 +149,17 @@ public class LoginController {
CacheManager.putCache(token, new Cache(user, System.currentTimeMillis(), TOKEN_EXPIRE_TIME * 1000));
ActionScopeUtils.setSessionAttribute("token", token, Integer.valueOf(String.valueOf(TOKEN_EXPIRE_TIME)));
ActionScopeUtils.setSessionAttribute("CURRENT_USER", user, Integer.valueOf(String.valueOf(TOKEN_EXPIRE_TIME)));
Power_User user1 = (Power_User) request.getSession().getAttribute("CURRENT_USER");
//检测弱密码强制跳转修改密码
//大小写,中文,数据,特殊符号必须存在三种
String reg = "^(?![A-Za-z]+$)(?![A-Z\\d]+$)(?![A-Z\\W]+$)(?![a-z\\d]+$)(?![a-z\\W]+$)(?![\\d\\W]+$)\\S{8,20}$";
//判断是否为弱密码
boolean msg=userPwd.matches(reg);
redis.del(userName);
JedisPoolUtil.close(redis);
if (msg==false){
String url = "http://" + SERVER_IP + ":" + SERVER_PORT +"/power"+ "/font/updatePassword";
return Msg.success().add("url", url);
}
//单点登录跳转
String url = "";
if (sysFlag == 2) {
@ -151,7 +169,6 @@ public class LoginController {
int POWER_PORT = request.getLocalPort();
url = "http://" + ip + ":" + POWER_PORT + "/power/gatewayPage";
}
redis.del(userName);
return Msg.success().add("url", url);
} else {
//登录失败
@ -172,6 +189,7 @@ public class LoginController {
logService.insert(log);
request.setAttribute("msg", "用户名或密码不正确");
redis.incr(userName);
JedisPoolUtil.close(redis);
return Msg.failUser();
}
} catch (Exception e) {
@ -181,6 +199,7 @@ public class LoginController {
} else {
//失败次数大于五时锁十五分钟
redis.setex(userName, 900, i + "");
JedisPoolUtil.close(redis);
return Msg.failUser2();
}
return null;

2
power-admin/src/main/resources/redis.properties
Unescape Escape View File

@ -9,7 +9,7 @@ redis.port = 6379
redis.maxIdle = 200
##\u7B49\u5F85\u53EF\u7528\u8FDE\u63A5\u7684\u6700\u5927\u65F6\u95F4\u5355\u4F4D\u4E3A\u6BEB\u79D2 \u9ED8\u8BA4\u4E3A-1\u8868\u793A\u6C38\u4E0D\u8D85\u65F6\uFF0C\u4E00\u65E6\u8D85\u8FC7\u7B49\u5F85\u65F6\u95F4\u5219\u76F4\u63A5\u629B\u51FA
redis.maxWait = 100000
redis.timeOut = 10000
redis.timeOut = 0
##\u8BBE\u7F6E\u4E3Atrue\u5219\u4F1A\u5728borrow\u4E00\u4E2Ajedis\u5B9E\u4F8B\u65F6\uFF0C\u63D0\u524D\u505Avalidate\u64CD\u4F5C
redis.testOnBorrow =true
##\u6700\u5927\u8FDE\u63A5\u6570

1
power-admin/src/main/webapp/WEB-INF/jspf/webSocket.jspf
Unescape Escape View File

@ -71,7 +71,6 @@
}
function narn (type,title,text,noticeId) {
debugger
naranja()[type]({
title: title,
text: text,

59
power-admin/src/main/webapp/WEB-INF/views/userDir/updatePassword1.jsp
Unescape Escape View File

@ -0,0 +1,59 @@
<%--
Created by IntelliJ IDEA.
User: ljx
Date: 2019/5/13
Time: 17:02
To change this template use File | Settings | File Templates.
--%>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>密码过于简单请修改密码在登录</title>
<%@ include file="/WEB-INF/jspf/common.jspf" %>
</head>
<body>
<form class="form-horizontal" role="form">
<fieldset>
<legend style="text-align: center;font-weight: bold;font-size: 25px">密码过于简单请修改密码在登录</legend>
</fieldset>
<form>
<%--<div class="form-group">--%>
<%--<label for="userPwd" class="col-sm-2 control-label">旧密码</label>--%>
<%--<div class="col-sm-5">--%>
<%--<input type="password" class="form-control" readonly value="${user.userPwd}" id="userPwd"--%>
<%--placeholder="请输入旧密码">--%>
<%--</div>--%>
<%--</div>--%>
<div class="form-group">
<label for="newUserPwd" class="col-sm-2 control-label">密码</label>
<div class="col-sm-5">
<input type="password" class="form-control" id="newUserPwd" name="newUserPwd" onblur="AnalyzePasswordSecurityLevel('newUserPwd')"
placeholder="请输入新密码" maxlength="16">
</div>
<div id="newUserPwdText" class="col-sm-2" style="color: red">
</div>
</div>
<div class="form-group">
<label for="newReUserPwd" class="col-sm-2 control-label">重复密码</label>
<div class="col-sm-5">
<input type="password" class="form-control" id="newReUserPwd" onblur="AnalyzePasswordSecurityLevel('newReUserPwd')"
placeholder="请输入重复密码" maxlength="16">
</div>
<div id="newReUserPwdText" class="col-sm-2" style="color: red">
</div>
</div>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-10">
<button type="button" class="btn btn-primary" id="btn_submit">提交更改</button>
<button type="button" class="btn btn-default" id="btn_clear">清空</button>
</div>
</div>
</form>
</form>
</body>
<script src="${path}/static/js/updatePassword1.js?t=1"></script>
</html>

8
power-admin/src/main/webapp/static/bootstrap-3.3.7/bower_components/bootstrap-table/bootstrap-table.js vendored
Unescape Escape View File

@ -218,7 +218,7 @@
return item[field];
}
var props = field.split('.');
// 在IE8 中 for...in 会将方法也枚举出来 使用 for loop
// <EFBFBD><EFBFBD>IE8 <20><> for...in <20><EFBFBD><E1BDAB><EFBFBD><EFBFBD>Ҳö<D2B2>ٳ<EFBFBD><D9B3><EFBFBD> ʹ<><CAB9> for loop
// for (var p in props) {
// value = value[props[p]];
// }
@ -1247,8 +1247,8 @@
html.push('</span>');
html.push(
'<div class="goPage"><input type="button" value="跳转" class="pageBtn" onclick="toPage();"></div>',
'<div class="goPage">跳转到第<input id="pageNum" class="pageNum" type="number">页</div>',
'<div class="goPage"><input type="button" value="<EFBFBD><EFBFBD>ת" class="pageBtn" onclick="toPage();"></div>',
'<div class="goPage"><EFBFBD><EFBFBD>ת<EFBFBD><EFBFBD><EFBFBD><EFBFBD><input id="pageNum" class="pageNum" type="number">ҳ</div>',
'</div>',
'<div class="pull-' + this.options.paginationHAlign + ' pagination">',
'<ul class="pagination' + (this.options.iconSize === undefined ? '' : ' pagination-' + this.options.iconSize) + '">',
@ -2087,7 +2087,7 @@
if (this.options.showHeader && this.options.height) {
this.$tableHeader.show();
// // bootstrap-table 表头数据展示错位问题
// // bootstrap-table <EFBFBD><EFBFBD>ͷ<EFBFBD><EFBFBD><EFBFBD><EFBFBD>չʾ<EFBFBD><EFBFBD>λ<EFBFBD><EFBFBD><EFBFBD><EFBFBD>
this.resetHeader();
// padding += this.$header.outerHeight();
} else {

2
power-admin/src/main/webapp/static/js/login.js
Unescape Escape View File

@ -79,7 +79,7 @@ function login() {
var userName = $("#userName").val();
var userPwd = $("#userPwd").val();
var txt = $("#txt").val();
userPwd = hex_hmac_md5(userPwd, userPwd);
// userPwd = hex_md5(userPwd, userPwd);
var rememberMeChecked = $("input[type='checkbox']").is(':checked');
var rememberMe = '';
if (rememberMeChecked) {

224
power-admin/src/main/webapp/static/js/updatePassword1.js
Unescape Escape View File

@ -0,0 +1,224 @@
$(function() {
var isOldValid = true;
//清空
$('#btn_clear').click(function () {
$("#newUserPwd").val("");
$("#newReUserPwd").val("");
isOldValid = true;
});
//提交更改
$('#btn_submit').click(function () {
if($("#newUserPwd").val() == ""){
toastr.warning("新密码不能为空!")
return false;
}
if($("#newUserPwd").val().length < 8){
toastr.warning("新密码长度小于8位")
return false;
}
if($("#newReUserPwd").val() == ""){
toastr.warning("重复密码不能为空!")
return false;
}
if($("#newReUserPwd").val().length < 8){
toastr.warning("重复密码长度小于8位")
return false;
}
reg = /^(?![A-Za-z]+$)(?![A-Z\d]+$)(?![A-Z\W]+$)(?![a-z\d]+$)(?![a-z\W]+$)(?![\d\W]+$)\S{8,20}$/;
var mm = $("#newUserPwd").val();
if (!reg.test($("#newUserPwd").val())) {
toastr.warning("口令必须包含如下字符的组合:一个小写字母、个大写字母、一数字、一特殊字符!")
return false;
}
if($("#newReUserPwd").val() != $("#newUserPwd").val() ){
toastr.warning("重复密码与密码不一致!")
return false;
}
var userPwd = $("#newUserPwd").val();
$.ajax({
url: path+"/user/updatePassword",
data:{userPwd : userPwd},
dataType:'json',
success: function(data){
if(data.extend.result){
toastr.success("修改成功!");
window.location.replace(path+"/login")
setTimeout(function(){
window.location.reload();
},1000)
}else{
toastr.error("修改失败!");
}
}
});
});
/*//验证旧密码
$('#userPwd').blur(function () {
$.ajax({
type: "post",
url: path+"/user/updatePassword",
data:{userPwd : $("#userPwd").val()},
async:false,
success: function(data){
if( ! data.extend.result){
toastr.warning("旧密码输入错误!");
isOldValid = false;
}else{
isOldValid = true;
}
}
});
})*/
});
/**
* 密码强度动态验证
* @param passName
* @constructor
*/
function AnalyzePasswordSecurityLevel(passName) {
var password =$("#"+passName).val();
var pwdArray = new Array();
var securityLevelFlag = 0;
if (passName == "newReUserPwd") {
if(password == $("#newUserPwd").val()){
if (password.length < 8) {
if (passName == "newUserPwd"){
$("#newUserPwdText").text("");
$("#newUserPwdText").text("密码长度不能小于8位");
}
if (passName == "newReUserPwd") {
$("#newReUserPwdText").text("");
$("#newReUserPwdText").text("密码长度不能小于8位");
}
}
else {
var securityLevelFlagArray = new Array(0, 0, 0, 0);
for (var i = 0; i < password.length; i++) {
var asciiNumber = password.substr(i, 1).charCodeAt();
if (asciiNumber >= 48 && asciiNumber <= 57) {
securityLevelFlagArray[0] = 1; //digital
}
else if (asciiNumber >= 97 && asciiNumber <= 122) {
securityLevelFlagArray[1] = 1; //lowercase
}
else if (asciiNumber >= 65 && asciiNumber <= 90) {
securityLevelFlagArray[2] = 1; //uppercase
}
else {
securityLevelFlagArray[3] = 1; //specialcase
}
}
for (var i = 0; i < securityLevelFlagArray.length; i++) {
if (securityLevelFlagArray[i] == 1) {
securityLevelFlag++;
}
}
if (passName == "newUserPwd"){
if (securityLevelFlag == 1){
$("#newUserPwdText").text("");
$("#newUserPwdText").text("密码安全低");
}
if (securityLevelFlag == 2 || securityLevelFlag == 3){
$("#newUserPwdText").text("");
$("#newUserPwdText").text("密码安全中等");
}
if (securityLevelFlag == 4){
$("#newUserPwdText").text("");
$("#newUserPwdText").text("密码安全高");
}
}
if (passName == "newReUserPwd") {
if (securityLevelFlag == 1){
$("#newReUserPwdText").text("");
$("#newReUserPwdText").text("密码安全低");
}
if (securityLevelFlag == 2 || securityLevelFlag == 3){
$("#newReUserPwdText").text("");
$("#newReUserPwdText").text("密码安全中等");
}
if (securityLevelFlag == 4){
$("#newReUserPwdText").text("");
$("#newReUserPwdText").text("密码安全高");
}
}
}
} else {
$("#newReUserPwdText").text("");
$("#newReUserPwdText").text("两次密码不相同");
}
} else {
if (password.length < 8) {
if (passName == "newUserPwd"){
$("#newUserPwdText").text("");
$("#newUserPwdText").text("密码长度不能小于8位");
}
if (passName == "newReUserPwd") {
$("#newReUserPwdText").text("");
$("#newReUserPwdText").text("密码长度不能小于8位");
}
}
else {
var securityLevelFlagArray = new Array(0, 0, 0, 0);
for (var i = 0; i < password.length; i++) {
var asciiNumber = password.substr(i, 1).charCodeAt();
if (asciiNumber >= 48 && asciiNumber <= 57) {
securityLevelFlagArray[0] = 1; //digital
}
else if (asciiNumber >= 97 && asciiNumber <= 122) {
securityLevelFlagArray[1] = 1; //lowercase
}
else if (asciiNumber >= 65 && asciiNumber <= 90) {
securityLevelFlagArray[2] = 1; //uppercase
}
else {
securityLevelFlagArray[3] = 1; //specialcase
}
}
for (var i = 0; i < securityLevelFlagArray.length; i++) {
if (securityLevelFlagArray[i] == 1) {
securityLevelFlag++;
}
}
if (passName == "newUserPwd"){
if (securityLevelFlag == 1){
$("#newUserPwdText").text("");
$("#newUserPwdText").text("密码安全低");
}
if (securityLevelFlag == 2 || securityLevelFlag == 3){
$("#newUserPwdText").text("");
$("#newUserPwdText").text("密码安全中等");
}
if (securityLevelFlag == 4){
$("#newUserPwdText").text("");
$("#newUserPwdText").text("密码安全高");
}
}
if (passName == "newReUserPwd") {
if (securityLevelFlag == 1){
$("#newReUserPwdText").text("");
$("#newReUserPwdText").text("密码安全低");
}
if (securityLevelFlag == 2 || securityLevelFlag == 3){
$("#newReUserPwdText").text("");
$("#newReUserPwdText").text("密码安全中等");
}
if (securityLevelFlag == 4){
$("#newReUserPwdText").text("");
$("#newReUserPwdText").text("密码安全高");
}
}
}
}
}

10
power-dao/src/main/java/com/manage/entity/Power_User.java
Unescape Escape View File

@ -9,6 +9,14 @@ public class Power_User{
private String name;
public String getUserPwdNew() {
return userPwdNew;
}
public void setUserPwdNew(String userPwdNew) {
this.userPwdNew = userPwdNew;
}
private String userPwd;
private Integer userSex;
@ -37,6 +45,8 @@ public class Power_User{
private String remark;
private String userPwdNew;
private String userWechat;
public String getUserWechat() {

6
power-foundaton/src/main/java/com/manage/encrypt/MD5.java
Unescape Escape View File

@ -65,8 +65,10 @@ public class MD5 {
}
// 测试主函数
public static void main(String args[]) {
String s = new String("a");
public static void main(String args[]) {
String encode = Base64.encode(MD5.KL("123456"));
System.out.println("原始123456" + encode);
String s = new String("e10adc3949ba59abbe56e057f20f883e");
System.out.println("原始:" + s);
System.out.println("MD5后" + MD5(s));
System.out.println("MD5后再加密" + KL(MD5(s)));

2
power-service/src/main/java/com/manage/service/Power_UserService.java
Unescape Escape View File

@ -84,7 +84,7 @@ public interface Power_UserService {
* @Author ljx
* @Description
* */
public boolean updatePassword(String newUserPwd);
public boolean updatePassword(String userPwd);
String generateUUID(Integer userId);

6
power-service/src/main/java/com/manage/service/ipml/Power_UserServiceImpl.java
Unescape Escape View File

@ -247,10 +247,10 @@ public class Power_UserServiceImpl implements Power_UserService {
}
@Override
public boolean updatePassword(String newUserPwd) {
public boolean updatePassword(String userPwd) {
Power_User powerUser = (Power_User) ActionScopeUtils.getSessionAttribute(Constant.CURRENT_USER);
if(StringUtils.isNotBlank(newUserPwd)){
powerUser.setUserPwd(Base64.encode(MD5.KL(newUserPwd)));
if(StringUtils.isNotBlank(userPwd)){
powerUser.setUserPwd(Base64.encode(MD5.KL(userPwd)));
powerUserMapper.updateByPrimaryKeySelective(powerUser);
return true;
}

Write Preview
Loading…
Cancel
Save