...
|
...
|
@@ -55,10 +55,10 @@ public class AdminAccountController { |
|
|
//未注册
|
|
|
if (admin == null) {
|
|
|
//提示用户名或密码错误
|
|
|
return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR),HttpStatus.OK);
|
|
|
return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.OK);
|
|
|
}
|
|
|
String salt = admin.getSalt();
|
|
|
String adminType = Integer.toString(admin.getType());
|
|
|
String adminType = Integer.toString(admin.getType());
|
|
|
String str = account + password + adminType + salt; // 构建待加密字符串
|
|
|
String calcuPass = SecurityTool.encode(SecurityTool.ALGORITHM_MD5, str);
|
|
|
|
...
|
...
|
@@ -68,7 +68,7 @@ public class AdminAccountController { |
|
|
if (!calcuPass.equals(pass_in_db) ||//密码错误
|
|
|
admin.getStatus() != 1) {//用户无效
|
|
|
//提示用户名或密码错误
|
|
|
return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR),HttpStatus.OK);
|
|
|
return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.OK);
|
|
|
}
|
|
|
|
|
|
//生成一个token,保存用户登录状态
|
...
|
...
|
@@ -101,16 +101,21 @@ public class AdminAccountController { |
|
|
//提示用户名或密码错误
|
|
|
return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.OK);
|
|
|
}
|
|
|
|
|
|
String salt = admin.getSalt();
|
|
|
String adminType = Integer.toString(admin.getType());
|
|
|
String str = account + password + adminType + salt; // 构建待加密字符串
|
|
|
String calcuPass = SecurityTool.encode(SecurityTool.ALGORITHM_MD5, str);
|
|
|
|
|
|
String pass_in_db = admin.getPwd();
|
|
|
String calcuPass = SecurityTool.getPassword(account, password, salt);
|
|
|
if (!calcuPass.equals(pass_in_db) ||//密码错误
|
|
|
admin.getStatus() != 1) {//用户无效
|
|
|
//提示用户名或密码错误
|
|
|
return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.OK);
|
|
|
}
|
|
|
salt = SecurityTool.genSalt();
|
|
|
String pass2Db = SecurityTool.getPassword(admin.getAccount(), newpwd, salt);
|
|
|
str = account + newpwd + adminType + salt; // 构建待加密字符串
|
|
|
String pass2Db = SecurityTool.encode(SecurityTool.ALGORITHM_MD5, str);
|
|
|
admin.setPwd(pass2Db);
|
|
|
admin.setSalt(salt);
|
|
|
adminRepository.save(admin);
|
...
|
...
|
|