Authored by zhaoyue

Merge branch 'zhaoyue-dev3' into 'master'

MOD admin pass



See merge request !35
... ... @@ -55,10 +55,10 @@ public class AdminAccountController {
//未注册
if (admin == null) {
//提示用户名或密码错误
return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR),HttpStatus.OK);
return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.OK);
}
String salt = admin.getSalt();
String adminType = Integer.toString(admin.getType());
String adminType = Integer.toString(admin.getType());
String str = account + password + adminType + salt; // 构建待加密字符串
String calcuPass = SecurityTool.encode(SecurityTool.ALGORITHM_MD5, str);
... ... @@ -68,7 +68,7 @@ public class AdminAccountController {
if (!calcuPass.equals(pass_in_db) ||//密码错误
admin.getStatus() != 1) {//用户无效
//提示用户名或密码错误
return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR),HttpStatus.OK);
return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.OK);
}
//生成一个token,保存用户登录状态
... ... @@ -101,16 +101,21 @@ public class AdminAccountController {
//提示用户名或密码错误
return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.OK);
}
String salt = admin.getSalt();
String adminType = Integer.toString(admin.getType());
String str = account + password + adminType + salt; // 构建待加密字符串
String calcuPass = SecurityTool.encode(SecurityTool.ALGORITHM_MD5, str);
String pass_in_db = admin.getPwd();
String calcuPass = SecurityTool.getPassword(account, password, salt);
if (!calcuPass.equals(pass_in_db) ||//密码错误
admin.getStatus() != 1) {//用户无效
//提示用户名或密码错误
return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.OK);
}
salt = SecurityTool.genSalt();
String pass2Db = SecurityTool.getPassword(admin.getAccount(), newpwd, salt);
str = account + newpwd + adminType + salt; // 构建待加密字符串
String pass2Db = SecurityTool.encode(SecurityTool.ALGORITHM_MD5, str);
admin.setPwd(pass2Db);
admin.setSalt(salt);
adminRepository.save(admin);
... ...