Merge branch 'zhaoyue-dev3' into 'master'
MOD admin pass See merge request !35
Showing
1 changed file
with
9 additions
and
4 deletions
@@ -55,7 +55,7 @@ public class AdminAccountController { | @@ -55,7 +55,7 @@ public class AdminAccountController { | ||
55 | //未注册 | 55 | //未注册 |
56 | if (admin == null) { | 56 | if (admin == null) { |
57 | //提示用户名或密码错误 | 57 | //提示用户名或密码错误 |
58 | - return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR),HttpStatus.OK); | 58 | + return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.OK); |
59 | } | 59 | } |
60 | String salt = admin.getSalt(); | 60 | String salt = admin.getSalt(); |
61 | String adminType = Integer.toString(admin.getType()); | 61 | String adminType = Integer.toString(admin.getType()); |
@@ -68,7 +68,7 @@ public class AdminAccountController { | @@ -68,7 +68,7 @@ public class AdminAccountController { | ||
68 | if (!calcuPass.equals(pass_in_db) ||//密码错误 | 68 | if (!calcuPass.equals(pass_in_db) ||//密码错误 |
69 | admin.getStatus() != 1) {//用户无效 | 69 | admin.getStatus() != 1) {//用户无效 |
70 | //提示用户名或密码错误 | 70 | //提示用户名或密码错误 |
71 | - return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR),HttpStatus.OK); | 71 | + return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.OK); |
72 | } | 72 | } |
73 | 73 | ||
74 | //生成一个token,保存用户登录状态 | 74 | //生成一个token,保存用户登录状态 |
@@ -101,16 +101,21 @@ public class AdminAccountController { | @@ -101,16 +101,21 @@ public class AdminAccountController { | ||
101 | //提示用户名或密码错误 | 101 | //提示用户名或密码错误 |
102 | return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.OK); | 102 | return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.OK); |
103 | } | 103 | } |
104 | + | ||
104 | String salt = admin.getSalt(); | 105 | String salt = admin.getSalt(); |
106 | + String adminType = Integer.toString(admin.getType()); | ||
107 | + String str = account + password + adminType + salt; // 构建待加密字符串 | ||
108 | + String calcuPass = SecurityTool.encode(SecurityTool.ALGORITHM_MD5, str); | ||
109 | + | ||
105 | String pass_in_db = admin.getPwd(); | 110 | String pass_in_db = admin.getPwd(); |
106 | - String calcuPass = SecurityTool.getPassword(account, password, salt); | ||
107 | if (!calcuPass.equals(pass_in_db) ||//密码错误 | 111 | if (!calcuPass.equals(pass_in_db) ||//密码错误 |
108 | admin.getStatus() != 1) {//用户无效 | 112 | admin.getStatus() != 1) {//用户无效 |
109 | //提示用户名或密码错误 | 113 | //提示用户名或密码错误 |
110 | return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.OK); | 114 | return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.OK); |
111 | } | 115 | } |
112 | salt = SecurityTool.genSalt(); | 116 | salt = SecurityTool.genSalt(); |
113 | - String pass2Db = SecurityTool.getPassword(admin.getAccount(), newpwd, salt); | 117 | + str = account + newpwd + adminType + salt; // 构建待加密字符串 |
118 | + String pass2Db = SecurityTool.encode(SecurityTool.ALGORITHM_MD5, str); | ||
114 | admin.setPwd(pass2Db); | 119 | admin.setPwd(pass2Db); |
115 | admin.setSalt(salt); | 120 | admin.setSalt(salt); |
116 | adminRepository.save(admin); | 121 | adminRepository.save(admin); |
-
Please register or login to post a comment