Authored by zhaoyue

Add login and mod pwd

git add --all src/*
git add push.sh
git add pom.xml
git commit -m "Fix little bug"
git commit -m "Add login and mod pwd"
git push origin zhaoyue-dev
git status
... ...
... ... @@ -81,4 +81,37 @@ public class AdminAccountController {
tokenManager.deleteToken(USPIH_TOKEN_PREFIX + admin.getId());
return new ResponseEntity<>(ResultModel.ok(), HttpStatus.OK);
}
@AntiXSS
@RequestMapping(method = RequestMethod.PUT)
@ApiOperation(value = "USPIH Login and modify password", notes = "loginmodpwd")
public ResponseEntity<ResultModel> loginModPwd(@RequestParam String account, @RequestParam String password, @RequestParam String newpwd) {
Assert.notNull(account, "account can not be empty");
Assert.notNull(password, "password can not be empty");
XklAdminEntity admin = adminRepository.findByAccountAndStatus(account, Constants.STATUS_OK);
//未注册
if (admin == null) {
//提示用户名或密码错误
return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.OK);
}
String salt = admin.getSalt();
String pass_in_db = admin.getPwd();
String calcuPass = SecurityTool.getPassword(account, password, salt);
if (!calcuPass.equals(pass_in_db) ||//密码错误
admin.getStatus() != 1) {//用户无效
//提示用户名或密码错误
return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.OK);
}
salt = SecurityTool.genSalt();
String pass2Db = SecurityTool.getPassword(admin.getAccount(), newpwd, salt);
admin.setPwd(pass2Db);
admin.setSalt(salt);
adminRepository.save(admin);
//生成一个token,保存用户登录状态
TokenModel model = tokenManager.createToken(USPIH_TOKEN_PREFIX + admin.getId());
return new ResponseEntity<>(ResultModel.ok(model), HttpStatus.OK);
}
}
... ...