@Override public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) { JwtToken jwtToken = (JwtToken) token; Object accountCredentials = getCredentials(info); if(jwtToken.getPassword()!=null){ Object tokenCredentials = MD5EncryptUtil.encrypt(String.valueOf( jwtToken.getPassword())+jwtToken.getUsername()); if(!accountCredentials.equals(tokenCredentials)){ throw new DisabledAccountException("密码不正确!"); } }else{ boolean verify = JwtUtil.verify(jwtToken.getToken(), jwtToken.getUsername(), accountCredentials.toString()); if(!verify){ throw new DisabledAccountException("verifyFail"); } } return true; }
@Override public void resetPassword(ResetPasswordDTO resetPasswordDTO){ SysUser user = this.selectById(resetPasswordDTO.getUid().trim()); if(user==null){ throw RequestException.fail(String.format("不存在ID为 %s 的用户",resetPasswordDTO.getUid())); } String password = MD5EncryptUtil.encrypt(String.valueOf(resetPasswordDTO.getPassword())+user.getUsername()); user.setPassword(password); try { this.updateById(user); shiroService.clearAuthByUserId(user.getId(),true,true); }catch (Exception e){ throw RequestException.fail(String.format("ID为 %s 的用户密码重置失败",resetPasswordDTO.getUid()),e); } } }
@Override public void add(UserAddDTO addDTO) { SysUser findUser = this.findUserByName(addDTO.getUsername(),false); if(findUser!=null){ throw RequestException.fail( String.format("已经存在用户名为 %s 的用户",addDTO.getUsername())); } try { findUser = new SysUser(); BeanUtils.copyProperties(addDTO,findUser); findUser.setCreateDate(new Date()); findUser.setPassword(MD5EncryptUtil.encrypt(String.valueOf(findUser.getPassword())+findUser.getUsername())); this.insert(findUser); this.updateUserRole(findUser); }catch (Exception e){ throw RequestException.fail("添加用户失败",e); } }
/** * 选择加密方式并进行加密 * @param formatStringBody 目标加密字符串 * @param infoBean 加密信息 * @return 加密结果 */ private String switchEncrypt(String formatStringBody,EncryptAnnotationInfoBean infoBean){ EncryptBodyMethod method = infoBean.getEncryptBodyMethod(); if(method==null){ throw new EncryptMethodNotFoundException(); } if(method == EncryptBodyMethod.MD5){ return MD5EncryptUtil.encrypt(formatStringBody); } if(method == EncryptBodyMethod.SHA){ SHAEncryptType shaEncryptType = infoBean.getShaEncryptType(); if(shaEncryptType==null) shaEncryptType = SHAEncryptType.SHA256; return SHAEncryptUtil.encrypt(formatStringBody,shaEncryptType); } String key = infoBean.getKey(); if(method == EncryptBodyMethod.DES){ key = CheckUtils.checkAndGetKey(config.getAesKey(),key,"DES-KEY"); return DESEncryptUtil.encrypt(formatStringBody,key); } if(method == EncryptBodyMethod.AES){ key = CheckUtils.checkAndGetKey(config.getAesKey(),key,"AES-KEY"); return AESEncryptUtil.encrypt(formatStringBody,key); } throw new EncryptBodyFailException(); }