Java Code Examples for com.jfinal.kit.HashKit#sha1()

The following examples show how to use com.jfinal.kit.HashKit#sha1() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: MainController.java    From my_curd with Apache License 2.0 5 votes vote down vote up
public void changePwd() {
    String oldPwd = getPara("oldPwd");
    String newPwd = getPara("newPwd");
    String reNewPwd = getPara("reNewPwd");

    if (StringUtils.isEmpty(oldPwd)) {
        renderFail("请输入原密码");
        return;
    }
    if (StringUtils.isEmpty(newPwd)) {
        renderFail("请输入新密码");
        return;
    }
    if (!Objects.equals(newPwd, reNewPwd)) {
        renderFail("两次新密码不一致");
        return;
    }

    oldPwd = HashKit.sha1(oldPwd);
    SysUser curUser = WebUtils.getSysUser(this);
    SysUser sysUser = SysUser.dao.findByUsernameAndPassword(curUser.getUsername(), oldPwd);
    if (sysUser == null) {
        renderFail("旧密码错误");
        return;
    }
    if ("1".equals(sysUser.getUserState())) {
        renderFail("用户被禁用,无法修改密码");
        return;
    }

    newPwd = HashKit.sha1(newPwd);
    sysUser.setPassword(newPwd);
    boolean updateFlag = sysUser.update();

    if (updateFlag) {
        renderSuccess("修改密码成功");
    } else {
        renderFail("修改密码失败");
    }
}
 
Example 2
Source File: SysUserController.java    From my_curd with Apache License 2.0 5 votes vote down vote up
/**
 * 重置密码
 */
@Before(IdsRequired.class)
public void resetPwd() {
    String ids = getPara("ids").replaceAll(",", "','");
    String sha1Pwd = HashKit.sha1(DEFAULT_PWD);
    String sql = "update sys_user set password = ? where id in ('" + ids + "')";
    Db.update(sql, sha1Pwd);
    renderSuccess("重置密码成功。新密码: " + DEFAULT_PWD);
}
 
Example 3
Source File: JbootWechatController.java    From jboot with Apache License 2.0 4 votes vote down vote up
@NotAction
    public void initJsSdkConfig() {

        JbootWechatConfig config = Jboot.config(JbootWechatConfig.class);


        // 1.拼接url(当前网页的URL,不包含#及其后面部分)
        String url = getRequest().getRequestURL().toString().split("#")[0];
        String query = getRequest().getQueryString();
        if (StrUtil.isNotBlank(query)) {
            url = url.concat("?").concat(query);
        }


//        JsTicket jsTicket = JsTicketApi.getTicket(JsTicketApi.JsApiType.jsapi);
        JsTicket jsTicket = WechatApis.getTicket(WechatApis.JsApiType.jsapi);

        String _wxJsApiTicket = jsTicket.getTicket();

        String noncestr = StrUtil.uuid();
        String timestamp = (System.currentTimeMillis() / 1000) + "";

        Map<String, String> _wxMap = new TreeMap<String, String>();
        _wxMap.put("noncestr", noncestr);
        _wxMap.put("timestamp", timestamp);
        _wxMap.put("jsapi_ticket", _wxJsApiTicket);
        _wxMap.put("url", url);

        //拼接字符串
        StringBuilder paramsBuilder = new StringBuilder();
        for (Map.Entry<String, String> param : _wxMap.entrySet()) {
            paramsBuilder.append(param.getKey()).append("=").append(param.getValue()).append("&");
        }
        String signString = paramsBuilder.substring(0, paramsBuilder.length() - 1);

        //签名
        String signature = HashKit.sha1(signString);

        setAttr("wechatDebug", config.getDebug());
        setAttr("wechatAppId", getApiConfig().getAppId());
        setAttr("wechatNoncestr", noncestr);
        setAttr("wechatTimestamp", timestamp);
        setAttr("wechatSignature", signature);

    }
 
Example 4
Source File: LoginController.java    From my_curd with Apache License 2.0 4 votes vote down vote up
/**
 * 登录表单提交地址
 */
public void action() {
    String username = getPara("username");
    String password = getPara("password");

    /* username password 无效 */
    if (StrKit.isBlank(username)) {
        setAttr("errMsg", "请填写用户名。");
        render("login.ftl");
        return;
    }
    if (StrKit.isBlank(password)) {
        setAttr("errMsg", "请填写密码。");
        render("login.ftl");
        return;
    }
    SysUser sysUser = SysUser.dao.findByUsername(username);
    if (sysUser == null) {
        setAttr("errMsg", username + " 用户不存在。");
        render("login.ftl");
        return;
    }

    // 密码错误 n 次 锁定 m 分钟
    BaseCache<String, AtomicInteger> retryCache = CacheContainer.getLoginRetryLimitCache();
    AtomicInteger retryTimes = retryCache.getCache(username);
    if (retryTimes.get() >= LoginRetryLimitCache.RETRY_LIMIT) {
        setAttr("username", username);
        setAttr("errMsg", " 账号已被锁定, " + LoginRetryLimitCache.LOCK_TIME + "分钟后可自动解锁。 ");
        render("login.ftl");
        return;
    }
    password = HashKit.sha1(password);
    if (!sysUser.getPassword().equals(password)) {
        int nowRetryTimes = retryTimes.incrementAndGet();  // 错误次数 加 1
        setAttr("username", username);
        if ((LoginRetryLimitCache.RETRY_LIMIT - nowRetryTimes) == 0) {
            setAttr("errMsg", " 账号已被锁定, " + LoginRetryLimitCache.LOCK_TIME + "分钟后可自动解锁。 ");
        } else {
            setAttr("errMsg", " 密码错误, 再错误 "
                    + (LoginRetryLimitCache.RETRY_LIMIT - nowRetryTimes) + " 次账号将被锁定" + LoginRetryLimitCache.LOCK_TIME + "分钟。");
        }
        render("login.ftl");
        return;
    }
    retryCache.put(username, new AtomicInteger()); // 密码正确缓存数清0

    if (sysUser.getUserState().equals("1")) {
        setAttr("errMsg", username + " 用户被禁用,请联系管理员。");
        render("login.ftl");
        return;
    }

    /* username password 有效 */

    // 如果选中了记住密码且cookie信息不存在,生成新的cookie 信息
    String remember = getPara("remember");
    if ("on".equals(remember) && getCookie(USERNAME_KEY) == null) {
        setCookie(USERNAME_KEY, username, 60 * 60 * 24);  // 1天
        setCookie(PASSWORD_KEY, password, 60 * 60 * 24);
    }

    sysUser.setLastLoginTime(new Date());
    sysUser.update();

    afterLogin(sysUser);

    // 登录日志
    redirect("/dashboard");
}
 
Example 5
Source File: SignatureCheckKit.java    From jfinal-weixin with Apache License 2.0 3 votes vote down vote up
/**
 * php 示例
 *  $signature = $_GET["signature"];
       $timestamp = $_GET["timestamp"];
       $nonce = $_GET["nonce"];	
       		
	$token = TOKEN;
	$tmpArr = array($token, $timestamp, $nonce);
	sort($tmpArr, SORT_STRING);
	$tmpStr = implode( $tmpArr );
	$tmpStr = sha1( $tmpStr );
	
	if( $tmpStr == $signature ){
		return true;
	}else{
		return false;
	}
 * @return
 */
public boolean checkSignature(String signature, String timestamp, String nonce) {
	String TOKEN = ApiConfigKit.getApiConfig().getToken();
	String array[] = {TOKEN, timestamp, nonce};
	Arrays.sort(array);
	String tempStr = new StringBuilder().append(array[0] + array[1] + array[2]).toString();
	tempStr = HashKit.sha1(tempStr);
	return tempStr.equalsIgnoreCase(signature);
}