org.apache.shiro.crypto.hash.Sha256Hash Java Examples
The following examples show how to use
Example #1
Source File: From NutzSite with Apache License 2.0 | 6 votes |
@At @POST @Ok("json") @Slog(tag="个人信息", after="重置密码") public Result resetPwdDo(@Param("oldPassword") String oldPassword, @Param("newPassword") String newPassword) { User user = ShiroUtils.getSysUser(); String old = new Sha256Hash(oldPassword, user.getSalt(), 1024).toBase64(); if (Strings.isNotBlank(newPassword) && old.equals(user.getPassword())) { user.setPassword(newPassword); if (userService.resetUserPwd(user) > 0) { ShiroUtils.setSysUser(userService.fetch(user.getId())); return Result.success("system.success"); } return Result.error("system.error"); } else { return Result.error("profile.resetpwd"); } }
Example #2
Source File: From springboot-admin with Apache License 2.0 | 6 votes |
/** * 修改登录用户密码 */ @SysLog("修改密码") @RequestMapping("/updatePassword") public Result updatePassword(String password, String newPassword){ if(StringUtils.isBlank(newPassword)){ throw new AppException("新密码不为能空"); } //sha256加密 password = new Sha256Hash(password, getUser().getSalt()).toHex(); //sha256加密 newPassword = new Sha256Hash(newPassword, getUser().getSalt()).toHex(); //更新密码 int count = sysUserService.updatePassword(getUser(), password, newPassword); if(count == 0){ return Result.error("原密码不正确"); } return Result.ok(); }
Example #3
Source File: From sdb-mall with Apache License 2.0 | 6 votes |
/** * 登录 */ @PostMapping("/sys/login") public Map<String, Object> login(@RequestBody SysLoginForm form)throws IOException { boolean captcha = sysCaptchaService.validate(form.getUuid(), form.getCaptcha()); if(!captcha){ return R.error("验证码不正确"); } //用户信息 SysUser user = sysUserService.queryByUserName(form.getUsername()); //账号不存在、密码错误 if(user == null || !user.getPassword().equals(new Sha256Hash(form.getPassword(), user.getSalt()).toHex())) { return R.error("账号或密码不正确"); } //账号锁定 if(user.getStatus() == 0){ return R.error("账号已被锁定,请联系管理员"); } //生成token,并保存到数据库 R r = sysUserTokenService.createToken(user.getUserId()); return r; }
Example #4
Source File: From sdb-mall with Apache License 2.0 | 6 votes |
@Override @JFinalTx public void save(SysUser user) { user.setCreateTime(new Date()); //sha256加密 String salt = RandomStringUtils.randomAlphanumeric(20); user.setPassword(new Sha256Hash(user.getPassword(), salt).toHex()); user.setSalt(salt);; //检查角色是否越权 checkRole(user); //保存用户与角色关系 sysUserRoleService.saveOrUpdate(user.getUserId(), user.getRoleIdList()); }
Example #5
Source File: From sdb-mall with Apache License 2.0 | 6 votes |
@Override @JFinalTx public boolean update(SysUser user) { if(StringUtils.isBlank(user.getPassword())){ user.remove("password"); }else{ user.setPassword(new Sha256Hash(user.getPassword(), user.getSalt()).toHex()); } boolean updateSucc = user.update(); //检查角色是否越权 checkRole(user); //保存用户与角色关系 sysUserRoleService.saveOrUpdate(user.getUserId(), user.getRoleIdList()); return updateSucc; }
Example #6
Source File: From renren-fast with GNU General Public License v3.0 | 6 votes |
/** * 登录 */ @RequestMapping(value = "/sys/login", method = RequestMethod.POST) public Map<String, Object> login(String username, String password, String captcha)throws IOException { String kaptcha = ShiroUtils.getKaptcha(Constants.KAPTCHA_SESSION_KEY); if(!captcha.equalsIgnoreCase(kaptcha)){ return R.error("验证码不正确"); } //用户信息 SysUserEntity user = sysUserService.queryByUserName(username); //账号不存在、密码错误 if(user == null || !user.getPassword().equals(new Sha256Hash(password, user.getSalt()).toHex())) { return R.error("账号或密码不正确"); } //账号锁定 if(user.getStatus() == 0){ return R.error("账号已被锁定,请联系管理员"); } //生成token,并保存到数据库 R r = sysUserTokenService.createToken(user.getUserId()); return r; }
Example #7
Source File: From renren-fast with GNU General Public License v3.0 | 6 votes |
@Override @Transactional public void save(SysUserEntity user) { user.setCreateTime(new Date()); //sha256加密 String salt = RandomStringUtils.randomAlphanumeric(20); user.setPassword(new Sha256Hash(user.getPassword(), salt).toHex()); user.setSalt(salt);; //检查角色是否越权 checkRole(user); //保存用户与角色关系 sysUserRoleService.saveOrUpdate(user.getUserId(), user.getRoleIdList()); }
Example #8
Source File: From renren-fast with GNU General Public License v3.0 | 6 votes |
@Override @Transactional public void update(SysUserEntity user) { if(StringUtils.isBlank(user.getPassword())){ user.setPassword(null); }else{ user.setPassword(new Sha256Hash(user.getPassword(), user.getSalt()).toHex()); } sysUserDao.update(user); //检查角色是否越权 checkRole(user); //保存用户与角色关系 sysUserRoleService.saveOrUpdate(user.getUserId(), user.getRoleIdList()); }
Example #9
Source File: From springboot-admin with Apache License 2.0 | 6 votes |
@GetMapping("/login") public Result login(String username, String password){ //用户信息 SysUser user = sysUserService.queryByUserName(username); //账号不存在 if(user == null) { return Result.error("账号不存在"); } //密码错误 if(!user.getPassword().equals(new Sha256Hash(password, user.getSalt()).toHex())) { return Result.error("密码不正确"); } //生成token String token = jwtUtils.generateToken(user.getId()); Map<String, Object> map = new HashMap<>(); map.put("userId", user.getId()); map.put("token", token); map.put("expire", jwtUtils.getExpire()); Result r=Result.ok().put(map); return r; }
Example #10
Source File: From java-course-ee with MIT License | 5 votes |
public void createUser(String username, String email, String password) { User user = new User(); user.setUsername(username); user.setEmail(email); user.setPassword(new Sha256Hash(password).toHex()); userDAO.createUser(user); }
Example #11
Source File: From java-course-ee with MIT License | 5 votes |
public void afterPropertiesSet() throws Exception { //because we're using an in-memory hsqldb for the sample app, a new one will be created each time the //app starts, so insert the sample admin user at startup: JdbcTemplate jdbcTemplate = new JdbcTemplate(this.dataSource); jdbcTemplate.execute("insert into roles values (1, 'user', 'The default role given to all users.')"); jdbcTemplate.execute("insert into roles values (2, 'admin', 'The administrator role only given to site admins')"); jdbcTemplate.execute("insert into roles_permissions values (2, 'user:*')"); jdbcTemplate.execute("insert into users(id,username,email,password) values (1, 'admin', '', '" + new Sha256Hash("admin").toHex() + "')"); jdbcTemplate.execute("insert into users_roles values (1, 2)"); }
Example #12
Source File: From java-course-ee with MIT License | 5 votes |
public void updateUser(User user) { Assert.isTrue(userId.equals(user.getId()), "User ID of command must match the user being updated."); user.setUsername(getUsername()); user.setEmail(getEmail()); if (StringUtils.hasText(getPassword())) { user.setPassword(new Sha256Hash(getPassword()).toHex()); } }
Example #13
Source File: From java-webapp-security-examples with Apache License 2.0 | 5 votes |
@Bean(name = "jdbcRealm") @DependsOn("lifecycleBeanPostProcessor") public JdbcRealm jdbcRealm() { JdbcRealm realm = new JdbcRealm(); HashedCredentialsMatcher credentialsMatcher = new HashedCredentialsMatcher(); credentialsMatcher.setHashAlgorithmName(Sha256Hash.ALGORITHM_NAME); realm.setCredentialsMatcher(credentialsMatcher); realm.setDataSource(dataSource); realm.init(); return realm; }
Example #14
Source File: From springboot-admin with Apache License 2.0 | 5 votes |
@Override @Transactional public void update(SysUser user) { sysUserRedis.delete(user); if(StringUtils.isBlank(user.getPassword())){ user.setPassword(null); }else{ user.setPassword(new Sha256Hash(user.getPassword(), user.getSalt()).toHex()); } sysUserDao.update(user); //保存用户与角色关系 sysUserRoleService.saveOrUpdate(user.getId(), user.getRoleIdList()); }
Example #15
Source File: From springboot-admin with Apache License 2.0 | 5 votes |
@Override @Transactional public void save(SysUser user) { user.setCreateTime(new Date()); //sha256加密 String salt = RandomStringUtils.randomAlphanumeric(20); user.setPassword(new Sha256Hash(user.getPassword(), salt).toHex()); user.setSalt(salt);; //保存用户与角色关系 sysUserRoleService.saveOrUpdate(user.getId(), user.getRoleIdList()); sysUserRedis.saveOrUpdate(user); }
Example #16
Source File: From springboot-admin with Apache License 2.0 | 5 votes |
/** * 登录 */ @RequestMapping(value = "/sys/login", method = RequestMethod.POST) public Result login(String username, String password, String captcha)throws IOException { //验证码 if(SpringContextUtils.getBean(KaptchaConfig.class).getKaptchaOpen()){ String kaptcha = getKaptcha(Constants.KAPTCHA_SESSION_KEY); if(!captcha.equalsIgnoreCase(kaptcha)){ return Result.error("验证码不正确"); } } //用户信息 SysUser user = sysUserService.queryByUserName(username); //账号不存在 if(user == null) { return Result.error("账号不存在"); } //密码错误 if(!user.getPassword().equals(new Sha256Hash(password, user.getSalt()).toHex())) { return Result.error("密码不正确"); } //账号锁定 if(Constant.UserStatus.DISABLE.getValue() == user.getStatus()){ return Result.error("账号已被锁定,请联系管理员"); } //生成token,并保存到数据库 Map<String, Object> result=sysUserTokenService.createToken(user.getId()); Result r =Result.ok().put(result); return r; }
Example #17
Source File: From arcusplatform with Apache License 2.0 | 5 votes |
@Override public String hashCredentials(String credentials, ByteSource salt) { if(credentials == null || salt == null) { return null; } return new Sha256Hash(credentials, salt, ITERATIONS).toBase64(); }
Example #18
Source File: From arcusplatform with Apache License 2.0 | 5 votes |
public Sha256CredentialsHashingStrategy() { HashedCredentialsMatcher hashMatcher = new HashedCredentialsMatcher(); hashMatcher.setHashAlgorithmName(Sha256Hash.ALGORITHM_NAME); hashMatcher.setHashIterations(ITERATIONS); hashMatcher.setStoredCredentialsHexEncoded(false); credentialsMatcher = hashMatcher; }
Example #19
Source File: From NutzSite with Apache License 2.0 | 5 votes |
@At @Ok("json") public boolean checkPassword(@Param("oldPassword") String password) { User user = ShiroUtils.getSysUser(); String old = new Sha256Hash(password, user.getSalt(), 1024).toBase64(); if (old.equals(user.getPassword())) { return true; } return false; }
Example #20
Source File: From NutzSite with Apache License 2.0 | 5 votes |
/** * 重置密码 * * @param user * @return */ @Override public int resetUserPwd(User user) { RandomNumberGenerator rng = new SecureRandomNumberGenerator(); String salt = rng.nextBytes().toBase64(); user.setSalt(salt); String hashedPasswordBase64 = new Sha256Hash(user.getPassword(), salt, 1024).toBase64(); user.setPassword(hashedPasswordBase64); user.setUpdateTime(new Date()); return dao().updateIgnoreNull(user); }
Example #21
Source File: From NutzSite with Apache License 2.0 | 5 votes |
/** * 新增 * * @param user * @return */ @Override public User insert(User user) { RandomNumberGenerator rng = new SecureRandomNumberGenerator(); //密码设置 String salt = rng.nextBytes().toBase64(); user.setSalt(salt); String hashedPasswordBase64 = new Sha256Hash(user.getPassword(), salt, 1024).toBase64(); user.setPassword(hashedPasswordBase64); dao().insert(user); this.updataRelation(user); return user; }
Example #22
Source File: From arcusplatform with Apache License 2.0 | 4 votes |
private byte[] sha1(String key, String salt) throws Exception { return new Sha256Hash(key, salt).getBytes(); }
Example #23
Source File: From parker with MIT License | 2 votes |
/** * SHA-256加密 * @param password * @return */ public static String shiroSha256(String password){ Sha256Hash sha256Hash = new Sha256Hash(password); return sha256Hash.toHex(); }
Example #24
Source File: From kitty with GNU Lesser General Public License v3.0 | 2 votes |
/** * 明文密码加密 * @param password * @param salt * @return */ public static String encrypte(String password, String salt) { return new Sha256Hash(password, salt).toHex(); }