com.jfinal.kit.HashKit Java Examples

The following examples show how to use com.jfinal.kit.HashKit. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: ModelExt.java    From jfinal-ext3 with Apache License 2.0 6 votes vote down vote up
/**
 * redis key for attrs' values
 * @param flag : ids or id store
 * @return data[s]:md5(concat(columns' value))
 */
private String redisColumnKey(SqlpKit.FLAG flag) {
	StringBuilder key = new StringBuilder(this._getUsefulClass().toGenericString());
	String[] attrs = this._getAttrNames();
	Object val;
	for (String attr : attrs) {
		val = this.get(attr);
		if (null == val) {
			continue;
		}
		key.append(val.toString());
	}
	key = new StringBuilder(HashKit.md5(key.toString()));
	if (flag.equals(SqlpKit.FLAG.ONE)) {
		return "data:"+key;
	}
	return "datas:"+key;
}
 
Example #2
Source File: ApiInterceptor.java    From jpress with GNU Lesser General Public License v3.0 6 votes vote down vote up
private String createLocalSign(Controller controller) {
    String queryString = controller.getRequest().getQueryString();
    Map<String, String[]> params = controller.getRequest().getParameterMap();

    String[] keys = params.keySet().toArray(new String[0]);
    Arrays.sort(keys);
    StringBuilder query = new StringBuilder();
    for (String key : keys) {
        if ("sign".equals(key)) {
            continue;
        }

        //只对get参数里的进行签名
        if (queryString.indexOf(key + "=") == -1) {
            continue;
        }

        String value = params.get(key)[0];
        query.append(key).append(value);
    }
    query.append(apiSecret);
    return HashKit.md5(query.toString());
}
 
Example #3
Source File: UserServiceProvider.java    From jpress with GNU Lesser General Public License v3.0 6 votes vote down vote up
@Override
public Ret doValidateUserPwd(User user, String pwd) {

    if (user == null) {
        return Ret.fail("message", "用户名或密码不正确");
    }

    if (user.isStatusLocked()) {
        return Ret.fail("message", "该账号已被冻结");
    }

    String salt = user.getSalt();
    String hashedPass = HashKit.sha256(salt + pwd);

    // 未通过密码验证
    if (!user.getPassword().equals(hashedPass)) {
        return Ret.fail("message", "用户名或密码不正确");
    }

    // 更新用户的登录时间
    updateUserLoginedDate(user);

    return Ret.ok().set("user_id", user.getId());
}
 
Example #4
Source File: UserCenterController.java    From jpress with GNU Lesser General Public License v3.0 5 votes vote down vote up
@EmptyValidate({
        @Form(name = "oldPwd", message = "旧不能为空"),
        @Form(name = "newPwd", message = "新密码不能为空"),
        @Form(name = "confirmPwd", message = "确认密码不能为空")
})
public void doUpdatePwd(String oldPwd, String newPwd, String confirmPwd) {

    User user = getLoginedUser();

    if (userService.doValidateUserPwd(user, oldPwd).isFail()) {
        renderJson(Ret.fail().set("message", "密码错误"));
        return;
    }

    if (newPwd.equals(confirmPwd) == false) {
        renderJson(Ret.fail().set("message", "两次出入密码不一致"));
        return;
    }

    String salt = user.getSalt();
    String hashedPass = HashKit.sha256(salt + newPwd);

    user.setPassword(hashedPass);
    userService.update(user);

    renderOkJson();
}
 
Example #5
Source File: Kuaidi100ExpressQuerier.java    From jpress with GNU Lesser General Public License v3.0 5 votes vote down vote up
@Override
public List<ExpressInfo> query(ExpressCompany company, String num) {

    String appId = JPressOptions.get("express_api_appid");
    String appSecret = JPressOptions.get("express_api_appsecret");

    String param = "{\"com\":\"" + company.getCode() + "\",\"num\":\"" + num + "\"}";
    String sign = HashKit.md5(param + appSecret + appId).toUpperCase();
    HashMap params = new HashMap();
    params.put("param", param);
    params.put("sign", sign);
    params.put("customer", appId);


    String result = HttpUtil.httpPost("http://poll.kuaidi100.com/poll/query.do", params);
    if (StrUtil.isBlank(result)) {
        return null;
    }

    try {
        JSONObject jsonObject = JSON.parseObject(result);
        JSONArray jsonArray = jsonObject.getJSONArray("data");
        if (jsonArray != null && jsonArray.size() > 0) {
            List<ExpressInfo> list = new ArrayList<>();
            for (int i = 0; i < jsonArray.size(); i++) {
                JSONObject expObject = jsonArray.getJSONObject(i);
                ExpressInfo ei = new ExpressInfo();
                ei.setInfo(expObject.getString("context"));
                ei.setTime(expObject.getString("time"));
                list.add(ei);
            }
            return list;
        }
    } catch (Exception ex) {
        LOG.error(ex.toString(), ex);
    }

    LOG.error(result);
    return null;
}
 
Example #6
Source File: ShowapiExpressQuerier.java    From jpress with GNU Lesser General Public License v3.0 5 votes vote down vote up
private static String signRequest(Map<String, Object> params, String appkey) {
    String[] keys = params.keySet().toArray(new String[0]);
    Arrays.sort(keys);

    StringBuilder builder = new StringBuilder();
    for (String key : keys) {
        Object value = params.get(key);
        if (value != null && StrUtil.areNotEmpty(key, value.toString())) {
            builder.append(key).append(value);
        }
    }
    builder.append(appkey);
    return HashKit.md5(builder.toString());
}
 
Example #7
Source File: _UserController.java    From jpress with GNU Lesser General Public License v3.0 5 votes vote down vote up
@EmptyValidate({
        @Form(name = "newPwd", message = "新密码不能为空"),
        @Form(name = "confirmPwd", message = "确认密码不能为空")
})
public void doUpdatePwd(long uid, String oldPwd, String newPwd, String confirmPwd) {

    User user = userService.findById(uid);
    if (user == null) {
        renderJson(Ret.fail().set("message", "该用户不存在"));
        return;
    }

    //超级管理员可以修改任何人的密码
    if (!roleService.isSupperAdmin(getLoginedUser().getId())) {
        if (StrUtil.isBlank(oldPwd)) {
            renderJson(Ret.fail().set("message", "旧密码不能为空"));
            return;
        }

        if (userService.doValidateUserPwd(user, oldPwd).isFail()) {
            renderJson(Ret.fail().set("message", "密码错误"));
            return;
        }
    }


    if (newPwd.equals(confirmPwd) == false) {
        renderJson(Ret.fail().set("message", "两次出入密码不一致"));
        return;
    }

    String salt = user.getSalt();
    String hashedPass = HashKit.sha256(salt + newPwd);

    user.setPassword(hashedPass);
    userService.update(user);

    renderOkJson();
}
 
Example #8
Source File: SysUserController.java    From my_curd with Apache License 2.0 5 votes vote down vote up
/**
 * 重置密码
 */
@Before(IdsRequired.class)
public void resetPwd() {
    String ids = getPara("ids").replaceAll(",", "','");
    String sha1Pwd = HashKit.sha1(DEFAULT_PWD);
    String sql = "update sys_user set password = ? where id in ('" + ids + "')";
    Db.update(sql, sha1Pwd);
    renderSuccess("重置密码成功。新密码: " + DEFAULT_PWD);
}
 
Example #9
Source File: SysUserController.java    From my_curd with Apache License 2.0 5 votes vote down vote up
/**
 * add
 */
public void addAction() {
    SysUser sysUser = getBean(SysUser.class, "");
    sysUser.setId(IdUtils.id()).setCreater(WebUtils.getSessionUsername(this)).setCreateTime(new Date()).setUserState("0");
    sysUser.setPassword(HashKit.sha1(DEFAULT_PWD));
    if (sysUser.save()) {
        renderSuccess(ADD_SUCCESS);
    } else {
        renderFail(ADD_FAIL);
    }

}
 
Example #10
Source File: MainController.java    From my_curd with Apache License 2.0 5 votes vote down vote up
public void changePwd() {
    String oldPwd = getPara("oldPwd");
    String newPwd = getPara("newPwd");
    String reNewPwd = getPara("reNewPwd");

    if (StringUtils.isEmpty(oldPwd)) {
        renderFail("请输入原密码");
        return;
    }
    if (StringUtils.isEmpty(newPwd)) {
        renderFail("请输入新密码");
        return;
    }
    if (!Objects.equals(newPwd, reNewPwd)) {
        renderFail("两次新密码不一致");
        return;
    }

    oldPwd = HashKit.sha1(oldPwd);
    SysUser curUser = WebUtils.getSysUser(this);
    SysUser sysUser = SysUser.dao.findByUsernameAndPassword(curUser.getUsername(), oldPwd);
    if (sysUser == null) {
        renderFail("旧密码错误");
        return;
    }
    if ("1".equals(sysUser.getUserState())) {
        renderFail("用户被禁用,无法修改密码");
        return;
    }

    newPwd = HashKit.sha1(newPwd);
    sysUser.setPassword(newPwd);
    boolean updateFlag = sysUser.update();

    if (updateFlag) {
        renderSuccess("修改密码成功");
    } else {
        renderFail("修改密码失败");
    }
}
 
Example #11
Source File: UserPwdGenerate.java    From jpress with GNU Lesser General Public License v3.0 5 votes vote down vote up
@Test
public void generate() {
    String pwd = "123456";
    String salt = HashKit.generateSaltForSha256();

    String hashedPwd = HashKit.sha256(salt + pwd);

    System.out.println("login pwd : " + pwd);
    System.out.println("salt : " + salt);
    System.out.println("hashed pwd : " + hashedPwd);
}
 
Example #12
Source File: SignUtils.java    From jpress with GNU Lesser General Public License v3.0 5 votes vote down vote up
public static String signForRequest(Map<String, String> params, String secret) {
    String[] keys = params.keySet().toArray(new String[0]);
    Arrays.sort(keys);

    StringBuilder query = new StringBuilder();
    for (String key : keys) {
        String value = params.get(key);
        if (StrUtil.areNotEmpty(key, value)) {
            query.append(key).append(value);
        }
    }
    query.append(secret);
    return HashKit.md5(query.toString());
}
 
Example #13
Source File: QCloudSmsSender.java    From jpress with GNU Lesser General Public License v3.0 5 votes vote down vote up
@Override
public boolean send(SmsMessage sms) {

    String app_key = JPressOptions.get(JPressConsts.OPTION_CONNECTION_SMS_APPID);
    String app_secret = JPressOptions.get(JPressConsts.OPTION_CONNECTION_SMS_APPSECRET);

    String random = new Random().nextInt(1000000) + "";
    String time = System.currentTimeMillis() / 1000 + "";

    String srcStr = "appkey=" + app_secret + "&random=" + random + "&time=" + time + "&mobile=" + sms.getMobile();
    String sig = HashKit.sha256(srcStr);

    boolean hasCode = StrUtil.isNotBlank(sms.getCode());

    String postContent = (hasCode ? SMS_JSON.replace("{code}", sms.getCode()) : SMS_NO_CODE_JSON)
            .replace("{sig}", sig)
            .replace("{sign}", sms.getSign())
            .replace("{mobile}", sms.getMobile())
            .replace("{time}", time)
            .replace("{tpl_id}", sms.getTemplate());

    String url = "https://yun.tim.qq.com/v5/tlssmssvr/sendsms?sdkappid=" + app_key + "&random=" + random;

    String content = HttpUtil.httpPost(url, postContent);

    if (StrUtil.isBlank(content)) {
        return false;
    }

    JSONObject resultJson = JSON.parseObject(content);
    Integer result = resultJson.getInteger("result");
    if (result != null && result == 0) {
        return true;
    } else {
        LogKit.error("qcloud sms send error : " + content);
        return false;
    }
}
 
Example #14
Source File: StandaloneConfig.java    From jfinal-ext3 with Apache License 2.0 5 votes vote down vote up
@Test
	public void test() {
		StandaloneAppConfig.start();
		
		User u = new User();
		u.setId(1);
		u.setAddr(HashKit.generateSalt(12));
//		
		u.save();
//		
//		Table table = TableMapping.me().getTable(Zcq.class);
//		System.out.println(table.getName());
	}
 
Example #15
Source File: InstallController.java    From jpress with GNU Lesser General Public License v3.0 4 votes vote down vote up
/**
 * 初始化第一个用户
 *
 * @param username
 * @param pwd
 */
private void initFirstUser(String username, String pwd) {

    if (StrUtil.isBlank(username) || StrUtil.isBlank(pwd)) {
        return;
    }

    UserService userService = Aop.get(UserService.class);
    User user = userService.findById(1L);

    if (user == null) {
        user = new User();
        user.setNickname(username);
        user.setRealname(username);
        user.setCreateSource(User.SOURCE_WEB_REGISTER);
        user.setCreated(new Date());
        user.setActivated(new Date());
    }


    String salt = HashKit.generateSaltForSha256();
    String hashedPass = HashKit.sha256(salt + pwd);

    user.setSalt(salt);
    user.setPassword(hashedPass);

    user.setUsername(username);
    if (StrUtil.isEmail(username)) {
        user.setEmail(username.toLowerCase());
    }

    user.setStatus(User.STATUS_OK);
    userService.saveOrUpdate(user);


    RoleService roleService = Aop.get(RoleService.class);

    Role role = roleService.findById(1L);
    if (role == null) {
        role = new Role();
        role.setCreated(new Date());
    }

    role.setName("默认角色");
    role.setDescription("这个是系统自动创建的默认角色");
    role.setFlag(Role.ADMIN_FLAG);
    role.setModified(new Date());

    roleService.saveOrUpdate(role);

    Db.update("DELETE FROM `user_role_mapping` WHERE `user_id` = 1");
    Db.update("INSERT INTO `user_role_mapping` (`user_id`, `role_id`) VALUES (1, 1)");
}
 
Example #16
Source File: OauthController.java    From jpress with GNU Lesser General Public License v3.0 4 votes vote down vote up
/**
 * 用户授权成功
 *
 * @param ouser
 */
@Override
public void onAuthorizeSuccess(OauthUser ouser) {
    User user = null;
    switch (ouser.getSource()) {
        case "qq":
            user = userService.findFistByQQOpenid(ouser.getOpenId());
            break;
        case "wechat":
            user = userService.findFistByWxOpenid(ouser.getOpenId());
            break;
        case "weibo":
            user = userService.findFistByWeiboOpenid(ouser.getOpenId());
            break;
        case "github":
            user = userService.findFistByGithubOpenid(ouser.getOpenId());
            break;
        case "gitee":
            user = userService.findFistByGiteeOpenid(ouser.getOpenId());
            break;
        case "dingding":
            user = userService.findFistByDingdingOpenid(ouser.getOpenId());
            break;
        default:
            redirect("/user/login");
            return;
    }

    if (user == null) {
        user = UserInterceptor.getThreadLocalUser();
        if (user != null) {
            user.setAvatar(ouser.getAvatar());
            user.setNickname(ouser.getNickname());
            openidService.saveOrUpdate(user.getId(), ouser.getSource(), ouser.getOpenId());
            userService.update(user);
        }
    }

    if (user == null) {
        user = new User();
        user.setAvatar(ouser.getAvatar());
        user.setNickname(ouser.getNickname());
        user.setCreateSource(ouser.getSource());
        user.setCreated(new Date());
        user.setGender(ouser.getGender());
        user.setSalt(HashKit.generateSaltForSha256());
        user.setLogged(new Date());

        // 是否启用邮件验证
        boolean emailValidate = JPressOptions.getAsBool("reg_email_validate_enable");
        if (emailValidate) {
            user.setStatus(User.STATUS_REG);
        } else {
            user.setStatus(User.STATUS_OK);
        }

        //强制用户状态为未激活
        boolean isNotActivate = JPressOptions.getAsBool("reg_users_is_not_activate");
        if (isNotActivate) {
            user.setStatus(User.STATUS_REG);
        }

        Object id = userService.save(user);
        openidService.saveOrUpdate(id, ouser.getSource(), ouser.getOpenId());

    }

    CookieUtil.put(this, JPressConsts.COOKIE_UID, user.getId());
    String gotoUrl = JPressOptions.get("login_goto_url", "/ucenter");
    redirect(gotoUrl);
}
 
Example #17
Source File: PaymentKit.java    From jfinal-weixin with Apache License 2.0 4 votes vote down vote up
/**
 * 生成签名
 * @return
 */
public static String createSign(Map<String, String> params, String paternerKey) {
	String stringA = packageSign(params, false);
	String stringSignTemp = stringA + "&key=" + paternerKey;
	return HashKit.md5(stringSignTemp).toUpperCase();
}
 
Example #18
Source File: ShowapiExpressQuerier.java    From jpress with GNU Lesser General Public License v3.0 4 votes vote down vote up
@Override
public List<ExpressInfo> query(ExpressCompany company, String num) {

    String appId = JPressOptions.get("express_api_appid");
    String appSecret = JPressOptions.get("express_api_appsecret");

    String param = "{\"com\":\"" + company.getCode() + "\",\"num\":\"" + num + "\"}";
    String sign = HashKit.md5(param + appSecret + appId);
    HashMap params = new HashMap();
    params.put("showapi_appid", appId);
    params.put("com", sign);
    params.put("nu", num);
    params.put("contentType", "bodyString");
    params.put("showapi_sign", signRequest(params, appSecret));


    String result = HttpUtil.httpGet("http://route.showapi.com/64-19", params);
    if (StrUtil.isBlank(result)) {
        return null;
    }

    try {
        JSONObject object = JSONObject.parseObject(result);
        JSONObject body = object.getJSONObject("showapi_res_body");
        if (body != null) {
            JSONArray jsonArray = body.getJSONArray("data");
            if (jsonArray != null && jsonArray.size() > 0) {
                List<ExpressInfo> list = new ArrayList<>();
                for (int i = 0; i < jsonArray.size(); i++) {
                    JSONObject expObject = jsonArray.getJSONObject(i);
                    ExpressInfo ei = new ExpressInfo();
                    ei.setInfo(expObject.getString("context"));
                    ei.setTime(expObject.getString("time"));
                    list.add(ei);
                }
                return list;
            }
        }
    } catch (Exception ex) {
        LOG.error(ex.toString(), ex);
    }

    LOG.error(result);

    return null;
}
 
Example #19
Source File: _UserController.java    From jpress with GNU Lesser General Public License v3.0 4 votes vote down vote up
/**
 * 新增用户
 */
public void doAdd() {

    String pwd = getPara("newPwd");
    String confirmPwd = getPara("confirmPwd");
    User user = getBean(User.class);

    if (StrUtil.isBlank(pwd)) {
        renderJson(Ret.fail().set("message", "密码不能为空").set("errorCode", 3));
        return;
    }

    if (StrUtil.isBlank(confirmPwd)) {
        renderJson(Ret.fail().set("message", "确认密码不能为空").set("errorCode", 4));
        return;
    }

    if (pwd.equals(confirmPwd) == false) {
        renderJson(Ret.fail().set("message", "两次输入密码不一致").set("errorCode", 5));
        return;
    }

    User dbUser = userService.findFistByUsername(user.getUsername());
    if (dbUser != null) {
        renderJson(Ret.fail().set("message", "该用户名已经存在").set("errorCode", 10));
        return;
    }

    if (StrUtil.isNotBlank(user.getEmail())) {
        dbUser = userService.findFistByEmail(user.getEmail());
        if (dbUser != null) {
            renderJson(Ret.fail().set("message", "邮箱已经存在了").set("errorCode", 11));
            return;
        }
    }

    String salt = HashKit.generateSaltForSha256();
    String hashedPass = HashKit.sha256(salt + pwd);

    user.setSalt(salt);
    user.setPassword(hashedPass);
    user.setCreated(new Date());
    user.setStatus(User.STATUS_OK);
    user.setCreateSource(User.SOURCE_ADMIN_CREATE);

    userService.save(user);

    renderOkJson();
}
 
Example #20
Source File: LoginController.java    From my_curd with Apache License 2.0 4 votes vote down vote up
/**
 * 登录表单提交地址
 */
public void action() {
    String username = getPara("username");
    String password = getPara("password");

    /* username password 无效 */
    if (StrKit.isBlank(username)) {
        setAttr("errMsg", "请填写用户名。");
        render("login.ftl");
        return;
    }
    if (StrKit.isBlank(password)) {
        setAttr("errMsg", "请填写密码。");
        render("login.ftl");
        return;
    }
    SysUser sysUser = SysUser.dao.findByUsername(username);
    if (sysUser == null) {
        setAttr("errMsg", username + " 用户不存在。");
        render("login.ftl");
        return;
    }

    // 密码错误 n 次 锁定 m 分钟
    BaseCache<String, AtomicInteger> retryCache = CacheContainer.getLoginRetryLimitCache();
    AtomicInteger retryTimes = retryCache.getCache(username);
    if (retryTimes.get() >= LoginRetryLimitCache.RETRY_LIMIT) {
        setAttr("username", username);
        setAttr("errMsg", " 账号已被锁定, " + LoginRetryLimitCache.LOCK_TIME + "分钟后可自动解锁。 ");
        render("login.ftl");
        return;
    }
    password = HashKit.sha1(password);
    if (!sysUser.getPassword().equals(password)) {
        int nowRetryTimes = retryTimes.incrementAndGet();  // 错误次数 加 1
        setAttr("username", username);
        if ((LoginRetryLimitCache.RETRY_LIMIT - nowRetryTimes) == 0) {
            setAttr("errMsg", " 账号已被锁定, " + LoginRetryLimitCache.LOCK_TIME + "分钟后可自动解锁。 ");
        } else {
            setAttr("errMsg", " 密码错误, 再错误 "
                    + (LoginRetryLimitCache.RETRY_LIMIT - nowRetryTimes) + " 次账号将被锁定" + LoginRetryLimitCache.LOCK_TIME + "分钟。");
        }
        render("login.ftl");
        return;
    }
    retryCache.put(username, new AtomicInteger()); // 密码正确缓存数清0

    if (sysUser.getUserState().equals("1")) {
        setAttr("errMsg", username + " 用户被禁用,请联系管理员。");
        render("login.ftl");
        return;
    }

    /* username password 有效 */

    // 如果选中了记住密码且cookie信息不存在,生成新的cookie 信息
    String remember = getPara("remember");
    if ("on".equals(remember) && getCookie(USERNAME_KEY) == null) {
        setCookie(USERNAME_KEY, username, 60 * 60 * 24);  // 1天
        setCookie(PASSWORD_KEY, password, 60 * 60 * 24);
    }

    sysUser.setLastLoginTime(new Date());
    sysUser.update();

    afterLogin(sysUser);

    // 登录日志
    redirect("/dashboard");
}
 
Example #21
Source File: JbootWechatController.java    From jboot with Apache License 2.0 4 votes vote down vote up
@NotAction
    public void initJsSdkConfig() {

        JbootWechatConfig config = Jboot.config(JbootWechatConfig.class);


        // 1.拼接url(当前网页的URL,不包含#及其后面部分)
        String url = getRequest().getRequestURL().toString().split("#")[0];
        String query = getRequest().getQueryString();
        if (StrUtil.isNotBlank(query)) {
            url = url.concat("?").concat(query);
        }


//        JsTicket jsTicket = JsTicketApi.getTicket(JsTicketApi.JsApiType.jsapi);
        JsTicket jsTicket = WechatApis.getTicket(WechatApis.JsApiType.jsapi);

        String _wxJsApiTicket = jsTicket.getTicket();

        String noncestr = StrUtil.uuid();
        String timestamp = (System.currentTimeMillis() / 1000) + "";

        Map<String, String> _wxMap = new TreeMap<String, String>();
        _wxMap.put("noncestr", noncestr);
        _wxMap.put("timestamp", timestamp);
        _wxMap.put("jsapi_ticket", _wxJsApiTicket);
        _wxMap.put("url", url);

        //拼接字符串
        StringBuilder paramsBuilder = new StringBuilder();
        for (Map.Entry<String, String> param : _wxMap.entrySet()) {
            paramsBuilder.append(param.getKey()).append("=").append(param.getValue()).append("&");
        }
        String signString = paramsBuilder.substring(0, paramsBuilder.length() - 1);

        //签名
        String signature = HashKit.sha1(signString);

        setAttr("wechatDebug", config.getDebug());
        setAttr("wechatAppId", getApiConfig().getAppId());
        setAttr("wechatNoncestr", noncestr);
        setAttr("wechatTimestamp", timestamp);
        setAttr("wechatSignature", signature);

    }
 
Example #22
Source File: CookieUtil.java    From jboot with Apache License 2.0 4 votes vote down vote up
private static String encrypt(String secretKey, Object saveTime, Object maxAgeInSeconds, String value) {
    if (JbootWebConfig.DEFAULT_COOKIE_ENCRYPT_KEY.equals(secretKey)) {
        log.warn("warn!!! encrypt key is defalut value. please config \"jboot.web.cookieEncryptKey = xxx\" in jboot.properties ");
    }
    return HashKit.md5(secretKey + saveTime.toString() + maxAgeInSeconds.toString() + value);
}
 
Example #23
Source File: SignatureCheckKit.java    From jfinal-weixin with Apache License 2.0 3 votes vote down vote up
/**
 * php 示例
 *  $signature = $_GET["signature"];
       $timestamp = $_GET["timestamp"];
       $nonce = $_GET["nonce"];	
       		
	$token = TOKEN;
	$tmpArr = array($token, $timestamp, $nonce);
	sort($tmpArr, SORT_STRING);
	$tmpStr = implode( $tmpArr );
	$tmpStr = sha1( $tmpStr );
	
	if( $tmpStr == $signature ){
		return true;
	}else{
		return false;
	}
 * @return
 */
public boolean checkSignature(String signature, String timestamp, String nonce) {
	String TOKEN = ApiConfigKit.getApiConfig().getToken();
	String array[] = {TOKEN, timestamp, nonce};
	Arrays.sort(array);
	String tempStr = new StringBuilder().append(array[0] + array[1] + array[2]).toString();
	tempStr = HashKit.sha1(tempStr);
	return tempStr.equalsIgnoreCase(signature);
}
 
Example #24
Source File: RandomKit.java    From jfinal-ext3 with Apache License 2.0 2 votes vote down vote up
/**
 *  随机字符串再 md5:UUID方式
 * @return
 */
public static String randomMD5Str(){
	return HashKit.md5(randomStr());
}