org.apache.shiro.crypto.hash.Md5Hash Java Examples
The following examples show how to use
org.apache.shiro.crypto.hash.Md5Hash.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: UserController__.java From wangmarket with Apache License 2.0 | 6 votes |
|
/**
* 修改密码
* @param oldPassword 原密码
* @param newPassword 新密码
*/
@RequiresPermissions("userUpdatePassword${url.suffix}")
@RequestMapping(value="updatePassword", method = RequestMethod.POST)
public String updatePassword(HttpServletRequest request, String oldPassword,String newPassword,Model model){
if(oldPassword==null){
ActionLogCache.insert(request, "修改密码", "失败:未输入密码");
return error(model, "请输入旧密码");
}else{
User uu=sqlService.findById(User.class, getUser().getId());
//将输入的原密码进行加密操作,判断原密码是否正确
if(new Md5Hash(oldPassword, uu.getSalt(),Global.USER_PASSWORD_SALT_NUMBER).toString().equals(uu.getPassword())){
BaseVO vo = userService.updatePassword(getUserId(), newPassword);
if(vo.getResult() - BaseVO.SUCCESS == 0){
ActionLogCache.insert(request, "修改密码", "成功");
return success(model, "修改成功");
}else{
ActionLogCache.insert(request, "修改密码", "失败:"+vo.getInfo());
return error(model, vo.getInfo());
}
}else{
ActionLogCache.insert(request, "修改密码", "失败:原密码错误");
return error(model, "原密码错误!");
}
}
}
Example #2
| Source File: UserAuthenticationProvider.java From biliob_backend with MIT License | 6 votes |
|
@Override
public Authentication authenticate(Authentication authentication) {
String name = authentication.getPrincipal().toString();
String password = authentication.getCredentials().toString();
User user = UserUtils.getPasswdAndRole(name);
String encodedPassword = new Md5Hash(password, user.getName()).toHex();
if (encodedPassword.equals(user.getPassword())) {
mongoTemplate.updateFirst(Query.query(
new Criteria()
.orOperator(Criteria.where("name").is(name), Criteria.where("mail").is(name))),
Update.update("password", bcryptPasswordEncoder.encode(password)), User.class);
user.setPassword(bcryptPasswordEncoder.encode(password));
}
if (bcryptPasswordEncoder.matches(password, user.getPassword())) {
Collection<GrantedAuthority> authorityCollection = new ArrayList<>();
authorityCollection.add(new SimpleGrantedAuthority(user.getRole()));
return new UsernamePasswordAuthenticationToken(name, password, authorityCollection);
}
throw new BadCredentialsException(ResultEnum.LOGIN_FAILED.getMsg());
}
Example #3
| Source File: UserController.java From MyBlog with Apache License 2.0 | 6 votes |
|
@PostMapping("register")
@ResponseBody
public MyResponse register(@NotBlank String username, @NotBlank String password) {
if (ParamCheck.hasSpecialChar(username)) {
return MyResponse.createResponse(ResponseEnum.ILLEGAL_PARAM,"special character");
}
String securityPassword = new Md5Hash(password, username, 5).toString();
if (userService.queryUserByName(username) != null) {
return MyResponse.createResponse(ResponseEnum.USER_EXIST);
}
//虽然上面检查了是否有同名用户,因为并发原因,添加用户的时候可能还会用户名重复,addCommonUser会返回false,最终给前端返回未知错误
if (userService.addCommonUser(new UserPo(username, securityPassword, RoleEnum.COMMON.getRoleName()))) {
//发送有用户登陆的mq消息
mqSender.send2queue(username);
return MyResponse.createResponse(ResponseEnum.SUCC);
}
return MyResponse.createResponse(ResponseEnum.FAIL);
}
Example #4
| Source File: UserController.java From zhcc-server with Apache License 2.0 | 6 votes |
|
@PutMapping("/me")
public ResponseEntity<Integer> updateCurrentUser(@RequestHeader(value="X-Token") String token, @RequestBody UserDetailVO userDetail) {
String currentUserId = this.getSubjectFromJwt(jwtUtils, token, "userId");
UserDTO dto = new UserDTO();
dto.setId(Integer.parseInt(currentUserId));
dto.setName(userDetail.getName());
dto.setLoginName(userDetail.getLoginName());
if(!StringUtils.isBlank(userDetail.getPassword())) {
// 随机生成salt
SecureRandomNumberGenerator secureRandomNumberGenerator = new SecureRandomNumberGenerator();
String salt = secureRandomNumberGenerator.nextBytes().toHex();
// Md5密码
Md5Hash md5 = new Md5Hash(userDetail.getPassword(), salt, 6);
String md5Password = md5.toHex();
dto.setSalt(salt);
dto.setPassword(md5Password);
}
int rows = this.userService.updateCurrentUser(dto);
return rows > 0 ? ResponseEntity.status(HttpStatus.CREATED).body(rows) :
ResponseEntity.notFound().build();
}
Example #5
| Source File: UserController.java From zhcc-server with Apache License 2.0 | 6 votes |
|
@PutMapping("/{id}/password")
public ResponseEntity<Integer> changePassword(@PathVariable("id") int userId, String password) {
// 随机生成salt
SecureRandomNumberGenerator secureRandomNumberGenerator = new SecureRandomNumberGenerator();
String salt = secureRandomNumberGenerator.nextBytes().toHex();
// Md5密码
Md5Hash md5 = new Md5Hash(password, salt, 6);
String md5Password = md5.toHex();
int rows = userService.changePassword(userId, salt, md5Password);
if(rows > 0) {
return ResponseEntity.status(HttpStatus.CREATED).body(rows);
}
return ResponseEntity.notFound().build();
}
Example #6
| Source File: UserController.java From zhcc-server with Apache License 2.0 | 6 votes |
|
@PostMapping("")
public ResponseEntity<UserDetailVO> saveUser(@RequestBody UserDetailVO vo, @RequestHeader(value="X-Token") String token) {
String currentUserId = this.getSubjectFromJwt(jwtUtils, token, "userId");
UserDTO dto = new UserDTO();
dto.setName(vo.getName());
dto.setLoginName(vo.getLoginName());
dto.setCreatorId(Integer.parseInt(currentUserId));
dto.setRoleIds(vo.getRoleIds());
// 随机生成salt
SecureRandomNumberGenerator secureRandomNumberGenerator = new SecureRandomNumberGenerator();
String salt = secureRandomNumberGenerator.nextBytes().toHex();
Md5Hash md5 = new Md5Hash(vo.getPassword(), salt, 6);
// 设置盐
dto.setSalt(salt);
// 设置新密码
String md5Password = md5.toHex();
dto.setPassword(md5Password);
UserDTO user = userService.saveUser(dto);
vo.setId(user.getId());
return ResponseEntity.status(HttpStatus.CREATED).body(vo);
}
Example #7
| Source File: UserServiceImpl.java From wangmarket with Apache License 2.0 | 6 votes |
|
public BaseVO updatePassword(int userid, String newPassword) {
BaseVO baseVO = new BaseVO();
if(!(userid > 0)){
return BaseVO.failure("userid is null");
}
if(newPassword == null || newPassword.length() == 0){
return BaseVO.failure("新密码不能为空");
}
User user=sqlDAO.findById(User.class, userid);
String md5Password = new Md5Hash(newPassword, user.getSalt(),Global.USER_PASSWORD_SALT_NUMBER).toString();
user.setPassword(md5Password);
sqlDAO.save(user);
return baseVO;
}
Example #8
| Source File: ApiController.java From WebStack-Guns with MIT License | 5 votes |
|
/**
* api登录接口,通过账号密码获取token
*/
@RequestMapping("/auth")
public Object auth(@RequestParam("username") String username,
@RequestParam("password") String password) {
//封装请求账号密码为shiro可验证的token
UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(username, password.toCharArray());
//获取数据库中的账号密码,准备比对
User user = userMapper.getByAccount(username);
String credentials = user.getPassword();
String salt = user.getSalt();
ByteSource credentialsSalt = new Md5Hash(salt);
SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(
new ShiroUser(), credentials, credentialsSalt, "");
//校验用户账号密码
HashedCredentialsMatcher md5CredentialsMatcher = new HashedCredentialsMatcher();
md5CredentialsMatcher.setHashAlgorithmName(ShiroKit.hashAlgorithmName);
md5CredentialsMatcher.setHashIterations(ShiroKit.hashIterations);
boolean passwordTrueFlag = md5CredentialsMatcher.doCredentialsMatch(
usernamePasswordToken, simpleAuthenticationInfo);
if (passwordTrueFlag) {
HashMap<String, Object> result = new HashMap<>();
result.put("token", JwtTokenUtil.generateToken(String.valueOf(user.getId())));
return result;
} else {
return new ErrorResponseData(500, "账号密码错误!");
}
}
Example #9
| Source File: UserAuthServiceServiceImpl.java From WebStack-Guns with MIT License | 5 votes |
|
@Override
public SimpleAuthenticationInfo info(ShiroUser shiroUser, User user, String realmName) {
String credentials = user.getPassword();
// 密码加盐处理
String source = user.getSalt();
ByteSource credentialsSalt = new Md5Hash(source);
return new SimpleAuthenticationInfo(shiroUser, credentials, credentialsSalt, realmName);
}
Example #10
| Source File: CustomRealm.java From wangmarket with Apache License 2.0 | 5 votes |
|
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException{
// token是用户输入的用户名和密码
// 第一步从token中取出用户名
String username = (String) token.getPrincipal();
SqlService sqlService = SpringContextUtils.getBean(SqlServiceImpl.class);
RoleService roleService = SpringContextUtils.getBean(RoleServiceImpl.class);
User user = sqlService.findAloneBySqlQuery("SELECT * FROM user WHERE username = '"+username+"'", User.class);
if(user!=null){
user.setLasttime(DateUtil.timeForUnix10());
sqlService.save(user);
}
if (user != null) {
ActiveUser activeUser = new ActiveUser();
activeUser.setUser(user);
//根据用户id查询权限url
List<Permission> permissions = roleService.findPermissionByUser(user);
activeUser.setPermissions(permissions);
//转换为树状集合
List<PermissionTree> permissionTreeList = new ShiroFunc().PermissionToTree(new ArrayList<Permission>(), permissions);
activeUser.setPermissionTreeList(permissionTreeList);
String md5Password = new Md5Hash(user.getUsername(), user.getSalt(), 2).toString();
//将activeUser设置simpleAuthenticationInfo
SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(
activeUser, md5Password,ByteSource.Util.bytes(user.getSalt()), this.getName());
return simpleAuthenticationInfo;
}
return null;
}
Example #11
| Source File: UserServiceImpl.java From biliob_backend with MIT License | 5 votes |
|
@Override
public ResponseEntity login(String name, String passwd) {
User user =
mongoTemplate.findOne(
Query.query(
new Criteria()
.orOperator(Criteria.where("name").is(name), Criteria.where("mail").is(name))),
User.class,
"user");
if (user == null) {
return new ResponseEntity<>(new Result<String>(ResultEnum.LOGIN_FAILED), HttpStatus.UNAUTHORIZED);
}
String inputName = user.getName();
String encodedPassword = new Md5Hash(passwd, inputName).toHex();
Subject subject = SecurityUtils.getSubject();
User tempUser = userRepository.findByName(inputName);
if (tempUser == null) {
return new ResponseEntity<>(new Result(ResultEnum.LOGIN_FAILED), HttpStatus.UNAUTHORIZED);
}
if (tempUser.getPassword() == null) {
tempUser.setPassword(encodedPassword);
userRepository.save(tempUser);
}
UsernamePasswordToken token = new UsernamePasswordToken(inputName, encodedPassword);
token.setRememberMe(true);
subject.login(token);
String role = getRole(inputName);
UserServiceImpl.logger.info("{}:{} 登录成功", role, inputName);
return new ResponseEntity<>(new Result(ResultEnum.LOGIN_SUCCEED, getUserInfo()), HttpStatus.OK);
}
Example #12
| Source File: ShiroFactroy.java From web-flash with MIT License | 5 votes |
|
public SimpleAuthenticationInfo info(ShiroUser shiroUser, User user, String realmName) {
String credentials = user.getPassword();
// 密码加盐处理
String source = user.getSalt();
ByteSource credentialsSalt = new Md5Hash(source);
return new SimpleAuthenticationInfo(shiroUser, credentials, credentialsSalt, realmName);
}
Example #13
| Source File: ShiroFactroy.java From flash-waimai with MIT License | 5 votes |
|
public SimpleAuthenticationInfo info(ShiroUser shiroUser, User user, String realmName) {
String credentials = user.getPassword();
// 密码加盐处理
String source = user.getSalt();
ByteSource credentialsSalt = new Md5Hash(source);
return new SimpleAuthenticationInfo(shiroUser, credentials, credentialsSalt, realmName);
}
Example #14
| Source File: UserService.java From Shiro-Action with MIT License | 5 votes |
|
@Transactional
public Integer add(User user, Integer[] roleIds) {
checkUserNameExistOnCreate(user.getUsername());
String salt = generateSalt();
String encryptPassword = new Md5Hash(user.getPassword(), salt).toString();
user.setSalt(salt);
user.setPassword(encryptPassword);
userMapper.insert(user);
grantRole(user.getUserId(), roleIds);
return user.getUserId();
}
Example #15
| Source File: MD5Util.java From cjs_ssms with GNU General Public License v2.0 | 5 votes |
|
/**
* 指定加密盐
* @param str
* @param salt
* @return
*/
public static String md5(String str, String salt){
if (StringUtil.isNullOrEmpty(salt)) {
salt = DEFAULT_SALT;
}
return new Md5Hash(str,salt).toString() ;
}
Example #16
| Source File: ShiroFactroy.java From MeetingFilm with Apache License 2.0 | 5 votes |
|
@Override
public SimpleAuthenticationInfo info(ShiroUser shiroUser, User user, String realmName) {
String credentials = user.getPassword();
// 密码加盐处理
String source = user.getSalt();
ByteSource credentialsSalt = new Md5Hash(source);
return new SimpleAuthenticationInfo(shiroUser, credentials, credentialsSalt, realmName);
}
Example #17
| Source File: AuthController.java From zhcc-server with Apache License 2.0 | 5 votes |
|
@PostMapping("/token")
public ResponseEntity<?> getToken(HttpServletRequest request, String loginName, String password) {
// 验证用户信息
UserDTO user = userService.getByLoginName(loginName);
if(user == null) {
return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("用户名不存在!");
}
if(user.getLocked()) {
return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("该账户被锁定!");
}
Md5Hash md5 = new Md5Hash(password, user.getSalt(), 6);
String md5Password = md5.toHex();
if(!md5Password.equals(user.getPassword())) {
return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("登录失败,用户名或密码错误!");
}
// 得到可访问的router
List<RouterDTO> dtoList = routerService.listAuthorizedRouter(user.getId());
List<RouterNavVO> voList = new ArrayList<RouterNavVO>(dtoList.size());
for(RouterDTO dto : dtoList) {
RouterNavVO vo = new RouterNavVO();
BeanUtils.copyProperties(dto, vo);
voList.add(vo);
}
Map<String, Object> response = new HashMap<String, Object>();
response.put("userId", user.getId().toString());
response.put("username", user.getName());
response.put("routers", voList);
JSONObject json = new JSONObject();
json.put("userId", user.getId());
json.put("username", user.getName());
json.put("host", request.getRemoteHost());
response.put("token", jwtUtils.createJWT(json.toJSONString()));
return ResponseEntity.ok(response);
}
Example #18
| Source File: SaltUtil.java From HA-DB with BSD 3-Clause "New" or "Revised" License | 4 votes |
|
public static String getSalt(String username, String password) {
StringBuffer sb = null;
sb = new StringBuffer();
sb.append(username).append(password);
return new Md5Hash(sb.toString(), RandomStringUtils.randomNumeric(6)).toHex();
}
Example #19
| Source File: CryptographyUtil.java From songjhh_blog with Apache License 2.0 | 4 votes |
|
public static String md5(String str,String salt) {
return new Md5Hash(str,salt).toString();
}
Example #20
| Source File: RetryLimitMd5CredentialsMatcher.java From java-platform with Apache License 2.0 | 4 votes |
|
public RetryLimitMd5CredentialsMatcher(CacheManager cacheManager, Integer maxRetryCount) {
passwordRetryCache = cacheManager.getCache("password_retry");
this.maxRetryCount = maxRetryCount;
setHashAlgorithmName(Md5Hash.ALGORITHM_NAME);
}
Example #21
| Source File: AgencyUserController.java From wangmarket with Apache License 2.0 | 4 votes |
|
/**
* 注册User,代理商开通用户网站
* @param user
* @param request
* @param isAgency 是否是开通的普通代理,true,是开通普通代理
* @return 生成的用户User对象
*/
private UserVO regUsersss(User user, HttpServletRequest request, boolean isAgency) {
UserVO baseVO = new UserVO();
user.setUsername(filter(user.getUsername()));
user.setEmail(filter(user.getEmail()));
user.setPhone(filter(user.getPhone()));
//判断用户名、邮箱、手机号是否有其中为空的
if(user.getUsername()==null||user.getUsername().equals("")){
baseVO.setBaseVO(BaseVO.FAILURE, Language.show("user_userNameToLong"));
}
//判断用户名、邮箱、手机号是否有其中已经注册了,唯一性
//判断用户名唯一性
if(sqlService.findByProperty(User.class, "username", user.getUsername()).size() > 0){
baseVO.setBaseVO(BaseVO.FAILURE, Language.show("user_regFailureForUsernameAlreadyExist"));
return baseVO;
}
//判断邮箱是否被注册了,若被注册了,则邮箱设置为空
if(sqlService.findByProperty(User.class, "email", user.getEmail()).size() > 0){
user.setEmail("");
}
//判断手机号是否被用过。若被用过了,则自动将手机号给抹除,不写入User表
if(user.getPhone() != null && user.getPhone().length() > 0){
if(sqlService.findByProperty(User.class, "phone", user.getPhone()).size() > 0){
if(isAgency){
//如果是创建代理,手机号必须的,并且唯一
baseVO.setBaseVO(BaseVO.FAILURE, Language.show("user_regFailureForPhoneAlreadyExist"));
return baseVO;
}else{
//如果只是建站,则可以允许手机号为空
user.setPhone("");
}
}
}
user.setRegip(IpUtil.getIpAddress(request));
user.setLastip(IpUtil.getIpAddress(request));
user.setRegtime(DateUtil.timeForUnix10());
user.setLasttime(DateUtil.timeForUnix10());
user.setNickname(user.getUsername());
user.setAuthority(isAgency? Global.get("AGENCY_ROLE")+"":Global.get("USER_REG_ROLE")); //设定是普通代理,还是会员权限
user.setCurrency(0);
user.setFreezemoney(0F);
user.setMoney(0F);
user.setIsfreeze(User.ISFREEZE_NORMAL);
user.setHead("default.png");
user.setIdcardauth(User.IDCARDAUTH_NO);
if(getUserId() > 0){
user.setReferrerid(getUserId()); //设定用户的上级是当前代理商本人
}
Random random = new Random();
user.setSalt(random.nextInt(10)+""+random.nextInt(10)+""+random.nextInt(10)+""+random.nextInt(10)+"");
String md5Password = new Md5Hash(user.getPassword(), user.getSalt(),Global.USER_PASSWORD_SALT_NUMBER).toString();
user.setPassword(md5Password);
sqlService.save(user);
if(user.getId()>0){
//赋予该用户系统设置的默认角色,是代理,还是会员
UserRole userRole = new UserRole();
int roleid = 0;
if(isAgency){
roleid = Global.getInt("AGENCY_ROLE");
}else{
roleid = Global.getInt("USER_REG_ROLE");
}
userRole.setRoleid(roleid);
userRole.setUserid(user.getId());
sqlService.save(userRole);
baseVO.setBaseVO(BaseVO.SUCCESS, Language.show("user_regSuccess"));
baseVO.setUser(user);
}else{
baseVO.setBaseVO(BaseVO.FAILURE, Language.show("user_regFailure"));
}
return baseVO;
}
Example #22
| Source File: TransactionalServiceImpl.java From wangmarket with Apache License 2.0 | 4 votes |
|
@Override
public UserVO regUser(User user, HttpServletRequest request,
boolean isAgency) {
UserVO baseVO = new UserVO();
user.setUsername(StringUtil.filterXss(user.getUsername()));
user.setEmail(Safety.filter(user.getEmail()));
user.setPhone(Safety.filter(user.getPhone()));
//判断用户名、邮箱、手机号是否有其中为空的
if(user.getUsername()==null||user.getUsername().equals("")){
baseVO.setBaseVO(BaseVO.FAILURE, Language.show("user_userNameToLong"));
}
//判断用户名、邮箱、手机号是否有其中已经注册了,唯一性
//判断用户名唯一性
if(sqlDAO.findByProperty(User.class, "username", user.getUsername()).size() > 0){
baseVO.setBaseVO(BaseVO.FAILURE, Language.show("user_regFailureForUsernameAlreadyExist"));
return baseVO;
}
//判断邮箱是否被注册了,若被注册了,则邮箱设置为空
if(sqlDAO.findByProperty(User.class, "email", user.getEmail()).size() > 0){
user.setEmail("");
}
//判断手机号是否被用过。若被用过了,则自动将手机号给抹除,不写入User表
if(user.getPhone() != null && user.getPhone().length() > 0){
if(sqlDAO.findByProperty(User.class, "phone", user.getPhone()).size() > 0){
if(isAgency){
//如果是创建代理,手机号必须的,并且唯一
baseVO.setBaseVO(BaseVO.FAILURE, Language.show("user_regFailureForPhoneAlreadyExist"));
return baseVO;
}else{
//如果只是建站,则可以允许手机号为空
user.setPhone("");
}
}
}
user.setRegip(IpUtil.getIpAddress(request));
user.setLastip(IpUtil.getIpAddress(request));
user.setRegtime(DateUtil.timeForUnix10());
user.setLasttime(DateUtil.timeForUnix10());
user.setNickname(user.getUsername());
user.setAuthority(isAgency? Global.get("AGENCY_ROLE")+"":Global.get("USER_REG_ROLE")); //设定是普通代理,还是会员权限
user.setCurrency(0);
user.setFreezemoney(0F);
user.setMoney(0F);
user.setIsfreeze(User.ISFREEZE_NORMAL);
user.setHead("default.png");
user.setIdcardauth(User.IDCARDAUTH_NO);
Random random = new Random();
user.setSalt(random.nextInt(10)+""+random.nextInt(10)+""+random.nextInt(10)+""+random.nextInt(10)+"");
String md5Password = new Md5Hash(user.getPassword(), user.getSalt(),Global.USER_PASSWORD_SALT_NUMBER).toString();
user.setPassword(md5Password);
sqlDAO.save(user);
if(user.getId()>0){
//赋予该用户系统设置的默认角色,是代理,还是会员
UserRole userRole = new UserRole();
int roleid = 0;
if(isAgency){
roleid = Global.getInt("AGENCY_ROLE");
}else{
roleid = Global.getInt("USER_REG_ROLE");
}
userRole.setRoleid(roleid);
userRole.setUserid(user.getId());
sqlDAO.save(userRole);
baseVO.setBaseVO(BaseVO.SUCCESS, Language.show("user_regSuccess"));
baseVO.setUser(user);
}else{
baseVO.setBaseVO(BaseVO.FAILURE, Language.show("user_regFailure"));
}
return baseVO;
}
Example #23
| Source File: MD5.java From spring-boot-demo with MIT License | 4 votes |
|
public static String md5(String str, String salt) {
return new Md5Hash(str, salt).toString();
}
Example #24
| Source File: UserServiceImpl.java From wangmarket with Apache License 2.0 | 4 votes |
|
public BaseVO loginByUsernameAndPassword(HttpServletRequest request, String username, String password){
username = Safety.filter(username);
BaseVO baseVO = new BaseVO();
if(username==null || username.length() == 0 ){
baseVO.setBaseVO(BaseVO.FAILURE, Language.show("user_loginUserOrEmailNotNull"));
return baseVO;
}
if(password==null || password.length() == 0){
baseVO.setBaseVO(BaseVO.FAILURE, Language.show("user_loginPasswordNotNull"));
return baseVO;
}
//判断是用户名还是邮箱登陆的,进而查询邮箱或者用户名,进行登录
List<User> l = sqlDAO.findByProperty(User.class, username.indexOf("@")>-1? "email":"username", username);
if(l!=null && l.size()>0){
User user = l.get(0);
String md5Password = new Md5Hash(password, user.getSalt(),Global.USER_PASSWORD_SALT_NUMBER).toString();
//检验密码是否正确
if(md5Password.equals(user.getPassword())){
//检验此用户状态是否正常,是否被冻结
if(user.getIsfreeze() == User.ISFREEZE_FREEZE){
baseVO.setBaseVO(BaseVO.FAILURE, Language.show("user_loginUserFreeze"));
return baseVO;
}
user.setLasttime(DateUtil.timeForUnix10());
user.setLastip(IpUtil.getIpAddress(request));
sqlDAO.save(user);
UsernamePasswordToken token = new UsernamePasswordToken(user.getUsername(), user.getUsername());
token.setRememberMe(false);
Subject currentUser = SecurityUtils.getSubject();
try {
currentUser.login(token);
} catch ( UnknownAccountException uae ) {
java.lang.System.out.println("UnknownAccountException:"+uae.getMessage());
} catch ( IncorrectCredentialsException ice ) {
java.lang.System.out.println("IncorrectCredentialsException:"+ice.getMessage());
} catch ( LockedAccountException lae ) {
java.lang.System.out.println("LockedAccountException:"+lae.getMessage());
} catch ( ExcessiveAttemptsException eae ) {
java.lang.System.out.println("ExcessiveAttemptsException:"+eae.getMessage());
} catch ( org.apache.shiro.authc.AuthenticationException ae ) {
java.lang.System.out.println("AuthenticationException:"+ae.getMessage());
}
// logDao.insert("USER_LOGIN_SUCCESS");
baseVO.setBaseVO(BaseVO.SUCCESS, Language.show("user_loginSuccess"));
}else{
baseVO.setBaseVO(BaseVO.FAILURE, Language.show("user_loginPasswordFailure"));
}
}else{
baseVO.setBaseVO(BaseVO.FAILURE, Language.show("user_loginUserNotFind"));
}
return baseVO;
}
Example #25
| Source File: UserServiceImpl.java From wangmarket with Apache License 2.0 | 4 votes |
|
public String generateMd5Password(String originalPassword, String salt){
return new Md5Hash(originalPassword, salt ,Global.USER_PASSWORD_SALT_NUMBER).toString();
}
Example #26
| Source File: SysPasswordService.java From RuoYi with Apache License 2.0 | 4 votes |
|
public String encryptPassword(String username, String password, String salt) {
return new Md5Hash(username + password + salt).toHex();
}
Example #27
| Source File: PasswordService.java From LuckyFrameWeb with GNU Affero General Public License v3.0 | 4 votes |
|
public String encryptPassword(String username, String password, String salt)
{
return new Md5Hash(username + password + salt).toHex();
}
Example #28
| Source File: UserService.java From Shiro-Action with MIT License | 4 votes |
|
public void updatePasswordByUserId(Integer userId, String password) {
String salt = generateSalt();
String encryptPassword = new Md5Hash(password, salt).toString();
userMapper.updatePasswordByUserId(userId, encryptPassword, salt);
}
Example #29
| Source File: SysPasswordService.java From supplierShop with MIT License | 4 votes |
|
public String encryptPassword(String username, String password, String salt)
{
return new Md5Hash(username + password + salt).toHex().toString();
}
Example #30
| Source File: AES.java From arcusplatform with Apache License 2.0 | 4 votes |
|
private byte[] md5(String str) throws Exception {
return new Md5Hash(str).getBytes();
}
