Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
yujianwangzivayy
MaxKey
提交
5828d2fd
MaxKey
项目概览
yujianwangzivayy
/
MaxKey
与 Fork 源项目一致
Fork自
MaxKey单点登录官方(MaxKeyTop) / MaxKey
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
MaxKey
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
5828d2fd
编写于
9月 01, 2020
作者:
MaxKey单点登录官方
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
PASSWORD_POLICY
上级
ab0b5959
变更
3
隐藏空白更改
内联
并排
Showing
3 changed file
with
77 addition
and
70 deletion
+77
-70
maxkey-core/src/main/java/org/maxkey/persistence/db/PasswordPolicyValidator.java
...va/org/maxkey/persistence/db/PasswordPolicyValidator.java
+4
-1
maxkey-persistence/src/main/java/org/maxkey/persistence/service/UserInfoService.java
.../java/org/maxkey/persistence/service/UserInfoService.java
+67
-19
maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/SafeController.java
...c/main/java/org/maxkey/web/contorller/SafeController.java
+6
-50
未找到文件。
maxkey-core/src/main/java/org/maxkey/persistence/db/PasswordPolicyValidator.java
浏览文件 @
5828d2fd
...
...
@@ -65,7 +65,10 @@ public class PasswordPolicyValidator {
MessageSource
messageSource
;
public
static
final
String
PASSWORD_POLICY_VALIDATE_RESULT
=
"PASSWORD_POLICY_SESSION_VALIDATE_RESULT_KEY"
;
private
static
final
String
PASSWORD_POLICY_KEY
=
"PASSWORD_POLICY_KEY"
;
private
static
final
String
LOCK_USER_UPDATE_STATEMENT
=
"UPDATE MXK_USERINFO SET ISLOCKED = ? , UNLOCKTIME = ? WHERE ID = ?"
;
private
static
final
String
PASSWORD_POLICY_SELECT_STATEMENT
=
"SELECT * FROM MXK_PASSWORD_POLICY "
;
...
...
@@ -192,7 +195,7 @@ public class PasswordPolicyValidator {
passwordPolicyMessage
=
passwordPolicyMessage
+
msg
+
"<br>"
;
_logger
.
debug
(
"Rule Message "
+
msg
);
}
WebContext
.
setAttribute
(
PasswordPolicyValidator
.
class
.
getName
()
,
passwordPolicyMessage
);
WebContext
.
setAttribute
(
PasswordPolicyValidator
.
PASSWORD_POLICY_VALIDATE_RESULT
,
passwordPolicyMessage
);
return
false
;
}
}
...
...
maxkey-persistence/src/main/java/org/maxkey/persistence/service/UserInfoService.java
浏览文件 @
5828d2fd
...
...
@@ -180,30 +180,78 @@ public class UserInfoService extends JpaBaseService<UserInfo> {
}
public
boolean
changePassword
(
UserInfo
userInfo
)
{
public
boolean
changePassword
(
String
oldPassword
,
String
newPassword
,
String
confirmPassword
)
{
try
{
WebContext
.
setAttribute
(
PasswordPolicyValidator
.
PASSWORD_POLICY_VALIDATE_RESULT
,
""
);
UserInfo
userInfo
=
WebContext
.
getUserInfo
();
UserInfo
changeUserInfo
=
new
UserInfo
();
changeUserInfo
.
setUsername
(
userInfo
.
getUsername
());
changeUserInfo
.
setPassword
(
newPassword
);
changeUserInfo
.
setId
(
userInfo
.
getId
());
changeUserInfo
.
setDecipherable
(
userInfo
.
getDecipherable
());
if
(
newPassword
.
equals
(
confirmPassword
)){
if
(
oldPassword
==
null
||
passwordEncoder
.
matches
(
oldPassword
,
changeUserInfo
.
getPassword
())){
if
(
changePassword
(
changeUserInfo
)
){
userInfo
.
setPassword
(
changeUserInfo
.
getPassword
());
userInfo
.
setDecipherable
(
changeUserInfo
.
getDecipherable
());
return
true
;
}
return
false
;
}
else
{
if
(
oldPassword
!=
null
&&
passwordEncoder
.
matches
(
newPassword
,
userInfo
.
getPassword
()))
{
WebContext
.
setAttribute
(
PasswordPolicyValidator
.
PASSWORD_POLICY_VALIDATE_RESULT
,
WebContext
.
getI18nValue
(
"PasswordPolicy.OLD_PASSWORD_MATCH"
));
}
else
{
WebContext
.
setAttribute
(
PasswordPolicyValidator
.
PASSWORD_POLICY_VALIDATE_RESULT
,
WebContext
.
getI18nValue
(
"PasswordPolicy.OLD_PASSWORD_NOT_MATCH"
));
}
}
}
else
{
WebContext
.
setAttribute
(
PasswordPolicyValidator
.
PASSWORD_POLICY_VALIDATE_RESULT
,
WebContext
.
getI18nValue
(
"PasswordPolicy.CONFIRMPASSWORD_NOT_MATCH"
));
}
}
catch
(
Exception
e
)
{
e
.
printStackTrace
();
}
if
(
passwordPolicyValidator
.
validator
(
userInfo
)
==
false
)
{
return
false
;
}
if
(
WebContext
.
getUserInfo
()
!=
null
)
{
userInfo
.
setModifiedBy
(
WebContext
.
getUserInfo
().
getId
());
}
userInfo
=
passwordEncoder
(
userInfo
);
if
(
getMapper
().
changePassword
(
userInfo
)
>
0
){
changePasswordProvisioning
(
userInfo
);
return
true
;
}
return
false
;
}
catch
(
Exception
e
)
{
e
.
printStackTrace
();
}
return
false
;
}
public
boolean
changePassword
(
UserInfo
changeUserInfo
)
{
try
{
_logger
.
debug
(
"decipherable old : "
+
changeUserInfo
.
getDecipherable
());
_logger
.
debug
(
"decipherable new : "
+
ReciprocalUtils
.
encode
(
PasswordReciprocal
.
getInstance
()
.
rawPassword
(
changeUserInfo
.
getUsername
(),
changeUserInfo
.
getPassword
())));
if
(
passwordPolicyValidator
.
validator
(
changeUserInfo
)
==
false
)
{
return
false
;
}
if
(
WebContext
.
getUserInfo
()
!=
null
)
{
changeUserInfo
.
setModifiedBy
(
WebContext
.
getUserInfo
().
getId
());
}
changeUserInfo
=
passwordEncoder
(
changeUserInfo
);
if
(
getMapper
().
changePassword
(
changeUserInfo
)
>
0
)
{
changePasswordProvisioning
(
changeUserInfo
);
return
true
;
}
return
false
;
}
catch
(
Exception
e
)
{
e
.
printStackTrace
();
}
return
false
;
}
public
String
randomPassword
()
{
return
passwordPolicyValidator
.
generateRandomPassword
();
}
...
...
maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/SafeController.java
浏览文件 @
5828d2fd
...
...
@@ -24,7 +24,6 @@ import org.maxkey.constants.ConstantsOperateMessage;
import
org.maxkey.constants.ConstantsPasswordSetType
;
import
org.maxkey.constants.ConstantsTimeInterval
;
import
org.maxkey.crypto.ReciprocalUtils
;
import
org.maxkey.crypto.password.PasswordReciprocal
;
import
org.maxkey.domain.UserInfo
;
import
org.maxkey.persistence.db.PasswordPolicyValidator
;
import
org.maxkey.persistence.service.UserInfoService
;
...
...
@@ -36,7 +35,6 @@ import org.maxkey.web.message.MessageType;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.security.crypto.password.PasswordEncoder
;
import
org.springframework.stereotype.Controller
;
import
org.springframework.web.bind.annotation.RequestMapping
;
import
org.springframework.web.bind.annotation.RequestParam
;
...
...
@@ -50,10 +48,6 @@ public class SafeController {
@Autowired
private
UserInfoService
userInfoService
;
@Autowired
private
PasswordEncoder
passwordEncoder
;
@ResponseBody
@RequestMapping
(
value
=
"/forward/changePasswod"
)
...
...
@@ -70,12 +64,12 @@ public class SafeController {
@RequestParam
(
"newPassword"
)
String
newPassword
,
@RequestParam
(
"confirmPassword"
)
String
confirmPassword
)
{
if
(
changeUser
Password
(
oldPassword
,
newPassword
,
confirmPassword
))
{
if
(
userInfoService
.
change
Password
(
oldPassword
,
newPassword
,
confirmPassword
))
{
return
new
Message
(
WebContext
.
getI18nValue
(
ConstantsOperateMessage
.
UPDATE_SUCCESS
),
MessageType
.
success
);
}
else
{
return
new
Message
(
WebContext
.
getI18nValue
(
ConstantsOperateMessage
.
UPDATE_ERROR
)+
"<br>"
+
WebContext
.
getAttribute
(
PasswordPolicyValidator
.
class
.
getName
()
),
+
WebContext
.
getAttribute
(
PasswordPolicyValidator
.
PASSWORD_POLICY_VALIDATE_RESULT
),
MessageType
.
error
);
}
}
...
...
@@ -88,12 +82,12 @@ public class SafeController {
ModelAndView
modelAndView
=
new
ModelAndView
(
"passwordExpired"
);
if
(
newPassword
==
null
||
newPassword
.
equals
(
""
))
{
}
else
if
(
changeUser
Password
(
oldPassword
,
newPassword
,
confirmPassword
)){
}
else
if
(
userInfoService
.
change
Password
(
oldPassword
,
newPassword
,
confirmPassword
)){
WebContext
.
getSession
().
setAttribute
(
WebConstants
.
CURRENT_LOGIN_USER_PASSWORD_SET_TYPE
,
ConstantsPasswordSetType
.
PASSWORD_NORMAL
);
return
WebContext
.
redirect
(
"/index"
);
}
Object
errorMessage
=
WebContext
.
getAttribute
(
PasswordPolicyValidator
.
class
.
getName
()
);
Object
errorMessage
=
WebContext
.
getAttribute
(
PasswordPolicyValidator
.
PASSWORD_POLICY_VALIDATE_RESULT
);
UserInfo
userInfo
=
WebContext
.
getUserInfo
();
modelAndView
.
addObject
(
"model"
,
userInfo
);
modelAndView
.
addObject
(
"errorMessage"
,
errorMessage
==
null
?
""
:
errorMessage
);
...
...
@@ -109,56 +103,18 @@ public class SafeController {
ModelAndView
modelAndView
=
new
ModelAndView
(
"passwordInitial"
);
if
(
newPassword
==
null
||
newPassword
.
equals
(
""
))
{
}
else
if
(
changeUser
Password
(
oldPassword
,
newPassword
,
confirmPassword
)){
}
else
if
(
userInfoService
.
change
Password
(
oldPassword
,
newPassword
,
confirmPassword
)){
WebContext
.
getSession
().
setAttribute
(
WebConstants
.
CURRENT_LOGIN_USER_PASSWORD_SET_TYPE
,
ConstantsPasswordSetType
.
PASSWORD_NORMAL
);
return
WebContext
.
redirect
(
"/index"
);
}
Object
errorMessage
=
WebContext
.
getAttribute
(
PasswordPolicyValidator
.
class
.
getName
()
);
Object
errorMessage
=
WebContext
.
getAttribute
(
PasswordPolicyValidator
.
PASSWORD_POLICY_VALIDATE_RESULT
);
modelAndView
.
addObject
(
"errorMessage"
,
errorMessage
==
null
?
""
:
errorMessage
);
UserInfo
userInfo
=
WebContext
.
getUserInfo
();
modelAndView
.
addObject
(
"model"
,
userInfo
);
return
modelAndView
;
}
public
boolean
changeUserPassword
(
String
oldPassword
,
String
newPassword
,
String
confirmPassword
){
WebContext
.
setAttribute
(
PasswordPolicyValidator
.
class
.
getName
(),
""
);
UserInfo
userInfo
=
WebContext
.
getUserInfo
();
UserInfo
changeUserInfo
=
new
UserInfo
();
changeUserInfo
.
setUsername
(
userInfo
.
getUsername
());
changeUserInfo
.
setPassword
(
newPassword
);
changeUserInfo
.
setId
(
userInfo
.
getId
());
changeUserInfo
.
setDecipherable
(
userInfo
.
getDecipherable
());
_logger
.
debug
(
"decipherable old : "
+
userInfo
.
getDecipherable
());
_logger
.
debug
(
"decipherable new : "
+
ReciprocalUtils
.
encode
(
PasswordReciprocal
.
getInstance
().
rawPassword
(
userInfo
.
getUsername
(),
newPassword
)));
if
(
newPassword
.
equals
(
confirmPassword
)){
if
(
oldPassword
==
null
||
passwordEncoder
.
matches
(
oldPassword
,
userInfo
.
getPassword
())){
if
(
userInfoService
.
changePassword
(
changeUserInfo
))
{
userInfo
.
setPassword
(
changeUserInfo
.
getPassword
());
userInfo
.
setDecipherable
(
changeUserInfo
.
getDecipherable
());
return
true
;
}
}
else
{
if
(
oldPassword
!=
null
&&
passwordEncoder
.
matches
(
newPassword
,
userInfo
.
getPassword
()))
{
WebContext
.
setAttribute
(
PasswordPolicyValidator
.
class
.
getName
(),
WebContext
.
getI18nValue
(
"PasswordPolicy.OLD_PASSWORD_MATCH"
));
}
else
{
WebContext
.
setAttribute
(
PasswordPolicyValidator
.
class
.
getName
(),
WebContext
.
getI18nValue
(
"PasswordPolicy.OLD_PASSWORD_NOT_MATCH"
));
}
}
}
else
{
WebContext
.
setAttribute
(
PasswordPolicyValidator
.
class
.
getName
(),
WebContext
.
getI18nValue
(
"PasswordPolicy.CONFIRMPASSWORD_NOT_MATCH"
));
}
return
false
;
}
@ResponseBody
@RequestMapping
(
value
=
"/forward/changeAppLoginPasswod"
)
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录