From 5bb59b7a99ffc785aa3df897e00523305d2e4e91 Mon Sep 17 00:00:00 2001 From: shimingxy Date: Sun, 8 Dec 2019 19:39:29 +0800 Subject: [PATCH] password fix --- .../main/java/org/maxkey/dao/service/UserInfoService.java | 3 ++- .../main/java/org/maxkey/web/contorller/SafeController.java | 5 +++-- .../src/main/resources/templates/views/safe/timeBased.ftl | 3 ++- 3 files changed, 7 insertions(+), 4 deletions(-) diff --git a/maxkey-dao/src/main/java/org/maxkey/dao/service/UserInfoService.java b/maxkey-dao/src/main/java/org/maxkey/dao/service/UserInfoService.java index 7b4974c7..3127c37a 100644 --- a/maxkey-dao/src/main/java/org/maxkey/dao/service/UserInfoService.java +++ b/maxkey-dao/src/main/java/org/maxkey/dao/service/UserInfoService.java @@ -3,6 +3,7 @@ package org.maxkey.dao.service; import org.apache.mybatis.jpa.persistence.JpaBaseService; import org.maxkey.constants.STATUS; +import org.maxkey.crypto.ReciprocalUtils; import org.maxkey.crypto.password.PasswordReciprocal; import org.maxkey.dao.persistence.UserInfoMapper; import org.maxkey.domain.ChangePassword; @@ -109,7 +110,7 @@ public class UserInfoService extends JpaBaseService { } String password = passwordEncoder.encode(PasswordReciprocal.getInstance().rawPassword(userInfo.getUsername(), userInfo.getPassword())); - userInfo.setDecipherable(PasswordReciprocal.getInstance().rawPassword(userInfo.getUsername(), userInfo.getPassword())); + userInfo.setDecipherable(ReciprocalUtils.encode(PasswordReciprocal.getInstance().rawPassword(userInfo.getUsername(), userInfo.getPassword()))); _logger.debug("decipherable : "+userInfo.getDecipherable()); userInfo.setPassword(password); userInfo.setPasswordLastSetTime(DateUtils.getCurrentDateTimeAsString()); diff --git a/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/SafeController.java b/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/SafeController.java index 1651fa06..a1c52965 100644 --- a/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/SafeController.java +++ b/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/SafeController.java @@ -93,7 +93,7 @@ public class SafeController { String confirmPassword){ UserInfo userInfo =WebContext.getUserInfo(); _logger.debug("decipherable old : "+userInfo.getDecipherable()); - _logger.debug("decipherable new : "+PasswordReciprocal.getInstance().rawPassword(userInfo.getUsername(), userInfo.getPassword())); + _logger.debug("decipherable new : "+ReciprocalUtils.encode(PasswordReciprocal.getInstance().rawPassword(userInfo.getUsername(), newPassword))); if(newPassword.equals(confirmPassword)){ if(oldPassword==null || passwordEncoder.matches(PasswordReciprocal.getInstance().rawPassword(userInfo.getUsername(),oldPassword), userInfo.getPassword())){ @@ -123,7 +123,8 @@ public class SafeController { @RequestParam("confirmPassword") String confirmPassword) { UserInfo userInfo =WebContext.getUserInfo(); - _logger.debug("App Login Password : "+ReciprocalUtils.decoder(userInfo.getAppLoginPassword())); + _logger.debug("App Login Password : "+userInfo.getAppLoginPassword()); + _logger.debug("App Login new Password : "+ReciprocalUtils.encode(newPassword)); if(newPassword.equals(confirmPassword)){ if(StringUtils.isNullOrBlank(userInfo.getAppLoginPassword())||userInfo.getAppLoginPassword().equals(ReciprocalUtils.encode(oldPassword))){ userInfo.setAppLoginPassword(ReciprocalUtils.encode(newPassword)); diff --git a/maxkey-web-maxkey/src/main/resources/templates/views/safe/timeBased.ftl b/maxkey-web-maxkey/src/main/resources/templates/views/safe/timeBased.ftl index 0c88edc9..00435f24 100644 --- a/maxkey-web-maxkey/src/main/resources/templates/views/safe/timeBased.ftl +++ b/maxkey-web-maxkey/src/main/resources/templates/views/safe/timeBased.ftl @@ -14,7 +14,8 @@ <@locale code="login.totp.title" /> - +
+ 支持Google Authenticator等 -- GitLab