提交 b67ad6d5 编写于 作者: sq3536's avatar sq3536

支持sm3

上级 42b4860d
......@@ -7,6 +7,7 @@ import cn.ibizlab.core.uaa.service.impl.SysUserServiceImpl;
import cn.ibizlab.util.client.IBZOUFeignClient;
import cn.ibizlab.util.errors.BadRequestAlertException;
import cn.ibizlab.util.helper.CachedBeanCopier;
import cn.ibizlab.util.helper.Sm3Util;
import cn.ibizlab.util.security.AuthenticationUser;
import cn.ibizlab.util.service.AuthenticationUserService;
import com.alibaba.fastjson.JSONObject;
......@@ -91,6 +92,8 @@ public class LdapUserService implements AuthenticationUserService {
password = DigestUtils.md5DigestAsHex(password.getBytes());
else if (pwencrymode == 2)
password = DigestUtils.md5DigestAsHex(String.format("%1$s||%2$s", username, password).getBytes());
else if(pwencrymode==3&&password.length()!=64)
password = Sm3Util.encrypt(password).toUpperCase();
if (!user.getPassword().equals(password)) {
throw new BadRequestAlertException("用户名密码错误", "IBZUSER", username);
}
......
......@@ -5,6 +5,7 @@ import cn.ibizlab.core.uaa.mapper.SysUserMapper;
import cn.ibizlab.core.uaa.service.ISysUserService;
import cn.ibizlab.core.uaa.service.impl.SysUserServiceImpl;
import cn.ibizlab.util.client.IBZOUFeignClient;
import cn.ibizlab.util.helper.Sm3Util;
import cn.ibizlab.util.service.AuthenticationUserService;
import com.alibaba.fastjson.JSONObject;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
......@@ -80,6 +81,8 @@ public class UAAUserService implements AuthenticationUserService {
password = DigestUtils.md5DigestAsHex(password.getBytes());
else if(pwencrymode==2)
password = DigestUtils.md5DigestAsHex(String.format("%1$s||%2$s", username, password).getBytes());
else if(pwencrymode==3&&password.length()!=64)
password = Sm3Util.encrypt(password).toUpperCase();
if(!authuserdetail.getPassword().equals( password )){
throw new BadRequestAlertException("用户名密码错误","IBZUSER",username);
}
......
......@@ -5,6 +5,7 @@ import cn.ibizlab.core.uaa.domain.SysUserAuth;
import cn.ibizlab.core.uaa.service.ISysUserAuthService;
import cn.ibizlab.core.uaa.service.ISysUserService;
import cn.ibizlab.util.errors.BadRequestAlertException;
import cn.ibizlab.util.helper.Sm3Util;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
......@@ -75,6 +76,8 @@ public class UserRegisterService {
password = DigestUtils.md5DigestAsHex(password.getBytes());
else if(pwencrymode==2)
password = DigestUtils.md5DigestAsHex(String.format("%1$s||%2$s", username, password).getBytes());
else if(pwencrymode==3&&password.length()!=64)
password = Sm3Util.encrypt(password).toUpperCase();
if(!password.equals(existedUser.getPassword()))
throw new BadRequestAlertException("绑定到已有账号失败,请输入正确的密码", "UserRegisterResource", "");
......@@ -90,6 +93,9 @@ public class UserRegisterService {
password = DigestUtils.md5DigestAsHex(password.getBytes());
else if(pwencrymode==2)
password = DigestUtils.md5DigestAsHex(String.format("%1$s||%2$s", username, password).getBytes());
else if(pwencrymode==3&&password.length()!=64)
password = Sm3Util.encrypt(password).toUpperCase();
account.setPassword(password);
account.setUserid(username);
sysUserService.save(account);
......
......@@ -7,6 +7,7 @@ import cn.ibizlab.core.uaa.service.ISysUserService;
import cn.ibizlab.util.domain.Token;
import cn.ibizlab.util.errors.BadRequestAlertException;
import cn.ibizlab.util.helper.CachedBeanCopier;
import cn.ibizlab.util.helper.Sm3Util;
import cn.ibizlab.util.security.*;
import cn.ibizlab.util.service.AuthenticationUserService;
import com.alibaba.fastjson.JSONObject;
......@@ -100,6 +101,8 @@ public class ClientAuthenticationResource
oldpwd = DigestUtils.md5DigestAsHex(oldpwd.getBytes());
else if(pwencrymode==2)
oldpwd = DigestUtils.md5DigestAsHex(String.format("%1$s||%2$s", authenticationUser.getUsername(), oldpwd).getBytes());
else if(pwencrymode==3&&oldpwd.length()!=64)
oldpwd = Sm3Util.encrypt(oldpwd).toUpperCase();
if(!sysUser.getPassword().equals( oldpwd )){
throw new BadRequestAlertException("用户名密码错误","IBZUSER",authenticationUser.getUsername());
}
......@@ -108,6 +111,8 @@ public class ClientAuthenticationResource
newpwd = DigestUtils.md5DigestAsHex(newpwd.getBytes());
else if(pwencrymode==2)
newpwd = DigestUtils.md5DigestAsHex(String.format("%1$s||%2$s", authenticationUser.getUsername(), newpwd).getBytes());
else if(pwencrymode==3&&newpwd.length()!=64)
newpwd = Sm3Util.encrypt(newpwd).toUpperCase();
// 修改密码
sysUser.setPassword(newpwd);
......
Markdown 格式
0% or
您添加了 0 到此讨论。请谨慎行事。
先完成此消息的编辑!
想要评论请 注册