Merge branch 'master' of http://gitlab.scsmile.cn/zxf/smart_gov_platform

366aefc7 · “yiyousong” · 82745899 · 6365f9d2 · 366aefc7 · 366aefc7
Commit 366aefc7 authored Sep 04, 2023 by “yiyousong”
2 changed files
--- a/portal-manager/src/main/java/com/mortals/xhx/module/user/service/impl/UserServiceImpl.java
+++ b/portal-manager/src/main/java/com/mortals/xhx/module/user/service/impl/UserServiceImpl.java
@@ -445,7 +445,7 @@ public class UserServiceImpl extends AbstractCRUDServiceImpl<UserDao, UserEntity
            throw new AppException("帐号错误！");
        }
        try {
-            sysUser.setLoginPwd(SecurityUtil.md5DoubleEncoding(newPwd));
+            sysUser.setLoginPwd(SecurityUtil.md5DoubleEncoding(newPwd + sysUser.getSaltKey()));
        } catch (Exception e) {
            throw new AppException("密码转换异常！", e);
        }

--- a/portal-manager/src/main/java/com/mortals/xhx/module/user/web/UserController.java
+++ b/portal-manager/src/main/java/com/mortals/xhx/module/user/web/UserController.java
@@ -9,6 +9,7 @@ import com.mortals.framework.model.PageInfo;
 import com.mortals.framework.model.Result;
 import com.mortals.framework.service.ICacheService;
 import com.mortals.framework.web.BaseCRUDJsonBodyMappingController;
+import com.mortals.xhx.common.utils.LoginAESUtil;
 import com.mortals.xhx.module.param.service.ParamService;
 import com.mortals.xhx.module.role.model.RoleEntity;
 import com.mortals.xhx.module.role.model.RoleQuery;
@@ -54,6 +55,9 @@ public class UserController extends BaseCRUDJsonBodyMappingController<UserServic
    @Autowired
    private ICacheService cacheService;
+    private static final String AES_KEY = "0000000671595991";
+    private static final String AES_IV  = "tdrdadq59tbss5n7";
    public UserController() {
        super.setModuleDesc("用户信息业务");
    }
@@ -80,6 +84,14 @@ public class UserController extends BaseCRUDJsonBodyMappingController<UserServic
        return super.viewAfter(id, model, entity, context);
    }
+    @Override
+    protected void saveBefore(UserEntity entity, Map<String, Object> model, Context context) throws AppException {
+        String loginName = LoginAESUtil.decrypt(entity.getLoginName(),AES_KEY,AES_IV,LoginAESUtil.AES_CBC);
+        String loginPwd = LoginAESUtil.decrypt(entity.getLoginPwd(),AES_KEY,AES_IV,LoginAESUtil.AES_CBC);
+        entity.setLoginName(loginName);
+        entity.setLoginPwd(loginPwd);
+    }
    @Override
    @UnAuth
    public Rest<Object> list(@RequestBody UserEntity query) {
@@ -145,6 +157,10 @@ public class UserController extends BaseCRUDJsonBodyMappingController<UserServic
    public String changePassword(@RequestBody UserEntity entity) {
        JSONObject ret = new JSONObject();
        try {
+            String oldPwd = LoginAESUtil.decrypt(entity.getOldPwd(),AES_KEY,AES_IV,LoginAESUtil.AES_CBC);
+            String newPwd = LoginAESUtil.decrypt(entity.getNewPwd(),AES_KEY,AES_IV,LoginAESUtil.AES_CBC);
+            entity.setOldPwd(oldPwd);
+            entity.setNewPwd(newPwd);
            service.updateUserPwd(super.getCurUser().getLoginName(), entity.getOldPwd(), entity.getNewPwd());
            ret.put(KEY_RESULT_CODE, VALUE_RESULT_SUCCESS);
            ret.put(KEY_RESULT_MSG, "密码修改成功！");
@@ -250,6 +266,10 @@ public class UserController extends BaseCRUDJsonBodyMappingController<UserServic
    public String resetPassword(@RequestBody UserEntity entity) {
        JSONObject ret = new JSONObject();
        try {
+            String newPwd = LoginAESUtil.decrypt(entity.getNewPwd(),AES_KEY,AES_IV,LoginAESUtil.AES_CBC);
+            entity.setNewPwd(newPwd);
+            String loginName = LoginAESUtil.decrypt(entity.getLoginName(),AES_KEY,AES_IV,LoginAESUtil.AES_CBC);
+            entity.setLoginName(loginName);
            service.resetUserPwd(entity.getLoginName(), entity.getNewPwd(),this.getContext());
            ret.put(KEY_RESULT_CODE, VALUE_RESULT_SUCCESS);
            ret.put(KEY_RESULT_MSG, "密码修改成功！");