Merge branch 'master' of http://gitlab.scsmile.cn/zxf/smart_gov_platform

portal-manager/src/main/java/com/mortals/xhx/module/user/service/impl/UserServiceImpl.java

@@ -445,7 +445,7 @@ public class UserServiceImpl extends AbstractCRUDServiceImpl<UserDao, UserEntity
             throw new AppException("帐号错误！");
         }
         try {
-            sysUser.setLoginPwd(SecurityUtil.md5DoubleEncoding(newPwd));
+            sysUser.setLoginPwd(SecurityUtil.md5DoubleEncoding(newPwd + sysUser.getSaltKey()));
         } catch (Exception e) {
             throw new AppException("密码转换异常！", e);
         }

portal-manager/src/main/java/com/mortals/xhx/module/user/web/UserController.java

@@ -9,6 +9,7 @@ import com.mortals.framework.model.PageInfo;
 import com.mortals.framework.model.Result;
 import com.mortals.framework.service.ICacheService;
 import com.mortals.framework.web.BaseCRUDJsonBodyMappingController;
+import com.mortals.xhx.common.utils.LoginAESUtil;
 import com.mortals.xhx.module.param.service.ParamService;
 import com.mortals.xhx.module.role.model.RoleEntity;
 import com.mortals.xhx.module.role.model.RoleQuery;
@@ -54,6 +55,9 @@ public class UserController extends BaseCRUDJsonBodyMappingController<UserServic
     @Autowired
     private ICacheService cacheService;
 
+    private static final String AES_KEY = "0000000671595991";
+    private static final String AES_IV  = "tdrdadq59tbss5n7";
+
     public UserController() {
         super.setModuleDesc("用户信息业务");
     }
@@ -80,6 +84,14 @@ public class UserController extends BaseCRUDJsonBodyMappingController<UserServic
         return super.viewAfter(id, model, entity, context);
     }
 
+    @Override
+    protected void saveBefore(UserEntity entity, Map<String, Object> model, Context context) throws AppException {
+        String loginName = LoginAESUtil.decrypt(entity.getLoginName(),AES_KEY,AES_IV,LoginAESUtil.AES_CBC);
+        String loginPwd = LoginAESUtil.decrypt(entity.getLoginPwd(),AES_KEY,AES_IV,LoginAESUtil.AES_CBC);
+        entity.setLoginName(loginName);
+        entity.setLoginPwd(loginPwd);
+    }
+
     @Override
     @UnAuth
     public Rest<Object> list(@RequestBody UserEntity query) {
@@ -145,6 +157,10 @@ public class UserController extends BaseCRUDJsonBodyMappingController<UserServic
     public String changePassword(@RequestBody UserEntity entity) {
         JSONObject ret = new JSONObject();
         try {
+            String oldPwd = LoginAESUtil.decrypt(entity.getOldPwd(),AES_KEY,AES_IV,LoginAESUtil.AES_CBC);
+            String newPwd = LoginAESUtil.decrypt(entity.getNewPwd(),AES_KEY,AES_IV,LoginAESUtil.AES_CBC);
+            entity.setOldPwd(oldPwd);
+            entity.setNewPwd(newPwd);
             service.updateUserPwd(super.getCurUser().getLoginName(), entity.getOldPwd(), entity.getNewPwd());
             ret.put(KEY_RESULT_CODE, VALUE_RESULT_SUCCESS);
             ret.put(KEY_RESULT_MSG, "密码修改成功！");
@@ -250,6 +266,10 @@ public class UserController extends BaseCRUDJsonBodyMappingController<UserServic
     public String resetPassword(@RequestBody UserEntity entity) {
         JSONObject ret = new JSONObject();
         try {
+            String newPwd = LoginAESUtil.decrypt(entity.getNewPwd(),AES_KEY,AES_IV,LoginAESUtil.AES_CBC);
+            entity.setNewPwd(newPwd);
+            String loginName = LoginAESUtil.decrypt(entity.getLoginName(),AES_KEY,AES_IV,LoginAESUtil.AES_CBC);
+            entity.setLoginName(loginName);
             service.resetUserPwd(entity.getLoginName(), entity.getNewPwd(),this.getContext());
             ret.put(KEY_RESULT_CODE, VALUE_RESULT_SUCCESS);
             ret.put(KEY_RESULT_MSG, "密码修改成功！");