admin/wisdomisite-java
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

MD5加密+时间戳

Browse Source
This commit is contained in:
guo 2023-11-08 10:11:54 +08:00
parent 23a93af23d
commit 7e75fb3649
2 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/java/com/zhgd/xmgl/modules/basicdata/controller/LoginController.java
View File

@ -1,6 +1,7 @@
package com.zhgd.xmgl.modules.basicdata.controller;
import cn.hutool.crypto.SecureUtil;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.zhgd.annotation.OperLog;
import com.zhgd.jeecg.common.api.vo.Result;
@ -80,6 +81,7 @@ public class LoginController {
@ApiImplicitParams({
@ApiImplicitParam(name = "account", required = true, value = "登录账号", paramType = "form"),
@ApiImplicitParam(name = "md5Password", required = true, value = "账号md5密码登录", paramType = "form"),
@ApiImplicitParam(name = "timestamp", required = true, value = "时间戳", paramType = "form"),
})
@PostMapping(value = "/md5/login")
public Result<Map<String, Object>> md5Login(@RequestBody Map<String, Object> map) {

3
src/main/java/com/zhgd/xmgl/modules/basicdata/service/impl/SystemUserServiceImpl.java
View File

@ -1065,6 +1065,7 @@ public class SystemUserServiceImpl extends ServiceImpl<SystemUserMapper, SystemU
SystemUser systemUser = systemUserMapper.selectOne(queryWrapper);
String md5Password = MapUtils.getString(map, "md5Password");
String timestamp = MapUtils.getString(map, "timestamp");
//登录失败次数不得多于5次登录失败后锁定时间不少于10分钟
String key = PW_FAILED_COUNT_PREFIX + EnvironmentUtil.getActiveEnvironment() + ":" + account;
@ -1077,7 +1078,7 @@ public class SystemUserServiceImpl extends ServiceImpl<SystemUserMapper, SystemU
log.info("查询不到systemUser");
failedPrompt(key, num);
} else {
if (!StringUtils.equalsIgnoreCase(SecureUtil.md5(systemUser.getShowPassword()), md5Password)) {
if (!StringUtils.equalsIgnoreCase(SecureUtil.md5(SecureUtil.md5(systemUser.getShowPassword()) + timestamp), md5Password)) {
log.info("密码不正确,原:{},现:{}", md5Password, systemUser.getPassword());
failedPrompt(key, num);
}