Merge branch 'master' of http://111.203.232.171:8888/lee/chnmuseum-party into master

088b5daa · liqin · abb0e9de · 7d5fe8d2 · 088b5daa · 088b5daa
Commit 088b5daa authored Apr 15, 2021 by liqin 💬
6 changed files
--- a/src/main/java/cn/wisenergy/chnmuseum/party/auth/util/AESUtils.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/auth/util/AESUtils.java
+package cn.wisenergy.chnmuseum.party.auth.util;
+import org.apache.commons.lang3.StringUtils;
+import javax.crypto.Cipher;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
+public class AESUtils {
+    private static String KEY = "guobomimajiamics";
+    private static String IV = "guobomimajiamics";
+    /**
+     * AES解密
+     * @param encryptStr 密文
+     * @return 明文
+     * @throws Exception
+     */
+    public static String aesDecrypt(String encryptStr) throws Exception {
+        if (StringUtils.isEmpty(encryptStr)) {
+            return null;
+        }
+        byte[] encryptByte = Base64.getDecoder().decode(encryptStr);
+        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
+        cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(KEY.getBytes(), "AES"),new IvParameterSpec(IV.getBytes()));
+        byte[] decryptBytes = cipher.doFinal(encryptByte);
+        return new String(decryptBytes);
+    }
+    /**
+     * AES加密
+     * @param content 明文
+     * @return 密文
+     * @throws Exception
+     */
+    public static String aesEncrypt(String content) throws Exception {
+        if (StringUtils.isEmpty(content)) {
+            return null;
+        }
+        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
+        cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(KEY.getBytes(), "AES"),new IvParameterSpec(IV.getBytes()));
+        byte[] encryptStr = cipher.doFinal(content.getBytes(StandardCharsets.UTF_8));
+        return Base64.getEncoder().encodeToString(encryptStr);
+    }
+}
--- a/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/ChinaMobileRestApiController.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/ChinaMobileRestApiController.java
 package cn.wisenergy.chnmuseum.party.web.controller;
 import cn.wisenergy.chnmuseum.party.auth.SHA256PasswordEncryptionService;
+import cn.wisenergy.chnmuseum.party.auth.util.AESUtils;
 import cn.wisenergy.chnmuseum.party.auth.util.JwtTokenUtil;
 import cn.wisenergy.chnmuseum.party.common.enums.AuditOperationEnum;
 import cn.wisenergy.chnmuseum.party.common.enums.FileCatEnum;
@@ -187,6 +188,10 @@ public class ChinaMobileRestApiController extends BaseController {
                    resultMap.put("message", "用户未激活！");
                    return resultMap;
                }
+                //解密
+                mac=AESUtils.aesDecrypt(mac);
+                password= AESUtils.aesDecrypt(password);
                if (!mac.equals(operation.getMac())) {
                    resultMap.put("resultCode", "400");
                    resultMap.put("message", "mac地址不正确！");

--- a/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/LoginController.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/LoginController.java
@@ -3,6 +3,7 @@ package cn.wisenergy.chnmuseum.party.web.controller;
 import cn.hutool.extra.qrcode.QrCodeUtil;
 import cn.hutool.extra.qrcode.QrConfig;
 import cn.wisenergy.chnmuseum.party.auth.SHA256PasswordEncryptionService;
+import cn.wisenergy.chnmuseum.party.auth.util.AESUtils;
 import cn.wisenergy.chnmuseum.party.auth.util.JwtTokenUtil;
 import cn.wisenergy.chnmuseum.party.common.checkcode.SpecCaptcha;
 import cn.wisenergy.chnmuseum.party.common.enums.AuditOperationEnum;
@@ -152,10 +153,12 @@ public class LoginController extends BaseController {
                        return resultMap;
                    }
                }
+                //密码解密
+                password=AESUtils.aesDecrypt(password);
                byte[] salt = user.getPasswordSalt();
                String s1 = new String(SHA256PasswordEncryptionService.createPasswordHash(password, salt));
-                if (!new String(SHA256PasswordEncryptionService.createPasswordHash(password, salt)).equals(new String(user.getPasswordHash()))) {
+                if (!s1.equals(new String(user.getPasswordHash()))) {
 //                    opsForValue.increment(SHIRO_LOGIN_COUNT + username, 1);
 //                    //计数大于5时，设置用户被锁定12小时
 //
@@ -193,6 +196,14 @@ public class LoginController extends BaseController {
                String token = JwtTokenUtil.sign(username, user.getId());
                // 将token信息存入Redis
                stringRedisTemplate.opsForValue().set(SHIRO_JWT_TOKEN + token, user.getId(), 12, TimeUnit.HOURS);
+                String firstPassword = new String(SHA256PasswordEncryptionService.createPasswordHash("gb123456", salt));
+                if (firstPassword.equals(new String(user.getPasswordHash()))){
+                    resultMap.put("isDefault", true);
+                }
+                if (user.getExiredDate()!=null){
+                    Long i = user.getExiredDate().toEpochDay() - LocalDate.now().toEpochDay();
+                    resultMap.put("expireNum", i);
+                }
                resultMap.put("user", user);
                resultMap.put("token", token);
                resultMap.put("menuList", userMenuPerms);

--- a/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/TBoxOperationController.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/TBoxOperationController.java
@@ -136,9 +136,8 @@ public class TBoxOperationController extends BaseController {
                wrapper.eq("mac",tBoxOperation.getMac());
                TBoxOperation one = tBoxOperationService.getOne(wrapper);
                if (one!=null&&!one.getOrganId().equals(tBoxOperation.getOrganId())){
-                    TUser u = userService.getOne(new UpdateWrapper<TUser>().eq("org_id", one.getOrganId()).eq("type", 3).eq("is_deleted", false));
                    resultMap.put("resultCode", "400");
-                    resultMap.put("message", "此mac地址已绑定"+u.getUserName()+"账号！");
+                    resultMap.put("message", "此mac地址已绑定账号！");
                    return resultMap;
                }
                final ArrayList<String> rsaKeys = RSAUtils.createRSAKeys();

--- a/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/TInteractionController.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/TInteractionController.java
@@ -68,39 +68,11 @@ public class TInteractionController extends BaseController {
    @ApiOperation(value = "添加看板互动", notes = "添加看板互动")
    @MethodLog(operModule = OperModule.INTERACTIVE, operType = OperType.ADD)
    public Map<String, Object> saveTInteraction(TInteraction tInteraction) {
+        TUser user = getcurUser();
        // 保存业务节点信息
        boolean result = false;
        try {
            Map<String, Object> resultMap = new LinkedHashMap<String, Object>();
-            if (StringUtils.isBlank(tInteraction.getName()) || StringUtils.isBlank(tInteraction.getPassword())) {
-                resultMap.put("resultCode", "400");
-                resultMap.put("message", "请输入用户名和密码");
-                return resultMap;
-            }
-            TUser user = userService.selectByUsername(tInteraction.getName());
-            if (user == null) {
-                resultMap.put("resultCode", "400");
-                resultMap.put("message", "用户名错误");
-                return resultMap;
-            }
-            if (!"2".equals(user.getType())) {
-                resultMap.put("resultCode", "400");
-                resultMap.put("message", "用户不是单位管理员");
-                return resultMap;
-            }
-            if (user.getOrgId()!=null&&!user.getOrgId().equals(tInteraction.getOrganId())){
-                resultMap.put("resultCode", "400");
-                resultMap.put("message", "管理员账号不是本机构的单位管理员");
-                return resultMap;
-            }
-            byte[] salt = user.getPasswordSalt();
-            if (!new String(SHA256PasswordEncryptionService.createPasswordHash(tInteraction.getPassword(), salt))
-                    .equals(new String(user.getPasswordHash()))) {
-                resultMap.put("resultCode", "400");
-                resultMap.put("message", "密码错误");
-                return resultMap;
-            }
            tInteraction.setUserId(user.getId());
            tInteraction.setCreateTime(LocalDateTime.now());
            result = tInteractionService.save(tInteraction);

--- a/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/TUserController.java
+++ b/src/main/java/cn/wisenergy/chnmuseum/party/web/controller/TUserController.java
@@ -2,6 +2,7 @@ package cn.wisenergy.chnmuseum.party.web.controller;
 import cn.wisenergy.chnmuseum.party.auth.SHA256PasswordEncryptionService;
 import cn.wisenergy.chnmuseum.party.auth.SecureRandomSaltService;
+import cn.wisenergy.chnmuseum.party.auth.util.AESUtils;
 import cn.wisenergy.chnmuseum.party.common.enums.AuditOperationEnum;
 import cn.wisenergy.chnmuseum.party.common.enums.AuditStatusEnum;
 import cn.wisenergy.chnmuseum.party.common.enums.AuditTypeEnum;
@@ -200,7 +201,7 @@ public class TUserController extends BaseController {
                user.setUserName(StringUtils.trimToNull(user.getUserName()));
            }
            if (StringUtils.isBlank(user.getPassword())) {
-                user.setPassword("123456");
+                user.setPassword("gb123456");
            } else {
                user.setPassword(StringUtils.trimToNull(user.getPassword()));
            }
@@ -555,6 +556,11 @@ public class TUserController extends BaseController {
                resultMap.put("resultCode", "400");
                resultMap.put("message", "旧密码不正确");
            }
+            //密码解密
+            oldPassWord= AESUtils.aesDecrypt(oldPassWord);
+            //密码解密
+            password=AESUtils.aesDecrypt(password);
            if (new String(SHA256PasswordEncryptionService.createPasswordHash(oldPassWord, salt))
                    .equals(new String(user.getPasswordHash()))) {
                salt = SecureRandomSaltService.generateSalt();
@@ -597,7 +603,7 @@ public class TUserController extends BaseController {
            Map<String, Object> map = new LinkedHashMap<>();
            TUser user = new TUser();
            user.setId(userId);
-            String newPassword = "123456";
+            String newPassword = "gb123456";
            byte[] passwordSalt = SecureRandomSaltService.generateSalt();
            byte[] passwordHash = SHA256PasswordEncryptionService.createPasswordHash(newPassword, passwordSalt);
            user.setPasswordSalt(passwordSalt);
@@ -714,7 +720,7 @@ public class TUserController extends BaseController {
                user.setUserName(StringUtils.trimToNull(user.getUserName()));
            }
-            user.setPassword("123456");
+            user.setPassword("gb123456");
            QueryWrapper<TUser> ew = new QueryWrapper<>();
            if (StringUtils.isNoneBlank(user.getUserName())) {
@@ -784,7 +790,7 @@ public class TUserController extends BaseController {
                user.setUserName(StringUtils.trimToNull(user.getUserName()));
            }
-            user.setPassword("123456");
+            user.setPassword("gb123456");
            QueryWrapper<TUser> ew = new QueryWrapper<>();
            if (StringUtils.isNoneBlank(user.getUserName())) {