修改bug

src/main/java/cn/wisenergy/chnmuseum/party/auth/util/AESUtils.java

+package cn.wisenergy.chnmuseum.party.auth.util;
+
+import org.apache.commons.lang3.StringUtils;
+
+import javax.crypto.Cipher;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
+
+public class AESUtils {
+    private static String KEY = "guobomimajiamics";
+    private static String IV = "guobomimajiamics";
+    /**
+     * AES解密
+     * @param encryptStr 密文
+     * @return 明文
+     * @throws Exception
+     */
+    public static String aesDecrypt(String encryptStr) throws Exception {
+        if (StringUtils.isEmpty(encryptStr)) {
+            return null;
+        }
+
+        byte[] encryptByte = Base64.getDecoder().decode(encryptStr);
+        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
+        cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(KEY.getBytes(), "AES"),new IvParameterSpec(IV.getBytes()));
+        byte[] decryptBytes = cipher.doFinal(encryptByte);
+        return new String(decryptBytes);
+    }
+
+    /**
+     * AES加密
+     * @param content 明文
+     * @return 密文
+     * @throws Exception
+     */
+    public static String aesEncrypt(String content) throws Exception {
+        if (StringUtils.isEmpty(content)) {
+            return null;
+        }
+
+        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
+        cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(KEY.getBytes(), "AES"),new IvParameterSpec(IV.getBytes()));
+
+        byte[] encryptStr = cipher.doFinal(content.getBytes(StandardCharsets.UTF_8));
+        return Base64.getEncoder().encodeToString(encryptStr);
+    }
+
+}

src/main/java/cn/wisenergy/chnmuseum/party/web/controller/ChinaMobileRestApiController.java

 package cn.wisenergy.chnmuseum.party.web.controller;
 
 import cn.wisenergy.chnmuseum.party.auth.SHA256PasswordEncryptionService;
+import cn.wisenergy.chnmuseum.party.auth.util.AESUtils;
 import cn.wisenergy.chnmuseum.party.auth.util.JwtTokenUtil;
 import cn.wisenergy.chnmuseum.party.common.enums.AuditOperationEnum;
 import cn.wisenergy.chnmuseum.party.common.enums.FileCatEnum;
@@ -187,6 +188,10 @@ public class ChinaMobileRestApiController extends BaseController {
                     resultMap.put("message", "用户未激活！");
                     return resultMap;
                 }
+                //解密
+                mac=AESUtils.aesDecrypt(mac);
+                password= AESUtils.aesDecrypt(password);
+
                 if (!mac.equals(operation.getMac())) {
                     resultMap.put("resultCode", "400");
                     resultMap.put("message", "mac地址不正确！");

src/main/java/cn/wisenergy/chnmuseum/party/web/controller/LoginController.java

@@ -3,6 +3,7 @@ package cn.wisenergy.chnmuseum.party.web.controller;
 import cn.hutool.extra.qrcode.QrCodeUtil;
 import cn.hutool.extra.qrcode.QrConfig;
 import cn.wisenergy.chnmuseum.party.auth.SHA256PasswordEncryptionService;
+import cn.wisenergy.chnmuseum.party.auth.util.AESUtils;
 import cn.wisenergy.chnmuseum.party.auth.util.JwtTokenUtil;
 import cn.wisenergy.chnmuseum.party.common.checkcode.SpecCaptcha;
 import cn.wisenergy.chnmuseum.party.common.enums.AuditOperationEnum;
@@ -152,10 +153,12 @@ public class LoginController extends BaseController {
                         return resultMap;
                     }
                 }
+                //密码解密
+                password=AESUtils.aesDecrypt(password);
 
                 byte[] salt = user.getPasswordSalt();
                 String s1 = new String(SHA256PasswordEncryptionService.createPasswordHash(password, salt));
-                if (!new String(SHA256PasswordEncryptionService.createPasswordHash(password, salt)).equals(new String(user.getPasswordHash()))) {
+                if (!s1.equals(new String(user.getPasswordHash()))) {
 //                    opsForValue.increment(SHIRO_LOGIN_COUNT + username, 1);
 //                    //计数大于5时，设置用户被锁定12小时
 //
@@ -193,6 +196,10 @@ public class LoginController extends BaseController {
                 String token = JwtTokenUtil.sign(username, user.getId());
                 // 将token信息存入Redis
                 stringRedisTemplate.opsForValue().set(SHIRO_JWT_TOKEN + token, user.getId(), 12, TimeUnit.HOURS);
+                String firstPassword = new String(SHA256PasswordEncryptionService.createPasswordHash("gb123456", salt));
+                if (firstPassword.equals(new String(user.getPasswordHash()))){
+                    resultMap.put("isDefault", true);
+                }
                 resultMap.put("user", user);
                 resultMap.put("token", token);
                 resultMap.put("menuList", userMenuPerms);

src/main/java/cn/wisenergy/chnmuseum/party/web/controller/TBoxOperationController.java

@@ -136,9 +136,8 @@ public class TBoxOperationController extends BaseController {
                 wrapper.eq("mac",tBoxOperation.getMac());
                 TBoxOperation one = tBoxOperationService.getOne(wrapper);
                 if (one!=null&&!one.getOrganId().equals(tBoxOperation.getOrganId())){
-                    TUser u = userService.getOne(new UpdateWrapper<TUser>().eq("org_id", one.getOrganId()).eq("type", 3).eq("is_deleted", false));
                     resultMap.put("resultCode", "400");
-                    resultMap.put("message", "此mac地址已绑定"+u.getUserName()+"账号！");
+                    resultMap.put("message", "此mac地址已绑定账号！");
                     return resultMap;
                 }
                 final ArrayList<String> rsaKeys = RSAUtils.createRSAKeys();

src/main/java/cn/wisenergy/chnmuseum/party/web/controller/TInteractionController.java

@@ -68,39 +68,11 @@ public class TInteractionController extends BaseController {
     @ApiOperation(value = "添加看板互动", notes = "添加看板互动")
     @MethodLog(operModule = OperModule.INTERACTIVE, operType = OperType.ADD)
     public Map<String, Object> saveTInteraction(TInteraction tInteraction) {
-
+        TUser user = getcurUser();
         // 保存业务节点信息
         boolean result = false;
         try {
             Map<String, Object> resultMap = new LinkedHashMap<String, Object>();
-            if (StringUtils.isBlank(tInteraction.getName()) || StringUtils.isBlank(tInteraction.getPassword())) {
-                resultMap.put("resultCode", "400");
-                resultMap.put("message", "请输入用户名和密码");
-                return resultMap;
-            }
-            TUser user = userService.selectByUsername(tInteraction.getName());
-            if (user == null) {
-                resultMap.put("resultCode", "400");
-                resultMap.put("message", "用户名错误");
-                return resultMap;
-            }
-            if (!"2".equals(user.getType())) {
-                resultMap.put("resultCode", "400");
-                resultMap.put("message", "用户不是单位管理员");
-                return resultMap;
-            }
-            if (user.getOrgId()!=null&&!user.getOrgId().equals(tInteraction.getOrganId())){
-                resultMap.put("resultCode", "400");
-                resultMap.put("message", "管理员账号不是本机构的单位管理员");
-                return resultMap;
-            }
-            byte[] salt = user.getPasswordSalt();
-            if (!new String(SHA256PasswordEncryptionService.createPasswordHash(tInteraction.getPassword(), salt))
-                    .equals(new String(user.getPasswordHash()))) {
-                resultMap.put("resultCode", "400");
-                resultMap.put("message", "密码错误");
-                return resultMap;
-            }
             tInteraction.setUserId(user.getId());
             tInteraction.setCreateTime(LocalDateTime.now());
             result = tInteractionService.save(tInteraction);

src/main/java/cn/wisenergy/chnmuseum/party/web/controller/TUserController.java

@@ -2,6 +2,7 @@ package cn.wisenergy.chnmuseum.party.web.controller;
 
 import cn.wisenergy.chnmuseum.party.auth.SHA256PasswordEncryptionService;
 import cn.wisenergy.chnmuseum.party.auth.SecureRandomSaltService;
+import cn.wisenergy.chnmuseum.party.auth.util.AESUtils;
 import cn.wisenergy.chnmuseum.party.common.enums.AuditOperationEnum;
 import cn.wisenergy.chnmuseum.party.common.enums.AuditStatusEnum;
 import cn.wisenergy.chnmuseum.party.common.enums.AuditTypeEnum;
@@ -555,6 +556,11 @@ public class TUserController extends BaseController {
                 resultMap.put("resultCode", "400");
                 resultMap.put("message", "旧密码不正确");
             }
+            //密码解密
+            oldPassWord= AESUtils.aesDecrypt(oldPassWord);
+            //密码解密
+            password=AESUtils.aesDecrypt(password);
+
             if (new String(SHA256PasswordEncryptionService.createPasswordHash(oldPassWord, salt))
                     .equals(new String(user.getPasswordHash()))) {
                 salt = SecureRandomSaltService.generateSalt();
@@ -597,7 +603,7 @@ public class TUserController extends BaseController {
             Map<String, Object> map = new LinkedHashMap<>();
             TUser user = new TUser();
             user.setId(userId);
-            String newPassword = "123456";
+            String newPassword = "gb123456";
             byte[] passwordSalt = SecureRandomSaltService.generateSalt();
             byte[] passwordHash = SHA256PasswordEncryptionService.createPasswordHash(newPassword, passwordSalt);
             user.setPasswordSalt(passwordSalt);