P2022036_Service.git

			@@ -1,19 +1,18 @@
			package com.lf.server.service.sys;

			import com.lf.server.entity.all.RedisCacheKey;
			import com.lf.server.entity.all.SettingData;
			import com.lf.server.entity.sys.RoleEntity;
			import com.lf.server.entity.sys.UserEntity;
			import com.lf.server.helper.Md5Helper;
			import com.lf.server.helper.RsaHelper;
			import com.lf.server.helper.StringHelper;
			import com.lf.server.mapper.sys.UserMapper;
			import com.lf.server.service.all.RedisService;
			import org.apache.commons.logging.Log;
			import org.apache.commons.logging.LogFactory;
			import org.springframework.beans.factory.annotation.Autowired;
			import org.springframework.data.redis.cache.RedisCache;
			import org.springframework.stereotype.Service;

			import java.util.List;
			import java.util.concurrent.TimeUnit;

			/**
			* 用户表
			@@ -28,6 +27,14 @@

			@Autowired
			RedisService redisService;

			@Autowired
			LoginService loginService;

			@Autowired
			TokenService tokenService;

			private final static Log log = LogFactory.getLog(UserService.class);

			@Override
			public Integer selectCount(String uname) {
			@@ -61,6 +68,26 @@
			@Override
			public UserEntity selectByToken(String token) {
			return userMapper.selectByToken(token);
			}

			@Override
			public Integer selectForIsAdmin(Integer id) {
			return userMapper.selectForIsAdmin(id);
			}

			@Override
			public List<UserEntity> selectAdminUsers(Integer type) {
			return userMapper.selectAdminUsers(type);
			}

			@Override
			public List<RoleEntity> selectRoleByUserId(Integer id) {
			return userMapper.selectRoleByUserId(id);
			}

			@Override
			public List<UserEntity> selectUserByRoleId(Integer roleId) {
			return userMapper.selectUserByRoleId(roleId);
			}

			@Override
			@@ -108,28 +135,76 @@
			}

			/**
			* 验证新用户密码
			* 验证用户实体类
			*/
			public String validateNewPwd(UserEntity entity) {
			public String validateUserEntity(UserEntity entity) {
			if (entity == null) {
			return "没有找到用户";
			}
			if (StringHelper.isEmpty(entity.getUid())) {
			return "用户ID不能为空";
			}
			if (StringHelper.isEmpty(entity.getPwd())) {
			return "密码不能为空";
			return "用户密码不能为空";
			}

			return null;
			}

			/**
			* 验证登录用户密码
			*/
			public String validateLoginPwd(UserEntity entity) {
			try {
			String str = validateUserEntity(entity);
			if (str != null) {
			return str;
			}

			// 解密
			String uid = RsaHelper.decrypt(entity.getUid());
			String pwd = RsaHelper.decrypt(entity.getPwd());
			if (!StringHelper.checkPwdValid(pwd)) {

			entity.setUid(uid);
			entity.setPwd(pwd);

			if (tokenService.isUidDisable(entity)) {
			return "用户ID已禁用";
			}

			return null;
			} catch (Exception ex) {
			log.error(ex.getMessage(), ex);
			return "解密失败";
			}
			}

			/**
			* 验证新用户密码
			*/
			@SuppressWarnings("AlibabaRemoveCommentedCode")
			public String validateNewPwd(UserEntity entity) {
			try {
			String str = validateUserEntity(entity);
			if (str != null) {
			return str;
			}

			// 解密
			String uid = RsaHelper.decrypt(entity.getUid());
			/*String pwd = RsaHelper.decrypt(entity.getPwd());
			if (!StringHelper.isPwdValid(pwd)) {
			return "密码不符合要求";
			}

			String newPwd = Md5Helper.reverse(Md5Helper.generate(pwd));
			entity.setPwd(newPwd);
			entity.setPwd(newPwd);*/
			entity.setUid(uid);

			return null;
			} catch (Exception ex) {
			return "密码解密失败";
			log.error(ex.getMessage(), ex);
			return "解密失败";
			}
			}

			@@ -137,36 +212,40 @@
			* 验证老用户密码
			*/
			public String validateOldPwd(UserEntity entity) {
			if (entity == null) {
			return "没有找到用户";
			}
			if (StringHelper.isEmpty(entity.getPwd())) {
			return "用户密码不能为空";
			}

			try {
			String str = validateUserEntity(entity);
			if (str != null) {
			return str;
			}
			if (StringHelper.isEmpty(entity.getSalt())) {
			return "新密码不能为空";
			}

			String uid = RsaHelper.decrypt(entity.getUid());
			String pwd = RsaHelper.decrypt(entity.getPwd());
			String salt = RsaHelper.decrypt(entity.getSalt());

			UserEntity ue = selectUser(entity.getId());
			UserEntity ue = selectByUid(uid);
			if (ue == null) {
			return "没有找到用户";
			}
			if (!Md5Helper.validatePassword(pwd, ue.getPwd())) {
			//
			return "旧密码输入错误";
			tokenService.setPwdErrCache(ue);
			return "旧密码不正确";
			}
			if (!StringHelper.checkPwdValid(salt)) {
			if (StringHelper.isPwdInvalid(salt)) {
			return "密码不符合要求";
			}

			String newPwd = Md5Helper.reverse(Md5Helper.generate(salt));
			entity.setPwd(newPwd);
			entity.setSalt(null);
			entity.setUid(uid);

			return null;
			} catch (Exception ex) {
			return "密码解密失败";
			log.error(ex.getMessage(), ex);
			return "解密失败";
			}
			}

			@@ -184,12 +263,13 @@
			try {
			String pwd = RsaHelper.decrypt(adminPwd);
			if (!Md5Helper.validatePassword(pwd, ue.getPwd())) {
			tokenService.setPwdErrCache(ue);
			return "管理员密码不正确";
			}

			return null;
			} catch (Exception ex) {
			return "密码解密失败";
			return "解密失败";
			}
			}

			@@ -203,7 +283,7 @@

			try {
			String pwd = RsaHelper.decrypt(newPwd);
			if (!StringHelper.checkPwdValid(pwd)) {
			if (StringHelper.isPwdInvalid(pwd)) {
			return "密码不符合要求";
			}

			@@ -212,20 +292,8 @@

			return null;
			} catch (Exception ex) {
			return "密码解密失败";
			log.error(ex.getMessage(), ex);
			return "解密失败";
			}
			}

			/**
			* 设置密码错误缓存
			*
			* @param ue
			*/
			public void setPwdErrCache(UserEntity ue) {
			String key = RedisCacheKey.signPwdError(ue.getUid());
			Object objCount = redisService.get(key);

			int count = objCount == null ? 1 : (int) objCount + 1;
			redisService.put(key, count, SettingData.PWD_ERR_TIME, TimeUnit.MINUTES);
			}
			}