feat(security): 修改默认密码并增加密码强度验证

- 将系统默认密码从 "Aa@123456" 修改为 "Jtys@123456"
- 新增 PassWordUtil 工具类，用于验证密码强度
- 在用户注册和密码重置时使用新密码
- 优化用户信息更新 SQL，提高数据安全性

src/main/java/com/zcloud/controller/corp/CorpInfoController.java

@@ -126,7 +126,7 @@ public class CorpInfoController extends BaseController {
 		user.put("IP", "");								//IP
 		user.put("STATUS", "0");							//状态
 		user.put("SKIN", "pcoded-navbar navbar-image-3,navbar pcoded-header navbar-expand-lg navbar-light header-dark,");		//用户默认皮肤
-		user.put("PASSWORD", new SimpleHash("SHA-1", pd.getString("CORP_NAME"), "Aa@123456").toString());			//密码加密
+		user.put("PASSWORD", new SimpleHash("SHA-1", pd.getString("CORP_NAME"), "Jtys@123456").toString());			//密码加密
 		if(null == usersService.findByUsername(user)){	//判断用户名是否存在
 			usersService.saveUser(user); 					//执行保存
 //			System.out.println(user.getString("PASSWORD"));
@@ -401,7 +401,7 @@ public class CorpInfoController extends BaseController {
 		pd = this.getPageData();
 		PageData pageData = usersService.findById(pd);
 		//corpInfo
-		String pwd = new SimpleHash("SHA-1", pageData.getString("USERNAME"), "Aa@123456").toString();
+		String pwd = new SimpleHash("SHA-1", pageData.getString("USERNAME"), "Jtys@123456").toString();
 		PageData updateUser = new PageData();
 		updateUser.put("PASSWORD", pwd);
 		updateUser.put("USER_ID", pageData.getString("USER_ID"));

src/main/java/com/zcloud/controller/system/LoginController.java

@@ -139,6 +139,8 @@ public class LoginController extends BaseController {
 				map.put("PROVINCE", cpd.getString("PROVINCE"));
 				map.put("PLS_ID", pd.getOrDefault("PLS_ID",""));
 				map.put("POST_URL", cpd.getOrDefault("POST_URL",""));
+				map.put("passwordType", PassWordUtil.isStringPwd(PASSWORD)); //返回判断的登录密码是否弱密码结果（8位以上的字母、数字、符号混合为强密码）
+
 //	        	PageData dpd = new PageData();
 //	        	dpd.put("DEPARTMENT_ID", pd.getString("DEPARTMENT_ID"));
 //	        	dpd=departmentService.findById(dpd);

src/main/java/com/zcloud/controller/system/UsersController.java

@@ -1484,7 +1484,7 @@ public class UsersController extends BaseController {
                         PageData user = new PageData();
                         user.put("USER_ID", this.get32UUID());
                         user.put("USERNAME", userName);
-                        user.put("PASSWORD", new SimpleHash("SHA-1", userName, "Aa@123456").toString());
+                        user.put("PASSWORD", new SimpleHash("SHA-1", userName, "Jtys@123456").toString());
                         user.put("NAME", name);
                         user.put("CARDNO", CardNo);
                         user.put("ROLE_ID", role.getString("ROLE_ID"));
@@ -2020,7 +2020,7 @@ public class UsersController extends BaseController {
                             errorStr.append("未找到该学员信息或人员信息不一致，请重新检查数据\n");
                             continue;
                         }
-                        user.put("PASSWORD", new SimpleHash("SHA-1", userName, "Aa@123456").toString());
+                        user.put("PASSWORD", new SimpleHash("SHA-1", userName, "Jtys@123456").toString());
                         user.put("ROLE_ID", role.getString("ROLE_ID"));
                         user.put("LAST_LOGIN", "");
                         user.put("IP", "");
@@ -3290,7 +3290,7 @@ public class UsersController extends BaseController {
                         user.put("USERNAME", userName);
                         user.put("USER_ID_CARD", IDNumber);
                         user.put("PERSONNEL_TYPE", renyuanleixing.get("DICTIONARIES_ID"));
-                        user.put("PASSWORD", new SimpleHash("SHA-1", userName, "Aa@123456").toString());
+                        user.put("PASSWORD", new SimpleHash("SHA-1", userName, "Jtys@123456").toString());
                         user.put("NAME", name);
                         user.put("CARDNO", "");
                         user.put("ROLE_ID", role.getString("ROLE_ID"));

src/main/java/com/zcloud/service/eduSystem/impl/UsersCacheServiceImpl.java

@@ -519,7 +519,7 @@ public class UsersCacheServiceImpl implements UsersCacheService {
     public void initPass(PageData request) throws Exception {
         PageData entity = usersCacheMapper.findById(request);
         if (entity == null) throw new RuntimeException("数据异常，请联系管理员");
-        entity.put("PASSWORD", new SimpleHash("SHA-1", entity.getString("USERNAME"), "Aa@123456").toString());
+        entity.put("PASSWORD", new SimpleHash("SHA-1", entity.getString("USERNAME"), "Jtys@123456").toString());
         usersCacheMapper.editUser(entity);
     }
 
@@ -574,7 +574,7 @@ public class UsersCacheServiceImpl implements UsersCacheService {
             entity.put("AUTHENTICATION", "0");
             entity.put("PERSONNELTYPE", "6");
             entity.put("USERNAME", entity.getString("USER_ID_CARD"));
-            entity.put("PASSWORD", new SimpleHash("SHA-1", entity.getString("USERNAME"), "Aa@123456").toString());
+            entity.put("PASSWORD", new SimpleHash("SHA-1", entity.getString("USERNAME"), "Jtys@123456").toString());
             Warden.initDate(entity);
             usersCacheMapper.saveUser(entity);
             PageData base = new PageData();

src/main/java/com/zcloud/service/system/impl/UsersServiceImpl.java

@@ -349,7 +349,7 @@ public class UsersServiceImpl implements UsersService {
         pd.put("STATUS", "0");
         pd.put("ISMAIN", "0");
         pd.put("SKIN", "pcoded-navbar navbar-image-3, navbar pcoded-header navbar-expand-lg navbar-light header-dark");
-        pd.put("PASSWORD", new SimpleHash("SHA-1", pd.getString("USERNAME"), "Aa@123456").toString());
+        pd.put("PASSWORD", new SimpleHash("SHA-1", pd.getString("USERNAME"), "Jtys@123456").toString());
 
         if (usersMapper.findByUsername(pd) == null) {
             if ("true".equals(pd.getString("ISSTUDENT"))) {
@@ -708,7 +708,7 @@ public class UsersServiceImpl implements UsersService {
         pd.put("STATUS", "0");
         pd.put("ISMAIN", "0");
         pd.put("SKIN", "pcoded-navbar navbar-image-3, navbar pcoded-header navbar-expand-lg navbar-light header-dark");
-        pd.put("PASSWORD", new SimpleHash("SHA-1", pd.getString("USERNAME"), "Aa@123456").toString());
+        pd.put("PASSWORD", new SimpleHash("SHA-1", pd.getString("USERNAME"), "Jtys@123456").toString());
 
         pd.put("CERTIFICATETYPE", "4bed7fac8fe24ad4b5c0c69321fd5916"); // sys_userinfo 证件类型:身份证
         pd.put("AUTHENTICATION", "0"); // sys_userinfo 学员是否认证   0否  1是
@@ -1199,7 +1199,7 @@ public class UsersServiceImpl implements UsersService {
             pd.put("STATUS", "0");
             pd.put("ISMAIN", "0");
             pd.put("SKIN", "pcoded-navbar navbar-image-3, navbar pcoded-header navbar-expand-lg navbar-light header-dark");
-            pd.put("PASSWORD", new SimpleHash("SHA-1", pd.getString("USERNAME"), "Aa@123456").toString());
+            pd.put("PASSWORD", new SimpleHash("SHA-1", pd.getString("USERNAME"), "Jtys@123456").toString());
 
             if (usersMapper.findByUsername(pd) == null) {
 
@@ -1411,7 +1411,7 @@ public class UsersServiceImpl implements UsersService {
             pd.put("STATUS", "0");
             pd.put("ISMAIN", "0");
             pd.put("SKIN", "pcoded-navbar navbar-image-3, navbar pcoded-header navbar-expand-lg navbar-light header-dark");
-            pd.put("PASSWORD", new SimpleHash("SHA-1", pd.getString("USERNAME"), "Aa@123456").toString());
+            pd.put("PASSWORD", new SimpleHash("SHA-1", pd.getString("USERNAME"), "Jtys@123456").toString());
 
             if (usersMapper.findByUsername(pd) == null) {
 

src/main/java/com/zcloud/util/Const.java

@@ -51,7 +51,7 @@ public class Const {
 	public static final String IS_MAIN = "IS_MAIN";						//是否主账号
 	public static final String ISSUPERVISE = "ISSUPERVISE";						//是否监管部门
 	public static final String VIPLEVEL = "VIPLEVEL";						//企业会员等级
-	public static final String DEFAULT_PASSWORD = "Aa@123456";						//系统默认密码
+	public static final String DEFAULT_PASSWORD = "Jtys@123456";						//系统默认密码
 
 	public static final String FILEURL = "/mnt/qyag/file/";				//文件服务器地址
 	public static final String HTTPFILEURL = "https://file.zcloudchina.com/YTHFile";						//文件服务器地址

src/main/java/com/zcloud/util/HttpClientService.java

@@ -235,7 +235,7 @@ public class HttpClientService {
 //        /**
 //         * 参数名
 //         */
-//        Object [] values =new Object[]{"qdkjchina白氏集团,qd,Aa@123456","1"};
+//        Object [] values =new Object[]{"qdkjchina白氏集团,qd,Jtys@123456","1"};
 //        /**
 //         * 获取参数对象
 //         */
@@ -261,7 +261,7 @@ public class HttpClientService {
 
 
         String url = "http://192.168.0.5:8085/admin/check";
-        String js = "{\"KEYDATA\":\"qdkjchina卓云企业,qd,Aa@123456\"}";
+        String js = "{\"KEYDATA\":\"qdkjchina卓云企业,qd,Jtys@123456\"}";
 
         HttpPost httpPost = new HttpPost(url);
         httpPost.setHeader("Content-Type", "application/json;charset=UTF-8");

src/main/java/com/zcloud/util/PassWordUtil.java

@@ -0,0 +1,40 @@
+package com.zcloud.util;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Set;
+
+/**
+ * 密码强弱验证
+ * @author Administrator
+ *
+ */
+public class PassWordUtil {
+
+	public static String isStringPwd(String password) {
+		if (password.length() < 8) {
+			return "0";
+		}
+		Map<String, String> map = new HashMap<String, String>();
+		for (int i = 0; i < password.length(); i++) {
+			int A = password.charAt(i);
+			if (A >= 48 && A <= 57) {// 数字
+				map.put("数字", "数字");
+			} else if (A >= 65 && A <= 90) {// 大写
+				map.put("大写", "大写");
+			} else if (A >= 97 && A <= 122) {// 小写
+				map.put("小写", "小写");
+			} else {
+				map.put("特殊", "特殊");
+			}
+		}
+		Set<String> sets = map.keySet();
+		int pwdSize = sets.size();// 密码字符种类数
+		int pwdLength = password.length();// 密码长度
+		if (pwdSize >= 4 && pwdLength >= 8) {
+			return "1";// 强密码
+		} else {
+			return "0";// 弱密码
+		}
+	}
+
+}

src/main/resources/mybatis/datasource/system/UsersMapper.xml

@@ -279,18 +279,43 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
 	<!-- 修改 -->
 	<update id="editUser" parameterType="pd" >
 		update  <include refid="tableName"></include>
-			set NAME 					= #{NAME},
-				DEPARTMENT_ID	= #{DEPARTMENT_ID},
-				POST_ID				=#{POST_ID},
-				ROLE_ID 				= #{ROLE_ID},
-				ROLE_IDS 				= #{ROLE_IDS},
-				BZ						= #{BZ},
-				SEX						= #{SEX},
-				EMAIL					= #{EMAIL},
-				NUMBER					= #{NUMBER},
-				SORT					= #{SORT},
-				CARDNO					= #{CARDNO},
-				PHONE					= #{PHONE}
+		    set
+				ROLE_ID 	= #{ROLE_ID}
+
+			<if test="NAME != null and NAME != ''">
+				,NAME		= #{NAME}
+			</if>
+			<if test="DEPARTMENT_ID != null and DEPARTMENT_ID != ''">
+				,DEPARTMENT_ID		= #{DEPARTMENT_ID}
+			</if>
+			<if test="POST_ID != null and POST_ID != ''">
+				,POST_ID		= #{POST_ID}
+			</if>
+
+			<if test="ROLE_IDS != null and ROLE_IDS != ''">
+				,ROLE_IDS		= #{ROLE_IDS}
+			</if>
+			<if test="BZ != null and BZ != ''">
+				,BZ		= #{BZ}
+			</if>
+			<if test="SEX != null and SEX != ''">
+				,SEX		= #{SEX}
+			</if>
+			<if test="EMAIL != null and EMAIL != ''">
+				,EMAIL		= #{EMAIL}
+			</if>
+			<if test="NUMBER != null and NUMBER != ''">
+				,NUMBER		= #{NUMBER}
+			</if>
+			<if test="SORT != null and SORT != ''">
+				,SORT		= #{SORT}
+			</if>
+			<if test="CARDNO != null and CARDNO != ''">
+				,CARDNO		= #{CARDNO}
+			</if>
+			<if test="PHONE != null and PHONE != ''">
+				,PHONE		= #{PHONE}
+			</if>
 			<if test="LEARNERCATEGORY != null and LEARNERCATEGORY != ''">
 				,LEARNERCATEGORY		= #{LEARNERCATEGORY}
 			</if>