wangpeng
/
integrated_traffic_admin
forked from integrated_whb/integrated_whb_admin
1
0
Fork 0
Code Pull Requests Activity

feat(security): 修改默认密码并增加密码强度验证 

- 将系统默认密码从 '666666' 修改为 'Jtys@123456'
- 新增 PassWordUtil 工具类,用于验证密码强度
- 在用户登录时,增加密码强度验证逻辑
- 修改相关控制器中的默认密码设置
dev
10396 2025-06-25 13:59:24 +08:00
parent 05b3d1d399
commit 30967045c0
5 changed files with 50 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/main/java/com/zcloud/controller/bus/CorpInfoController.java
View File

@ -332,7 +332,7 @@ public class CorpInfoController extends BaseController {
user.put("USERNAME", pd.get("CORP_NAME")); //用户名
user.put("NAME", pd.get("CORP_NAME")); //用户名
user.put("CORPINFO_ID", pd.get("CORPINFO_ID")); //企业ID
user.put("PASSWORD", new SimpleHash("SHA-1", pd.getString("CORP_NAME"), "666666").toString()); //密码加密
user.put("PASSWORD", new SimpleHash("SHA-1", pd.getString("CORP_NAME"), "Jtys@123456").toString()); //密码加密
usersService.updateCornUser(user);
// 如果修改了公司级别,修改该公司下用户角色
@ -1756,7 +1756,7 @@ public class CorpInfoController extends BaseController {
List<PageData> mainUser = usersService.findCorpMain(userPd); //企业的主账号
if (mainUser.size() > 0) {
for (PageData pageData : mainUser) {
String pwd = new SimpleHash("SHA-1", pageData.getString("USERNAME"), "666666").toString();
String pwd = new SimpleHash("SHA-1", pageData.getString("USERNAME"), "Jtys@123456").toString();
PageData updateUser = new PageData();
updateUser.put("PASSWORD", pwd);
updateUser.put("USER_ID", pageData.getString("USER_ID"));
@ -2381,7 +2381,7 @@ public class CorpInfoController extends BaseController {
user.put("ISMAIN", "1"); //是否为主账号
user.put("ISDELETE", "0"); //是否为主账号
user.put("SKIN", "pcoded-navbar navbar-image-3,navbar pcoded-header navbar-expand-lg navbar-light header-dark,"); //用户默认皮肤
user.put("PASSWORD", new SimpleHash("SHA-1", pd.getString("CORP_NAME"), "666666").toString()); //密码加密
user.put("PASSWORD", new SimpleHash("SHA-1", pd.getString("CORP_NAME"), "Jtys@123456").toString()); //密码加密
if (null == usersService.findByUsername(user)) { //判断用户名是否存在
usersService.saveUser(user); //执行保存
// System.out.println(user.getString("PASSWORD"));

3
src/main/java/com/zcloud/controller/system/LoginController.java
View File

@ -3,6 +3,7 @@ package com.zcloud.controller.system;
import java.util.HashMap;
import java.util.Map;
import com.zcloud.util.PassWordUtil;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.DisabledAccountException;
@ -127,6 +128,8 @@ public class LoginController extends BaseController {
map.put("ROLEID", rpd.getString("ROLE_ID"));
map.put("ROLE_NAME", rpd.getString("ROLE_NAME"));
map.put("USERBZ", pd.getString("BZ"));
map.put("passwordType", PassWordUtil.isStringPwd(PASSWORD)); //返回判断的登录密码是否弱密码结果8位以上的字母、数字、符号混合为强密码
User user = new User();
user.setUSER_ID(pd.getString("USER_ID"));
user.setUSERNAME(pd.getString("USERNAME"));

6
src/main/java/com/zcloud/controller/system/UsersController.java
View File

@ -142,7 +142,7 @@ public class UsersController extends BaseController {
PageData pd = new PageData();
pd = this.getPageData();
// PageData user= usersService.listAllUser(pd).get(0);
String pwd = new SimpleHash("SHA-1", pd.getString("USERNAME"), "666666").toString();
String pwd = new SimpleHash("SHA-1", pd.getString("USERNAME"), "Jtys@123456").toString();
PageData updateUser = new PageData();
updateUser.put("PASSWORD", pwd);
updateUser.put("USER_ID", pd.getString("USER_ID"));
@ -503,7 +503,7 @@ public class UsersController extends BaseController {
pd.put("ISDELETE", "0");
pd.put("RIGHTS", "3245474264");
pd.put("SKIN", "pcoded-navbar navbar-image-3,navbar pcoded-header navbar-expand-lg navbar-light header-dark,"); //用户默认皮肤
pd.put("PASSWORD", new SimpleHash("SHA-1", pd.getString("USERNAME"), "666666").toString()); //密码加密
pd.put("PASSWORD", new SimpleHash("SHA-1", pd.getString("USERNAME"), "Jtys@123456").toString()); //密码加密
// pd.put("CORPINFO_ID",Jurisdiction.getCORPINFO_ID());
if(null == usersService.findByUsername(pd)){ //判断用户名是否存在
if(!Tools.isEmpty(Jurisdiction.getAGENCY_MANAGEMENT_ID())){
@ -1023,7 +1023,7 @@ public class UsersController extends BaseController {
PageData user = new PageData();
user.put("USER_ID", this.get32UUID());
user.put("USERNAME", userName);
user.put("PASSWORD", new SimpleHash("SHA-1", userName, "666666").toString());
user.put("PASSWORD", new SimpleHash("SHA-1", userName, "Jtys@123456").toString());
user.put("NAME", NAME);
user.put("ROLE_ID", yonghujuese.get("ROLE_ID"));
user.put("LAST_LOGIN", "");

2
src/main/java/com/zcloud/util/Const.java
View File

@ -22,7 +22,7 @@ public class Const {
public static final String SESSION_RNUMBERS = "RNUMBERS"; //角色编码数组
public static final String SESSION_ALLMENU = "SESSION_ALLMENU"; //全部菜单
public static final String SKIN = "SKIN"; //用户皮肤
public static final String DEFAULT_PASSWORD = "666666"; //默认密码
public static final String DEFAULT_PASSWORD = "Jtys@123456"; //默认密码
public static final String SYSSET = "config/sysSet.ini"; //系统设置配置文件路径
public static final String SYSNAME = "sysName"; //系统名称

40
src/main/java/com/zcloud/util/PassWordUtil.java Normal file
View File

@ -0,0 +1,40 @@
package com.zcloud.util;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
/**
*
* @author Administrator
*
*/
public class PassWordUtil {
public static String isStringPwd(String password) {
if (password.length() < 8) {
return "0";
}
Map<String, String> map = new HashMap<String, String>();
for (int i = 0; i < password.length(); i++) {
int A = password.charAt(i);
if (A >= 48 && A <= 57) {// 数字
map.put("数字", "数字");
} else if (A >= 65 && A <= 90) {// 大写
map.put("大写", "大写");
} else if (A >= 97 && A <= 122) {// 小写
map.put("小写", "小写");
} else {
map.put("特殊", "特殊");
}
}
Set<String> sets = map.keySet();
int pwdSize = sets.size();// 密码字符种类数
int pwdLength = password.length();// 密码长度
if (pwdSize >= 4 && pwdLength >= 8) {
return "1";// 强密码
} else {
return "0";// 弱密码
}
}
}