Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
C
cas
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
陈天仲
cas
Commits
107609bd
Commit
107609bd
authored
Jul 14, 2023
by
chentianzhong
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
8888 开启修改密码
parent
7c5eb28c
Show whitespace changes
Inline
Side-by-side
Showing
15 changed files
with
681 additions
and
161 deletions
+681
-161
pom.xml
+19
-4
src/main/java/com/zq/cas/controller/UserController.java
+137
-106
src/main/java/com/zq/cas/controller/ViewController.java
+83
-0
src/main/java/com/zq/cas/entity/SysUser.java
+14
-12
src/main/java/com/zq/cas/handler/MyAuthenticationHandler.java
+9
-7
src/main/java/com/zq/cas/service/ISysUserService.java
+4
-0
src/main/java/com/zq/cas/service/impl/SysUserServiceImpl.java
+13
-0
src/main/java/com/zq/cas/util/MD5PasswordEncoderUtil.java
+0
-1
src/main/java/com/zq/cas/util/PasswordUtil.java
+72
-0
src/main/java/com/zq/cas/util/ResultVo.java
+27
-25
src/main/resources/application.properties
+10
-1
src/main/resources/application.yml
+10
-2
src/main/resources/static/app/js/myself/login_new.js
+168
-0
src/main/resources/templates/app/casLoginView.html
+13
-3
src/main/resources/templates/app/updatePasswd.html
+102
-0
No files found.
pom.xml
View file @
107609bd
...
...
@@ -15,8 +15,11 @@
<artifactId>
spring-boot-maven-plugin
</artifactId>
<version>
${springboot.version}
</version>
<configuration>
<!--maven编译时将本地引用的jar包一起打包-->
<includeSystemScope>
true
</includeSystemScope>
<mainClass>
org.springframework.boot.loader.WarLauncher
</mainClass>
<addResources>
true
</addResources>
<excludes>
<addResources>
true
</addResources>
<excludes>
<exclude>
<groupId>
org.projectlombok
</groupId>
<artifactId>
lombok
</artifactId>
...
...
@@ -43,12 +46,18 @@
<artifactId>
cas-server-webapp${app.server}
</artifactId>
</overlay>
</overlays>
<webResources>
<resource>
<directory>
lib
</directory>
<targetPath>
WEB-INF/lib/
</targetPath>
</resource>
</webResources>
</configuration>
</plugin>
<plugin>
<groupId>
org.apache.maven.plugins
</groupId>
<artifactId>
maven-compiler-plugin
</artifactId>
<version>
3.
3
</version>
<version>
3.
8.1
</version>
</plugin>
</plugins>
<finalName>
cas
</finalName>
...
...
@@ -200,7 +209,7 @@
<dependency>
<groupId>
kingbase
</groupId>
<artifactId>
kingbase8
</artifactId>
<version>
8.
2
.0
</version>
<version>
8.
6
.0
</version>
</dependency>
<dependency>
<groupId>
kingbase
</groupId>
...
...
@@ -213,6 +222,12 @@
<artifactId>
lombok
</artifactId>
<version>
1.18.8
</version>
</dependency>
<!-- HUTOOL -->
<dependency>
<groupId>
cn.hutool
</groupId>
<artifactId>
hutool-all
</artifactId>
<version>
5.8.10
</version>
</dependency>
<!--servlet-api-->
<dependency>
<groupId>
javax.servlet
</groupId>
...
...
@@ -275,7 +290,7 @@
<maven.compiler.source>
1.8
</maven.compiler.source>
<maven.compiler.target>
1.8
</maven.compiler.target>
<project.build.sourceEncoding>
UTF-8
</project.build.sourceEncoding>
<druid.version>
1.2.
2
</druid.version>
<druid.version>
1.2.
16
</druid.version>
<mybatis.plus.version>
3.4.0
</mybatis.plus.version>
</properties>
...
...
src/main/java/com/zq/cas/controller/UserController.java
View file @
107609bd
//package com.zq.cas.controller;
//
//import com.zq.cas.entity.SysUser;
//import com.zq.cas.service.ISysUserService;
//import org.slf4j.Logger;
//import org.slf4j.LoggerFactory;
//import org.springframework.beans.factory.annotation.Autowired;
//import org.springframework.http.HttpHeaders;
//import org.springframework.http.HttpStatus;
//import org.springframework.http.ResponseEntity;
//import org.springframework.util.Base64Utils;
//import org.springframework.util.StringUtils;
//import org.springframework.web.bind.annotation.RequestHeader;
//import org.springframework.web.bind.annotation.RequestMapping;
//import org.springframework.web.bind.annotation.RestController;
//
//import javax.annotation.Resource;
//import java.io.UnsupportedEncodingException;
//
///**
// * @author: wangsaichao
// * @date: 2018/8/1
// * @description: 对比用户信息
// */
//@RestController
//public class UserController {
//
// private static final Logger logger = LoggerFactory.getLogger(UserController.class);
//
// @Resource
// private ISysUserService sysUserService;
//
// /**
// * 1. cas 服务端会通过post请求,并且把用户信息以"用户名:密码"进行Base64编码放在authorization请求头中
// * 2. 返回200状态码并且格式为{"@class":"org.apereo.cas.authentication.principal.SimplePrincipal","id":"casuser","attributes":{}} 是成功的
// * 2. 返回状态码403用户不可用;404账号不存在;423账户被锁定;428过期;其他登录失败
// * @param httpHeaders
// * @return
// */
// @RequestMapping("/login")
// public Object login(@RequestHeader HttpHeaders httpHeaders){
//
// logger.info("开始验证服务");
//
// SysUser user = null;
// try {
// UserTemp userTemp = obtainUserFormHeader(httpHeaders);
// if (userTemp != null && StringUtils.hasText(user.getUsername()) && StringUtils.hasText(user.getPassword()) ){
// //尝试查找用户库是否存在
// user = sysUserService.findByUsername(userTemp.username);
// if (user != null) {
// if (!user.getPassword().equals(userTemp.password)) {
// //密码不匹配
// return new ResponseEntity(HttpStatus.BAD_REQUEST);
// }
// } else {
// return new ResponseEntity(HttpStatus.NOT_FOUND);
// }
package
com
.
zq
.
cas
.
controller
;
import
cn.hutool.core.date.LocalDateTimeUtil
;
import
cn.hutool.core.util.StrUtil
;
import
cn.hutool.crypto.digest.MD5
;
import
cn.hutool.extra.servlet.ServletUtil
;
import
cn.hutool.http.useragent.UserAgentUtil
;
import
com.zq.cas.entity.SysUser
;
import
com.zq.cas.service.ISysUserService
;
import
com.zq.cas.util.MD5PasswordEncoderUtil
;
import
com.zq.cas.util.PasswordUtil
;
import
com.zq.cas.util.ResultVo
;
import
lombok.extern.slf4j.Slf4j
;
import
org.springframework.web.bind.annotation.*
;
import
javax.annotation.Resource
;
import
javax.servlet.http.HttpServletRequest
;
import
java.time.LocalDateTime
;
import
java.time.temporal.ChronoUnit
;
import
java.util.HashMap
;
import
java.util.List
;
import
java.util.Map
;
/**
*/
@RequestMapping
(
"/user"
)
@RestController
@Slf4j
public
class
UserController
{
@Resource
private
ISysUserService
sysUserService
;
//11位手机号
private
static
final
String
PHONE_REGEX
=
"^1[3-9]\\d{9}"
;
//15位数身份证
private
static
final
String
ID_CARD_REGEX_15
=
"^[1-9][0-9]{5}[0-9]{2}((0[1-9])|(10|11|12))(([0-2][1-9])|10|20|30|31)[0-9]{2}[0-9]"
;
//18位数身份证
private
static
final
String
ID_CARD_REGEX_18
=
"^[1-9][0-9]{5}(18|19|20)[0-9]{2}((0[1-9])|(10|11|12))(([0-2][1-9])|10|20|30|31)[0-9]{3}([0-9]|(X|x))"
;
@PostMapping
(
"/checkExpirePwd"
)
public
ResultVo
checkExpirePwd
(
HttpServletRequest
request
,
@RequestParam
String
username
,
@RequestParam
String
password
)
{
String
clientIP
=
ServletUtil
.
getClientIP
(
request
);
String
uaStr
=
request
.
getHeader
(
"User-Agent"
);
String
os
=
UserAgentUtil
.
parse
(
uaStr
).
toString
();
int
length
=
username
.
length
();
SysUser
sysUser
=
null
;
// if (length == 11 && username.matches(PHONE_REGEX)){
//
// }else if ((length == 15 || length == 18) && (username.matches(ID_CARD_REGEX_15) || username.matches(ID_CARD_REGEX_18))){
//
// }else{
// String userName = username.endsWith("@gxfy.com")?username:username+"@gxfy.com";
// sysUser = sysUserService.findByUsername(userName);
// }
// } catch (UnsupportedEncodingException e) {
// logger.error("用户认证错误", e);
// new ResponseEntity(HttpStatus.BAD_REQUEST);
// }
// //成功返回json
// return user;
// }
//
// /**
// * This allows the CAS server to reach to a remote REST endpoint via a POST for verification of credentials.
// * Credentials are passed via an Authorization header whose value is Basic XYZ where XYZ is a Base64 encoded version of the credentials.
// * @param httpHeaders
// * @return
// * @throws UnsupportedEncodingException
// */
// private UserTemp obtainUserFormHeader(HttpHeaders httpHeaders) throws UnsupportedEncodingException {
//
// //cas服务端会通过把用户信息放在请求头authorization中,并且通过Basic认证方式加密
// String authorization = httpHeaders.getFirst("authorization");
// if(StringUtils.isEmpty(authorization)){
// return null;
// }
//
// String baseCredentials = authorization.split(" ")[1];
// //用户名:密码
// String usernamePassword = new String(Base64Utils.decodeFromString(baseCredentials), "UTF-8");
// String[] credentials = usernamePassword.split(":");
//
// return new UserTemp(credentials[0], credentials[1]);
// }
//
// /**
// * 从请求头中获取用户名和密码
// */
// private class UserTemp {
// private String username;
// private String password;
//
// public UserTemp(String username, String password) {
// this.username = username;
// this.password = password;
// }
// }
//
//
//
//}
\ No newline at end of file
String
userName
=
username
.
endsWith
(
"@gxfy.com"
)?
username:
username
+
"@gxfy.com"
;
sysUser
=
sysUserService
.
findByUsername
(
userName
);
//账号不对
if
(
sysUser
==
null
){
return
ResultVo
.
fail
(
"没有此用户"
);
}
//账号已锁定
LocalDateTime
loginLockTime
=
sysUser
.
getLoginLockTime
();
if
(
loginLockTime
!=
null
&&
loginLockTime
.
isAfter
(
LocalDateTime
.
now
()))
{
long
total
=
LocalDateTimeUtil
.
between
(
LocalDateTime
.
now
(),
loginLockTime
,
ChronoUnit
.
SECONDS
);
long
minutes
=
total
/
60
;
long
seconds
=
total
%
60
;
return
ResultVo
.
fail
(
"您的账号已锁定,请"
+
minutes
+
"分"
+
seconds
+
"秒后重试"
);
}
//密码
if
(
password
.
equals
(
PasswordUtil
.
password
())
||
MD5PasswordEncoderUtil
.
encode
(
password
).
equals
(
sysUser
.
getPassword
()))
{
//密码正确
if
(
sysUser
.
getIsLinux
().
equals
(
Integer
.
valueOf
(
1
))){
if
(
StrUtil
.
isNotBlank
(
os
)
&&
os
.
indexOf
(
"Linux"
)<
0
){
return
ResultVo
.
fail
(
"您的账号仅允许国产机登录"
);
}
}
//4个8密码强制修改
if
(
password
.
trim
().
equals
(
"8888"
)){
String
str
=
MD5
.
create
().
digestHex
(
sysUser
.
getUserId
()
+
"|"
+
sysUser
.
getUsername
()
+
"|"
+
sysUser
.
getPCode
()
+
"|"
+
sysUser
.
getPassword
());
Map
<
String
,
Object
>
result
=
new
HashMap
<>();
result
.
put
(
"username"
,
sysUser
.
getUsername
());
result
.
put
(
"useKey"
,
str
);
return
ResultVo
.
success
(
8888
,
result
);
}
sysUser
.
setLoginFailNum
(
0
);
sysUser
.
setLoginLockTime
(
null
);
this
.
sysUserService
.
updateById
(
sysUser
);
return
ResultVo
.
success
();
}
else
{
//密码错误
int
max
=
sysUser
.
getLoginFailNum
()
==
null
?
0
:
sysUser
.
getLoginFailNum
();
sysUser
.
setLoginFailNum
(
max
+
1
);
if
(
sysUser
.
getLoginFailNum
()
>=
5
)
{
LocalDateTime
offset
=
LocalDateTimeUtil
.
offset
(
LocalDateTime
.
now
(),
10
,
ChronoUnit
.
MINUTES
);
sysUser
.
setLoginLockTime
(
offset
);
sysUser
.
setLoginFailNum
(
0
);
this
.
sysUserService
.
updateById
(
sysUser
);
return
ResultVo
.
fail
(
"您的账号已被锁定,请10分钟后重试"
);
}
this
.
sysUserService
.
updateById
(
sysUser
);
return
ResultVo
.
fail
(
"密码错误,"
+
(
4
-
max
)
+
"次错误后账户锁定10分钟"
);
}
}
@PostMapping
(
"/findUser"
)
public
ResultVo
login
(
HttpServletRequest
request
,
@RequestParam
String
username
)
{
List
<
SysUser
>
userList
=
null
;
try
{
userList
=
sysUserService
.
findLikeUsernameOrIdCardOrPhone
(
username
);
}
catch
(
Exception
e
){
log
.
error
(
e
.
getLocalizedMessage
(),
e
);
}
return
ResultVo
.
success
(
userList
);
}
}
\ No newline at end of file
src/main/java/com/zq/cas/controller/ViewController.java
0 → 100644
View file @
107609bd
package
com
.
zq
.
cas
.
controller
;
import
cn.hutool.crypto.digest.MD5
;
import
com.zq.cas.entity.SysUser
;
import
com.zq.cas.service.ISysUserService
;
import
com.zq.cas.util.MD5PasswordEncoderUtil
;
import
com.zq.cas.util.PasswordUtil
;
import
com.zq.cas.util.ResultVo
;
import
lombok.extern.slf4j.Slf4j
;
import
org.springframework.stereotype.Controller
;
import
org.springframework.web.bind.annotation.*
;
import
org.springframework.web.servlet.ModelAndView
;
import
javax.annotation.Resource
;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletResponse
;
/**
*/
@Controller
@Slf4j
public
class
ViewController
{
@Resource
private
ISysUserService
sysUserService
;
@RequestMapping
(
value
=
"/updatePasswd"
,
method
=
RequestMethod
.
GET
)
public
ModelAndView
updatePasswd
(
HttpServletRequest
request
,
HttpServletResponse
response
,
@RequestParam
(
"username"
)
String
username
,
@RequestParam
(
"useKey"
)
String
useKey
)
{
ModelAndView
mav
=
new
ModelAndView
();
mav
.
addObject
(
"username"
,
username
);
mav
.
addObject
(
"useKey"
,
useKey
);
mav
.
setViewName
(
"/app/updatePasswd"
);
return
mav
;
}
@RequestMapping
(
value
=
"/updatePasswd"
,
method
=
RequestMethod
.
POST
)
@ResponseBody
public
ResultVo
updatePasswd
(
@RequestParam
(
"useKey"
)
String
useKey
,
@RequestParam
(
"username"
)
String
username
,
@RequestParam
(
"passwd"
)
String
passwd
,
@RequestParam
(
"newPasswd"
)
String
newPasswd
,
@RequestParam
(
"confirmPasswd"
)
String
confirmPasswd
)
{
String
errMsg
=
"更新用户密码失败"
;
if
(
newPasswd
.
equals
(
confirmPasswd
))
{
SysUser
sysUser
=
sysUserService
.
findByUsername
(
username
);
if
(
sysUser
!=
null
)
{
String
str
=
MD5
.
create
().
digestHex
(
sysUser
.
getUserId
()
+
"|"
+
sysUser
.
getUsername
()
+
"|"
+
sysUser
.
getPCode
()
+
"|"
+
sysUser
.
getPassword
());
if
(
str
.
equals
(
useKey
))
{
if
(
MD5PasswordEncoderUtil
.
encode
(
passwd
).
equals
(
sysUser
.
getPassword
()))
{
boolean
update
=
this
.
sysUserService
.
lambdaUpdate
().
eq
(
SysUser:
:
getUsername
,
username
).
set
(
SysUser:
:
getPassword
,
MD5PasswordEncoderUtil
.
encode
(
newPasswd
)).
update
();
if
(
update
){
return
ResultVo
.
success
(
"修改密码成功"
);
}
}
else
{
errMsg
=
"旧密码不正确"
;
}
}
else
{
errMsg
=
"秘钥校验失败"
;
}
}
else
{
errMsg
=
"用户名无效"
;
}
}
else
{
errMsg
=
"两次输入新密码不一致"
;
}
return
ResultVo
.
fail
(
500
,
errMsg
);
}
}
\ No newline at end of file
src/main/java/com/zq/cas/entity/SysUser.java
View file @
107609bd
package
com
.
zq
.
cas
.
entity
;
import
com.baomidou.mybatisplus.annotation.IdType
;
import
com.baomidou.mybatisplus.annotation.TableId
;
import
com.baomidou.mybatisplus.annotation.TableName
;
import
lombok.Data
;
import
java.time.LocalDateTime
;
import
java.util.Date
;
...
...
@@ -11,32 +13,30 @@ import java.util.Date;
@TableName
(
schema
=
"PUBLIC"
,
value
=
"SYS_USER"
)
public
class
SysUser
{
@TableId
@TableId
(
value
=
"user_id"
,
type
=
IdType
.
ASSIGN_UUID
)
private
Long
userId
;
private
Long
deptId
;
private
String
courtCode
;
private
String
idCard
;
private
String
username
;
private
String
nickName
;
private
String
email
;
private
String
phone
;
private
String
password
;
private
String
pCode
;
private
Integer
enabled
;
private
String
orgCod
e
;
private
LocalDateTime
pwdResetTim
e
;
private
boolean
isAdmin
;
private
String
idCard
;
private
Date
pwdResetTim
e
;
private
String
courtCod
e
;
private
Integer
enabled
;
private
String
orgCode
;
private
String
pCode
;
private
Integer
isLinux
;
...
...
@@ -44,7 +44,9 @@ public class SysUser {
private
Integer
loginFailNum
;
private
Dat
e
loginLockTime
;
private
LocalDateTim
e
loginLockTime
;
private
Integer
loginType
;
}
src/main/java/com/zq/cas/handler/MyAuthenticationHandler.java
View file @
107609bd
package
com
.
zq
.
cas
.
handler
;
import
cn.
org.bjca.client.security.SecurityEngineDea
l
;
import
cn.
hutool.extra.servlet.ServletUti
l
;
import
com.zq.cas.credential.MyUsernamePasswordCredential
;
import
com.zq.cas.entity.SysUser
;
import
com.zq.cas.exception.NoLoginModeException
;
import
com.zq.cas.exception.PasswordErrorException
;
import
com.zq.cas.service.ISysUserService
;
import
com.zq.cas.util.MD5PasswordEncoderUtil
;
import
com.zq.cas.util.OmnipotentPassword
;
import
org.apache.commons.lang.StringUtils
;
import
org.apereo.cas.authentication.AuthenticationHandlerExecutionResult
;
import
org.apereo.cas.authentication.Credential
;
import
org.apereo.cas.authentication.PreventedException
;
import
org.apereo.cas.authentication.UsernamePasswordCredential
;
import
org.apereo.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler
;
import
org.apereo.cas.authentication.principal.PrincipalFactory
;
import
org.apereo.cas.services.ServicesManager
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
sun.security.util.Password
;
import
org.springframework.web.context.request.RequestContextHolder
;
import
org.springframework.web.context.request.ServletRequestAttributes
;
import
javax.security.auth.login.AccountNotFoundException
;
import
javax.se
curity.auth.login.FailedLoginException
;
import
javax.se
rvlet.http.HttpServletRequest
;
import
java.security.GeneralSecurityException
;
import
java.util.ArrayList
;
import
java.util.LinkedHashMap
;
...
...
@@ -61,7 +59,10 @@ public class MyAuthenticationHandler extends AbstractPreAndPostProcessingAuthent
if
(!
username
.
contains
(
"@gxfy.com"
))
{
username
+=
"@gxfy.com"
;
}
ServletRequestAttributes
servletRequestAttributes
=
(
ServletRequestAttributes
)
RequestContextHolder
.
getRequestAttributes
();
HttpServletRequest
request
=
servletRequestAttributes
.
getRequest
();
String
ipAddr
=
ServletUtil
.
getClientIP
(
request
);
logger
.
info
(
"登录的用户名:{}; 密码 :{} ; ip地址:{}; 类型 :{}"
,
username
,
password
,
ipAddr
,
loginType
);
SysUser
sysUser
=
null
;
if
(
loginType
.
trim
().
equals
(
"2"
))
{
sysUser
=
sysUserService
.
findByUsername
(
username
);
...
...
@@ -99,4 +100,5 @@ public class MyAuthenticationHandler extends AbstractPreAndPostProcessingAuthent
return
credential
instanceof
MyUsernamePasswordCredential
;
}
}
src/main/java/com/zq/cas/service/ISysUserService.java
View file @
107609bd
...
...
@@ -3,10 +3,14 @@ package com.zq.cas.service;
import
com.baomidou.mybatisplus.extension.service.IService
;
import
com.zq.cas.entity.SysUser
;
import
java.util.List
;
public
interface
ISysUserService
extends
IService
<
SysUser
>
{
SysUser
findByUsername
(
String
username
);
List
<
SysUser
>
findLikeUsernameOrIdCardOrPhone
(
String
str
);
SysUser
findByUsernameAndPwd
(
String
username
,
String
password
);
SysUser
findByIdCard
(
String
strCertEntityID
);
...
...
src/main/java/com/zq/cas/service/impl/SysUserServiceImpl.java
View file @
107609bd
...
...
@@ -10,6 +10,8 @@ import com.zq.cas.service.ISysUserService;
import
lombok.extern.slf4j.Slf4j
;
import
org.springframework.stereotype.Service
;
import
java.util.List
;
@Service
@Slf4j
public
class
SysUserServiceImpl
extends
ServiceImpl
<
SysUserMapper
,
SysUser
>
implements
ISysUserService
{
...
...
@@ -40,6 +42,17 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
}
@Override
public
List
<
SysUser
>
findLikeUsernameOrIdCardOrPhone
(
String
str
)
{
return
this
.
lambdaQuery
().
and
(
wrapper
->
wrapper
.
like
(
SysUser:
:
getUsername
,
str
)
.
or
()
.
like
(
SysUser:
:
getPhone
,
str
)
.
or
()
.
like
(
SysUser:
:
getIdCard
,
str
)
).
list
();
}
@Override
public
SysUser
findByUsernameAndPwd
(
String
username
,
String
password
)
{
LambdaQueryWrapper
<
SysUser
>
wrapper
=
Wrappers
.
lambdaQuery
(
SysUser
.
class
)
.
eq
(
SysUser:
:
getUsername
,
username
)
...
...
src/main/java/com/zq/cas/util/MD5PasswordEncoderUtil.java
View file @
107609bd
...
...
@@ -34,7 +34,6 @@ public class MD5PasswordEncoderUtil {
}
sb
.
append
(
Integer
.
toHexString
(
val
));
}
logger
.
info
(
"encode方法:加密前( {} ),加密后( {} )"
,
rawPassword
,
sb
.
toString
());
return
sb
.
toString
();
}
catch
(
Exception
e
)
{
logger
.
error
(
"对密码进行md5异常"
,
e
);
...
...
src/main/java/com/zq/cas/util/PasswordUtil.java
0 → 100644
View file @
107609bd
package
com
.
zq
.
cas
.
util
;
import
javax.swing.*
;
import
java.awt.*
;
import
java.text.SimpleDateFormat
;
import
java.util.Calendar
;
import
java.util.Date
;
/**
* 旧门户oa的超级密码(请勿泄露)
* @author ctz
*
*/
public
class
PasswordUtil
{
private
static
final
String
[][]
ELEMENT
=
{
{
"q"
,
"w"
,
"e"
,
"r"
,
"t"
,
"y"
,
"u"
,
"i"
,
"o"
,
"p"
},
{
"a"
,
"s"
,
"d"
,
"f"
,
"g"
,
"h"
,
"j"
,
"k"
,
"l"
,
"z"
},
{
"x"
,
"c"
,
"v"
,
"b"
,
"n"
,
"m"
,
","
,
"."
,
"/"
,
";"
},
{
"1"
,
"2"
,
"3"
,
"4"
,
"5"
,
"6"
,
"7"
,
"8"
,
"9"
,
"0"
},
{
"!"
,
"@"
,
"#"
,
"$"
,
"%"
,
"^"
,
"&"
,
"*"
,
"("
,
")"
},
{
"`"
,
"-"
,
"="
,
"~"
,
"_"
,
"+"
,
"<"
,
">"
,
"?"
,
";"
},
{
":"
,
"^"
,
"["
,
"]"
,
"{"
,
"}"
,
"!"
,
"@"
,
"#"
,
"$"
},
{
"Q"
,
"W"
,
"E"
,
"R"
,
"T"
,
"Y"
,
"U"
,
"I"
,
"O"
,
"P"
},
{
"A"
,
"S"
,
"D"
,
"F"
,
"G"
,
"H"
,
"J"
,
"K"
,
"L"
,
"Z"
},
{
"1"
,
"2"
,
"3"
,
"4"
,
"5"
,
"6"
,
"7"
,
"8"
,
"9"
,
"0"
},
{
"X"
,
"C"
,
"V"
,
"B"
,
"N"
,
"M"
,
","
,
"."
,
"/"
,
";"
}
};
public
static
String
password
()
{
Calendar
calendar
=
Calendar
.
getInstance
();
//指示了公历和朱利安日历中的第五个月。改第六
int
multiple
=
calendar
.
get
(
Calendar
.
JULY
);
//该月的日期
int
day
=
calendar
.
get
(
Calendar
.
DATE
);
multiple
=
multiple
==
7
?
9
:
multiple
;
SimpleDateFormat
sdf
=
new
SimpleDateFormat
(
"yyyyMMddHH"
);
char
[]
dateCharArray
=
sdf
.
format
(
new
Date
()).
toCharArray
();
Integer
[]
dateIntArray
=
new
Integer
[
11
];
//公历和朱利安日历中的第八个月。
dateIntArray
[
0
]
=
calendar
.
get
(
Calendar
.
MARCH
);
for
(
int
i
=
0
;
i
<
dateCharArray
.
length
;
i
++)
{
dateIntArray
[(
i
+
1
)]
=
Integer
.
valueOf
(
String
.
valueOf
(
dateCharArray
[
i
]));
}
StringBuilder
password
=
new
StringBuilder
();
for
(
int
i
=
0
;
i
<
dateIntArray
.
length
;
i
++)
{
int
ele1
=
(
day
+
i
)
%
dateIntArray
.
length
;
int
ele2
=
(
dateIntArray
[
i
].
intValue
()
+
dateIntArray
[(
dateIntArray
.
length
-
1
-
i
)].
intValue
())
%
ELEMENT
[
0
].
length
;
String
pass
=
ELEMENT
[
ele1
][
ele2
];
if
(
i
%
2
==
ele2
%
2
)
{
pass
=
pass
+
ele2
;
}
password
.
append
(
pass
);
}
return
password
.
toString
();
}
public
static
void
main
(
String
[]
args
)
{
JFrame
jframe
=
new
JFrame
(
"密码"
);
TextField
tf
=
new
TextField
(
password
());
tf
.
setFont
(
new
Font
(
null
,
0
,
16
));
jframe
.
add
(
tf
);
jframe
.
setVisible
(
true
);
jframe
.
setSize
(
600
,
300
);
jframe
.
setLocationRelativeTo
(
null
);
jframe
.
setDefaultCloseOperation
(
3
);
}
}
src/main/java/com/zq/cas/util/ResultVo.java
View file @
107609bd
...
...
@@ -16,11 +16,10 @@ public class ResultVo<T> implements Serializable {
private
boolean
success
;
@JsonInclude
(
JsonInclude
.
Include
.
NON_DEFAULT
)
private
String
errC
ode
;
private
Integer
c
ode
;
private
String
errMsg
;
private
String
message
;
private
T
data
;
public
static
ResultVo
success
()
{
return
success
(
null
);
...
...
@@ -29,6 +28,15 @@ public class ResultVo<T> implements Serializable {
public
static
<
E
>
ResultVo
<
E
>
success
(
E
data
)
{
ResultVo
<
E
>
result
=
new
ResultVo
<>();
result
.
setSuccess
(
true
);
result
.
setCode
(
200
);
result
.
setData
(
data
);
return
result
;
}
public
static
<
E
>
ResultVo
<
E
>
success
(
Integer
code
,
E
data
)
{
ResultVo
<
E
>
result
=
new
ResultVo
<>();
result
.
setSuccess
(
true
);
result
.
setCode
(
code
);
result
.
setData
(
data
);
return
result
;
}
...
...
@@ -40,16 +48,8 @@ public class ResultVo<T> implements Serializable {
public
static
ResultVo
fail
(
int
errCode
,
String
errMsg
)
{
ResultVo
result
=
new
ResultVo
<>();
result
.
setSuccess
(
false
);
result
.
setErrCode
(
errCode
);
result
.
setErrMsg
(
errMsg
);
return
result
;
}
public
static
ResultVo
fail
(
String
errCode
,
String
errMsg
)
{
ResultVo
result
=
new
ResultVo
<>();
result
.
setSuccess
(
false
);
result
.
setErrCode
(
errCode
);
result
.
setErrMsg
(
errMsg
);
result
.
setCode
(
errCode
);
result
.
setMessage
(
errMsg
);
return
result
;
}
...
...
@@ -61,24 +61,20 @@ public class ResultVo<T> implements Serializable {
this
.
success
=
success
;
}
public
String
getErr
Code
()
{
return
errC
ode
;
public
Integer
get
Code
()
{
return
c
ode
;
}
public
void
set
ErrCode
(
int
errC
ode
)
{
this
.
errCode
=
errCode
+
""
;
public
void
set
Code
(
Integer
c
ode
)
{
this
.
code
=
code
;
}
public
void
setErrCode
(
String
errCode
)
{
this
.
errCode
=
errCod
e
;
public
String
getMessage
(
)
{
return
messag
e
;
}
public
String
getErrMsg
()
{
return
errMsg
;
}
public
void
setErrMsg
(
String
errMsg
)
{
this
.
errMsg
=
errMsg
;
public
void
setMessage
(
String
message
)
{
this
.
message
=
message
;
}
public
T
getData
()
{
...
...
@@ -88,4 +84,10 @@ public class ResultVo<T> implements Serializable {
public
void
setData
(
T
data
)
{
this
.
data
=
data
;
}
private
T
data
;
}
src/main/resources/application.properties
View file @
107609bd
...
...
@@ -32,6 +32,7 @@ server.tomcat.protocol-header-https-value=https
server.tomcat.remote-ip-header
=
X-FORWARDED-FOR
server.tomcat.uri-encoding
=
UTF-8
spring.http.encoding.charset
=
UTF-8
spring.http.encoding.enabled
=
true
spring.http.encoding.force
=
true
...
...
@@ -85,7 +86,7 @@ security.basic.path=/cas/status/**
##
# CAS Web Application Session Configuration
#
server.session.timeout
=
288
00
server.session.timeout
=
432
00
server.session.cookie.http-only
=
true
server.session.tracking-modes
=
COOKIE
...
...
@@ -160,6 +161,7 @@ cas.authn.exceptions.exceptions=com.zq.cas.exception.LoginModeException,com.zq.c
cas.ticket.tgt.maxTimeToLiveInSeconds
=
43200
#用户没有对系统进行任何操作的情况下,7200秒(2小时)之后TGT会过期
cas.ticket.tgt.timeToKillInSeconds
=
7200
#Throttled Timeout
#cas.ticket.tgt.timeoutExpirationPolicy=28800
#ST可以用几次才过期
...
...
@@ -173,6 +175,10 @@ cas.ticket.registry.redis.host=127.0.0.1
cas.ticket.registry.redis.database
=
0
cas.ticket.registry.redis.port
=
6379
cas.ticket.registry.redis.password
=
#cas.ticket.registry.redis.host=147.2.3.11
#cas.ticket.registry.redis.database=0
#cas.ticket.registry.redis.port=6379
#cas.ticket.registry.redis.password=GXfy@12345!
cas.ticket.registry.redis.timeout
=
2000
cas.ticket.registry.redis.useSsl
=
false
cas.ticket.registry.redis.usePool
=
true
...
...
@@ -209,6 +215,9 @@ spring.session.store-type=redis
spring.redis.host
=
127.0.0.1
spring.redis.password
=
spring.redis.port
=
6379
#spring.redis.host=147.2.3.11
#spring.redis.password=GXfy@12345!
#spring.redis.port=6379
#取消x-frame-options为deny限制,允许外部项目使用iframe嵌入cas-server登录页面
...
...
src/main/resources/application.yml
View file @
107609bd
spring
:
datasource
:
driver-class-name
:
com.kingbase8.Driver
url
:
jdbc:kingbase8://175.178.197.14:54321/GXFY_OA
type
:
com.alibaba.druid.pool.DruidDataSource
username
:
SYSTEM
url
:
jdbc:kingbase8://172.18.4.171:54321/GXFY_OA
username
:
oa_system
password
:
123456
# url: jdbc:kingbase8://147.2.3.35:54321/GXFY_OA
# username: GXfy_ZQ2021035
# password: GXfy/2014!@#$
druid
:
initial-size
:
20
min-idle
:
20
...
...
@@ -49,3 +52,7 @@ mybatis-plus:
ca
:
svs
:
root
:
C:/DSVSROOT
#ca:
# svs:
# root: /data/DSVSROOT
\ No newline at end of file
src/main/resources/static/app/js/myself/login_new.js
0 → 100644
View file @
107609bd
var
http_addr
=
""
;
//var http_addr = "http://172.18.3.245:9888/admin/users/checkLockUser";
//绑定点击事件
$
(
'#btn_login'
).
click
(
function
(){
validAndLogin
();
});
//提交按钮事件
function
validAndLogin
(){
$
(
'#btn_login'
).
attr
(
"disabled"
,
true
);
var
loginType
=
$
(
"#loginType option:selected"
).
val
();
$
(
"#errMsg"
).
html
(
""
);
$
(
"#msg"
).
html
(
""
);
switch
(
loginType
)
{
case
"1"
:
userPwdLogin
();
break
;
case
"2"
:
certLogin
(
loginType
);
break
;
case
"3"
:
PwdAndCertLogin
(
loginType
);
break
;
default
:
userPwdLogin
();
break
;
}
}
//用户名密码登录
function
userPwdLogin
(){
var
username
=
$
(
'#username'
).
val
();
var
password
=
$
(
'#password'
).
val
();
if
(
!
checkUserPwd
(
username
,
password
)){
$
(
"#msg"
).
html
(
"用户名或密码不能为空"
);
$
(
'#btn_login'
).
removeAttr
(
"disabled"
);
return
false
;
}
//18
var
formData
=
{
"username"
:
username
,
"password"
:
password
};
$
.
ajax
({
type
:
'post'
,
url
:
"/cas/user/checkExpirePwd"
,
dataType
:
'json'
,
data
:
formData
,
shadeClose
:
false
,
success
:
function
(
res
){
if
(
res
.
success
){
if
(
res
.
code
==
8888
){
var
rdata
=
res
.
data
;
console
.
log
(
"rdata------------"
,
rdata
);
layer
.
open
({
type
:
2
,
title
:
'您的密码是初始密码,需要先修改密码后才能登录门户'
,
area
:
[
'680px'
,
'520px'
],
content
:
'/cas/updatePasswd?username='
+
rdata
.
username
+
"&useKey="
+
rdata
.
useKey
,
fixed
:
false
,
// 不固定
maxmin
:
true
,
closeBtn
:
1
,
maxmin
:
false
,
//开启最大化最小化按钮 false关闭状态
//btn: ['获取表单值', '取消'],
btnAlign
:
'c'
,
cancel
:
function
(
index
,
layero
){
$
(
'#btn_login'
).
removeAttr
(
"disabled"
);
},
end
:
function
(){
window
.
parent
.
location
.
reload
();
//关闭open打开的页面时,刷新父页面
}
});
}
else
{
var
isChecked
=
$
(
'#rmemberUser'
).
is
(
':checked'
);
if
(
isChecked
)
{
$
.
cookie
(
"cas_username"
,
username
,
{
expires
:
365
});
}
$
(
"#loginForm"
).
submit
();
}
}
else
{
$
(
"#msg"
).
html
(
res
.
message
);
$
(
'#btn_login'
).
removeAttr
(
"disabled"
);
}
},
error
:
function
(
e
){
$
(
"#msg"
).
html
(
"网络异常.请求失败"
);
$
(
'#btn_login'
).
removeAttr
(
"disabled"
);
}
})
}
//CA证书登录
function
certLogin
(
loginType
){
$
(
"#msg"
).
html
(
"暂支持证书登录,待CA研发"
);
$
(
'#btn_login'
).
removeAttr
(
"disabled"
);
}
//密码+证书登录
function
PwdAndCertLogin
(
loginType
){
$
(
"#msg"
).
html
(
"暂支持证书登录,待CA研发"
);
$
(
'#btn_login'
).
removeAttr
(
"disabled"
);
}
//检查用户名密码非空
function
checkUserPwd
(
u
,
p
){
if
(
!
u
||
!
p
){
return
false
;
}
return
true
}
//下拉选择触发事件
function
loginTypeFunc
(){
var
loginType
=
$
(
"#loginType option:selected"
).
val
();
switch
(
loginType
)
{
case
"1"
:
$
(
'#username'
).
val
(
""
);
$
(
'#password'
).
val
(
""
);
if
(
$
.
cookie
(
"cas_username"
))
{
$
(
'#rmemberUser'
).
prop
(
"checked"
,
true
);
$
(
'#username'
).
val
(
$
.
cookie
(
"cas_username"
));
}
$
(
"#username-block"
).
show
();
$
(
"#password-block"
).
show
();
$
(
"#certUser-block"
).
hide
();
$
(
"#certPwd-block"
).
hide
();
$
(
'#btn_login'
).
removeAttr
(
"disabled"
);
break
;
case
"2"
:
$
(
'#username'
).
val
(
""
);
$
(
'#password'
).
val
(
""
);
$
(
"#username-block"
).
hide
();
$
(
"#password-block"
).
hide
();
$
(
"#certUser-block"
).
show
();
$
(
"#certPwd-block"
).
show
();
$
(
'#btn_login'
).
removeAttr
(
"disabled"
);
getCAKeyAuth
();
break
;
case
"3"
:
$
(
'#username'
).
val
(
""
);
$
(
'#password'
).
val
(
""
);
$
(
"#username-block"
).
show
();
$
(
"#password-block"
).
show
();
$
(
"#certUser-block"
).
show
();
$
(
"#certPwd-block"
).
hide
();
$
(
'#btn_login'
).
removeAttr
(
"disabled"
);
getCAKeyAuth
();
break
;
default
:
//alert("叫你没事别瞎几把点!");
break
;
}
}
function
getOS
()
{
if
(
navigator
.
userAgent
.
indexOf
(
'Window'
)
>
0
)
{
return
'Windows'
}
else
if
(
navigator
.
userAgent
.
indexOf
(
'Mac OS X'
)
>
0
)
{
return
'Mac '
}
else
if
(
navigator
.
userAgent
.
indexOf
(
'Linux'
)
>
0
)
{
return
'Linux'
}
else
{
return
'NUll'
}
}
\ No newline at end of file
src/main/resources/templates/app/casLoginView.html
View file @
107609bd
...
...
@@ -54,8 +54,10 @@
<div
class=
"form-group"
style=
"height:78px"
id=
"username-block"
>
<div
class=
"label text-blue"
>
<label
for=
"username"
>
用户名:
</label>
<input
class=
"button bg-yellow bouncein"
id=
"selectUser"
type=
"button"
value=
"选择用户"
/>
<a
style=
"cursor:pointer;text-decoration:none;color: #0f4bac"
onclick=
"queryAccount();"
>
忘记用户名?点这里...
</a>
<!-- <input class="button bg-yellow bouncein" id="selectUser" type="button" value="选择用户"/>-->
</div>
<!-- th:field="*{username}"-->
<input
id=
"hideUserId"
type=
"hidden"
value=
""
/>
<div
class=
"field field-icon"
>
<span
class=
"icon icon-user"
></span>
...
...
@@ -195,10 +197,10 @@
<script
type=
"text/javascript"
src=
"./app/js/myself/messenger.js"
></script>
<script
type=
"text/javascript"
src=
"./app/js/myself/SelectGXFYUsers.js"
></script>
<!--<script type="text/javascript" src="./app/js/ca/XTXSAB.js"></script>-->
<script
type=
"text/javascript"
src=
"./app/js/myself/login.js"
></script>
<script
type=
"text/javascript"
src=
"./app/js/myself/login
_new
.js"
></script>
<script
type=
"text/javascript"
>
SelectGXFYUsers
.
init
(
"selectUser"
,
"username"
,
"hideUserId"
,
3
,
false
);
//
SelectGXFYUsers.init("selectUser", "username", "hideUserId", 3, false);
$
(
function
(){
$
(
"#username-block"
).
show
();
...
...
@@ -214,6 +216,13 @@
validAndLogin
();
}
})
function
queryAccount
(){
layer
.
open
({
title
:
'提示'
,
content
:
'这里弹窗开始,根据手机号和身份证号查询用户'
});
}
</script>
</body>
</html>
\ No newline at end of file
src/main/resources/templates/app/updatePasswd.html
0 → 100644
View file @
107609bd
<!doctype html>
<html
xmlns:th=
"http://www.thymeleaf.org"
>
<head>
<meta
charset=
"utf-8"
>
<title>
您的密码是初始密码,需要先修改密码后才能登录门户
</title>
<link
href=
"./app/layui/css/layui.css"
rel=
"stylesheet"
>
<style>
body
{
padding
:
10px
;
font-size
:
14px
;
background
:
#fff
;
width
:
95%
;
margin
:
0
auto
;
font-size
:
14px
;
line-height
:
20px
;
overflow
:
hidden
;}
p
{
margin-bottom
:
10px
;}
input
{
border
:
1px
solid
#999
;
padding
:
5px
10px
;
margin
:
0
10px
10px
0
;}
</style>
</head>
<body>
<form
class=
"layui-form"
action=
""
id=
"updatePasswdForm"
>
<div
class=
"layui-form-item"
>
<label
class=
"layui-form-label"
></label>
<div
class=
"layui-input-block"
>
<span
style=
"color: red"
id=
"iframeMsg"
></span>
<input
type=
"hidden"
id=
"useKey"
name=
"useKey"
lay-verify=
"required"
th:value=
"${useKey}"
autocomplete=
"off"
class=
"layui-input"
readonly
>
</div>
</div>
<div
class=
"layui-form-item"
>
<label
class=
"layui-form-label"
>
用户名
</label>
<div
class=
"layui-input-block"
>
<input
type=
"text"
name=
"username"
lay-verify=
"required"
th:value=
"${username}"
autocomplete=
"off"
class=
"layui-input"
readonly
>
</div>
</div>
<div
class=
"layui-form-item"
>
<label
class=
"layui-form-label"
>
密码
</label>
<div
class=
"layui-input-block"
>
<input
type=
"password"
name=
"passwd"
lay-verify=
"required"
th:value=
"${passwd}"
autocomplete=
"off"
class=
"layui-input"
>
</div>
</div>
<div
class=
"layui-form-item"
>
<label
class=
"layui-form-label"
>
新密码
</label>
<div
class=
"layui-input-block"
>
<input
type=
"password"
name=
"newPasswd"
lay-verify=
"required"
th:value=
"${newPasswd}"
autocomplete=
"off"
class=
"layui-input"
>
<span
style=
"color: red"
>
高强度口令需由10位以上包含大小写字母(Aa不等字符)、数字、特殊符号(!@#¥等符号)组成
</span>
</div>
</div>
<div
class=
"layui-form-item"
>
<label
class=
"layui-form-label"
>
确认密码
</label>
<div
class=
"layui-input-block"
>
<input
type=
"password"
name=
"confirmPasswd"
lay-verify=
"required"
th:value=
"${confirmPasswd}"
autocomplete=
"off"
class=
"layui-input"
>
</div>
</div>
<div
class=
"layui-form-item"
>
<div
class=
"layui-input-block"
>
<button
type=
"submit"
class=
"layui-btn"
lay-submit=
""
lay-filter=
"demo1"
>
提交
</button>
<button
type=
"reset"
class=
"layui-btn layui-btn-primary"
>
重置
</button>
</div>
</div>
</form>
<!--<div style="text-align: center">-->
<!-- <button class="layui-btn layui-btn-primary" id="add">确定</button>-->
<!-- <button class="layui-btn layui-btn-primary" id="closeIframe">重置</button>-->
<!--</div>-->
<script
type=
"text/javascript"
src=
"./app/js/jquery/jquery.min.js"
></script>
<script
src=
"./app/layui/layui.js"
></script>
<script>
layui
.
use
([
'form'
],
function
(){
var
form
=
layui
.
form
form
.
on
(
'submit(demo1)'
,
function
(
data
){
$
.
ajax
({
type
:
'post'
,
url
:
'/cas/updatePasswd'
,
dataType
:
'json'
,
data
:
data
.
field
,
success
:
function
(
res
){
if
(
res
.
success
)
{
//当你在iframe页面关闭自身时
var
index
=
parent
.
layer
.
getFrameIndex
(
window
.
name
);
//先得到当前iframe层的索引
parent
.
layer
.
close
(
index
);
//再执行关闭
}
else
{
layer
.
msg
(
res
.
message
,
{
icon
:
0
},
function
(){
});
}
},
error
:
function
(
e
){
//请求失败
layer
.
open
({
title
:
'提示'
,
content
:
'服务连接失败。。。。'
});
}
})
return
false
});
});
</script>
</body>
</html>
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment