5 rokov pred · 0ee248c309
--- a/xiaoan-common/src/main/java/com/xiaoan/common/util/PasswordUtils.java
+++ b/xiaoan-common/src/main/java/com/xiaoan/common/util/PasswordUtils.java
@@ -77,7 +77,7 @@ public class PasswordUtils {
 
				      * @return 加密后的密文字符串
			
 
				      * @throws Exception
			
 
				      */
			
 
				-    public static String encrypt(String plaintext, String password, byte[] salt) {
			
 
				+    public static String encrypt(String password, String plaintext, byte[] salt) {
			
 
				 
			
 
				         Key key = getPBEKey(password);
			
 
				         byte[] encipheredData = null;
			
@@ -167,32 +167,21 @@ public class PasswordUtils {
 
				     }
			
 
				 
			
 
				     public static void main(String[] args) {
			
 
				-        // 13138102395 13112311178
			
 
				-        String userName = "13112311178";
			
 
				-        String password = "Aa11111111";
			
 
				+        // 13138102395 13112311178 Aa11111111
			
 
				+        String userName = "zhiguang";
			
 
				+        String password = "123456";
			
 
				 
			
 
				         try {
			
 
				             byte[] salt = PasswordUtils.getStaticSalt();
			
 
				             String ciphertext = PasswordUtils.encrypt(userName, password, salt);
			
 
				-            System.out.println(ciphertext);
			
 
				-            String plaintext = PasswordUtils.decrypt(ciphertext, password, salt);
			
 
				-            System.out.println(plaintext);
			
 
				+            System.out.println("用户密文密码： " + ciphertext);
			
 
				+            String plaintext = PasswordUtils.decrypt(ciphertext, userName, salt);
			
 
				+            System.out.println("用户明文密码：" + plaintext);
			
 
				         } catch (Exception e) {
			
 
				             e.printStackTrace();
			
 
				         }
			
 
				 
			
 
				 
			
 
				-//        String userName = "admin";
			
 
				-//        String password = "123456";
			
 
				-//        try {
			
 
				-//            byte[] salt = PasswordUtils.getStaticSalt();
			
 
				-////            String ciphertext = PasswordUtils.encrypt(userName, password, salt);
			
 
				-////            System.out.println(ciphertext);
			
 
				-//            String plaintext = PasswordUtils.decrypt("2c01ba92b4dab363", password, salt);
			
 
				-//            System.out.println(plaintext);
			
 
				-//        } catch (Exception e) {
			
 
				-//            e.printStackTrace();
			
 
				-//        }
			
 
				 
			
 
				 
			
 
				 
			
--- a/xiaoan-web/src/main/java/com/xiaoan/web/backend/IndexController.java
+++ b/xiaoan-web/src/main/java/com/xiaoan/web/backend/IndexController.java
@@ -123,9 +123,9 @@ public class IndexController {
 
				             return new ResultJson(MsgCode.e_ADMIN_4001, MsgCode.msg_ADMIN_4001);
			
 
				         }
			
 
				 
			
 
				-        // 验证密码
			
 
				-        String decryptName = PasswordUtils.decrypt(userEntity.getPassword(), param.getPassword(), PasswordUtils.getStaticSalt());
			
 
				-        if (!param.getUserName().equals(decryptName)) {
			
 
				+        // 验证密码,解密出来是明文密码，在跟输入密码比较
			
 
				+        String pwd = PasswordUtils.decrypt(userEntity.getPassword(), param.getUserName(), PasswordUtils.getStaticSalt());
			
 
				+        if (!pwd.equals(param.getPassword())) {
			
 
				             return new ResultJson(MsgCode.e_ADMIN_4002, MsgCode.msg_ADMIN_4002);
			
 
				         }