Skip to content

Commit

Permalink
重构PasswordEncoder的类方法encode为实例方法
Browse files Browse the repository at this point in the history
  • Loading branch information
@ysc
ysc committed Mar 12, 2014
1 parent 0273fe2 commit fa85faf
Show file tree
Hide file tree
Showing 4 changed files with 26 additions and 13 deletions.
12 changes: 7 additions & 5 deletions APDPlat_Core/src/main/java/org/apdplat/module/security/service/UserService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,8 @@ public class UserService {
private OnlineUserService onlineUserService;
@Resource(name="passwordStrategyExecuter")
private PasswordStrategyExecuter passwordStrategyExecuter;
@Resource(name="passwordEncoder")
private PasswordEncoder passwordEncoder;

/**
* 分页获取在线用户
Expand Down Expand Up @@ -163,9 +165,9 @@ public Map<String, Object> modifyPassword(String oldPassword, String newPassword
LOG.error(e.getMessage());
return result;
}
oldPassword=PasswordEncoder.encode(oldPassword.trim(),user);
oldPassword=passwordEncoder.encode(oldPassword.trim(),user);
if(oldPassword.equals(user.getPassword())){
user.setPassword(PasswordEncoder.encode(newPassword.trim(),user));
user.setPassword(passwordEncoder.encode(newPassword.trim(),user));
serviceFacade.update(user);
message = "修改成功";
result.put("success", true);
Expand Down Expand Up @@ -211,7 +213,7 @@ public String reset(Integer[] ids, String password){
continue;
}
//设置新密码
user.setPassword(PasswordEncoder.encode(password, user));
user.setPassword(passwordEncoder.encode(password, user));
//同步到数据库
serviceFacade.update(user);
success++;
Expand Down Expand Up @@ -302,7 +304,7 @@ public void assemblyModelForPartUpdate(List<Property> properties, User user) {
}catch(PasswordInvalidException e){
throw new RuntimeException(e.getMessage());
}
property.setValue(PasswordEncoder.encode(property.getValue().toString(),user));
property.setValue(passwordEncoder.encode(property.getValue().toString(),user));
break;
}
}
Expand Down Expand Up @@ -346,7 +348,7 @@ public void assemblyModelForCreate(User model, String roles, String positions, S
throw new RuntimeException(e.getMessage());
}
LOG.debug("加密用户密码");
model.setPassword(PasswordEncoder.encode(model.getPassword(), model));
model.setPassword(passwordEncoder.encode(model.getPassword(), model));
LOG.debug("组装角色: " + roles);
assemblyRoles(model, roles);
LOG.debug("组装岗位: " + positions);
Expand Down
17 changes: 12 additions & 5 deletions APDPlat_Core/src/main/java/org/apdplat/module/security/service/password/PasswordEncoder.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,22 +20,29 @@

package org.apdplat.module.security.service.password;

import javax.annotation.Resource;
import org.apdplat.module.security.model.User;
import org.apdplat.platform.util.SpringContextUtils;
import org.springframework.security.authentication.dao.SaltSource;
import org.springframework.security.authentication.encoding.ShaPasswordEncoder;
import org.springframework.stereotype.Service;

/**
* 用户密码双重加密:
* 1、使用SHA-512算法,salt为user.getMetaData(),即:用户信息
* 2、使用SHA-256算法,salt为saltSource.getSalt(user),即:用户名+APDPlat应用级产品开发平台的作者是杨尚川,联系方式(邮件:ysc@apdplat.org)(QQ:281032878)
* @author 杨尚川
*/
public class PasswordEncoder {
private PasswordEncoder(){}
public static String encode(String password,User user){
@Service
public class PasswordEncoder {
@Resource(name="saltSource")
private SaltSource saltSource;

public void setSaltSource(SaltSource saltSource) {
this.saltSource = saltSource;
}

public String encode(String password,User user){
password = new ShaPasswordEncoder(512).encodePassword(password,user.getMetaData());
SaltSource saltSource = SpringContextUtils.getBean("saltSource");
return new ShaPasswordEncoder(256).encodePassword(password,saltSource.getSalt(user));
}
public static void main(String[] args){
Expand Down
4 changes: 3 additions & 1 deletion APDPlat_Core/src/main/java/org/apdplat/module/security/service/register/RegisteUser.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,8 @@ public class RegisteUser extends RegisterService<User>{
protected RegisteOrg registeOrg;
@Resource(name="registeRole")
protected RegisteRole registeRole;
@Resource(name="passwordEncoder")
private PasswordEncoder passwordEncoder;

@Override
protected void registe() {
Expand All @@ -63,7 +65,7 @@ protected void registe() {
Page<User> page=Page.newInstance(User.class, RegisteUser.class.getResourceAsStream(xml));
if(page!=null){
for(User user : page.getModels()){
user.setPassword(PasswordEncoder.encode(user.getPassword(), user));
user.setPassword(passwordEncoder.encode(user.getPassword(), user));
user.setOrg(registeOrg.getRegisteData().get(0));
user.addRole(registeRole.getRegisteData().get(0).getChild().get(0));
serviceFacade.create(user);
Expand Down
6 changes: 4 additions & 2 deletions APDPlat_Core/src/main/java/org/apdplat/module/security/ws/UserServiceImpl.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,12 +40,14 @@ public class UserServiceImpl implements UserService{
private static final APDPlatLogger LOG = APDPlatLoggerFactory.getAPDPlatLogger(UserServiceImpl.class);
@Resource(name = "userDetailsServiceImpl")
private UserDetailsServiceImpl userDetailsServiceImpl;
@Resource(name="passwordEncoder")
private PasswordEncoder passwordEncoder;

@Override
public String login(String username, String password) {
try{
User user=(User)userDetailsServiceImpl.loadUserByUsername(username);
password=PasswordEncoder.encode(password, user);
password=passwordEncoder.encode(password, user);
if(password.equals(user.getPassword())){
return "认证成功";
}else{
Expand All @@ -61,7 +63,7 @@ public User getUserInfo(String username, String password) {
try{
User user=(User)userDetailsServiceImpl.loadUserByUsername(username);
if(user!=null){
password=PasswordEncoder.encode(password, user);
password=passwordEncoder.encode(password, user);
if(password.equals(user.getPassword())){
return user;
}
Expand Down

0 comments on commit fa85faf

Please sign in to comment.