登录接口改造，修改密码接口增加二次密文校验

com.gx.obe.service/src/main/java/com/gx/obe/server/common/utils/DESUtils.java

+package com.gx.obe.server.common.utils;
+
+import javax.crypto.Cipher;
+import javax.crypto.SecretKey;
+import javax.crypto.SecretKeyFactory;
+import javax.crypto.spec.DESKeySpec;
+import java.security.SecureRandom;
+
+/**
+ * DES加密工具
+ */
+public class DESUtils {
+    private final static String DES = "DES";
+	public final static String key = "HLJ$@&!^%$ZJK";
+	/**
+	 * 加密
+	 * 
+	 * @param src 数据源
+	 * @param key 密钥，长度必须是8的倍数
+	 * @return 返回加密后的数据
+	 * @throws Exception
+	 */
+	public static byte[] encrypt(byte[] src, byte[] key)
+			throws RuntimeException {
+		// DES算法要求有一个可信任的随机数源
+		try {
+			SecureRandom sr = new SecureRandom();
+			// 从原始密匙数据创建DESKeySpec对象
+			DESKeySpec dks = new DESKeySpec(key);
+			// 创建一个密匙工厂，然后用它把DESKeySpec转换成
+			// 一个SecretKey对象
+			SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(DES);
+			SecretKey securekey = keyFactory.generateSecret(dks);
+			// Cipher对象实际完成加密操作
+			Cipher cipher = Cipher.getInstance(DES);
+			// 用密匙初始化Cipher对象
+			cipher.init(Cipher.ENCRYPT_MODE, securekey, sr);
+			// 现在，获取数据并加密
+			// 正式执行加密操作
+			return cipher.doFinal(src);
+		} catch (Exception e) {
+			throw new RuntimeException(e);
+		}
+	}
+
+	/**
+	 * 解密
+	 * 
+	 * @param src
+	 *            数据源
+	 * @param key
+	 *            密钥，长度必须是8的倍数
+	 * @return 返回解密后的原始数据
+	 * @throws Exception
+	 */
+	public static byte[] decrypt(byte[] src, byte[] key)
+			throws RuntimeException {
+		try {
+			// DES算法要求有一个可信任的随机数源
+			SecureRandom sr = new SecureRandom();
+			// 从原始密匙数据创建一个DESKeySpec对象
+			DESKeySpec dks = new DESKeySpec(key);
+			// 创建一个密匙工厂，然后用它把DESKeySpec对象转换成
+			// 一个SecretKey对象
+			SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(DES);
+			SecretKey securekey = keyFactory.generateSecret(dks);
+			// Cipher对象实际完成解密操作
+			Cipher cipher = Cipher.getInstance(DES);
+			// 用密匙初始化Cipher对象
+			cipher.init(Cipher.DECRYPT_MODE, securekey, sr);
+			// 现在，获取数据并解密
+			// 正式执行解密操作
+			return cipher.doFinal(src);
+		} catch (Exception e) {
+			throw new RuntimeException(e);
+		}
+	}
+
+	/**
+	 * 数据解密
+	 * 
+	 * @param data
+	 * @return
+	 * @throws Exception
+	 */
+	public final static String decrypt(String data, String enc)
+			throws Exception {
+		return new String(decrypt(hex2byte(data.getBytes(enc)), key.getBytes(enc)),enc);
+	}
+	
+	/**
+	 * 数据解密
+	 * 
+	 * @param data
+	 * @return
+	 * @throws Exception
+	 */
+	public final static String decrypt(String data)
+			throws Exception {
+		return new String(decrypt(hex2byte(data.getBytes()), key.getBytes()));
+	}
+
+	/**
+	 * 数据加密
+	 * 
+	 * @param data
+	 * @return
+	 * @throws Exception
+	 */
+	public final static String encrypt(String data) {
+		if (data != null)
+			try {
+				return byte2hex(encrypt(data.getBytes(), key.getBytes()));
+			} catch (Exception e) {
+				throw new RuntimeException(e);
+			}
+		return null;
+	}
+	/**
+	 * 数据加密
+	 * 
+	 * @param data
+	 * @param enc
+	 *            密钥
+	 * @return
+	 * @throws Exception
+	 */
+	public final static String encrypt(String data, String enc) {
+		if (data != null)
+			try {
+				return byte2hex(encrypt(data.getBytes(enc), key.getBytes(enc)));
+			} catch (Exception e) {
+				throw new RuntimeException(e);
+			}
+		return null;
+	}
+	/**
+	 * 二行制转字符串
+	 * 
+	 * @param b
+	 * @return
+	 */
+	private static String byte2hex(byte[] b) {
+		StringBuilder hs = new StringBuilder();
+		String stmp;
+		for (int n = 0; b != null && n < b.length; n++) {
+			stmp = Integer.toHexString(b[n] & 0XFF);
+			if (stmp.length() == 1)
+				hs.append('0');
+			hs.append(stmp);
+		}
+		return hs.toString().toUpperCase();
+	}
+
+	private static byte[] hex2byte(byte[] b) {
+		if ((b.length % 2) != 0)
+			throw new IllegalArgumentException();
+		byte[] b2 = new byte[b.length / 2];
+		for (int n = 0; n < b.length; n += 2) {
+			String item = new String(b, n, 2);
+			b2[n / 2] = (byte) Integer.parseInt(item, 16);
+		}
+		return b2;
+	}
+   
+	public static void main(String[] args) throws Exception {
+		String content = "";
+		System.out.println("加密前：" + content);
+		// 加密
+		String encryptResult = encrypt(content);
+		System.out.println("加密后：" + encryptResult);
+		// 解密
+		String decryptResult = decrypt(encryptResult);
+		System.out.println("解密后：" + decryptResult);
+	}
+
+}

com.gx.obe.service/src/main/java/com/gx/obe/server/config/WebConfiguration.java

@@ -50,6 +50,7 @@ public class WebConfiguration implements WebMvcConfigurer {
         excludePath.add("/tripartiteFunction/bidata/**");
         excludePath.add("/tenderProject/copyTenderProject");
         excludePath.add("/authUser/updatePhone");
+        excludePath.add("/authUser/updatePassword");
         registry.addInterceptor(tokenInterceptor)
                 .addPathPatterns("/**")
                 .excludePathPatterns(excludePath);

com.gx.obe.service/src/main/java/com/gx/obe/server/management/user/controller/AuthUserController.java

 package com.gx.obe.server.management.user.controller;
 
+import java.util.HashMap;
 import java.util.List;
+import java.util.Map;
 import java.util.Objects;
 
 import javax.servlet.http.HttpServletRequest;
 
+import com.google.gson.JsonObject;
+import com.google.gson.JsonParser;
+import com.gx.obe.http.HttpUtil;
+import com.gx.obe.http.json.JsonUtil;
+import com.gx.obe.server.common.utils.DESUtils;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
@@ -51,6 +60,7 @@ import io.swagger.annotations.Api;
  * @Copyright: 2019 www.msypro.com Inc. All rights reserved.
  * 
  */
+@Slf4j
 @Api(tags = "用户模块")
 @RestController
 @RequestMapping("/authUser")
@@ -60,6 +70,9 @@ public class AuthUserController  extends BaseController<AuthUserService,AuthUser
 	public AuthUserService authUserService;
 	@Autowired
 	public AuthRoleService authRoleService;
+
+	@Value("${platformVarifyURL}")
+	private String varifyUrl;
 	
 
 	@PostMapping("/updateUser")
@@ -99,10 +112,31 @@ public class AuthUserController  extends BaseController<AuthUserService,AuthUser
 
 	@GetMapping("/updatePassword")
 	@SysLogAnnotation(detail="修改密码",level = 0,operationType = OperationType.UPDATE)
-	public boolean updatePassword(String userAccount , String userPassword){
-		UpdateWrapper<AuthUserEntity> updateWrapper = new UpdateWrapper<>();
-		updateWrapper.lambda().set(AuthUserEntity::getUserPassword, userPassword).set(AuthUserEntity::getModifyTime, NowTimeUtils.getNowDate()).eq(AuthUserEntity::getUserAccount, userAccount);
-		return authUserService.update(updateWrapper);
+	public boolean updatePassword(String userAccount , String userPassword,String code){
+
+		Map<String, Object> paramMap = new HashMap<String, Object>();
+		paramMap.put("checkUserLogin",code);
+
+		try {
+				String resultJson = HttpUtil.post(varifyUrl, paramMap,50000);
+				JsonParser jsonParser=new JsonParser();
+				JsonObject bodyObject = jsonParser.parse(resultJson).getAsJsonObject();
+				JsonObject dataObject = bodyObject.getAsJsonObject("data");
+				String data  = dataObject.get("data").getAsString();
+				String decrypt = DESUtils.decrypt(data, "utf-8");
+				Map<String,String> resultMap = JsonUtil.strToMap(decrypt);
+				if(resultMap.get("ret").equals("0")) {
+					UpdateWrapper<AuthUserEntity> updateWrapper = new UpdateWrapper<>();
+					updateWrapper.lambda().set(AuthUserEntity::getUserPassword, userPassword).set(AuthUserEntity::getModifyTime, NowTimeUtils.getNowDate()).eq(AuthUserEntity::getUserAccount, userAccount);
+					return authUserService.update(updateWrapper);
+				}
+		} catch (Exception e) {
+			log.error(e.getMessage());
+			return false;
+		}
+
+		return false;
+
 	}
 	
 	/**
@@ -141,6 +175,8 @@ public class AuthUserController  extends BaseController<AuthUserService,AuthUser
 			}
 		}
 		return null;
+
+
 	}
 	
 	@PostMapping("/loginRemote")
@@ -372,8 +408,13 @@ public class AuthUserController  extends BaseController<AuthUserService,AuthUser
 				vo.setAtuokthen(TokenUtil.sign(user,request));
 				return new Result<AuthUserVo>(vo, "登录陈功!", Result.SUCCESS);
 			}else {
+//				AuthUserVo vo = new AuthUserVo();
+// 				vo.setAuthUserEntity(user);
+//				return new Result<AuthUserVo>(vo, "密码错误",Result.FAIL);
 				AuthUserVo vo = new AuthUserVo();
- 				vo.setAuthUserEntity(user);
+				AuthUserEntity AuthUserEntity = new AuthUserEntity();
+				AuthUserEntity.setUserAccount(USER_ACCOUNT);
+				vo.setAuthUserEntity(AuthUserEntity);
 				return new Result<AuthUserVo>(vo, "密码错误",Result.FAIL);
 			}
 		}

com.gx.obe.service/src/main/resources/application-jingnengjituan.yml

-# 设置服务端口
server:
  port: 9863
  
spring:
  application:
    name: com.gx.obe.server
  datasource:
    driver-class-name: com.mysql.cj.jdbc.Driver
    url: jdbc:mysql://rm-2ze9r6bu03h0reqqo.mysql.rds.aliyuncs.com:3306/obe_jnkpb?characterEncoding=utf8&allowMultiQueries=true&useSSL=false&useUnicode=true&useOldAliasMetadataBehavior=true&serverTimezone=Asia/Shanghai
    username: jn_kpb
    password: am5fa3Bi
logging:
  level:
    cn.jay.repository: info
    
# 文件保存路径
upload:
   folder: /data/kpb/folder        
     
+# 设置服务端口
server:
  port: 9863
  
spring:
  application:
    name: com.gx.obe.server
  datasource:
    driver-class-name: com.mysql.cj.jdbc.Driver
    url: jdbc:mysql://rm-2ze9r6bu03h0reqqo.mysql.rds.aliyuncs.com:3306/obe_jnkpb?characterEncoding=utf8&allowMultiQueries=true&useSSL=false&useUnicode=true&useOldAliasMetadataBehavior=true&serverTimezone=Asia/Shanghai
    username: jn_kpb
    password: am5fa3Bi
logging:
  level:
    cn.jay.repository: info
    
# 文件保存路径
upload:
   folder: /data/kpb/folder


platformVarifyURL:  https://www.powerbeijing-ec.com/jndzzb/userHS.do?checkEncryptionInfo
     
\ No newline at end of file

com.gx.obe.service/src/main/resources/application-jingnengjituanTest.yml

-# 设置服务端口
server:
  port: 6850
  
spring:
  application:
    name: com.gx.obe.server
  datasource:
    driver-class-name: com.mysql.cj.jdbc.Driver
    url: jdbc:mysql://59.110.139.213:6033/obe_jncs?characterEncoding=utf8&allowMultiQueries=true&useSSL=false&useUnicode=true&useOldAliasMetadataBehavior=true&serverTimezone=Asia/Shanghai
    username: gxcx-jncs
    password: Z3hjeC1qbmNz
logging:
  level:
    cn.jay.repository: info
    
# 文件保存路径
upload:
   folder: folder     
     
+# 设置服务端口
server:
  port: 6850
  
spring:
  application:
    name: com.gx.obe.server
  datasource:
    driver-class-name: com.mysql.cj.jdbc.Driver
    url: jdbc:mysql://59.110.139.213:6033/obe_jncs?characterEncoding=utf8&allowMultiQueries=true&useSSL=false&useUnicode=true&useOldAliasMetadataBehavior=true&serverTimezone=Asia/Shanghai
    username: gxcx-jncs
    password: Z3hjeC1qbmNz
logging:
  level:
    cn.jay.repository: info
    
# 文件保存路径
upload:
   folder: folder


platformVarifyURL:  https://test.powerbeijing-ec.com/jndzzb/userHS.do?checkEncryptionInfo
     
\ No newline at end of file