qt
/
weaver-hrm-salary
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

忘记密码

This commit is contained in:
钱涛 2025-04-28 18:08:29 +08:00
parent ec2d5f6a36
commit a1af56bbcc
4 changed files with 351 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

278
src/com/engine/salary/cmd/password/SaveSecondaryPwdCmd.java Normal file
View File

@ -0,0 +1,278 @@
package com.engine.salary.cmd.password;
import com.api.hrm.service.impl.HrmSecondaryPwdSetServiceImpl;
import com.engine.common.biz.AbstractCommonCommand;
import com.engine.common.entity.BizLogContext;
import com.engine.common.util.ServiceUtil;
import com.engine.core.interceptor.CommandContext;
import com.engine.integration.util.StringUtils;
import com.weaver.integration.ldap.util.AuthenticUtil;
import weaver.conn.RecordSet;
import weaver.file.Prop;
import weaver.general.PasswordUtil;
import weaver.general.Util;
import weaver.hrm.User;
import weaver.hrm.passwordprotection.manager.HrmResourceManager;
import weaver.hrm.passwordprotection.manager.HrmResourceManagerManager;
import weaver.interfaces.sso.cas.CASRestAPI;
import weaver.interfaces.sso.cas.CasUtil;
import weaver.rsa.security.RSA;
import weaver.systeminfo.SystemEnv;
import javax.servlet.http.HttpServletRequest;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import static com.api.hrm.service.HrmPasswordService.ifEqlTarget;
/**
* 保存二次验证密码
*/
public class SaveSecondaryPwdCmd extends AbstractCommonCommand<Map<String, Object>> {
private HttpServletRequest request;
public SaveSecondaryPwdCmd(Map<String, Object> params, User user, HttpServletRequest request) {
this.user = user;
this.params = params;
this.request = request;
}
@Override
public BizLogContext getLogContext() {
return null;
}
@Override
public Map<String, Object> execute(CommandContext commandContext) {
Map<String, Object> resultMap = new HashMap<String, Object>();
/*设置二次验证密码时的参数*/
String secondaryPwd1 = Util.null2String(params.get("secondaryPwd1"));//密码
String secondaryPwd2 = Util.null2String(params.get("secondaryPwd2"));//确认密码
/*设置二次验证密码时的参数*/
/*修改二次验证密码时的参数*/
String newSecondaryPwd1 = Util.null2String(params.get("newSecondaryPwd1"));//新密码
String newSecondaryPwd2 = Util.null2String(params.get("newSecondaryPwd2"));//确认新密码
/*修改二次验证密码时的参数*/
String loginPwd = Util.null2String(params.get("loginPwd"));
//是否开启了RSA加密
String openRSA = Util.null2String(Prop.getPropValue("openRSA", "isrsaopen"));
List<String> passwordList = new ArrayList<String>();
if ("1".equals(openRSA)) {
passwordList.add(secondaryPwd1);
passwordList.add(secondaryPwd2);
passwordList.add(newSecondaryPwd1);
passwordList.add(newSecondaryPwd2);
passwordList.add(loginPwd);
RSA rsa = new RSA();
List<String> resultList = rsa.decryptList(request, passwordList);
secondaryPwd1 = resultList.get(0);
secondaryPwd2 = resultList.get(1);
newSecondaryPwd1 = resultList.get(2);
newSecondaryPwd2 = resultList.get(3);
loginPwd = resultList.get(4);
}
/*验证码是否正确 start*/
String validatecode = Util.null2String(params.get("validatecode"));
String validateRand = Util.null2String((String) request.getSession(true).getAttribute("validateRand"));
request.getSession(true).removeAttribute("validateRand");
if (!validateRand.toLowerCase().equals(validatecode.trim().toLowerCase()) || "".equals(validatecode.trim().toLowerCase())) {
resultMap.put("message", SystemEnv.getHtmlLabelName(10000304, Util.getIntValue(user.getLanguage())));
resultMap.put("sign", "-1");
return resultMap;
}
/*验证码是否正确 end*/
if (!"".equals(loginPwd)){
HashMap<String, Object> map = new HashMap<>();
map.put("password",loginPwd);
HrmSecondaryPwdSetServiceImpl hrmSecondaryPwdSetService = (HrmSecondaryPwdSetServiceImpl) ServiceUtil.getService(HrmSecondaryPwdSetServiceImpl.class, user);
Map<String, Object> execute = hrmSecondaryPwdSetService.checkPassword(map, user, request);
String checkPwd = String.valueOf(execute.get("result"));
if (checkPwd.equals("false")){
resultMap.put("message", SystemEnv.getHtmlLabelName(504343, Util.getIntValue(user.getLanguage())));
resultMap.put("sign", "-1");
return resultMap;
}
}
String password = "";//数据库存储的登陆密码
String secondaryPwd = "";//数据库存储的原二次验证密码
boolean flag = false;//是设置二次验证密码还是修改二次验证密码true:修改
RecordSet recordSet = new RecordSet();
String sql = "";
if (user.isAdmin()) {
sql = "select password,secondaryPwd,useSecondaryPwd from HrmResourceManager where id=" + user.getUID();
recordSet.executeQuery(sql);
if (recordSet.next()) {
password = recordSet.getString("password");
secondaryPwd = recordSet.getString("secondaryPwd");
String useSecondaryPwd = recordSet.getString("useSecondaryPwd");
if (useSecondaryPwd.equals("1") && !secondaryPwd.equals("")) {
flag = true;
}
}
} else {
sql = "select password,secondaryPwd,useSecondaryPwd from HrmResource where id=" + user.getUID();
recordSet.executeQuery(sql);
if (recordSet.next()) {
password = recordSet.getString("password");
secondaryPwd = recordSet.getString("secondaryPwd");
String useSecondaryPwd = recordSet.getString("useSecondaryPwd");
if (useSecondaryPwd.equals("1") && !secondaryPwd.equals("")) {
flag = true;
}
}
}
if (flag) {//修改二次验证密码
String formatsalt = PasswordUtil.getResourceSalt("" + user.getUID());
// 先确认旧密码
String oldSecondaryPwd = Util.null2String(request.getParameter("oldSecondaryPwd"));
RSA rsa = new RSA();
String isrsaopen = Util.null2String(recordSet.getPropValue("openRSA","isrsaopen"));
if("1".equals(isrsaopen)){
oldSecondaryPwd = rsa.decrypt(request,oldSecondaryPwd);
}
String[] encryptsOld = PasswordUtil.encrypt(oldSecondaryPwd, formatsalt);
if (user.isAdmin()) {
sql = "select id from HrmResourceManager where secondaryPwd = ? and id = ?";
} else {
sql = "select id from HrmResource where secondaryPwd = ? and id = ?";
}
// recordSet.executeQuery(sql,encryptsOld[0],user.getUID());
// if(!recordSet.next()){
// resultMap.put("status", "-1");
// resultMap.put("message", SystemEnv.getHtmlLabelName(382266, user.getLanguage()));//旧密码不正确
// return resultMap;
// }
if (!newSecondaryPwd1.equals(newSecondaryPwd2)) {
resultMap.put("status", "-1");
resultMap.put("message", SystemEnv.getHtmlLabelName(388448, user.getLanguage()));//两次密码不一致
}
String[] encrypts = PasswordUtil.encrypt(newSecondaryPwd1, formatsalt);
if (user.isAdmin()) {
sql = "update HrmResourceManager set secondaryPwd='" + encrypts[0] + "',useSecondaryPwd=1 where id=" + user.getUID();
} else {
sql = "update HrmResource set secondaryPwd='" + encrypts[0] + "',useSecondaryPwd=1 where id=" + user.getUID();
}
if (recordSet.executeUpdate(sql)) {
resultMap.put("sign", "1");
resultMap.put("message", SystemEnv.getHtmlLabelName(125983, user.getLanguage()));//修改密码成功
} else {
resultMap.put("sign", "-1");
resultMap.put("message", SystemEnv.getHtmlLabelName(126200, user.getLanguage()));//修改密码失败
}
} else {
String token = Util.null2String(request.getSession().getAttribute("init_second_token")) ;
request.getSession().removeAttribute("init_second_token");
if(StringUtils.isBlank(token) || !token.equalsIgnoreCase(user.getUID()+"")){
resultMap.put("status", "-1");
resultMap.put("message", SystemEnv.getHtmlLabelName(83912, user.getLanguage())+"(-100)");//参数有误
return resultMap;
}
/*为防止篡改CheckPassword的接口数据越权修改二次验证密码读取session中存储的登录密码再次校验一次登录密码*/
String loginPassword = Util.null2String(request.getSession(true).getAttribute("loginPassword"));
boolean isPass = checkLoginPassword(loginPassword);
request.getSession(true).removeAttribute("loginPassword");
if(!isPass){
resultMap.put("status", "-1");
resultMap.put("message", SystemEnv.getHtmlLabelName(388858, user.getLanguage()));//参数有误
return resultMap;
}
String formatsalt = PasswordUtil.getResourceSalt("" + user.getUID());
String[] encrypts = PasswordUtil.encrypt(secondaryPwd1, formatsalt);
if (password.equals(encrypts[0])) {
resultMap.put("status", "-1");
resultMap.put("message", SystemEnv.getHtmlLabelName(388448, user.getLanguage()));//为保安全性请设置为和登录密码不同的密码
return resultMap;
}
if (!secondaryPwd1.equals(secondaryPwd2)) {
resultMap.put("status", "-1");
resultMap.put("message", SystemEnv.getHtmlLabelName(388448, user.getLanguage()));//两次密码不一致
}
encrypts = PasswordUtil.encrypt(secondaryPwd1, formatsalt);
if (user.isAdmin()) {
sql = "update HrmResourceManager set secondaryPwd='" + encrypts[0] + "',useSecondaryPwd=1 where id=" + user.getUID();
} else {
sql = "update HrmResource set secondaryPwd='" + encrypts[0] + "',useSecondaryPwd=1 where id=" + user.getUID();
}
if (recordSet.executeUpdate(sql)) {
resultMap.put("sign", "1");
resultMap.put("message", SystemEnv.getHtmlLabelName(10000305, Util.getIntValue(user.getLanguage())));//设置密码成功
} else {
resultMap.put("sign", "-1");
resultMap.put("message", SystemEnv.getHtmlLabelName(10000306, Util.getIntValue(user.getLanguage())));//设置密码失败
}
}
return resultMap;
}
/**
* 检查登录密码是否正确
*
* @param password 登录密码
* @return
*/
private boolean checkLoginPassword(String password) {
boolean isExsit = false;
RecordSet rs = new RecordSet();
String loginId = "";
String isADAccount = "";
String isADAccountSql = "select isADAccount,loginId from HrmResource where id = " + user.getUID();
rs.executeSql(isADAccountSql);
if (rs.next()) {
isADAccount = rs.getString("isADAccount");
loginId = rs.getString("loginId");
}
AuthenticUtil authenticUtil = new AuthenticUtil();
boolean isUseLdap =authenticUtil.checkType(loginId);
if (isUseLdap && ifEqlTarget(isADAccount, "1") && !"1".equals(user.getUID())) {
if (!authenticUtil.checkLogin(loginId, password).equals("100")) {
isExsit = false;
} else {
isExsit = true;
}
}else {
String dbSalt = PasswordUtil.getResourceSalt("" + user.getUID());
String[] encrypts = PasswordUtil.encrypt(password, dbSalt);
String pswd = encrypts[0];//加密后的密码
Map<String, Comparable> map = new HashMap<String, Comparable>();
map.put("id", "" + user.getUID());
map.put("password", pswd);
isExsit = new HrmResourceManager().get(map) != null;
if (!isExsit) {
isExsit = new HrmResourceManagerManager().get(map) != null;
}
}
//cas二次密码校验
if (new CasUtil().isUseCAS()&&!isExsit) {
String ticket = Util.null2String(new CASRestAPI().getInstance().getTicket(loginId, password));
if (ticket != "") {
isExsit = true;
}
}
return isExsit;
}
}

20
src/com/engine/salary/service/HrmSecondaryPwdSetService.java Normal file
View File

@ -0,0 +1,20 @@
package com.engine.salary.service;
import weaver.hrm.User;
import javax.servlet.http.HttpServletRequest;
import java.util.Map;
public interface HrmSecondaryPwdSetService {
/**
* 保存二次验证登陆密码
*
* @param params
* @param user
* @return
*/
public Map<String, Object> saveSecondaryPwd(Map<String, Object> params, User user, HttpServletRequest request);
}

20
src/com/engine/salary/service/impl/HrmSecondaryPwdSetServiceImpl.java Normal file
View File

@ -0,0 +1,20 @@
package com.engine.salary.service.impl;
import com.engine.core.impl.Service;
import com.engine.salary.cmd.password.SaveSecondaryPwdCmd;
import com.engine.salary.service.HrmSecondaryPwdSetService;
import weaver.hrm.User;
import javax.servlet.http.HttpServletRequest;
import java.util.Map;
public class HrmSecondaryPwdSetServiceImpl extends Service implements HrmSecondaryPwdSetService {
@Override
public Map<String, Object> saveSecondaryPwd(Map<String, Object> params, User user, HttpServletRequest request) {
return commandExecutor.execute(new SaveSecondaryPwdCmd(params, user, request));
}
}

33
src/com/engine/salary/web/SalaryBillController.java
View File

@ -1,10 +1,14 @@
package com.engine.salary.web; package com.engine.salary.web;
import com.alibaba.fastjson.JSONObject;
import com.engine.common.util.ParamUtil;
import com.engine.common.util.ServiceUtil; import com.engine.common.util.ServiceUtil;
import com.engine.salary.entity.salaryBill.dto.*; import com.engine.salary.entity.salaryBill.dto.*;
import com.engine.salary.entity.salaryBill.param.*; import com.engine.salary.entity.salaryBill.param.*;
import com.engine.salary.enums.salarybill.SalarySendStatusEnum; import com.engine.salary.enums.salarybill.SalarySendStatusEnum;
import com.engine.salary.exception.SalaryRunTimeException; import com.engine.salary.exception.SalaryRunTimeException;
import com.engine.salary.service.HrmSecondaryPwdSetService;
import com.engine.salary.service.impl.HrmSecondaryPwdSetServiceImpl;
import com.engine.salary.sys.enums.PayrollCheckTypeEnum; import com.engine.salary.sys.enums.PayrollCheckTypeEnum;
import com.engine.salary.util.ResponseResult; import com.engine.salary.util.ResponseResult;
import com.engine.salary.util.SalaryEntityUtil; import com.engine.salary.util.SalaryEntityUtil;
@ -57,6 +61,10 @@ public class SalaryBillController {
return ServiceUtil.getService(SalaryBillBaseSetWrapper.class, user); return ServiceUtil.getService(SalaryBillBaseSetWrapper.class, user);
} }
private HrmSecondaryPwdSetService getService(User user) {
return (HrmSecondaryPwdSetService) ServiceUtil.getService(HrmSecondaryPwdSetServiceImpl.class, user);
}
/******** 工资单模板 start ***********************************************************************************************/ /******** 工资单模板 start ***********************************************************************************************/
/** /**
@ -817,4 +825,29 @@ public class SalaryBillController {
/******** 工资单基础设置 end ***********************************************************************************************/ /******** 工资单基础设置 end ***********************************************************************************************/
/**
* 保存二次登陆密码
*
* @param request
* @param response
* @return
*/
@POST
@Path("/saveSecondaryPwd")
@Produces(MediaType.TEXT_PLAIN)
public String saveSecondaryPwd(@Context HttpServletRequest request, @Context HttpServletResponse response) {
Map<String, Object> apiDatas = new HashMap<String, Object>();//传递给前台的数据集合
try {
User user = HrmUserVarify.getUser(request, response);
apiDatas = getService(user).saveSecondaryPwd(ParamUtil.request2Map(request), user, request);
apiDatas.put("api_status", true);
} catch (Exception e) {
e.printStackTrace();
apiDatas.put("api_status", false);
apiDatas.put("api_errormsg", e.getMessage());
}
return JSONObject.toJSONString(apiDatas);
}
} }