anpeng/apzl_leasing
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

app个人中心修改密码接口

Browse Source
This commit is contained in:
zhangjun 2020-07-04 18:03:48 +08:00
parent 91d6b6d7d1
commit 417c74077d
3 changed files with 303 additions and 197 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

168
src_app_fresh/apx/com/amarsoft/als/user/pwd/controller/AppUserPwdController.java
View File

@ -1,72 +1,96 @@
package apx.com.amarsoft.als.user.pwd.controller;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.core.Context;
import apx.com.amarsoft.als.user.pwd.service.GesturePwdService;
import apx.com.amarsoft.als.user.pwd.service.impl.GesturePwdServiceImpl;
import com.amarsoft.are.ARE;
import com.amarsoft.are.jbo.JBOTransaction;
import com.amarsoft.awe.util.Transaction;
import com.base.util.ReturnMapUtil;
@Path("/user/center/manager")
public class AppUserPwdController {
GesturePwdService gesturePwdService = new GesturePwdServiceImpl();
@Path("/setup/gesture")
@GET
public Map<String, Object> setupGesture(
@Context HttpServletRequest request, @Context Transaction sqlca,
@Context JBOTransaction tx) throws Exception {
ReturnMapUtil ReturnMapUtil = new ReturnMapUtil(tx, sqlca);
try {
ARE.getLog().info(
"[CONTROLLER] AppUserPwdController run .................");
ARE.getLog()
.info("[Path] /user/center/manager/setup/gesture run .................");
return gesturePwdService.setupGesture(request, tx, ReturnMapUtil);
} catch (Exception e) {
return ReturnMapUtil.rollback(e);
}
}
@Path("/close/gesture")
@GET
public Map<String, Object> closeGesture(
@Context HttpServletRequest request, @Context Transaction sqlca,
@Context JBOTransaction tx) throws Exception {
ReturnMapUtil ReturnMapUtil = new ReturnMapUtil(tx, sqlca);
try {
ARE.getLog().info(
"[CONTROLLER] AppUserPwdController run .................");
ARE.getLog()
.info("[Path] /user/center/manager/close/gesture run .................");
return gesturePwdService.closeGesture(request, tx, ReturnMapUtil);
} catch (Exception e) {
return ReturnMapUtil.rollback(e);
}
}
@Path("/acquisition/gesture")
@GET
public Map<String, Object> acquisitionGesture(
@Context HttpServletRequest request, @Context Transaction sqlca,
@Context JBOTransaction tx) throws Exception {
ReturnMapUtil ReturnMapUtil = new ReturnMapUtil(tx, sqlca);
try {
ARE.getLog().info(
"[CONTROLLER] AppUserPwdController run .................");
ARE.getLog()
.info("[Path] /user/center/manager/acquisition/gesture run .................");
return gesturePwdService.acquisitionGesture(request, ReturnMapUtil);
} catch (Exception e) {
return ReturnMapUtil.rollback(e);
}
}
}
package apx.com.amarsoft.als.user.pwd.controller;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.core.Context;
import apx.com.amarsoft.als.user.change.center.service.ApplyArchiveService;
import apx.com.amarsoft.als.user.change.center.service.impl.ApplyArchiveServiceImpl;
import apx.com.amarsoft.als.user.pwd.service.GesturePwdService;
import apx.com.amarsoft.als.user.pwd.service.impl.GesturePwdServiceImpl;
import com.amarsoft.are.ARE;
import com.amarsoft.are.jbo.JBOTransaction;
import com.amarsoft.awe.util.Transaction;
import com.base.util.ReturnMapUtil;
@Path("/user/center/manager")
public class AppUserPwdController {
GesturePwdService gesturePwdService = new GesturePwdServiceImpl();
@Path("/setup/gesture")
@GET
public Map<String, Object> setupGesture(
@Context HttpServletRequest request, @Context Transaction sqlca,
@Context JBOTransaction tx) throws Exception {
ReturnMapUtil ReturnMapUtil = new ReturnMapUtil(tx, sqlca);
try {
ARE.getLog().info(
"[CONTROLLER] AppUserPwdController run .................");
ARE.getLog()
.info("[Path] /user/center/manager/setup/gesture run .................");
return gesturePwdService.setupGesture(request, tx, ReturnMapUtil);
} catch (Exception e) {
return ReturnMapUtil.rollback(e);
}
}
@Path("/close/gesture")
@GET
public Map<String, Object> closeGesture(
@Context HttpServletRequest request, @Context Transaction sqlca,
@Context JBOTransaction tx) throws Exception {
ReturnMapUtil ReturnMapUtil = new ReturnMapUtil(tx, sqlca);
try {
ARE.getLog().info(
"[CONTROLLER] AppUserPwdController run .................");
ARE.getLog()
.info("[Path] /user/center/manager/close/gesture run .................");
return gesturePwdService.closeGesture(request, tx, ReturnMapUtil);
} catch (Exception e) {
return ReturnMapUtil.rollback(e);
}
}
@Path("/acquisition/gesture")
@GET
public Map<String, Object> acquisitionGesture(
@Context HttpServletRequest request, @Context Transaction sqlca,
@Context JBOTransaction tx) throws Exception {
ReturnMapUtil ReturnMapUtil = new ReturnMapUtil(tx, sqlca);
try {
ARE.getLog().info(
"[CONTROLLER] AppUserPwdController run .................");
ARE.getLog()
.info("[Path] /user/center/manager/acquisition/gesture run .................");
return gesturePwdService.acquisitionGesture(request, ReturnMapUtil);
} catch (Exception e) {
return ReturnMapUtil.rollback(e);
}
}
//ÐÞ¸ÄÃÜÂë
@Path("/updatePwd")
@POST
public Map<String, Object> SaveFeedback(@Context HttpServletRequest request,
@Context HttpServletResponse response, @Context JBOTransaction tx,
@Context Transaction sqlca) throws Exception {
ReturnMapUtil ReturnMapUtil = new ReturnMapUtil(tx, sqlca);
ARE.getLog().info(
"[CONTROLLER] ApplyChangeController run .................");
ARE.getLog().info("[Path] /change/save/courier" + " run .................");
try {
return gesturePwdService.SaveFeedback(request, response, tx, sqlca, ReturnMapUtil);
} catch (Exception e) {
return ReturnMapUtil.rollback(e);
}
}
}

47
src_app_fresh/apx/com/amarsoft/als/user/pwd/service/GesturePwdService.java
View File

@ -1,20 +1,27 @@
package apx.com.amarsoft.als.user.pwd.service;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.core.Context;
import com.amarsoft.are.jbo.JBOTransaction;
import com.base.util.ReturnMapUtil;
public interface GesturePwdService {
Map<String, Object> setupGesture(@Context HttpServletRequest request,
@Context JBOTransaction tx, ReturnMapUtil ReturnMapUtil);
Map<String, Object> closeGesture(@Context HttpServletRequest request,
@Context JBOTransaction tx, ReturnMapUtil ReturnMapUtil);
Map<String, Object> acquisitionGesture(@Context HttpServletRequest request,
ReturnMapUtil ReturnMapUtil);
}
package apx.com.amarsoft.als.user.pwd.service;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.core.Context;
import com.amarsoft.are.jbo.JBOTransaction;
import com.amarsoft.awe.util.Transaction;
import com.base.util.ReturnMapUtil;
public interface GesturePwdService {
Map<String, Object> setupGesture(@Context HttpServletRequest request,
@Context JBOTransaction tx, ReturnMapUtil ReturnMapUtil);
Map<String, Object> closeGesture(@Context HttpServletRequest request,
@Context JBOTransaction tx, ReturnMapUtil ReturnMapUtil);
Map<String, Object> acquisitionGesture(@Context HttpServletRequest request,
ReturnMapUtil ReturnMapUtil);
Map<String, Object> SaveFeedback(HttpServletRequest request, HttpServletResponse response, JBOTransaction tx,
Transaction sqlca, ReturnMapUtil returnMapUtil) throws Exception;
}

285
src_app_fresh/apx/com/amarsoft/als/user/pwd/service/impl/GesturePwdServiceImpl.java
View File

@ -1,105 +1,180 @@
package apx.com.amarsoft.als.user.pwd.service.impl;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import apx.com.amarsoft.als.user.pwd.service.GesturePwdService;
import com.amarsoft.are.ARE;
import com.amarsoft.are.jbo.JBOException;
import com.amarsoft.are.jbo.JBOTransaction;
import com.base.constant.RestfullConstant;
import com.base.helper.UserHelper;
import com.base.util.DES;
import com.base.util.MD5Util;
import com.base.util.ReturnMapUtil;
public class GesturePwdServiceImpl implements GesturePwdService {
// ReturnMapUtil ReturnMapUtil = new ReturnMapUtil();
public Map<String, Object> setupGesture(HttpServletRequest request,
JBOTransaction tx, ReturnMapUtil ReturnMapUtil) {
String sUserId = request.getParameter("userid");
sUserId = sUserId == null ? request.getSession().getAttribute("userid") == null ? null
: request.getSession().getAttribute("userid").toString()
: sUserId;
String sPwd = request.getParameter("pwd");
if (null == sPwd)
sPwd = "";
// DES.decrypt(sPwd);
sPwd = DES.decrypt(sPwd);
sPwd = MD5Util.getMD5EncodedPassword(sPwd);
Map<String, Object> map = new HashMap<String, Object>();
map.put("ENABLE_GESTURE", "1");
map.put("GESTURE_PASSWORD", sPwd);
try {
UserHelper.edit(tx, sUserId, map);
} catch (JBOException e) {
ARE.getLog().error(e);
ReturnMapUtil.setReturnMap(null,
(String) RestfullConstant.baseProperty.get("FAIL"
.toLowerCase()), "设置手钥密码数据操作失败!");
return ReturnMapUtil.getReturnMap();
}
ReturnMapUtil.setReturnMap(null, (String) RestfullConstant.baseProperty
.get("SUCCESS".toLowerCase()), "成功设置或重设手钥密码!");
return ReturnMapUtil.getReturnMap();
}
public Map<String, Object> closeGesture(HttpServletRequest request,
JBOTransaction tx, ReturnMapUtil ReturnMapUtil) {
// NO CHECK URI
String sUserId = request.getParameter("userid");
sUserId = sUserId == null ? request.getSession().getAttribute("userid") == null ? null
: request.getSession().getAttribute("userid").toString()
: sUserId;
if (null == sUserId)
sUserId = "";
Map<String, Object> map = new HashMap<String, Object>();
map.put("ENABLE_GESTURE", "");
map.put("GESTURE_PASSWORD", "");
try {
UserHelper.edit(tx, sUserId, map);
} catch (JBOException e) {
ARE.getLog().error(e);
ReturnMapUtil.setReturnMap(null,
(String) RestfullConstant.baseProperty.get("FAIL"
.toLowerCase()), "关闭手钥密码数据操作失败!");
return ReturnMapUtil.getReturnMap();
}
ReturnMapUtil.setReturnMap(null, (String) RestfullConstant.baseProperty
.get("SUCCESS".toLowerCase()), "成功关闭手钥密码!");
return ReturnMapUtil.getReturnMap();
}
public Map<String, Object> acquisitionGesture(HttpServletRequest request,
ReturnMapUtil ReturnMapUtil) {
// NO CHECK URI
String sUserId = request.getParameter("userid");
sUserId = sUserId == null ? request.getSession().getAttribute("userid") == null ? null
: request.getSession().getAttribute("userid").toString()
: sUserId;
if (null == sUserId)
sUserId = "";
Map<String, Object> userMap = UserHelper.getUser(sUserId);
if (userMap == null) {
ReturnMapUtil.setReturnMap(null,
(String) RestfullConstant.baseProperty.get("FAIL"
.toLowerCase()), "没用找到该用户!");
return ReturnMapUtil.getReturnMap();
}
Map<String, Object> body = new HashMap<String, Object>();
body.put("loginid", userMap.get("loginid"));
body.put("username", userMap.get("username"));
body.put("userid", userMap.get("userid"));
String sEnable = (String) userMap.get("ENABLE_GESTURE".toLowerCase());
body.put("enablegesture", sEnable);
body.put("enableGestureName", "1".equals(sEnable) ? "开启" : "关闭");
ReturnMapUtil.setReturnMap(body, (String) RestfullConstant.baseProperty
.get("SUCCESS".toLowerCase()), "");
return ReturnMapUtil.getReturnMap();
}
}
package apx.com.amarsoft.als.user.pwd.service.impl;
import java.util.HashMap;
import java.util.Map;
import java.util.Map.Entry;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import apx.com.amarsoft.als.user.pwd.service.GesturePwdService;
import com.amarsoft.are.ARE;
import com.amarsoft.are.jbo.BizObject;
import com.amarsoft.are.jbo.BizObjectManager;
import com.amarsoft.are.jbo.JBOException;
import com.amarsoft.are.jbo.JBOFactory;
import com.amarsoft.are.jbo.JBOTransaction;
import com.amarsoft.are.lang.DateX;
import com.amarsoft.are.security.MessageDigest;
import com.amarsoft.are.util.DataConvert;
import com.amarsoft.awe.security.LogonUser;
import com.amarsoft.awe.security.SecurityAudit;
import com.amarsoft.awe.security.SecurityAuditConstants;
import com.amarsoft.awe.security.SecurityOptionManager;
import com.amarsoft.awe.security.UserMarkInfo;
import com.amarsoft.awe.security.pwdrule.ALSPWDRules;
import com.amarsoft.awe.security.pwdrule.ComparePasswordRule;
import com.amarsoft.awe.security.pwdrule.PasswordRuleManager;
import com.amarsoft.awe.util.Transaction;
import com.amarsoft.context.ASUser;
import com.base.constant.RestfullConstant;
import com.base.helper.UserHelper;
import com.base.util.DES;
import com.base.util.MD5Util;
import com.base.util.MultipartDataUtil;
import com.base.util.ReturnMapUtil;
public class GesturePwdServiceImpl implements GesturePwdService {
// ReturnMapUtil ReturnMapUtil = new ReturnMapUtil();
public Map<String, Object> setupGesture(HttpServletRequest request,
JBOTransaction tx, ReturnMapUtil ReturnMapUtil) {
String sUserId = request.getParameter("userid");
sUserId = sUserId == null ? request.getSession().getAttribute("userid") == null ? null
: request.getSession().getAttribute("userid").toString()
: sUserId;
String sPwd = request.getParameter("pwd");
if (null == sPwd)
sPwd = "";
// DES.decrypt(sPwd);
sPwd = DES.decrypt(sPwd);
sPwd = MD5Util.getMD5EncodedPassword(sPwd);
Map<String, Object> map = new HashMap<String, Object>();
map.put("ENABLE_GESTURE", "1");
map.put("GESTURE_PASSWORD", sPwd);
try {
UserHelper.edit(tx, sUserId, map);
} catch (JBOException e) {
ARE.getLog().error(e);
ReturnMapUtil.setReturnMap(null,
(String) RestfullConstant.baseProperty.get("FAIL"
.toLowerCase()), "设置手钥密码数据操作失败!");
return ReturnMapUtil.getReturnMap();
}
ReturnMapUtil.setReturnMap(null, (String) RestfullConstant.baseProperty
.get("SUCCESS".toLowerCase()), "成功设置或重设手钥密码!");
return ReturnMapUtil.getReturnMap();
}
public Map<String, Object> closeGesture(HttpServletRequest request,
JBOTransaction tx, ReturnMapUtil ReturnMapUtil) {
// NO CHECK URI
String sUserId = request.getParameter("userid");
sUserId = sUserId == null ? request.getSession().getAttribute("userid") == null ? null
: request.getSession().getAttribute("userid").toString()
: sUserId;
if (null == sUserId)
sUserId = "";
Map<String, Object> map = new HashMap<String, Object>();
map.put("ENABLE_GESTURE", "");
map.put("GESTURE_PASSWORD", "");
try {
UserHelper.edit(tx, sUserId, map);
} catch (JBOException e) {
ARE.getLog().error(e);
ReturnMapUtil.setReturnMap(null,
(String) RestfullConstant.baseProperty.get("FAIL"
.toLowerCase()), "关闭手钥密码数据操作失败!");
return ReturnMapUtil.getReturnMap();
}
ReturnMapUtil.setReturnMap(null, (String) RestfullConstant.baseProperty
.get("SUCCESS".toLowerCase()), "成功关闭手钥密码!");
return ReturnMapUtil.getReturnMap();
}
public Map<String, Object> acquisitionGesture(HttpServletRequest request,
ReturnMapUtil ReturnMapUtil) {
// NO CHECK URI
String sUserId = request.getParameter("userid");
sUserId = sUserId == null ? request.getSession().getAttribute("userid") == null ? null
: request.getSession().getAttribute("userid").toString()
: sUserId;
if (null == sUserId)
sUserId = "";
Map<String, Object> userMap = UserHelper.getUser(sUserId);
if (userMap == null) {
ReturnMapUtil.setReturnMap(null,
(String) RestfullConstant.baseProperty.get("FAIL"
.toLowerCase()), "没用找到该用户!");
return ReturnMapUtil.getReturnMap();
}
Map<String, Object> body = new HashMap<String, Object>();
body.put("loginid", userMap.get("loginid"));
body.put("username", userMap.get("username"));
body.put("userid", userMap.get("userid"));
String sEnable = (String) userMap.get("ENABLE_GESTURE".toLowerCase());
body.put("enablegesture", sEnable);
body.put("enableGestureName", "1".equals(sEnable) ? "开启" : "关闭");
ReturnMapUtil.setReturnMap(body, (String) RestfullConstant.baseProperty
.get("SUCCESS".toLowerCase()), "");
return ReturnMapUtil.getReturnMap();
}
public Map<String, Object> SaveFeedback(HttpServletRequest request, HttpServletResponse response, JBOTransaction tx,
Transaction sqlca, ReturnMapUtil ReturnMapUtil) throws Exception {
Map<String, Object> testMap = (Map<String, Object>) MultipartDataUtil
.readRequestParam(request, "UTF-8");
Map<String, Object> fieldMap = (Map<String, Object>) testMap.get("fieldMap");
String userid = fieldMap.get("userid") == null ? "" : fieldMap.get("userid").toString();
String oldPwd = fieldMap.get("oldPassword") == null ? "" : fieldMap.get("oldPassword").toString();
String newPwd = fieldMap.get("newPassword") == null ? "" : fieldMap.get("newPassword").toString();
//加密处理
String sEncOldPassword = MessageDigest.getDigestAsUpperHexString("MD5", oldPwd );
String sEncNewPassword = MessageDigest.getDigestAsUpperHexString("MD5", newPwd);
BizObjectManager bm = JBOFactory.getBizObjectManager("jbo.awe.USER_INFO");
BizObject bo1 = bm.createQuery("UserID=:UserID and Password=:Password")
.setParameter("UserID", userid).setParameter("Password", sEncOldPassword).getSingleResult(true);
Map<String, Object> bo = new HashMap<String, Object>();
if(bo1 == null) {
ReturnMapUtil.setReturnMap(null,RestfullConstant.baseProperty.get("fail").toString(), "原密码错误,请重新输入!!");
return ReturnMapUtil.getReturnMap();
}
SecurityAudit securityAudit = new SecurityAudit(new LogonUser(ASUser.getUser(userid, sqlca).getUserName(), userid, oldPwd));//安全审计里面可能需要判断密码是否包含大小写等问题所以构建用户的时候使用明码
UserMarkInfo userMarkInfo = securityAudit.getUserMarkInfo(sqlca);
PasswordRuleManager pwm = new PasswordRuleManager();
ComparePasswordRule compareRule = new ComparePasswordRule();
Map<String, String> ruleMap = SecurityOptionManager.getRules(sqlca);
ALSPWDRules alsPWDRules = new ALSPWDRules(ruleMap);
pwm.addRule(compareRule);
pwm.addRule(alsPWDRules);
if(!securityAudit.modifyPassword(newPwd,pwm)){
if(securityAudit.getErrorCode()==SecurityAuditConstants.CODE_RULE_ERROR_LENGTH){
Map<Integer, String> ruleMap2 = new HashMap<Integer, String>();
for(Entry<String, String> e : ruleMap.entrySet()){
ruleMap2.put(DataConvert.toInt(e.getKey()), e.getValue());
}
String pwdLength = ruleMap2.get(securityAudit.getErrorCode());
System.out.println("密码长度至少为"+pwdLength+"位,请重新输入!!!");
}else{
System.out.println(securityAudit.getErrorMessage()+",请重新输入!!!");
}
}
//校验通过后,更新为新的密码
bo1.setAttributeValue("Password", sEncNewPassword);
bm.saveObject(bo1);
//保存用户痕迹信息
userMarkInfo.setPasswordState("0");
userMarkInfo.setPassWordUpdateDate(DateX.format(new java.util.Date()));
userMarkInfo.saveMarkInfo(sqlca);
ReturnMapUtil.setReturnMap(bo,RestfullConstant.baseProperty.get("success").toString(), "");
return ReturnMapUtil.getReturnMap();
}
}