Example usage for org.apache.shiro.crypto.hash SimpleHash toBase64

List of usage examples for org.apache.shiro.crypto.hash SimpleHash toBase64

  1. HOME
  2. Java
  3. org.apache.shiro
  4. org.apache.shiro.crypto.hash.*
  5. SimpleHash
  6. toBase64

Introduction

In this page you can find the example usage for org.apache.shiro.crypto.hash SimpleHash toBase64.

Prototype

public String toBase64()

Source Link

Document

Returns a Base64-encoded string of the underlying #getBytes byte array .

Usage

From source file:cn.itganhuo.app.service.impl.UserServiceImpl.java

License:Apache License

public boolean updatePasswordByAccount(User user) {
    String algorithmName = "SHA-512";
    String salt1 = user.getAccount();
    String salt2 = new SecureRandomNumberGenerator().nextBytes().toHex();
    int hashIterations = 2;
    SimpleHash hash = new SimpleHash(algorithmName, user.getPassword(), salt1.concat(salt2), hashIterations);
    user.setPassword(hash.toBase64());
    user.setSalt(salt2);/*from  w w  w. ja v a2  s .com*/
    return this.userDao.updatePasswordByAccount(user);
}

From source file:cn.itganhuo.app.service.impl.UserServiceImpl.java

License:Apache License

@Transactional
@Override/*w w  w.  j  a  v  a  2  s .  c om*/
public RespMsg userRegister(User user, HttpServletRequest request, HttpServletResponse response) {
    RespMsg respMsg = new RespMsg();
    // SQLSQL
    String tmpAccount = StringEscapeUtils.escapeSql(user.getAccount());
    String tmpPassword = StringEscapeUtils.escapeSql(user.getPassword());
    user.setAccount(tmpAccount);
    user.setPassword(tmpPassword);
    // ???
    if (user.getAccount().length() < 6 || user.getAccount().length() > 20) {
        respMsg.setStatus("1000");
        respMsg.setMessage(ConfigPool.getString("respMsg.register.AccountNumberFormatNotLegitimate"));
        return respMsg;
    }
    // ????
    if (!StringUtil.ifContainsSpecialStr(user.getAccount())) {
        respMsg.setStatus("1001");
        respMsg.setMessage(ConfigPool.getString("respMsg.register.AccountNumberFormatNotLegitimate"));
        return respMsg;
    }
    // ??
    if (user.getPassword().length() < 6 || user.getPassword().length() > 32) {
        respMsg.setStatus("2000");
        respMsg.setMessage(ConfigPool.getString("respMsg.register.PasswordFormatNotLegitimate"));
        return respMsg;
    }
    // ???
    String[] s = { "`", "~", "#", "$", "%", "^", "&", "*", "(", ")", "-", "=", "+", "{", "}", "[", "]", "|",
            "\\", ";", ":", "\'", "\"", "<", ">", ",", "/" };
    if (!StringUtil.ifContainsSpecialStr(user.getPassword(), s)) {
        respMsg.setStatus("2001");
        respMsg.setMessage(ConfigPool.getString("respMsg.register.PasswordFormatNotLegitimate"));
        return respMsg;
    }
    // ??????
    if (user.getAccount().matches("[\u4e00-\u9fa5]+") || user.getPassword().matches("[\u4e00-\u9fa5]+")) {
        respMsg.setStatus("3000");
        respMsg.setMessage(ConfigPool.getString("respMsg.common.CanNotContainChineseStr"));
        return respMsg;
    }
    // ????
    User tmp_user = userDao.loadByAccount(user.getAccount());
    if (tmp_user != null) {
        respMsg.setStatus("1002");
        respMsg.setMessage(ConfigPool.getString("respMsg.login.UnknownAccount"));
        return respMsg;
    }
    // ?
    String algorithmName = "SHA-512";
    String salt1 = user.getAccount();
    String salt2 = new SecureRandomNumberGenerator().nextBytes().toHex();
    int hashIterations = 2;
    SimpleHash hash = new SimpleHash(algorithmName, user.getPassword(), salt1.concat(salt2), hashIterations);
    // ??
    user.setPassword(hash.toBase64());
    user.setSalt(salt2);
    user.setIsLock(0);
    user.setPostDate(DateUtil.getNowDateTimeStr(null));
    user.setType(1);
    // ?
    userDao.insert(user);
    HttpUtil.setCookie(response, ConstantPool.USER_ACCOUNT_COOKIE_ID, user.getAccount());
    return respMsg;
}

From source file:cn.itganhuo.app.web.controller.UserController.java

License:Apache License

/**
 * ????/*from   w  w  w.  j  ava 2  s . c  o m*/
 *
 * @param request
 * @param response
 * @return 1000???
 * @version 0.0.1-SNAPSHOT
 * @author ?
 */
@RequiresAuthentication
@RequestMapping(value = "/checkpassword", method = RequestMethod.POST)
@ResponseBody
public RespMsg checkPassword(HttpServletRequest request, HttpServletResponse response) {
    RespMsg respMsg = new RespMsg();
    String originalanpassword = request.getParameter("originalanpassword");
    String account = request.getParameter("account");
    if (account != null && !"".equals(account)) {
        User user = userService.loadByAccount(account);
        String algorithmName = "SHA-512";
        String salt1 = user.getAccount();
        String salt2 = user.getSalt();
        int hashIterations = 2;
        SimpleHash hash = new SimpleHash(algorithmName, originalanpassword, salt1 + salt2, hashIterations);
        if (!hash.toBase64().equals(user.getPassword())) {
            respMsg.setStatus("1000");
            respMsg.setMessage(ConfigPool.getString("respMsg.user.EnterNewPasswordAndOldPasswordSame"));
        }
    }
    return respMsg;
}