用户表增加密码字段签名

backend/src/main/java/com/jiayue/ssi/controller/SysUserController.java

@@ -357,7 +357,11 @@ public class SysUserController {
         // 生成8位初始密码
         String randomPwd = RandomPwd.getRandomPwd(8);
         log.info("重置随机密码："+randomPwd);
-        boolean bo = sysUserService.resetPassword(Integer.parseInt(id), SmUtil.sm3(randomPwd).toUpperCase());
+        // 加密密码
+        String sm3password = SmUtil.sm3(randomPwd).toUpperCase();
+        // 签名
+        String signstr = SmUtil.sm3(sm3password).toUpperCase();
+        boolean bo = sysUserService.resetPassword(Integer.parseInt(id), sm3password,signstr);
         if (!bo) {
             return ResponseVO.fail("密码生成失败！");
         }
@@ -455,8 +459,8 @@ public class SysUserController {
 
             if (StringUtils.isEmpty(oldPassword)) {
                 return ResponseVO.fail("旧密码不能为空!");
-            } else if (!sysUser.getPassword().equals(SmUtil.sm3(oldPassword).toUpperCase())) {
-                return ResponseVO.fail("旧密码不正确！");
+            } else if (! (sysUser.getPassword().equals(SmUtil.sm3(oldPassword).toUpperCase()) && sysUser.getSignstr().equals(SmUtil.sm3(sysUser.getPassword()).toUpperCase()))) {
+                return ResponseVO.fail("旧密码不正确或验签失败！");
             }
 
             if (StringUtils.isEmpty(newPassword)) {
@@ -485,7 +489,10 @@ public class SysUserController {
                 return ResponseVO.fail(ruleInfo);
             }
 
-            sysUser.setPassword(SmUtil.sm3(newPassword).toUpperCase());
+            // 新密码加密
+            String sm3newpwd = SmUtil.sm3(newPassword).toUpperCase();
+            sysUser.setPassword(sm3newpwd);
+            sysUser.setSignstr(SmUtil.sm3(sm3newpwd).toUpperCase());
             sysUser.setLastUpdatePwdTime(new Date());
             boolean bo = sysUserService.updateById(sysUser);
             if (!bo) {

backend/src/main/java/com/jiayue/ssi/entity/SysUser.java

@@ -69,6 +69,10 @@ public class SysUser extends BaseEntity implements UserDetails {
      * 用户类型（0管理员、1业务用户）
      */
     private String usertype;
+    /**
+     * 签名
+     */
+    private String signstr;
 
     /**
      * 账号有效期

backend/src/main/java/com/jiayue/ssi/mapper/SysUserMapper.java

@@ -26,8 +26,9 @@ public interface SysUserMapper extends BaseMapper<SysUser> {
      * 更改密码
      *
      * @param password 新密码
+     * @param signstr 签名
      * @return 结果
      */
-    @Update("update sys_user t set t.password=#{password},t.last_update_pwd_time=null where t.id=#{id}")
-    public int resetPassword(Long id, String password);
+    @Update("update sys_user t set t.password=#{password},t.signstr=#{signstr},t.last_update_pwd_time=null where t.id=#{id}")
+    public int resetPassword(Long id, String password,String signstr);
 }

backend/src/main/java/com/jiayue/ssi/service/SysUserService.java

@@ -55,9 +55,10 @@ public interface SysUserService extends IService<SysUser> {
      * 初始/重置密码
      * @param id            主键id
      * @param initPassword  初始密码
+     * @param signstr  签名
      * @return
      */
-    boolean resetPassword(Integer id,String initPassword);
+    boolean resetPassword(Integer id,String initPassword,String signstr);
     /**
      * 解锁用户
      * @param id

backend/src/main/java/com/jiayue/ssi/service/impl/SysUserServiceImpl.java

@@ -133,12 +133,13 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
      * 初始/重置密码
      * @param id            主键id
      * @param initPassword  初始密码
+     * @param signstr  签名
      * @return
      */
     @Override
     @Transactional(propagation= Propagation.REQUIRED, rollbackFor = Exception.class)
-    public boolean resetPassword(Integer id,String initPassword) {
-        int count = sysUserMapper.resetPassword(Long.parseLong(id+""),initPassword);
+    public boolean resetPassword(Integer id,String initPassword,String signstr) {
+        int count = sysUserMapper.resetPassword(Long.parseLong(id+""),initPassword,signstr);
 
 //        LambdaUpdateWrapper<SysUser> updateWrapper = new UpdateWrapper<SysUser>().lambda();
 //        updateWrapper.eq(SysUser::getId, id).set(SysUser::getLastUpdatePwdTime, null).set(SysUser::getPassword,initPassword);

backend/src/main/resources/mapper/system/SysUserMapper.xml

@@ -9,6 +9,7 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
         <result property="username"     column="username"    />
         <result property="nickname"     column="nickname"    />
         <result property="usertype"        column="usertype"        />
+        <result property="signstr"        column="signstr"        />
         <result property="phonenumber"  column="phonenumber"  />
         <result property="lockTime"          column="lock_time"          />
         <result property="errNum"       column="err_num"       />

backend/src/test/java/com/jiayue/ssi/service/Test.java

@@ -66,7 +66,7 @@ public class Test {
 //        System.out.println(map.get("username"));
 //        System.out.println(map.get("password"));
 
-        System.out.println(SmUtil.sm3("Xsl147258").toUpperCase());
+        System.out.println(SmUtil.sm3("B37926BDEC94A0AA7AB6C35998515B97126BBCF72CFC363B8CFE784828D631D0").toUpperCase());
 
 
         System.out.println(Convert.toDBC("Xsl147258"));