应用场景:
在系统中修改用户密码。
HTML:
<div id="passwordLayer" style="display: none;">
<form class="form-horizontal">
<div class="form-group">
<div class="col-sm-2 control-label">当前密码</div>
<div class="col-sm-10">
<input type="password" id="crPwd" class="form-control" placeholder=""/>
</div>
</div>
<div class="form-group">
<div class="col-sm-2 control-label">输入新密码</div>
<div class="col-sm-10">
<input type="password" id="newPwd" class="form-control" placeholder=""/>
</div>
</div>
<div class="form-group">
<div class="col-sm-2 control-label">确认新密码</div>
<div class="col-sm-10">
<input type="password" id="confirmPwd" class="form-control" placeholder=""/>
</div>
</div>
<div class="form-group">
<div class="col-sm-2 control-label"></div>
<input type="button" class="btn btn-primary" @click="updatePwdChange" value="确定"/>
</div>
</form>
</div>
JS:
//点击确认,调用密码修改方法
updatePwdChange: function (event) {
//当前用户密码
var crPwd = $("#crPwd").val().trim();
//新密码
var newPwd = $("#newPwd").val().trim();
//确认密码
var confirmPwd = $("#confirmPwd").val().trim();
//正则(密码必须由 6-16位字母、数字组成)
var reg = /^[A-Za-z0-9]{6,16}$/;
var crPwd1 = reg.test(crPwd);
var newPwd2 = reg.test(newPwd);
var newPwd3 = reg.test(confirmPwd);
if(crPwd==""){
layer.alert("当前密码不能为空");
return false;
}else if(newPwd==""){
layer.alert("输入新密码不能为空");
return false;
}else if(confirmPwd==""){
layer.alert("确认新密码不能为空");
return false;
}else if(crPwd1==false || newPwd2==false || newPwd3==false ) {
layer.alert("密码必须由 6-16位字母、数字组成");
return false;
}else if (newPwd != confirmPwd) {
layer.alert("两次新密码输入不一致!");
return false;
}else{
vm.deviceUser.tempPassword=crPwd;
vm.deviceUser.password=newPwd;
var url = "/deviceUser/updatePwdChange";
$.ajax({
type: "POST",
url: baseURL + url,
contentType: "application/json",
data: JSON.stringify(vm.deviceUser),
success: function (r) {
if (r.flag == true || r.flag == 'true') {
parent.layer.msg("操作成功,3秒后自动跳转到登陆页面...", {time: 3000});
setTimeout(function () {
location.href = "/logout";
}, 3000);
} else {
layer.alert('操作失败,当前密码输入错误!', {
icon: 2,
title: "提示"
});
}
}
});
}
},
Java后台接口:
Controller:
import java.security.Principal;
@RequestMapping(value = "/updatePwdChange", method = { RequestMethod.GET,RequestMethod.POST })
@ResponseBody
public JSONObject updatePwdChange(HttpServletRequest request,@RequestBody DeviceUserEntity deviceUserEntity,Principal principal)
{
return deviceUserService.updatePwdChangeByUserName(deviceUserEntity,principal);
}
Service:
//将密码加密包
import com.purete.commonutil.utils.CryptographyAES128Cipher;
@Override public JSONObject updatePwdChangeByUserName(DeviceUserEntity deviceUser,Principal principal)
{
JSONObject result = new JSONObject();
try
{
//根据用户名,从数据库中查询用户密码
DeviceUserEntity deviceUserEntity=deviceUserMapper.findByUsername(principal.getName());
String pwd=deviceUserEntity.getPassword();
//拿到当前用户输入的当前密码,并加密用户输入密码,用来给数据库中当前用户查询的密码做比较
String cpwd=CryptographyAES128Cipher.getInstance().encrypt(deviceUser.getTempPassword());
//比较当前用户的输入密码是否与当前用户存在数据库中的密码相同
if(pwd==cpwd || pwd.equals(cpwd)){
deviceUser.setPassword(CryptographyAES128Cipher.getInstance().encrypt(deviceUser.getPassword()));
this.deviceUserMapper.updateByPrimaryKeySelective(deviceUser);
result.put("message", "用户修改密码成功");
result.put("flag", true);
result.put("code", HttpStatusCode.OK.value());
}
}
catch (RuntimeException ex)
{
result.put("message", "用户修改密码失败");
result.put("flag", false);
result.put("code", HttpStatusCode.INTERNAL_SERVER_ERROR.value());
}
catch (Exception e)
{
result.put("message", "用户修改密码失败");
result.put("flag", false);
result.put("code", HttpStatusCode.INTERNAL_SERVER_ERROR.value());
}
return result;
}
service层逻辑:首先会根据当前用户名到数据库中查找该用户的密码(用户是唯一的),查询到的用户密码是加密的。其次获取界面上用户输入的当前密码,将这个密码拿到后进行加密,拿到这个加密后的密码与之前根据用户名查询的密码相比较,如果相同,保存新密码。