Example #1
0
  /** 设定安全的密码,生成随机的salt并经过1024次 sha-1 hash */
  private void entryptPassword(User user) {
    byte[] salt = Digests.generateSalt(SALT_SIZE);
    user.setSalt(Encodes.encodeHex(salt));

    byte[] hashPassword = Digests.sha1(user.getPlainPassword().getBytes(), salt, HASH_INTERATIONS);
    user.setPassword(Encodes.encodeHex(hashPassword));
  }
Example #2
0
 /**
  * 验证原密码是否正确
  *
  * @param user
  * @param oldPwd
  * @return
  */
 public boolean checkPassword(User user, String oldPassword) {
   byte[] salt = Encodes.decodeHex(user.getSalt());
   byte[] hashPassword = Digests.sha1(oldPassword.getBytes(), salt, HASH_INTERATIONS);
   if (user.getPassword().equals(Encodes.encodeHex(hashPassword))) {
     return true;
   } else {
     return false;
   }
 }
Example #3
0
 /**
  * 保存用户
  *
  * @param user
  */
 @Transactional(readOnly = false)
 public void save(User user) {
   entryptPassword(user);
   user.setCreateDate(DateUtils.getSysTimestamp());
   userDao.save(user);
 }
Example #4
0
 /**
  * 修改用户登录
  *
  * @param user
  */
 public void updateUserLogin(User user) {
   user.setLoginCount((user.getLoginCount() == null ? 0 : user.getLoginCount()) + 1);
   user.setPreviousVisit(user.getLastVisit());
   user.setLastVisit(DateUtils.getSysTimestamp());
   update(user);
 }