优化登陆校验,密码加密

4a832442 · Quxl · 2cc4c23b · 4a832442 · 4a832442 · 4a832442
Commit 4a832442 authored Oct 10, 2018 by Quxl
4 changed files
--- a/src/main/java/com/egolm/film/api/MemberOpenApiController.java
+++ b/src/main/java/com/egolm/film/api/MemberOpenApiController.java
@@ -71,11 +71,12 @@ public class MemberOpenApiController {
 	@ApiImplicitParams({@ApiImplicitParam(paramType = "query", dataType = "string", required = true, name = "email")})
 	public Object getPassword(String email) {
 		int code = (int) ((Math.random() * 9 + 1) * 10000000);
-		String newPassword = String.valueOf(code);
+		String password = String.valueOf(code);
 		Fc_member member = memberService.getMemberByEmail(email);
-		memberService.changePassword(member.getAddress(), newPassword);
+		String encodePwd = memberService.encodePassword(member.getSalt(), password);
+		memberService.changePassword(member.getId(), encodePwd);
 		String subject = messages.get("email.getPassword.subject");
-		String content = messages.get("email.getPassword.subject", member.getRealname(), newPassword);
+		String content = messages.get("email.getPassword.subject", member.getRealname(), password);
 		emailService.send(subject, content, email);
 		return Rjx.jsonOk();
 	}

--- a/src/main/java/com/egolm/film/api/member/service/MemberService.java
+++ b/src/main/java/com/egolm/film/api/member/service/MemberService.java
@@ -11,7 +11,7 @@ public interface MemberService {
 	Fc_member getMemberByEmail(String email);
-	void changePassword(String id, String newPassword);
+	void changePassword(Integer id, String newPassword);
 	void saveMember(Fc_member member);

--- a/src/main/java/com/egolm/film/api/member/service/impl/MemberServiceImpl.java
+++ b/src/main/java/com/egolm/film/api/member/service/impl/MemberServiceImpl.java
@@ -19,7 +19,7 @@ public class MemberServiceImpl implements MemberService {
 	private JdbcTemplate jdbcTemplate;
 	@Override
-	public void changePassword(String id, String newPassword) {
+	public void changePassword(Integer id, String newPassword) {
 		String sql = "update fc_member set password = ? where id = ?";
 		jdbcTemplate.executeUpdate(sql, newPassword, id);
 	}

--- a/src/main/java/com/egolm/film/login/service/impl/MemberTokenServiceImpl.java
+++ b/src/main/java/com/egolm/film/login/service/impl/MemberTokenServiceImpl.java
 package com.egolm.film.login.service.impl;
-import java.util.List;
-import java.util.Map;
 import javax.servlet.http.HttpSession;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
-import com.egolm.common.StringUtil;
-import com.egolm.common.jdbc.JdbcTemplate;
 import com.egolm.film.api.member.service.MemberService;
+import com.egolm.film.bean.Fc_member;
 import com.egolm.film.common.Messages;
 import com.egolm.film.config.WebMvcConfig;
 import com.egolm.film.config.XException;
@@ -23,45 +19,30 @@ public class MemberTokenServiceImpl implements MemberTokenService {
 	@Autowired
 	private Messages messages;
-	@Autowired
-	private JdbcTemplate jdbcTemplate;
 	@Autowired
 	private MemberService memberService;
 	@Override
-	public LoginToken doLogin(String username, String password) {
+	public LoginToken doLogin(String email, String password) {
 		HttpSession session = WebMvcConfig.getSession();
-		String loginSql = "select * from fc_member where email = ?";
+		Fc_member member = memberService.getMemberByEmail(email);
-		List<Map<String, Object>> list = this.jdbcTemplate.queryForList(loginSql, username);
+		Integer state = member.getState();
-		if(list != null) {
+		if(state == 1) {
-			if(list.size() == 1) {
+			String salt = member.getSalt();
-				Map<String,Object> map = list.get(0);
+			String dbPwd = member.getPassword();
-				Integer state = (Integer)map.get("state");
+			String encodePassword = memberService.encodePassword(salt, password);
-				if(state == 1) {
+			if(encodePassword.equals(dbPwd)) {
-					String salt = (String)map.get("salt");
+				Integer id = member.getId();
-					String dbPwd = (String)map.get("password");
+				LoginToken token = new LoginToken(id);
-					String encodePassword = memberService.encodePassword(salt, password);
+				session.setAttribute(TOKEN_NAME, token);
-					if(encodePassword.equals(dbPwd)) {
+				return token;
-						Integer id = (Integer)map.get("id");
-						LoginToken token = new LoginToken(id);
-						session.setAttribute(TOKEN_NAME, token);
-						return token;
-					} else {
-						throw new XException(messages.get("sys.err.user_pwd_err"));
-					}
-				} else if(state == 2) {
-					throw new XException(messages.get("sys.err.user_disabled"));
-				} else {
-					throw new XException(messages.get("sys.err"));
-				}
-			} else if(list.size() == 0) {
-				throw new XException(messages.get("sys.err.user_pwd_err"));
 			} else {
-				throw new XException(messages.get("sys.err"));
+				throw new XException(messages.get("sys.err.user_pwd_err"));
 			}
+		} else if(state == 2) {
+			throw new XException(messages.get("sys.err.user_disabled"));
 		} else {
-			throw new XException(messages.get("sys.err.user_pwd_err"));
+			throw new XException(messages.get("sys.err"));
 		}
 	}