Examples of org.apdplat.module.security.model.User

• org.apdplat.module.security.model.User

        if (page.getTotalRecords() != 1) {
            message = "用户账号不存在";
            LOG.info(message+": " + username);
            throw new UsernameNotFoundException(message);
        }
        User user = page.getModels().get(0);
        message = user.loginValidate();
        if(message != null){
            LOG.info(message);
            throw new UsernameNotFoundException(message);
        }
        //到了这里，如果用户还是不能登录，那么只有一种情况就是：密码不正确

     * @return map，key分别是success和message
     */
    public Map<String, Object> modifyPassword(String oldPassword, String newPassword){
        Map<String, Object> result = new HashMap<>();
        String message;
        User user = UserHolder.getCurrentLoginUser();
        if(user == null){
            message = "用户未登陆，不能修改密码";
            result.put("success", false);
            result.put("message", message);
            LOG.error(message);
            return result;
        }
        if(PropertyHolder.getBooleanProperty("demo")){
            if(user.getUsername().equals("admin")){
                message = "演示版本admin用户不能更改密码";
                result.put("success", false);
                result.put("message", message);
                LOG.error(message);
                return result;
            }
        }
        //先对用户的密码策略进行验证
        try{
            passwordStrategyExecuter.check(newPassword);
        }catch(PasswordInvalidException e){
            result.put("success", false);
            result.put("message", e.getMessage());
            LOG.error(e.getMessage());
            return result;
        }
        oldPassword=passwordEncoder.encode(oldPassword.trim(),user);
        if(oldPassword.equals(user.getPassword())){
            user.setPassword(passwordEncoder.encode(newPassword.trim(),user));
            serviceFacade.update(user);
            message = "修改成功";
            result.put("success", true);
            result.put("message", message);
            LOG.info(message);

            LOG.error(e.getMessage());
            return e.getMessage();
        }
        int success = 0;
        for(int id : ids){
            User user = serviceFacade.retrieve(User.class, id);
            if(user == null){
                LOG.error("ID为 "+id+" 的用户不存在，无法为其重置密码");
                continue;
            }
            if(PropertyHolder.getBooleanProperty("demo") && "admin".equals(user.getUsername())){
                LOG.error("演示版本不能重置admin用户的密码");
                continue;
            }
            //设置新密码
            user.setPassword(passwordEncoder.encode(password, user));
            //同步到数据库
            serviceFacade.update(user);
            success++;
        }
        message = "已经成功将 "+success+" 个用户的密码重置为 "+password;

     * 删除用户之前的检查
     * 抛出异常可取消删除操作
     * @param ids 待删除的ID列表
     */
    public void prepareForDelete(Integer[] ids){
        User loginUser=UserHolder.getCurrentLoginUser();
        String message;
        for(int id :ids){
            if(PropertyHolder.getBooleanProperty("demo")){
                User toDeleteUser = serviceFacade.retrieve(User.class, id);
                if(toDeleteUser.getUsername().equals("admin")){
                    message = "演示版本不能删除admin用户";
                    LOG.error(message);
                    throw new RuntimeException(message);
                }
            }

public class APDPlatSaltSourceTest {

    @Test
    public void testGetSalt() {
        String username="admin";
        User user = new User();
        user.setUsername(username);

        SaltSource saltSource = new APDPlatSaltSource();
        String expResult = username+"APDPlat应用级产品开发平台的作者是杨尚川，联系方式（邮件：ysc@apdplat.org）(QQ：281032878)";
        Object result = saltSource.getSalt(user);
        assertEquals(expResult, result.toString());

 */
public class PasswordEncoderTest {

    @Test
    public void testEncode() {
        User user = new User();
        user.setUsername("admin");
        user.setPassword("admin");

        String expResult = "13f3e796b7333df90192c2e9ec64f92982e56aeecffccb65cc502b777e0b7a25";

        SaltSource saltSource = new APDPlatSaltSource();
        PasswordEncoder passwordEncoder = new PasswordEncoder();
        passwordEncoder.setSaltSource(saltSource);

        String result = passwordEncoder.encode(user.getPassword(), user);

        assertEquals(expResult, result);
    }

    }
    private String encode256(String password,User user){
        return shaPasswordEncoder256.encodePassword(password,saltSource.getSalt(user));
    }
    public static void main(String[] args){
        User user = new User();
        user.setUsername("admin");
        user.setPassword("admin");

        SaltSource saltSource = new APDPlatSaltSource();
        PasswordEncoder passwordEncoder = new PasswordEncoder();
        passwordEncoder.setSaltSource(saltSource);

        String password = passwordEncoder.encode512(user.getPassword(), user);
        System.out.println("Step 1 use SHA-512: "+password+" length:"+password.length());

        password = passwordEncoder.encode256(password, user);
        System.out.println("Step 2 use SHA-256: "+password+" length:"+password.length());
    }

        }
        chain.doFilter(request, response);
        if (enabled && filter(req)) {
    long end=System.currentTimeMillis();
                OnlineUserService onlineUserService = SpringContextUtils.getBean("onlineUserService");
                User user = onlineUserService.getUser(req.getSession().getId());
                String userName = "";
                if(user != null){
                    userName = user.getUsername();
                }
                ProcessTime logger=new ProcessTime();
                logger.setUsername(userName);
                logger.setUserIP(req.getRemoteAddr());
                try {