登录要求密码必须包含数字、⼤写字母、⼩写字母、特殊字字符4种中⾄少3种<!DOCTYPE html>
<html>
<head lang="en">
<meta charset="UTF-8">
<title>修改密码 | ${appName} - ${sysName}</title>
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<title>${appName}-${sysName}</title> <%include("/admin/header.html"){}%>
<script type="text/javascript">
var app="${app}";
</script>
<link rel="stylesheet" href="${app}assets/css/amazeui-qhyf.css">
</head>
<body>
<div class="am-g" >
<div class="am-u-lg-3 am-u-md-6 am-u-sm-centered loginContent">
<div class="loginBox">
<div class="loginTitle">
<div class="inner">
<i class="title-icon"></i>
<h1>${appName}</h1>
<span>⾸次登陆请先修改密码</span>
</div>
</div>
<!-- loginTitle end -->
<div class="log-mainbox">
<form method="post" id="changePasswordForm" class="am-form"
action="${app}password/change">
<fieldset>
<div class="iptBox ipt-logCon" >
<i class="user"></i><input name="userName" type="text"
id="userName" minlength="4" placeholder="请输⼊⽤户名" required="required"/>
</div>
<div class="iptBox ipt-logCon" >
<i class="pass"></i><input name="oldPassword" type="password"
id="oldPassword" minlength="6" onblur="javascrpit:checkPassWord()" placeholder="请输⼊原密码" required/>
</div>
<div class="iptBox ipt-logCon" >
<i class="pass"></i><input name="password" type="password"
id="password" minlength="8"placeholder="请输⼊新密码" required />
</div>
<div class="iptBox ipt-logCon" >
<i class="pass"></i><input name="passwordConfirm" type="password"
id="passwordConfirm" data-equal-to="#password" minlength="8" placeholder="请再次输⼊新密码" required="required"/>
</div>
<div class="am-cf" >
<input id="changePasswordBtn" type="button"
class="am-btn am-btn-primary am-btn-sm am-fl log-sendBox log-sendshadowFont log-sendBoxShadow "
value="修改密码"/>
</div>
<span >新密码必须包含数字、⼤写字母、⼩写字母、特殊字字符⾄少3种,长度必须⼤于或等于8位</span>
</fieldset>
</form>
</div>
<!-- log-mainbox end -->
</div>
<div class="loginShadow" >
<img src="${app}assets/i/image/loginShadow.jpg">
</div>
</div>
</div>
<div class="admin-tpl" id="templateDiv">
<%include("/admin/template/modal.tpl"){}%>
</div>
<div id="modal-div"></div>
<script src="${app}assets/js/jquery.min.js"></script>
<script src="${app}assets/js/admin/admin.js"></script>
<script src="${app}assets/js/admin/admin.utils.js"></script>
<script src="${app}assets/js/amazeui.min.js"></script>
<script src="${app}assets/js/handlebars.min.js"></script>
<script type="text/javascript">
//每个模块都应该提供⼀个init⽅法⽤来进⾏事件注册什么的
function changePasswordAdmin() {
}// 定义⼀个类(函数)
changePasswordAdmin.formId="changePasswordForm";
changePasswordAdminfirBtnName="确定";
var $modalTpl = $('#admin-modal-div-tpl');
var $modalDivName = "#modal-div";
var $modalDiv = $($modalDivName);
//为该类(函数)添加⼀个静态⽅法extend
for ( var a in obj)
this[a] = obj[a];
}
init : function(data) {
/
/注册新增按钮
$("#changePasswordBtn").on(
'click',function(){
commit;
});//新增按钮注册结束
},//init End
commit : function(data) {
var passwordConfirm = $('#changePasswordForm').find('#passwordConfirm').val();
var password = $('#changePasswordForm').find('#password')
.val();
if (passwordConfirm !== password) {
alertMsg("初始密码和确认密码必须⼀致");
return;
}
var $form= $("#"+changePasswordAdmin.formId);
commitForm($form, dal,changePasswordAdmin);
}
});//extend END
function checkPassWord(){
var oldPassword = ElementById("oldPassword").value;
var userName= ElementById("userName").value;
/* var para={};
para['oldPassword']=oldPassword;
para['userName']=userName; */
ajax_jsonp("${app}password/check", {"oldPassword":oldPassword,"userName":userName}, function(response){
sg=="密码不正确,请重新输⼊"){
alert("密码不正确请重新输⼊");
//alert("密码不正确请重新输⼊");
return;
}
},null,"POST");
}
$("#changePasswordBtn").on(
'click',
function() {
var passwordConfirm = $('#changePasswordForm').find(
'#passwordConfirm').val();
var password = $('#changePasswordForm').find('#password').val();
if (passwordConfirm !== password) {
alert("新密码和确认密码必须⼀致");
return false;
}
if (password == "" || password.length < 8) {
alert("密码⾄少为8位");
return false;
}
var passwordFormat = /^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z\\\\W_!@#$%^&*`~()-+=]+$)(?![a-z0-9]+$)(?![a-z\\\\W_!@#$%^&*`~()-+=]+$)(?![0-9\\\\W_!@#$%^&*`~()-+=]+$)[a-zA-Z0-9\\\\W_!@#$%^&*`~()-+=]{8,30}$ if (!st(password)) {
alert("新密码必须包含数字、⼤写字母、⼩写字母、特殊字字符4种中⾄少3种");
return;
}
if (!st(passwordConfirm)) {
alert("确认密码必须包含数字、⼤写字母、⼩写字母、特殊字字符4种中⾄少3种");
return;
}
var $form= $("#"+changePasswordAdmin.formId);
// commitForm($form, dal,changePasswordAdmin);
// 异步提交
var formData = $form.serializeArray();
var data = {};
$.each(formData, function(index, object) {
data[object.name] = object.value;
});
url = build_url("${app}password/change");
$.ajax({
async: true,
data: data,
url: url,
dataType: "json",
type: "POST"
}).then(function(data, status) {
if(!checkResponseData(data)) {
if(data && sg) {
sg);
$("#userName").val("");
$("#oldPassword").val("");
$("#password").val("");
$("#passwordConfirm").val("");
return;
} else {
<("发⽣未知错误");
}
}
}, function(data, status, errorThrown) {
if(data.status && data.status === 200) {
document.sponseText);
return;
}
});
});
</script>
</body>
</html>
<!DOCTYPE html>
<html>
<head lang="en">
<meta charset="UTF-8">
<title>登陆 | ${appName} - ${sysName}</title>
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<title>${appName}-${sysName}</title> <%include("/admin/header.html"){}%>
<script>
if (!endWith(window.location.href, "/login")
&& !endWith(window.location.href, "/login/")) {
console.log("⾮登陆地址,重新刷新⼀次登陆界⾯");
window.location.href = "${app}login";
}
$(function() {
var loginMsg = "${loginErrMsg!}";
if (loginMsg != "") {
alert(loginMsg);
}
});
$(function() {
var needPhoneCheck = "${needPhoneCheck!}";
if (needPhoneCheck) {
$("#identifyingCode").parent(".iptBox").css('display','block');
if("1"==needPhoneCheck){
$("#resend").css('display','block');
settime($("#resend"));
}else if("2"==needPhoneCheck){
$("#resend").css('display','block');
}
}
});
$(function() {
var obj = $("#resend");
var countdown = "${countdown!}";
settime(obj);
});
</script>
</head>
<body>
<div class="am-g" >
<div class="am-u-lg-3 am-u-md-6 am-u-sm-centered loginContent">
<div class="loginBox">
<div class="loginTitle">
<div class="inner">
<i class="title-icon"></i>
<h1>${appName}</h1>
<span>您好!欢迎进⼊${appName}!</span>
</div>
</div>
<!-- loginTitle end -->
<div class="log-mainbox">
<form method="post" class="am-form" action="${app}action/login" id="form">
<fieldset>
<div class="iptBox ipt-logCon" >
<i class="user"></i><input name="userName" type="text"
value="${loginUserId!}" id="userName" minlength="4"
placeholder="⽤户名" required />
<input name="mobile" type="hidden"
value="${mobile!}" id="mobile"/>
<input name="countdown" type="hidden"
value="${countdown!}" id="countdown"/>
</div>
<div class="iptBox ipt-logCon" >
<i class="pass"></i><input name="password" type="password"
id="password" minlength="6" placeholder="密码" required />
</div>
<div class="iptBox ipt-logCon" >
<i class="pass"></i><input name="identifyingCode" type="text"
id="identifyingCode" minlength="6" placeholder="验证码"/>
</div>
<input type="button" id="resend" value="重新发送" />
<div class="am-cf" >
<input type="button"
class="am-btn am-btn-primary am-btn-sm am-fl log-sendBox log-sendshadowFont log-sendBoxShadow " onclick="check()"
value="登录"/>
</div>
</fieldset>
</form>
<!-- <div class="log-forgetcon"> -->
<!-- <a href="javascript:void(0);" class="log-forget"> <i></i> -->
<!-- 忘记密码? -->
<!-- </a> -->
<!-- </div> -->
</div>
<!-- log-mainbox end -->
</div>
<div class="loginShadow" >
<img src="${app}assets/i/image/loginShadow.jpg">
</div>
</div>
</div>
</body>
<script src="${app}assets/js/admin/admin.js"></script>
<script type="text/javascript">
if($("#countdown").val()!=""){
var countdown=$("#countdown").val();
}else{
var countdown=120;
}
$("#resend").on("click",function(){
var obj = $("#resend");
resend();
settime(obj);
})
function settime(obj) { //发送验证码倒计时
if (countdown == 0) {
obj.attr('disabled',false);
obj.val("获取验证码");
$("#resend").css("background","#E6E6E6");
$("#countdown").val("120");
countdown = 120;
return;
} else {
obj.attr('disabled',true);
obj.val("(" + countdown + ")S");
$("#countdown").val(""+ countdown +"");
countdown--;
}
setTimeout(function() {
settime(obj) }
,1000)
}
function resend(){
$("#countdown").val("120");
$.ajax({
type: "POST",
url: "/action/login/",
data: {"mobile" : $("#mobile").val(),"flag":"1"},
dataType: "json",
success: function(data){}
});
}
function check() {
var passwordFormat = /^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z\\\\W_!@#$%^&*`~()-+=]+$)(?![a-z0-9]+$)(?![a-z\\\\W_!@#$%^&*`~()-+=]+$)(?![0-9\\\\W_!@#$%^&*`~()-+=]+$)[a-zA-Z0-9\\\\W_!@#$%^&*`~()-+=]{8,30}$/ var commitFlag = false
if ($("#password").val().length < 8||!st($("#password").val())) {
commitFlag = alertMsg("密码必须包含数字、⼤写字母、⼩写字母、特殊字字符⾄少3种,长度必须⼤于或等于8位.是否修改",'COMFIR');
if(commitFlag){
}
} else { 88888888
}
}
</script>
</html>
import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.HttpURLConnection;
import java.InetAddress;
import java.URL;
import java.UnknownHostException;
import java.util.HashMap;
import java.util.Map;
import Matcher;
import Pattern;
import javax.servlet.http.HttpServletRequest;
import org.apachemons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import ptions.ClientException;
lemon.io.BaseEncoding;
import ActionKey;
import action.Rest;
import pojo.RestMethod;
import com.qhyf.app.bl.BlConfig;
import com.qhyf.app.bl.BlConstant;
import com.qhyf.app.bl.basemon.AdminService;
import com.qhyf.app.bl.basemon.EnvironmentUtils;
import com.qhyf.app.bl.base.support.SuppliersToken;
import com.qhyf.app.bl.base.util.SmsUtils;
import com.qhyf.app.bl.base.util.VerifyCodeUtil;
import com.qhyf.del.SysUser;
wepoch.persistent.dbmon.Db;
wepoch.ption.ActiveRecordException;
wepoch.persistent.db.pojo.Record;
wepoch.utils.AssertUtils;
public class LoginController extends QhyfController {
/**
* ⽇志
*/
private static Logger logger = Logger(LoginController.class);
/**
* 筛选⽤户
*/
private static String selectUser = "SELECT * FROM `sys_user` WHERE `sys_status`=? AND `user_id`=?";
/**
* 注销
*/
@ActionKey("/logout")
public void logout() {
Record loginUser = LoginUser(this);
if (loginUser != null) {
AdminService.logout(this, loginUser);
} else {
redirect("/");
}
}
/**
* 打开登陆界⾯
*/
public void index() {
// String nesid = Nesid(this);
/
/ if (!StringUtils.isBlank(nesid)) {
// Record user = LoginUser(this);
// if (AdminService.isValidSession(nesid, user)) {
//// 已登陆,直接跳转到主界⾯
// logger.info("⽤户[{}]已登陆(nesid=[{}],直接跳转到登陆界⾯", Str(BlConstant.FIELD_USER_ID), nesid); // redirect("/admin/");
// return;
// }
// }
render("/admin/login.html");
}
/**
* 修改密码
*/
@Rest(method = RestMethod.GET)
@ActionKey("/password/change")
public void changePassword() {
}
/**
* 修改密码
*/
@Rest(method = RestMethod.POST)
@ActionKey("/password/change")
public void doChangePassword() {
Record loginUser = null;
try {
String userName = Para("userName");
String oldPassword = Para("oldPassword");
String password = Para("password");
String passwordConfirm = Para("passwordConfirm");
AssertUtils.isTrue(password.equals(passwordConfirm), "新密码和确认密码必须⼀致");
String sql = selectUser;
loginUser = Db.findFirst(sql, BlConstant.SYS_STATUS_VALUE, userName);
this.checkPassword(loginUser, userName, oldPassword);
String newPasswordMd5 = Str(BlConstant.FIELD_SALT),
passwordConfirm);
Db.update("update " + Table().getName() + " set status='1',password=? where uuid=?",
newPasswordMd5, Str(BlConstant.FIELD_UUID));
loginUser.set("password", newPasswordMd5);
AdminService.login(this, loginUser);
// derVjson("密码修改成功");
// redirect("/admin/");
logger.debug("密码修改成功,跳转到后台界⾯");
//bug对应NO.1455---修改完成后界⾯不跳转 add by dujiang 2016/08/25 start
render("/admin/login.html");
// ().getEnv().getLoginAction());
//bug对应NO.1455---修改完成后界⾯不跳转 add by dujiang 2016/08/25 end
} catch (Exception e) {
<("修改密码失败", e);
/
/ derVjson("修改密码失败");
}
}
/**
* 检验密码
*
* @throws ActiveRecordException
*/
@Rest(method = RestMethod.POST)
@ActionKey("/password/check")
public void checkPassword() {
Record loginUser = null;
String userName = Para("userName");
String oldPassword = Para("oldPassword");
String sql = selectUser;html实现用户注册登录代码
try {
loginUser = Db.findFirst(sql, BlConstant.SYS_STATUS_VALUE, userName);
this.checkPassword(loginUser, userName, oldPassword);
if (loginUser != null) {
} else {
<("密码不正确,请重新输⼊");
}
} catch (Exception e) {
<("密码不正确,请重新输⼊", e);
}
}
/
**
* 登陆(登陆必须以post⽅式)
*/
@Rest(method = RestMethod.POST)
@ActionKey("/action/login")
public void loginAction() {
String mobile = Para("mobile");
String flag = Para("flag");//是否是重新发送的消息
String countdown = Para("countdown");
if("1".equals(flag)){
resend(mobile);
}else{
String userName = Para("userName");
try {
Record loginUser = null;
String password = Para("password");
String identifyingCode = Para("identifyingCode");
String sql = selectUser;
loginUser = Db.findFirst(sql, BlConstant.SYS_STATUS_VALUE, userName);
if (loginUser != null) {
String status = Str("status");
if ("0".equals(status)) {
this.setAttr("userName", userName);
return;
}
String passwordFormat = "^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z\\\\W_!@#$%^&*`~()-+=]+$)(?![a-z0-9]+$)(?![a-z\\\\W_!@#$%^&*`~()-+=]+$)(?![0-9\\\\W_!@#$%^&*`~()-+=]+$)[a-zA-Z0-9\\\\W_!@#$%^&*`~()-+=]{8,30}$" Pattern pattern=Patternpile(passwordFormat);
Matcher matcher=pattern.matcher(password);
if(password.length()<8||!matcher.matches()){
String securityPass = Str(BlConstant.FIELD_SALT), password);
AssertUtils.Str("password").equals(securityPass),"密码输⼊不正确,请重新输⼊");
return;
}
AssertUtils.isTrue(!"2".equals(status), "账户已被锁定");
}
if (BlConfig.DEV) {
if (loginUser == null) {
loginUser = new Record();
loginUser.set("userName", "测试⽤户");
loginUser.set(BlConstant.FIELD_UUID, userName);
loginUser.set(BlConstant.FIELD_USER_ID, userName);
loginUser.set(BlConstant.FIELD_CORDYS_USER_ID, userName);
loginUser.set(BlConstant.FIELD_EXPIRE_TIME, Long.MAX_VALUE);// 测试超时时间为最长
loginUser.set(BlConstant.FIELD_CORDYS_USER_ID, userName);
}
} else {
this.checkPassword(loginUser, userName, password);
().getEnv().isWhiteListOnOff()){
// 判断条件
boolean conditions = StringUtils.isBlank(identifyingCode) && !checkIp();
// 如果是供应商或项⽬公司⼈员则不需要⽩名单限制
if(AdminService.Str("uuid"), "qhyf1024")
|| AdminService.Str("uuid"), "qhyf1050")
|| AdminService.Str("uuid"), "qhyf1026")
|| AdminService.Str("uuid"), "qhyf1052")
|| AdminService.Str("uuid"), "qhyf1051")){
conditions = StringUtils.isBlank(identifyingCode) && false;
}
if(conditions){
mobile = Str("mobile");
String code =RandNum();
SmsUtils.sendSms(mobile, code);
this.setAttr("mobile", mobile);
this.setAttr("needPhoneCheck", "1");
AssertUtils.isTrue(false, "您的访问ip未在系统⽩名单呢,请⽤⼿机验证的⽅式登录");
}else if(StringUtils.isNotBlank(identifyingCode)){
发表评论