用户保存密文密码，预留加密机制

ie-admin/src/main/java/com/ruoyi/web/controller/front/CommController.java

@@ -4,6 +4,7 @@ package com.ruoyi.web.controller.front;
 import com.alibaba.fastjson2.JSONObject;
 import com.ruoyi.common.annotation.Anonymous;
 import com.ruoyi.common.constant.CacheConstants;
+import com.ruoyi.common.constant.UserConstants;
 import com.ruoyi.common.core.domain.AjaxResult;
 import com.ruoyi.common.core.domain.entity.SysDictData;
 import com.ruoyi.common.core.domain.entity.SysUser;
@@ -12,12 +13,15 @@ import com.ruoyi.common.utils.PhoneUtils;
 import com.ruoyi.common.utils.StringUtils;
 import com.ruoyi.dz.domain.DzCards;
 import com.ruoyi.dz.service.IDzCardsService;
+import com.ruoyi.system.domain.SysConfig;
 import com.ruoyi.system.service.ISysConfigService;
 import com.ruoyi.system.service.ISysDictTypeService;
 import com.ruoyi.system.service.ISysUserService;
 import com.ruoyi.system.service.ShortMessageService;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
+import org.apache.commons.collections.CollectionUtils;
+import org.apache.commons.compress.utils.Lists;
 import org.springframework.web.bind.annotation.*;
 
 import java.util.*;
@@ -66,6 +70,29 @@ public class CommController {
         return AjaxResult.success(dictTypeMap);
     }
 
+    @GetMapping(value = "config")
+    @Anonymous
+    @ApiOperation("前端参数列表")
+    public AjaxResult config()
+    {
+        List<SysConfig> configList = Lists.newArrayList();
+        String frontConfKeys = configService.selectConfigByKey(UserConstants.FRONT_CONFIGS);
+        SysConfig cond = new SysConfig();
+        for(String key : frontConfKeys.split(",")) {
+            cond.setConfigKey(key);
+            List<SysConfig> data = configService.selectConfigList(cond);
+            if (CollectionUtils.isEmpty(data))
+            {
+                SysConfig conf = new SysConfig();
+                conf.setConfigKey(key);
+                configList.add(conf);
+            } else {
+                configList.add(data.get(0));
+            }
+        }
+        return AjaxResult.success(configList);
+    }
+
     @ApiOperation("验证卡密码")
     @PostMapping(value = "validateCard")
     public AjaxResult validateCard(String cardNo, String password) {

ie-admin/src/main/java/com/ruoyi/web/controller/system/SysProfileController.java

@@ -105,8 +105,9 @@ public class SysProfileController extends BaseController
         {
             return error("新密码不能与旧密码相同");
         }
+        String password2 = SecurityUtils.encryptPassword2(newPassword);
         newPassword = SecurityUtils.encryptPassword(newPassword);
-        if (userService.resetUserPwd(userId, newPassword) > 0)
+        if (userService.resetUserPwd(userId, newPassword, password2) > 0)
         {
             // 更新缓存用户密码&密码最后更新时间
             loginUser.getUser().setPwdUpdateDate(DateUtils.getNowDate());

ie-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java

@@ -139,6 +139,7 @@ public class SysUserController extends BaseController
             return error("新增用户'" + user.getUserName() + "'失败，邮箱账号已存在");
         }
         user.setCreateBy(getUsername());
+        user.setPassword2(SecurityUtils.encryptPassword2(user.getPassword()));
         user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
         return toAjax(userService.insertUser(user));
     }
@@ -196,6 +197,7 @@ public class SysUserController extends BaseController
     {
         userService.checkUserAllowed(user);
         userService.checkUserDataScope(user.getUserId());
+        user.setPassword2(SecurityUtils.encryptPassword2(user.getPassword()));
         user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
         user.setUpdateBy(getUsername());
         return toAjax(userService.resetPwd(user));

ie-admin/src/main/java/com/ruoyi/web/service/SysRegisterService.java

@@ -72,6 +72,7 @@ public class SysRegisterService
                 username = mobile;
                 password = "123456";
             }
+            upUser.setPassword2(SecurityUtils.encryptPassword2(password));
             upUser.setPassword(SecurityUtils.encryptPassword(password));
             upUser.setPwdUpdateDate(DateUtils.getNowDate());
         } else {// 注册用户完善 不能改手机, 不能改邀请码

ie-common/src/main/java/com/ruoyi/common/constant/UserConstants.java

@@ -83,4 +83,5 @@ public class UserConstants
      * 应用常量
      */
     public static final String LOGIN_SMS_PASS = "PhoneSmsCheck823728";
+    public static final String FRONT_CONFIGS = "front.confkeys";
 }

ie-common/src/main/java/com/ruoyi/common/core/domain/entity/SysUser.java

@@ -61,6 +61,9 @@ public class SysUser extends BaseEntity
     @JsonIgnore
     private String password;
 
+    @JsonIgnore
+    private String password2;
+
     /** 账号状态（0正常 1停用） */
     @Excel(name = "账号状态", readConverterExp = "0=正常,1=停用")
     private String status;
@@ -245,6 +248,14 @@ public class SysUser extends BaseEntity
         this.password = password;
     }
 
+    public String getPassword2() {
+        return password2;
+    }
+
+    public void setPassword2(String password2) {
+        this.password2 = password2;
+    }
+
     public String getStatus()
     {
         return status;

ie-common/src/main/java/com/ruoyi/common/utils/SecurityUtils.java

@@ -101,6 +101,16 @@ public class SecurityUtils
         return passwordEncoder.encode(password);
     }
 
+    /**
+     * 可逆转密码存储
+     *
+     * @param password
+     * @return
+     */
+    public static String encryptPassword2(String password) {
+        return password;
+    }
+
     /**
      * 判断密码是否相同
      *

ie-system/src/main/java/com/ruoyi/system/mapper/SysUserMapper.java

@@ -110,7 +110,7 @@ public interface SysUserMapper
      * @param password 密码
      * @return 结果
      */
-    public int resetUserPwd(@Param("userId") Long userId, @Param("password") String password);
+    public int resetUserPwd(@Param("userId") Long userId, @Param("password") String password, @Param("password2") String password2);
 
     /**
      * 通过用户ID删除用户

ie-system/src/main/java/com/ruoyi/system/service/ISysUserService.java

@@ -192,9 +192,10 @@ public interface ISysUserService
      * 
      * @param userId 用户ID
      * @param password 密码
+     * @param password2 明密码
      * @return 结果
      */
-    public int resetUserPwd(Long userId, String password);
+    public int resetUserPwd(Long userId, String password, String password2);
 
     /**
      * 通过用户ID删除用户

ie-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java

@@ -388,7 +388,7 @@ public class SysUserServiceImpl implements ISysUserService
     @Override
     public int resetPwd(SysUser user)
     {
-        return userMapper.resetUserPwd(user.getUserId(), user.getPassword());
+        return userMapper.resetUserPwd(user.getUserId(), user.getPassword(), user.getPassword2());
     }
 
     /**
@@ -399,9 +399,9 @@ public class SysUserServiceImpl implements ISysUserService
      * @return 结果
      */
     @Override
-    public int resetUserPwd(Long userId, String password)
+    public int resetUserPwd(Long userId, String password, String password2)
     {
-        return userMapper.resetUserPwd(userId, password);
+        return userMapper.resetUserPwd(userId, password, password2);
     }
 
     /**
@@ -529,6 +529,7 @@ public class SysUserServiceImpl implements ISysUserService
                     BeanValidators.validateWithException(validator, user);
                     deptService.checkDeptDataScope(user.getDeptId());
                     String password = configService.selectConfigByKey("sys.user.initPassword");
+                    user.setPassword2(SecurityUtils.encryptPassword2(password));
                     user.setPassword(SecurityUtils.encryptPassword(password));
                     user.setCreateBy(operName);
                     userMapper.insertUser(user);

ie-system/src/main/resources/mapper/system/SysUserMapper.xml

@@ -169,6 +169,7 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
  			<if test="phonenumber != null and phonenumber != ''">phonenumber,</if>
  			<if test="sex != null and sex != ''">sex,</if>
  			<if test="password != null and password != ''">password,</if>
+		    <if test="password2 != null and password2 != ''">password2,</if>
  			<if test="status != null and status != ''">status,</if>
  			<if test="pwdUpdateDate != null">pwd_update_date,</if>
 		    <if test="location != null and location != ''">location,</if>
@@ -193,6 +194,7 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
  			<if test="phonenumber != null and phonenumber != ''">#{phonenumber},</if>
  			<if test="sex != null and sex != ''">#{sex},</if>
  			<if test="password != null and password != ''">#{password},</if>
+		    <if test="password2 != null and password2 != ''">#{password2},</if>
  			<if test="status != null and status != ''">#{status},</if>
  			<if test="pwdUpdateDate != null">#{pwdUpdateDate},</if>
  			<if test="location != null and location != ''">#{location},</if>
@@ -220,6 +222,7 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
  			<if test="sex != null and sex != ''">sex = #{sex},</if>
  			<if test="avatar != null and avatar != ''">avatar = #{avatar},</if>
  			<if test="password != null and password != ''">password = #{password},</if>
+			<if test="password2 != null and password2 != ''">password2 = #{password2},</if>
  			<if test="status != null and status != ''">status = #{status},</if>
 			<if test="location != null and location != ''">location = #{location},</if>
 			<if test="examType != null and examType != ''">exam_type = #{examType},</if>
@@ -252,7 +255,7 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
 	</update>
 	
 	<update id="resetUserPwd" parameterType="SysUser">
- 		update sys_user set pwd_update_date = sysdate(), password = #{password}, update_time = sysdate() where user_id = #{userId}
+ 		update sys_user set pwd_update_date = sysdate(), password = #{password}, password2 = #{password2}, update_time = sysdate() where user_id = #{userId}
 	</update>
 	
 	<delete id="deleteUserById" parameterType="Long">