Java Code Examples for org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder#matches()
The following examples show how to use
org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder#matches() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: MyInfoAPI.java From springboot-seed with MIT License | 7 votes |
|
@ApiOperation(value = "修改密码")
@PutMapping("/change_password")
public ResponseEntity<?> changePassword(
@ApiParam("旧密码") @RequestParam("oldPassword") String oldPassword,
@ApiParam("新密码") @RequestParam("newPassword") String newPassword
) {
OAuth2Authentication auth = (OAuth2Authentication) SecurityContextHolder.getContext().getAuthentication();
Optional<User> user = userService.selectByID(((SecurityUser) auth.getPrincipal()).getId());
BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
if (user.isPresent() && encoder.matches(oldPassword, user.get().getPassword())) {
User instance = user.get();
instance.setPassword(newPassword);
userService.modifyById(instance);
return ResponseEntity.status(HttpStatus.OK).build();
} else {
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).build();
}
}
Example 2
| Source File: UserAccountService.java From runscore with Apache License 2.0 | 5 votes |
|
@ParamValid
@Transactional
public void modifyLoginPwd(ModifyLoginPwdParam param) {
UserAccount userAccount = userAccountRepo.getOne(param.getUserAccountId());
BCryptPasswordEncoder pwdEncoder = new BCryptPasswordEncoder();
if (!pwdEncoder.matches(param.getOldLoginPwd(), userAccount.getLoginPwd())) {
throw new BizException(BizError.旧的登录密码不正确);
}
modifyLoginPwd(param.getUserAccountId(), param.getNewLoginPwd());
}
Example 3
| Source File: UserAccountService.java From runscore with Apache License 2.0 | 5 votes |
|
@ParamValid
@Transactional
public void modifyMoneyPwd(ModifyMoneyPwdParam param) {
UserAccount userAccount = userAccountRepo.getOne(param.getUserAccountId());
BCryptPasswordEncoder pwdEncoder = new BCryptPasswordEncoder();
if (!pwdEncoder.matches(param.getOldMoneyPwd(), userAccount.getMoneyPwd())) {
throw new BizException(BizError.旧的资金密码不正确);
}
String newMoneyPwd = pwdEncoder.encode(param.getNewMoneyPwd());
userAccount.setMoneyPwd(newMoneyPwd);
userAccountRepo.save(userAccount);
}
Example 4
| Source File: ChoerodonAuthenticationProvider.java From oauth-server with Apache License 2.0 | 5 votes |
|
private void checkPassword(String loginName, String credentials, String userPassword) {
boolean passed;
UserE user = userService.queryByLoginField(loginName);
if (Boolean.TRUE.equals(user.getLdap())) {
passed = ldapAuthentication(user.getOrganizationId(), loginName, credentials);
} else {
BCryptPasswordEncoder encode = new BCryptPasswordEncoder();
passed = encode.matches(credentials, userPassword);
}
if (passed) {
return;
}
throw new AuthenticationServiceException(LoginException.USERNAME_NOT_FOUND_OR_PASSWORD_IS_WRONG.value());
}
Example 5
| Source File: PasswordBCrypt.java From mini-platform with MIT License | 5 votes |
|
@Override
public boolean validate(String password, String salt, String hashPassword) {
BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
//加密时使用
//String hashPassword = passwordEncoder.encode(password + salt);
return passwordEncoder.matches(password + salt, hashPassword);
}
Example 6
| Source File: UserService.java From springboot-seed with MIT License | 5 votes |
|
@Transactional
@Override
public boolean modifyById(User user) {
User original = mapper.selectByPrimaryKey(user);
if (!user.getPassword().equals(original.getPassword())) {
BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
if (!encoder.matches(user.getPassword(), original.getPassword())) {
String crypt = encoder.encode(user.getPassword());
user.setPassword(crypt);
}
}
return mapper.updateByPrimaryKey(user) > 0;
}
Example 7
| Source File: UserController.java From full-teaching with Apache License 2.0 | 5 votes |
|
@RequestMapping(value = "/changePassword", method = RequestMethod.PUT)
public ResponseEntity<Object> changePassword(@RequestBody String[] userData) {
System.out.println("Changing password...");
ResponseEntity<Object> authorized = authorizationService.checkBackendLogged();
if (authorized != null){
return authorized;
};
BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
//If the stored current password and the given current password match
if(encoder.matches(userData[0], user.getLoggedUser().getPasswordHash())) {
//If the password has a valid format (at least 8 characters long and contains one uppercase, one lowercase and a number)
if (userData[1].matches(this.passRegex)){
System.out.println("Password successfully changed");
User modifiedUser = userRepository.findByName(user.getLoggedUser().getName());
modifiedUser.setPasswordHash(encoder.encode(userData[1]));
userRepository.save(modifiedUser);
return new ResponseEntity<>(true, HttpStatus.OK);
}
else{
System.out.println("New password NOT valid");
return new ResponseEntity<>(HttpStatus.NOT_MODIFIED);
}
} else {
System.out.println("Invalid current password");
return new ResponseEntity<>(HttpStatus.CONFLICT);
}
}
Example 8
| Source File: PasswordUtilsTest.java From onboard with Apache License 2.0 | 5 votes |
|
@Test
public void testDifferentStrengthNotMatch() {
BCryptPasswordEncoder digester = PasswordUtils.getBcryptDigestByLevel(10);
BCryptPasswordEncoder digesterStronger = PasswordUtils.getBcryptDigestByLevel(20);
String enPW = digester.encode(STRING);
boolean isMatch = digesterStronger.matches(STRING, enPW);
assertTrue("Digesters with different strength should not match", isMatch);
}
Example 9
| Source File: BcryptTest.java From blog-examples with Apache License 2.0 | 5 votes |
|
@Test
public void test() {
BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
// 80 character password
String password1 = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
String password2 = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaab";
String encodedPassword1 = passwordEncoder.encode(password1);
boolean matches = passwordEncoder.matches(password2, encodedPassword1);
System.out.println("encodedPassword1: " + encodedPassword1);
System.out.println("matches: " + matches);
}
Example 10
| Source File: User.java From fish-admin with MIT License | 4 votes |
|
public boolean validatePassword(String password) {
BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
return encoder.matches(password, this.encryptedPassword);
}
Example 11
| Source File: SecurityUtils.java From RuoYi-Vue with MIT License | 2 votes |
|
/**
* 判断密码是否相同
*
* @param rawPassword 真实密码
* @param encodedPassword 加密后字符
* @return 结果
*/
public static boolean matchesPassword(String rawPassword, String encodedPassword)
{
BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
return passwordEncoder.matches(rawPassword, encodedPassword);
}
Example 12
| Source File: PreUtil.java From pre with GNU General Public License v3.0 | 2 votes |
|
/**
* 校验密码
*
* @param newPass
* @param passwordEncoderOldPass
* @return
*/
public boolean validatePass(String newPass, String passwordEncoderOldPass) {
BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
return passwordEncoder.matches(newPass, passwordEncoderOldPass);
}
Example 13
| Source File: SecurityUtils.java From DimpleBlog with Apache License 2.0 | 2 votes |
|
/**
* 判断密码是否相同
*
* @param rawPassword 真实密码
* @param encodedPassword 加密后字符
* @return 结果
*/
public static boolean matchesPassword(String rawPassword, String encodedPassword) {
BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
return passwordEncoder.matches(rawPassword, encodedPassword);
}
