5 jaren geleden · 5bb59b7a99
--- a/maxkey-dao/src/main/java/org/maxkey/dao/service/UserInfoService.java
+++ b/maxkey-dao/src/main/java/org/maxkey/dao/service/UserInfoService.java
@@ -3,6 +3,7 @@ package org.maxkey.dao.service;
 
				 
			
 
				 import org.apache.mybatis.jpa.persistence.JpaBaseService;
			
 
				 import org.maxkey.constants.STATUS;
			
 
				+import org.maxkey.crypto.ReciprocalUtils;
			
 
				 import org.maxkey.crypto.password.PasswordReciprocal;
			
 
				 import org.maxkey.dao.persistence.UserInfoMapper;
			
 
				 import org.maxkey.domain.ChangePassword;
			
@@ -109,7 +110,7 @@ public class UserInfoService extends JpaBaseService<UserInfo> {
 
				 				
			
 
				 			}
			
 
				 			String password = passwordEncoder.encode(PasswordReciprocal.getInstance().rawPassword(userInfo.getUsername(), userInfo.getPassword()));
			
 
				-			userInfo.setDecipherable(PasswordReciprocal.getInstance().rawPassword(userInfo.getUsername(), userInfo.getPassword()));
			
 
				+			userInfo.setDecipherable(ReciprocalUtils.encode(PasswordReciprocal.getInstance().rawPassword(userInfo.getUsername(), userInfo.getPassword())));
			
 
				 			_logger.debug("decipherable : "+userInfo.getDecipherable());
			
 
				 			userInfo.setPassword(password);
			
 
				 			userInfo.setPasswordLastSetTime(DateUtils.getCurrentDateTimeAsString());
			
--- a/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/SafeController.java
+++ b/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/SafeController.java
@@ -93,7 +93,7 @@ public class SafeController {
 
				 									String confirmPassword){
			
 
				 		UserInfo userInfo =WebContext.getUserInfo();
			
 
				 		_logger.debug("decipherable old : "+userInfo.getDecipherable());
			
 
				-		_logger.debug("decipherable new : "+PasswordReciprocal.getInstance().rawPassword(userInfo.getUsername(), userInfo.getPassword()));
			
 
				+		_logger.debug("decipherable new : "+ReciprocalUtils.encode(PasswordReciprocal.getInstance().rawPassword(userInfo.getUsername(), newPassword)));
			
 
				 		if(newPassword.equals(confirmPassword)){
			
 
				 			if(oldPassword==null || 
			
 
				 					passwordEncoder.matches(PasswordReciprocal.getInstance().rawPassword(userInfo.getUsername(),oldPassword), userInfo.getPassword())){
			
@@ -123,7 +123,8 @@ public class SafeController {
 
				 			@RequestParam("confirmPassword") String confirmPassword) {
			
 
				 		
			
 
				 		UserInfo userInfo =WebContext.getUserInfo();
			
 
				-		_logger.debug("App Login Password : "+ReciprocalUtils.decoder(userInfo.getAppLoginPassword()));
			
 
				+		_logger.debug("App Login Password : "+userInfo.getAppLoginPassword());
			
 
				+		_logger.debug("App Login new Password : "+ReciprocalUtils.encode(newPassword));
			
 
				 		if(newPassword.equals(confirmPassword)){
			
 
				 			if(StringUtils.isNullOrBlank(userInfo.getAppLoginPassword())||userInfo.getAppLoginPassword().equals(ReciprocalUtils.encode(oldPassword))){
			
 
				 				userInfo.setAppLoginPassword(ReciprocalUtils.encode(newPassword));
			
--- a/maxkey-web-maxkey/src/main/resources/templates/views/safe/timeBased.ftl
+++ b/maxkey-web-maxkey/src/main/resources/templates/views/safe/timeBased.ftl
@@ -14,7 +14,8 @@
 
				 				<td colspan="2"><@locale code="login.totp.title" /></td>
			
 
				 			</tr>
			
 
				 			<tr>
			
 
				-				<td> <img id="captchaimg" src="<@base/>/image/${id}" /></td>
			
 
				+				<td> <img id="captchaimg" src="<@base/>/image/${id}" /><br>
			
 
				+				支持<b>Google Authenticator等</b></td>
			
 
				 				<td   style="width:75%;">
			
 
				 					<table  class="table"   style="width:100%;">
			
 
				 						<tr>