use sha256 encrypt password

Signed-off-by: Chenx221 <chenx221@yandex.com>

project2/out/artifacts/project2_war_exploded/WEB-INF/classes/mapper/UserMapper.xml

@@ -8,5 +8,8 @@
         FROM user
         WHERE username = #{username}
     </select>
-
+    <insert id="insertUser" parameterType="cyou.chenx221.pojo.User">
+        INSERT INTO user (username, password)
+        VALUES (#{username}, #{password})
+    </insert>
 </mapper>

project2/out/artifacts/project2_war_exploded/WEB-INF/views/login.jsp

@@ -124,7 +124,7 @@
                             </div>
                             <div class="tab-pane fade" id="pills-register" role="tabpanel"
                                  aria-labelledby="tab-register">
-                                <form>
+                                <form action="signup" method="post">
                                     <h1 class="text-center mb-4" style="font-family: 'Noto Sans SC Light',serif">
                                         用户注册</h1>
                                     <div class="form-outline mb-4">
@@ -182,6 +182,27 @@
             </div>
         </div>
     </div>
+    <!-- Modal -->
+    <div class="modal fade" id="exampleModal2" tabindex="-1" aria-labelledby="exampleModalLabel2" aria-hidden="true">
+        <div class="modal-dialog">
+            <div class="modal-content">
+                <div class="modal-header">
+                    <h5 class="modal-title" id="exampleModalLabel2">
+                        <i class="fas fa-circle-check me-2"></i>成功
+                    </h5>
+                    <button type="button" class="btn-close" data-mdb-dismiss="modal" aria-label="Close"></button>
+                </div>
+                <div class="modal-body">
+                    <c:if test="${not empty successMessage}">
+                        ${successMessage}
+                    </c:if>
+                </div>
+                <div class="modal-footer">
+                    <button type="button" class="btn btn-primary" data-mdb-dismiss="modal">OK</button>
+                </div>
+            </div>
+        </div>
+    </div>
 </main>
 
 <footer>
@@ -192,10 +213,21 @@
 <script type="text/javascript" src="${pageContext.request.contextPath}/resources/js/mdb.min.js"></script>
 <script>
     $(document).ready(function () {
+        // 判断先前是否来自reg/log页
+        <c:if test="${not empty comeFrom && comeFrom eq 'reg'}">
+        document.getElementById("tab-register").click();
+        </c:if>
+        <c:if test="${not empty comeFrom && comeFrom eq 'log'}">
+        document.getElementById("tab-login").click();
+        </c:if>
         <%-- 判断模型中是否存在错误信息 --%>
-        <c:if test="${not empty errorMessage}">
+        <c:if test="${not empty errorMessage && errorMessage ne 'null'}">
         $('#exampleModal').modal('show');
         </c:if>
+        <%-- 判断模型中是否存在成功信息 --%>
+        <c:if test="${not empty successMessage && successMessage ne 'null'}">
+        $('#exampleModal2').modal('show');
+        </c:if>
     });
 </script>
 </body>

project2/src/main/java/cyou/chenx221/controller/UserController.java

@@ -1,6 +1,7 @@
 package cyou.chenx221.controller;
 
 import cyou.chenx221.mapper.UserMapper;
+import cyou.chenx221.pojo.Password;
 import cyou.chenx221.pojo.User;
 
 import org.springframework.beans.factory.annotation.Autowired;
@@ -10,16 +11,19 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RequestParam;
 
+import java.security.NoSuchAlgorithmException;
+
 @Controller
 public class UserController {
     @Autowired
     private UserMapper userMapper;
 
     @RequestMapping(path = "/signin", method = {RequestMethod.GET, RequestMethod.POST}) //登录
-    public String login(@RequestParam("username") String username, @RequestParam("password") String password, Model model) {
+    public String login(@RequestParam("username") String username, @RequestParam("password") String password, Model model) throws NoSuchAlgorithmException {
         User user = userMapper.getUserByUsername(username);
-//        System.out.println("username:" + username + " try-password:" + password + " real-password:"+user.getPassword());
-        if (user != null && user.getPassword().equals(password)) {
+        Password pw = new Password(password);
+//        System.out.println("username:" + username + " try to login with password: " + password + " encrypted-password:"+pw.getEncryptedPassword());
+        if (user != null && user.getPassword().equals(pw.getEncryptedPassword())) {
             model.addAttribute("message", "登陆成功");
             return "redirect:/dashboard"; // 重定向到 dashboard 页面
         } else {
@@ -29,10 +33,11 @@ public class UserController {
     }
 
     @RequestMapping(path = "/signup", method = {RequestMethod.GET, RequestMethod.POST}) //注册
-    public String register(@RequestParam("username") String username, @RequestParam("password") String password, @RequestParam("re-password") String repassword, Model model) {
+    public String register(@RequestParam("username") String username, @RequestParam("password") String password, @RequestParam("re-password") String repassword, Model model) throws NoSuchAlgorithmException {
         //debug start
-        System.out.println("username:" + username + " password:" + password + " repassword:" + repassword);
+//        System.out.println("username:" + username);
         //debug end
+        model.addAttribute("comeFrom","reg");
         //检查两次输入的密码是否相同
         if (!password.equals(repassword)) {
             model.addAttribute("errorMessage", "两次输入的密码不一致，请重新输入。");
@@ -63,13 +68,16 @@ public class UserController {
                     }
                 }
                 if (!hasNumber || !hasLetter || hasinValidChar) {
-                    model.addAttribute("errorMessage", "密码不符合要求，请重新输入。");
+                    model.addAttribute("errorMessage", "密码强度不符合要求，请重新输入。要求：8~32位，需要有数字和字母，允许大小写英文字母、数字、密码常见符号");
                     return "login";
                 }
                 // start to register
-                user = new User(username, password);
+                Password pw=new Password(password);
+                System.out.println("username:" + username + " password:" + pw.getEncryptedPassword()); //debug
+                user = new User(username, pw.getEncryptedPassword());
                 userMapper.insertUser(user);
-                model.addAttribute("message", "注册成功");
+                model.addAttribute("comeFrom","log");
+                model.addAttribute("successMessage", "注册成功");
                 return "login";
             }
         } else {

project2/web/WEB-INF/views/login.jsp

@@ -124,7 +124,7 @@
                             </div>
                             <div class="tab-pane fade" id="pills-register" role="tabpanel"
                                  aria-labelledby="tab-register">
-                                <form action="singup" method="post">
+                                <form action="signup" method="post">
                                     <h1 class="text-center mb-4" style="font-family: 'Noto Sans SC Light',serif">
                                         用户注册</h1>
                                     <div class="form-outline mb-4">
@@ -213,10 +213,18 @@
 <script type="text/javascript" src="${pageContext.request.contextPath}/resources/js/mdb.min.js"></script>
 <script>
     $(document).ready(function () {
+        // 判断先前是否来自reg/log页
+        <c:if test="${not empty comeFrom && comeFrom eq 'reg'}">
+        document.getElementById("tab-register").click();
+        </c:if>
+        <c:if test="${not empty comeFrom && comeFrom eq 'log'}">
+        document.getElementById("tab-login").click();
+        </c:if>
         <%-- 判断模型中是否存在错误信息 --%>
         <c:if test="${not empty errorMessage && errorMessage ne 'null'}">
         $('#exampleModal').modal('show');
         </c:if>
+        <%-- 判断模型中是否存在成功信息 --%>
         <c:if test="${not empty successMessage && successMessage ne 'null'}">
         $('#exampleModal2').modal('show');
         </c:if>