[Error log] After encrypting with Security's BCryptPasswordEncoder, there is a problem with the logic to modify the password - Code World

[Error log] After encrypting with Security's BCryptPasswordEncoder, there is a problem with the logic to modify the password

Others 2020-09-22 13:37:10 views: null

This error occurred when I was working on a rights management project

error code

	 @Override
    public Results<Void> changePassword(String username, String oldPassword, String newPassword) {
    
    
        // 根据用户名查询
        SysUser user = sysUserMapper.selcetUserByUsername(username);
        // 判断用户是否为空
        if (user == null) {
    
    
            return Results.failure(1, "用户不存在");
        }

        // 校验之前的密码是否正确， 这里就是错误所在
        if (!(new BCryptPasswordEncoder().encode(user.getPassword()).equals(oldPassword))) {
    
    
            return Results.failure(1, "旧密码错误");
        }
        // 修改数据库中的密码
        sysUserMapper.update(user.getId(), new BCryptPasswordEncoder().encode(newPassword));
        return Results.success();
    }

Because after a string is encrypted by BCryptPasswordEncoder, the generated ciphertext is different, so this comparison cannot be done here, and the matching method of BCryptPasswordEncoder is required


    @Override
    public Results<Void> changePassword(String username, String oldPassword, String newPassword) {
    
    
        // 根据用户名查询
        SysUser user = sysUserMapper.selcetUserByUsername(username);
        // 判断用户是否为空
        if (user == null) {
    
    
            return Results.failure(1, "用户不存在");
        }

        // 校验之前的密码是否正确
        if (!new BCryptPasswordEncoder().matches(oldPassword, user.getPassword())) {
    
    
            return Results.failure(1, "旧密码错误");
        }
        // 修改数据库中的密码
        sysUserMapper.update(user.getId(), new BCryptPasswordEncoder().encode(newPassword));
        return Results.success();
    }

Guess you like

Origin blog.csdn.net/qq_42380734/article/details/107091291

[Error log] After encrypting with Security's BCryptPasswordEncoder, there is a problem with the logic to modify the password

Solution: The problem that the Alibaba Cloud server failed to modify the password after being implanted in the mining program (error: passwd: Authentication token manipulation error)

After installing mysql: 1. Start the mysql service and report an error 2. Modify the password and report an error

KylinOS can’t log in, and after entering the password to log in, it jumps back to the login interface-Xauthority problem

mysql modify user password error

Logic Vulnerability-Retrieve the password and modify the return package

Security integration framework used to SSM BCryptPasswordEncoder in Spring Security for password encryption (step must not be wrong)

Mysql modify password security level: ERROR 1819 (HY000) Your password does not satisfy the current policy requirements

Cannot log in after the tenant administrator password is forgotten

springboot + security of use BCryptPasswordEncoder

Discussion on the Problem of Encrypting User Information

Solve the problem that MariaDB can log in without a password

After reading this Exception and Error, it's no problem to talk to the interviewer

nginx modify the problem is not in effect after the configuration file

Windows 10 cannot log in remotely even if the other party’s email address and password are entered ("user name and password error")

Xiaohan practical operation-how to modify Mysql password after forgetting

Linux how to modify the user's password

[Linux] Modify the password prompt dictionary problem, one trick to get it!

[ubuntu] [mysql 5.7] No password after installation? How to log in

After git configures ssh to log in, it keeps prompting for a password

XShell can only log in through the public key method, and modify it to the password method to log in (Tencent Cloud)

Solved the problem that the log is no longer recorded after the Nginx log is compressed

Modify logic 05

Modify the user's home directory in Linux (solve the problem of abnormal bash environment after modifying the user's home directory)

Solve the problem that mariadb can log in directly without username and password

Solution to the problem that the password cannot be used to log in to the Linux cloud server ECS

Communications Security (D) between the micro-services -JWT optimization of the log, error handling, limiting and JWT execution process of combing after transformation

After the computer to change the password, git push error unable to access

git account password to re-enter after input error

How to make the error log easier to troubleshoot the problem

Recommended

NetBSD bans submission of code generated by AI

Ranking

Talk dubbo of LRUCache

Chapter 1 Learning Summary

Introduction to Virtualization

pytorch 调用lstm

Six modules

[8086] The natural number of 1 to 36 into a 6x6 two-dimensional array of line-sequentially, and then print out the lower left half of the triangular array

mybatis mapper mapping file $ # {} {} understanding and

C language input and output buffer

c language floating-point input and output

andorid P version compatible, refer to Huawei

Daily

More

2024-05-18(31)

2024-05-17(6)

2024-05-16(23)

2024-05-15(5)

2024-05-14(9)

2024-05-13(8)

2024-05-12(28)

2024-05-11(32)

2024-05-10(34)

2024-05-09(32)