Index: ssts-web/src/main/webapp/logon.jsp =================================================================== diff -u -r35937 -r36130 --- ssts-web/src/main/webapp/logon.jsp (.../logon.jsp) (revision 35937) +++ ssts-web/src/main/webapp/logon.jsp (.../logon.jsp) (revision 36130) @@ -521,12 +521,17 @@ //验证是否绑定手机号 function isBindPhone(userName){ + //对用户名进行rsa加密 + var publicKey = "<%=logonRSAPublicKey %>"; + var encrypt = new JSEncrypt(); + encrypt.setPublicKey(publicKey); + var encryptedUserName = encrypt.encrypt(userName); $.ajax({ type:'post', dataType:'json', url : '${ctx}/disinfectSystem/verification/verificationCodeAction!getPhoneNumberByLoginName.do', data:{ - "loginName":userName + "loginName":encryptedUserName }, success : function(result) { if(result.success){ Index: ssts-datasync/src/main/java/com/forgon/disinfectsystem/verification/action/VerificationCodeAction.java =================================================================== diff -u -r36128 -r36130 --- ssts-datasync/src/main/java/com/forgon/disinfectsystem/verification/action/VerificationCodeAction.java (.../VerificationCodeAction.java) (revision 36128) +++ ssts-datasync/src/main/java/com/forgon/disinfectsystem/verification/action/VerificationCodeAction.java (.../VerificationCodeAction.java) (revision 36130) @@ -9,16 +9,16 @@ import org.apache.struts2.convention.annotation.Action; import org.apache.struts2.convention.annotation.Namespace; import org.apache.struts2.convention.annotation.ParentPackage; -import org.springframework.jdbc.core.BeanPropertyRowMapper; -import org.springframework.jdbc.core.JdbcTemplate; +import org.hibernate.Query; +import org.hibernate.Session; import com.forgon.disinfectsystem.verification.service.VerificationCodeManager; import com.forgon.exception.SystemException; import com.forgon.security.model.User; -import com.forgon.security.service.UserManager; import com.forgon.tools.StrutsParamUtils; import com.forgon.tools.StrutsResponseUtils; import com.forgon.tools.crypto.rsa.RSAEncrypt; +import com.forgon.tools.hibernate.ObjectDao; import com.forgon.tools.json.JSONUtil; /** @@ -33,18 +33,12 @@ private VerificationCodeManager verificationCodeManager; - private UserManager userManager; + private ObjectDao objectDao; - private JdbcTemplate jdbcTemplate; - - public void setJdbcTemplate(JdbcTemplate jdbcTemplate) { - this.jdbcTemplate = jdbcTemplate; + public void setObjectDao(ObjectDao objectDao) { + this.objectDao = objectDao; } - public void setUserManager(UserManager userManager) { - this.userManager = userManager; - } - public void setVerificationCodeManager( VerificationCodeManager verificationCodeManager) { this.verificationCodeManager = verificationCodeManager; @@ -75,21 +69,28 @@ JSONObject result = JSONUtil.buildJsonObject(true); String loginName = StrutsParamUtils.getPraramValue("loginName", ""); try { - String sql = "select smsMumber from SS_USERS where name = ?"; - List userList = jdbcTemplate.query(sql, new Object[]{loginName}, new BeanPropertyRowMapper(User.class)); + //对用户名、密码进行rsa解密 + loginName = RSAEncrypt.decrypt(loginName); + Session session = objectDao.getHibernateSession(); + Query query = session.createQuery(String.format("select po from %s po where name = :name", User.class.getSimpleName())); + query.setParameter("name", loginName); + List userList = query.list(); if(CollectionUtils.isEmpty(userList)){ - throw new SystemException("用户不存在!"); + throw new SystemException("该用户没有绑定手机号,请联系管理员绑定手机号!"); } User user = userList.get(0); if(StringUtils.isBlank(user.getSmsMumber())){ - throw new SystemException("该用户没有绑定手机号,请联系管理员绑定手机号!"); + throw new SystemException("该用户没有绑定手机号,请联系管理员绑定手机号!"); } result.put("phoneNumber", user.getSmsMumber()); - } catch (Exception e) { + } catch (SystemException e) { result = JSONUtil.buildJsonObject(false, e.getMessage()); + } catch (Exception e){ + e.printStackTrace(); + result = JSONUtil.buildJsonObject(false, "查询失败!"); } StrutsResponseUtils.output(result); }