之前 - 只判断不能太简单
login(){
.......
// 登录成功后判断密码
const year = new Date().getFullYear();
const month = new Date().getMonth() + 1;
// 判断用户最近有没有登录过,有的话不提示“密码过于简单”
const { data } = await getUserLog({
page: "1",
rows: "10",
yhdh: this.userInfo.yhdh,
czms: "登录操作",
kssj: `${year}-${month < 10 ? "0" + month : month}-01`,
jssj: `${year}-${month + 1 < 10 ? "0" + (month + 1) : month + 1}-01`,
})
if( data && data.rows.length) return
/**** 判断用户登录密码是否过于简单或未修改 ****/
let numAscend = 0; // 升序连续的数字
let numDescend = 0; // 降序连续的数字
let numSame = 0; // 相同的数字
this.loginForm.password.split("").forEach((item, index) => {
if (
index !== this.loginForm.password.split("").length &&
this.loginForm.password.split("")[index + 1] - item === 1
) {
numAscend++;
}
if (
index !== this.loginForm.password.split("").length &&
this.loginForm.password.split("")[index + 1] - item === -1
) {
numDescend++;
}
if (
index !== this.loginForm.password.split("").length &&
this.loginForm.password.split("")[index + 1] - item === 0
) {
numSame++;
}
});
console.log(numAscend, numDescend, numSame);
if (this.loginForm.password === "888888") {
// 密码未修改
this.confirmChangePW("您的密码过于简单!")
} else if (
numAscend === this.loginForm.password.length - 1 ||
numDescend === this.loginForm.password.length - 1 ||
numSame === this.loginForm.password.length - 1
) {
// 密码过于简单
this.confirmChangePW("您的密码过于简单!")
}
}
/**** 提示用户是否去修改密码 ****/
confirmChangePW(message) {
this.$confirm(message, '提示', {
confirmButtonText: '去修改密码',
cancelButtonText: '取消',
type: 'warning'
}).then(async () => {
await this.$router.push('/changepass')
}).catch(() => {
this.$message({
type: 'info',
message: '取消修改密码'
});
});
},
现在 - 复杂度有要求
login(){
......
/**** 登录成功后判断密码复杂度校验 ****/
this.pwValidateHandler(this.loginForm.password)
}
/**** 密码校验 ****/
pwValidateHandler(value, callback) {
// 密码至少包含大写字母、小写字母、数字和特殊字符中的三种
const pwReg = /^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z\\W_!@#$%^&*`~()-+=]+$)(?![a-z0-9]+$)(?![a-z\\W_!@#$%^&*`~()-+=]+$)(?![0-9\\W_!@#$%^&*`~()-+=]+$)[a-zA-Z0-9\\W_!@#$%^&*`~()-+=]{8,16}$/
if(!pwReg.test(value)) {
this.$store.commit('SET_configData', {...this.sysConfigData,mon_menu_isshow:'0'}) // 隐藏菜单
this.$confirm('密码过于简单,是否去修改密码?', '提示', {
confirmButtonText: '确定',
cancelButtonText: '取消,退出登录'
}).then(confirm => {
this.$router.push('/changepass') // 改密码页面
}).catch(cancel => {
console.log('cancel----', cancel)
this.$store.dispatch('logout') // 退出登录
return
})
}
}
再次优化 - 对密码进行加密
后端判断是否为弱密码,前端根据后端返回的状态码进行判断
import CryptoJS from 'crypto-js'
import _ from 'lodash.clonedeep'
methods: {
login() {
let params = _(this.loginForm)
console.log('this.$store.state.sysList----', this.$store.state.sysList)
if(this.$store.state.sysConfigData.mon_sys_pwd === '1') {
// 密码加密【主要代码】
let strKey = this.$common.generatekey(8)
let keyHex = CryptoJS.enc.Utf8.parse(strKey);
let encrypt = this.$common.encryptDES(params.password,strKey)+keyHex.toString()
params.password = encrypt
}
if (this.keepPassword) {
setStore("username", this.loginForm.username);
setStore("password", this.loginForm.password);
} else if (this.keepUserName) {
setStore("username", this.loginForm.username);
setStore("password", "");
} else {
setStore("username", "");
setStore("password", "");
}
this.loginError = "";
this.$refs.loginFormRef.validate(valid=>{
if(!valid) return
this.$store
.dispatch("login", params)
.then(async res => {
if ([200, 203, 204].indexOf(res.code) !== -1) {
this.$store.commit("SET_hasAuth", true);
setToken(res.data);
/**
* 是否修改密码
* 203 初始密码
* 204 弱密码
*/
if([203, 204].indexOf(res.code) !== -1) {
getUserInfo(this.loginForm.username).then(res => {
this.$store.commit("SET_userInfo", res.data);
})
this.changePw()
}
else this.init(res.code);
} else {
this.loginError = res.msg;
}
})
.catch(error => {
this.loginError = error;
});
})
},
}
// --------【$common 中】----------
import CryptoJS from 'crypto-js'
export default {
/**** 密码加密方法 start ****/
generatekey(num){
var library = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'
var key = ''
for (var i = 0; i < num; i++) {
var randomPoz = Math.floor(Math.random() * library.length)
key += library.substring(randomPoz, randomPoz + 1)
}
return key
},
encryptDES(message, key) {
var keyHex = CryptoJS.enc.Utf8.parse(key);
var option = { mode: CryptoJS.mode.ECB, padding: CryptoJS.pad.Pkcs7 }
var encrypted = CryptoJS.DES.encrypt(message, keyHex, option)
return encrypted.ciphertext.toString();
},
/**** 密码加密方法 end ****/
}