CREATE TABLE `miaosha_user` (
`id` bigint(20) not null COMMENT '用户id,手机号码',
`nickname` VARCHAR(255) not null COMMENT'用户昵称',
`password` VARCHAR(32) DEFAULT null COMMENT 'md5(pass明文+固定salt)+salt',
`salt` varchar(10) DEFAULT NULL COMMENT '',
`head` VARCHAR(10) DEFAULT null COMMENT '头像,云存储的id',
`register_date` datetime DEFAULT null COMMENT '注册时间',
`last_login_date` datetime DEFAULT null COMMENT '上次时间' ,
`login_count` int(11) DEFAULT '0' COMMENT '登录次数' ,
PRIMARY KEY (`id`)
) ENGINE=INNODB DEFAULT CHARSET=utf8mb4;
<dependency> <groupId>commons-codec</groupId> <artifactId>commons-codec</artifactId> </dependency>
两次MD5
1.用户端:pass=MD5(明文+固定salt)
为了防止用户的密码在网络间明文传输
2.服务端:pass=MD5(用户输入+随机salt)
防止数据库被盗后反查MD5得到用户密码
import org.apache.commons.codec.digest.DigestUtils; public class MD5Util { public static String md5(String src) { return DigestUtils.md5Hex(src); } private static final String salt = "1a2b3c4d"; public static String inputPassToFormPass(String inputPass) { String str = ""+salt.charAt(0)+salt.charAt(2) + inputPass +salt.charAt(5) + salt.charAt(4); return md5(str); } public static String formPassToDBPass(String formPass, String salt) { String str = ""+salt.charAt(0)+salt.charAt(2) + formPass +salt.charAt(5) + salt.charAt(4); return md5(str); } public static String inputPassToDbPass(String inputPass, String saltDB) { String formPass = inputPassToFormPass(inputPass); String dbPass = formPassToDBPass(formPass, saltDB); return dbPass; } }