1、有的时候我们盐值加密的时候没有存入盐值,值存入了密码,然后怎么样验证这个密码呢,以下代码展示
PasswordEncoder pe = new BCryptPasswordEncoder();
boolean matches = pe.matches (changePwdDTO.getOldPassword(),iamAccount.getAuthSecret()) ;
if (!matches){
throw new BusinessException(Status.FAIL_OPERATION, "旧密码错误,请重新输入");
}
if(!check(changePwdDTO.getConfirmPassword())){
throw new BusinessException(Status.FAIL_OPERATION, "密码必须至少为8位字符,其中包含数字、字母及特殊字符");
}
2、强密码验证:包含数字、字母和特殊字符,长度要求8到30位
package security;
public class CheckPassword {
public static final String REGEX_PASSWORD_STRONG = "^(?![0-9]+$)(?![^0-9]+$)(?![a-zA-Z]+$)(?![^a-zA-Z]+$)(?![a-zA-Z0-9]+$)[a-zA-Z0-9\\S]{8,30}$";
public static boolean check(String password) {
boolean flag = password.matches(REGEX_PASSWORD_STRONG);
return flag;
}
}