shayu/cai-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

123

Browse Source
This commit is contained in:
777
2026-01-15 10:36:58 +08:00
parent 44d5ca6ee7
commit be17f5ca1d
2 changed files with 164 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
.claude/settings.local.json Normal file
View File

@@ -0,0 +1,7 @@
{
"permissions": {
"allow": [
"Edit"
]
}
}

157
ruoyi-cai/src/main/java/com/ruoyi/cai/util/PasswordUtil.java Normal file
View File

@@ -0,0 +1,157 @@
package com.ruoyi.cai.util;
import java.util.Arrays;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import java.util.regex.Pattern;
/**
* 密码安全校验工具类
*
* @author 77
* @date 2025-01-15
*/
public class PasswordUtil {
/**
* 密码最小长度
*/
private static final int MIN_PASSWORD_LENGTH = 8;
/**
* 常见弱密码列表
*/
private static final Set<String> COMMON_WEAK_PASSWORDS = new HashSet<>(Arrays.asList(
"123456",
"12345678",
"123456789",
"password",
"qwerty",
"12345",
"1234567",
"1234567890",
"111111",
"000000",
"888888",
"666666",
"A123456",
"a123456",
"123456a",
"123456A",
"123456ab",
"123456AB",
"Password123",
"password123",
"Qwerty123",
"qwerty123",
"Admin123",
"admin123",
"Abc123456",
"abc123456"
));
/**
* 字母正则表达式(包含大小写)
*/
private static final Pattern LETTER_PATTERN = Pattern.compile("[a-zA-Z]");
/**
* 数字正则表达式
*/
private static final Pattern DIGIT_PATTERN = Pattern.compile("[0-9]");
/**
* 校验密码安全性
*
* @param password 用户输入的密码
* @return 校验结果对象
*/
public static PasswordValidationResult validatePassword(String password) {
PasswordValidationResult result = new PasswordValidationResult();
// 1. 检查是否为空
if (password == null || password.isEmpty()) {
result.setValid(false);
result.setErrorMessage("密码不能为空");
return result;
}
// 2. 检查长度
if (password.length() < MIN_PASSWORD_LENGTH) {
result.setValid(false);
result.setErrorMessage("密码长度不能少于" + MIN_PASSWORD_LENGTH + "");
return result;
}
// 3. 检查是否包含字母
if (!LETTER_PATTERN.matcher(password).find()) {
result.setValid(false);
result.setErrorMessage("密码必须包含字母");
return result;
}
// 4. 检查是否包含数字
if (!DIGIT_PATTERN.matcher(password).find()) {
result.setValid(false);
result.setErrorMessage("密码必须包含数字");
return result;
}
// 5. 检查是否为常见弱密码
String lowerCasePassword = password.toLowerCase();
for (String weakPassword : COMMON_WEAK_PASSWORDS) {
if (lowerCasePassword.equals(weakPassword.toLowerCase())) {
result.setValid(false);
result.setErrorMessage("密码过于简单,请使用更复杂的密码");
return result;
}
}
// 校验通过
result.setValid(true);
result.setErrorMessage(null);
return result;
}
/**
* 快速校验密码仅返回boolean不提供详细错误信息
*
* @param password 用户输入的密码
* @return true-密码安全false-密码不安全
*/
public static boolean isPasswordValid(String password) {
return validatePassword(password).isValid();
}
/**
* 密码校验结果内部类
*/
public static class PasswordValidationResult {
/**
* 是否校验通过
*/
private boolean valid;
/**
* 错误信息校验失败时有值校验成功时为null
*/
private String errorMessage;
public boolean isValid() {
return valid;
}
public void setValid(boolean valid) {
this.valid = valid;
}
public String getErrorMessage() {
return errorMessage;
}
public void setErrorMessage(String errorMessage) {
this.errorMessage = errorMessage;
}
}
}