admin/MaxKey
1
0
Fork 0
mirror of https://gitee.com/dromara/MaxKey.git synced 2025-12-07 01:18:27 +08:00
Code Issues Packages Projects Releases Wiki Activity

忘记密码

Browse Source 
忘记密码
This commit is contained in:
shimingxy 2020-05-15 17:11:02 +08:00
parent c93b5406b0
commit ad4739fa1b
7 changed files with 126 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
docs/_includes/navigation.html
View File

@ -22,6 +22,7 @@
<li class=""><a href="{{site.baseurl}}/authn/google.html"><span class="none"></span>TOTP/Google Authenticator</a></li> <li class=""><a href="{{site.baseurl}}/authn/google.html"><span class="none"></span>TOTP/Google Authenticator</a></li>
<li class=""><a href="{{site.baseurl}}/authn/kerberos.html"><span class="none"></span>Kerberos/Spengo/AD</a></li> <li class=""><a href="{{site.baseurl}}/authn/kerberos.html"><span class="none"></span>Kerberos/Spengo/AD</a></li>
<li class=""><a href="{{site.baseurl}}/authn/ldap.html"><span class="none"></span>LDAP</a></li> <li class=""><a href="{{site.baseurl}}/authn/ldap.html"><span class="none"></span>LDAP</a></li>
<li class=""><a href="{{site.baseurl}}/authn/fgpwd.html"><span class="none"></span>忘记密码(Forget Password)</a></li>
</ul> </ul>
</li> </li>
<li class=""> <li class="">

123
docs/authn/fgpwd.md Normal file
View File

@ -0,0 +1,123 @@
<h2>忘记密码</h2>
忘记密码一般都是通过2种方式找回一种是通过预留电话号码发送验证码找回另一个是通过设定邮箱找回。
主要步骤如下:
1、在登录界面点击“忘记密码”
<img src="{{ "/images/authn/fgpwd-1.png" | prepend: site.baseurl }}?{{ site.time | date: "%Y%m%d%H%M" }}" alt=""/>
2、输入用户对应的邮箱或者手机号码如果找到用户则发送邮件或者手机验证码
<img src="{{ "/images/authn/fgpwd-2.png" | prepend: site.baseurl }}?{{ site.time | date: "%Y%m%d%H%M" }}" alt=""/>
3、重置密码需要输入新的密码及验证码
<img src="{{ "/images/authn/fgpwd-3.png" | prepend: site.baseurl }}?{{ site.time | date: "%Y%m%d%H%M" }}" alt=""/>
4、重置成功提示返回登录界面重新登录
<img src="{{ "/images/authn/fgpwd-4.png" | prepend: site.baseurl }}?{{ site.time | date: "%Y%m%d%H%M" }}" alt=""/>
<h2>验证码</h2>
1、短信验证码 腾讯云短信/阿里云短信/网易云信/定制
2、电子邮件
<h2>短信验证码</h2>
<h3>腾讯云短信</h3>
配置maxkey中spring/maxkey-security.xml
secretId 账号Appkey
secretKey 密钥appSecret
smsSdkAppid 短信SDKAPPID
templateId 短信模板ID
sign 签名
<pre><code class="xml hljs">
&lt;bean id="tfaMobileOptAuthn" class="org.maxkey.crypto.password.opt.impl.sms.SmsOtpAuthnTencentCloud"&gt;
&lt;property name="secretId" value="94395d754eb55693043f5d6a2b772ef4" /&gt;
&lt;property name="secretKey" value="05d5485357bc" /&gt;
&lt;property name="smsSdkAppid" value="1486220095" /&gt;
&lt;property name="templateId" value="14860095" /&gt;
&lt;property name="sign" value="1486009522" /&gt;
&lt;/bean&gt;
</code></pre>
<h3>阿里云短信</h3>
配置maxkey中spring/maxkey-security.xml
accessKeyId 账号Appkey
accessSecret 密钥appSecret
templateCode 短信模板ID
signName 签名
<pre><code class="xml hljs">
&lt;bean id="tfaMobileOptAuthn" class="org.maxkey.crypto.password.opt.impl.sms.SmsOtpAuthnAliyun"&gt;
&lt;property name="accessKeyId" value="94395d754eb55693043f5d6a2b772ef3" /&gt;
&lt;property name="accessSecret" value="05d5485357bc" /&gt;
&lt;property name="templateCode" value="SMS_187590021" /&gt;
&lt;property name="signName" value="MaxKey" /&gt;
&lt;/bean&gt;
</code></pre>
<h3>网易云信</h3>
配置maxkey中spring/maxkey-security.xml
appKey 网易云信分配的账号Appkey
appSecret 网易云信分配的密钥appSecret
templateId 短信模板ID
<pre><code class="xml hljs">
&lt;bean id="tfaMobileOptAuthn" class="org.maxkey.crypto.password.opt.impl.sms.SmsOtpAuthnYunxin"&gt;
&lt;property name="appKey" value="94395d754eb55693043f5d6a2b772ef4" /&gt;
&lt;property name="appSecret" value="05d5485357bc" /&gt;
&lt;property name="templateId" value="14860095" /&gt;
&lt;/bean&gt;
</code></pre>
<h2>电子邮件</h2>
配置邮箱地址
文件
maxkey/config/applicationConfig.properties
<pre><code class="ini hljs">
# EMAIL configuration
config.email.username=maxkey@163.com
config.email.password=password
config.email.smtpHost=smtp.163.com
config.email.port=465
config.email.senderMail=maxkey@163.com
config.email.ssl=true
</code></pre>
配置maxkey中spring/maxkey-security.xml
subject 邮件主题
messageTemplate 邮件内容模板,请勿修改参数{0}为用户名,{1}认证码,{2}有效间隔
<pre><code class="xml hljs">
&lt;bean id="tfaMailOptAuthn" class="org.maxkey.crypto.password.opt.impl.MailOtpAuthn"&gt;
&lt;property name="subject" value="MaxKey One Time PassWord" /&gt;
&lt;property name="messageTemplate" value="{0} You Token is {1} , it validity in {2} minutes." /&gt;
&lt;/bean&gt;
</code></pre>

BIN
docs/images/authn/fgpwd-1.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 12 KiB

BIN
docs/images/authn/fgpwd-2.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 26 KiB

BIN
docs/images/authn/fgpwd-3.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 27 KiB

BIN
docs/images/authn/fgpwd-4.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 16 KiB

6
maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/ForgotPasswordContorller.java
View File

@ -69,14 +69,12 @@ public class ForgotPasswordContorller {
.equals(WebContext.getSession().getAttribute( .equals(WebContext.getSession().getAttribute(
WebConstants.KAPTCHA_SESSION_KEY).toString())) { WebConstants.KAPTCHA_SESSION_KEY).toString())) {
userInfo = userInfoService.queryUserInfoByEmailMobile(emailMobile); userInfo = userInfoService.queryUserInfoByEmailMobile(emailMobile);
Matcher matcher = emailRegex.matcher(emailMobile);
Matcher matcher = emailRegex.matcher(emailMobile);
if (matcher.matches() && null != userInfo) { if (matcher.matches() && null != userInfo) {
tfaMailOptAuthn.produce(userInfo); tfaMailOptAuthn.produce(userInfo);
forgotType = ForgotType.EMAIL; forgotType = ForgotType.EMAIL;
} }else if (null != userInfo) {
matcher = mobileRegex.matcher(emailMobile);
if (matcher.matches() && null != userInfo) {
tfaMobileOptAuthn.produce(userInfo); tfaMobileOptAuthn.produce(userInfo);
forgotType = ForgotType.MOBILE; forgotType = ForgotType.MOBILE;
} }