找回密码整体思路
//当点击找回密码的时候:
<a href="/login/forgot" target="_blank" id="btnForget" style="color: black; text-decoration: none;">找回密码</a>
//请求后台(login.java)返回页面(forgotPwd.ftl)
@RequestMapping("/forgot")
public String forgot(HttpSession session, HttpServletRequest request,
ModelMap map) {
return "main/forgotPwd";
}
//跳转到找回密码页面:(forgotPwd.ftl)
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="renderer" content="webkit">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<title>重置密码申请</title>
</head>
<body>
<div class="container-fluid">
<div class="row">
<div class="col-md-12">
<form class="form-horizontal" role="form">
<fieldset style="width:60%;margin:20px auto;">
<legend><h3><span style="color:red;">重置密码申请</span></h3></legend>
<div class="form-group" style="width:100%;margin:20px auto;margin-top:50px;">
<label class="col-sm-3 control-label" for="email">邮箱:</label>
<div class="col-sm-5">
<input type="text" class="form-control" id="email" placeholder="请输入您帐号所绑定的邮箱"/>
</div>
<div class="col-sm-4">
<label id="j-msg" class="login-msg"></label>
</div>
</div>
</fieldset>
</form>
</div>
</div>
<div class="row">
<div class="col-md-12" style="margin:0 auto;margin-top:50px;">
<form class="form-horizontal" role="form">
<div class="form-group" style="width:60%;margin:0 auto;">
<div style="float:right;">
<button type="button" class="btn btn-primary btn-lg" style="width:200px;" id="btnSave">发送邮件</button>
</div>
</div>
</form>
</div>
</div>
</div>
</body>
<script type="text/javascript">
$(function() {
$('#btnSave').click(function() {
var email = $('#email').val();
var regex = /^([0-9A-Za-z\-_\.]+)@([0-9a-z]+\.[a-z]{2,3}(\.[a-z]{2})?)$/g;
if(email != 'undefined' && email.length<=0) {
$("#j-msg").html("请输入e-mail地址");
return false;
}else if(!regex.test(email)) {
$("#j-msg").html("e-mail地址不正确!");
}else {
$("#j-msg").html('');
}
$.ajax({
type : 'get',
url : '${request.contextPath}/login/sendMail',//请求后台接口
data : {'email':email},//获取输入的邮箱地址
dataType : 'json',
async : false,
success : function(data) {
//0-发送失败 1-发送成功 2-无此用户
if(data == '1') {
$.messager.alert('提示','邮件发送成功,请注意查收!','info',function() {
$('#email').val('');
});
}else if(data == '0') {
$.messager.alert('提示','邮件发送失败!','info',function() {
$('#email').val('');
});
}else if(data.key == '2') {
$.messager.alert('提示','此用户不存在,请确认!','info',function() {
$('#email').val('');
});
}
}
});
});
})
</script>
</html>
//根据ajax请求后台的请求后台(login.java)的sendMail方法。
@ResponseBody
@RequestMapping("/sendMail")
public String sendMail(String email, HttpServletRequest request) {
// 0-发送失败 1-发送成功 2-无此用户
if (StrUtil.isBlank(email)) {//email为“”或者为null走if
return "2";
}
String query = "SELECT * from sys_user WHERE email = '" + email + "'";//根据邮箱查询用户表是否有该用户
List<SysUser> users = sqlMapper.selectList(query, SysUser.class);
if (null != users && users.size() > 0) {
SysUser user = users.get(0);
if (null != user) {
try {
String secretKey = UUID.randomUUID().toString(); // 密钥
Timestamp outDate = new Timestamp(
System.currentTimeMillis() + 30 * 60 * 1000); // 30分钟后过期
long date = outDate.getTime() / 1000 * 1000; // 忽略毫秒数
user.setValidatecode(secretKey);//Validatecode秘钥
user.setOutdate(outDate.toString());//outDate过期时间
sysUserMapper.updateByPrimaryKey(user); // 更新用户数据
String key = user.getLoginname() + "$" + date + "$"
+ secretKey;
EmailUtils.sendResetPasswordEmail(user, key, request);
} catch (Exception e) {
e.printStackTrace();
return "0";
}
}
} else {
return "2";
}
return "1";
}
EmailUtils工具类
package com.zhiming.util.mails;
import java.io.IOException;
import java.io.InputStream;
import java.sql.Timestamp;
import java.util.Date;
import java.util.Properties;
import java.util.UUID;
import javax.mail.Authenticator;
import javax.mail.Message.RecipientType;
import javax.mail.PasswordAuthentication;
import javax.mail.Session;
import javax.mail.Transport;
import javax.mail.internet.InternetAddress;
import javax.mail.internet.MimeMessage;
import javax.servlet.http.HttpServletRequest;
public class EmailUtils {
static String FROM = "";
static String PWD = "";
static {
Properties prop = new Properties();
InputStream is = EmailUtils.class.getResourceAsStream("eamil.properties");
try {
prop.load(is);
FROM = prop.getProperty("username");//邮件服务器用户名
PWD = prop.getProperty("password");//邮件服务器密码
}catch(Exception e) {
e.printStackTrace();
}
}
/**
* 注册成功后,向用户发送帐户激活链接的邮件
* @param user 未激活的用户
*/
public static void sendAccountActivateEmail(SysUser user) {
Session session = getSession();
MimeMessage message = new MimeMessage(session);
try {
message.setSubject("帐户激活邮件");
message.setSentDate(new Date());
message.setFrom(new InternetAddress(FROM));
message.setRecipient(RecipientType.TO, new InternetAddress(user.getEmail()));
message.setContent("<a href='" + GenerateLinkUtils.generateActivateLink(user)+"'>点击激活帐户</a>","text/html;charset=utf-8");
// 发送邮件
Transport.send(message);
} catch (Exception e) {
e.printStackTrace();
}
}
/**
* 发送重设密码链接的邮件
* SysUser user 用户实体
*/
public static void sendResetPasswordEmail(SysUser user,String key,HttpServletRequest request) {
Session session = getSession();
MimeMessage message = new MimeMessage(session);///生成消息体
try {
message.setSubject("找回您的密码");// 设置邮件主题
message.setSentDate(new Date());
message.setFrom(new InternetAddress(FROM));
message.setRecipient(RecipientType.TO, new InternetAddress(user.getEmail()));
message.setContent("请勿回复本邮件, 重置密码请使用以下链接:<br/><a href='" + GenerateLinkUtils.generateResetPwdLink(user,key,request) +"'>点击重新设置密码</a>" +
"<br/>此邮件不用回复,若非本人操作,请忽略!<br/>本邮件超过30分钟,链接将会失效,需要重新申请'找回密码'","text/html;charset=utf-8");
// 发送邮件
Transport.send(message);
} catch (Exception e) {
e.printStackTrace();
}
}
public static Session getSession() {
Properties props = new Properties();
props.setProperty("mail.transport.protocol", "smtp");
props.setProperty("mail.smtp.host", "smtp.163.com");
props.setProperty("mail.smtp.port", "25");
props.setProperty("mail.smtp.auth", "true");
Session session = Session.getInstance(props, new Authenticator() {
@Override
protected PasswordAuthentication getPasswordAuthentication() {
return new PasswordAuthentication(FROM, PWD);
}
});
return session;
}
}
//GenerateLinkUtils工具类,点击右键链接时调用generateResetPwdLink方法。
package com.zhiming.util.mails;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
/**
* 生成帐户激活、重新设置密码的链接
*/
public class GenerateLinkUtils {
private static final String CHECK_CODE = "checkCode";
/**
* 生成重置密码的链接
*/
public static String generateResetPwdLink(SysUser user,String key,HttpServletRequest request) {
String digitalSignature = md5(key);//数字签名
String serverName = request.getServerName();
int serverPort = request.getServerPort();
return "http://" + serverName + ":" + serverPort +request.getContextPath()+"/login/change?uuid=" + user.getCheckid() + "&sid=" + digitalSignature;
}
//md5加密
public static String md5(String string) {
MessageDigest md = null;
try {
md = MessageDigest.getInstance("md5");
md.update(string.getBytes());
byte[] md5Bytes = md.digest();
return bytes2Hex(md5Bytes);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
return null;
}
private static String bytes2Hex(byte[] byteArray)
{
StringBuffer strBuf = new StringBuffer();
for (int i = 0; i < byteArray.length; i++)
{
if(byteArray[i] >= 0 && byteArray[i] < 16)
{
strBuf.append("0");
}
strBuf.append(Integer.toHexString(byteArray[i] & 0xFF));
}
return strBuf.toString();
}
}
@RequestMapping("/change")
public String change(HttpSession session, HttpServletRequest request,
ModelMap map) {
Map<String, Object> maps = new HashMap<String, Object>();
String uuid = request.getParameter("uuid");
String sid = request.getParameter("sid");
if (StrUtil.isNotBlank(uuid)) {
session.setAttribute("check", uuid);
}
if (StrUtil.isBlank(sid)) {
maps.put("result", "找回密码链接已失效!");
return "main/error";
}
String sql = "SELECT * from sys_user WHERE checkid = '" + uuid + "'";
SysUser user = sqlMapper.selectOne(sql, SysUser.class);
if (null == user) {
maps.put("result", "链接错误,无法找到匹配用户,请重新申请找回密码!");
return "main/error";
}
String outDate = user.getOutdate();
Timestamp od = Timestamp.valueOf(outDate);
if (od.getTime() <= System.currentTimeMillis()) {
map.put("result", "链接已经过期,请重新申请找回密码!");
return "main/error";
}
return "main/changePwd";
}
跳转到修改密码界面(changePwd.ftl)
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="renderer" content="webkit">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<title>重置密码申请</title>
<style type="text/css">
.login-msg {
color:#FF8000;
background:url(${request.contextPath}/resources/common/images/icon_wrong.png) left center no-repeat;
padding-left:20px;
}
</style>
</head>
<body>
<div class="container-fluid">
<div class="row">
<div class="col-md-12">
<form class="form-horizontal" role="form">
<fieldset style="width:60%;margin:20px auto;">
<legend><h3><span style="color:red;">重置密码申请</span></h3></legend>
<div class="form-group" style="width:100%;margin:20px auto;margin-top:50px;">
<label class="col-sm-3 control-label" for="pwd">新密码:</label>
<div class="col-sm-5">
<input type="password" class="form-control" id="pwd" placeholder="请输入新密码"/>
</div>
<div class="col-sm-4">
<label id="j-msg" class="login-msg"></label>
</div>
</div>
<div class="form-group" style="width:100%;margin:20px auto;">
<label class="col-sm-3 control-label" for="newPwd">确认密码:</label>
<div class="col-sm-5">
<input type="password" class="form-control" id="newPwd" placeholder="请输入确认密码"/>
</div>
<div class="col-sm-4">
<label id="j-msg-r" class="login-msg"></label>
</div>
</div>
</fieldset>
</form>
</div>
</div>
<div class="row">
<div class="col-md-12" style="margin:0 auto;margin-top:50px;">
<form class="form-horizontal" role="form">
<div class="form-group" style="width:60%;margin:0 auto;">
<div style="float:right;">
<button type="button" class="btn btn-primary btn-lg" style="width:200px;" id="btnReset">重置表单</button>
<button type="button" class="btn btn-primary btn-lg" style="width:200px;" id="btnSave">保存密码</button>
</div>
</div>
</form>
</div>
</div>
</div>
</body>
<script type="text/javascript">
var clearBox = function() {
$('#pwd').val('');
$('#newPwd').val('');
$("#j-msg").html('');
$("#j-msg-r").html('');
}
$(function() {
$('#btnReset').click(function() {
clearBox();
});
$('#btnSave').click(function() {
var pwd = $('#pwd').val();
var newPwd = $('#newPwd').val();
var regex = new RegExp(/[A-Za-z].*[0-9]|[0-9].*[A-Za-z]/g);
if(pwd != 'undefined' && pwd.length<=0) {
$("#j-msg").html("请输入新密码");
return false;
}else if(pwd.length<6 || pwd.length>10) {
$("#j-msg").html("密码长度为6-10位!");
return false;
}else if(!regex.test(pwd)) {
$("#j-msg").html("密码必须包括字母与数据!");
return false;
}else {
$("#j-msg").html('');
}
if(newPwd != 'undefined' && newPwd.length<=0) {
$("#j-msg-r").html("请输入确认密码");
return false;
}else {
$("#j-msg-r").html('');
}
if(pwd.trim() != newPwd.trim()) {
$("#j-msg-r").html("确认密码与新密码输入不一致!");
return false;
}else {
$("#j-msg").html('');
}
$.ajax({
type : 'get',
url : '${request.contextPath}/login/changePwd',
data : {'pwd':pwd},
dataType : 'json',
async : false,
success : function(data) {
//0-必填项不能为空 1-修改成功 2-此用户不存在 3-修改失败!
if(data.key == '1') {
$.messager.alert('提示','密码修改成功,请使用新密码登录!','info',function() {
clearBox();
});
}else if(data.key == '0') {
$.messager.alert('提示','必填项不能为空!','info',function() {
clearBox();
});
}else if(data.key == '2') {
$.messager.alert('提示','此用户不存在,请确认!','info',function() {
clearBox();
});
}else if(data.key == '3') {
$.messager.alert('提示','密码修改失败,请联系管理员!','info',function() {
clearBox();
});
}
}
});
});
})
</script>
</html>
//点击保存密码更新用户表
@ResponseBody
@RequestMapping("/changePwd")
public Map<String, Object> changePwd(String pwd, HttpSession session) {
// 0-必填项不能为空 1-修改成功 2-此用户不存在 3-修改失败!
Map<String, Object> result = new HashMap<String, Object>();
String check = (String) session.getAttribute("check");
if (StrUtil.isBlank(check) || StrUtil.isBlank(pwd)) {
result.put("key", "0");
return result;
}
String selectSql = "SELECT * from sys_user WHERE checkid = '" + check
+ "'";
List<SysUser> list = sqlMapper.selectList(selectSql, SysUser.class);
if (null != list && list.size() > 0) {
SysUser user = list.get(0);
if (null != user) {
try {
String jmPwd = MD5.string2MD5(pwd);
user.setPassword(jmPwd);
sysUserMapper.updateByPrimaryKeySelective(user);
result.put("key", "1");
return result;
} catch (Exception e) {
e.printStackTrace();
result.put("key", "3");
return result;
}
} else {
result.put("key", "2");
return result;
}
} else {
result.put("key", "2");
return result;
}
}
email.properties//配置文件
[email protected]
password=1323232
jar包
javaMail-mail-1.4.jar、 activation.jar