fix: 统一H2数据库密码配置为Test@123

- 统一主应用和测试环境的密码配置
- 使用BCrypt $2a$版本hash
- 添加密码验证测试确保一致性

影响范围：
- novalon-manage-api/manage-app/src/main/resources/data-h2.sql
- novalon-manage-api/manage-sys/src/test/java/cn/novalon/manage/sys/util/PasswordHashGenerator.java

novalon-manage-api/manage-app/src/main/resources/data-h2.sql

@@ -10,15 +10,15 @@ VALUES
 (4, '访客', 'guest', 4, 1, 'system', 'system');
 
 -- 插入测试用户
--- BCrypt哈希值对应明文密码: admin123
+-- BCrypt哈希值对应明文密码: Test@123
 INSERT INTO sys_user (id, username, password, email, phone, nickname, status, create_by, update_by) 
 VALUES 
-(1, 'admin', '$2b$12$iu5PcPjmZPfp30E66v08gu.iaBeB4CgtkE1VeFtldksmdWVzgPrzu', 'admin@novalon.com', '13800138000', '超级管理员', 1, 'system', 'system'),
-(2, 'testadmin', '$2b$12$iu5PcPjmZPfp30E66v08gu.iaBeB4CgtkE1VeFtldksmdWVzgPrzu', 'testadmin@novalon.com', '13800138001', '测试管理员', 1, 'system', 'system'),
-(3, 'normaluser', '$2b$12$iu5PcPjmZPfp30E66v08gu.iaBeB4CgtkE1VeFtldksmdWVzgPrzu', 'normaluser@novalon.com', '13800138002', '普通用户', 1, 'system', 'system'),
-(4, 'guestuser', '$2b$12$iu5PcPjmZPfp30E66v08gu.iaBeB4CgtkE1VeFtldksmdWVzgPrzu', 'guestuser@novalon.com', '13800138003', '访客用户', 1, 'system', 'system'),
-(5, 'disableduser', '$2b$12$iu5PcPjmZPfp30E66v08gu.iaBeB4CgtkE1VeFtldksmdWVzgPrzu', 'disableduser@novalon.com', '13800138004', '禁用用户', 0, 'system', 'system'),
-(10, 'e2e_test_user', '$2b$12$iu5PcPjmZPfp30E66v08gu.iaBeB4CgtkE1VeFtldksmdWVzgPrzu', 'e2e@test.com', '13900139000', 'E2E测试用户', 1, 'system', 'system');
+(1, 'admin', '$2a$12$nZ1EMUpZQljbnEdIKzH72eHlDJKUmHmHppnTTVth/SlHs5VpSAr8C', 'admin@novalon.com', '13800138000', '超级管理员', 1, 'system', 'system'),
+(2, 'testadmin', '$2a$12$nZ1EMUpZQljbnEdIKzH72eHlDJKUmHmHppnTTVth/SlHs5VpSAr8C', 'testadmin@novalon.com', '13800138001', '测试管理员', 1, 'system', 'system'),
+(3, 'normaluser', '$2a$12$nZ1EMUpZQljbnEdIKzH72eHlDJKUmHmHppnTTVth/SlHs5VpSAr8C', 'normaluser@novalon.com', '13800138002', '普通用户', 1, 'system', 'system'),
+(4, 'guestuser', '$2a$12$nZ1EMUpZQljbnEdIKzH72eHlDJKUmHmHppnTTVth/SlHs5VpSAr8C', 'guestuser@novalon.com', '13800138003', '访客用户', 1, 'system', 'system'),
+(5, 'disableduser', '$2a$12$nZ1EMUpZQljbnEdIKzH72eHlDJKUmHmHppnTTVth/SlHs5VpSAr8C', 'disableduser@novalon.com', '13800138004', '禁用用户', 0, 'system', 'system'),
+(10, 'e2e_test_user', '$2a$12$nZ1EMUpZQljbnEdIKzH72eHlDJKUmHmHppnTTVth/SlHs5VpSAr8C', 'e2e@test.com', '13900139000', 'E2E测试用户', 1, 'system', 'system');
 
 -- 为用户分配角色
 INSERT INTO user_role (user_id, role_id, created_by)

novalon-manage-api/manage-sys/src/test/java/cn/novalon/manage/sys/util/PasswordHashGenerator.java

@@ -4,6 +4,8 @@ import org.junit.jupiter.api.Test;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
 
+import static org.junit.jupiter.api.Assertions.*;
+
 public class PasswordHashGenerator {
     
     @Test
@@ -25,4 +27,51 @@ public class PasswordHashGenerator {
         boolean matches2b = passwordEncoder.matches(password, hash2b);
         System.out.println("验证$2b$哈希结果: " + matches2b);
     }
+    
+    @Test
+    public void verifyBCryptVersions() {
+        PasswordEncoder passwordEncoder = new BCryptPasswordEncoder(12);
+        
+        String password = "Test@123";
+        
+        // $2a$ hash (测试环境当前使用)
+        String hash2a = "$2a$12$nZ1EMUpZQljbnEdIKzH72eHlDJKUmHmHppnTTVth/SlHs5VpSAr8C";
+        boolean matches2a = passwordEncoder.matches(password, hash2a);
+        System.out.println("========================================");
+        System.out.println("验证 $2a$ hash:");
+        System.out.println("密码: " + password);
+        System.out.println("Hash: " + hash2a);
+        System.out.println("验证结果: " + matches2a);
+        System.out.println("========================================");
+        assertTrue(matches2a, "$2a$ hash验证失败");
+        
+        // $2b$ hash (主应用当前使用)
+        String hash2b = "$2b$12$SFefXlGRFMA0fvxIufpWPuIAl0OPLgRDoCZPThCvjpiJGPYS8yNYy";
+        boolean matches2b = passwordEncoder.matches("admin123", hash2b);
+        System.out.println("验证 $2b$ hash:");
+        System.out.println("密码: admin123");
+        System.out.println("Hash: " + hash2b);
+        System.out.println("验证结果: " + matches2b);
+        System.out.println("========================================");
+        assertTrue(matches2b, "$2b$ hash验证失败");
+    }
+    
+    @Test
+    public void verifyPasswordConsistency() {
+        PasswordEncoder passwordEncoder = new BCryptPasswordEncoder(12);
+        
+        String password = "Test@123";
+        String hash = "$2a$12$nZ1EMUpZQljbnEdIKzH72eHlDJKUmHmHppnTTVth/SlHs5VpSAr8C";
+        
+        boolean matches = passwordEncoder.matches(password, hash);
+        
+        System.out.println("========================================");
+        System.out.println("密码一致性验证:");
+        System.out.println("明文密码: " + password);
+        System.out.println("Hash: " + hash);
+        System.out.println("验证结果: " + matches);
+        System.out.println("========================================");
+        
+        assertTrue(matches, "密码配置不一致");
+    }
 }