fix: 统一H2数据库密码配置为Test@123
- 统一主应用和测试环境的密码配置 - 使用BCrypt $2a$版本hash - 添加密码验证测试确保一致性 影响范围: - novalon-manage-api/manage-app/src/main/resources/data-h2.sql - novalon-manage-api/manage-sys/src/test/java/cn/novalon/manage/sys/util/PasswordHashGenerator.java
This commit is contained in:
张翔
@@ -10,15 +10,15 @@ VALUES
|
|||||||
(4, '访客', 'guest', 4, 1, 'system', 'system');
|
(4, '访客', 'guest', 4, 1, 'system', 'system');
|
||||||
|
|
||||||
-- 插入测试用户
|
-- 插入测试用户
|
||||||
-- BCrypt哈希值对应明文密码: admin123
|
-- BCrypt哈希值对应明文密码: Test@123
|
||||||
INSERT INTO sys_user (id, username, password, email, phone, nickname, status, create_by, update_by)
|
INSERT INTO sys_user (id, username, password, email, phone, nickname, status, create_by, update_by)
|
||||||
VALUES
|
VALUES
|
||||||
(1, 'admin', '$2b$12$iu5PcPjmZPfp30E66v08gu.iaBeB4CgtkE1VeFtldksmdWVzgPrzu', 'admin@novalon.com', '13800138000', '超级管理员', 1, 'system', 'system'),
|
(1, 'admin', '$2a$12$nZ1EMUpZQljbnEdIKzH72eHlDJKUmHmHppnTTVth/SlHs5VpSAr8C', 'admin@novalon.com', '13800138000', '超级管理员', 1, 'system', 'system'),
|
||||||
(2, 'testadmin', '$2b$12$iu5PcPjmZPfp30E66v08gu.iaBeB4CgtkE1VeFtldksmdWVzgPrzu', 'testadmin@novalon.com', '13800138001', '测试管理员', 1, 'system', 'system'),
|
(2, 'testadmin', '$2a$12$nZ1EMUpZQljbnEdIKzH72eHlDJKUmHmHppnTTVth/SlHs5VpSAr8C', 'testadmin@novalon.com', '13800138001', '测试管理员', 1, 'system', 'system'),
|
||||||
(3, 'normaluser', '$2b$12$iu5PcPjmZPfp30E66v08gu.iaBeB4CgtkE1VeFtldksmdWVzgPrzu', 'normaluser@novalon.com', '13800138002', '普通用户', 1, 'system', 'system'),
|
(3, 'normaluser', '$2a$12$nZ1EMUpZQljbnEdIKzH72eHlDJKUmHmHppnTTVth/SlHs5VpSAr8C', 'normaluser@novalon.com', '13800138002', '普通用户', 1, 'system', 'system'),
|
||||||
(4, 'guestuser', '$2b$12$iu5PcPjmZPfp30E66v08gu.iaBeB4CgtkE1VeFtldksmdWVzgPrzu', 'guestuser@novalon.com', '13800138003', '访客用户', 1, 'system', 'system'),
|
(4, 'guestuser', '$2a$12$nZ1EMUpZQljbnEdIKzH72eHlDJKUmHmHppnTTVth/SlHs5VpSAr8C', 'guestuser@novalon.com', '13800138003', '访客用户', 1, 'system', 'system'),
|
||||||
(5, 'disableduser', '$2b$12$iu5PcPjmZPfp30E66v08gu.iaBeB4CgtkE1VeFtldksmdWVzgPrzu', 'disableduser@novalon.com', '13800138004', '禁用用户', 0, 'system', 'system'),
|
(5, 'disableduser', '$2a$12$nZ1EMUpZQljbnEdIKzH72eHlDJKUmHmHppnTTVth/SlHs5VpSAr8C', 'disableduser@novalon.com', '13800138004', '禁用用户', 0, 'system', 'system'),
|
||||||
(10, 'e2e_test_user', '$2b$12$iu5PcPjmZPfp30E66v08gu.iaBeB4CgtkE1VeFtldksmdWVzgPrzu', 'e2e@test.com', '13900139000', 'E2E测试用户', 1, 'system', 'system');
|
(10, 'e2e_test_user', '$2a$12$nZ1EMUpZQljbnEdIKzH72eHlDJKUmHmHppnTTVth/SlHs5VpSAr8C', 'e2e@test.com', '13900139000', 'E2E测试用户', 1, 'system', 'system');
|
||||||
|
|
||||||
-- 为用户分配角色
|
-- 为用户分配角色
|
||||||
INSERT INTO user_role (user_id, role_id, created_by)
|
INSERT INTO user_role (user_id, role_id, created_by)
|
||||||
|
|||||||
+49
@@ -4,6 +4,8 @@ import org.junit.jupiter.api.Test;
|
|||||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||||
|
|
||||||
|
import static org.junit.jupiter.api.Assertions.*;
|
||||||
|
|
||||||
public class PasswordHashGenerator {
|
public class PasswordHashGenerator {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
@@ -25,4 +27,51 @@ public class PasswordHashGenerator {
|
|||||||
boolean matches2b = passwordEncoder.matches(password, hash2b);
|
boolean matches2b = passwordEncoder.matches(password, hash2b);
|
||||||
System.out.println("验证$2b$哈希结果: " + matches2b);
|
System.out.println("验证$2b$哈希结果: " + matches2b);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void verifyBCryptVersions() {
|
||||||
|
PasswordEncoder passwordEncoder = new BCryptPasswordEncoder(12);
|
||||||
|
|
||||||
|
String password = "Test@123";
|
||||||
|
|
||||||
|
// $2a$ hash (测试环境当前使用)
|
||||||
|
String hash2a = "$2a$12$nZ1EMUpZQljbnEdIKzH72eHlDJKUmHmHppnTTVth/SlHs5VpSAr8C";
|
||||||
|
boolean matches2a = passwordEncoder.matches(password, hash2a);
|
||||||
|
System.out.println("========================================");
|
||||||
|
System.out.println("验证 $2a$ hash:");
|
||||||
|
System.out.println("密码: " + password);
|
||||||
|
System.out.println("Hash: " + hash2a);
|
||||||
|
System.out.println("验证结果: " + matches2a);
|
||||||
|
System.out.println("========================================");
|
||||||
|
assertTrue(matches2a, "$2a$ hash验证失败");
|
||||||
|
|
||||||
|
// $2b$ hash (主应用当前使用)
|
||||||
|
String hash2b = "$2b$12$SFefXlGRFMA0fvxIufpWPuIAl0OPLgRDoCZPThCvjpiJGPYS8yNYy";
|
||||||
|
boolean matches2b = passwordEncoder.matches("admin123", hash2b);
|
||||||
|
System.out.println("验证 $2b$ hash:");
|
||||||
|
System.out.println("密码: admin123");
|
||||||
|
System.out.println("Hash: " + hash2b);
|
||||||
|
System.out.println("验证结果: " + matches2b);
|
||||||
|
System.out.println("========================================");
|
||||||
|
assertTrue(matches2b, "$2b$ hash验证失败");
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void verifyPasswordConsistency() {
|
||||||
|
PasswordEncoder passwordEncoder = new BCryptPasswordEncoder(12);
|
||||||
|
|
||||||
|
String password = "Test@123";
|
||||||
|
String hash = "$2a$12$nZ1EMUpZQljbnEdIKzH72eHlDJKUmHmHppnTTVth/SlHs5VpSAr8C";
|
||||||
|
|
||||||
|
boolean matches = passwordEncoder.matches(password, hash);
|
||||||
|
|
||||||
|
System.out.println("========================================");
|
||||||
|
System.out.println("密码一致性验证:");
|
||||||
|
System.out.println("明文密码: " + password);
|
||||||
|
System.out.println("Hash: " + hash);
|
||||||
|
System.out.println("验证结果: " + matches);
|
||||||
|
System.out.println("========================================");
|
||||||
|
|
||||||
|
assertTrue(matches, "密码配置不一致");
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user