dao layer
/** * Find user login problems * @param username * @return */ String
selectQuestionByUsername(String username); /** * Verify that the answer to the question is correct * @param username *
@param question * @param answer * @return */ int checkAnswer(@Param("username")
String username,@Param("question") String question,@Param("answer") String
answer); /** * Forget the reset password in the password * @param username * @param passwordNew * @return */
int updatePasswordByUsername(@Param("username") String
username,@Param("passwordNew") String passwordNew); /** * Find password to check for old password * @param
password * @return */ int checkPassword(@Param("password")String
password,@Param("userId") Integer userId);
 

 

mybatis 
<select id="selectQuestionByUsername" resultType="string"
parameterType="string"> select question from mmall_user where
username=#{username} </select> <!-- Multiple parameters to use map --> <select id="checkAnswer"
resultType="int" parameterType="map"> SELECT count(1) where
username=#{username} and question=#{question} and answer=#{answer} </select>
<update id="updatePasswordByUsername" parameterType="map"> update mmall_user
set password=#{passwordNew},update_time=now() where username=#{username}
</update> <select id="checkPassword" resultType="int" parameterType="map">
select count(1) from mmall_user where password=#{password} and id=#{userId}
</select>
 

 

Business layer interface
/** * Find problems * @param username * @return */ ServerResponse selectQuestion(String
username); /** * Verify whether the user's password is correct * @param username * @param question * @param
answer * @return */ ServerResponse<String> checkAnswer(String username,String
question,String answer); /** * Reset password in forget password * @param username * @param passwordNew
* @param forgetToken * @return */ ServerResponse<String>
forgetRestPassword(String username,String passwordNew,String forgetToken); /**
* Reset password in old password * @param passwordOld * @param passwordNew * @param user * @return */
ServerResponse<String> resetPassword(String passwordOld,String passwordNew,User
user);
 

Business implementation interface
public ServerResponse selectQuestion(String username){ ServerResponse
validResponse=this.checkValid(username,Const.USERNAME);
if(validResponse.isSuccess()){ // user does not exist return
ServerResponse.createByErrorMessage(" user does not exist "); } String
question=userMapper.selectQuestionByUsername(username);
if(StringUtils.isNotBlank(question)){ return
ServerResponse.createBySuccess(question); } return
ServerResponse.createByErrorMessage(" The question to retrieve the password is empty "); } // public static void
main(String[] args) { // System.out.println(UUID.randomUUID().toString()); // }
public ServerResponse<String> checkAnswer(String username,String
question,String answer){ int
resultCount=userMapper.checkAnswer(username,question,answer); if(resultCount >0
){ // Explain that the question and the answer to the question are for this user , And it's right String forgetToken= UUID.randomUUID().toString();
TokenCache.setKey(TokenCache.TOKEN_PREFIX+username,forgetToken); return
ServerResponse.createBySuccess(forgetToken); } return
ServerResponse.createByErrorMessage(" The answer to the question is wrong "); } public ServerResponse<String>
forgetRestPassword(String username,String passwordNew,String forgetToken){
if(StringUtils.isBlank(forgetToken)){ return
ServerResponse.createByErrorMessage(" Parameter error ,token Need to pass "); } ServerResponse
validResponse=this.checkValid(username,Const.USERNAME);
if(validResponse.isSuccess()){ // user does not exist return
ServerResponse.createByErrorMessage(" user does not exist "); } String
token=TokenCache.getKey(TokenCache.TOKEN_PREFIX+username);
if(StringUtils.isBlank(token)){ return
ServerResponse.createByErrorMessage("token Invalid or expired "); }
if(StringUtils.equals(forgetToken,token)){ String
md5Password=MD5Util.MD5EncodeUtf8(passwordNew); int
rowCount=userMapper.updatePasswordByUsername(username,md5Password);
if(rowCount>0){ return ServerResponse.createBySuccessMessage(" Password changed successfully "); } }else
{ return ServerResponse.createByErrorMessage("token error , Please get the password reset again token"); }
return ServerResponse.createByErrorMessage(" Failed to modify password "); } public
ServerResponse<String> resetPassword(String passwordOld,String passwordNew,User
user){
// Prevent lateral ultra vires , Check the old password of this user , Be sure to specify this user , Because we will query one count(1), If not specified id, So the result is true la count>0;
int
resultCount=userMapper.checkPassword(MD5Util.MD5EncodeUtf8(passwordOld),user.getId());
if(resultCount ==0){ return ServerResponse.createByErrorMessage(" Old password error "); }
user.setPassword(MD5Util.MD5EncodeUtf8(passwordNew)); int
updateCount=userMapper.updateByPrimaryKeySelective(user); if(updateCount>0){
return ServerResponse.createBySuccessMessage(" Password updated successfully "); } return
ServerResponse.createByErrorMessage(" Password update failed "); }
 

controller layer
/** * Get user information * @param session * @return */ @RequestMapping(value =
"get_user_info.do",method = RequestMethod.GET) @ResponseBody public
ServerResponse<User> getUserInfo(HttpSession session){ User user=(User)
session.getAttribute(Const.CURRENT_USER); if(user!=null){ return
ServerResponse.createBySuccess(user); } return
ServerResponse.createByErrorMessage(" User not logged in "); } /** * Problem password acquisition * @param username
* @return */ @RequestMapping(value = "forget_get_question.do",method =
RequestMethod.GET) @ResponseBody public ServerResponse<String>
forgetGetQuestion(String username){ return
iUserService.selectQuestion(username); } /** * Check the answer to the question * @param username *
@param question * @param answer * @return */ @RequestMapping(value =
"forget_check_answer.do",method = RequestMethod.GET) @ResponseBody public
ServerResponse<String> forgetCheckAnswer(String username,String question,String
answer){ return iUserService.checkAnswer(username,question,answer); } /** *
Forget the reset password in the password * @param username * @param passwordNew * @param forgetToken *
@return */ @RequestMapping(value = "forget_reset_password.do",method =
RequestMethod.GET) @ResponseBody public ServerResponse<String>
forgetRestPassword(String username,String passwordNew,String forgetToken){
return iUserService.forgetRestPassword(username,passwordNew,forgetToken); } /**
* Old password reset password * @param session * @param passwordOld * @param passwordNew * @return
*/ @RequestMapping(value = "reset_password.do",method = RequestMethod.GET)
@ResponseBody public ServerResponse<String> resetPassword(HttpSession
session,String passwordOld,String passwordNew){ User
user=(User)session.getAttribute(Const.CURRENT_USER); if(user == null){ return
ServerResponse.createByErrorMessage(" User not logged in "); } return
iUserService.resetPassword(passwordOld,passwordNew,user); }
 

Technology