加盐加密是一种对系统登录口令的加密方式,它实现的方式是将每一个口令同一个叫做”盐“(salt)的n位随机数相关联。无论何时只要口令改变,随机数就改变。随机数以未加密的方式存放在口令文件中,这样每个人都可以读。不再只保存加密过的口令,而是先将口令和随机数连接起来然后一同加密。加密后的结果放假口令文件中。
/// <summary>
/// 用户密码加密
/// </summary>
/// <param name="data">需要加密的参数</param>
/// <returns></returns>
protected string MD5Sign(string strData)
{
//密码:md5加密方式(guid,|,用户密码)
var pwds = Crypto.Hash(HashFlag.MD5).SignData(strData);
//将byte数组转换为16进制的字符串形式
return strData = Crypto.ToHexString(pwds);
}
public string ResetPassWord(int iHmID, int HID)
{
var repos = new HotelManagerRepository();
var resetPwd = repos.Get(x => x.HMID == iHmID && x.HID == HID);
if (resetPwd == null)
throw new ServiceException(10040008, "酒店管理员重置密码失败!");
var hotelInfo = new HotelInfoRepository().Get(x => x.Hid == resetPwd.HID);
var passWords = RandPwd(6);
resetPwd.PassWord = MD5Sign(string.Concat(hotelInfo.HGuid, "|", passWords));
try
{
repos.Update(resetPwd); //更新数据库用户名的密码
//将密码发送给注册人手机
var content = string.Concat("您在云订网的管理员,账号:{1},密码:{2}", resetPwd.LoginName, passWords);
var httpclient = new HttpClient(string.Format("http://message.clding.com/mobile/sendMessage?phones={0}&contents={1}", resetPwd.TelePhone, content));
httpclient.Retry = new Sparrow.CommonLibrary.Retrying.FixedInterval(2);
httpclient.Timeout = 3 * 1000;
httpclient.Get();
return passWords;
}
catch (Exception ex)
{
//throw new ServiceException(10040011, "重置密码成功,请注意短信查收!", ex);
}
return passWords;
}
/// <summary>
/// 生成随机密码
/// </summary>
/// <param name="len"></param>
/// <returns></returns>
protected string RandPwd(int iLen)
{
var str = "0123456789abcdefghijklmnopqrstuvwxyz";
var pwd = new char[iLen];
for (var i = 0; i < iLen; i++)
{
var idx = new Random(Guid.NewGuid().GetHashCode()).Next(str.Length);
pwd[i] = str[idx];
}
return new string(pwd);
}