AI generated changes for conversation 38

src/main/java/com/chinaweal/youfool/course/controller/LoginController.java

@@ -51,7 +51,7 @@ public class LoginController {
 
         // 查询用户信息
         SysUser sysUser = sysUserService.getUserByUsername(username);
-        if (sysUser == null || !sysUser.getPassword().equals(password)) {
+        if (sysUser == null || !SysUser.verifyPassword(password, sysUser.getPassword())) {
             return RestResult.error(BaseResultCode.BUSINESS_LOGIC_ERROR, "用户名或密码错误");
         }
 

src/main/java/com/chinaweal/youfool/course/entity/SysUser.java

@@ -9,6 +9,8 @@ import lombok.Data;
 
 import java.io.Serial;
 import java.io.Serializable;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
 
 /**
  * 系统用户实体类
@@ -98,4 +100,64 @@ public class SysUser implements Serializable {
     @TableField("gitea_open_id")
     @Schema(description = "Gitea Open ID", example = "1234567890")
     private String giteaOpenId;
+
+    /**
+     * 密码加密方法
+     *
+     * <p>将原始密码按照MD5(MD5(原密码)+123456)的方式加密</p>
+     *
+     * @param originalPassword 原始密码
+     * @return 加密后的密码
+     */
+    public static String encryptPassword(String originalPassword) {
+        try {
+            MessageDigest md5 = MessageDigest.getInstance("MD5");
+            
+            // 第一次MD5加密
+            byte[] firstHash = md5.digest(originalPassword.getBytes());
+            String firstMd5 = bytesToHex(firstHash);
+            
+            // 拼接123456
+            String combined = firstMd5 + "123456";
+            
+            // 第二次MD5加密
+            byte[] secondHash = md5.digest(combined.getBytes());
+            return bytesToHex(secondHash);
+            
+        } catch (NoSuchAlgorithmException e) {
+            throw new RuntimeException("MD5算法不可用", e);
+        }
+    }
+
+    /**
+     * 字节数组转十六进制字符串
+     *
+     * @param bytes 字节数组
+     * @return 十六进制字符串
+     */
+    private static String bytesToHex(byte[] bytes) {
+        StringBuilder hexString = new StringBuilder();
+        for (byte b : bytes) {
+            String hex = Integer.toHexString(0xff & b);
+            if (hex.length() == 1) {
+                hexString.append('0');
+            }
+            hexString.append(hex);
+        }
+        return hexString.toString();
+    }
+
+    /**
+     * 验证密码
+     *
+     * <p>验证输入的密码是否与存储的密码匹配</p>
+     *
+     * @param inputPassword 输入的密码
+     * @param storedPassword 存储的密码
+     * @return 是否匹配
+     */
+    public static boolean verifyPassword(String inputPassword, String storedPassword) {
+        String encryptedInput = encryptPassword(inputPassword);
+        return encryptedInput.equals(storedPassword);
+    }
 }

src/test/java/com/chinaweal/youfool/course/entity/SysUserTest.java

@@ -0,0 +1,57 @@
+package com.chinaweal.youfool.course.entity;
+
+import org.junit.jupiter.api.Test;
+import static org.junit.jupiter.api.Assertions.*;
+
+/**
+ * SysUser密码加密测试类
+ *
+ * @author test
+ * @since 1.0.0
+ */
+public class SysUserTest {
+
+    @Test
+    public void testEncryptPassword() {
+        // 测试密码加密功能
+        String originalPassword = "test123";
+        String encryptedPassword = SysUser.encryptPassword(originalPassword);
+        
+        // 验证加密结果不为空
+        assertNotNull(encryptedPassword);
+        // 验证加密结果是32位MD5哈希值
+        assertEquals(32, encryptedPassword.length());
+        // 验证相同密码加密结果一致
+        String encryptedPassword2 = SysUser.encryptPassword(originalPassword);
+        assertEquals(encryptedPassword, encryptedPassword2);
+    }
+
+    @Test
+    public void testVerifyPassword() {
+        // 测试密码验证功能
+        String originalPassword = "test123";
+        String encryptedPassword = SysUser.encryptPassword(originalPassword);
+        
+        // 验证正确密码
+        assertTrue(SysUser.verifyPassword(originalPassword, encryptedPassword));
+        
+        // 验证错误密码
+        assertFalse(SysUser.verifyPassword("wrongPassword", encryptedPassword));
+    }
+
+    @Test
+    public void testPasswordEncryptionWithExample() {
+        // 测试具体示例：密码"admin"的加密结果
+        String password = "admin";
+        String encrypted = SysUser.encryptPassword(password);
+        
+        System.out.println("密码 '" + password + "' 的加密结果: " + encrypted);
+        
+        // 验证加密结果
+        assertNotNull(encrypted);
+        assertEquals(32, encrypted.length());
+        
+        // 验证能够正确验证
+        assertTrue(SysUser.verifyPassword(password, encrypted));
+    }
+}