diff --git a/ruoyi-admin/src/main/java/com/ruoyi/tc/controller/UnitController.java b/ruoyi-admin/src/main/java/com/ruoyi/tc/controller/UnitController.java index b5fa17b..992b0ef 100644 --- a/ruoyi-admin/src/main/java/com/ruoyi/tc/controller/UnitController.java +++ b/ruoyi-admin/src/main/java/com/ruoyi/tc/controller/UnitController.java @@ -103,6 +103,7 @@ public class UnitController { @ApiOperation(value = "根据用户编号获取详细信息") @GetMapping("/{id}") public AjaxResult getInfo(@PathVariable(value = "id") Long id) { + System.out.println(SecurityUtils.encryptPassword("TcZc@2024")); return AjaxResult.success(unitService.getById(id)); } diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/utils/RsaUtils.java b/ruoyi-common/src/main/java/com/ruoyi/common/utils/RsaUtils.java new file mode 100644 index 0000000..2541b2a --- /dev/null +++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/RsaUtils.java @@ -0,0 +1,45 @@ +package com.ruoyi.common.utils; + +import javax.crypto.Cipher; +import java.security.KeyFactory; +import java.security.PrivateKey; +import java.security.spec.PKCS8EncodedKeySpec; + +/** + * RSA加密解密 + * + * @author ruoyi + **/ +public class RsaUtils +{ + // Rsa 私钥 + private static final String PRIVATE_KEY = "MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCXxtLWRhOIyEhLkxlTbndtzS6RrGsDWV8LOIAEXFCsLZzT20ytAaO4fpXXHah80EwaE4P25Y3+qQBDL8fA5780pSoLDo3Si/qC5KuowNb8F1ncGXSuYzX/3mNMLXF98UW96PvFY198hto8j5snhYtf01WI2L0eZPQFE3Mnh3ZHzos88Jr5vEto+OyHZHa0GRsuRSi33vr1olo8+LA8JkcyS5B6eMdKalYvSiSV6owfwQZfuPoDkD/ghRc8w0owzOSJJGmwgnrkYmYMBudHdldF8LwzNUEEkHrOvk3QXg33Fl8X4lL9jHvbq0K76sDoYMLJPG1D/Ccqk93AU/mdRYJZAgMBAAECggEAG+w3M7aWt25pZoX8fc3v6OJ7s88trOMPSkgtvR+is9p8ZLmOxLFthm67cGUDb1r+9Tkr6QtYcUZ0RugObt3z3mKYdopJ6zdXcidRsW0w4BYHsSd5wO99qsImMIiXvZzawNKRJ0Jd+dHxanzdBYtbFdkSfmepe2MFRb3LTLVuPE1oCTKbzwqPSGWERpkejZJz+Cthc/xp7PWNFtfmEASEuAmYV0tdWC0H6NJqTtg2Stotp4hlk/jTKLoYQW/m3pmnkw1QbVRh1B9mtxTVtGV6HzhiQbuc5HWaUvBm4ysiXjFEtCTpBeDjwvnD1wkDXR1SyVdYiAfDYM2zCCs5OvWPFQKBgQD3MONf6Jn7x6Xo2uwsKwca4HFkfIHpK5TdiFB9p2eCZ4V8JZNPv02fPRldFb56nYVmdNVoo8/z4WG9t6uNoTLDMqTI0wVkrJCufQCI/50XnKITEmLfXOKXkwhekRLi1oho0nEsbaQllFFrlfx4NkcgoW6XL1TW8eRx8JD7EORI9wKBgQCdL3mZ5gumLLhB/RTK5G786jJtztNxQ4jpFtClv25uPJgqsRgSVoLnnTCmLm/yGsHNna/CHbA4mYOYzXiM10WUK1tEqPwYm0nalQAxtXJjNgERKjWWaopZW/f4pCBPV8RG4dk/+13zjPCYTeS4i7J89psHljqoeQoLe4xazLKLLwKBgHgV+f/34gadIQ6UfDOg25zE+JFWo04BbBqLRH8munRxkjmTj5MoXq9DYXUFQToUGGCD1cE2A6p5DaC6/86YRy7pBYDCc1ZLNyZtd7sWYty7rUkSn5Hfb/0u4tv+ImysyCwUQALTaPEQstVPUg2cYMWLZ0xvJAogDVkFA4nU1PJVAoGAEBQ7LDMMHgOVFar95YNYlyad4f22Q2/VIYLj9RCQC1bHehaDj9ypp2e9AkLd0LZL/OyUfhbrX97UR109Z6rdwzpsK6ndn+bCt0lmq68T9HIhyc+3i5t6a4ms5BJl+7fOrDGON61O/wr70ZimPPqNV5siYLRNa8516JbK1L77xKECgYEAyaTui+7B27219nwgoin9AuM0H7B+rzz0GkXmYXzWhxgKB+eBuJbZsrUTOBVkk66j3Ss4cJvQJ9utcFBnS6msEAUCYU6OuInIb/PMv8I7DC7SrrTZpyD9LXKIB4aYtqPrntZSo+75EAHgXNpRYqUwkpZbCuYSIXebno4JOxB1RK8=" + + "CfhCau4K5xqFfYnCDxwN6EfWtl118/RC/H1G6YUH9VZ02hTsIKtcdoz/w3knVDuL/i1uCtKtJDdyejF8osix2IVVA2HNoUPEG+3VH0IJjOoFTZTP76LcuQvgig6pjAtB5+GFPVkkrdxWZc3rn+psCdzYBueVhDRDFatKxfvAQMk90SMNVOLApB8u4aWUdxGju3vOKO5ShBUVutyczTzAOW39hHdzXX5CvGPXNYNv7S55AVAI5ZVdn11dyxgPr6u7n7AuHtc2pvUddHTRM/UczNN5lkpdMvISQy4iHwCw9wGVax3kvRxMzhYiBricSKJWbl4LiAMRV3P15LWkaBwSkw=="; + + /** + * 利用私钥进行解密 + */ + public static String decryptByPrivateKey(String decodeString) throws Exception { + // 将传入的Base64编码字符串解码为字节数组 + byte[] encryptedBytes = java.util.Base64.getDecoder().decode(decodeString); + // 使用私钥解密 + PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(org.apache.commons.codec.binary.Base64.decodeBase64(PRIVATE_KEY)); + KeyFactory keyFactory = KeyFactory.getInstance("RSA"); + PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec); + byte[] decryptedBytes = decrypt(encryptedBytes, privateKey); + // 返回解密后的字符串 + return new String(decryptedBytes); + } + + /** + * 解密操作 + */ + private static byte[] decrypt(byte[] data, PrivateKey privateKey) throws Exception { + // 获取RSA算法的Cipher实例 + Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding"); + // 用私钥初始化Cipher实例,设置为解密模式 + cipher.init(Cipher.DECRYPT_MODE, privateKey); + // 执行解密操作,返回解密后的字节数组 + return cipher.doFinal(data); + } +} \ No newline at end of file diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java index 97abcea..22da3c0 100644 --- a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java +++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java @@ -1,6 +1,8 @@ package com.ruoyi.framework.web.service; import javax.annotation.Resource; + +import com.ruoyi.common.utils.RsaUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.BadCredentialsException; @@ -63,15 +65,21 @@ public class SysLoginService */ public String login(String username, String password, String code, String uuid) { + String strP; + try { + strP = RsaUtils.decryptByPrivateKey(password); + } catch (Exception e) { + throw new RuntimeException(e); + } // 验证码校验 validateCaptcha(username, code, uuid); // 登录前置校验 - loginPreCheck(username, password); + loginPreCheck(username, strP); // 用户验证 Authentication authentication = null; try { - UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username, password); + UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username, strP); AuthenticationContextHolder.setContext(authenticationToken); // 该方法会去调用UserDetailsServiceImpl.loadUserByUsername authentication = authenticationManager.authenticate(authenticationToken);