登录密码加密

main
杜函宇 2 months ago
parent 368c71aaa8
commit 683973b642

@ -103,6 +103,7 @@ public class UnitController {
@ApiOperation(value = "根据用户编号获取详细信息") @ApiOperation(value = "根据用户编号获取详细信息")
@GetMapping("/{id}") @GetMapping("/{id}")
public AjaxResult getInfo(@PathVariable(value = "id") Long id) { public AjaxResult getInfo(@PathVariable(value = "id") Long id) {
System.out.println(SecurityUtils.encryptPassword("TcZc@2024"));
return AjaxResult.success(unitService.getById(id)); return AjaxResult.success(unitService.getById(id));
} }

@ -0,0 +1,45 @@
package com.ruoyi.common.utils;
import javax.crypto.Cipher;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.spec.PKCS8EncodedKeySpec;
/**
* RSA
*
* @author ruoyi
**/
public class RsaUtils
{
// Rsa 私钥
private static final String PRIVATE_KEY = "MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCXxtLWRhOIyEhLkxlTbndtzS6RrGsDWV8LOIAEXFCsLZzT20ytAaO4fpXXHah80EwaE4P25Y3+qQBDL8fA5780pSoLDo3Si/qC5KuowNb8F1ncGXSuYzX/3mNMLXF98UW96PvFY198hto8j5snhYtf01WI2L0eZPQFE3Mnh3ZHzos88Jr5vEto+OyHZHa0GRsuRSi33vr1olo8+LA8JkcyS5B6eMdKalYvSiSV6owfwQZfuPoDkD/ghRc8w0owzOSJJGmwgnrkYmYMBudHdldF8LwzNUEEkHrOvk3QXg33Fl8X4lL9jHvbq0K76sDoYMLJPG1D/Ccqk93AU/mdRYJZAgMBAAECggEAG+w3M7aWt25pZoX8fc3v6OJ7s88trOMPSkgtvR+is9p8ZLmOxLFthm67cGUDb1r+9Tkr6QtYcUZ0RugObt3z3mKYdopJ6zdXcidRsW0w4BYHsSd5wO99qsImMIiXvZzawNKRJ0Jd+dHxanzdBYtbFdkSfmepe2MFRb3LTLVuPE1oCTKbzwqPSGWERpkejZJz+Cthc/xp7PWNFtfmEASEuAmYV0tdWC0H6NJqTtg2Stotp4hlk/jTKLoYQW/m3pmnkw1QbVRh1B9mtxTVtGV6HzhiQbuc5HWaUvBm4ysiXjFEtCTpBeDjwvnD1wkDXR1SyVdYiAfDYM2zCCs5OvWPFQKBgQD3MONf6Jn7x6Xo2uwsKwca4HFkfIHpK5TdiFB9p2eCZ4V8JZNPv02fPRldFb56nYVmdNVoo8/z4WG9t6uNoTLDMqTI0wVkrJCufQCI/50XnKITEmLfXOKXkwhekRLi1oho0nEsbaQllFFrlfx4NkcgoW6XL1TW8eRx8JD7EORI9wKBgQCdL3mZ5gumLLhB/RTK5G786jJtztNxQ4jpFtClv25uPJgqsRgSVoLnnTCmLm/yGsHNna/CHbA4mYOYzXiM10WUK1tEqPwYm0nalQAxtXJjNgERKjWWaopZW/f4pCBPV8RG4dk/+13zjPCYTeS4i7J89psHljqoeQoLe4xazLKLLwKBgHgV+f/34gadIQ6UfDOg25zE+JFWo04BbBqLRH8munRxkjmTj5MoXq9DYXUFQToUGGCD1cE2A6p5DaC6/86YRy7pBYDCc1ZLNyZtd7sWYty7rUkSn5Hfb/0u4tv+ImysyCwUQALTaPEQstVPUg2cYMWLZ0xvJAogDVkFA4nU1PJVAoGAEBQ7LDMMHgOVFar95YNYlyad4f22Q2/VIYLj9RCQC1bHehaDj9ypp2e9AkLd0LZL/OyUfhbrX97UR109Z6rdwzpsK6ndn+bCt0lmq68T9HIhyc+3i5t6a4ms5BJl+7fOrDGON61O/wr70ZimPPqNV5siYLRNa8516JbK1L77xKECgYEAyaTui+7B27219nwgoin9AuM0H7B+rzz0GkXmYXzWhxgKB+eBuJbZsrUTOBVkk66j3Ss4cJvQJ9utcFBnS6msEAUCYU6OuInIb/PMv8I7DC7SrrTZpyD9LXKIB4aYtqPrntZSo+75EAHgXNpRYqUwkpZbCuYSIXebno4JOxB1RK8=" +
"CfhCau4K5xqFfYnCDxwN6EfWtl118/RC/H1G6YUH9VZ02hTsIKtcdoz/w3knVDuL/i1uCtKtJDdyejF8osix2IVVA2HNoUPEG+3VH0IJjOoFTZTP76LcuQvgig6pjAtB5+GFPVkkrdxWZc3rn+psCdzYBueVhDRDFatKxfvAQMk90SMNVOLApB8u4aWUdxGju3vOKO5ShBUVutyczTzAOW39hHdzXX5CvGPXNYNv7S55AVAI5ZVdn11dyxgPr6u7n7AuHtc2pvUddHTRM/UczNN5lkpdMvISQy4iHwCw9wGVax3kvRxMzhYiBricSKJWbl4LiAMRV3P15LWkaBwSkw==";
/**
*
*/
public static String decryptByPrivateKey(String decodeString) throws Exception {
// 将传入的Base64编码字符串解码为字节数组
byte[] encryptedBytes = java.util.Base64.getDecoder().decode(decodeString);
// 使用私钥解密
PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(org.apache.commons.codec.binary.Base64.decodeBase64(PRIVATE_KEY));
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);
byte[] decryptedBytes = decrypt(encryptedBytes, privateKey);
// 返回解密后的字符串
return new String(decryptedBytes);
}
/**
*
*/
private static byte[] decrypt(byte[] data, PrivateKey privateKey) throws Exception {
// 获取RSA算法的Cipher实例
Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
// 用私钥初始化Cipher实例设置为解密模式
cipher.init(Cipher.DECRYPT_MODE, privateKey);
// 执行解密操作,返回解密后的字节数组
return cipher.doFinal(data);
}
}

@ -1,6 +1,8 @@
package com.ruoyi.framework.web.service; package com.ruoyi.framework.web.service;
import javax.annotation.Resource; import javax.annotation.Resource;
import com.ruoyi.common.utils.RsaUtils;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.authentication.BadCredentialsException;
@ -63,15 +65,21 @@ public class SysLoginService
*/ */
public String login(String username, String password, String code, String uuid) public String login(String username, String password, String code, String uuid)
{ {
String strP;
try {
strP = RsaUtils.decryptByPrivateKey(password);
} catch (Exception e) {
throw new RuntimeException(e);
}
// 验证码校验 // 验证码校验
validateCaptcha(username, code, uuid); validateCaptcha(username, code, uuid);
// 登录前置校验 // 登录前置校验
loginPreCheck(username, password); loginPreCheck(username, strP);
// 用户验证 // 用户验证
Authentication authentication = null; Authentication authentication = null;
try try
{ {
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username, password); UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username, strP);
AuthenticationContextHolder.setContext(authenticationToken); AuthenticationContextHolder.setContext(authenticationToken);
// 该方法会去调用UserDetailsServiceImpl.loadUserByUsername // 该方法会去调用UserDetailsServiceImpl.loadUserByUsername
authentication = authenticationManager.authenticate(authenticationToken); authentication = authenticationManager.authenticate(authenticationToken);

Loading…
Cancel
Save