Commit 67ae1d61 authored by ma's avatar ma

采用rsa加密

parent c6481e69
...@@ -15,6 +15,7 @@ ...@@ -15,6 +15,7 @@
<description>Demo project for Spring Boot</description> <description>Demo project for Spring Boot</description>
<properties> <properties>
<java.version>1.8</java.version> <java.version>1.8</java.version>
<acc.secret.version>1.0.4</acc.secret.version>
</properties> </properties>
<dependencies> <dependencies>
...@@ -144,6 +145,12 @@ ...@@ -144,6 +145,12 @@
<version>1.9</version> <version>1.9</version>
</dependency> </dependency>
<dependency>
<groupId>com.acc</groupId>
<artifactId>secret</artifactId>
<version>${acc.secret.version}</version>
</dependency>
<!--邮件--> <!--邮件-->
<dependency> <dependency>
<groupId>org.springframework.boot</groupId> <groupId>org.springframework.boot</groupId>
......
package iot.sixiang.license.controller; package iot.sixiang.license.controller;
import com.acc.secret.util.RSAUtil;
import io.swagger.annotations.Api; import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam; import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiImplicitParams; import io.swagger.annotations.ApiImplicitParams;
...@@ -47,8 +48,10 @@ public class LoginController { ...@@ -47,8 +48,10 @@ public class LoginController {
@Value("${spring.mail.to}") @Value("${spring.mail.to}")
private String account; private String account;
@Value("${other.md5.salt}") @Value("${rsa.private_key}")
private String salt; private String PRIVATE_KRY;
@Value("${rsa.public_key}")
private String PUBLIC_KEY;
private static final String USER_NAME = "root"; private static final String USER_NAME = "root";
/** /**
...@@ -68,9 +71,9 @@ public class LoginController { ...@@ -68,9 +71,9 @@ public class LoginController {
} }
User user = userMapper.getUserByUserName(USER_NAME); User user = userMapper.getUserByUserName(USER_NAME);
String name = USER_NAME; String name = USER_NAME;
String psw = user.getPassword(); String pwd = user.getPassword();
LoginUser dbUser = new LoginUser(String.valueOf(user.getUserId()), user.getUserName(), user.getPassword()); LoginUser dbUser = new LoginUser(String.valueOf(user.getUserId()), user.getUserName(), user.getPassword());
if (DigestUtils.md5DigestAsHex((salt + name + salt).getBytes()).equals(userName) && psw.equals(password)) { if (name.equals(userName) && RSAUtil.getDecryptString(password, PRIVATE_KRY).equals(pwd)) {
// 登录错误次数 // 登录错误次数
Integer errCnt = UserUtils.getErrCnt(userName); Integer errCnt = UserUtils.getErrCnt(userName);
Date countFreezeDate = UserUtils.getCountFreezeDate(userName); Date countFreezeDate = UserUtils.getCountFreezeDate(userName);
...@@ -84,6 +87,7 @@ public class LoginController { ...@@ -84,6 +87,7 @@ public class LoginController {
LoginVo loginVo = new LoginVo(); LoginVo loginVo = new LoginVo();
loginVo.setAuthorization(token); loginVo.setAuthorization(token);
loginVo.setUpdateTime(user.getUpdateTime()); loginVo.setUpdateTime(user.getUpdateTime());
loginVo.setPubKey(PUBLIC_KEY);
UserUtils.setToken(dbUser.getUserId(), token); UserUtils.setToken(dbUser.getUserId(), token);
UserUtils.setTokenExp(dbUser.getUserId(), JwtUtil.getTokenExp()); UserUtils.setTokenExp(dbUser.getUserId(), JwtUtil.getTokenExp());
UserUtils.removeErrCnt(userName); UserUtils.removeErrCnt(userName);
......
package iot.sixiang.license.controller; package iot.sixiang.license.controller;
import com.acc.secret.util.RSAUtil;
import com.alibaba.fastjson.JSONObject; import com.alibaba.fastjson.JSONObject;
import com.github.xiaoymin.knife4j.annotations.ApiOperationSupport; import com.github.xiaoymin.knife4j.annotations.ApiOperationSupport;
import com.github.xiaoymin.knife4j.annotations.DynamicParameter; import com.github.xiaoymin.knife4j.annotations.DynamicParameter;
...@@ -45,8 +46,8 @@ public class UserController { ...@@ -45,8 +46,8 @@ public class UserController {
@Autowired @Autowired
private UserService userService; private UserService userService;
@Value("${other.md5.salt}") @Value("${rsa.private_key}")
private String salt; private String PRIVATE_KRY;
@InitBinder @InitBinder
public void initBinder(WebDataBinder binder) { public void initBinder(WebDataBinder binder) {
...@@ -135,6 +136,8 @@ public class UserController { ...@@ -135,6 +136,8 @@ public class UserController {
} else { } else {
return BaseResult.failed(); return BaseResult.failed();
} }
oldPassWord = RSAUtil.getDecryptString(oldPassWord, PRIVATE_KRY);
newPassWord = RSAUtil.getDecryptString(newPassWord, PRIVATE_KRY);
if (oldPassWord.equals(user.getPassword())) { if (oldPassWord.equals(user.getPassword())) {
user.setPassword(newPassWord); user.setPassword(newPassWord);
boolean b = userService.updateUser(user); boolean b = userService.updateUser(user);
......
...@@ -14,6 +14,9 @@ public class LoginVo { ...@@ -14,6 +14,9 @@ public class LoginVo {
@ApiModelProperty("token") @ApiModelProperty("token")
private String authorization; private String authorization;
@ApiModelProperty("pubKey")
private String pubKey;
@ApiModelProperty("更新时间") @ApiModelProperty("更新时间")
private Date updateTime; private Date updateTime;
} }
...@@ -32,5 +32,12 @@ server: ...@@ -32,5 +32,12 @@ server:
cros: cros:
# 需要设置访问白名单 # 需要设置访问白名单
cros_allowed_origins: http://192.168.1.88:8080, http://localhost:8868 cros_allowed_origins: http://192.168.1.88:8080, http://localhost:8868, http://localhost:8080
cros_allowed_method: GET,POST cros_allowed_method: GET,POST
other:
md5:
salt: PI7dBYlEfeP8IZ6vogqFL1U5pVnyCuNAGja3lsREx4M9r0SX
rsa:
public_key: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18W2H1hO98dUWf1PNKNWTWmxCyvvy0NOR7iSvp76J0LdzyMJxs8WHVAmRfSGOb9SvpDZhBVx11bhTBqkl1qMzJWzn+F2ZtTCH2nXZcJHwSfLuGqin5FRBYW1WrFkqwg+R80aOuRSrbo0k1bZg3JPkkCxISHieEZPjSV5a4r7+Xopj0a9Dnh3rh4nDmH2p/wvotkx1oMKdhFglYcAITlk9ucEUf+CDuSdTAFFeKg9+fPqwKqWZRJZPQXqV3pGZ1/JS7gPnBFGZojW44eJufkBeiW3pbBvm/cKOkTnb8o4oltYUJsirYSQCCG+sDtxUAuGxuDCv8p+r8dWE1z5+xKclQIDAQAB
private_key: MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDXxbYfWE73x1RZ/U80o1ZNabELK+/LQ05HuJK+nvonQt3PIwnGzxYdUCZF9IY5v1K+kNmEFXHXVuFMGqSXWozMlbOf4XZm1MIfaddlwkfBJ8u4aqKfkVEFhbVasWSrCD5HzRo65FKtujSTVtmDck+SQLEhIeJ4Rk+NJXlrivv5eimPRr0OeHeuHicOYfan/C+i2THWgwp2EWCVhwAhOWT25wRR/4IO5J1MAUV4qD358+rAqpZlElk9BepXekZnX8lLuA+cEUZmiNbjh4m5+QF6JbelsG+b9wo6ROdvyjiiW1hQmyKthJAIIb6wO3FQC4bG4MK/yn6vx1YTXPn7EpyVAgMBAAECggEAR7YQ+kfqLtVThnj2mwLyCtZmndTjZEWhPZrtQmcpsmS5vT7i3+0xZ1qc7cD/3y9j+6u+bvSFmlDondd4/kh85P2X7joLlM9/GNufV9WC7YIhZdAi7i9ooxI2HMc6MtGRiWF0J0B87folwRYrQlF6epv/goh1cQ3FIJ7kxMYzSk0gF0JcmOZn3KH8tMt3t/GK+uVUIycuEQQKsaTTq45nIM7oqhlAwD/M+IO2pGFkLXJ23FzFACI10qBdpn+xL2xFGRO6EE8EAeDslT4OvvN3/vtnSnRNn8CJqfoEG40XO0xrZzH1noI35iPWX1WrN7qFLAhl2oLhu1ZSIA1tz0+I/QKBgQD3X/islXfVmV2XeuHvaf4qcMAdrgLQwtmLlHhFxfFURPh6au8uatDgUA8HWcRACmhtTruytlFRGKKFwZxuQE/LOZh67Uts3GTs5eHN8xvZTL+en+n7B/cCRYrrg3+yAM/k0eezIlk65iW700o+icEHxkwTXhhVBmIROBzpXsVCwwKBgQDfS6kVhgZxLMQePbXUQ1NBr2KbfhXLzceINhsoyWLa1rIk8+9HLSxw8q0zma12Jqkd22OAgkbeLDy+niYPi3pUrWAm8O59Ot1aaOarxMTvEv7+eS+urKId57sli/hQTWsS+xghA4+VfW2+EY++pYyZIp+j+1/Q2ciXWVJy4iv9xwKBgFzW8+kxn2vWxz1WrPzBdtZOwothB0V6G1M7QXhONag+ylKHV4TAKexFn55Onky6mz6K0f7cVeBtsnEonKD0Gf5Xe1aHQEt225ndHMXCe60uFKxfr9y6vIVpvB1vmLkhfOSPsrmUJpDoVzkKr06RPJTCY0LRiag/YQa9XHxpSPcpAoGAKbsiJnudyJjtLhmqWbkbXjNA4n515FjY6YPzH3RDnVJyiKVuGoc+vv0bkYEvAd3HzWSq++FdDTiHQbictFsEyb59McnlSFIv/C2Orptfkq6iKTzMxIBO6/fa6fF2vss5L5rtr33S38VJNTRjAOY/mH74BtV72rRY4LA40G+keRECgYEAiGg0DYxcSGf2bEP1WESYPTTdgS5ke1niIwZ00SgtkIjPSVgTCmf4Tciys6lGSe/Oqnvk24VR6pz07wzcbH92AURVaeqiEvVuVonzA6Yl0jxeOIM31S1BSBJRT8kDijuvwoJu2tPoZG0306KF9L8pyy1Z6cTTmIfGR0NpZCHWPSg=
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment