采用rsa加密

67ae1d61 · ma · c6481e69 · 67ae1d61 · 67ae1d61 · 67ae1d61
Commit 67ae1d61 authored Sep 07, 2022 by ma
5 changed files
--- a/license/pom.xml
+++ b/license/pom.xml
@@ -15,6 +15,7 @@
    <description>Demo project for Spring Boot</description>
    <properties>
        <java.version>1.8</java.version>
+        <acc.secret.version>1.0.4</acc.secret.version>
    </properties>

    <dependencies>
@@ -144,6 +145,12 @@
            <version>1.9</version>
        </dependency>

+        <dependency>
+            <groupId>com.acc</groupId>
+            <artifactId>secret</artifactId>
+            <version>${acc.secret.version}</version>
+        </dependency>
+
        <!--邮件-->
        <dependency>
            <groupId>org.springframework.boot</groupId>

--- a/license/src/main/java/iot/sixiang/license/controller/LoginController.java
+++ b/license/src/main/java/iot/sixiang/license/controller/LoginController.java
 package iot.sixiang.license.controller;

+import com.acc.secret.util.RSAUtil;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiImplicitParam;
 import io.swagger.annotations.ApiImplicitParams;
@@ -47,8 +48,10 @@ public class LoginController {

    @Value("${spring.mail.to}")
    private String account;
-    @Value("${other.md5.salt}")
-    private String salt;
+    @Value("${rsa.private_key}")
+    private String PRIVATE_KRY;
+    @Value("${rsa.public_key}")
+    private String PUBLIC_KEY;

    private static final String USER_NAME = "root";
    /**
@@ -68,9 +71,9 @@ public class LoginController {
        }
        User user = userMapper.getUserByUserName(USER_NAME);
        String name = USER_NAME;
-        String psw =  user.getPassword();
+        String pwd =  user.getPassword();
        LoginUser dbUser = new LoginUser(String.valueOf(user.getUserId()), user.getUserName(), user.getPassword());
-        if (DigestUtils.md5DigestAsHex((salt + name + salt).getBytes()).equals(userName) && psw.equals(password)) {
+        if (name.equals(userName) && RSAUtil.getDecryptString(password, PRIVATE_KRY).equals(pwd)) {
            // 登录错误次数
            Integer errCnt = UserUtils.getErrCnt(userName);
            Date countFreezeDate = UserUtils.getCountFreezeDate(userName);
@@ -84,6 +87,7 @@ public class LoginController {
                    LoginVo loginVo = new LoginVo();
                    loginVo.setAuthorization(token);
                    loginVo.setUpdateTime(user.getUpdateTime());
+                    loginVo.setPubKey(PUBLIC_KEY);
                    UserUtils.setToken(dbUser.getUserId(), token);
                    UserUtils.setTokenExp(dbUser.getUserId(), JwtUtil.getTokenExp());
                    UserUtils.removeErrCnt(userName);

--- a/license/src/main/java/iot/sixiang/license/controller/UserController.java
+++ b/license/src/main/java/iot/sixiang/license/controller/UserController.java
 package iot.sixiang.license.controller;


+import com.acc.secret.util.RSAUtil;
 import com.alibaba.fastjson.JSONObject;
 import com.github.xiaoymin.knife4j.annotations.ApiOperationSupport;
 import com.github.xiaoymin.knife4j.annotations.DynamicParameter;
@@ -45,8 +46,8 @@ public class UserController {

    @Autowired
    private UserService userService;
-    @Value("${other.md5.salt}")
-    private String salt;
+    @Value("${rsa.private_key}")
+    private String PRIVATE_KRY;

    @InitBinder
    public void initBinder(WebDataBinder binder) {
@@ -135,6 +136,8 @@ public class UserController {
        } else {
            return BaseResult.failed();
        }
+        oldPassWord = RSAUtil.getDecryptString(oldPassWord, PRIVATE_KRY);
+        newPassWord = RSAUtil.getDecryptString(newPassWord, PRIVATE_KRY);
        if (oldPassWord.equals(user.getPassword())) {
            user.setPassword(newPassWord);
            boolean b = userService.updateUser(user);

--- a/license/src/main/java/iot/sixiang/license/model/vo/LoginVo.java
+++ b/license/src/main/java/iot/sixiang/license/model/vo/LoginVo.java
@@ -14,6 +14,9 @@ public class LoginVo {
    @ApiModelProperty("token")
    private String authorization;

+    @ApiModelProperty("pubKey")
+    private String pubKey;
+
    @ApiModelProperty("更新时间")
    private Date updateTime;
 }
--- a/license/src/main/resources/application.yml
+++ b/license/src/main/resources/application.yml
@@ -32,5 +32,12 @@ server:

 cros:
  # 需要设置访问白名单
-  cros_allowed_origins: http://192.168.1.88:8080, http://localhost:8868
+  cros_allowed_origins: http://192.168.1.88:8080, http://localhost:8868, http://localhost:8080
  cros_allowed_method: GET,POST
+
+other:
+  md5:
+    salt: PI7dBYlEfeP8IZ6vogqFL1U5pVnyCuNAGja3lsREx4M9r0SX
+rsa:
+  public_key: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18W2H1hO98dUWf1PNKNWTWmxCyvvy0NOR7iSvp76J0LdzyMJxs8WHVAmRfSGOb9SvpDZhBVx11bhTBqkl1qMzJWzn+F2ZtTCH2nXZcJHwSfLuGqin5FRBYW1WrFkqwg+R80aOuRSrbo0k1bZg3JPkkCxISHieEZPjSV5a4r7+Xopj0a9Dnh3rh4nDmH2p/wvotkx1oMKdhFglYcAITlk9ucEUf+CDuSdTAFFeKg9+fPqwKqWZRJZPQXqV3pGZ1/JS7gPnBFGZojW44eJufkBeiW3pbBvm/cKOkTnb8o4oltYUJsirYSQCCG+sDtxUAuGxuDCv8p+r8dWE1z5+xKclQIDAQAB
+  private_key: MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDXxbYfWE73x1RZ/U80o1ZNabELK+/LQ05HuJK+nvonQt3PIwnGzxYdUCZF9IY5v1K+kNmEFXHXVuFMGqSXWozMlbOf4XZm1MIfaddlwkfBJ8u4aqKfkVEFhbVasWSrCD5HzRo65FKtujSTVtmDck+SQLEhIeJ4Rk+NJXlrivv5eimPRr0OeHeuHicOYfan/C+i2THWgwp2EWCVhwAhOWT25wRR/4IO5J1MAUV4qD358+rAqpZlElk9BepXekZnX8lLuA+cEUZmiNbjh4m5+QF6JbelsG+b9wo6ROdvyjiiW1hQmyKthJAIIb6wO3FQC4bG4MK/yn6vx1YTXPn7EpyVAgMBAAECggEAR7YQ+kfqLtVThnj2mwLyCtZmndTjZEWhPZrtQmcpsmS5vT7i3+0xZ1qc7cD/3y9j+6u+bvSFmlDondd4/kh85P2X7joLlM9/GNufV9WC7YIhZdAi7i9ooxI2HMc6MtGRiWF0J0B87folwRYrQlF6epv/goh1cQ3FIJ7kxMYzSk0gF0JcmOZn3KH8tMt3t/GK+uVUIycuEQQKsaTTq45nIM7oqhlAwD/M+IO2pGFkLXJ23FzFACI10qBdpn+xL2xFGRO6EE8EAeDslT4OvvN3/vtnSnRNn8CJqfoEG40XO0xrZzH1noI35iPWX1WrN7qFLAhl2oLhu1ZSIA1tz0+I/QKBgQD3X/islXfVmV2XeuHvaf4qcMAdrgLQwtmLlHhFxfFURPh6au8uatDgUA8HWcRACmhtTruytlFRGKKFwZxuQE/LOZh67Uts3GTs5eHN8xvZTL+en+n7B/cCRYrrg3+yAM/k0eezIlk65iW700o+icEHxkwTXhhVBmIROBzpXsVCwwKBgQDfS6kVhgZxLMQePbXUQ1NBr2KbfhXLzceINhsoyWLa1rIk8+9HLSxw8q0zma12Jqkd22OAgkbeLDy+niYPi3pUrWAm8O59Ot1aaOarxMTvEv7+eS+urKId57sli/hQTWsS+xghA4+VfW2+EY++pYyZIp+j+1/Q2ciXWVJy4iv9xwKBgFzW8+kxn2vWxz1WrPzBdtZOwothB0V6G1M7QXhONag+ylKHV4TAKexFn55Onky6mz6K0f7cVeBtsnEonKD0Gf5Xe1aHQEt225ndHMXCe60uFKxfr9y6vIVpvB1vmLkhfOSPsrmUJpDoVzkKr06RPJTCY0LRiag/YQa9XHxpSPcpAoGAKbsiJnudyJjtLhmqWbkbXjNA4n515FjY6YPzH3RDnVJyiKVuGoc+vv0bkYEvAd3HzWSq++FdDTiHQbictFsEyb59McnlSFIv/C2Orptfkq6iKTzMxIBO6/fa6fF2vss5L5rtr33S38VJNTRjAOY/mH74BtV72rRY4LA40G+keRECgYEAiGg0DYxcSGf2bEP1WESYPTTdgS5ke1niIwZ00SgtkIjPSVgTCmf4Tciys6lGSe/Oqnvk24VR6pz07wzcbH92AURVaeqiEvVuVonzA6Yl0jxeOIM31S1BSBJRT8kDijuvwoJu2tPoZG0306KF9L8pyy1Z6cTTmIfGR0NpZCHWPSg=
\ No newline at end of file