Browse Source

app登陆注册手机号跟密码加密传输

李书文 1 year ago
parent
commit
de1d02729d

+ 105 - 0
sp-core/sp-base/src/main/java/com/pj/utils/Aes.java

@@ -0,0 +1,105 @@
+package com.pj.utils;
+
+import com.alibaba.druid.util.StringUtils;
+import sun.misc.BASE64Decoder;
+
+import javax.crypto.Cipher;
+import javax.crypto.KeyGenerator;
+import javax.crypto.spec.SecretKeySpec;
+import java.math.BigInteger;
+
+public class Aes {
+
+    //密钥 (需要前端和后端保持一致)
+    private static final String KEY = "abcdefgabcdefg12";
+    //算法
+    private static final String ALGORITHMSTR = "AES/ECB/PKCS5Padding";
+
+    /**
+     * aes解密
+     *
+     * @param encrypt 内容
+     * @return
+     * @throws Exception
+     */
+    public static String aesDecrypt(String encrypt) {
+        try {
+            return aesDecrypt(encrypt, KEY);
+        } catch (Exception e) {
+            e.printStackTrace();
+            return "";
+        }
+    }
+
+    /**
+     * 将byte[]转为各种进制的字符串
+     *
+     * @param bytes byte[]
+     * @param radix 可以转换进制的范围,从Character.MIN_RADIX到Character.MAX_RADIX,超出范围后变为10进制
+     * @return 转换后的字符串
+     */
+    public static String binary(byte[] bytes, int radix) {
+        return new BigInteger(1, bytes).toString(radix);// 这里的1代表正数
+    }
+
+    /**
+     * base 64 decode
+     *
+     * @param base64Code 待解码的base 64 code
+     * @return 解码后的byte[]
+     * @throws Exception
+     */
+    public static byte[] base64Decode(String base64Code) throws Exception {
+        return StringUtils.isEmpty(base64Code) ? null : new BASE64Decoder().decodeBuffer(base64Code);
+    }
+
+
+    /**
+     * AES加密
+     *
+     * @param content    待加密的内容
+     * @param encryptKey 加密密钥
+     * @return 加密后的byte[]
+     * @throws Exception
+     */
+    public static byte[] aesEncryptToBytes(String content, String encryptKey) throws Exception {
+        KeyGenerator kgen = KeyGenerator.getInstance("AES");
+        kgen.init(128);
+        Cipher cipher = Cipher.getInstance(ALGORITHMSTR);
+        cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(encryptKey.getBytes(), "AES"));
+
+        return cipher.doFinal(content.getBytes("utf-8"));
+    }
+
+
+    /**
+     * AES解密
+     *
+     * @param encryptBytes 待解密的byte[]
+     * @param decryptKey   解密密钥
+     * @return 解密后的String
+     * @throws Exception
+     */
+    public static String aesDecryptByBytes(byte[] encryptBytes, String decryptKey) throws Exception {
+        KeyGenerator kgen = KeyGenerator.getInstance("AES");
+        kgen.init(128);
+
+        Cipher cipher = Cipher.getInstance(ALGORITHMSTR);
+        cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(decryptKey.getBytes(), "AES"));
+        byte[] decryptBytes = cipher.doFinal(encryptBytes);
+        return new String(decryptBytes);
+    }
+
+
+    /**
+     * 将base 64 code AES解密
+     *
+     * @param encryptStr 待解密的base 64 code
+     * @param decryptKey 解密密钥
+     * @return 解密后的string
+     * @throws Exception
+     */
+    public static String aesDecrypt(String encryptStr, String decryptKey) throws Exception {
+        return StringUtils.isEmpty(encryptStr) ? null : aesDecryptByBytes(base64Decode(encryptStr), decryptKey);
+    }
+}

+ 11 - 18
sp-service/sp-admin/src/main/java/com/pj/project/app_user/AppUserService.java

@@ -1,20 +1,12 @@
 package com.pj.project.app_user;
 package com.pj.project.app_user;
 
 
-import java.text.SimpleDateFormat;
-import java.util.Date;
-import java.util.List;
-import java.util.Map;
-import java.util.Random;
-import java.util.stream.Collectors;
-
 import cn.dev33.satoken.spring.SpringMVCUtil;
 import cn.dev33.satoken.spring.SpringMVCUtil;
-import cn.dev33.satoken.stp.StpUtil;
 import cn.hutool.core.util.RandomUtil;
 import cn.hutool.core.util.RandomUtil;
 import cn.hutool.json.JSONUtil;
 import cn.hutool.json.JSONUtil;
-import cn.hutool.log.StaticLog;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
-import com.pj.api.client.admin.AdminInterface;
+import com.baomidou.mybatisplus.extension.service.IService;
+import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import com.pj.api.client.level_one_server.LevelOneServerInterface;
 import com.pj.api.client.level_one_server.LevelOneServerInterface;
 import com.pj.api.client.level_two_server.LevelTwoServerInterface;
 import com.pj.api.client.level_two_server.LevelTwoServerInterface;
 import com.pj.api.client.transport.TransportInterface;
 import com.pj.api.client.transport.TransportInterface;
@@ -26,7 +18,6 @@ import com.pj.current.satoken.StpAPPUserUtil;
 import com.pj.current.satoken.StpUserUtil;
 import com.pj.current.satoken.StpUserUtil;
 import com.pj.enummj.DeleteStatus;
 import com.pj.enummj.DeleteStatus;
 import com.pj.enummj.IsLock;
 import com.pj.enummj.IsLock;
-import com.pj.enummj.Status;
 import com.pj.project.app_user.dto.ForgetPasswordDto;
 import com.pj.project.app_user.dto.ForgetPasswordDto;
 import com.pj.project.app_user.dto.LoginDto;
 import com.pj.project.app_user.dto.LoginDto;
 import com.pj.project.app_user.dto.PassDto;
 import com.pj.project.app_user.dto.PassDto;
@@ -37,23 +28,23 @@ import com.pj.project.app_user_login_log.AppUserLoginLogService;
 import com.pj.project.re_role_menu.ReRoleMenu;
 import com.pj.project.re_role_menu.ReRoleMenu;
 import com.pj.project.re_role_menu.ReRoleMenuMapper;
 import com.pj.project.re_role_menu.ReRoleMenuMapper;
 import com.pj.retry.SmsRetryService;
 import com.pj.retry.SmsRetryService;
-import com.pj.sms.factory.SmsFactory;
+import com.pj.utils.Aes;
 import com.pj.utils.cache.RedisUtil;
 import com.pj.utils.cache.RedisUtil;
 import com.pj.utils.sg.AjaxError;
 import com.pj.utils.sg.AjaxError;
 import com.pj.utils.sg.AjaxJson;
 import com.pj.utils.sg.AjaxJson;
 import com.pj.utils.sg.WebNbUtil;
 import com.pj.utils.sg.WebNbUtil;
 import com.pj.utils.so.SoMap;
 import com.pj.utils.so.SoMap;
 import lombok.extern.slf4j.Slf4j;
 import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.BeanUtils;
 import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
 import org.springframework.stereotype.Service;
-import com.baomidou.mybatisplus.extension.service.IService;
-import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import org.springframework.transaction.annotation.Transactional;
 import org.springframework.transaction.annotation.Transactional;
 
 
-import javax.annotation.Resource;
+import java.util.Date;
+import java.util.List;
+import java.util.Map;
+import java.util.stream.Collectors;
 
 
 
 
 /**
 /**
@@ -215,6 +206,7 @@ public class AppUserService extends ServiceImpl<AppUserMapper, AppUser> implemen
      */
      */
     boolean register(RegisterDto registerDto) {
     boolean register(RegisterDto registerDto) {
         if (registerDto == null) return false;
         if (registerDto == null) return false;
+        registerDto.setPhone(Aes.aesDecrypt(registerDto.getPhone()));
         //手机号去重
         //手机号去重
         String phone = registerDto.getPhone();
         String phone = registerDto.getPhone();
         if (appUserMapper.selectList(new LambdaQueryWrapper<AppUser>().eq(AppUser::getPhone, phone).eq(AppUser::getDeleteStatus, DeleteStatus.DELETE_STATUS_ON.getCode())).size() != 0)
         if (appUserMapper.selectList(new LambdaQueryWrapper<AppUser>().eq(AppUser::getPhone, phone).eq(AppUser::getDeleteStatus, DeleteStatus.DELETE_STATUS_ON.getCode())).size() != 0)
@@ -240,7 +232,7 @@ public class AppUserService extends ServiceImpl<AppUserMapper, AppUser> implemen
         //注册身份
         //注册身份
         appUser.setUserType(registerDto.getType());
         appUser.setUserType(registerDto.getType());
         //加密并设置登陆密码
         //加密并设置登陆密码
-        String password = registerDto.getPassword();
+        String password =Aes.aesDecrypt(registerDto.getPassword());
         String encode = passwordEncoder.encode(password);
         String encode = passwordEncoder.encode(password);
         appUser.setPassword(encode);
         appUser.setPassword(encode);
         //创建单位
         //创建单位
@@ -261,6 +253,7 @@ public class AppUserService extends ServiceImpl<AppUserMapper, AppUser> implemen
      * 用户登录
      * 用户登录
      */
      */
     AjaxJson login(LoginDto dto) {
     AjaxJson login(LoginDto dto) {
+        dto.setPhone(Aes.aesDecrypt(dto.getPhone()));
         //登陆日志信息
         //登陆日志信息
         AppUserLoginLog loginLog = new AppUserLoginLog();
         AppUserLoginLog loginLog = new AppUserLoginLog();
         BeanUtils.copyProperties(dto, loginLog);
         BeanUtils.copyProperties(dto, loginLog);
@@ -286,7 +279,7 @@ public class AppUserService extends ServiceImpl<AppUserMapper, AppUser> implemen
         AppUser appUser = userList.get(0);
         AppUser appUser = userList.get(0);
         //比对密码
         //比对密码
         String userPassword = appUser.getPassword();
         String userPassword = appUser.getPassword();
-        boolean matches = passwordEncoder.matches(dto.getPassword(), userPassword);
+        boolean matches = passwordEncoder.matches(Aes.aesDecrypt(dto.getPassword()),userPassword);
         if (!matches) {
         if (!matches) {
             loginLog.setStatus("1");
             loginLog.setStatus("1");
             appUserLoginLogService.save(loginLog);
             appUserLoginLogService.save(loginLog);