feat: 登录时，对用户名密码加密

1ef96535 · taojinlong · 042f4472 · 1ef96535 · 1ef96535 · 1ef96535
--- a/backend/src/main/java/io/dataease/auth/api/AuthApi.java
+++ b/backend/src/main/java/io/dataease/auth/api/AuthApi.java
@@ -5,6 +5,7 @@ import io.dataease.auth.api.dto.CurrentUserDto;
 import io.dataease.auth.api.dto.LoginDto;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
+import org.springframework.web.bind.annotation.GetMapping;
 import springfox.documentation.annotations.ApiIgnore;

 import org.springframework.web.bind.annotation.PostMapping;
@@ -55,4 +56,8 @@ public interface AuthApi {
    @PostMapping("/isPluginLoaded")
    boolean isPluginLoaded();

+    @ApiIgnore
+    @GetMapping("/getPublicKey")
+    String getPublicKey();
+
 }
--- a/backend/src/main/java/io/dataease/auth/server/AuthServer.java
+++ b/backend/src/main/java/io/dataease/auth/server/AuthServer.java
@@ -10,10 +10,7 @@ import io.dataease.auth.entity.TokenInfo;
 import io.dataease.auth.service.AuthUserService;
 import io.dataease.auth.util.JWTUtils;
 import io.dataease.auth.util.RsaUtil;
-import io.dataease.commons.utils.BeanUtils;
-import io.dataease.commons.utils.CodingUtil;
-import io.dataease.commons.utils.LogUtil;
-import io.dataease.commons.utils.ServletUtils;
+import io.dataease.commons.utils.*;
 import io.dataease.controller.sys.request.LdapAddRequest;
 import io.dataease.exception.DataEaseException;
 import io.dataease.i18n.Translator;
@@ -55,10 +52,9 @@ public class AuthServer implements AuthApi {

    @Override
    public Object login(@RequestBody LoginDto loginDto) throws Exception {
-        String username = loginDto.getUsername();
-        String password = loginDto.getPassword();
+        String username = RsaUtil.decryptByPrivateKey(RsaProperties.privateKey, loginDto.getUsername());;
+        String pwd = RsaUtil.decryptByPrivateKey(RsaProperties.privateKey, loginDto.getPassword());

-        String pwd = RsaUtil.decryptByPrivateKey(RsaProperties.privateKey, password);
        // 增加ldap登录方式
        Integer loginType = loginDto.getLoginType();
        boolean isSupportLdap = authUserService.supportLdap();
@@ -191,8 +187,11 @@ public class AuthServer implements AuthApi {
        return authUserService.pluginLoaded();
    }

-    
-    
+
+    @Override
+    public String getPublicKey() {
+        return RsaProperties.publicKey;
+    }
    

    /*@Override

--- a/backend/src/main/java/io/dataease/auth/service/impl/ShiroServiceImpl.java
+++ b/backend/src/main/java/io/dataease/auth/service/impl/ShiroServiceImpl.java
@@ -60,6 +60,7 @@ public class ShiroServiceImpl implements ShiroService {
        filterChainDefinitionMap.put("/api/auth/validateName", ANON);
        filterChainDefinitionMap.put("/api/auth/isOpenLdap", ANON);
        filterChainDefinitionMap.put("/api/auth/isOpenOidc", ANON);
+        filterChainDefinitionMap.put("/api/auth/getPublicKey", ANON);
        filterChainDefinitionMap.put("/api/pluginCommon/component/*", ANON);
        filterChainDefinitionMap.put("/plugin/oidc/authInfo", ANON);
        filterChainDefinitionMap.put("/sso/callBack*", ANON);

--- a/backend/src/main/java/io/dataease/commons/utils/RsaKey.java
+++ b/backend/src/main/java/io/dataease/commons/utils/RsaKey.java
-package io.dataease.commons.utils;
-
-import lombok.Getter;
-import lombok.Setter;
-
-@Setter
-@Getter
-public class RsaKey {
-
-    //公钥
-    private String publicKey;
-
-    //私钥
-    private String privateKey;
-
-}
\ No newline at end of file
--- a/backend/src/main/java/io/dataease/commons/utils/RsaUtil.java
+++ b/backend/src/main/java/io/dataease/commons/utils/RsaUtil.java
-package io.dataease.commons.utils;
-
-import org.apache.commons.codec.binary.Base64;
-
-import javax.crypto.Cipher;
-import java.io.ByteArrayOutputStream;
-import java.security.*;
-import java.security.interfaces.RSAPrivateKey;
-import java.security.interfaces.RSAPublicKey;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-
-public class RsaUtil {
-
-    public static final String CHARSET = "UTF-8";
-    public static final String RSA_ALGORITHM = "RSA";
-
-
-    /**
-     * 创建RSA 公钥-私钥
-     */
-    public static RsaKey createKeys() throws NoSuchAlgorithmException {
-        return createKeys(1024);
-    }
-
-    /**
-     * 创建RSA 公钥-私钥
-     */
-    public static RsaKey createKeys(int keySize) throws NoSuchAlgorithmException {
-        //为RSA算法创建一个KeyPairGenerator对象
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance(RSA_ALGORITHM);
-
-        //初始化KeyPairGenerator对象,密钥长度
-        kpg.initialize(keySize);
-        //生成密匙对
-        KeyPair keyPair = kpg.generateKeyPair();
-
-        //得到公钥
-        Key publicKey = keyPair.getPublic();
-
-        String publicKeyStr = new String(Base64.encodeBase64(publicKey.getEncoded()));
-
-        //得到私钥
-        Key privateKey = keyPair.getPrivate();
-        String privateKeyStr = new String(Base64.encodeBase64(privateKey.getEncoded()));
-
-        RsaKey rsaKey = new RsaKey();
-        rsaKey.setPublicKey(publicKeyStr);
-        rsaKey.setPrivateKey(privateKeyStr);
-
-        return rsaKey;
-    }
-
-
-    /**
-     * 公钥加密
-     *
-     * @param originalText 原文
-     * @param publicKey    公钥
-     */
-    public static String publicEncrypt(String originalText, String publicKey) throws NoSuchAlgorithmException {
-        RSAPublicKey rsaPublicKey = getPublicKey(publicKey);
-        return publicEncrypt(originalText, rsaPublicKey);
-    }
-
-    /**
-     * 公钥解密
-     *
-     * @param cipherText 密文
-     * @param publicKey  公钥
-     */
-    public static String publicDecrypt(String cipherText, String publicKey) throws NoSuchAlgorithmException {
-        RSAPublicKey rsaPublicKey = getPublicKey(publicKey);
-        return publicDecrypt(cipherText, rsaPublicKey);
-    }
-
-    /**
-     * 私钥加密
-     *
-     * @param originalText 原文
-     * @param privateKey   私钥
-     */
-    public static String privateEncrypt(String originalText, String privateKey) throws NoSuchAlgorithmException {
-        RSAPrivateKey rsaPrivateKey = getPrivateKey(privateKey);
-        return privateEncrypt(originalText, rsaPrivateKey);
-    }
-
-
-    /**
-     * 私钥解密
-     *
-     * @param cipherText 密文
-     * @param privateKey 私钥
-     */
-    public static String privateDecrypt(String cipherText, String privateKey) throws NoSuchAlgorithmException {
-        RSAPrivateKey rsaPrivateKey = getPrivateKey(privateKey);
-        return privateDecrypt(cipherText, rsaPrivateKey);
-    }
-
-
-    /**
-     * 得到公钥
-     *
-     * @param publicKey 密钥字符串（经过base64编码）
-     */
-    private static RSAPublicKey getPublicKey(String publicKey) throws NoSuchAlgorithmException {
-        //通过X509编码的Key指令获得公钥对象
-        KeyFactory keyFactory = KeyFactory.getInstance(RSA_ALGORITHM);
-
-        X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(Base64.decodeBase64(publicKey));
-        RSAPublicKey key = null;
-        try {
-            key = (RSAPublicKey) keyFactory.generatePublic(x509KeySpec);
-        } catch (InvalidKeySpecException e) {
-            e.printStackTrace();
-        }
-        return key;
-    }
-
-    /**
-     * 公钥加密
-     *
-     * @param originalText 原文
-     * @param publicKey    公钥
-     */
-    private static String publicEncrypt(String originalText, RSAPublicKey publicKey) {
-        try {
-            Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
-            cipher.init(Cipher.ENCRYPT_MODE, publicKey);
-            return Base64.encodeBase64URLSafeString(rsaSplitCodec(cipher, Cipher.ENCRYPT_MODE, originalText.getBytes(CHARSET), publicKey.getModulus().bitLength()));
-        } catch (Exception e) {
-            throw new RuntimeException("加密字符串[" + originalText + "]时遇到异常", e);
-        }
-    }
-
-    /**
-     * 得到私钥
-     *
-     * @param privateKey 密钥字符串（经过base64编码）
-     */
-    private static RSAPrivateKey getPrivateKey(String privateKey) throws NoSuchAlgorithmException {
-        //通过PKCS#8编码的Key指令获得私钥对象
-        KeyFactory keyFactory = KeyFactory.getInstance(RSA_ALGORITHM);
-
-        PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(Base64.decodeBase64(privateKey));
-        RSAPrivateKey key = null;
-        try {
-            key = (RSAPrivateKey) keyFactory.generatePrivate(pkcs8KeySpec);
-        } catch (InvalidKeySpecException e) {
-            e.printStackTrace();
-        }
-        return key;
-    }
-
-
-    /**
-     * 私钥解密
-     *
-     * @param cipherText 密文
-     * @param privateKey 私钥
-     */
-
-    private static String privateDecrypt(String cipherText, RSAPrivateKey privateKey) {
-        try {
-            Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
-            cipher.init(Cipher.DECRYPT_MODE, privateKey);
-            return new String(rsaSplitCodec(cipher, Cipher.DECRYPT_MODE, Base64.decodeBase64(cipherText), privateKey.getModulus().bitLength()), CHARSET);
-        } catch (Exception e) {
-            throw new RuntimeException("解密字符串[" + cipherText + "]时遇到异常", e);
-        }
-    }
-
-    private static String privateEncrypt(String originalText, RSAPrivateKey privateKey) {
-        try {
-            Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
-            cipher.init(Cipher.ENCRYPT_MODE, privateKey);
-            return Base64.encodeBase64URLSafeString(rsaSplitCodec(cipher, Cipher.ENCRYPT_MODE, originalText.getBytes(CHARSET), privateKey.getModulus().bitLength()));
-        } catch (Exception e) {
-            throw new RuntimeException("加密字符串[" + originalText + "]时遇到异常", e);
-        }
-    }
-
-
-    private static String publicDecrypt(String cipherText, RSAPublicKey publicKey) {
-        try {
-            Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
-            cipher.init(Cipher.DECRYPT_MODE, publicKey);
-            return new String(rsaSplitCodec(cipher, Cipher.DECRYPT_MODE, Base64.decodeBase64(cipherText), publicKey.getModulus().bitLength()), CHARSET);
-        } catch (Exception e) {
-            throw new RuntimeException("解密字符串[" + cipherText + "]时遇到异常", e);
-        }
-    }
-
-    private static byte[] rsaSplitCodec(Cipher cipher, int opmode, byte[] datas, int keySize) {
-        int maxBlock;
-        if (opmode == Cipher.DECRYPT_MODE) {
-            maxBlock = keySize / 8;
-        } else {
-            maxBlock = keySize / 8 - 11;
-        }
-        int offSet = 0;
-        byte[] buff;
-        int i = 0;
-        try (
-                ByteArrayOutputStream out = new ByteArrayOutputStream()
-        ) {
-            while (datas.length > offSet) {
-                if (datas.length - offSet > maxBlock) {
-                    buff = cipher.doFinal(datas, offSet, maxBlock);
-                } else {
-                    buff = cipher.doFinal(datas, offSet, datas.length - offSet);
-                }
-                out.write(buff, 0, buff.length);
-                i++;
-                offSet = i * maxBlock;
-            }
-            return out.toByteArray();
-        } catch (Exception e) {
-            throw new RuntimeException("加解密阀值为[" + maxBlock + "]的数据时发生异常", e);
-        }
-    }
-
-}
\ No newline at end of file
--- a/frontend/src/api/user.js
+++ b/frontend/src/api/user.js
@@ -71,3 +71,10 @@ export function pluginLoaded() {
    method: 'post'
  })
 }
+
+export function getPublicKey() {
+  return request({
+    url: '/api/auth/getPublicKey',
+    method: 'get'
+  })
+}
--- a/frontend/src/utils/rsaEncrypt.js
+++ b/frontend/src/utils/rsaEncrypt.js
@@ -16,6 +16,7 @@ const privateKey = 'MIIBUwIBADANBgkqhkiG9w0BAQEFAASCAT0wggE5AgEAAkEA0vfvyTdGJkdb

 // 加密
 export function encrypt(txt) {
+  let publicKey = localStorage.getItem("publicKey");
  const encryptor = new JSEncrypt()
  encryptor.setPublicKey(publicKey) // 设置公钥
  return encryptor.encrypt(txt) // 对需要加密的数据进行加密
@@ -28,3 +29,4 @@ export function decrypt(txt) {
  return encryptor.decrypt(txt)
 }

+
--- a/frontend/src/views/login/index.vue
+++ b/frontend/src/views/login/index.vue
@@ -63,10 +63,11 @@
 <script>

 import { encrypt } from '@/utils/rsaEncrypt'
-import { ldapStatus, oidcStatus } from '@/api/user'
+import { ldapStatus, oidcStatus, getPublicKey } from '@/api/user'
 import { getSysUI } from '@/utils/auth'
 import PluginCom from '@/views/system/plugin/PluginCom'
 import Cookies from 'js-cookie'
+import store from "@/store";
 export default {
  name: 'Login',
  components: { PluginCom },
@@ -116,6 +117,12 @@ export default {
        this.loginTypes.push(2)
      }
    })
+    getPublicKey().then(res => {
+      if (res.success && res.data) {
+        // 保存公钥
+        localStorage.setItem('publicKey', res.data)
+      }
+    })
  },
  created() {
    this.$store.dispatch('user/getUI').then(() => {
@@ -162,11 +169,12 @@ export default {
        if (valid) {
          this.loading = true
          const user = {
-            username: this.loginForm.username,
-            password: this.loginForm.password,
+            username: encrypt(this.loginForm.username),
+            password: encrypt(this.loginForm.password),
            loginType: this.loginForm.loginType
          }
-          user.password = encrypt(user.password)
+          let publicKey = localStorage.getItem("publicKey");
+          console.log(publicKey)
          this.$store.dispatch('user/login', user).then(() => {
            this.$router.push({ path: this.redirect || '/' })
            this.loading = false