提交 1ef96535 authored 作者: taojinlong's avatar taojinlong

feat: 登录时,对用户名密码加密

上级 042f4472
......@@ -5,6 +5,7 @@ import io.dataease.auth.api.dto.CurrentUserDto;
import io.dataease.auth.api.dto.LoginDto;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.springframework.web.bind.annotation.GetMapping;
import springfox.documentation.annotations.ApiIgnore;
import org.springframework.web.bind.annotation.PostMapping;
......@@ -55,4 +56,8 @@ public interface AuthApi {
@PostMapping("/isPluginLoaded")
boolean isPluginLoaded();
@ApiIgnore
@GetMapping("/getPublicKey")
String getPublicKey();
}
......@@ -10,10 +10,7 @@ import io.dataease.auth.entity.TokenInfo;
import io.dataease.auth.service.AuthUserService;
import io.dataease.auth.util.JWTUtils;
import io.dataease.auth.util.RsaUtil;
import io.dataease.commons.utils.BeanUtils;
import io.dataease.commons.utils.CodingUtil;
import io.dataease.commons.utils.LogUtil;
import io.dataease.commons.utils.ServletUtils;
import io.dataease.commons.utils.*;
import io.dataease.controller.sys.request.LdapAddRequest;
import io.dataease.exception.DataEaseException;
import io.dataease.i18n.Translator;
......@@ -55,10 +52,9 @@ public class AuthServer implements AuthApi {
@Override
public Object login(@RequestBody LoginDto loginDto) throws Exception {
String username = loginDto.getUsername();
String password = loginDto.getPassword();
String username = RsaUtil.decryptByPrivateKey(RsaProperties.privateKey, loginDto.getUsername());;
String pwd = RsaUtil.decryptByPrivateKey(RsaProperties.privateKey, loginDto.getPassword());
String pwd = RsaUtil.decryptByPrivateKey(RsaProperties.privateKey, password);
// 增加ldap登录方式
Integer loginType = loginDto.getLoginType();
boolean isSupportLdap = authUserService.supportLdap();
......@@ -191,8 +187,11 @@ public class AuthServer implements AuthApi {
return authUserService.pluginLoaded();
}
@Override
public String getPublicKey() {
return RsaProperties.publicKey;
}
/*@Override
......
......@@ -60,6 +60,7 @@ public class ShiroServiceImpl implements ShiroService {
filterChainDefinitionMap.put("/api/auth/validateName", ANON);
filterChainDefinitionMap.put("/api/auth/isOpenLdap", ANON);
filterChainDefinitionMap.put("/api/auth/isOpenOidc", ANON);
filterChainDefinitionMap.put("/api/auth/getPublicKey", ANON);
filterChainDefinitionMap.put("/api/pluginCommon/component/*", ANON);
filterChainDefinitionMap.put("/plugin/oidc/authInfo", ANON);
filterChainDefinitionMap.put("/sso/callBack*", ANON);
......
package io.dataease.commons.utils;
import lombok.Getter;
import lombok.Setter;
@Setter
@Getter
public class RsaKey {
//公钥
private String publicKey;
//私钥
private String privateKey;
}
\ No newline at end of file
package io.dataease.commons.utils;
import org.apache.commons.codec.binary.Base64;
import javax.crypto.Cipher;
import java.io.ByteArrayOutputStream;
import java.security.*;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
public class RsaUtil {
public static final String CHARSET = "UTF-8";
public static final String RSA_ALGORITHM = "RSA";
/**
* 创建RSA 公钥-私钥
*/
public static RsaKey createKeys() throws NoSuchAlgorithmException {
return createKeys(1024);
}
/**
* 创建RSA 公钥-私钥
*/
public static RsaKey createKeys(int keySize) throws NoSuchAlgorithmException {
//为RSA算法创建一个KeyPairGenerator对象
KeyPairGenerator kpg = KeyPairGenerator.getInstance(RSA_ALGORITHM);
//初始化KeyPairGenerator对象,密钥长度
kpg.initialize(keySize);
//生成密匙对
KeyPair keyPair = kpg.generateKeyPair();
//得到公钥
Key publicKey = keyPair.getPublic();
String publicKeyStr = new String(Base64.encodeBase64(publicKey.getEncoded()));
//得到私钥
Key privateKey = keyPair.getPrivate();
String privateKeyStr = new String(Base64.encodeBase64(privateKey.getEncoded()));
RsaKey rsaKey = new RsaKey();
rsaKey.setPublicKey(publicKeyStr);
rsaKey.setPrivateKey(privateKeyStr);
return rsaKey;
}
/**
* 公钥加密
*
* @param originalText 原文
* @param publicKey 公钥
*/
public static String publicEncrypt(String originalText, String publicKey) throws NoSuchAlgorithmException {
RSAPublicKey rsaPublicKey = getPublicKey(publicKey);
return publicEncrypt(originalText, rsaPublicKey);
}
/**
* 公钥解密
*
* @param cipherText 密文
* @param publicKey 公钥
*/
public static String publicDecrypt(String cipherText, String publicKey) throws NoSuchAlgorithmException {
RSAPublicKey rsaPublicKey = getPublicKey(publicKey);
return publicDecrypt(cipherText, rsaPublicKey);
}
/**
* 私钥加密
*
* @param originalText 原文
* @param privateKey 私钥
*/
public static String privateEncrypt(String originalText, String privateKey) throws NoSuchAlgorithmException {
RSAPrivateKey rsaPrivateKey = getPrivateKey(privateKey);
return privateEncrypt(originalText, rsaPrivateKey);
}
/**
* 私钥解密
*
* @param cipherText 密文
* @param privateKey 私钥
*/
public static String privateDecrypt(String cipherText, String privateKey) throws NoSuchAlgorithmException {
RSAPrivateKey rsaPrivateKey = getPrivateKey(privateKey);
return privateDecrypt(cipherText, rsaPrivateKey);
}
/**
* 得到公钥
*
* @param publicKey 密钥字符串(经过base64编码)
*/
private static RSAPublicKey getPublicKey(String publicKey) throws NoSuchAlgorithmException {
//通过X509编码的Key指令获得公钥对象
KeyFactory keyFactory = KeyFactory.getInstance(RSA_ALGORITHM);
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(Base64.decodeBase64(publicKey));
RSAPublicKey key = null;
try {
key = (RSAPublicKey) keyFactory.generatePublic(x509KeySpec);
} catch (InvalidKeySpecException e) {
e.printStackTrace();
}
return key;
}
/**
* 公钥加密
*
* @param originalText 原文
* @param publicKey 公钥
*/
private static String publicEncrypt(String originalText, RSAPublicKey publicKey) {
try {
Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
return Base64.encodeBase64URLSafeString(rsaSplitCodec(cipher, Cipher.ENCRYPT_MODE, originalText.getBytes(CHARSET), publicKey.getModulus().bitLength()));
} catch (Exception e) {
throw new RuntimeException("加密字符串[" + originalText + "]时遇到异常", e);
}
}
/**
* 得到私钥
*
* @param privateKey 密钥字符串(经过base64编码)
*/
private static RSAPrivateKey getPrivateKey(String privateKey) throws NoSuchAlgorithmException {
//通过PKCS#8编码的Key指令获得私钥对象
KeyFactory keyFactory = KeyFactory.getInstance(RSA_ALGORITHM);
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(Base64.decodeBase64(privateKey));
RSAPrivateKey key = null;
try {
key = (RSAPrivateKey) keyFactory.generatePrivate(pkcs8KeySpec);
} catch (InvalidKeySpecException e) {
e.printStackTrace();
}
return key;
}
/**
* 私钥解密
*
* @param cipherText 密文
* @param privateKey 私钥
*/
private static String privateDecrypt(String cipherText, RSAPrivateKey privateKey) {
try {
Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, privateKey);
return new String(rsaSplitCodec(cipher, Cipher.DECRYPT_MODE, Base64.decodeBase64(cipherText), privateKey.getModulus().bitLength()), CHARSET);
} catch (Exception e) {
throw new RuntimeException("解密字符串[" + cipherText + "]时遇到异常", e);
}
}
private static String privateEncrypt(String originalText, RSAPrivateKey privateKey) {
try {
Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
cipher.init(Cipher.ENCRYPT_MODE, privateKey);
return Base64.encodeBase64URLSafeString(rsaSplitCodec(cipher, Cipher.ENCRYPT_MODE, originalText.getBytes(CHARSET), privateKey.getModulus().bitLength()));
} catch (Exception e) {
throw new RuntimeException("加密字符串[" + originalText + "]时遇到异常", e);
}
}
private static String publicDecrypt(String cipherText, RSAPublicKey publicKey) {
try {
Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, publicKey);
return new String(rsaSplitCodec(cipher, Cipher.DECRYPT_MODE, Base64.decodeBase64(cipherText), publicKey.getModulus().bitLength()), CHARSET);
} catch (Exception e) {
throw new RuntimeException("解密字符串[" + cipherText + "]时遇到异常", e);
}
}
private static byte[] rsaSplitCodec(Cipher cipher, int opmode, byte[] datas, int keySize) {
int maxBlock;
if (opmode == Cipher.DECRYPT_MODE) {
maxBlock = keySize / 8;
} else {
maxBlock = keySize / 8 - 11;
}
int offSet = 0;
byte[] buff;
int i = 0;
try (
ByteArrayOutputStream out = new ByteArrayOutputStream()
) {
while (datas.length > offSet) {
if (datas.length - offSet > maxBlock) {
buff = cipher.doFinal(datas, offSet, maxBlock);
} else {
buff = cipher.doFinal(datas, offSet, datas.length - offSet);
}
out.write(buff, 0, buff.length);
i++;
offSet = i * maxBlock;
}
return out.toByteArray();
} catch (Exception e) {
throw new RuntimeException("加解密阀值为[" + maxBlock + "]的数据时发生异常", e);
}
}
}
\ No newline at end of file
......@@ -71,3 +71,10 @@ export function pluginLoaded() {
method: 'post'
})
}
export function getPublicKey() {
return request({
url: '/api/auth/getPublicKey',
method: 'get'
})
}
......@@ -16,6 +16,7 @@ const privateKey = 'MIIBUwIBADANBgkqhkiG9w0BAQEFAASCAT0wggE5AgEAAkEA0vfvyTdGJkdb
// 加密
export function encrypt(txt) {
let publicKey = localStorage.getItem("publicKey");
const encryptor = new JSEncrypt()
encryptor.setPublicKey(publicKey) // 设置公钥
return encryptor.encrypt(txt) // 对需要加密的数据进行加密
......@@ -28,3 +29,4 @@ export function decrypt(txt) {
return encryptor.decrypt(txt)
}
......@@ -63,10 +63,11 @@
<script>
import { encrypt } from '@/utils/rsaEncrypt'
import { ldapStatus, oidcStatus } from '@/api/user'
import { ldapStatus, oidcStatus, getPublicKey } from '@/api/user'
import { getSysUI } from '@/utils/auth'
import PluginCom from '@/views/system/plugin/PluginCom'
import Cookies from 'js-cookie'
import store from "@/store";
export default {
name: 'Login',
components: { PluginCom },
......@@ -116,6 +117,12 @@ export default {
this.loginTypes.push(2)
}
})
getPublicKey().then(res => {
if (res.success && res.data) {
// 保存公钥
localStorage.setItem('publicKey', res.data)
}
})
},
created() {
this.$store.dispatch('user/getUI').then(() => {
......@@ -162,11 +169,12 @@ export default {
if (valid) {
this.loading = true
const user = {
username: this.loginForm.username,
password: this.loginForm.password,
username: encrypt(this.loginForm.username),
password: encrypt(this.loginForm.password),
loginType: this.loginForm.loginType
}
user.password = encrypt(user.password)
let publicKey = localStorage.getItem("publicKey");
console.log(publicKey)
this.$store.dispatch('user/login', user).then(() => {
this.$router.push({ path: this.redirect || '/' })
this.loading = false
......
Markdown 格式
0%
您添加了 0 到此讨论。请谨慎行事。
请先完成此评论的编辑!
注册 或者 后发表评论