feat(security): 实现登录密码 RSA 加密解密

- 在前端登录时对密码进行加密 - 在后端登录接口中对加密后的密码进行解密 - 新增 RsaUtils 工具类，用于 RSA 加密解密 - 优化了登录流程，提高了密码安全性
3 weeks ago · b37bdfa14b
parent 4b66ef6900
commit b37bdfa14b
3 changed files with 254 additions and 86 deletions
--- a/os-admin/src/main/java/com/os/web/controller/system/SysLoginController.java
+++ b/os-admin/src/main/java/com/os/web/controller/system/SysLoginController.java
@ -1,86 +1,96 @@
-package com.os.web.controller.system;
+package com.os.web.controller.system;
-
+
-import java.util.List;
+import java.util.List;
-import java.util.Set;
+import java.util.Set;
-import org.springframework.beans.factory.annotation.Autowired;
+
-import org.springframework.web.bind.annotation.GetMapping;
+import com.os.common.exception.ServiceException;
-import org.springframework.web.bind.annotation.PostMapping;
+import com.os.common.utils.sign.RsaUtils;
-import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import com.os.common.constant.Constants;
+import org.springframework.web.bind.annotation.GetMapping;
-import com.os.common.core.domain.AjaxResult;
+import org.springframework.web.bind.annotation.PostMapping;
-import com.os.common.core.domain.entity.SysMenu;
+import org.springframework.web.bind.annotation.RequestBody;
-import com.os.common.core.domain.entity.SysUser;
+import org.springframework.web.bind.annotation.RestController;
-import com.os.common.core.domain.model.LoginBody;
+import com.os.common.constant.Constants;
-import com.os.common.utils.SecurityUtils;
+import com.os.common.core.domain.AjaxResult;
-import com.os.framework.web.service.SysLoginService;
+import com.os.common.core.domain.entity.SysMenu;
-import com.os.framework.web.service.SysPermissionService;
+import com.os.common.core.domain.entity.SysUser;
-import com.os.system.service.ISysMenuService;
+import com.os.common.core.domain.model.LoginBody;
-
+import com.os.common.utils.SecurityUtils;
-/**
+import com.os.framework.web.service.SysLoginService;
- * 登录验证
+import com.os.framework.web.service.SysPermissionService;
- * 
+import com.os.system.service.ISysMenuService;
- * @author ruoyi
+
- */
+/**
-@RestController
+ * 登录验证
-public class SysLoginController
+ * 
-{
+ * @author ruoyi
-    @Autowired
+ */
-    private SysLoginService loginService;
+@RestController
-
+public class SysLoginController
-    @Autowired
+{
-    private ISysMenuService menuService;
+    @Autowired
-
+    private SysLoginService loginService;
-    @Autowired
+
-    private SysPermissionService permissionService;
+    @Autowired
-
+    private ISysMenuService menuService;
-    /**
+
-     * 登录方法
+    @Autowired
-     * 
+    private SysPermissionService permissionService;
-     * @param loginBody 登录信息
+
-     * @return 结果
+    /**
-     */
+     * 登录方法
-    @PostMapping("/login")
+     * 
-    public AjaxResult login(@RequestBody LoginBody loginBody)
+     * @param loginBody 登录信息
-    {
+     * @return 结果
-        AjaxResult ajax = AjaxResult.success();
+     */
-        // 生成令牌
+// 关键代码 RsaUtils.decryptByPrivateKey(password)
-        String token = loginService.login(loginBody.getUsername(), loginBody.getPassword(), loginBody.getCode(),
+    @PostMapping("/login")
-                loginBody.getUuid());
+    public AjaxResult login(@RequestBody LoginBody loginBody)
-        ajax.put(Constants.TOKEN, token);
+    {
-        return ajax;
+        AjaxResult ajax = AjaxResult.success();
-    }
+        // 生成令牌
-
+        String token = null;
-    /**
+        try {
-     * 获取用户信息
+            token = loginService.login(loginBody.getUsername(),
-     * 
+                    RsaUtils.decryptByPrivateKey(loginBody.getPassword()), loginBody.getCode(), loginBody.getUuid());
-     * @return 用户信息
+        } catch (Exception e) {
-     */
+            throw new ServiceException(e.getMessage());
-    @GetMapping("getInfo")
+        }
-    public AjaxResult getInfo()
+        ajax.put(Constants.TOKEN, token);
-    {
+        return ajax;
-        SysUser user = SecurityUtils.getLoginUser().getUser();
+    }
-        // 角色集合
+
-        Set<String> roles = permissionService.getRolePermission(user);
+    /**
-        // 权限集合
+     * 获取用户信息
-        Set<String> permissions = permissionService.getMenuPermission(user);
+     * 
-        AjaxResult ajax = AjaxResult.success();
+     * @return 用户信息
-        ajax.put("user", user);
+     */
-        ajax.put("roles", roles);
+    @GetMapping("getInfo")
-        ajax.put("permissions", permissions);
+    public AjaxResult getInfo()
-        return ajax;
+    {
-    }
+        SysUser user = SecurityUtils.getLoginUser().getUser();
-
+        // 角色集合
-    /**
+        Set<String> roles = permissionService.getRolePermission(user);
-     * 获取路由信息
+        // 权限集合
-     * 
+        Set<String> permissions = permissionService.getMenuPermission(user);
-     * @return 路由信息
+        AjaxResult ajax = AjaxResult.success();
-     */
+        ajax.put("user", user);
-    @GetMapping("getRouters")
+        ajax.put("roles", roles);
-    public AjaxResult getRouters()
+        ajax.put("permissions", permissions);
-    {
+        return ajax;
-        Long userId = SecurityUtils.getUserId();
+    }
-        List<SysMenu> menus = menuService.selectMenuTreeByUserId(userId);
+
-        return AjaxResult.success(menuService.buildMenus(menus));
+    /**
-    }
+     * 获取路由信息
-}
+     * 
     * @return 路由信息
     */
    @GetMapping("getRouters")
    public AjaxResult getRouters()
    {
        Long userId = SecurityUtils.getUserId();
        List<SysMenu> menus = menuService.selectMenuTreeByUserId(userId);
        return AjaxResult.success(menuService.buildMenus(menus));
    }
 }
--- a/os-common/src/main/java/com/os/common/utils/sign/RsaUtils.java
+++ b/os-common/src/main/java/com/os/common/utils/sign/RsaUtils.java
@ -0,0 +1,153 @@
 package com.os.common.utils.sign;
 import org.apache.commons.codec.binary.Base64;
 import javax.crypto.Cipher;
 import java.security.*;
 import java.security.interfaces.RSAPrivateKey;
 import java.security.interfaces.RSAPublicKey;
 import java.security.spec.PKCS8EncodedKeySpec;
 import java.security.spec.X509EncodedKeySpec;
 /**
 * RSA加密解密
 *
 * @author ruoyi
 **/
 public class RsaUtils
 {
    // Rsa 私钥
    public static String privateKey = "MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEAqhHyZfSsYourNxaY"
            + "7Nt+PrgrxkiA50efORdI5U5lsW79MmFnusUA355oaSXcLhu5xxB38SMSyP2KvuKN"
            + "PuH3owIDAQABAkAfoiLyL+Z4lf4Myxk6xUDgLaWGximj20CUf+5BKKnlrK+Ed8gA"
            + "kM0HqoTt2UZwA5E2MzS4EI2gjfQhz5X28uqxAiEA3wNFxfrCZlSZHb0gn2zDpWow"
            + "cSxQAgiCstxGUoOqlW8CIQDDOerGKH5OmCJ4Z21v+F25WaHYPxCFMvwxpcw99Ecv"
            + "DQIgIdhDTIqD2jfYjPTY8Jj3EDGPbH2HHuffvflECt3Ek60CIQCFRlCkHpi7hthh"
            + "YhovyloRYsM+IS9h/0BzlEAuO0ktMQIgSPT3aFAgJYwKpqRYKlLDVcflZFCKY7u3"
            + "UP8iWi1Qw0Y=";
    /**
     * 私钥解密
     *
     * @param privateKeyString 私钥
     * @param text 待解密的文本
     * @return 解密后的文本
     */
    public static String decryptByPrivateKey(String text) throws Exception
    {
        return decryptByPrivateKey(privateKey, text);
    }
    /**
     * 公钥解密
     *
     * @param publicKeyString 公钥
     * @param text 待解密的信息
     * @return 解密后的文本
     */
    public static String decryptByPublicKey(String publicKeyString, String text) throws Exception
    {
        X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(Base64.decodeBase64(publicKeyString));
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec);
        Cipher cipher = Cipher.getInstance("RSA");
        cipher.init(Cipher.DECRYPT_MODE, publicKey);
        byte[] result = cipher.doFinal(Base64.decodeBase64(text));
        return new String(result);
    }
    /**
     * 私钥加密
     *
     * @param privateKeyString 私钥
     * @param text 待加密的信息
     * @return 加密后的文本
     */
    public static String encryptByPrivateKey(String privateKeyString, String text) throws Exception
    {
        PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(Base64.decodeBase64(privateKeyString));
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);
        Cipher cipher = Cipher.getInstance("RSA");
        cipher.init(Cipher.ENCRYPT_MODE, privateKey);
        byte[] result = cipher.doFinal(text.getBytes());
        return Base64.encodeBase64String(result);
    }
    /**
     * 私钥解密
     *
     * @param privateKeyString 私钥
     * @param text 待解密的文本
     * @return 解密后的文本
     */
    public static String decryptByPrivateKey(String privateKeyString, String text) throws Exception
    {
        PKCS8EncodedKeySpec pkcs8EncodedKeySpec5 = new PKCS8EncodedKeySpec(Base64.decodeBase64(privateKeyString));
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec5);
        Cipher cipher = Cipher.getInstance("RSA");
        cipher.init(Cipher.DECRYPT_MODE, privateKey);
        byte[] result = cipher.doFinal(Base64.decodeBase64(text));
        return new String(result);
    }
    /**
     * 公钥加密
     *
     * @param publicKeyString 公钥
     * @param text 待加密的文本
     * @return 加密后的文本
     */
    public static String encryptByPublicKey(String publicKeyString, String text) throws Exception
    {
        X509EncodedKeySpec x509EncodedKeySpec2 = new X509EncodedKeySpec(Base64.decodeBase64(publicKeyString));
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec2);
        Cipher cipher = Cipher.getInstance("RSA");
        cipher.init(Cipher.ENCRYPT_MODE, publicKey);
        byte[] result = cipher.doFinal(text.getBytes());
        return Base64.encodeBase64String(result);
    }
    /**
     * 构建RSA密钥对
     *
     * @return 生成后的公私钥信息
     */
    public static RsaKeyPair generateKeyPair() throws NoSuchAlgorithmException
    {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(1024);
        KeyPair keyPair = keyPairGenerator.generateKeyPair();
        RSAPublicKey rsaPublicKey = (RSAPublicKey) keyPair.getPublic();
        RSAPrivateKey rsaPrivateKey = (RSAPrivateKey) keyPair.getPrivate();
        String publicKeyString = Base64.encodeBase64String(rsaPublicKey.getEncoded());
        String privateKeyString = Base64.encodeBase64String(rsaPrivateKey.getEncoded());
        return new RsaKeyPair(publicKeyString, privateKeyString);
    }
    /**
     * RSA密钥对对象
     */
    public static class RsaKeyPair
    {
        private final String publicKey;
        private final String privateKey;
        public RsaKeyPair(String publicKey, String privateKey)
        {
            this.publicKey = publicKey;
            this.privateKey = privateKey;
        }
        public String getPublicKey()
        {
            return publicKey;
        }
        public String getPrivateKey()
        {
            return privateKey;
        }
    }
 }
--- a/麒麟系统环境部署命令/5.txt
+++ b/麒麟系统环境部署命令/5.txt
@ -1,3 +1,8 @@
 [root@localhost ~]# rm -rf /media/tao_iot/dist
 [root@localhost ~]# rm -rf /media/tao_iot/haiwei-admin.jar
 [root@localhost ~]# mkdir -p /media/tao_iot/dist
 [root@localhost ~]# unzip -oq dist.zip -d /media/tao_iot/dist
 [root@localhost ~]# unzip -oq dist.zip -d /media/tao_iot/dist
 unzip:  cannot find or open dist.zip, dist.zip.zip or dist.zip.ZIP.
 [root@localhost ~]# cd /media/tao_iot