修改邮箱与修改密码传输的密码通过rsa加密传输

eladmin-common/src/main/java/me/zhengjie/exception/handler/GlobalExceptionHandler.java

@@ -8,6 +8,7 @@ import me.zhengjie.utils.ThrowableUtil;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.AccessDeniedException;
+import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.web.bind.MethodArgumentNotValidException;
 import org.springframework.web.bind.annotation.ExceptionHandler;
 import org.springframework.web.bind.annotation.RestControllerAdvice;
@@ -32,6 +33,17 @@ public class GlobalExceptionHandler {
         return buildResponseEntity(ApiError.error(e.getMessage()));
     }
 
+    /**
+     * BadCredentialsException
+     */
+    @ExceptionHandler(BadCredentialsException.class)
+    public ResponseEntity badCredentialsException(BadCredentialsException e){
+        // 打印堆栈信息
+        String message = "坏的凭证".equals(e.getMessage()) ? "用户名或密码不正确" : e.getMessage();
+        log.error(message);
+        return buildResponseEntity(ApiError.error(message));
+    }
+
     /**
      * 处理自定义异常
      */

eladmin-system/src/main/java/me/zhengjie/modules/system/rest/UserController.java

 package me.zhengjie.modules.system.rest;
 
+import cn.hutool.crypto.asymmetric.KeyType;
+import cn.hutool.crypto.asymmetric.RSA;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import me.zhengjie.aop.log.Log;
@@ -16,12 +18,11 @@ import me.zhengjie.modules.system.service.dto.UserQueryCriteria;
 import me.zhengjie.service.VerificationCodeService;
 import me.zhengjie.utils.*;
 import me.zhengjie.modules.system.service.UserService;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.data.domain.Pageable;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.prepost.PreAuthorize;
-import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.util.CollectionUtils;
 import org.springframework.util.ObjectUtils;
@@ -42,6 +43,8 @@ import java.util.stream.Collectors;
 @RequestMapping("/api/users")
 public class UserController {
 
+    @Value("${rsa.private_key}")
+    private String privateKey;
     private final PasswordEncoder passwordEncoder;
     private final UserService userService;
     private final DataScope dataScope;
@@ -106,6 +109,8 @@ public class UserController {
     @PreAuthorize("@el.check('user:add')")
     public ResponseEntity create(@Validated @RequestBody User resources){
         checkLevel(resources);
+        // 默认密码 123456
+        resources.setPassword(passwordEncoder.encode("123456"));
         return new ResponseEntity<>(userService.create(resources),HttpStatus.CREATED);
     }
 
@@ -150,14 +155,18 @@ public class UserController {
     @ApiOperation("修改密码")
     @PostMapping(value = "/updatePass")
     public ResponseEntity updatePass(@RequestBody UserPassVo passVo){
+        // 密码解密
+        RSA rsa = new RSA(privateKey, null);
+        String oldPass = new String(rsa.decrypt(passVo.getOldPass(), KeyType.PrivateKey));
+        String newPass = new String(rsa.decrypt(passVo.getNewPass(), KeyType.PrivateKey));
         UserDto user = userService.findByName(SecurityUtils.getUsername());
-        if(!passwordEncoder.matches(passVo.getOldPass(), user.getPassword())){
+        if(!passwordEncoder.matches(oldPass, user.getPassword())){
             throw new BadRequestException("修改失败，旧密码错误");
         }
-        if(passwordEncoder.matches(passVo.getNewPass(), user.getPassword())){
+        if(passwordEncoder.matches(newPass, user.getPassword())){
             throw new BadRequestException("新密码不能与旧密码相同");
         }
-        userService.updatePass(user.getUsername(),passwordEncoder.encode(passVo.getNewPass()));
+        userService.updatePass(user.getUsername(),passwordEncoder.encode(newPass));
         return new ResponseEntity(HttpStatus.OK);
     }
 
@@ -172,8 +181,11 @@ public class UserController {
     @ApiOperation("修改邮箱")
     @PostMapping(value = "/updateEmail/{code}")
     public ResponseEntity updateEmail(@PathVariable String code,@RequestBody User user){
+        // 密码解密
+        RSA rsa = new RSA(privateKey, null);
+        String password = new String(rsa.decrypt(user.getPassword(), KeyType.PrivateKey));
         UserDto userDto = userService.findByName(SecurityUtils.getUsername());
-        if(!passwordEncoder.matches(user.getPassword(), userDto.getPassword())){
+        if(!passwordEncoder.matches(password, userDto.getPassword())){
             throw new BadRequestException("密码错误");
         }
         VerificationCode verificationCode = new VerificationCode(code, ElAdminConstant.RESET_MAIL,"email",user.getEmail());

eladmin-system/src/main/java/me/zhengjie/modules/system/service/impl/UserServiceImpl.java

@@ -38,11 +38,8 @@ import java.util.stream.Collectors;
 public class UserServiceImpl implements UserService {
 
     private final UserRepository userRepository;
-
     private final UserMapper userMapper;
-
     private final RedisUtils redisUtils;
-
     private final UserAvatarRepository userAvatarRepository;
 
     @Value("${file.avatar}")
@@ -81,17 +78,12 @@ public class UserServiceImpl implements UserService {
     @CacheEvict(allEntries = true)
     @Transactional(rollbackFor = Exception.class)
     public UserDto create(User resources) {
-
         if(userRepository.findByUsername(resources.getUsername())!=null){
             throw new EntityExistException(User.class,"username",resources.getUsername());
         }
-
         if(userRepository.findByEmail(resources.getEmail())!=null){
             throw new EntityExistException(User.class,"email",resources.getEmail());
         }
-
-        // 默认密码 123456，此密码是加密后的字符
-        resources.setPassword("e10adc3949ba59abbe56e057f20f883e");
         return userMapper.toDto(userRepository.save(resources));
     }