Skip to content
GitLab
Commit 98f2db21 authored by dqjdda's avatar dqjdda
Browse files

前端rsa公钥加密传输登录密码,后端rsa私钥解密密码

parent 284c25a1
Hide whitespace changes
Inline Side-by-side
eladmin-system/src/main/java/me/zhengjie/modules/security/rest/AuthController.java
View file @ 98f2db21
package me.zhengjie.modules.security.rest; package me.zhengjie.modules.security.rest;
import cn.hutool.core.util.IdUtil; import cn.hutool.core.util.IdUtil;
import cn.hutool.crypto.asymmetric.KeyType;
import cn.hutool.crypto.asymmetric.RSA;
import com.wf.captcha.ArithmeticCaptcha; import com.wf.captcha.ArithmeticCaptcha;
import io.swagger.annotations.Api; import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiOperation;
...@@ -44,6 +46,8 @@ public class AuthController { ...@@ -44,6 +46,8 @@ public class AuthController {
@Value("${loginCode.expiration}") @Value("${loginCode.expiration}")
private Long expiration; private Long expiration;
@Value("${rsa.private_key}")
private String privateKey;
private final SecurityProperties properties; private final SecurityProperties properties;
private final RedisUtils redisUtils; private final RedisUtils redisUtils;
private final UserDetailsService userDetailsService; private final UserDetailsService userDetailsService;
...@@ -65,6 +69,9 @@ public class AuthController { ...@@ -65,6 +69,9 @@ public class AuthController {
@AnonymousAccess @AnonymousAccess
@PostMapping(value = "/login") @PostMapping(value = "/login")
public ResponseEntity login(@Validated @RequestBody AuthUser authUser, HttpServletRequest request){ public ResponseEntity login(@Validated @RequestBody AuthUser authUser, HttpServletRequest request){
// 密码解密
RSA rsa = new RSA(privateKey, null);
String password = new String(rsa.decrypt(authUser.getPassword(), KeyType.PrivateKey));
// 查询验证码 // 查询验证码
String code = (String) redisUtils.get(authUser.getUuid()); String code = (String) redisUtils.get(authUser.getUuid());
// 清除验证码 // 清除验证码
...@@ -76,7 +83,7 @@ public class AuthController { ...@@ -76,7 +83,7 @@ public class AuthController {
throw new BadRequestException("验证码错误"); throw new BadRequestException("验证码错误");
} }
UsernamePasswordAuthenticationToken authenticationToken = UsernamePasswordAuthenticationToken authenticationToken =
new UsernamePasswordAuthenticationToken(authUser.getUsername(), authUser.getPassword()); new UsernamePasswordAuthenticationToken(authUser.getUsername(), password);
Authentication authentication = authenticationManagerBuilder.getObject().authenticate(authenticationToken); Authentication authentication = authenticationManagerBuilder.getObject().authenticate(authenticationToken);
SecurityContextHolder.getContext().setAuthentication(authentication); SecurityContextHolder.getContext().setAuthentication(authentication);
......
eladmin-system/src/main/resources/config/application.yml
View file @ 98f2db21
...@@ -51,4 +51,8 @@ code: ...@@ -51,4 +51,8 @@ code:
#登录图形验证码有效时间/分钟 #登录图形验证码有效时间/分钟
loginCode: loginCode:
expiration: 2 expiration: 2
\ No newline at end of file
#密码加密传输,前端公钥加密,后端私钥解密
rsa:
private_key: MIIBUwIBADANBgkqhkiG9w0BAQEFAASCAT0wggE5AgEAAkEA0vfvyTdGJkdbHkB8mp0f3FE0GYP3AYPaJF7jUd1M0XxFSE2ceK3k2kw20YvQ09NJKk+OMjWQl9WitG9pB6tSCQIDAQABAkA2SimBrWC2/wvauBuYqjCFwLvYiRYqZKThUS3MZlebXJiLB+Ue/gUifAAKIg1avttUZsHBHrop4qfJCwAI0+YRAiEA+W3NK/RaXtnRqmoUUkb59zsZUBLpvZgQPfj1MhyHDz0CIQDYhsAhPJ3mgS64NbUZmGWuuNKp5coY2GIj/zYDMJp6vQIgUueLFXv/eZ1ekgz2Oi67MNCk5jeTF2BurZqNLR3MSmUCIFT3Q6uHMtsB9Eha4u7hS31tj1UWE+D+ADzp59MGnoftAiBeHT7gDMuqeJHPL4b+kC+gzV4FGTfhR9q3tTbklZkD2A==
\ No newline at end of file
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment