From 1af9fe733a536902092553c192251d6e59002aa4 Mon Sep 17 00:00:00 2001
From: fengshuonan <sn93@qq.com>
Date: Sun, 25 Jun 2023 08:55:58 +0800
Subject: [PATCH] =?UTF-8?q?=E3=80=907.6.0=E3=80=91=E3=80=90sys=E3=80=91?=
 =?UTF-8?q?=E3=80=90auth=E3=80=91=E6=9B=B4=E6=96=B0=E5=8A=A0=E5=AF=86?=
 =?UTF-8?q?=E6=8E=A5=E5=8F=A3=EF=BC=8C=E5=A2=9E=E5=8A=A0=E4=B8=A4=E4=B8=AA?=
 =?UTF-8?q?=E5=AF=B9=E5=8A=A0=E7=9B=90=E5=AF=86=E7=A0=81=E7=9A=84=E6=93=8D?=
 =?UTF-8?q?=E4=BD=9C=E6=96=B9=E5=BC=8F?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../password/PasswordStoredEncryptApi.java    | 20 ++++++++++++++++
 .../pojo/password/SaltedEncryptResult.java    | 24 +++++++++++++++++++
 .../password/BcryptPasswordStoredEncrypt.java | 24 +++++++++++++++++++
 3 files changed, 68 insertions(+)
 create mode 100644 kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/pojo/password/SaltedEncryptResult.java

diff --git a/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/password/PasswordStoredEncryptApi.java b/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/password/PasswordStoredEncryptApi.java
index 6b6b801cd..4a6e85e11 100644
--- a/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/password/PasswordStoredEncryptApi.java
+++ b/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/password/PasswordStoredEncryptApi.java
@@ -24,6 +24,8 @@
  */
 package cn.stylefeng.roses.kernel.auth.api.password;
 
+import cn.stylefeng.roses.kernel.auth.api.pojo.password.SaltedEncryptResult;
+
 /**
  * 密码存储时，将密码进行加密的api
  *
@@ -42,6 +44,16 @@ public interface PasswordStoredEncryptApi {
      */
     String encrypt(String originPassword);
 
+    /**
+     * 加密密码，通过密码 + 盐的方式
+     *
+     * @param originPassword 密码明文，待加密的密码
+     * @return 加密后的密码
+     * @author fengshuonan
+     * @since 2023/6/25 8:49
+     */
+    SaltedEncryptResult encryptWithSalt(String originPassword);
+
     /**
      * 校验密码加密前和加密后是否一致，多用于判断用户输入密码是否正确
      *
@@ -52,4 +64,12 @@ public interface PasswordStoredEncryptApi {
      */
     Boolean checkPassword(String encryptBefore, String encryptAfter);
 
+    /**
+     * 校验密码，通过密码 + 盐的方式
+     *
+     * @author fengshuonan
+     * @since 2023/6/25 8:51
+     */
+    Boolean checkPasswordWithSalt(String encryptBefore, String passwordSalt, String encryptAfter);
+
 }
diff --git a/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/pojo/password/SaltedEncryptResult.java b/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/pojo/password/SaltedEncryptResult.java
new file mode 100644
index 000000000..fd459fefb
--- /dev/null
+++ b/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/pojo/password/SaltedEncryptResult.java
@@ -0,0 +1,24 @@
+package cn.stylefeng.roses.kernel.auth.api.pojo.password;
+
+import lombok.Data;
+
+/**
+ * 密码加密结果
+ *
+ * @author fengshuonan
+ * @since 2023/6/25 8:48
+ */
+@Data
+public class SaltedEncryptResult {
+
+    /**
+     * 加密后的密码
+     */
+    private String encryptPassword;
+
+    /**
+     * 密码盐
+     */
+    private String passwordSalt;
+
+}
diff --git a/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/password/BcryptPasswordStoredEncrypt.java b/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/password/BcryptPasswordStoredEncrypt.java
index 76504324c..4c2339cc6 100644
--- a/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/password/BcryptPasswordStoredEncrypt.java
+++ b/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/password/BcryptPasswordStoredEncrypt.java
@@ -24,9 +24,12 @@
  */
 package cn.stylefeng.roses.kernel.auth.password;
 
+import cn.hutool.core.util.RandomUtil;
 import cn.hutool.core.util.StrUtil;
+import cn.hutool.crypto.SecureUtil;
 import cn.hutool.crypto.digest.BCrypt;
 import cn.stylefeng.roses.kernel.auth.api.password.PasswordStoredEncryptApi;
+import cn.stylefeng.roses.kernel.auth.api.pojo.password.SaltedEncryptResult;
 
 /**
  * 基于BCrypt算法实现的密码加密解密器
@@ -45,9 +48,30 @@ public class BcryptPasswordStoredEncrypt implements PasswordStoredEncryptApi {
         return BCrypt.hashpw(originPassword, BCrypt.gensalt());
     }
 
+    @Override
+    public SaltedEncryptResult encryptWithSalt(String originPassword) {
+
+        SaltedEncryptResult saltedEncryptResult = new SaltedEncryptResult();
+
+        // 创建密码盐
+        String salt = RandomUtil.randomString(8);
+        saltedEncryptResult.setPasswordSalt(salt);
+
+        // 将原密码进行md5加密
+        String encryptAfter = SecureUtil.md5(originPassword + salt);
+        saltedEncryptResult.setEncryptPassword(encryptAfter);
+
+        return saltedEncryptResult;
+    }
+
     @Override
     public Boolean checkPassword(String encryptBefore, String encryptAfter) {
         return BCrypt.checkpw(encryptBefore, encryptAfter);
     }
 
+    @Override
+    public Boolean checkPasswordWithSalt(String encryptBefore, String passwordSalt, String encryptAfter) {
+        return SecureUtil.md5(encryptBefore + passwordSalt).equals(encryptAfter);
+    }
+
 }