【7.6.0】【sys】【auth】更新加密接口，增加两个对加盐密码的操作方式

2023-06-25 08:55:58 +08:00 · 2023-06-25 08:55:58 +08:00 · 1af9fe733a
parent 6492daeadf
commit 1af9fe733a
3 changed files with 68 additions and 0 deletions
--- a/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/password/PasswordStoredEncryptApi.java
+++ b/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/password/PasswordStoredEncryptApi.java
@ -24,6 +24,8 @@
 */
 package cn.stylefeng.roses.kernel.auth.api.password;

+import cn.stylefeng.roses.kernel.auth.api.pojo.password.SaltedEncryptResult;
+
 /**
 * 密码存储时，将密码进行加密的api
 *
@ -42,6 +44,16 @@ public interface PasswordStoredEncryptApi {
     */
    String encrypt(String originPassword);

+    /**
+     * 加密密码，通过密码 + 盐的方式
+     *
+     * @param originPassword 密码明文，待加密的密码
+     * @return 加密后的密码
+     * @author fengshuonan
+     * @since 2023/6/25 8:49
+     */
+    SaltedEncryptResult encryptWithSalt(String originPassword);
+
    /**
     * 校验密码加密前和加密后是否一致，多用于判断用户输入密码是否正确
     *
@ -52,4 +64,12 @@ public interface PasswordStoredEncryptApi {
     */
    Boolean checkPassword(String encryptBefore, String encryptAfter);

+    /**
+     * 校验密码，通过密码 + 盐的方式
+     *
+     * @author fengshuonan
+     * @since 2023/6/25 8:51
+     */
+    Boolean checkPasswordWithSalt(String encryptBefore, String passwordSalt, String encryptAfter);
+
 }
--- a/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/pojo/password/SaltedEncryptResult.java
+++ b/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/pojo/password/SaltedEncryptResult.java
@ -0,0 +1,24 @@
+package cn.stylefeng.roses.kernel.auth.api.pojo.password;
+
+import lombok.Data;
+
+/**
+ * 密码加密结果
+ *
+ * @author fengshuonan
+ * @since 2023/6/25 8:48
+ */
+@Data
+public class SaltedEncryptResult {
+
+    /**
+     * 加密后的密码
+     */
+    private String encryptPassword;
+
+    /**
+     * 密码盐
+     */
+    private String passwordSalt;
+
+}
--- a/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/password/BcryptPasswordStoredEncrypt.java
+++ b/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/password/BcryptPasswordStoredEncrypt.java
@ -24,9 +24,12 @@
 */
 package cn.stylefeng.roses.kernel.auth.password;

+import cn.hutool.core.util.RandomUtil;
 import cn.hutool.core.util.StrUtil;
+import cn.hutool.crypto.SecureUtil;
 import cn.hutool.crypto.digest.BCrypt;
 import cn.stylefeng.roses.kernel.auth.api.password.PasswordStoredEncryptApi;
+import cn.stylefeng.roses.kernel.auth.api.pojo.password.SaltedEncryptResult;

 /**
 * 基于BCrypt算法实现的密码加密解密器
@ -45,9 +48,30 @@ public class BcryptPasswordStoredEncrypt implements PasswordStoredEncryptApi {
        return BCrypt.hashpw(originPassword, BCrypt.gensalt());
    }

+    @Override
+    public SaltedEncryptResult encryptWithSalt(String originPassword) {
+
+        SaltedEncryptResult saltedEncryptResult = new SaltedEncryptResult();
+
+        // 创建密码盐
+        String salt = RandomUtil.randomString(8);
+        saltedEncryptResult.setPasswordSalt(salt);
+
+        // 将原密码进行md5加密
+        String encryptAfter = SecureUtil.md5(originPassword + salt);
+        saltedEncryptResult.setEncryptPassword(encryptAfter);
+
+        return saltedEncryptResult;
+    }
+
    @Override
    public Boolean checkPassword(String encryptBefore, String encryptAfter) {
        return BCrypt.checkpw(encryptBefore, encryptAfter);
    }

+    @Override
+    public Boolean checkPasswordWithSalt(String encryptBefore, String passwordSalt, String encryptAfter) {
+        return SecureUtil.md5(encryptBefore + passwordSalt).equals(encryptAfter);
+    }
+
 }