mirror of https://github.com/elunez/eladmin
前端rsa公钥加密传输登录密码,后端rsa私钥解密密码
dqjdda
parent
284c25a110
commit
98f2db21d3
|
|
@ -1,6 +1,8 @@
|
||||||
package me.zhengjie.modules.security.rest;
|
package me.zhengjie.modules.security.rest;
|
||||||
|
|
||||||
import cn.hutool.core.util.IdUtil;
|
import cn.hutool.core.util.IdUtil;
|
||||||
|
import cn.hutool.crypto.asymmetric.KeyType;
|
||||||
|
import cn.hutool.crypto.asymmetric.RSA;
|
||||||
import com.wf.captcha.ArithmeticCaptcha;
|
import com.wf.captcha.ArithmeticCaptcha;
|
||||||
import io.swagger.annotations.Api;
|
import io.swagger.annotations.Api;
|
||||||
import io.swagger.annotations.ApiOperation;
|
import io.swagger.annotations.ApiOperation;
|
||||||
|
|
@ -44,6 +46,8 @@ public class AuthController {
|
||||||
|
|
||||||
@Value("${loginCode.expiration}")
|
@Value("${loginCode.expiration}")
|
||||||
private Long expiration;
|
private Long expiration;
|
||||||
|
@Value("${rsa.private_key}")
|
||||||
|
private String privateKey;
|
||||||
private final SecurityProperties properties;
|
private final SecurityProperties properties;
|
||||||
private final RedisUtils redisUtils;
|
private final RedisUtils redisUtils;
|
||||||
private final UserDetailsService userDetailsService;
|
private final UserDetailsService userDetailsService;
|
||||||
|
|
@ -65,6 +69,9 @@ public class AuthController {
|
||||||
@AnonymousAccess
|
@AnonymousAccess
|
||||||
@PostMapping(value = "/login")
|
@PostMapping(value = "/login")
|
||||||
public ResponseEntity login(@Validated @RequestBody AuthUser authUser, HttpServletRequest request){
|
public ResponseEntity login(@Validated @RequestBody AuthUser authUser, HttpServletRequest request){
|
||||||
|
// 密码解密
|
||||||
|
RSA rsa = new RSA(privateKey, null);
|
||||||
|
String password = new String(rsa.decrypt(authUser.getPassword(), KeyType.PrivateKey));
|
||||||
// 查询验证码
|
// 查询验证码
|
||||||
String code = (String) redisUtils.get(authUser.getUuid());
|
String code = (String) redisUtils.get(authUser.getUuid());
|
||||||
// 清除验证码
|
// 清除验证码
|
||||||
|
|
@ -76,7 +83,7 @@ public class AuthController {
|
||||||
throw new BadRequestException("验证码错误");
|
throw new BadRequestException("验证码错误");
|
||||||
}
|
}
|
||||||
UsernamePasswordAuthenticationToken authenticationToken =
|
UsernamePasswordAuthenticationToken authenticationToken =
|
||||||
new UsernamePasswordAuthenticationToken(authUser.getUsername(), authUser.getPassword());
|
new UsernamePasswordAuthenticationToken(authUser.getUsername(), password);
|
||||||
|
|
||||||
Authentication authentication = authenticationManagerBuilder.getObject().authenticate(authenticationToken);
|
Authentication authentication = authenticationManagerBuilder.getObject().authenticate(authenticationToken);
|
||||||
SecurityContextHolder.getContext().setAuthentication(authentication);
|
SecurityContextHolder.getContext().setAuthentication(authentication);
|
||||||
|
|
|
||||||
|
|
@ -52,3 +52,7 @@ code:
|
||||||
#登录图形验证码有效时间/分钟
|
#登录图形验证码有效时间/分钟
|
||||||
loginCode:
|
loginCode:
|
||||||
expiration: 2
|
expiration: 2
|
||||||
|
|
||||||
|
#密码加密传输,前端公钥加密,后端私钥解密
|
||||||
|
rsa:
|
||||||
|
private_key: MIIBUwIBADANBgkqhkiG9w0BAQEFAASCAT0wggE5AgEAAkEA0vfvyTdGJkdbHkB8mp0f3FE0GYP3AYPaJF7jUd1M0XxFSE2ceK3k2kw20YvQ09NJKk+OMjWQl9WitG9pB6tSCQIDAQABAkA2SimBrWC2/wvauBuYqjCFwLvYiRYqZKThUS3MZlebXJiLB+Ue/gUifAAKIg1avttUZsHBHrop4qfJCwAI0+YRAiEA+W3NK/RaXtnRqmoUUkb59zsZUBLpvZgQPfj1MhyHDz0CIQDYhsAhPJ3mgS64NbUZmGWuuNKp5coY2GIj/zYDMJp6vQIgUueLFXv/eZ1ekgz2Oi67MNCk5jeTF2BurZqNLR3MSmUCIFT3Q6uHMtsB9Eha4u7hS31tj1UWE+D+ADzp59MGnoftAiBeHT7gDMuqeJHPL4b+kC+gzV4FGTfhR9q3tTbklZkD2A==
|
||||||
Loading…
Reference in New Issue