登录账号加、解密校验

42e6b1de · T · d3208434 · 42e6b1de · 42e6b1de · 42e6b1de
Commit 42e6b1de authored May 31, 2023 by T
--- a/eladmin-system/src/main/java/me/zhengjie/modules/security/rest/AuthenticationController.java
+++ b/eladmin-system/src/main/java/me/zhengjie/modules/security/rest/AuthenticationController.java
@@ -18,6 +18,7 @@ import me.zhengjie.modules.security.service.OnlineUserService;
 import me.zhengjie.modules.system.service.UserService;
 import me.zhengjie.modules.system.service.dto.UserDTO;
 import me.zhengjie.modules.system.service.dto.UserSmallDTO;
+import me.zhengjie.modules.util.AesEncode;
 import me.zhengjie.utils.EncryptUtils;
 import me.zhengjie.modules.security.utils.JwtTokenUtil;
 import me.zhengjie.utils.SecurityUtils;
@@ -123,6 +124,62 @@ public class AuthenticationController {
            return ResponseEntity.ok(new AuthInfo(expireTime,token, jwtUser));
        }
    }
+    @Log("用户登录V2")
+    @ApiOperation("登录授权V2--安全审计接口，供平台前端用")
+    @AnonymousAccess
+    @PostMapping(value = "/loginV2")
+    public ResponseEntity loginV2(@Validated @RequestBody AuthUser authUser, HttpServletRequest request){
+
+        // 查询验证码
+        String code = redisService.getCodeVal(authUser.getUuid());
+        // 清除验证码
+        redisService.delete(authUser.getUuid());
+        if (!authUser.getCode().equalsIgnoreCase(code)) {
+            throw new BadRequestException("验证码错误");
+        }
+        String username = "";
+        try {
+            username = AesEncode.desEncrypt(authUser.getUsername());
+        }catch(Exception e){
+            throw  new BadRequestException("解密错误");
+        }
+
+        final JwtUser jwtUser = (JwtUser) userDetailsService.loadUserByUsername(username);
+
+        String ip = request.getRemoteAddr();
+        String errCount = redisService.getCodeVal(authUser.getUsername() + ip);
+
+        if (errCount != "" && Integer.parseInt(errCount) == 3){
+            throw new AccountExpiredException("在当前IP下该账号的访问被禁止, 请在30分钟后重试！");
+        }
+        if(!jwtUser.getPassword().equals(authUser.getPassword())){
+            if (errCount.isEmpty()) {
+                redisService.saveCode(authUser.getUsername() + ip, 1);
+            } else {
+                redisService.saveCode(authUser.getUsername() + ip, Integer.parseInt(errCount) + 1);
+            }
+            throw new AccountExpiredException("密码错误");
+        }
+
+        if(!jwtUser.isEnabled()){
+            throw new AccountExpiredException("账号已停用，请联系管理员");
+        }
+        // token过期了再刷token
+        boolean online = onlineUserService.getAll(null).stream().map(OnlineUser::getUserName).collect(Collectors.toList()).contains(authUser.getUsername());
+        if(online) {
+            List<OnlineUser> onlineUserList = onlineUserService.getAll(null).stream().filter(s->s.getUserName().equals(authUser.getUsername())).collect(Collectors.toList());
+            return ResponseEntity.ok(new AuthInfo( onlineUserList.get(0).getExpireTime(), onlineUserList.get(0).getToken() , jwtUser));
+        } else {
+            // 生成令牌
+            final String token = jwtTokenUtil.generateToken(jwtUser);
+            Long expireTime = new Date().getTime() + expiration;
+            // 保存在线信息
+            onlineUserService.save(jwtUser, token, expireTime, request);
+            userService.updateToken(jwtUser.getUsername(), token);
+            // 返回 token
+            return ResponseEntity.ok(new AuthInfo(expireTime,token, jwtUser));
+        }
+    }

    @ApiOperation("刷新token")
    @AnonymousAccess

--- a/eladmin-system/src/main/java/me/zhengjie/modules/util/AesEncode.java
+++ b/eladmin-system/src/main/java/me/zhengjie/modules/util/AesEncode.java
+package me.zhengjie.modules.util;
+
+import javax.crypto.Cipher;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+import org.apache.commons.codec.binary.Base64;
+
+import java.nio.charset.StandardCharsets;
+
+/**
+ * -----------------
+ */
+public class AesEncode {
+
+    // 使用AES-128-CBC加密模式，key需要为16位,key和iv可以相同！
+    private static String KEY = "0123456789abcdef";
+
+    private static String IV = "abcdef0123456789";
+
+    /**
+     * 加密方法
+     *
+     * @param data
+     *            要加密的数据
+     * @param key
+     *            加密key
+     * @param iv
+     *            加密iv
+     * @return 加密的结果
+     * @throws Exception
+     */
+    public static String encrypt(String data, String key, String iv) throws Exception {
+        try {
+
+            Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");// "算法/模式/补码方式"NoPadding
+            // PkcsPadding
+            int blockSize = cipher.getBlockSize();
+
+            byte[] dataBytes = data.getBytes();
+            int plaintextLength = dataBytes.length;
+            if (plaintextLength % blockSize != 0) {
+                plaintextLength = plaintextLength + (blockSize - (plaintextLength % blockSize));
+            }
+
+            byte[] plaintext = new byte[plaintextLength];
+            System.arraycopy(dataBytes, 0, plaintext, 0, dataBytes.length);
+
+            SecretKeySpec keyspec = new SecretKeySpec(key.getBytes(), "AES");
+            IvParameterSpec ivspec = new IvParameterSpec(iv.getBytes());
+
+            cipher.init(Cipher.ENCRYPT_MODE, keyspec, ivspec);
+            byte[] encrypted = cipher.doFinal(plaintext);
+
+            return new Base64().encodeToString(encrypted);
+
+        } catch (Exception e) {
+            e.printStackTrace();
+            return null;
+        }
+    }
+
+    /**
+     * 解密方法
+     *
+     * @param data
+     *            要解密的数据
+     * @param key
+     *            解密key
+     * @param iv
+     *            解密iv
+     * @return 解密的结果
+     * @throws Exception
+     */
+    public static String desEncrypt(String data, String key, String iv) throws Exception {
+        try {
+            byte[] encrypted1 = new Base64().decode(data);
+
+            Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
+            SecretKeySpec keyspec = new SecretKeySpec(key.getBytes(), "AES");
+            IvParameterSpec ivspec = new IvParameterSpec(iv.getBytes());
+
+            cipher.init(Cipher.DECRYPT_MODE, keyspec, ivspec);
+
+            byte[] original = cipher.doFinal(encrypted1);
+            String originalString = new String(original).trim();
+            return originalString;
+        } catch (Exception e) {
+            e.printStackTrace();
+            return null;
+        }
+    }
+
+    /**
+     * 使用默认的key和iv加密
+     *
+     * @param data
+     * @return
+     * @throws Exception
+     */
+    public static String encrypt(String data) throws Exception {
+        return encrypt(data, KEY, IV);
+    }
+
+    /**
+     * 使用默认的key和iv解密
+     *
+     * @param data
+     * @return
+     * @throws Exception
+     */
+    public static String desEncrypt(String data) throws Exception {
+        return desEncrypt(data, KEY, IV);
+    }
+
+}
--- a/eladmin-system/src/main/resources/config/application.yml
+++ b/eladmin-system/src/main/resources/config/application.yml
 server:
-  port: 10004
+  port: 10005

 spring:
  application:
@@ -25,17 +25,25 @@ spring:
  main:
    allow-bean-definition-overriding: true
  datasource:
+#    SqlServer配置
      driver-class-name: com.microsoft.sqlserver.jdbc.SQLServerDriver
-      url: jdbc:sqlserver://192.168.3.188;DatabaseName=junmppolicesqldev
+      url: jdbc:sqlserver://192.168.3.188;DatabaseName=junmppolicesqldev_mk2
      username: sa
      password: Junmp123
-
+#     MySQL配置
 #      druid:
 #        type: com.alibaba.druid.pool.DruidDataSource
 #        driverClassName: net.sf.log4jdbc.sql.jdbcapi.DriverSpy
-#      url: jdbc:log4jdbc:mysql://192.168.3.32:13306/junmppolicesql?serverTimezone=Asia/Shanghai&characterEncoding=utf8&useSSL=false
+#        url: jdbc:log4jdbc:mysql://192.168.3.188:13306/junmp_audit_module?serverTimezone=Asia/Shanghai&characterEncoding=utf8&useSSL=false
+#        username: root
+#        password: Junmp123
+#      MySQL8
+#      druid:
+#        type: com.alibaba.druid.pool.DruidDataSource
+#        driverClassName: com.mysql.cj.jdbc.Driver
+#        url: jdbc:mysql://192.168.3.74:3306/junmppolicesqlb?serverTimezone=UTC&characterEncoding=utf8&useSSL=false
 #        username: root
-#      password: junmp.com.cn
+#        password: junmp123
 #
 #      # 初始化配置
 #      initial-size: 3
@@ -76,19 +84,30 @@ spring:
  #配置 Jpa
  jpa:
    database: sql_server
+#    database: mysql
    properties:
      hibernate:
        default_schema: dbo
        dialect: org.hibernate.dialect.SQLServer2008Dialect
 #        dialect: org.hibernate.dialect.MySQL5InnoDBDialect
-    open-in-view: true
-#    show-sql: true
+#    open-in-view: true
+    show-sql: true
    hibernate:
      ddl-auto: none
+  #配置 Jpa--mysql8
+#  jpa:
+#    database: mysql
+#    properties:
+#      hibernate:
+#        default_schema: dbo
+#        dialect: org.hibernate.dialect.MySQL8Dialect
+#    show-sql: true
+#    hibernate:
+#      ddl-auto: update

  redis:
    #数据库索引
-    database: 11
+    database: 10
    host: 192.168.3.188
    port: 6379
    password: ''