Merge remote-tracking branch 'origin/main'
This commit is contained in:
weiweiw
commit
05196751c7
|
|
@ -3,6 +3,7 @@ package com.bonus.auth.service;
|
|||
import com.bonus.common.core.constant.SecurityConstants;
|
||||
import com.bonus.common.core.domain.R;
|
||||
import com.bonus.common.core.exception.ServiceException;
|
||||
import com.bonus.common.core.utils.encryption.Sm4Utils;
|
||||
import com.bonus.config.SystemConfig;
|
||||
import com.bonus.system.api.RemoteUserService;
|
||||
import com.bonus.system.api.domain.SysUser;
|
||||
|
|
@ -30,7 +31,7 @@ public class EmailOtpLoginStrategy implements LoginStrategy {
|
|||
throw new ServiceException("用户不存在/密码错误");
|
||||
}
|
||||
passwordValidatorService.checkPhoneCaptcha(email, otp);
|
||||
R<LoginUser> userResult = remoteUserService.getUserInfoByEmail(email, SecurityConstants.INNER);
|
||||
R<LoginUser> userResult = remoteUserService.getUserInfoByEmail(Sm4Utils.encrypt(email), SecurityConstants.INNER);
|
||||
//验证用户是否存在
|
||||
passwordValidatorService.validateUserResult(email, userResult);
|
||||
LoginUser userInfo = userResult.getData();
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@ package com.bonus.auth.service;
|
|||
import com.bonus.common.core.constant.SecurityConstants;
|
||||
import com.bonus.common.core.domain.R;
|
||||
import com.bonus.common.core.exception.ServiceException;
|
||||
import com.bonus.common.core.utils.encryption.Sm4Utils;
|
||||
import com.bonus.config.SystemConfig;
|
||||
import com.bonus.system.api.RemoteUserService;
|
||||
import com.bonus.system.api.domain.SysUser;
|
||||
|
|
@ -33,7 +34,7 @@ public class EmailPasswordLoginStrategy implements LoginStrategy {
|
|||
throw new ServiceException("用户不存在/密码错误");
|
||||
}
|
||||
//通过手机号获取用户信息
|
||||
R<LoginUser> userResult = remoteUserService.getUserInfoByEmail(email, SecurityConstants.INNER);
|
||||
R<LoginUser> userResult = remoteUserService.getUserInfoByEmail(Sm4Utils.encrypt(email), SecurityConstants.INNER);
|
||||
//验证用户是否存在
|
||||
passwordValidatorService.validateUserResult(email, userResult);
|
||||
//获取用户信息
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@ package com.bonus.auth.service;
|
|||
import com.bonus.common.core.constant.SecurityConstants;
|
||||
import com.bonus.common.core.domain.R;
|
||||
import com.bonus.common.core.exception.ServiceException;
|
||||
import com.bonus.common.core.utils.encryption.Sm4Utils;
|
||||
import com.bonus.config.SystemConfig;
|
||||
import com.bonus.system.api.RemoteUserService;
|
||||
import com.bonus.system.api.domain.SysUser;
|
||||
|
|
@ -32,7 +33,7 @@ public class PhoneOtpLoginStrategy implements LoginStrategy {
|
|||
throw new ServiceException("用户不存在/验证码错误");
|
||||
}
|
||||
passwordValidatorService.checkPhoneCaptcha(phone, otp);
|
||||
R<LoginUser> userResult = remoteUserService.getUserInfoByPhone(phone, SecurityConstants.INNER);
|
||||
R<LoginUser> userResult = remoteUserService.getUserInfoByPhone(Sm4Utils.encrypt(phone), SecurityConstants.INNER);
|
||||
//验证用户是否存在
|
||||
passwordValidatorService.validateUserResult(phone, userResult);
|
||||
LoginUser userInfo = userResult.getData();
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@ package com.bonus.auth.service;
|
|||
import com.bonus.common.core.constant.SecurityConstants;
|
||||
import com.bonus.common.core.domain.R;
|
||||
import com.bonus.common.core.exception.ServiceException;
|
||||
import com.bonus.common.core.utils.encryption.Sm4Utils;
|
||||
import com.bonus.config.SystemConfig;
|
||||
import com.bonus.system.api.RemoteUserService;
|
||||
import com.bonus.system.api.domain.SysUser;
|
||||
|
|
@ -35,7 +36,7 @@ public class PhonePasswordLoginStrategy implements LoginStrategy {
|
|||
throw new ServiceException("用户不存在/密码错误");
|
||||
}
|
||||
//通过手机号获取用户信息
|
||||
R<LoginUser> userResult = remoteUserService.getUserInfoByPhone(phone, SecurityConstants.INNER);
|
||||
R<LoginUser> userResult = remoteUserService.getUserInfoByPhone(Sm4Utils.encrypt(phone), SecurityConstants.INNER);
|
||||
//验证用户是否存在
|
||||
passwordValidatorService.validateUserResult(phone, userResult);
|
||||
//获取用户信息
|
||||
|
|
|
|||
|
|
@ -15,11 +15,6 @@ public class Sm3Util {
|
|||
|
||||
static SM3 sm3 = SmUtil.sm3WithSalt("2cc0c5f9f1749f1632efa9f63e902323".getBytes(StandardCharsets.UTF_8));
|
||||
|
||||
// public static void main(String[] args) {
|
||||
//
|
||||
// String msg= encrypt("1234567890");
|
||||
// System.err.println(msg);
|
||||
// }
|
||||
|
||||
public static String encrypt(String data) {
|
||||
return Sm3Util.sm3.digestHex(data);
|
||||
|
|
|
|||
|
|
@ -4,7 +4,6 @@ import cn.hutool.core.util.HexUtil;
|
|||
import cn.hutool.crypto.Mode;
|
||||
import cn.hutool.crypto.Padding;
|
||||
import cn.hutool.crypto.symmetric.SM4;
|
||||
import com.bonus.common.core.utils.StringUtils;
|
||||
|
||||
/**
|
||||
* @author bonus
|
||||
|
|
@ -14,6 +13,8 @@ public class Sm4Utils {
|
|||
* 必须是16字节
|
||||
*/
|
||||
private static final String KEY = "78d1295afa99449b99d6f83820e6965c";
|
||||
|
||||
private static final String IV = "f555adf6c01d0ab0761e626a2dae34a2";
|
||||
/**
|
||||
* 加密数据,使用固定盐
|
||||
*
|
||||
|
|
@ -22,13 +23,11 @@ public class Sm4Utils {
|
|||
*/
|
||||
public static String encrypt(String plainText) {
|
||||
try {
|
||||
String salt = StringUtils.randomUUID();
|
||||
// 初始化SM4加密工具
|
||||
SM4 sm4 = new SM4(Mode.CBC, Padding.PKCS5Padding, HexUtil.decodeHex(KEY),HexUtil.decodeHex(salt));
|
||||
SM4 sm4 = new SM4(Mode.CBC, Padding.PKCS5Padding, HexUtil.decodeHex(KEY),HexUtil.decodeHex(IV));
|
||||
// 加密带盐的明文
|
||||
byte[] encryptedData = sm4.encrypt(plainText);
|
||||
// 返回带盐的加密结果(Hex编码)
|
||||
return HexUtil.encodeHexStr(encryptedData)+salt;
|
||||
return HexUtil.encodeHexStr(encryptedData);
|
||||
} catch (Exception e) {
|
||||
e.printStackTrace();
|
||||
return null; // 发生异常时返回null
|
||||
|
|
@ -43,17 +42,10 @@ public class Sm4Utils {
|
|||
*/
|
||||
public static String decrypt(String cipherText) {
|
||||
try {
|
||||
// 提取盐,后32个字符
|
||||
String salt = cipherText.length() > 32 ?
|
||||
cipherText.substring(cipherText.length() - 32) :
|
||||
cipherText; // 如果字符串长度小于32,返回整个字符串
|
||||
|
||||
// 去掉盐,获取原始的密文部分
|
||||
String originalHex = cipherText.substring(0, cipherText.length() - 32);
|
||||
// 初始化SM4解密工具
|
||||
SM4 sm4 = new SM4(Mode.CBC, Padding.PKCS5Padding, HexUtil.decodeHex(KEY), HexUtil.decodeHex(salt));
|
||||
SM4 sm4 = new SM4(Mode.CBC, Padding.PKCS5Padding, HexUtil.decodeHex(KEY),HexUtil.decodeHex(IV));
|
||||
// 解密数据
|
||||
byte[] decryptedData = sm4.decrypt(originalHex);
|
||||
byte[] decryptedData = sm4.decrypt(cipherText);
|
||||
return new String(decryptedData);
|
||||
} catch (Exception e) {
|
||||
e.printStackTrace();
|
||||
|
|
@ -63,7 +55,7 @@ public class Sm4Utils {
|
|||
|
||||
// 测试方法,演示加密和解密过程
|
||||
public static void main(String[] args) {
|
||||
String plainText = "Hello, SM4 encryption with fixed salt!";
|
||||
String plainText = "15398187429";
|
||||
System.out.println("原文: " + plainText);
|
||||
|
||||
// 加密明文
|
||||
|
|
@ -71,7 +63,7 @@ public class Sm4Utils {
|
|||
System.out.println("加密后: " + encryptedText);
|
||||
|
||||
// 解密密文
|
||||
String decryptedText = Sm4Utils.decrypt("224c59bb4aa36a42d6639cf31986521d8fc838bc299483ffef95ae38c7d16e43d8bc9862b0f9dc94c88ed69b4575f1b3");
|
||||
String decryptedText = Sm4Utils.decrypt(encryptedText);
|
||||
System.out.println("解密后: " + decryptedText);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue