diff --git a/bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/utils/JwtUtils.java b/bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/utils/JwtUtils.java index 6b25dde..a6be530 100644 --- a/bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/utils/JwtUtils.java +++ b/bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/utils/JwtUtils.java @@ -4,9 +4,11 @@ import java.util.Map; import com.bonus.common.core.constant.SecurityConstants; import com.bonus.common.core.constant.TokenConstants; import com.bonus.common.core.text.Convert; +import com.bonus.common.core.utils.encryption.Sm4Utils; import io.jsonwebtoken.Claims; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.SignatureAlgorithm; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; /** * Jwt工具类 @@ -25,8 +27,13 @@ public class JwtUtils */ public static String createToken(Map claims) { - String token = Jwts.builder().setClaims(claims).signWith(SignatureAlgorithm.HS512, secret).compact(); - return token; + String username = (String) claims.get(SecurityConstants.DETAILS_USERNAME); + if (!StringUtils.isEmpty(username)){ + String encyrptUserName = Sm4Utils.encrypt(username); + claims.put(SecurityConstants.DETAILS_USERNAME, encyrptUserName); + System.out.print("****createToken里加密用户名是:" + encyrptUserName); + } + return Jwts.builder().setClaims(claims).signWith(SignatureAlgorithm.HS512, secret).compact(); } /** @@ -37,7 +44,14 @@ public class JwtUtils */ public static Claims parseToken(String token) { - return Jwts.parser().setSigningKey(secret).parseClaimsJws(token).getBody(); + Claims claims = Jwts.parser().setSigningKey(secret).parseClaimsJws(token).getBody(); + String username = getValue(claims, SecurityConstants.DETAILS_USERNAME); + if (!StringUtils.isEmpty(username)){ + String decryUsername = Sm4Utils.decrypt(username); + System.out.print("****parseToken里解密用户名是:" + decryUsername); + claims.put(SecurityConstants.DETAILS_USERNAME, decryUsername); + } + return claims; } /** @@ -95,7 +109,7 @@ public class JwtUtils public static String getUserName(String token) { Claims claims = parseToken(token); - return getValue(claims, SecurityConstants.DETAILS_USERNAME); + return getUserName(claims); } /** @@ -106,7 +120,17 @@ public class JwtUtils */ public static String getUserName(Claims claims) { - return getValue(claims, SecurityConstants.DETAILS_USERNAME); + String encryptUserName = getValue(claims, SecurityConstants.DETAILS_USERNAME); + if (!StringUtils.isEmpty(encryptUserName)){ + String decryUsername = Sm4Utils.decrypt(encryptUserName); + if (StringUtils.isEmpty(decryUsername)){ + return encryptUserName; + }else { + return decryUsername; + } + + } + return ""; } /** diff --git a/bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/utils/encryption/Sm4Utils.java b/bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/utils/encryption/Sm4Utils.java index d3825c5..f08b9d1 100644 --- a/bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/utils/encryption/Sm4Utils.java +++ b/bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/utils/encryption/Sm4Utils.java @@ -29,7 +29,7 @@ public class Sm4Utils { // 返回带盐的加密结果(Hex编码) return HexUtil.encodeHexStr(encryptedData); } catch (Exception e) { - e.printStackTrace(); +// e.printStackTrace(); return null; // 发生异常时返回null } } @@ -48,7 +48,7 @@ public class Sm4Utils { byte[] decryptedData = sm4.decrypt(cipherText); return new String(decryptedData); } catch (Exception e) { - e.printStackTrace(); +// e.printStackTrace(); return null; // 发生异常时返回null } } diff --git a/bonus-gateway/src/main/java/com/bonus/gateway/filter/IpFilter.java b/bonus-gateway/src/main/java/com/bonus/gateway/filter/IpFilter.java deleted file mode 100644 index bca2c53..0000000 --- a/bonus-gateway/src/main/java/com/bonus/gateway/filter/IpFilter.java +++ /dev/null @@ -1,184 +0,0 @@ -//package com.bonus.gateway.filter; -// -//import com.bonus.common.core.constant.CacheConstants; -//import com.bonus.common.core.utils.DateUtils; -//import com.bonus.common.core.utils.SpringUtils; -//import com.bonus.common.core.utils.ip.IpUtils; -//import com.bonus.common.redis.service.RedisService; -// -//import com.bonus.system.api.RemoteLogService; -//import com.bonus.system.api.domain.SysLogsVo; -//import lombok.extern.slf4j.Slf4j; -//import org.apache.commons.lang3.ObjectUtils; -//import org.springframework.cloud.gateway.filter.GatewayFilterChain; -//import org.springframework.cloud.gateway.filter.GlobalFilter; -//import org.springframework.core.Ordered; -//import org.springframework.stereotype.Component; -//import org.springframework.web.server.ServerWebExchange; -//import reactor.core.publisher.Mono; -// -//import javax.annotation.Resource; -//import java.net.InetAddress; -//import java.net.UnknownHostException; -//import java.time.LocalDateTime; -//import java.time.format.DateTimeFormatter; -//import java.util.List; -//import java.util.Map; -//import java.util.UUID; -// -///** -// * @author bonus -// */ -//@Component -//@Slf4j -//public class IpFilter implements GlobalFilter, Ordered { -// @Resource -// private RedisService redisService; -// -//// @Resource -//// private RemoteLogService remoteLogService; -//// public RemoteLogService remoteLogService = SpringUtils.getBean(RemoteLogService.class); -// /** -// * Process the Web request and (optionally) delegate to the next {@code GatewayFilter} -// * through the given {@link GatewayFilterChain}. -// * -// * @param exchange the current server exchange -// * @param chain provides a way to delegate to the next filter -// * @return {@code Mono} to indicate when request processing is complete -// */ -// @Override -// public Mono filter(ServerWebExchange exchange, GatewayFilterChain chain) { -// List> cacheList = redisService.getCacheObject(CacheConstants.SYS_LOGIN_BLACKIPLIST); -// -// // 获取客户端的 IP 地址 -// String ip = exchange.getRequest().getHeaders().getFirst("X-Forwarded-For"); -// for (Map map : cacheList) { -// String ipAddress = map.containsKey("ipAddress") ? map.get("ipAddress").toString() : null; -// String ipRangeEnd = map.containsKey("ipRangeEnd") ?map.get("ipRangeEnd").toString(): null; -// String ipRangeStart = map.containsKey("ipRangeStart")?map.get("ipRangeStart").toString():null; -// String accessStartTime =map.containsKey("accessStartTime")? map.get("accessStartTime").toString():null; -// String accessEndTime = map.containsKey("accessEndTime")?map.get("accessEndTime").toString():null; -// if (ObjectUtils.isEmpty(ipAddress)){ -// if (isIpInRange(ip, ipRangeStart, ipRangeEnd)){ -// if (ObjectUtils.isNotEmpty(accessStartTime)){ -// boolean currentTimeInRange = isCurrentTimeInRange(accessStartTime, accessEndTime); -// if (!currentTimeInRange){ -// // 完成响应 -// handleLog(); -// exchange.getResponse().setStatusCode(org.springframework.http.HttpStatus.FORBIDDEN); -// return exchange.getResponse().setComplete(); -// }else { -// return chain.filter(exchange); -// } -// }else { -// return chain.filter(exchange); -// } -// -// } -// }else { -// if (ipAddress.equals(ip)){ -// if (ObjectUtils.isNotEmpty(accessStartTime)){ -// boolean currentTimeInRange = isCurrentTimeInRange(accessStartTime, accessEndTime); -// if (!currentTimeInRange){ -// // 完成响应 -//// handleLog(); -// exchange.getResponse().setStatusCode(org.springframework.http.HttpStatus.FORBIDDEN); -// return exchange.getResponse().setComplete(); -// }else { -// return chain.filter(exchange); -// } -// }else { -// return chain.filter(exchange); -// } -// } -// } -// } -// exchange.getResponse().setStatusCode(org.springframework.http.HttpStatus.FORBIDDEN); -// return exchange.getResponse().setComplete(); -// } -// private void handleLog() -// { -// SysLogsVo sysLogsVo = new SysLogsVo(); -// String uuid= UUID.randomUUID().toString().replace("-","").toUpperCase(); -// sysLogsVo.setLogId(uuid); -// sysLogsVo.setOperaUserName(""); -// sysLogsVo.setIp(IpUtils.getIpAddr()); -// sysLogsVo.setOperTime(DateUtils.getTime()); -// sysLogsVo.setLogType(0); -// sysLogsVo.setOperType("IP地址异常"); -// sysLogsVo.setWarningStatus("0"); -// try { -//// remoteLogService.addLogs(sysLogsVo, "inner"); -// } catch (Exception e) { -// throw new RuntimeException(e); -// } -// } -// /** -// * 检查给定的IP地址是否在指定的网段区间内 -// * -// * @param ip 要检查的IP地址,例如 "192.168.1.10" -// * @param startIp 区间开始的IP地址,例如 "192.168.1.0" -// * @param endIp 区间结束的IP地址,例如 "192.168.1.255" -// * @return true 如果IP在区间内;否则返回 false -// */ -// public static boolean isIpInRange(String ip, String startIp, String endIp) { -// try { -// // 将 IP 地址、起始 IP 和结束 IP 转换为整数 -// long ipToCheck = ipToLong(InetAddress.getByName(ip)); -// long start = ipToLong(InetAddress.getByName(startIp)); -// long end = ipToLong(InetAddress.getByName(endIp)); -// -// // 检查 IP 是否在区间内 -// return ipToCheck >= start && ipToCheck <= end; -// } catch (UnknownHostException e) { -// e.printStackTrace(); -// return false; -// } -// } -// -// /** -// * 将IP地址转换为整数 -// * -// * @param inetAddress IP地址对象 -// * @return 转换后的长整数 -// */ -// private static long ipToLong(InetAddress inetAddress) { -// byte[] octets = inetAddress.getAddress(); -// long result = 0; -// for (byte octet : octets) { -// result = (result << 8) | (octet & 0xFF); -// } -// return result; -// } -// public static boolean isCurrentTimeInRange(String startDateTime, String endDateTime) { -// // 定义日期时间格式 -// DateTimeFormatter formatter = DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss"); -// -// // 将字符串转换为 LocalDateTime -// LocalDateTime start = LocalDateTime.parse(startDateTime, formatter); -// LocalDateTime end = LocalDateTime.parse(endDateTime, formatter); -// -// // 获取当前日期和时间 -// LocalDateTime currentDateTime = LocalDateTime.now(); -// -// // 检查当前日期和时间是否在指定的范围内 -// return !currentDateTime.isBefore(start) && !currentDateTime.isAfter(end); -// } -// -// /** -// * Get the order value of this object. -// *

Higher values are interpreted as lower priority. As a consequence, -// * the object with the lowest value has the highest priority (somewhat -// * analogous to Servlet {@code load-on-startup} values). -// *

Same order values will result in arbitrary sort positions for the -// * affected objects. -// * -// * @return the order value -// * @see #HIGHEST_PRECEDENCE -// * @see #LOWEST_PRECEDENCE -// */ -// @Override -// public int getOrder() { -// return 0; -// } -//}