diff --git a/src/store/modules/user.js b/src/store/modules/user.js index c3be70b..f0ca501 100644 --- a/src/store/modules/user.js +++ b/src/store/modules/user.js @@ -60,8 +60,8 @@ const user = { actions: { // 登录 Login({ commit }, userInfo) { - const username = userInfo.username.trim() - const password = userInfo.password + const username = userInfo.usernameEncryption.trim() + const password = userInfo.passwordEncryption const code = userInfo.code const uuid = userInfo.uuid return new Promise((resolve, reject) => { diff --git a/src/utils/aes.js b/src/utils/aes.js new file mode 100644 index 0000000..e04bba8 --- /dev/null +++ b/src/utils/aes.js @@ -0,0 +1,66 @@ +import CryptoJS from 'crypto-js' + +const cbc_key = CryptoJS.enc.Utf8.parse("zhst@bonus@zhst@") +const cbc_iv = CryptoJS.enc.Utf8.parse("1234567812345678") + +/** + * AES CBC模式加密 + * @param {string} word - 需要加密的字符串 + * @returns {string} - 加密后的字符串 + */ +export function encryptCBC(word) { + const srcs = CryptoJS.enc.Utf8.parse(word) + const encrypted = CryptoJS.AES.encrypt(srcs, cbc_key, { + iv: cbc_iv, + mode: CryptoJS.mode.CBC, + padding: CryptoJS.pad.Pkcs7 + }) + return encrypted.toString() +} + +/** + * AES CBC模式解密 + * @param {string} word - 需要解密的字符串 + * @returns {string} - 解密后的字符串 + */ +export function decryptCBC(word) { + const decrypted = CryptoJS.AES.decrypt(word, cbc_key, { + iv: cbc_iv, + mode: CryptoJS.mode.CBC, + padding: CryptoJS.pad.Pkcs7 + }) + return decrypted.toString(CryptoJS.enc.Utf8) +} + +/** + * 日期格式化 + * @param {string} fmt - 格式化模板,如 "yyyy-MM-dd hh:mm:ss" + * @param {Date} date - 需要格式化的日期对象 + * @returns {string} - 格式化后的日期字符串 + */ +export function dateFtt(fmt, date) { + const o = { + "M+": date.getMonth() + 1, // 月份 + "d+": date.getDate(), // 日 + "h+": date.getHours(), // 小时 + "m+": date.getMinutes(), // 分 + "s+": date.getSeconds(), // 秒 + "q+": Math.floor((date.getMonth() + 3) / 3), // 季度 + "S": date.getMilliseconds() // 毫秒 + } + + if (/(y+)/.test(fmt)) { + fmt = fmt.replace(RegExp.$1, (date.getFullYear() + "").substr(4 - RegExp.$1.length)) + } + + for (const k in o) { + if (new RegExp("(" + k + ")").test(fmt)) { + fmt = fmt.replace( + RegExp.$1, + RegExp.$1.length === 1 ? o[k] : ("00" + o[k]).substr(("" + o[k]).length) + ) + } + } + + return fmt +} diff --git a/src/views/login.vue b/src/views/login.vue index 5d36877..7e37edf 100644 --- a/src/views/login.vue +++ b/src/views/login.vue @@ -141,6 +141,7 @@ import { getCodeImg } from "@/api/login"; import Cookies from "js-cookie"; import { encrypt, decrypt } from '@/utils/jsencrypt' +import { encryptCBC} from '@/utils/aes' import {getUserById} from "@/api/system/userInfo"; export default { @@ -154,7 +155,9 @@ export default { rememberMe: false, userAgreement: false, code: "", - uuid: "" + uuid: "", + usernameEncryption:"", + passwordEncryption:"", }, loginRules: { username: [ @@ -227,6 +230,10 @@ export default { Cookies.remove("password"); Cookies.remove('rememberMe'); } + this.loginForm.usernameEncryption = encryptCBC(this.loginForm.username); + this.loginForm.passwordEncryption = encryptCBC(this.loginForm.password); + + console.log("qqq",this.loginForm) this.$store.dispatch("Login", this.loginForm).then(() => { this.$router.push({ path: this.redirect || "/" }).catch(()=>{}); // this.$router.push({ path: this.redirect || "/gz-att/" }).catch(()=>{}); diff --git a/src/views/system/user/profile/resetPwd.vue b/src/views/system/user/profile/resetPwd.vue index bead7ef..e2f2417 100644 --- a/src/views/system/user/profile/resetPwd.vue +++ b/src/views/system/user/profile/resetPwd.vue @@ -43,7 +43,12 @@ export default { newPassword: [ { required: true, message: "新密码不能为空", trigger: "blur" }, { min: 6, max: 20, message: "长度在 6 到 20 个字符", trigger: "blur" }, - { pattern: /^[^<>"'|\\]+$/, message: "不能包含非法字符:< > \" ' \\\ |", trigger: "blur" } + { pattern: /^[^<>"'|\\]+$/, message: "不能包含非法字符:< > \" ' \\\ |", trigger: "blur" }, + { + pattern: /^(?!.*(?:123456|password|admin|abc123|111111|123123))(?=.*[A-Z])(?=.*[a-z])(?=.*\d).+$/, + message: "密码不能是常见弱密码,必须包含大小写字母和数字", + trigger: "blur" + } ], confirmPassword: [ { required: true, message: "确认密码不能为空", trigger: "blur" },