From 6f9631de24f018465b728e3af5aa5316f804d499 Mon Sep 17 00:00:00 2001
From: haozq <1611483981@qq.com>
Date: Fri, 15 Nov 2024 18:20:14 +0800
Subject: [PATCH] =?UTF-8?q?md5=E5=8A=A0=E5=AF=86=E4=BF=AE=E6=94=B9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
pom.xml | 5 ++
.../controller/PartApplyAppController.java | 3 +
.../app/service/PartApplyAppServiceImp.java | 2 +-
.../bases/controller/PartInputController.java | 2 +-
.../bases/entity/PartInputDetails.java | 9 +++
.../manager/core/entity/SysUserEntity.java | 2 +
.../security/UserAuthenticationProvider.java | 11 ++-
.../security/entity/SelfUserEntity.java | 2 +
.../gzgqj/manager/security/jwt/Md5Utils.java | 31 +++++++--
.../bonus/gzgqj/manager/security/jwt/md5.java | 68 -------------------
.../resources/mappers/user/SysUserMapper.xml | 1 +
11 files changed, 59 insertions(+), 77 deletions(-)
delete mode 100644 src/main/java/com/bonus/gzgqj/manager/security/jwt/md5.java
diff --git a/pom.xml b/pom.xml
index 1274b94..7c4b97d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -46,6 +46,11 @@
org.projectlombok
lombok
+
+ org.apache.shiro
+ shiro-core
+ 1.8.0
+
com.alibaba
druid-spring-boot-starter
diff --git a/src/main/java/com/bonus/gzgqj/business/app/controller/PartApplyAppController.java b/src/main/java/com/bonus/gzgqj/business/app/controller/PartApplyAppController.java
index b64dee9..da96bc1 100644
--- a/src/main/java/com/bonus/gzgqj/business/app/controller/PartApplyAppController.java
+++ b/src/main/java/com/bonus/gzgqj/business/app/controller/PartApplyAppController.java
@@ -103,4 +103,7 @@ public class PartApplyAppController {
return service.uploadImage(request);
}
+
+
+
}
diff --git a/src/main/java/com/bonus/gzgqj/business/app/service/PartApplyAppServiceImp.java b/src/main/java/com/bonus/gzgqj/business/app/service/PartApplyAppServiceImp.java
index 25a415f..8b7ae2e 100644
--- a/src/main/java/com/bonus/gzgqj/business/app/service/PartApplyAppServiceImp.java
+++ b/src/main/java/com/bonus/gzgqj/business/app/service/PartApplyAppServiceImp.java
@@ -77,7 +77,7 @@ public class PartApplyAppServiceImp {
public ServerResponse getPaTypeList(PaTypeVo dto) {
try{
List list=mapper.getPaTypeList(dto);
- ServerResponse.createSuccess(list);
+ return ServerResponse.createSuccess(list);
}catch (Exception e){
log.error(e.toString(),e);
}
diff --git a/src/main/java/com/bonus/gzgqj/business/bases/controller/PartInputController.java b/src/main/java/com/bonus/gzgqj/business/bases/controller/PartInputController.java
index d7f70a7..90efd9b 100644
--- a/src/main/java/com/bonus/gzgqj/business/bases/controller/PartInputController.java
+++ b/src/main/java/com/bonus/gzgqj/business/bases/controller/PartInputController.java
@@ -166,7 +166,7 @@ public class PartInputController {
* @return
*/
@GetMapping("getInputDetailList")
- @DecryptAndVerify(decryptedClass = PartInputVo.class)
+ @DecryptAndVerify(decryptedClass = PartInputDetails.class)
public ServerResponse getInputDetailList(EncryptedReq dto) {
List list = service.getInputDetailList(dto.getData());;
return ServerResponse.createSuccess(list);
diff --git a/src/main/java/com/bonus/gzgqj/business/bases/entity/PartInputDetails.java b/src/main/java/com/bonus/gzgqj/business/bases/entity/PartInputDetails.java
index 8b3f16f..b65a8a5 100644
--- a/src/main/java/com/bonus/gzgqj/business/bases/entity/PartInputDetails.java
+++ b/src/main/java/com/bonus/gzgqj/business/bases/entity/PartInputDetails.java
@@ -74,4 +74,13 @@ public class PartInputDetails {
@Excel(name = "备注", width = 10.0, orderNum = "6")
private String remark;
+
+ private String type;
+
+ private String name;
+
+
+ private String model;
+
+
}
diff --git a/src/main/java/com/bonus/gzgqj/manager/core/entity/SysUserEntity.java b/src/main/java/com/bonus/gzgqj/manager/core/entity/SysUserEntity.java
index ce93139..d5634a1 100644
--- a/src/main/java/com/bonus/gzgqj/manager/core/entity/SysUserEntity.java
+++ b/src/main/java/com/bonus/gzgqj/manager/core/entity/SysUserEntity.java
@@ -45,5 +45,7 @@ public class SysUserEntity implements Serializable {
private String companyId;
+ private String salt;
+
}
\ No newline at end of file
diff --git a/src/main/java/com/bonus/gzgqj/manager/security/UserAuthenticationProvider.java b/src/main/java/com/bonus/gzgqj/manager/security/UserAuthenticationProvider.java
index 73caa1b..2625069 100644
--- a/src/main/java/com/bonus/gzgqj/manager/security/UserAuthenticationProvider.java
+++ b/src/main/java/com/bonus/gzgqj/manager/security/UserAuthenticationProvider.java
@@ -14,6 +14,8 @@ import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Component;
+
+import java.security.NoSuchAlgorithmException;
import java.util.HashSet;
import java.util.Set;
@@ -41,10 +43,17 @@ public class UserAuthenticationProvider implements AuthenticationProvider {
if (userInfo == null) {
throw new UsernameNotFoundException("用户名不存在");
}
- if(!Md5Utils.validatePassword2(password, userInfo.getPassword())){
+ try {
+ //密码加密
+ String daya= Md5Utils.createPwdEncrypt(userName,Md5Utils.generateMD5(password).toUpperCase(),userInfo.getSalt());
+ if(!Md5Utils.validatePasswordBast64(daya, userInfo.getPassword())){
+ throw new BadCredentialsException("密码不正确");
+ }
+ } catch (NoSuchAlgorithmException e) {
throw new BadCredentialsException("密码不正确");
}
+
// 我们还要判断密码是否正确,这里我们的密码使用BCryptPasswordEncoder进行加密的
// if (!new BCryptPasswordEncoder().matches(password, userInfo.getPassword())) {
// throw new BadCredentialsException("密码不正确");
diff --git a/src/main/java/com/bonus/gzgqj/manager/security/entity/SelfUserEntity.java b/src/main/java/com/bonus/gzgqj/manager/security/entity/SelfUserEntity.java
index e15b82f..05983c9 100644
--- a/src/main/java/com/bonus/gzgqj/manager/security/entity/SelfUserEntity.java
+++ b/src/main/java/com/bonus/gzgqj/manager/security/entity/SelfUserEntity.java
@@ -74,6 +74,8 @@ public class SelfUserEntity implements Serializable, UserDetails {
*/
private String companyId ;
+ private String salt;
+
@Override
public Collection getAuthorities() {
return authorities;
diff --git a/src/main/java/com/bonus/gzgqj/manager/security/jwt/Md5Utils.java b/src/main/java/com/bonus/gzgqj/manager/security/jwt/Md5Utils.java
index aac84d7..c3bb896 100644
--- a/src/main/java/com/bonus/gzgqj/manager/security/jwt/Md5Utils.java
+++ b/src/main/java/com/bonus/gzgqj/manager/security/jwt/Md5Utils.java
@@ -1,5 +1,7 @@
package com.bonus.gzgqj.manager.security.jwt;
+import org.apache.shiro.crypto.hash.Md5Hash;
+
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
@@ -23,6 +25,10 @@ public class Md5Utils {
return bytesToHex(digest);
}
+
+
+
+
// 验证密码
public static boolean validatePassword(String input, String storedHash) {
try {
@@ -33,6 +39,10 @@ public class Md5Utils {
}
}
+ public static boolean validatePasswordBast64(String password, String pwd) {
+ return password.equals(pwd);
+ }
+
public static boolean validatePassword2(String input, String storedHash) {
try {
@@ -44,11 +54,20 @@ public class Md5Utils {
}
public static void main(String[] args) throws NoSuchAlgorithmException {
// 生成密码散列
- String password = "1";
- String hashedPassword = generateMD5(password);
- System.out.println("Password is valid: " + hashedPassword);
- // 验证密码
- boolean isValid = validatePassword(password, hashedPassword);
- System.out.println("Password is valid: " + isValid);
+ String pwd="Abc@123++";
+ String hashedPassword = generateMD5(pwd);
+
+ System.err.println(hashedPassword);
+
+ String daya= Md5Utils.createPwdEncrypt("bns",Md5Utils.generateMD5("Abc@123++").toUpperCase(),"946a175ccf87b28219f2ccbed6622dab");
+ System.err.println(daya);
+ boolean isValid =validatePasswordBast64(daya, "3NBzZK7qxhMhrmvi63FnuQ==");
+ System.err.println(isValid);
+ //MD5加盐算法:
+
+ }
+
+ public static String createPwdEncrypt(String username,String password,String salt){
+ return new Md5Hash(password,username+salt,2).toBase64();
}
}
\ No newline at end of file
diff --git a/src/main/java/com/bonus/gzgqj/manager/security/jwt/md5.java b/src/main/java/com/bonus/gzgqj/manager/security/jwt/md5.java
deleted file mode 100644
index cc7da71..0000000
--- a/src/main/java/com/bonus/gzgqj/manager/security/jwt/md5.java
+++ /dev/null
@@ -1,68 +0,0 @@
-package com.bonus.gzgqj.manager.security.jwt;
-
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-
-public class md5 {
-
-
-
-// public static String getMD5(String str) {
-// try {
-// // 生成一个MD5加密计算摘要
-// MessageDigest md = MessageDigest.getInstance("MD5");
-// // 计算md5函数
-// md.update(str.getBytes());
-// // digest()最后确定返回md5 hash值,返回值为8为字符串。因为md5 hash值是16位的hex值,实际上就是8位的字符
-// // BigInteger函数则将8位的字符串转换成16位hex值,用字符串来表示;得到字符串形式的hash值
-// return new BigInteger(1, md.digest()).toString(16);
-// } catch (Exception e) {
-// System.out.println("MD5加密出现错误");
-// }
-// return str;
-// }
-
- public static void main(String[] args) {
- String pwd="Abc@123++";
- //MD5加盐算法:
- System.out.println(getMD5WithSalt(pwd));
- }
-
-
- /**
- * MD5加密工具类
- */
-
- /**
- * 获取MD5字符串
- */
- public static String getMD5(String content) {
- try {
- MessageDigest digest = MessageDigest.getInstance("MD5");
- digest.update(content.getBytes());
- return getHashString(digest);
- } catch (NoSuchAlgorithmException e) {
- e.printStackTrace();
- }
- return null;
- }
-
- private static final String SALT = "946a175ccf87b28219f2ccbed6622dab";
-
- /**
- * 获取加盐的MD5字符串
- */
- public static String getMD5WithSalt(String content) {
- return getMD5(getMD5(content+SALT));
- }
-
- private static String getHashString(MessageDigest digest) {
- StringBuilder builder = new StringBuilder();
- for (byte b : digest.digest()) {
- builder.append(Integer.toHexString((b >> 4) & 0xf));
- builder.append(Integer.toHexString(b & 0xf));
- }
- return builder.toString();
- }
-
-}
\ No newline at end of file
diff --git a/src/main/resources/mappers/user/SysUserMapper.xml b/src/main/resources/mappers/user/SysUserMapper.xml
index 839b930..3dd4684 100644
--- a/src/main/resources/mappers/user/SysUserMapper.xml
+++ b/src/main/resources/mappers/user/SysUserMapper.xml
@@ -6,6 +6,7 @@