From 0486e90506d999a20752b01ffa83c36d0b7fcb6b Mon Sep 17 00:00:00 2001
From: lSun <15893999301@qq.com>
Date: Tue, 13 May 2025 18:28:38 +0800
Subject: [PATCH] =?UTF-8?q?=E5=B7=A5=E7=A8=8B=E9=A2=84=E4=BB=98=E6=AC=BE?=
 =?UTF-8?q?=E7=BB=9F=E8=AE=A1=E5=8A=9F=E8=83=BD=E5=BC=80=E5=8F=91?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../manager/config/BnsSecurityConfig.java     |   1 +
 .../DecodePwdAuthenticationProvider.java      |  39 ++++
 .../service/impl/UserDetailsServiceImpl.java  |   2 +
 .../manager/manager/utils/AESCBCUtils.java    | 171 ++++++++++++++++++
 src/main/resources/static/js/my/aes.js        |  65 +++++++
 src/main/resources/static/login.html          |   6 +-
 6 files changed, 282 insertions(+), 2 deletions(-)
 create mode 100644 src/main/java/com/bonus/boot/manager/manager/config/DecodePwdAuthenticationProvider.java
 create mode 100644 src/main/java/com/bonus/boot/manager/manager/utils/AESCBCUtils.java
 create mode 100644 src/main/resources/static/js/my/aes.js

diff --git a/src/main/java/com/bonus/boot/manager/manager/config/BnsSecurityConfig.java b/src/main/java/com/bonus/boot/manager/manager/config/BnsSecurityConfig.java
index 1a391fe..adca1b7 100644
--- a/src/main/java/com/bonus/boot/manager/manager/config/BnsSecurityConfig.java
+++ b/src/main/java/com/bonus/boot/manager/manager/config/BnsSecurityConfig.java
@@ -66,6 +66,7 @@ public class BnsSecurityConfig extends WebSecurityConfigurerAdapter {
 
 	@Override
 	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+		auth.authenticationProvider(new DecodePwdAuthenticationProvider(userDetailsService));
 		auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder());
 	}
 
diff --git a/src/main/java/com/bonus/boot/manager/manager/config/DecodePwdAuthenticationProvider.java b/src/main/java/com/bonus/boot/manager/manager/config/DecodePwdAuthenticationProvider.java
new file mode 100644
index 0000000..a948409
--- /dev/null
+++ b/src/main/java/com/bonus/boot/manager/manager/config/DecodePwdAuthenticationProvider.java
@@ -0,0 +1,39 @@
+package com.bonus.boot.manager.manager.config;
+
+import com.bonus.boot.manager.manager.utils.AESCBCUtils;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.security.authentication.BadCredentialsException;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+
+/**
+ * 密码自定义校验
+ * @author 黑子
+ */
+@Slf4j
+public class DecodePwdAuthenticationProvider extends DaoAuthenticationProvider {
+    public DecodePwdAuthenticationProvider(UserDetailsService userDetailsService){
+        setUserDetailsService(userDetailsService);
+    }
+
+    @Override
+    protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
+        if (authentication.getCredentials() == null) {
+            this.logger.debug("Authentication failed: no credentials provided");
+            throw new BadCredentialsException(this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
+        } else {
+            String presentedPassword = authentication.getCredentials().toString();
+            presentedPassword= AESCBCUtils.decrypt(presentedPassword);
+            BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
+            if (!passwordEncoder.matches(presentedPassword, userDetails.getPassword())) {
+                this.logger.debug("Authentication failed: password does not match stored value");
+                throw new BadCredentialsException(this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
+            }
+        }
+    }
+
+}
diff --git a/src/main/java/com/bonus/boot/manager/manager/service/impl/UserDetailsServiceImpl.java b/src/main/java/com/bonus/boot/manager/manager/service/impl/UserDetailsServiceImpl.java
index 543bdba..2ac6ee9 100644
--- a/src/main/java/com/bonus/boot/manager/manager/service/impl/UserDetailsServiceImpl.java
+++ b/src/main/java/com/bonus/boot/manager/manager/service/impl/UserDetailsServiceImpl.java
@@ -2,6 +2,7 @@ package com.bonus.boot.manager.manager.service.impl;
 
 import java.util.List;
 
+import com.bonus.boot.manager.manager.utils.AESCBCUtils;
 import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
@@ -36,6 +37,7 @@ public class UserDetailsServiceImpl implements UserDetailsService {
 
 	@Override
 	public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
+		username = AESCBCUtils.decrypt(username);
 		SysUser sysUser = userService.getUser(username);
 		if (sysUser == null) {
 			throw new AuthenticationCredentialsNotFoundException("用户名不存在");
diff --git a/src/main/java/com/bonus/boot/manager/manager/utils/AESCBCUtils.java b/src/main/java/com/bonus/boot/manager/manager/utils/AESCBCUtils.java
new file mode 100644
index 0000000..398663b
--- /dev/null
+++ b/src/main/java/com/bonus/boot/manager/manager/utils/AESCBCUtils.java
@@ -0,0 +1,171 @@
+package com.bonus.boot.manager.manager.utils;
+
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.codec.binary.Base64;
+import org.bouncycastle.jce.provider.BouncyCastleProvider;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Component;
+
+import javax.crypto.Cipher;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+import java.security.Security;
+import java.util.Arrays;
+
+/**
+ *
+ * AES加密工具类
+ */
+@Slf4j
+@Component
+public class AESCBCUtils {
+
+		public  static  boolean aq = true;
+
+//		@Value("${zhly.aq.enable}")
+//		public  void setAq(boolean aq) {
+//			AESCBCUtils.aq = aq;
+//		}
+	//使用AES-256-CBC加密模式，key需要为16位,key和iv可以相同！
+		/**
+		 * 密钥算法
+		 */
+		private static final String KEY_ALGORITHM = "AES";
+
+		/**
+		 * 加密/解密算法 / 工作模式 / 填充方式
+		 * Java 6支持PKCS5Padding填充方式
+		 * Bouncy Castle支持PKCS7Padding填充方式
+		 */
+		private static final String CIPHER_ALGORITHM = "AES/CBC/PKCS7Padding";
+
+		/**
+		 * 偏移量，只有CBC模式才需要
+		 */
+		private final static String ivParameter = "1234567812345678";
+
+
+		/**
+		 * AES要求密钥长度为128位或192位或256位，java默认限制AES密钥长度最多128位
+		 */
+		public static String sKey = "zhst@bonus@zhst@";
+
+
+
+		/**
+		 * 编码格式
+		 */
+		public static final String ENCODING = "utf-8";
+
+		static {
+			//如果是PKCS7Padding填充方式，则必须加上下面这行
+			Security.addProvider(new BouncyCastleProvider());
+		}
+
+		/**
+		 * AES加密
+		 *（CBC模式）
+		 * @param source 源字符串
+		 * @param
+		 * @throws Exception
+		 * @return 加密后的密文
+		 */
+		public static String encrypt(String source) throws Exception {
+			System.err.println(aq);
+			if(!aq){
+				return source;
+			}
+			String	key=sKey;
+			byte[] sourceBytes = source.getBytes(ENCODING);
+			byte[] keyBytes = key.getBytes(ENCODING);
+			Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM, "BC");
+			IvParameterSpec iv = new IvParameterSpec(ivParameter.getBytes(ENCODING));
+			cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(keyBytes, KEY_ALGORITHM), iv);
+			byte[] decrypted = cipher.doFinal(sourceBytes);
+			return Base64.encodeBase64String(decrypted);
+		}
+
+		/**
+		 * AES解密
+		 *（CBC模式）
+		 * @param encryptStr 加密后的密文
+		 * @param
+		 * @throws Exception
+		 * @return 源字符串
+		 */
+		public static String decrypt(String encryptStr)  {
+			if(!aq){
+				return encryptStr;
+			}
+			try{
+				encryptStr = encryptStr.replace(" ","+");
+				String key=sKey;
+				byte[] sourceBytes = Base64.decodeBase64(encryptStr);
+				byte[] keyBytes = key.getBytes(ENCODING);
+
+				int base = 16;
+				if (keyBytes.length % base != 0) {
+					int groups = keyBytes.length / base + 1;
+					byte[] temp = new byte[groups * base];
+					Arrays.fill(temp, (byte) 0);
+					System.arraycopy(keyBytes, 0, temp, 0, keyBytes.length);
+					keyBytes = temp;
+				}
+
+				Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM, "BC");
+				IvParameterSpec iv = new IvParameterSpec(ivParameter.getBytes(ENCODING));
+				cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(keyBytes, KEY_ALGORITHM), iv);
+				byte[] decoded = cipher.doFinal(sourceBytes);
+				return new String(decoded, ENCODING);
+			}catch (Exception e){
+				log.error(e.toString(),e);
+			}
+			return  "";
+		}
+
+
+		public static void main(String[] args) throws Exception {
+			String jmData= AESCBCUtils.encrypt("Bonus@admin123");
+			System.out.println("加密后字符串：" + jmData);
+			String data= AESCBCUtils.decrypt("DfOeNXxtTbGN35quGimHptR1uHzgATGCriuS9Z5Zh+hr/L7HcL0eoeNrCJlHfiDb");
+			System.out.println("解密后的字串是：" + data);
+
+			/*String key = "1234567812345678";
+			// 加密
+			long lStart = System.currentTimeMillis();
+			String enString = AESCBCUtils.encrypt("2023-06-06", AESCBCUtils.sKey);
+			System.out.println("加密后的字串是：" + enString);
+			 enString = AESCBCUtils.encrypt("Bonus@admin123", AESCBCUtils.sKey);
+			System.out.println("加密后的字串是：" + enString);
+			long lUseTime = System.currentTimeMillis() - lStart;
+			System.out.println("加密耗时：" + lUseTime + "毫秒");
+
+			// 解密
+			lStart = System.currentTimeMillis();
+			String DeString = AESCBCUtils.decrypt("XG3aC2WpBOlcWQlohK7F+hjLlngPZNcb7/75VcrJwh5DcutdGeTjniyz5iuXlBiTEJ8s1J3cT+cBEPLELId0tzbmNdNdQ4WLAmhSf0rDOmNOKzXG241D4Ku6W6ABIWnWrS4a93g0lBF0mZhzrnghvdLlBks6RPafYy8DJezjRLOFcl8xqnwMtS0RImbWGR4g+0t/oQck5D91/W2H023xGknEQLg6sRYBvgGk7H7cT/1/Pu67nmYlIQg6nvpqQx6VJMVIlBjqsMu0hpNTAbiUIDT9XsfZ7xA4RGJq50FJ2CvSt4umnlKiyxYiPjdbMPk2C3Bsvtao2NS8J2jdYR/mx9scqmUiYNAuMFESpGRqqyzcSWjAZ08OyTIFAmIxIusWTkq0wK+b7Bv6iXHEuYIhVFBT0ogzT85AC6Kda2h5dQGwPSH1cYo6w0oJVqOGqIpAt2XmCeQQTrg/D0nbqgiVrGXo8n2FtHL8QcbszUn5dfE2J4W45SsAJfqSCSarr9XtYFy+YgdnuUXA5YEny151eNvQKK9pofE3Z3dqbERi625Q2AJLgQt6g47vSy6FQoh76Hwmgj6q9TpMw0MJdl6un9U42PgcSBJsWwkZL/AifITL8bEdcBEA41NebGE4RJF9VCS51oT/YsdLciki7fAVFs0/g9apNZ8YkBVNviDBlKFTw3Z1M97sbLA86Ry3XzTYmIRrgac+FAuDeN726faCXcHfqgikweFUgmXUF8fWQdANmfgRrzGSYq53P0neeAzqbMfsjLQrqFYpz0HLwljjDv0qCDcOqh4iIS+b/O5kYyu7tVAFzZR5RqZk4jzK+8vyJfElfeoi6yA3ID6gHbmGHzNywgimjCJcTyQFG7GVa0PAR+KPFz0/Xc7T9tFdaXw0DM7KIX+xCdAxqLO0AYRDtwZTIjAudpend+TTZWWE+vBQRSs/UAfULrCiaztGDWAuyUq+cqG+IY2tzzs6XT750qgOMvWNHfYDJgJn7fok47iTPVHac+sc8ldIC7x30tn4Z53WUQDI81lE5F6LAINnRWuTlO8qrLkvATlceWP0yfzS7+aYm5EkK+la9FwMqfNz3D2eHi/DYuQ3EjrSSouRe8b6DpmHT17UeVKfHjU3Gu/QRS5x5oc/XX/CJLNEFB4ul7bebpAluH6k3adqDubzKY4Cemq7NBKd67xgxGuUFsPBjNhtm4TqGbeA/euk8T3mvIRSzYfYBeoHOytqLk3opwodzeo0RSXFItRC2YWFSOLRX095FkhvwRO50kQXOjYEdbIeYpiLSM07e+jlaYk7cCOwJIoY408ih105k3/DBjk6tQEQ0x9KYejwRsnbtEj9QVm4gMuKGQlv6jf4cXlXegx5rqawTcrMoHyB0NIFe8IrTQG68Oiw4Xa6mB6Jz1KySEOcFMlyPsnkK6osraXEpO/NtGVLhI2eZjgtig7tQIo11Ab0vpqqnVfCbjFSpGN793fLB1zdjPuKejBf36dfn83MjDOz+hOVfGI5FcrwGUIKhHK0FUcIo8GfCGMc06DumsDTeI0SjeWkbWFL4U9QSw1BbB691pColxnm3DysmaXdXuzq1cNFiu2PpyWzZQ9/8kCQXoB4+ewEPjNt+DJkCq/g7Exu22A9pd7iun6z6HDOcsSJ+4v2zeJ2hhF2xJpw585c4NN1b7THes+aFWw0YW7llQCg0BG+O4rGTO8ehRd56Ut9tHxOLK4veBoj9nStatXkuVkKYmhYdpSTvjQlZBzc8Gn/36/DwWs40Z64fkm/M5eqNtVx/zCj9EIKKdxgGBls6f9i2cs2MolmIM/saqiz1w9CkpythwAHqxMoneGOcthfCyIrW/ZKICPbaV92dhrc9+fl59lx4CcLB27dpmT7MQvhmMuBqWoV/jQeppQuNQhoNQ2sXnhjLp+EcdiQxPupj6uMWzBeCnSbuZ0JqSStttslETZe7zsVEnPsKZGY7/sHNzyluNsVsZtK7lI0w8qq9hL8MgNwubc7lD0DcasMXgnGtFL+lJz354AGlJfEoQuRaPvI5oGkkNCawEI+hrspYLzzOJSEHAdINm6VsfTBsCoXg/Fa1MYj6FHf446JKI3FpSLDmQCnfNhBt3mKMt2lI7vIsTccijk/nLzegEwztZpPy+HFK6Tiy3W6cUhf643dJmRud0yeBMfWANFEzl1N62eICt2N/GWjGPdEA49ycjpLr6geANL6HG0rlY0aSWsacel6ARBjOV+QLTv/HfEh+XvDWoPezmj5M8NWCsaaxDfkrWOZe921tCTV5/TwVVs5xRGaQ8eXllwtxdh+2L1wVkocnmmbvaCdTwcAnMBaHkukUM8iRjX/pwIu85jtofmU/yZeuQ8685RVj0aD8pwexdEuNtOtCB6Ve7N/7G9F/eJpfqfRENUcoxPdFJjqPf36WbjgB0BPUqiSk5aR9r8nB/28H4XzydOnFaC+ronzVIH9cVYSAb0n2nvD4Te2V2HVX3Ept9LfhY5RfvkE0EKsA2NfD+yvd64/7c9SqpWteDvTK3Ix5yB3hA8eaygdySgf/V0TAtZWYPlJVeTXn4Q4Gugkeb+CAZIkqxBALZ3Wa0MkYihu/cQo6x3YesJhwN+CtdK8wuiCjVYHeFbvG2uokJhKB57Fzmhy6hAgrEv4RSlT+bzBe4h7u3RgMScLsmaf0gkPvVmTJHPWJlkXieQ2taFauYThjVK32gtx8xbU7p5GI5PZNHFlHSUJBCToIK6WGC758/+Jn/oYMg2SIqbA6Tev3faT6zXv5Xe+xRoinl9v7OcywSq2Flqq3ftdfbmpNwBG/kK0YUPFa4TxbN1ZFjQYHxX3xXcvRvJjy/94k+rZBWhIms0fOwWwi3L5BQfndkt4MZaoEfThO53ZK1anOnXeTrP+EhFzgvDpTqJmDNJYfC+8rNWFRwUojlXz0Pmfc6xDwsGmfTdsiZ8Y2jo+PAjWGLL6XZ6CCtuPXwCTBOPRPCm6QtRHsWvrh6WTxJcbyx7unxHTL3RnXL/jxQybMTuWu1ndDNl2bHQwlSaaI4usW4irTVuy8Em4b8NlEGrQ/QEx3Ru50IoTvlEiFM3RaI18bfpXCp7VqG7dF4uILa/OhZwEY2LN5g0JPsyXtqI25vhlEVxzZYhvKm1fkTreGZC8L5WyBgEE6q9T0jK7jfBqXI8jIOMG455d07cANgtqVEC72pvkbN7kuAR6V5INJEEvw9nICD/W9GZrjzoWGiYCZIysp7ETAgf8woKTq1Rlx6wDQXMG+5/c0rxOkusPFxSaKEjhLjIb0pD9sCAqnK4EsPkS/2qovc0vf7jjyJrgnDFPl41qZjVJZ3CGsmO9anDvHCAuZNNx3zGznRYw4KWVTUneogLPuXKFWj76aZGRX28AS3HDiux3KJsy+jRqoLQa2OxDHDU+bxClFZVqqWoXsNDvg6/WKcrmQELioVwIUvLFpG8xmFLNe73ytPJ50TSQe7OehSsNL5syHfq1EAJp4Tkuwv6ml9LI/CAQM1wlRiDvUnf6TyZ8xpdCyK/v3tMaV3/mCLM797Lh9Aqe3wNySI6P0XKONfFrmo/4Fos+NzJJG5qhPGeJmR6y/5DR6Afqzw+LdXVVCQayHsd4jQVUsha9TQpVoiARbpOZl18o4P7d6AXtS3XS1bP1zkj01aHKCVX7VAEHx0q33DET5zO+u0f3M+Vk6bSRthgTDoY+CpM/PD2slEqZjtaTUtIrPWWqWpF7DzU4Gsri2U4A3Z7QBpaTQeowwGTU0vnDXgMymucjFBu5ToJHmdNmauPiIKxGMzbcV7aihilyMybNmqZznq+WlcL78jnIUN5YN4gG4I/2dDnNXe9+yLrTgLJSb5hzxNbYDppeSMYWqKK3d8FMFnSuKYmeAH5U0oM6MjclIwfnhkZGkkjaQr9Qlnqrw6Sp1bgtpUN0sZIAkvg1qGimxaw6HNB+Kfs9mgwPeEWvrv//NbH5U5tYm1+KauA0+421spie2naIuq81FfsaSFYSrhnWfatxJHEufU0WIuHP1Xy3+HQwfVAb+UHXE9mbGxgJ2nwI+yNrWEK/lpPO+CowDZcVJT0noIsfeIICqu0u2LK/hL7hjYpWnsSY2S2wnmsfAl/XjLHzyl4EjisVEFH6nkC2B6JyFnnRRAwtGERHbJc0Y4IcoT7r7YAIBmdsgLny/a8jhwQ+h7IxdyiS+wMyl+ODOaxhfFxM6f48S/UgIOZz2ySs87knnfu3i4o0scEf54+LD+z/mvMvAwRiLoU/9zNqNpuFcJmDLkw9DpFTvRAQnM+OqKqPMPn7wJSk6LOfGOhZPIkjgc5K5omYC9zhcERGlFk+gDk7ngmP9ZTLqGEIQ+b3QWSX7v2SAY+jEss0dEfLbD66j64FDNpHo9BGwsxf1OQtfUzS6UAorayAC5n/gbZMbw2CnypAL9j511IKBKnE8PXiY6DMs7hu+09io9GqgTyyb2k7V0b01eF+JryaPQntiTUmLCj09KXnWawxWJDxxNY8nyfuNR1cSAjtXWcqxo3BLE5v+viqP/tzicUjkJVOLJnsbBP2wCXwKP+TQglVSmSwel5VMKPV1r012EzO6fa7p0v/hP/zE64nNNlgJsyN547kMPfEvfU6kQBKithkKnWABWmHbtCHDLsjMhjPmMhNL9oiLPW9S3ANqXafIoYU+TUwzqDpVBx2yi733134j0ijzX7ZsECiTTTiLPU4vAh9IKCPiTBgzQj7x7p4YrnDz4UZdFImRng6fB6n2ZrBVQJE8z4jIDonBKnVCcpuHVvYd1FRGkcNgErcq7/VgnA47uUGcOfuo6rataabaCFCdTu60+He8hHkvavI1e2QbiY2sL1P/v3hd/lcmQuxJKOWbBagUHYFBBZE22pPW7uzTmFCVXIQBDJbcYN2NmgE+KWw9VMBm6k2JMkNzdPB5lSu7ERHSe4SUM25FHHmmvGLgjXKpHFUg966cy+EO3bYYPH/CRssdWoCgBKgKr/txhu7H2RVUJN6PGEwKY4eXus8pWGWnKN6H/m8r2FKHc9XlQVGxhEL5K+42I3wJsr0dssxpZQeRizjsueMiZ34r/2gdcoV7oDNq/AneF/+p2q3aPAy4YZCRRyY+qn2njUGHXUQMVw41SVIhoNnH2CpfqJAnLN26j2WROIrNMqHT/mpR4eRkeQhHGsjK6lViYs+3InnHxunpQy54XUa+nEOP6hCR9Tud4AftRIL2cnRDAgU5xNg1jGqtwwC4wtrVWxreLmoAIkuSe5FORNyvT5oH3waBSGpeINTNq11YhcnZDi0t4a8gwHCSgblAbUfkippZj2qvlSqICOcnmwf9rchfFrC0e5LzwKwNqO2GjJOkRnN82sRHDfrKSw=");
+			System.out.println("解密后的字串是：" + DeString);
+			lUseTime = System.currentTimeMillis() - lStart;
+			System.out.println("解密耗时：" + lUseTime + "毫秒");*/
+//			String key = "1234567812345678";
+//			// 加密
+//			long lStart = System.currentTimeMillis();
+//			String enString = AESCBCUtils.encrypt("admin@123", AESCBCUtils.sKey);
+//			String enString2 = AESCBCUtils.encrypt("cwchen", AESCBCUtils.sKey);
+//			String enString3 = AESCBCUtils.encrypt("1", AESCBCUtils.sKey);
+//			String enString4= AESCBCUtils.encrypt("10", AESCBCUtils.sKey);
+//           String name="";
+//			for (int i = 0; i <70 ; i++) {
+//				name="admin"+i;
+//				String pwd= AESCBCUtils.encrypt(name,AESCBCUtils.sKey);
+//				System.out.println("用户名:"+name+"      "+"加密后密码:"+pwd);
+//			}
+
+
+
+
+
+		}
+
+
+
+}
diff --git a/src/main/resources/static/js/my/aes.js b/src/main/resources/static/js/my/aes.js
new file mode 100644
index 0000000..3b757a2
--- /dev/null
+++ b/src/main/resources/static/js/my/aes.js
@@ -0,0 +1,65 @@
+!function(t,n){"object"==typeof exports?module.exports=exports=n():"function"==typeof define&&define.amd?define([],n):t.CryptoJS=n()}(this,function(){var t=t||function(t,n){var i=Object.create||function(){function t(){}return function(n){var i;return t.prototype=n,i=new t,t.prototype=null,i}}(),e={},r=e.lib={},o=r.Base=function(){return{extend:function(t){var n=i(this);return t&&n.mixIn(t),n.hasOwnProperty("init")&&this.init!==n.init||(n.init=function(){n.$super.init.apply(this,arguments)}),n.init.prototype=n,n.$super=this,n},create:function(){var t=this.extend();return t.init.apply(t,arguments),t},init:function(){},mixIn:function(t){for(var n in t)t.hasOwnProperty(n)&&(this[n]=t[n]);t.hasOwnProperty("toString")&&(this.toString=t.toString)},clone:function(){return this.init.prototype.extend(this)}}}(),s=r.WordArray=o.extend({init:function(t,i){t=this.words=t||[],i!=n?this.sigBytes=i:this.sigBytes=4*t.length},toString:function(t){return(t||c).stringify(this)},concat:function(t){var n=this.words,i=t.words,e=this.sigBytes,r=t.sigBytes;if(this.clamp(),e%4)for(var o=0;o<r;o++){var s=i[o>>>2]>>>24-o%4*8&255;n[e+o>>>2]|=s<<24-(e+o)%4*8}else for(var o=0;o<r;o+=4)n[e+o>>>2]=i[o>>>2];return this.sigBytes+=r,this},clamp:function(){var n=this.words,i=this.sigBytes;n[i>>>2]&=4294967295<<32-i%4*8,n.length=t.ceil(i/4)},clone:function(){var t=o.clone.call(this);return t.words=this.words.slice(0),t},random:function(n){for(var i,e=[],r=function(n){var n=n,i=987654321,e=4294967295;return function(){i=36969*(65535&i)+(i>>16)&e,n=18e3*(65535&n)+(n>>16)&e;var r=(i<<16)+n&e;return r/=4294967296,r+=.5,r*(t.random()>.5?1:-1)}},o=0;o<n;o+=4){var a=r(4294967296*(i||t.random()));i=987654071*a(),e.push(4294967296*a()|0)}return new s.init(e,n)}}),a=e.enc={},c=a.Hex={stringify:function(t){for(var n=t.words,i=t.sigBytes,e=[],r=0;r<i;r++){var o=n[r>>>2]>>>24-r%4*8&255;e.push((o>>>4).toString(16)),e.push((15&o).toString(16))}return e.join("")},parse:function(t){for(var n=t.length,i=[],e=0;e<n;e+=2)i[e>>>3]|=parseInt(t.substr(e,2),16)<<24-e%8*4;return new s.init(i,n/2)}},u=a.Latin1={stringify:function(t){for(var n=t.words,i=t.sigBytes,e=[],r=0;r<i;r++){var o=n[r>>>2]>>>24-r%4*8&255;e.push(String.fromCharCode(o))}return e.join("")},parse:function(t){for(var n=t.length,i=[],e=0;e<n;e++)i[e>>>2]|=(255&t.charCodeAt(e))<<24-e%4*8;return new s.init(i,n)}},f=a.Utf8={stringify:function(t){try{return decodeURIComponent(escape(u.stringify(t)))}catch(t){throw new Error("Malformed UTF-8 data")}},parse:function(t){return u.parse(unescape(encodeURIComponent(t)))}},h=r.BufferedBlockAlgorithm=o.extend({reset:function(){this._data=new s.init,this._nDataBytes=0},_append:function(t){"string"==typeof t&&(t=f.parse(t)),this._data.concat(t),this._nDataBytes+=t.sigBytes},_process:function(n){var i=this._data,e=i.words,r=i.sigBytes,o=this.blockSize,a=4*o,c=r/a;c=n?t.ceil(c):t.max((0|c)-this._minBufferSize,0);var u=c*o,f=t.min(4*u,r);if(u){for(var h=0;h<u;h+=o)this._doProcessBlock(e,h);var p=e.splice(0,u);i.sigBytes-=f}return new s.init(p,f)},clone:function(){var t=o.clone.call(this);return t._data=this._data.clone(),t},_minBufferSize:0}),p=(r.Hasher=h.extend({cfg:o.extend(),init:function(t){this.cfg=this.cfg.extend(t),this.reset()},reset:function(){h.reset.call(this),this._doReset()},update:function(t){return this._append(t),this._process(),this},finalize:function(t){t&&this._append(t);var n=this._doFinalize();return n},blockSize:16,_createHelper:function(t){return function(n,i){return new t.init(i).finalize(n)}},_createHmacHelper:function(t){return function(n,i){return new p.HMAC.init(t,i).finalize(n)}}}),e.algo={});return e}(Math);return t});
+//# sourceMappingURL=core.min.js.map
+!function(e,t,i){"object"==typeof exports?module.exports=exports=t(require("./core.min"),require("./sha1.min"),require("./hmac.min")):"function"==typeof define&&define.amd?define(["./core.min","./sha1.min","./hmac.min"],t):t(e.CryptoJS)}(this,function(e){return function(){var t=e,i=t.lib,r=i.Base,n=i.WordArray,o=t.algo,a=o.MD5,c=o.EvpKDF=r.extend({cfg:r.extend({keySize:4,hasher:a,iterations:1}),init:function(e){this.cfg=this.cfg.extend(e)},compute:function(e,t){for(var i=this.cfg,r=i.hasher.create(),o=n.create(),a=o.words,c=i.keySize,f=i.iterations;a.length<c;){s&&r.update(s);var s=r.update(e).finalize(t);r.reset();for(var u=1;u<f;u++)s=r.finalize(s),r.reset();o.concat(s)}return o.sigBytes=4*c,o}});t.EvpKDF=function(e,t,i){return c.create(i).compute(e,t)}}(),e.EvpKDF});
+//# sourceMappingURL=evpkdf.min.js.map
+!function(r,e){"object"==typeof exports?module.exports=exports=e(require("./core.min")):"function"==typeof define&&define.amd?define(["./core.min"],e):e(r.CryptoJS)}(this,function(r){return function(){function e(r,e,t){for(var n=[],i=0,o=0;o<e;o++)if(o%4){var f=t[r.charCodeAt(o-1)]<<o%4*2,c=t[r.charCodeAt(o)]>>>6-o%4*2;n[i>>>2]|=(f|c)<<24-i%4*8,i++}return a.create(n,i)}var t=r,n=t.lib,a=n.WordArray,i=t.enc;i.Base64={stringify:function(r){var e=r.words,t=r.sigBytes,n=this._map;r.clamp();for(var a=[],i=0;i<t;i+=3)for(var o=e[i>>>2]>>>24-i%4*8&255,f=e[i+1>>>2]>>>24-(i+1)%4*8&255,c=e[i+2>>>2]>>>24-(i+2)%4*8&255,s=o<<16|f<<8|c,h=0;h<4&&i+.75*h<t;h++)a.push(n.charAt(s>>>6*(3-h)&63));var p=n.charAt(64);if(p)for(;a.length%4;)a.push(p);return a.join("")},parse:function(r){var t=r.length,n=this._map,a=this._reverseMap;if(!a){a=this._reverseMap=[];for(var i=0;i<n.length;i++)a[n.charCodeAt(i)]=i}var o=n.charAt(64);if(o){var f=r.indexOf(o);f!==-1&&(t=f)}return e(r,t,a)},_map:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="}}(),r.enc.Base64});
+//# sourceMappingURL=enc-base64.min.js.map
+!function(e,t,r){"object"==typeof exports?module.exports=exports=t(require("./core.min"),require("./evpkdf.min")):"function"==typeof define&&define.amd?define(["./core.min","./evpkdf.min"],t):t(e.CryptoJS)}(this,function(e){e.lib.Cipher||function(t){var r=e,i=r.lib,n=i.Base,c=i.WordArray,o=i.BufferedBlockAlgorithm,s=r.enc,a=(s.Utf8,s.Base64),f=r.algo,p=f.EvpKDF,d=i.Cipher=o.extend({cfg:n.extend(),createEncryptor:function(e,t){return this.create(this._ENC_XFORM_MODE,e,t)},createDecryptor:function(e,t){return this.create(this._DEC_XFORM_MODE,e,t)},init:function(e,t,r){this.cfg=this.cfg.extend(r),this._xformMode=e,this._key=t,this.reset()},reset:function(){o.reset.call(this),this._doReset()},process:function(e){return this._append(e),this._process()},finalize:function(e){e&&this._append(e);var t=this._doFinalize();return t},keySize:4,ivSize:4,_ENC_XFORM_MODE:1,_DEC_XFORM_MODE:2,_createHelper:function(){function e(e){return"string"==typeof e?B:x}return function(t){return{encrypt:function(r,i,n){return e(i).encrypt(t,r,i,n)},decrypt:function(r,i,n){return e(i).decrypt(t,r,i,n)}}}}()}),h=(i.StreamCipher=d.extend({_doFinalize:function(){var e=this._process(!0);return e},blockSize:1}),r.mode={}),u=i.BlockCipherMode=n.extend({createEncryptor:function(e,t){return this.Encryptor.create(e,t)},createDecryptor:function(e,t){return this.Decryptor.create(e,t)},init:function(e,t){this._cipher=e,this._iv=t}}),l=h.CBC=function(){function e(e,r,i){var n=this._iv;if(n){var c=n;this._iv=t}else var c=this._prevBlock;for(var o=0;o<i;o++)e[r+o]^=c[o]}var r=u.extend();return r.Encryptor=r.extend({processBlock:function(t,r){var i=this._cipher,n=i.blockSize;e.call(this,t,r,n),i.encryptBlock(t,r),this._prevBlock=t.slice(r,r+n)}}),r.Decryptor=r.extend({processBlock:function(t,r){var i=this._cipher,n=i.blockSize,c=t.slice(r,r+n);i.decryptBlock(t,r),e.call(this,t,r,n),this._prevBlock=c}}),r}(),_=r.pad={},v=_.Pkcs7={pad:function(e,t){for(var r=4*t,i=r-e.sigBytes%r,n=i<<24|i<<16|i<<8|i,o=[],s=0;s<i;s+=4)o.push(n);var a=c.create(o,i);e.concat(a)},unpad:function(e){var t=255&e.words[e.sigBytes-1>>>2];e.sigBytes-=t}},y=(i.BlockCipher=d.extend({cfg:d.cfg.extend({mode:l,padding:v}),reset:function(){d.reset.call(this);var e=this.cfg,t=e.iv,r=e.mode;if(this._xformMode==this._ENC_XFORM_MODE)var i=r.createEncryptor;else{var i=r.createDecryptor;this._minBufferSize=1}this._mode&&this._mode.__creator==i?this._mode.init(this,t&&t.words):(this._mode=i.call(r,this,t&&t.words),this._mode.__creator=i)},_doProcessBlock:function(e,t){this._mode.processBlock(e,t)},_doFinalize:function(){var e=this.cfg.padding;if(this._xformMode==this._ENC_XFORM_MODE){e.pad(this._data,this.blockSize);var t=this._process(!0)}else{var t=this._process(!0);e.unpad(t)}return t},blockSize:4}),i.CipherParams=n.extend({init:function(e){this.mixIn(e)},toString:function(e){return(e||this.formatter).stringify(this)}})),m=r.format={},k=m.OpenSSL={stringify:function(e){var t=e.ciphertext,r=e.salt;if(r)var i=c.create([1398893684,1701076831]).concat(r).concat(t);else var i=t;return i.toString(a)},parse:function(e){var t=a.parse(e),r=t.words;if(1398893684==r[0]&&1701076831==r[1]){var i=c.create(r.slice(2,4));r.splice(0,4),t.sigBytes-=16}return y.create({ciphertext:t,salt:i})}},x=i.SerializableCipher=n.extend({cfg:n.extend({format:k}),encrypt:function(e,t,r,i){i=this.cfg.extend(i);var n=e.createEncryptor(r,i),c=n.finalize(t),o=n.cfg;return y.create({ciphertext:c,key:r,iv:o.iv,algorithm:e,mode:o.mode,padding:o.padding,blockSize:e.blockSize,formatter:i.format})},decrypt:function(e,t,r,i){i=this.cfg.extend(i),t=this._parse(t,i.format);var n=e.createDecryptor(r,i).finalize(t.ciphertext);return n},_parse:function(e,t){return"string"==typeof e?t.parse(e,this):e}}),g=r.kdf={},S=g.OpenSSL={execute:function(e,t,r,i){i||(i=c.random(8));var n=p.create({keySize:t+r}).compute(e,i),o=c.create(n.words.slice(t),4*r);return n.sigBytes=4*t,y.create({key:n,iv:o,salt:i})}},B=i.PasswordBasedCipher=x.extend({cfg:x.cfg.extend({kdf:S}),encrypt:function(e,t,r,i){i=this.cfg.extend(i);var n=i.kdf.execute(r,e.keySize,e.ivSize);i.iv=n.iv;var c=x.encrypt.call(this,e,t,n.key,i);return c.mixIn(n),c},decrypt:function(e,t,r,i){i=this.cfg.extend(i),t=this._parse(t,i.format);var n=i.kdf.execute(r,e.keySize,e.ivSize,t.salt);i.iv=n.iv;var c=x.decrypt.call(this,e,t,n.key,i);return c}})}()});
+//# sourceMappingURL=cipher-core.min.js.map
+!function(e,i){"object"==typeof exports?module.exports=exports=i(require("./core.min")):"function"==typeof define&&define.amd?define(["./core.min"],i):i(e.CryptoJS)}(this,function(e){!function(){var i=e,t=i.lib,n=t.Base,s=i.enc,r=s.Utf8,o=i.algo;o.HMAC=n.extend({init:function(e,i){e=this._hasher=new e.init,"string"==typeof i&&(i=r.parse(i));var t=e.blockSize,n=4*t;i.sigBytes>n&&(i=e.finalize(i)),i.clamp();for(var s=this._oKey=i.clone(),o=this._iKey=i.clone(),a=s.words,f=o.words,c=0;c<t;c++)a[c]^=1549556828,f[c]^=909522486;s.sigBytes=o.sigBytes=n,this.reset()},reset:function(){var e=this._hasher;e.reset(),e.update(this._iKey)},update:function(e){return this._hasher.update(e),this},finalize:function(e){var i=this._hasher,t=i.finalize(e);i.reset();var n=i.finalize(this._oKey.clone().concat(t));return n}})}()});
+//# sourceMappingURL=hmac.min.js.map
+!function(e,o,r){"object"==typeof exports?module.exports=exports=o(require("./core.min"),require("./cipher-core.min")):"function"==typeof define&&define.amd?define(["./core.min","./cipher-core.min"],o):o(e.CryptoJS)}(this,function(e){return e.mode.ECB=function(){var o=e.lib.BlockCipherMode.extend();return o.Encryptor=o.extend({processBlock:function(e,o){this._cipher.encryptBlock(e,o)}}),o.Decryptor=o.extend({processBlock:function(e,o){this._cipher.decryptBlock(e,o)}}),o}(),e.mode.ECB});
+//# sourceMappingURL=mode-ecb.min.js.map
+!function(e,r,i){"object"==typeof exports?module.exports=exports=r(require("./core.min"),require("./cipher-core.min")):"function"==typeof define&&define.amd?define(["./core.min","./cipher-core.min"],r):r(e.CryptoJS)}(this,function(e){return e.pad.Pkcs7});
+//# sourceMappingURL=pad-pkcs7.min.js.map
+!function(e,r,i){"object"==typeof exports?module.exports=exports=r(require("./core.min"),require("./enc-base64.min"),require("./md5.min"),require("./evpkdf.min"),require("./cipher-core.min")):"function"==typeof define&&define.amd?define(["./core.min","./enc-base64.min","./md5.min","./evpkdf.min","./cipher-core.min"],r):r(e.CryptoJS)}(this,function(e){return function(){var r=e,i=r.lib,n=i.BlockCipher,o=r.algo,t=[],c=[],s=[],f=[],a=[],d=[],u=[],v=[],h=[],y=[];!function(){for(var e=[],r=0;r<256;r++)r<128?e[r]=r<<1:e[r]=r<<1^283;for(var i=0,n=0,r=0;r<256;r++){var o=n^n<<1^n<<2^n<<3^n<<4;o=o>>>8^255&o^99,t[i]=o,c[o]=i;var p=e[i],l=e[p],_=e[l],k=257*e[o]^16843008*o;s[i]=k<<24|k>>>8,f[i]=k<<16|k>>>16,a[i]=k<<8|k>>>24,d[i]=k;var k=16843009*_^65537*l^257*p^16843008*i;u[o]=k<<24|k>>>8,v[o]=k<<16|k>>>16,h[o]=k<<8|k>>>24,y[o]=k,i?(i=p^e[e[e[_^p]]],n^=e[e[n]]):i=n=1}}();var p=[0,1,2,4,8,16,32,64,128,27,54],l=o.AES=n.extend({_doReset:function(){if(!this._nRounds||this._keyPriorReset!==this._key){for(var e=this._keyPriorReset=this._key,r=e.words,i=e.sigBytes/4,n=this._nRounds=i+6,o=4*(n+1),c=this._keySchedule=[],s=0;s<o;s++)if(s<i)c[s]=r[s];else{var f=c[s-1];s%i?i>6&&s%i==4&&(f=t[f>>>24]<<24|t[f>>>16&255]<<16|t[f>>>8&255]<<8|t[255&f]):(f=f<<8|f>>>24,f=t[f>>>24]<<24|t[f>>>16&255]<<16|t[f>>>8&255]<<8|t[255&f],f^=p[s/i|0]<<24),c[s]=c[s-i]^f}for(var a=this._invKeySchedule=[],d=0;d<o;d++){var s=o-d;if(d%4)var f=c[s];else var f=c[s-4];d<4||s<=4?a[d]=f:a[d]=u[t[f>>>24]]^v[t[f>>>16&255]]^h[t[f>>>8&255]]^y[t[255&f]]}}},encryptBlock:function(e,r){this._doCryptBlock(e,r,this._keySchedule,s,f,a,d,t)},decryptBlock:function(e,r){var i=e[r+1];e[r+1]=e[r+3],e[r+3]=i,this._doCryptBlock(e,r,this._invKeySchedule,u,v,h,y,c);var i=e[r+1];e[r+1]=e[r+3],e[r+3]=i},_doCryptBlock:function(e,r,i,n,o,t,c,s){for(var f=this._nRounds,a=e[r]^i[0],d=e[r+1]^i[1],u=e[r+2]^i[2],v=e[r+3]^i[3],h=4,y=1;y<f;y++){var p=n[a>>>24]^o[d>>>16&255]^t[u>>>8&255]^c[255&v]^i[h++],l=n[d>>>24]^o[u>>>16&255]^t[v>>>8&255]^c[255&a]^i[h++],_=n[u>>>24]^o[v>>>16&255]^t[a>>>8&255]^c[255&d]^i[h++],k=n[v>>>24]^o[a>>>16&255]^t[d>>>8&255]^c[255&u]^i[h++];a=p,d=l,u=_,v=k}var p=(s[a>>>24]<<24|s[d>>>16&255]<<16|s[u>>>8&255]<<8|s[255&v])^i[h++],l=(s[d>>>24]<<24|s[u>>>16&255]<<16|s[v>>>8&255]<<8|s[255&a])^i[h++],_=(s[u>>>24]<<24|s[v>>>16&255]<<16|s[a>>>8&255]<<8|s[255&d])^i[h++],k=(s[v>>>24]<<24|s[a>>>16&255]<<16|s[d>>>8&255]<<8|s[255&u])^i[h++];e[r]=p,e[r+1]=l,e[r+2]=_,e[r+3]=k},keySize:8});r.AES=n._createHelper(l)}(),e.AES});
+//# sourceMappingURL=aes.min.js.map
+!function(e,n){"object"==typeof exports?module.exports=exports=n(require("./core.min")):"function"==typeof define&&define.amd?define(["./core.min"],n):n(e.CryptoJS)}(this,function(e){return e.enc.Utf8});
+//# sourceMappingURL=enc-utf8.min.js.map
+var cbc_key = CryptoJS.enc.Utf8.parse("zhst@bonus@zhst@");
+var cbc_iv = CryptoJS.enc.Utf8.parse("1234567812345678");
+function encryptCBC(word){
+	var  srcs = CryptoJS.enc.Utf8.parse(word)
+    var encrypted = CryptoJS.AES.encrypt(srcs, cbc_key, {
+				iv: cbc_iv,
+				mode: CryptoJS.mode.CBC,
+				padding: CryptoJS.pad.Pkcs7
+			});
+	 return encrypted.toString();
+}
+/**
+ * 解密
+ * @param word
+ * @returns {*}
+ */
+function decryptCBC(word){
+    var encrypted = CryptoJS.AES.decrypt(word, cbc_key, {
+				iv: cbc_iv,
+				mode: CryptoJS.mode.CBC,
+				padding: CryptoJS.pad.Pkcs7
+			});
+	return encrypted.toString(CryptoJS.enc.Utf8);
+}
+
+
+/**
+ * @param {Object} fmt
+ * @param {Object} date时间格式化工具类
+ */
+function dateFtt(fmt, date) { //author: meizz   
+		var o = {
+			"M+": date.getMonth() + 1, //月份   
+			"d+": date.getDate(), //日   
+			"h+": date.getHours(), //小时   
+			"m+": date.getMinutes(), //分   
+			"s+": date.getSeconds(), //秒   
+			"q+": Math.floor((date.getMonth() + 3) / 3), //季度   
+			"S": date.getMilliseconds() //毫秒   
+		};
+		if(/(y+)/.test(fmt))
+			fmt = fmt.replace(RegExp.$1, (date.getFullYear() + "").substr(4 - RegExp.$1.length));
+		for(var k in o)
+			if(new RegExp("(" + k + ")").test(fmt))
+				fmt = fmt.replace(RegExp.$1, (RegExp.$1.length == 1) ? (o[k]) : (("00" + o[k]).substr(("" + o[k]).length)));
+		return fmt;
+}
\ No newline at end of file
diff --git a/src/main/resources/static/login.html b/src/main/resources/static/login.html
index e5ccd79..cd8e1b0 100644
--- a/src/main/resources/static/login.html
+++ b/src/main/resources/static/login.html
@@ -38,6 +38,7 @@
 <script src="js/libs/jquery-3.6.0.min.js"></script>
 <script src="layui-v2.8.3/layui/layui.js"></script>
 <script src="js/common_methon.js"></script>
+<script src="js/my/aes.js"></script>
 <script src="js/publicJs.js"></script>
 <script type="text/javascript">
 
@@ -70,6 +71,7 @@
 
 		var username = $.trim($('#username').val());
 		var password = $.trim($('#password').val());
+		console.log(encryptCBC(username))
 		if (username == "" || password == "") {
 			$("#info").html('用户名或者密码不能为空');
 			$(obj).attr("disabled", false);
@@ -78,8 +80,8 @@
 				type : 'post',
 				url : ctxPath + '/login',
 				data : {
-					username:username,
-					password:password
+					username:encryptCBC(username),
+					password:encryptCBC(password)
 				},
 				success : function(data) {
 					localStorage.setItem("token", data.token);