From f8b304d2470de55d2292201d5314543ce39f8d4a Mon Sep 17 00:00:00 2001
From: realize1020 <46668485+realize1020@users.noreply.github.com>
Date: Wed, 27 Mar 2024 14:06:19 +0800
Subject: [PATCH] =?UTF-8?q?=E7=99=BB=E5=BD=95=E6=8E=A5=E5=8F=A3=E6=94=B9?=
=?UTF-8?q?=E9=80=A0=EF=BC=8C=E4=BF=AE=E6=94=B9=E5=AF=86=E7=A0=81=E6=8E=A5?=
=?UTF-8?q?=E5=8F=A3=E5=A2=9E=E5=8A=A0=E4=BA=8C=E6=AC=A1=E5=AF=86=E6=96=87?=
=?UTF-8?q?=E6=A0=A1=E9=AA=8C?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
.../gx/obe/server/common/utils/DESUtils.java | 177 ++++++++++++++++++
.../obe/server/config/WebConfiguration.java | 1 +
.../user/controller/AuthUserController.java | 51 ++++-
.../resources/application-jingnengjituan.yml | 2 +-
.../application-jingnengjituanTest.yml | 2 +-
5 files changed, 226 insertions(+), 7 deletions(-)
create mode 100644 com.gx.obe.service/src/main/java/com/gx/obe/server/common/utils/DESUtils.java
diff --git a/com.gx.obe.service/src/main/java/com/gx/obe/server/common/utils/DESUtils.java b/com.gx.obe.service/src/main/java/com/gx/obe/server/common/utils/DESUtils.java
new file mode 100644
index 0000000..9fc7052
--- /dev/null
+++ b/com.gx.obe.service/src/main/java/com/gx/obe/server/common/utils/DESUtils.java
@@ -0,0 +1,177 @@
+package com.gx.obe.server.common.utils;
+
+import javax.crypto.Cipher;
+import javax.crypto.SecretKey;
+import javax.crypto.SecretKeyFactory;
+import javax.crypto.spec.DESKeySpec;
+import java.security.SecureRandom;
+
+/**
+ * DESåŠ å¯†å·¥å…·
+ */
+public class DESUtils {
+ private final static String DES = "DES";
+ public final static String key = "HLJ$@&!^%$ZJK";
+ /**
+ * åŠ å¯†
+ *
+ * @param src æ•°æ®æº
+ * @param key 密钥,长度必须是8çš„å€æ•°
+ * @return è¿”å›žåŠ å¯†åŽçš„æ•°æ®
+ * @throws Exception
+ */
+ public static byte[] encrypt(byte[] src, byte[] key)
+ throws RuntimeException {
+ // DES算法è¦æ±‚有一个å¯ä¿¡ä»»çš„éšæœºæ•°æº
+ try {
+ SecureRandom sr = new SecureRandom();
+ // 从原始密匙数æ®åˆ›å»ºDESKeySpec对象
+ DESKeySpec dks = new DESKeySpec(key);
+ // 创建一个密匙工厂,然åŽç”¨å®ƒæŠŠDESKeySpec转æ¢æˆ
+ // 一个SecretKey对象
+ SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(DES);
+ SecretKey securekey = keyFactory.generateSecret(dks);
+ // Cipher对象实际完æˆåŠ 密æ“作
+ Cipher cipher = Cipher.getInstance(DES);
+ // 用密匙åˆå§‹åŒ–Cipher对象
+ cipher.init(Cipher.ENCRYPT_MODE, securekey, sr);
+ // 现在,获å–æ•°æ®å¹¶åŠ 密
+ // æ£å¼æ‰§è¡ŒåŠ 密æ“作
+ return cipher.doFinal(src);
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+ /**
+ * 解密
+ *
+ * @param src
+ * æ•°æ®æº
+ * @param key
+ * 密钥,长度必须是8çš„å€æ•°
+ * @return 返回解密åŽçš„原始数æ®
+ * @throws Exception
+ */
+ public static byte[] decrypt(byte[] src, byte[] key)
+ throws RuntimeException {
+ try {
+ // DES算法è¦æ±‚有一个å¯ä¿¡ä»»çš„éšæœºæ•°æº
+ SecureRandom sr = new SecureRandom();
+ // 从原始密匙数æ®åˆ›å»ºä¸€ä¸ªDESKeySpec对象
+ DESKeySpec dks = new DESKeySpec(key);
+ // 创建一个密匙工厂,然åŽç”¨å®ƒæŠŠDESKeySpec对象转æ¢æˆ
+ // 一个SecretKey对象
+ SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(DES);
+ SecretKey securekey = keyFactory.generateSecret(dks);
+ // Cipher对象实际完æˆè§£å¯†æ“作
+ Cipher cipher = Cipher.getInstance(DES);
+ // 用密匙åˆå§‹åŒ–Cipher对象
+ cipher.init(Cipher.DECRYPT_MODE, securekey, sr);
+ // 现在,获å–æ•°æ®å¹¶è§£å¯†
+ // æ£å¼æ‰§è¡Œè§£å¯†æ“作
+ return cipher.doFinal(src);
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+ /**
+ * æ•°æ®è§£å¯†
+ *
+ * @param data
+ * @return
+ * @throws Exception
+ */
+ public final static String decrypt(String data, String enc)
+ throws Exception {
+ return new String(decrypt(hex2byte(data.getBytes(enc)), key.getBytes(enc)),enc);
+ }
+
+ /**
+ * æ•°æ®è§£å¯†
+ *
+ * @param data
+ * @return
+ * @throws Exception
+ */
+ public final static String decrypt(String data)
+ throws Exception {
+ return new String(decrypt(hex2byte(data.getBytes()), key.getBytes()));
+ }
+
+ /**
+ * æ•°æ®åŠ 密
+ *
+ * @param data
+ * @return
+ * @throws Exception
+ */
+ public final static String encrypt(String data) {
+ if (data != null)
+ try {
+ return byte2hex(encrypt(data.getBytes(), key.getBytes()));
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ }
+ return null;
+ }
+ /**
+ * æ•°æ®åŠ 密
+ *
+ * @param data
+ * @param enc
+ * 密钥
+ * @return
+ * @throws Exception
+ */
+ public final static String encrypt(String data, String enc) {
+ if (data != null)
+ try {
+ return byte2hex(encrypt(data.getBytes(enc), key.getBytes(enc)));
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ }
+ return null;
+ }
+ /**
+ * 二行制转å—符串
+ *
+ * @param b
+ * @return
+ */
+ private static String byte2hex(byte[] b) {
+ StringBuilder hs = new StringBuilder();
+ String stmp;
+ for (int n = 0; b != null && n < b.length; n++) {
+ stmp = Integer.toHexString(b[n] & 0XFF);
+ if (stmp.length() == 1)
+ hs.append('0');
+ hs.append(stmp);
+ }
+ return hs.toString().toUpperCase();
+ }
+
+ private static byte[] hex2byte(byte[] b) {
+ if ((b.length % 2) != 0)
+ throw new IllegalArgumentException();
+ byte[] b2 = new byte[b.length / 2];
+ for (int n = 0; n < b.length; n += 2) {
+ String item = new String(b, n, 2);
+ b2[n / 2] = (byte) Integer.parseInt(item, 16);
+ }
+ return b2;
+ }
+
+ public static void main(String[] args) throws Exception {
+ String content = "";
+ System.out.println("åŠ å¯†å‰ï¼š" + content);
+ // åŠ å¯†
+ String encryptResult = encrypt(content);
+ System.out.println("åŠ å¯†åŽï¼š" + encryptResult);
+ // 解密
+ String decryptResult = decrypt(encryptResult);
+ System.out.println("解密åŽï¼š" + decryptResult);
+ }
+
+}
diff --git a/com.gx.obe.service/src/main/java/com/gx/obe/server/config/WebConfiguration.java b/com.gx.obe.service/src/main/java/com/gx/obe/server/config/WebConfiguration.java
index 47b5e88..c7cb740 100644
--- a/com.gx.obe.service/src/main/java/com/gx/obe/server/config/WebConfiguration.java
+++ b/com.gx.obe.service/src/main/java/com/gx/obe/server/config/WebConfiguration.java
@@ -50,6 +50,7 @@ public class WebConfiguration implements WebMvcConfigurer {
excludePath.add("/tripartiteFunction/bidata/**");
excludePath.add("/tenderProject/copyTenderProject");
excludePath.add("/authUser/updatePhone");
+ excludePath.add("/authUser/updatePassword");
registry.addInterceptor(tokenInterceptor)
.addPathPatterns("/**")
.excludePathPatterns(excludePath);
diff --git a/com.gx.obe.service/src/main/java/com/gx/obe/server/management/user/controller/AuthUserController.java b/com.gx.obe.service/src/main/java/com/gx/obe/server/management/user/controller/AuthUserController.java
index 53f100e..2c9298c 100644
--- a/com.gx.obe.service/src/main/java/com/gx/obe/server/management/user/controller/AuthUserController.java
+++ b/com.gx.obe.service/src/main/java/com/gx/obe/server/management/user/controller/AuthUserController.java
@@ -1,11 +1,20 @@
package com.gx.obe.server.management.user.controller;
+import java.util.HashMap;
import java.util.List;
+import java.util.Map;
import java.util.Objects;
import javax.servlet.http.HttpServletRequest;
+import com.google.gson.JsonObject;
+import com.google.gson.JsonParser;
+import com.gx.obe.http.HttpUtil;
+import com.gx.obe.http.json.JsonUtil;
+import com.gx.obe.server.common.utils.DESUtils;
+import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
@@ -51,6 +60,7 @@ import io.swagger.annotations.Api;
* @Copyright: 2019 www.msypro.com Inc. All rights reserved.
*
*/
+@Slf4j
@Api(tags = "用户模å—")
@RestController
@RequestMapping("/authUser")
@@ -60,6 +70,9 @@ public class AuthUserController extends BaseController<AuthUserService,AuthUser
public AuthUserService authUserService;
@Autowired
public AuthRoleService authRoleService;
+
+ @Value("${platformVarifyURL}")
+ private String varifyUrl;
@PostMapping("/updateUser")
@@ -99,10 +112,31 @@ public class AuthUserController extends BaseController<AuthUserService,AuthUser
@GetMapping("/updatePassword")
@SysLogAnnotation(detail="修改密ç ",level = 0,operationType = OperationType.UPDATE)
- public boolean updatePassword(String userAccount , String userPassword){
- UpdateWrapper<AuthUserEntity> updateWrapper = new UpdateWrapper<>();
- updateWrapper.lambda().set(AuthUserEntity::getUserPassword, userPassword).set(AuthUserEntity::getModifyTime, NowTimeUtils.getNowDate()).eq(AuthUserEntity::getUserAccount, userAccount);
- return authUserService.update(updateWrapper);
+ public boolean updatePassword(String userAccount , String userPassword,String code){
+
+ Map<String, Object> paramMap = new HashMap<String, Object>();
+ paramMap.put("checkUserLogin",code);
+
+ try {
+ String resultJson = HttpUtil.post(varifyUrl, paramMap,50000);
+ JsonParser jsonParser=new JsonParser();
+ JsonObject bodyObject = jsonParser.parse(resultJson).getAsJsonObject();
+ JsonObject dataObject = bodyObject.getAsJsonObject("data");
+ String data = dataObject.get("data").getAsString();
+ String decrypt = DESUtils.decrypt(data, "utf-8");
+ Map<String,String> resultMap = JsonUtil.strToMap(decrypt);
+ if(resultMap.get("ret").equals("0")) {
+ UpdateWrapper<AuthUserEntity> updateWrapper = new UpdateWrapper<>();
+ updateWrapper.lambda().set(AuthUserEntity::getUserPassword, userPassword).set(AuthUserEntity::getModifyTime, NowTimeUtils.getNowDate()).eq(AuthUserEntity::getUserAccount, userAccount);
+ return authUserService.update(updateWrapper);
+ }
+ } catch (Exception e) {
+ log.error(e.getMessage());
+ return false;
+ }
+
+ return false;
+
}
/**
@@ -141,6 +175,8 @@ public class AuthUserController extends BaseController<AuthUserService,AuthUser
}
}
return null;
+
+
}
@PostMapping("/loginRemote")
@@ -372,8 +408,13 @@ public class AuthUserController extends BaseController<AuthUserService,AuthUser
vo.setAtuokthen(TokenUtil.sign(user,request));
return new Result<AuthUserVo>(vo, "登录陈功!", Result.SUCCESS);
}else {
+// AuthUserVo vo = new AuthUserVo();
+// vo.setAuthUserEntity(user);
+// return new Result<AuthUserVo>(vo, "密ç 错误",Result.FAIL);
AuthUserVo vo = new AuthUserVo();
- vo.setAuthUserEntity(user);
+ AuthUserEntity AuthUserEntity = new AuthUserEntity();
+ AuthUserEntity.setUserAccount(USER_ACCOUNT);
+ vo.setAuthUserEntity(AuthUserEntity);
return new Result<AuthUserVo>(vo, "密ç 错误",Result.FAIL);
}
}
diff --git a/com.gx.obe.service/src/main/resources/application-jingnengjituan.yml b/com.gx.obe.service/src/main/resources/application-jingnengjituan.yml
index fde59b6..5ac1f57 100644
--- a/com.gx.obe.service/src/main/resources/application-jingnengjituan.yml
+++ b/com.gx.obe.service/src/main/resources/application-jingnengjituan.yml
@@ -1 +1 @@
-# 设置æœåŠ¡ç«¯å£
server:
port: 9863
spring:
application:
name: com.gx.obe.server
datasource:
driver-class-name: com.mysql.cj.jdbc.Driver
url: jdbc:mysql://rm-2ze9r6bu03h0reqqo.mysql.rds.aliyuncs.com:3306/obe_jnkpb?characterEncoding=utf8&allowMultiQueries=true&useSSL=false&useUnicode=true&useOldAliasMetadataBehavior=true&serverTimezone=Asia/Shanghai
username: jn_kpb
password: am5fa3Bi
logging:
level:
cn.jay.repository: info
# 文件ä¿å˜è·¯å¾„
upload:
folder: /data/kpb/folder
\ No newline at end of file
+# 设置æœåŠ¡ç«¯å£
server:
port: 9863
spring:
application:
name: com.gx.obe.server
datasource:
driver-class-name: com.mysql.cj.jdbc.Driver
url: jdbc:mysql://rm-2ze9r6bu03h0reqqo.mysql.rds.aliyuncs.com:3306/obe_jnkpb?characterEncoding=utf8&allowMultiQueries=true&useSSL=false&useUnicode=true&useOldAliasMetadataBehavior=true&serverTimezone=Asia/Shanghai
username: jn_kpb
password: am5fa3Bi
logging:
level:
cn.jay.repository: info
# 文件ä¿å˜è·¯å¾„
upload:
folder: /data/kpb/folder
platformVarifyURL: https://www.powerbeijing-ec.com/jndzzb/userHS.do?checkEncryptionInfo
\ No newline at end of file
diff --git a/com.gx.obe.service/src/main/resources/application-jingnengjituanTest.yml b/com.gx.obe.service/src/main/resources/application-jingnengjituanTest.yml
index 171b930..29e62f4 100644
--- a/com.gx.obe.service/src/main/resources/application-jingnengjituanTest.yml
+++ b/com.gx.obe.service/src/main/resources/application-jingnengjituanTest.yml
@@ -1 +1 @@
-# 设置æœåŠ¡ç«¯å£
server:
port: 6850
spring:
application:
name: com.gx.obe.server
datasource:
driver-class-name: com.mysql.cj.jdbc.Driver
url: jdbc:mysql://59.110.139.213:6033/obe_jncs?characterEncoding=utf8&allowMultiQueries=true&useSSL=false&useUnicode=true&useOldAliasMetadataBehavior=true&serverTimezone=Asia/Shanghai
username: gxcx-jncs
password: Z3hjeC1qbmNz
logging:
level:
cn.jay.repository: info
# 文件ä¿å˜è·¯å¾„
upload:
folder: folder
\ No newline at end of file
+# 设置æœåŠ¡ç«¯å£
server:
port: 6850
spring:
application:
name: com.gx.obe.server
datasource:
driver-class-name: com.mysql.cj.jdbc.Driver
url: jdbc:mysql://59.110.139.213:6033/obe_jncs?characterEncoding=utf8&allowMultiQueries=true&useSSL=false&useUnicode=true&useOldAliasMetadataBehavior=true&serverTimezone=Asia/Shanghai
username: gxcx-jncs
password: Z3hjeC1qbmNz
logging:
level:
cn.jay.repository: info
# 文件ä¿å˜è·¯å¾„
upload:
folder: folder
platformVarifyURL: https://test.powerbeijing-ec.com/jndzzb/userHS.do?checkEncryptionInfo
\ No newline at end of file
--
2.24.1