由于使用若依后台管理系统需要匹配其它平台使用同一套数据库,故需要有相同的加密解密方式,下面分享使用手机号+密码登录且加密解密方式为AES的实现代码。
总体的实现思路是先将若依设置为免密登录,即不使用若依自带的加密解密方式,然后再加入AES方式
修改身份认证接口
在SecurityConfig.java文件中找到身份认证接口函数做下述修改
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception
{
//添加自己的身份验证类,userDetailsService这个可以自己在重新定义根据那个字段验证用户存在与否
auth.authenticationProvider(new CustomLoginAuthenticationProvider(userDetailsService));
auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder());
}
SysLoginController.java
这里重新链接一下要使用的登录验证函数
@Autowired
private ILoginService LoginService;
@PostMapping("/login")
public AjaxResult login(@RequestBody LoginBody loginBody) throws Exception
{
AjaxResult ajax = AjaxResult.success();
//注意此处调用了LoginService.loginByMobile,需要自己添加
String token = LoginService.loginByMobile(loginBody.getUsername(), loginBody.getPassword(), loginBody.getCode(),
loginBody.getUuid());
ajax.put(Constants.TOKEN, token);
return ajax;
}
ILoginService.java
package com.ruoyi.framework.web.service;
public interface ILoginService {
String loginByMobile(String username, String password, String code, String uuid) throws Exception;
}
LoginServiceImpl.java
此文件是实现的关键
package com.ruoyi.framework.web.service;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import com.ruoyi.common.constant.Constants;
import com.ruoyi.common.core.domain.entity.SysUser;
import com.ruoyi.common.core.domain.model.LoginUser;
import com.ruoyi.common.core.redis.RedisCache;
import com.ruoyi.common.exception.CustomException;
import com.ruoyi.common.exception.user.CaptchaException;
import com.ruoyi.common.exception.user.CaptchaExpireException;
import com.ruoyi.common.exception.user.UserPasswordNotMatchException;
import com.ruoyi.common.utils.MessageUtils;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.framework.manager.AsyncManager;
import com.ruoyi.framework.manager.factory.AsyncFactory;
import com.ruoyi.system.service.ISysUserService;
import com.ruoyi.web.controller.tool.AESForNodejs;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Service;
import javax.annotation.Resource;
@Service
public class LoginServiceImpl implements ILoginService {
private static final Logger log = LoggerFactory.getLogger(UserDetailsServiceImpl.class);
@Autowired
private TokenService tokenService;
@Resource
private AuthenticationManager authenticationManager;
@Autowired
private ISysUserService userService;
@Autowired
private RedisCache redisCache;
public static final String CUSTOM_LOGIN_SMS = "CUSTOM_LOGIN_SMS";
public String loginByMobile(String account, String password, String code, String uuid) throws Exception{
String verifyKey = Constants.CAPTCHA_CODE_KEY + uuid;
String captcha = redisCache.getCacheObject(verifyKey);
redisCache.deleteObject(verifyKey);
//校验验证码是否正确
if (captcha == null)
{
AsyncManager.me().execute(AsyncFactory.recordLogininfor(account, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.expire")));
throw new CaptchaExpireException();
}
if (!code.equalsIgnoreCase(captcha))
{
AsyncManager.me().execute(AsyncFactory.recordLogininfor(account, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.error")));
throw new CaptchaException();
}
//通过手机号或许数据库中储存的用户信息
SysUser user = userService.selectUserByAccount(account);
if (StringUtils.isNull(user))
{
log.info("登录用户:{} 不存在.", account);
return loginVerify(account,Constants.LOGIN_FAIL);
}
//解密,判断与数据库中储存的密码是否相同,此处使用AES进行加密解密
String db_password = AESForNodejs.decrypt(user.getPassword());
if(!db_password.equals(password)) {
log.info("登录用户:{} 密码错误.", account);
return loginVerify(account,Constants.LOGIN_FAIL);
}
//TODO 2、用户验证
return loginVerify(account,Constants.CUSTOM_LOGIN_SMS);
}
private String loginVerify(String userName,String passWord) {
//TODO 1、用户验证
Authentication authentication = null;
try {
//TODO 1.1该方法会去调用UserDetailsServiceImpl.loadUserByUsername
authentication = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(userName, passWord));
} catch (Exception e) {
if (e instanceof BadCredentialsException) {
AsyncManager.me().execute(AsyncFactory.recordLogininfor(userName, Constants.LOGIN_FAIL, MessageUtils.message("user.password.not.match")));
throw new UserPasswordNotMatchException();
} else {
AsyncManager.me().execute(AsyncFactory.recordLogininfor(userName, Constants.LOGIN_FAIL, e.getMessage()));
throw new CustomException(e.getMessage());
}
}
AsyncManager.me().execute(AsyncFactory.recordLogininfor(userName, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success")));
LoginUser loginUser = (LoginUser) authentication.getPrincipal();
//TODO 2、生成token
return tokenService.createToken(loginUser);
}
}
①由于在LoginServiceImpl.java文件中定义了免密常量,所以需要在Constants文件中增加免密常量
public static final String CUSTOM_LOGIN_SMS = "CUSTOM_LOGIN_SMS";
②由于在LoginServiceImpl.java文件中使用了自定义的AES解密方式,所以需要定义该类
AESForNodejs.javapackage com.ruoyi.web.controller.tool;
import java.security.MessageDigest;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
public class AESForNodejs {
public static final String DEFAULT_CODING = "utf-8";
public static String decrypt(String encrypted) throws Exception {
String seed = "1234567887654321";
byte[] keyb = seed.getBytes(DEFAULT_CODING);
MessageDigest md = MessageDigest.getInstance("MD5");
byte[] thedigest = md.digest(keyb);
SecretKeySpec skey = new SecretKeySpec(thedigest, "AES");
Cipher dcipher = Cipher.getInstance("AES");
dcipher.init(Cipher.DECRYPT_MODE, skey);
byte[] clearbyte = dcipher.doFinal(toByte(encrypted));
return new String(clearbyte);
}
public static String encrypt(String content) throws Exception {
String key = "1234567887654321";
byte[] input = content.getBytes(DEFAULT_CODING);
MessageDigest md = MessageDigest.getInstance("MD5");
byte[] thedigest = md.digest(key.getBytes(DEFAULT_CODING));
SecretKeySpec skc = new SecretKeySpec(thedigest, "AES");
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, skc);
byte[] cipherText = new byte[cipher.getOutputSize(input.length)];
int ctLength = cipher.update(input, 0, input.length, cipherText, 0);
ctLength += cipher.doFinal(cipherText, ctLength);
return parseByte2HexStr(cipherText);
}
private static byte[] toByte(String hexString) {
int len = hexString.length() / 2;
byte[] result = new byte[len];
for (int i = 0; i < len; i++) {
result[i] = Integer.valueOf(hexString.substring(2 * i, 2 * i + 2), 16).bytevalue();
}
return result;
}
private static String parseByte2HexStr(byte buf[]) {
StringBuffer sb = new StringBuffer();
for (int i = 0; i < buf.length; i++) {
String hex = Integer.toHexString(buf[i] & 0xFF);
if (hex.length() == 1) {
hex = '0' + hex;
}
sb.append(hex);
}
return sb.toString();
}
}
如此输入手机号+密码便可以实现特定方式的加密解密登录!
