From 1864799d3bb67c609f0df6e1124df8e27826cf39 Mon Sep 17 00:00:00 2001 From: chenxudong Date: Thu, 16 Oct 2025 10:02:29 +0800 Subject: [PATCH] =?UTF-8?q?=E7=A7=98=E9=92=A5=E4=BF=A1=E6=81=AF=E5=86=99?= =?UTF-8?q?=E5=85=A5=E5=88=B0=E5=91=BD=E4=BB=A4=E8=A1=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../software/manage/config/ElePropertyConfig.java | 4 ++++ .../software/manage/config/LoginInterceptor.java | 2 +- .../manage/service/serviceimpl/UserServiceImpl.java | 11 +++++++---- .../src/main/resources/application.properties | 3 ++- .../industry/software/common/cons/UserConstants.java | 5 ----- .../industry/software/common/util/TokenUtil.java | 4 ++-- 6 files changed, 16 insertions(+), 13 deletions(-) diff --git a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/config/ElePropertyConfig.java b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/config/ElePropertyConfig.java index d81acf9..76acba6 100644 --- a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/config/ElePropertyConfig.java +++ b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/config/ElePropertyConfig.java @@ -96,6 +96,10 @@ public class ElePropertyConfig { @Value("${file.enc.passwd}") private String fileEncPasswd; + @Getter + @Value("${login.enc.passwd}") + private String loginEncPasswd; + public String getAiFileUploadStoreDir() { if (EleCommonUtil.isWinOs()) { return FileUtil.normalize(winPrefix + File.separator + aiFileUploadStoreDir); diff --git a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/config/LoginInterceptor.java b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/config/LoginInterceptor.java index 4e80148..1e81235 100644 --- a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/config/LoginInterceptor.java +++ b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/config/LoginInterceptor.java @@ -145,7 +145,7 @@ public class LoginInterceptor implements HandlerInterceptor { response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); return false; } else { - Claims claims = TokenUtil.getLoginInfo(token); + Claims claims = TokenUtil.getLoginInfo(token, elePropertyConfig.getLoginEncPasswd()); if (claims == null) { log.error("User info is missing, uri is --->{}", uri); response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); diff --git a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/serviceimpl/UserServiceImpl.java b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/serviceimpl/UserServiceImpl.java index 0bd8261..6773a78 100644 --- a/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/serviceimpl/UserServiceImpl.java +++ b/electrmangnetic/src/main/java/com/electromagnetic/industry/software/manage/service/serviceimpl/UserServiceImpl.java @@ -16,6 +16,7 @@ import com.electromagnetic.industry.software.common.exception.BizException; import com.electromagnetic.industry.software.common.pojo.UserLoginInfo; import com.electromagnetic.industry.software.common.resp.ElectromagneticResult; import com.electromagnetic.industry.software.common.util.*; +import com.electromagnetic.industry.software.manage.config.ElePropertyConfig; import com.electromagnetic.industry.software.manage.mapper.RoleMapper; import com.electromagnetic.industry.software.manage.mapper.TokenMapper; import com.electromagnetic.industry.software.manage.mapper.UserMapper; @@ -58,6 +59,8 @@ public class UserServiceImpl extends ServiceImpl implements Us private RoleMapper roleMapper; @Resource private EdFileFavoriteService edFileFavoriteService; + @Resource + private ElePropertyConfig elePropertyConfig; /** * 用户登录 @@ -68,7 +71,7 @@ public class UserServiceImpl extends ServiceImpl implements Us @Override public ElectromagneticResult login(UserLoginRequest loginRequest) { UserLoginInfo info = UserMappers.INSTANCE.getUserLoginRequestToModel(loginRequest); - String decodePwd = AESUtils.decrypt(info.getUserPwd(), UserConstants.SECRET_KEY); + String decodePwd = AESUtils.decrypt(info.getUserPwd(), elePropertyConfig.getLoginEncPasswd()); LambdaQueryWrapper queryWrapper = new LambdaQueryWrapper<>(); queryWrapper.eq(User::getWorkNumber, info.getWorkNumber()) .eq(User::getEffectFlag, EffectFlagEnum.EFFECT.code); @@ -120,7 +123,7 @@ public class UserServiceImpl extends ServiceImpl implements Us .addClaims(claims) .setId(UUID.randomUUID().toString()) .setIssuedAt(DateTime.now()) - .signWith(SignatureAlgorithm.HS512, UserConstants.SECRET_KEY) + .signWith(SignatureAlgorithm.HS512, elePropertyConfig.getLoginEncPasswd()) .compact(); } @@ -323,7 +326,7 @@ public class UserServiceImpl extends ServiceImpl implements Us public ElectromagneticResult changePassword(String userId, String newPassword) { User user = this.getById(userId); Assert.notNull(user, StrFormatter.format("用户ID {} 无效", userId)); - String decodeNewPwd = AESUtils.decrypt(newPassword, UserConstants.SECRET_KEY); + String decodeNewPwd = AESUtils.decrypt(newPassword, elePropertyConfig.getLoginEncPasswd()); Assert.isTrue(!decodeNewPwd.contains(user.getUserAccount()), "密码最小长度为8,必须至少包含一个大写字母、一个小写字母、一个特殊字符、数字、不可包含账号"); Assert.isTrue(EleCommonUtil.isPwdValid(decodeNewPwd), "密码最小长度为8,必须至少包含一个大写字母、一个小写字母、一个特殊字符、数字、不可包含账号"); @@ -418,7 +421,7 @@ public class UserServiceImpl extends ServiceImpl implements Us Assert.notNull(user, StrFormatter.format("用户不存在,ID为 {}", userId)); // 解密并验证密码 - String decodeOldPwd = AESUtils.decrypt(oldInputPassword, UserConstants.SECRET_KEY); + String decodeOldPwd = AESUtils.decrypt(oldInputPassword, elePropertyConfig.getLoginEncPasswd()); Boolean isValid = matchPassword(user, decodeOldPwd); UserThreadLocal.setSuccessInfo("", "", "校验原始密码,当前密码与原始密码匹配结果 {}", isValid ? "通过" : "不通过"); return ElectromagneticResultUtil.success(isValid); diff --git a/electrmangnetic/src/main/resources/application.properties b/electrmangnetic/src/main/resources/application.properties index 8cbf02e..fe3b883 100644 --- a/electrmangnetic/src/main/resources/application.properties +++ b/electrmangnetic/src/main/resources/application.properties @@ -63,4 +63,5 @@ backup.remote.port=1111 backup.mysql.path=/workspace/mysqlbak/test backup.mysql.script.path=/workspace/mysqlbak/back_dev.sh -file.enc.passwd=123456 \ No newline at end of file +file.enc.passwd=123456 +login.enc.passwd=123456 \ No newline at end of file diff --git a/electromagnetic-common/src/main/java/com/electromagnetic/industry/software/common/cons/UserConstants.java b/electromagnetic-common/src/main/java/com/electromagnetic/industry/software/common/cons/UserConstants.java index b153ee2..ed4a99e 100644 --- a/electromagnetic-common/src/main/java/com/electromagnetic/industry/software/common/cons/UserConstants.java +++ b/electromagnetic-common/src/main/java/com/electromagnetic/industry/software/common/cons/UserConstants.java @@ -22,11 +22,6 @@ public interface UserConstants { */ long DEFAULT_EXPIRE_TIME = 7 * 24 * 60 * 60 * 1000; - /** - * 令牌密钥 - */ - String SECRET_KEY = "5JKRGV0QO4WK1WCWVK55YEU0A1NPOXOP"; - /** * 令牌前缀 */ diff --git a/electromagnetic-common/src/main/java/com/electromagnetic/industry/software/common/util/TokenUtil.java b/electromagnetic-common/src/main/java/com/electromagnetic/industry/software/common/util/TokenUtil.java index d9a5ab4..b021c67 100644 --- a/electromagnetic-common/src/main/java/com/electromagnetic/industry/software/common/util/TokenUtil.java +++ b/electromagnetic-common/src/main/java/com/electromagnetic/industry/software/common/util/TokenUtil.java @@ -12,9 +12,9 @@ public class TokenUtil { * @param token * @return */ - public static Claims getLoginInfo(String token) { + public static Claims getLoginInfo(String token, String loginEncode) { return Jwts.parser() - .setSigningKey(UserConstants.SECRET_KEY) + .setSigningKey(loginEncode) .parseClaimsJws(token) .getBody(); }