秘钥信息写入到命令行
This commit is contained in:
parent
b7a8f2464f
commit
1864799d3b
|
|
@ -96,6 +96,10 @@ public class ElePropertyConfig {
|
|||
@Value("${file.enc.passwd}")
|
||||
private String fileEncPasswd;
|
||||
|
||||
@Getter
|
||||
@Value("${login.enc.passwd}")
|
||||
private String loginEncPasswd;
|
||||
|
||||
public String getAiFileUploadStoreDir() {
|
||||
if (EleCommonUtil.isWinOs()) {
|
||||
return FileUtil.normalize(winPrefix + File.separator + aiFileUploadStoreDir);
|
||||
|
|
|
|||
|
|
@ -145,7 +145,7 @@ public class LoginInterceptor implements HandlerInterceptor {
|
|||
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
|
||||
return false;
|
||||
} else {
|
||||
Claims claims = TokenUtil.getLoginInfo(token);
|
||||
Claims claims = TokenUtil.getLoginInfo(token, elePropertyConfig.getLoginEncPasswd());
|
||||
if (claims == null) {
|
||||
log.error("User info is missing, uri is --->{}", uri);
|
||||
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
|
||||
|
|
|
|||
|
|
@ -16,6 +16,7 @@ import com.electromagnetic.industry.software.common.exception.BizException;
|
|||
import com.electromagnetic.industry.software.common.pojo.UserLoginInfo;
|
||||
import com.electromagnetic.industry.software.common.resp.ElectromagneticResult;
|
||||
import com.electromagnetic.industry.software.common.util.*;
|
||||
import com.electromagnetic.industry.software.manage.config.ElePropertyConfig;
|
||||
import com.electromagnetic.industry.software.manage.mapper.RoleMapper;
|
||||
import com.electromagnetic.industry.software.manage.mapper.TokenMapper;
|
||||
import com.electromagnetic.industry.software.manage.mapper.UserMapper;
|
||||
|
|
@ -58,6 +59,8 @@ public class UserServiceImpl extends ServiceImpl<UserMapper, User> implements Us
|
|||
private RoleMapper roleMapper;
|
||||
@Resource
|
||||
private EdFileFavoriteService edFileFavoriteService;
|
||||
@Resource
|
||||
private ElePropertyConfig elePropertyConfig;
|
||||
|
||||
/**
|
||||
* 用户登录
|
||||
|
|
@ -68,7 +71,7 @@ public class UserServiceImpl extends ServiceImpl<UserMapper, User> implements Us
|
|||
@Override
|
||||
public ElectromagneticResult<?> login(UserLoginRequest loginRequest) {
|
||||
UserLoginInfo info = UserMappers.INSTANCE.getUserLoginRequestToModel(loginRequest);
|
||||
String decodePwd = AESUtils.decrypt(info.getUserPwd(), UserConstants.SECRET_KEY);
|
||||
String decodePwd = AESUtils.decrypt(info.getUserPwd(), elePropertyConfig.getLoginEncPasswd());
|
||||
LambdaQueryWrapper<User> queryWrapper = new LambdaQueryWrapper<>();
|
||||
queryWrapper.eq(User::getWorkNumber, info.getWorkNumber())
|
||||
.eq(User::getEffectFlag, EffectFlagEnum.EFFECT.code);
|
||||
|
|
@ -120,7 +123,7 @@ public class UserServiceImpl extends ServiceImpl<UserMapper, User> implements Us
|
|||
.addClaims(claims)
|
||||
.setId(UUID.randomUUID().toString())
|
||||
.setIssuedAt(DateTime.now())
|
||||
.signWith(SignatureAlgorithm.HS512, UserConstants.SECRET_KEY)
|
||||
.signWith(SignatureAlgorithm.HS512, elePropertyConfig.getLoginEncPasswd())
|
||||
.compact();
|
||||
}
|
||||
|
||||
|
|
@ -323,7 +326,7 @@ public class UserServiceImpl extends ServiceImpl<UserMapper, User> implements Us
|
|||
public ElectromagneticResult<?> changePassword(String userId, String newPassword) {
|
||||
User user = this.getById(userId);
|
||||
Assert.notNull(user, StrFormatter.format("用户ID {} 无效", userId));
|
||||
String decodeNewPwd = AESUtils.decrypt(newPassword, UserConstants.SECRET_KEY);
|
||||
String decodeNewPwd = AESUtils.decrypt(newPassword, elePropertyConfig.getLoginEncPasswd());
|
||||
|
||||
Assert.isTrue(!decodeNewPwd.contains(user.getUserAccount()), "密码最小长度为8,必须至少包含一个大写字母、一个小写字母、一个特殊字符、数字、不可包含账号");
|
||||
Assert.isTrue(EleCommonUtil.isPwdValid(decodeNewPwd), "密码最小长度为8,必须至少包含一个大写字母、一个小写字母、一个特殊字符、数字、不可包含账号");
|
||||
|
|
@ -418,7 +421,7 @@ public class UserServiceImpl extends ServiceImpl<UserMapper, User> implements Us
|
|||
Assert.notNull(user, StrFormatter.format("用户不存在,ID为 {}", userId));
|
||||
|
||||
// 解密并验证密码
|
||||
String decodeOldPwd = AESUtils.decrypt(oldInputPassword, UserConstants.SECRET_KEY);
|
||||
String decodeOldPwd = AESUtils.decrypt(oldInputPassword, elePropertyConfig.getLoginEncPasswd());
|
||||
Boolean isValid = matchPassword(user, decodeOldPwd);
|
||||
UserThreadLocal.setSuccessInfo("", "", "校验原始密码,当前密码与原始密码匹配结果 {}", isValid ? "通过" : "不通过");
|
||||
return ElectromagneticResultUtil.success(isValid);
|
||||
|
|
|
|||
|
|
@ -64,3 +64,4 @@ backup.mysql.path=/workspace/mysqlbak/test
|
|||
backup.mysql.script.path=/workspace/mysqlbak/back_dev.sh
|
||||
|
||||
file.enc.passwd=123456
|
||||
login.enc.passwd=123456
|
||||
|
|
@ -22,11 +22,6 @@ public interface UserConstants {
|
|||
*/
|
||||
long DEFAULT_EXPIRE_TIME = 7 * 24 * 60 * 60 * 1000;
|
||||
|
||||
/**
|
||||
* 令牌密钥
|
||||
*/
|
||||
String SECRET_KEY = "5JKRGV0QO4WK1WCWVK55YEU0A1NPOXOP";
|
||||
|
||||
/**
|
||||
* 令牌前缀
|
||||
*/
|
||||
|
|
|
|||
|
|
@ -12,9 +12,9 @@ public class TokenUtil {
|
|||
* @param token
|
||||
* @return
|
||||
*/
|
||||
public static Claims getLoginInfo(String token) {
|
||||
public static Claims getLoginInfo(String token, String loginEncode) {
|
||||
return Jwts.parser()
|
||||
.setSigningKey(UserConstants.SECRET_KEY)
|
||||
.setSigningKey(loginEncode)
|
||||
.parseClaimsJws(token)
|
||||
.getBody();
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue