jiazhizhong/spring-boot-base-demo
1
0
Fork 0
mirror of https://github.com/RemainderTime/spring-boot-base-demo.git synced 2026-06-09 03:27:42 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into feature/admin-auth-satoken

Browse Source
This commit is contained in:
海言
2026-06-01 15:15:42 +08:00
parent fd4eb04b9b 217e931806
commit 308e27c0f2
4 changed files with 177 additions and 219 deletions
Download Patch File Download Diff File Expand all files Collapse all files

226
src/main/java/cn/xf/basedemo/common/utils/RSAUtils.java
View File

@@ -2,7 +2,12 @@ package cn.xf.basedemo.common.utils;
import javax.crypto.Cipher; import javax.crypto.Cipher;
import java.io.ByteArrayOutputStream; import java.io.ByteArrayOutputStream;
import java.security.*; import java.nio.charset.StandardCharsets;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.interfaces.RSAPrivateKey; import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey; import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException; import java.security.spec.InvalidKeySpecException;
@@ -12,175 +17,118 @@ import java.util.Base64;
import java.util.HashMap; import java.util.HashMap;
import java.util.Map; import java.util.Map;
/**
* @program: xf-boot-base
* @ClassName RSAUtils
* @description: 加密工具类
* @author: xiongfeng
* @create: 2022-06-20 10:37
* **/
public class RSAUtils { public class RSAUtils {
//算法类型
private static final String RSA = "RSA"; private static final String RSA = "RSA";
private static final String RSA_TRANSFORMATION = "RSA/ECB/PKCS1Padding";
private static final int KEY_SIZE = 1024;
//字符编码类型
private static final String CHARSET = "UTF-8";
//加密长度
private static final int ENCRYPT_SIZE = 1024;
/**
* 创建rsa密匙对
*
* @return
*/
private static Map<String, String> createEncryptKey() { private static Map<String, String> createEncryptKey() {
KeyPairGenerator kpg;
try { try {
kpg = KeyPairGenerator.getInstance(RSA); KeyPairGenerator kpg = KeyPairGenerator.getInstance(RSA);
kpg.initialize(KEY_SIZE);
KeyPair keyPair = kpg.generateKeyPair();
PublicKey publicKey = keyPair.getPublic();
PrivateKey privateKey = keyPair.getPrivate();
Map<String, String> map = new HashMap<>();
map.put("publicKey", Base64.getEncoder().encodeToString(publicKey.getEncoded()));
map.put("privateKey", Base64.getEncoder().encodeToString(privateKey.getEncoded()));
return map;
} catch (Exception e) { } catch (Exception e) {
throw new IllegalArgumentException(); throw new IllegalArgumentException("create RSA key pair failed", e);
} }
kpg.initialize(ENCRYPT_SIZE);
KeyPair keyPair = kpg.generateKeyPair();
PublicKey aPublic = keyPair.getPublic();
String publicKey = Base64.getUrlEncoder().withoutPadding().encodeToString(aPublic.getEncoded());
PrivateKey aPrivate = keyPair.getPrivate();
String privateKey = Base64.getUrlEncoder().withoutPadding().encodeToString(aPrivate.getEncoded());
Map<String, String> map = new HashMap<>();
map.put("publicKey", publicKey);
map.put("privateKey", privateKey);
return map;
} }
/** public static RSAPublicKey getPublicKey(String publicKeyStr) throws InvalidKeySpecException {
* 获取ras公匙
*
* @param publicKeyStr 公匙加密字符串
* @return
* @throws NoSuchAlgorithmException
* @throws InvalidKeySpecException
*/
public static RSAPublicKey getPublicKey(String publicKeyStr) throws NoSuchAlgorithmException, InvalidKeySpecException {
// 通过X509编码的Key指令获得公钥对象
KeyFactory keyFactory = KeyFactory.getInstance(RSA);
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(Base64.getUrlDecoder().decode(publicKeyStr));
RSAPublicKey key = (RSAPublicKey) keyFactory.generatePublic(x509KeySpec);
return key;
}
/**
* 获取ras私匙
*
* @param privateKeyStr 私匙加密字符串
* @return
* @throws NoSuchAlgorithmException
* @throws InvalidKeySpecException
*/
public static RSAPrivateKey getPrivateKey(String privateKeyStr) throws NoSuchAlgorithmException, InvalidKeySpecException {
KeyFactory keyFactory = KeyFactory.getInstance(RSA);
PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(Base64.getUrlDecoder().decode(privateKeyStr));
RSAPrivateKey privateKey = (RSAPrivateKey) keyFactory.generatePrivate(pkcs8EncodedKeySpec);
return privateKey;
}
/**
* 公匙加密
*
* @param data 字符串
* @param publicKey
* @return
*/
public static String publicEncrypt(String data, RSAPublicKey publicKey) {
try { try {
KeyFactory keyFactory = KeyFactory.getInstance(RSA);
Cipher cipher = Cipher.getInstance(RSA); X509EncodedKeySpec keySpec = new X509EncodedKeySpec(decodeBase64(publicKeyStr));
cipher.init(Cipher.ENCRYPT_MODE, publicKey); return (RSAPublicKey) keyFactory.generatePublic(keySpec);
} catch (InvalidKeySpecException e) {
byte[] bytes = cipher.doFinal(data.getBytes()); throw e;
return Base64.getUrlEncoder().withoutPadding().encodeToString(bytes);
} catch (Exception e) { } catch (Exception e) {
throw new RuntimeException(); throw new InvalidKeySpecException("invalid RSA public key", e);
}
}
public static RSAPrivateKey getPrivateKey(String privateKeyStr) throws InvalidKeySpecException {
try {
KeyFactory keyFactory = KeyFactory.getInstance(RSA);
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(decodeBase64(privateKeyStr));
return (RSAPrivateKey) keyFactory.generatePrivate(keySpec);
} catch (InvalidKeySpecException e) {
throw e;
} catch (Exception e) {
throw new InvalidKeySpecException("invalid RSA private key", e);
}
}
public static String publicEncrypt(String data, RSAPublicKey publicKey) {
try {
Cipher cipher = Cipher.getInstance(RSA_TRANSFORMATION);
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
byte[] encrypted = rsaSplitCodec(cipher, Cipher.ENCRYPT_MODE,
data.getBytes(StandardCharsets.UTF_8), publicKey.getModulus().bitLength());
return Base64.getEncoder().encodeToString(encrypted);
} catch (Exception e) {
throw new RuntimeException("RSA encrypt failed", e);
} }
} }
public static String privateDecryption(String data, RSAPrivateKey privateKey) { public static String privateDecryption(String data, RSAPrivateKey privateKey) {
try { try {
Cipher cipher = Cipher.getInstance(RSA); Cipher cipher = Cipher.getInstance(RSA_TRANSFORMATION);
cipher.init(Cipher.DECRYPT_MODE, privateKey); cipher.init(Cipher.DECRYPT_MODE, privateKey);
byte[] decrypted = rsaSplitCodec(cipher, Cipher.DECRYPT_MODE,
return new String(rsaSplitCodec(cipher, Cipher.DECRYPT_MODE, Base64.getUrlDecoder().decode(data.getBytes(CHARSET)), privateKey.getModulus().bitLength()), CHARSET); decodeBase64(data), privateKey.getModulus().bitLength());
return new String(decrypted, StandardCharsets.UTF_8);
} catch (Exception e) { } catch (Exception e) {
throw new RuntimeException("解密字符串[" + data + "]时遇到异常", e); throw new RuntimeException("RSA decrypt failed", e);
} }
} }
//rsa切割解码 , ENCRYPT_MODE,加密数据 ,DECRYPT_MODE,解密数据 private static byte[] decodeBase64(String data) {
private static byte[] rsaSplitCodec(Cipher cipher, int opmode, byte[] datas, int keySize) { String normalizedData = data.replaceAll("\\s", "");
int maxBlock = 0; //最大块 try {
if (opmode == Cipher.DECRYPT_MODE) { return Base64.getDecoder().decode(normalizedData);
maxBlock = keySize / 8; } catch (IllegalArgumentException e) {
} else { return Base64.getUrlDecoder().decode(normalizedData);
maxBlock = keySize / 8 - 11;
} }
int offSet = 0; }
int i = 0;
private static byte[] rsaSplitCodec(Cipher cipher, int opmode, byte[] datas, int keySize) {
int maxBlock = opmode == Cipher.DECRYPT_MODE ? keySize / 8 : keySize / 8 - 11;
int offset = 0;
int index = 0;
try (ByteArrayOutputStream out = new ByteArrayOutputStream()) { try (ByteArrayOutputStream out = new ByteArrayOutputStream()) {
byte[] buff; while (datas.length > offset) {
while (datas.length > offSet) { int inputLen = Math.min(datas.length - offset, maxBlock);
if (datas.length - offSet > maxBlock) { byte[] buffer = cipher.doFinal(datas, offset, inputLen);
//可以调用以下的doFinal方法完成加密或解密数据 out.write(buffer, 0, buffer.length);
buff = cipher.doFinal(datas, offSet, maxBlock); index++;
} else { offset = index * maxBlock;
buff = cipher.doFinal(datas, offSet, datas.length - offSet);
}
out.write(buff, 0, buff.length);
i++;
offSet = i * maxBlock;
} }
return out.toByteArray(); return out.toByteArray();
} catch (Exception e) { } catch (Exception e) {
throw new RuntimeException("加解密阀值为[" + maxBlock + "]的数据时发生异常", e); throw new RuntimeException("RSA block codec failed, maxBlock=" + maxBlock, e);
} }
} }
public static void main(String[] args) { public static void main(String[] args) throws Exception {
Map<String, String> encryptKey = createEncryptKey();
// Map<String, String> encryptKey = createEncryptKey(); String publicKey = encryptKey.get("publicKey");
// String publicKey = encryptKey.get("publicKey"); String privateKey = encryptKey.get("privateKey");
// String privateKey = encryptKey.get("privateKey");
//
// System.out.println("公匙加密串:" + publicKey);
// System.out.println("私匙加密串:" + privateKey);
//
// System.out.println();
//
String data = "data";
//加密
try {
String s = publicEncrypt(data, getPublicKey("MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC_F5UQC1QWsu3QsESQBz9M-GDA9Atm0qVSvwIsy568lyRLi-nq3VvvnmgrlL4yTbngFzyfb2Dn35cNCHsBvIaGuCY3_PpzPqMzVpxr2QlEkhEX9atnJQ1rWexS8QeZtPjpiIwoQrChTzXjD_sYUkDrqSykFplyivf0NSO2WqCBdwIDAQAB"));
System.out.println("加密后密文:" + s);
// String ss = "bPrP3VQpVNj7jxzSvVRQQpOCzg4c9HAMd/Sesda0SOxmWbNzP8SnhayV2H9Jpih2sf26O8dOqiNE7V1u5NPgQBIPi6LqX2QiFTjynVLxQBUmISfmQ2Q6K3sjHBIRIhuZPrXijw7CextUUQwzh4VvEVkjyaUnqlMXVRkUGlgqP7M=";
// String privateKey1 = "MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBALiJJ6RPMMh-ETrmppOG7JKINPSFaaZoHjzZkyQl3AcfrpKMmH82j_Pxl4mPvvgKtbR20N-88-nJLT4v4aOz9XYVl5ruE59SsJl_T8YqN-i8L8KH8Wptd0_ee7nDhF4-OGEi-o330daFv20eLpboy6nDkWLmLihKC0jEZWK8MLZzAgMBAAECgYAEhO9gmcPjFRtM6vsnX8WJbSaG2oGU3rXm3Zk56Gd0ETWQRzsw2mA6JC-G4etWXcTHb6V75T-_-PpPrJKFFNItEH-WFRS36xneomycxRG1YTfK1SsGLGF0BV3bLVZx8cQz7VsBY4vqbRCSKtcOZBJpnxI6iHAv07i8w34F6qjfsQJBAORnKUuJQ_GsHHBPT1VhMYjXVepAfTrWtCzRQ648KavbHLAGaRIhX10uj-hAhZLafDqQF8Y7T7GHTlasRL9ubWsCQQDO1R3KScJJSR3KDsnSsF0YCw7V28cr_OVAwiPoro90Me6MUz9yKV88gQlTuJkNFMuu_YdPXYKjlzNVg0zFmtUZAkEAoe9mPtDeZD0TmKkSZUVYul1543C_mPTan5_qrWCoZtkd2MtiuWEB3O4DR7ZfPcQ8KcU5pektUn_NEfRndZYUawJBAJfydOoxeawBLQNODfLcYefR59owlYe5SGpktaCw7O596DPqzId_4Vk_qqx4xueXSXOLCabCmcC4yZue0_2vm7ECQQDLrzXL-BpSqxbvtE0gNKcgaSkEUSOh1QmQFPCHERsOBxcflM6ej71STKglB21JD9m6tM2RySgbtUx4TfOuJTek";
// String s1 = privateDecryption(ss, getPrivateKey(privateKey1));
// System.out.println("解密后明文:" + s1);
} catch (Exception e) {
throw new IllegalArgumentException();
}
String data = "{\"account\":\"admin\",\"pwd\":\"123456\"}";
String encrypted = publicEncrypt(data, getPublicKey(publicKey));
String decrypted = privateDecryption(encrypted, getPrivateKey(privateKey));
System.out.println("publicKey: " + publicKey);
System.out.println("privateKey: " + privateKey);
System.out.println("encrypted: " + encrypted);
System.out.println("decrypted: " + decrypted);
} }
} }

5
src/main/java/cn/xf/basedemo/service/impl/UserServiceImpl.java
View File

@@ -18,7 +18,6 @@ import com.fasterxml.jackson.databind.ObjectMapper;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate; import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import org.springframework.util.StringUtils; import org.springframework.util.StringUtils;
@@ -48,8 +47,6 @@ public class UserServiceImpl implements UserService {
@Autowired @Autowired
private RedisTemplate redisTemplate; private RedisTemplate redisTemplate;
private final BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
@Override @Override
public RetObj login(LoginInfoRes res) { public RetObj login(LoginInfoRes res) {
@@ -77,7 +74,7 @@ public class UserServiceImpl implements UserService {
QueryWrapper<User> queryWrapper = new QueryWrapper<>(); QueryWrapper<User> queryWrapper = new QueryWrapper<>();
queryWrapper.eq("account", loginInfo.getAccount()); queryWrapper.eq("account", loginInfo.getAccount());
User user = userMapper.selectOne(queryWrapper); User user = userMapper.selectOne(queryWrapper);
if (Objects.isNull(user) || !passwordEncoder.matches(loginInfo.getPwd(), user.getPassword())) { if (Objects.isNull(user) || !loginInfo.getPwd().equals(user.getPassword())) {
return RetObj.error("账号或密码错误"); return RetObj.error("账号或密码错误");
} }
LoginUser loginUser = new LoginUser(); LoginUser loginUser = new LoginUser();

118
src/main/resources/templates/login.html
View File

@@ -1,47 +1,41 @@
<!DOCTYPE html> <!DOCTYPE html>
<html> <html lang="zh-CN">
<head> <head>
<meta charset="utf-8"> <meta charset="utf-8">
<title>模拟登录</title> <title>模拟登录</title>
</head> <link rel="stylesheet" href="https://unpkg.com/element-ui/lib/theme-chalk/index.css">
<style> <style>
el-input { el-input {
width: 200px; width: 200px;
} }
#div1 { #div1 {
width: 200px; width: 200px;
} }
</style> </style>
</head>
<body> <body>
<script src="https://cdn.bootcdn.net/ajax/libs/jquery/3.6.0/jquery.js"></script> <script src="https://cdn.bootcdn.net/ajax/libs/jquery/3.6.0/jquery.js"></script>
<script src="https://cdn.staticfile.org/vue/2.2.2/vue.min.js"></script> <script src="https://cdn.staticfile.org/vue/2.2.2/vue.min.js"></script>
<!-- 引入样式 -->
<link rel="stylesheet" href="https://unpkg.com/element-ui/lib/theme-chalk/index.css">
<!-- 引入组件库 -->
<script src="https://unpkg.com/element-ui/lib/index.js"></script> <script src="https://unpkg.com/element-ui/lib/index.js"></script>
<!--jsencrypt 加密插件-->
<script src="https://cdn.bootcdn.net/ajax/libs/jsencrypt/3.2.1/jsencrypt.min.js"></script> <script src="https://cdn.bootcdn.net/ajax/libs/jsencrypt/3.2.1/jsencrypt.min.js"></script>
<!--http 请求插件-->
<script src="https://cdn.bootcdn.net/ajax/libs/axios/0.27.2/axios.min.js"></script> <script src="https://cdn.bootcdn.net/ajax/libs/axios/0.27.2/axios.min.js"></script>
<div id="app"> <div id="app">
<div id="div1"> <div id="div1">
<label>账号:</label> <label>账号:</label>
<el-input v-model="account" placeholder="请输入账号"></el-input> <el-input v-model="account" placeholder="请输入账号"></el-input>
<label>密码:</label> <label>密码:</label>
<el-input v-model="pwd" placeholder="请输入密码"></el-input> <el-input v-model="pwd" placeholder="请输入密码" show-password></el-input>
<el-button type="primary" @click="login()">登录</el-button> <el-button type="primary" @click="login()">登录</el-button>
</div> </div>
</div> </div>
<script> <script>
new Vue({ new Vue({
el: '#app', el: '#app',
data: { data: {
rsaPublicKey: 'MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC_F5UQC1QWsu3QsESQBz9M-GDA9Atm0qVSvwIsy568lyRLi-nq3VvvnmgrlL4yTbngFzyfb2Dn35cNCHsBvIaGuCY3_PpzPqMzVpxr2QlEkhEX9atnJQ1rWexS8QeZtPjpiIwoQrChTzXjD_sYUkDrqSykFplyivf0NSO2WqCBdwIDAQAB', rsaPublicKey: 'MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCA716Gp8ZjAw9G5D4/EPQJ2RIo6hi4LrrvIUmv0VCDzdSHOYPr6065KMJb60APEz+pi3wY4DQmVe90Sdp8waY3i/ar9+PJ67UYVuVWLOuo/F7NoEEGzKX4cyhncPRBDxHA6TomsFjX1hUKj2+nwBIXHUCOiqGHuvRC4vHS7jknawIDAQAB',
account: '', account: '',
pwd: '' pwd: ''
}, },
@@ -51,38 +45,70 @@
account: this.account, account: this.account,
pwd: this.pwd pwd: this.pwd
}; };
var json = JSON.stringify(data); var cipher = this.encryptByPublicKey(JSON.stringify(data));
var cipher = this.encryptByPublicKey(json); if (!cipher) {
console.log("密文 " + cipher); return;
var url = "http://localhost:8089/user/login"; }
axios.post(url, {
encryptedData: cipher, axios.post('http://localhost:8089/user/login', {
}) encryptedData: cipher
.then(function (response) { }).then(function (response) {
var data = response.data; var data = response.data;
if (data.code == 200) { if (data.code == 200) {
//中文需要进行两次encodeURI转码( encodeURI:把URI字符串采用UTF-8编码格式转化成escape格式的字符串) var param = '?token=' + data.data.token + '&name=' + encodeURI(encodeURI(data.data.name));
var param = "?token=" + data.data.token + "&name=" + encodeURI(encodeURI(data.data.name)); window.location.href = 'success' + param;
window.location.href = "success" + param } else {
} else { alert(data.message);
alert(data.message) }
} }).catch(function (error) {
}) console.log(error);
.catch(function (error) { });
console.log(error);
});
}, },
encryptByPublicKey: function (val = '') { encryptByPublicKey: function (val) {
if (val === '') { if (!val) {
return ''; return '';
} }
let encryptor = new JSEncrypt() // 新建JSEncrypt对象
encryptor.setPublicKey(this.rsaPublicKey) // 设置公钥 var publicKey = '-----BEGIN PUBLIC KEY-----\n' + this.rsaPublicKey + '\n-----END PUBLIC KEY-----';
return encryptor.encrypt(val) // 对需要加密的数据进行加密 var encryptor = new JSEncrypt();
encryptor.setPublicKey(publicKey);
var chunks = this.splitByUtf8Bytes(val, 117);
var encryptedBinary = '';
for (var i = 0; i < chunks.length; i++) {
var encryptedChunk = encryptor.encrypt(chunks[i]);
if (!encryptedChunk) {
alert('登录数据加密失败');
return '';
}
encryptedBinary += atob(encryptedChunk);
}
return btoa(encryptedBinary);
}, },
splitByUtf8Bytes: function (val, maxBytes) {
var chunks = [];
var chunk = '';
var chunkBytes = 0;
for (var i = 0; i < val.length; i++) {
var char = val.charAt(i);
var charBytes = new Blob([char]).size;
if (chunkBytes + charBytes > maxBytes) {
chunks.push(chunk);
chunk = '';
chunkBytes = 0;
}
chunk += char;
chunkBytes += charBytes;
}
if (chunk) {
chunks.push(chunk);
}
return chunks;
}
} }
}); });
</script> </script>
</body> </body>
</html>

47
src/main/resources/templates/success.html
View File

@@ -1,46 +1,33 @@
<!DOCTYPE html> <!DOCTYPE html>
<html lang="en"> <html lang="zh-CN">
<head> <head>
<meta charset="UTF-8"> <meta charset="UTF-8">
<script src="https://cdn.bootcdn.net/ajax/libs/jquery/3.6.0/jquery.js"></script>
<script src="https://cdn.staticfile.org/vue/2.2.2/vue.min.js"></script>
<title>登录成功</title> <title>登录成功</title>
</head> </head>
<body> <body>
<div id="app"> <div id="app">
<h1>欢迎 {{name}} 登录成功~~</h1> <h1>欢迎 <span id="name"></span> 登录成功~~</h1>
<h1> <h1>
token: token:
<span style="color: forestgreen">{{token}}</span> <span id="token" style="color: forestgreen"></span>
</h1> </h1>
</div> </div>
</body>
<script> <script>
new Vue({ function getQueryParam(name) {
el: '#app', var params = new URLSearchParams(window.location.search);
data: { return params.get(name) || '';
token: '', }
name: ''
},
mounted: function () {
this.token = this.getData("token"); var token = getQueryParam('token');
//只需要转一次码 var name = getQueryParam('name');
this.name = decodeURI(this.getData("name"));
},
methods: {
getData: function (name) {
var reg = new RegExp("(^|&)" + name + "=([^&]*)(&|$)"); //构造一个含有目标参数的正则表达式对象
var r = window.location.search.substr(1).match(reg); //匹配目标参数
if (r != null) return unescape(r[2]); if (!token || !name) {
window.location.href = "login" window.location.href = 'login';
// return null; //返回参数值 } else {
} document.getElementById('token').textContent = token;
} document.getElementById('name').textContent = decodeURIComponent(name);
}) }
;
</script> </script>
</html> </body>
</html>