diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/AuthenticationBeanConfig.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/AuthenticationBeanConfig.java new file mode 100644 index 000000000..1a01742f5 --- /dev/null +++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/AuthenticationBeanConfig.java @@ -0,0 +1,25 @@ +package com.ruoyi.framework.config; + +import com.ruoyi.framework.shiro.config.DefaultPasswordEncoder; +import com.ruoyi.framework.shiro.config.RyPasswordEncoder; +import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; + +/** + * 认证相关的扩展点配置。配置在这里的bean,业务系统都可以通过声明同类型或同名的bean来覆盖安全 + * 模块默认的配置。 + */ +@Configuration +public class AuthenticationBeanConfig { + /** + * 默认密码处理器 + * + * @return + */ + @Bean + @ConditionalOnMissingBean(RyPasswordEncoder.class) + public RyPasswordEncoder passwordEncoder() { + return new DefaultPasswordEncoder(); + } +} diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/shiro/config/DefaultPasswordEncoder.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/shiro/config/DefaultPasswordEncoder.java new file mode 100644 index 000000000..8cdc4ef40 --- /dev/null +++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/shiro/config/DefaultPasswordEncoder.java @@ -0,0 +1,16 @@ +package com.ruoyi.framework.shiro.config; + +import org.apache.shiro.crypto.hash.Md5Hash; + +/** + * @Description 默认的密码加密 + * @Author 安安汐而 + * @Date 2019/6/4 + **/ +public class DefaultPasswordEncoder implements RyPasswordEncoder +{ + @Override + public String encode(String username, String password, String salt) { + return new Md5Hash(username + password + salt).toHex().toString(); + } +} diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/shiro/config/RyPasswordEncoder.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/shiro/config/RyPasswordEncoder.java new file mode 100644 index 000000000..e8250fd90 --- /dev/null +++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/shiro/config/RyPasswordEncoder.java @@ -0,0 +1,20 @@ +package com.ruoyi.framework.shiro.config; + + +/** + * 密码验证接口 + * 自己项目里实现这个service、即可覆盖默认的实现 + * + * @author 安安汐而 + */ +public interface RyPasswordEncoder { + /** + * 加密密码 + * + * @param username 用户名 + * @param salt 盐 + * @param password 原始密码 + * @return 加密后密码 + */ + String encode(String username, String password, String salt); +} diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/shiro/service/SysPasswordService.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/shiro/service/SysPasswordService.java index d8a763262..7e20a0b49 100644 --- a/ruoyi-framework/src/main/java/com/ruoyi/framework/shiro/service/SysPasswordService.java +++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/shiro/service/SysPasswordService.java @@ -2,6 +2,8 @@ package com.ruoyi.framework.shiro.service; import java.util.concurrent.atomic.AtomicInteger; import javax.annotation.PostConstruct; + +import com.ruoyi.framework.shiro.config.RyPasswordEncoder; import org.apache.shiro.cache.Cache; import org.apache.shiro.cache.CacheManager; import org.apache.shiro.crypto.hash.Md5Hash; @@ -26,6 +28,8 @@ public class SysPasswordService { @Autowired private CacheManager cacheManager; + @Autowired + private RyPasswordEncoder ryPasswordEncoder; private Cache loginRecordCache; @@ -79,7 +83,7 @@ public class SysPasswordService public String encryptPassword(String username, String password, String salt) { - return new Md5Hash(username + password + salt).toHex().toString(); + return ryPasswordEncoder.encode(username, password, salt); } }