ruoyi
/
RuoYi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Pre Merge pull request !479 from 有酒只欠你/master

This commit is contained in:
有酒只欠你 2024-01-09 07:46:41 +00:00 committed by Gitee
parent 8c8d53a9cc 3fca6fa3df
commit fb48ce08da
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
6 changed files with 111 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java
View File

@ -2,6 +2,8 @@ package com.ruoyi.web.controller.system;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.ruoyi.common.utils.security.RSAUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
@ -20,6 +22,9 @@ import com.ruoyi.common.utils.ServletUtils;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.framework.web.service.ConfigService;
import java.util.HashMap;
import java.util.Map;
/**
* 登录验证
*
@ -56,7 +61,7 @@ public class SysLoginController extends BaseController
@ResponseBody
public AjaxResult ajaxLogin(String username, String password, Boolean rememberMe)
{
UsernamePasswordToken token = new UsernamePasswordToken(username, password, rememberMe);
UsernamePasswordToken token = new UsernamePasswordToken(username, RSAUtils.decryptBase64(password), rememberMe);
Subject subject = SecurityUtils.getSubject();
try
{
@ -79,4 +84,12 @@ public class SysLoginController extends BaseController
{
return "error/unauth";
}
@GetMapping("/getPublicKey")
@ResponseBody
public Map<String, String> getPublicKey() {
Map<String, String> map = new HashMap<>();
map.put("key", RSAUtils.generateBase64PublicKey());
return map;
}
}

2
ruoyi-admin/src/main/resources/static/ajax/libs/security/jsencrypt.min.js vendored Normal file
View File

File diff suppressed because one or more lines are too long

43
ruoyi-admin/src/main/resources/static/ruoyi/login.js
View File

@ -20,24 +20,33 @@ function login() {
var password = $.common.trim($("input[name='password']").val());
var validateCode = $("input[name='validateCode']").val();
var rememberMe = $("input[name='rememberme']").is(':checked');
var encrypt = new JSEncrypt();
$.ajax({
type: "post",
url: ctx + "login",
data: {
"username": username,
"password": password,
"validateCode": validateCode,
"rememberMe": rememberMe
},
success: function(r) {
if (r.code == web_status.SUCCESS) {
location.href = ctx + 'index';
} else {
$('.imgcode').click();
$(".code").val("");
$.modal.msg(r.msg);
}
$.modal.closeLoading();
url: ctx + "getPublicKey",
type: "get",
success: function(data) {
encrypt.setPublicKey(data.key);
var encryptPwd = encrypt.encrypt(password);
$.ajax({
type: "post",
url: ctx + "login",
data: {
"username": username,
"password": encryptPwd,
"validateCode": validateCode,
"rememberMe": rememberMe
},
success: function (r) {
if (r.code == web_status.SUCCESS) {
location.href = ctx + 'index';
} else {
$('.imgcode').click();
$(".code").val("");
$.modal.msg(r.msg);
}
$.modal.closeLoading();
}
});
}
});
}

1
ruoyi-admin/src/main/resources/templates/login.html
View File

@ -76,6 +76,7 @@
<script src="../static/ajax/libs/validate/jquery.validate.min.js" th:src="@{/ajax/libs/validate/jquery.validate.min.js}"></script>
<script src="../static/ajax/libs/layer/layer.min.js" th:src="@{/ajax/libs/layer/layer.min.js}"></script>
<script src="../static/ajax/libs/blockUI/jquery.blockUI.js" th:src="@{/ajax/libs/blockUI/jquery.blockUI.js}"></script>
<script src="../static/ajax/libs/security/jsencrypt.min.js" th:src="@{/ajax/libs/security/jsencrypt.min.js}"></script>
<script src="../static/ruoyi/js/ry-ui.js" th:src="@{/ruoyi/js/ry-ui.js?v=4.7.8}"></script>
<script src="../static/ruoyi/login.js" th:src="@{/ruoyi/login.js}"></script>
</body>

65
ruoyi-common/src/main/java/com/ruoyi/common/utils/security/RSAUtils.java Normal file
View File

@ -0,0 +1,65 @@
package com.ruoyi.common.utils.security;
import org.apache.commons.codec.binary.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import javax.crypto.Cipher;
import java.security.*;
/**
* RSA 加解密
*
* @author youjiuzhiqianni
*/
public class RSAUtils {
private static final Logger log = LoggerFactory.getLogger(RSAUtils.class);
private static KeyPair keyPair = null;
// 生成秘钥对
static {
try {
KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA");
generator.initialize(2048, new SecureRandom());
keyPair = generator.generateKeyPair();
} catch (NoSuchAlgorithmException e) {
log.error("No such algorithm.");
}
}
/**
* 获取公钥
*
* @return 公钥内容
*/
public static String generateBase64PublicKey() {
if (keyPair == null) {
return "";
}
PublicKey publicKey = keyPair.getPublic();
return new String(Base64.encodeBase64(publicKey.getEncoded()));
}
/**
* 传入字符串用私钥进行解密
*
* @param string string
* @return 解密后的字符串
*/
public static String decryptBase64(String string) {
return new String(decrypt(Base64.decodeBase64(string.getBytes())));
}
private static byte[] decrypt(byte[] byteArray) {
try {
Cipher cipher = Cipher.getInstance("RSA");
PrivateKey privateKey = keyPair.getPrivate();
cipher.init(Cipher.DECRYPT_MODE, privateKey);
return cipher.doFinal(byteArray);
} catch (Exception e) {
log.error("Failed to decrypt.");
return new byte[0];
}
}
}

3
ruoyi-framework/src/main/java/com/ruoyi/framework/config/ShiroConfig.java
View File

@ -297,6 +297,9 @@ public class ShiroConfig
// 系统权限列表
// filterChainDefinitionMap.putAll(SpringUtils.getBean(IMenuService.class).selectPermsAll());
// 获取公钥
filterChainDefinitionMap.put("/getPublicKey", "anon,captchaValidate");
Map<String, Filter> filters = new LinkedHashMap<String, Filter>();
filters.put("onlineSession", onlineSessionFilter());
filters.put("syncOnlineSession", syncOnlineSessionFilter());