gitlinkpassword加密

ruoyi-common/ruoyi-common-security/pom.xml

@@ -34,6 +34,11 @@
             <artifactId>ruoyi-common-redis</artifactId>
         </dependency>
 
+        <dependency>
+            <groupId>cn.hutool</groupId>
+            <artifactId>hutool-all</artifactId>
+            <version>5.8.5</version>
+        </dependency>
     </dependencies>
 
 </project>

ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/utils/SecurityUtils.java

@@ -1,66 +1,61 @@
 package com.ruoyi.common.security.utils;
 
-import javax.servlet.http.HttpServletRequest;
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import cn.hutool.crypto.symmetric.AES;
 import com.ruoyi.common.core.constant.SecurityConstants;
 import com.ruoyi.common.core.constant.TokenConstants;
 import com.ruoyi.common.core.context.SecurityContextHolder;
 import com.ruoyi.common.core.utils.ServletUtils;
 import com.ruoyi.common.core.utils.StringUtils;
 import com.ruoyi.system.api.model.LoginUser;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+
+import javax.servlet.http.HttpServletRequest;
 
 /**
  * 权限获取工具类
- * 
+ *
  * @author ruoyi
  */
-public class SecurityUtils
-{
+public class SecurityUtils {
     /**
      * 获取用户ID
      */
-    public static Long getUserId()
-    {
+    public static Long getUserId() {
         return SecurityContextHolder.getUserId();
     }
 
     /**
      * 获取用户名称
      */
-    public static String getUsername()
-    {
+    public static String getUsername() {
         return SecurityContextHolder.getUserName();
     }
 
     /**
      * 获取用户key
      */
-    public static String getUserKey()
-    {
+    public static String getUserKey() {
         return SecurityContextHolder.getUserKey();
     }
 
     /**
      * 获取登录用户信息
      */
-    public static LoginUser getLoginUser()
-    {
+    public static LoginUser getLoginUser() {
         return SecurityContextHolder.get(SecurityConstants.LOGIN_USER, LoginUser.class);
     }
 
     /**
      * 获取请求token
      */
-    public static String getToken()
-    {
+    public static String getToken() {
         return getToken(ServletUtils.getRequest());
     }
 
     /**
      * 根据request获取请求token
      */
-    public static String getToken(HttpServletRequest request)
-    {
+    public static String getToken(HttpServletRequest request) {
         // 从header获取token标识
         String token = request.getHeader(TokenConstants.AUTHENTICATION);
         return replaceTokenPrefix(token);
@@ -69,11 +64,9 @@ public class SecurityUtils
     /**
      * 裁剪token前缀
      */
-    public static String replaceTokenPrefix(String token)
-    {
+    public static String replaceTokenPrefix(String token) {
         // 如果前端设置了令牌前缀，则裁剪掉前缀
-        if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX))
-        {
+        if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX)) {
             token = token.replaceFirst(TokenConstants.PREFIX, "");
         }
         return token;
@@ -81,12 +74,11 @@ public class SecurityUtils
 
     /**
      * 是否为管理员
-     * 
+     *
      * @param userId 用户ID
      * @return 结果
      */
-    public static boolean isAdmin(Long userId)
-    {
+    public static boolean isAdmin(Long userId) {
         return userId != null && 1L == userId;
     }
 
@@ -96,8 +88,7 @@ public class SecurityUtils
      * @param password 密码
      * @return 加密字符串
      */
-    public static String encryptPassword(String password)
-    {
+    public static String encryptPassword(String password) {
         BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
         return passwordEncoder.encode(password);
     }
@@ -105,13 +96,28 @@ public class SecurityUtils
     /**
      * 判断密码是否相同
      *
-     * @param rawPassword 真实密码
+     * @param rawPassword     真实密码
      * @param encodedPassword 加密后字符
      * @return 结果
      */
-    public static boolean matchesPassword(String rawPassword, String encodedPassword)
-    {
+    public static boolean matchesPassword(String rawPassword, String encodedPassword) {
         BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
         return passwordEncoder.matches(rawPassword, encodedPassword);
     }
+
+
+    // AES密钥算法
+    private static final String key = "1234567890abcdef";
+
+    public static String encrypt(String data) {
+        AES aes = new AES(key.getBytes());
+        // 加密
+        return aes.encryptHex(data);
+    }
+
+    // 解密
+    public static String decrypt(String data) {
+        AES aes = new AES(key.getBytes());
+        return aes.decryptStr(data);
+    }
 }

ruoyi-modules/management-platform/src/main/java/com/ruoyi/platform/service/impl/GitServiceImpl.java

@@ -23,6 +23,8 @@ import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 
+import static com.ruoyi.common.security.utils.SecurityUtils.decrypt;
+
 @Service
 public class GitServiceImpl implements GitService {
 
@@ -81,7 +83,7 @@ public class GitServiceImpl implements GitService {
         String ci4sUsername = loginUser.getUsername();
         String token = jedis.get(ci4sUsername + "_gitToken");
         String gitLinkUsername = loginUser.getSysUser().getGitLinkUsername();
-        String gitLinkPassword = loginUser.getSysUser().getGitLinkPassword();
+        String gitLinkPassword = decrypt(loginUser.getSysUser().getGitLinkPassword());
 
         if (StringUtils.isEmpty(token)) {
             login(gitLinkUsername, gitLinkPassword);

ruoyi-modules/management-platform/src/main/java/com/ruoyi/platform/service/impl/ModelsServiceImpl.java

@@ -50,6 +50,8 @@ import java.util.stream.Collectors;
 import java.util.zip.ZipEntry;
 import java.util.zip.ZipOutputStream;
 
+import static com.ruoyi.common.security.utils.SecurityUtils.decrypt;
+
 /**
  * (Models)表服务实现类
  *
@@ -561,7 +563,7 @@ public class ModelsServiceImpl implements ModelsService {
             LoginUser loginUser = SecurityUtils.getLoginUser();
             String ci4sUsername = loginUser.getUsername();
             String gitLinkUsername = loginUser.getSysUser().getGitLinkUsername();
-            String gitLinkPassword = loginUser.getSysUser().getGitLinkPassword();
+            String gitLinkPassword = decrypt(loginUser.getSysUser().getGitLinkPassword());
             Map<String, Object> userInfo = getUserInfo(ci4sUsername, gitLinkUsername, gitLinkPassword);
             Integer userId = (Integer) userInfo.get("user_id");
 
@@ -690,7 +692,7 @@ public class ModelsServiceImpl implements ModelsService {
         LoginUser loginUser = SecurityUtils.getLoginUser();
         String ci4sUsername = loginUser.getUsername();
         String gitLinkUsername = loginUser.getSysUser().getGitLinkUsername();
-        String gitLinkPassword = loginUser.getSysUser().getGitLinkPassword();
+        String gitLinkPassword = decrypt(loginUser.getSysUser().getGitLinkPassword());
         Map<String, Object> userInfo = getUserInfo(ci4sUsername, gitLinkUsername, gitLinkPassword);
 
         ci4sUsername = modelsVo.getIsPublic() ? Constant.Item_Public : loginUser.getUsername();
@@ -925,7 +927,7 @@ public class ModelsServiceImpl implements ModelsService {
         LoginUser loginUser = SecurityUtils.getLoginUser();
         String ci4sUsername = loginUser.getUsername();
         String gitLinkUsername = loginUser.getSysUser().getGitLinkUsername();
-        String gitLinkPassword = loginUser.getSysUser().getGitLinkPassword();
+        String gitLinkPassword = decrypt(loginUser.getSysUser().getGitLinkPassword());
 
         Map<String, Object> userInfo = getUserInfo(ci4sUsername, gitLinkUsername, gitLinkPassword);
         String token = (String) userInfo.get("token");
@@ -955,7 +957,7 @@ public class ModelsServiceImpl implements ModelsService {
         LoginUser loginUser = SecurityUtils.getLoginUser();
         String ci4sUsername = loginUser.getUsername();
         String gitLinkUsername = loginUser.getSysUser().getGitLinkUsername();
-        String gitLinkPassword = loginUser.getSysUser().getGitLinkPassword();
+        String gitLinkPassword = decrypt(loginUser.getSysUser().getGitLinkPassword());
 
         Map<String, Object> userInfo = getUserInfo(ci4sUsername, gitLinkUsername, gitLinkPassword);
         String token = (String) userInfo.get("token");

ruoyi-modules/management-platform/src/main/java/com/ruoyi/platform/service/impl/NewDatasetServiceImpl.java

@@ -49,6 +49,8 @@ import java.util.stream.Collectors;
 import java.util.zip.ZipEntry;
 import java.util.zip.ZipOutputStream;
 
+import static com.ruoyi.common.security.utils.SecurityUtils.decrypt;
+
 @Service
 public class NewDatasetServiceImpl implements NewDatasetService {
 
@@ -94,7 +96,7 @@ public class NewDatasetServiceImpl implements NewDatasetService {
         LoginUser loginUser = SecurityUtils.getLoginUser();
         String ci4sUsername = loginUser.getUsername();
         String gitLinkUsername = loginUser.getSysUser().getGitLinkUsername();
-        String gitLinkPassword = loginUser.getSysUser().getGitLinkPassword();
+        String gitLinkPassword = decrypt(loginUser.getSysUser().getGitLinkPassword());
         String userReq = jedis.get(ci4sUsername + "_gitUserInfo");
         // 得到用户操作的路径
         Map<String, Object> userInfo = JsonUtils.jsonToMap(userReq);
@@ -202,7 +204,7 @@ public class NewDatasetServiceImpl implements NewDatasetService {
         LoginUser loginUser = SecurityUtils.getLoginUser();
         String ci4sUsername = loginUser.getUsername();
         String gitLinkUsername = loginUser.getSysUser().getGitLinkUsername();
-        String gitLinkPassword = loginUser.getSysUser().getGitLinkPassword();
+        String gitLinkPassword = decrypt(loginUser.getSysUser().getGitLinkPassword());
         String userReq = jedis.get(ci4sUsername + "_gitUserInfo");
         ci4sUsername = datasetVo.getIsPublic() ? Constant.Item_Public : loginUser.getUsername();
         Map<String, Object> userInfo = JsonUtils.jsonToMap(userReq);

ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserController.java

@@ -28,6 +28,8 @@ import java.util.List;
 import java.util.Set;
 import java.util.stream.Collectors;
 
+import static com.ruoyi.common.security.utils.SecurityUtils.*;
+
 /**
  * 用户信息
  *
@@ -186,7 +188,7 @@ public class SysUserController extends BaseController {
         }
         user.setCreateBy(SecurityUtils.getUsername());
         user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
-//        user.setGitLinkPassword(SecurityUtils.encryptPassword(user.getGitLinkPassword()));
+        user.setGitLinkPassword(encrypt(user.getGitLinkPassword()));
         return toAjax(userService.insertUser(user));
     }
 
@@ -209,12 +211,12 @@ public class SysUserController extends BaseController {
             return error("新增用户'" + user.getUserName() + "'失败，gitLink用户名已存在");
         }
         user.setUpdateBy(SecurityUtils.getUsername());
-        if(StringUtils.isNotEmpty(user.getPassword())){
+        if (StringUtils.isNotEmpty(user.getPassword())) {
             user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
         }
-//        if(StringUtils.isNotEmpty(user.getGitLinkPassword())){
-//            user.setGitLinkPassword(SecurityUtils.encryptPassword(user.getGitLinkPassword()));
-//        }
+        if (StringUtils.isNotEmpty(user.getGitLinkPassword())) {
+            user.setGitLinkPassword(encrypt(user.getGitLinkPassword()));
+        }
         return toAjax(userService.updateUser(user));
     }