diff --git a/ruoyi-common/ruoyi-common-security/pom.xml b/ruoyi-common/ruoyi-common-security/pom.xml
index 434c05c1..e26d8e9b 100644
--- a/ruoyi-common/ruoyi-common-security/pom.xml
+++ b/ruoyi-common/ruoyi-common-security/pom.xml
@@ -34,6 +34,11 @@
ruoyi-common-redis
+
+ cn.hutool
+ hutool-all
+ 5.8.5
+
diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/utils/SecurityUtils.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/utils/SecurityUtils.java
index 78a53932..86cdf846 100644
--- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/utils/SecurityUtils.java
+++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/utils/SecurityUtils.java
@@ -1,66 +1,61 @@
package com.ruoyi.common.security.utils;
-import javax.servlet.http.HttpServletRequest;
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import cn.hutool.crypto.symmetric.AES;
import com.ruoyi.common.core.constant.SecurityConstants;
import com.ruoyi.common.core.constant.TokenConstants;
import com.ruoyi.common.core.context.SecurityContextHolder;
import com.ruoyi.common.core.utils.ServletUtils;
import com.ruoyi.common.core.utils.StringUtils;
import com.ruoyi.system.api.model.LoginUser;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+
+import javax.servlet.http.HttpServletRequest;
/**
* 权限获取工具类
- *
+ *
* @author ruoyi
*/
-public class SecurityUtils
-{
+public class SecurityUtils {
/**
* 获取用户ID
*/
- public static Long getUserId()
- {
+ public static Long getUserId() {
return SecurityContextHolder.getUserId();
}
/**
* 获取用户名称
*/
- public static String getUsername()
- {
+ public static String getUsername() {
return SecurityContextHolder.getUserName();
}
/**
* 获取用户key
*/
- public static String getUserKey()
- {
+ public static String getUserKey() {
return SecurityContextHolder.getUserKey();
}
/**
* 获取登录用户信息
*/
- public static LoginUser getLoginUser()
- {
+ public static LoginUser getLoginUser() {
return SecurityContextHolder.get(SecurityConstants.LOGIN_USER, LoginUser.class);
}
/**
* 获取请求token
*/
- public static String getToken()
- {
+ public static String getToken() {
return getToken(ServletUtils.getRequest());
}
/**
* 根据request获取请求token
*/
- public static String getToken(HttpServletRequest request)
- {
+ public static String getToken(HttpServletRequest request) {
// 从header获取token标识
String token = request.getHeader(TokenConstants.AUTHENTICATION);
return replaceTokenPrefix(token);
@@ -69,11 +64,9 @@ public class SecurityUtils
/**
* 裁剪token前缀
*/
- public static String replaceTokenPrefix(String token)
- {
+ public static String replaceTokenPrefix(String token) {
// 如果前端设置了令牌前缀,则裁剪掉前缀
- if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX))
- {
+ if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX)) {
token = token.replaceFirst(TokenConstants.PREFIX, "");
}
return token;
@@ -81,12 +74,11 @@ public class SecurityUtils
/**
* 是否为管理员
- *
+ *
* @param userId 用户ID
* @return 结果
*/
- public static boolean isAdmin(Long userId)
- {
+ public static boolean isAdmin(Long userId) {
return userId != null && 1L == userId;
}
@@ -96,8 +88,7 @@ public class SecurityUtils
* @param password 密码
* @return 加密字符串
*/
- public static String encryptPassword(String password)
- {
+ public static String encryptPassword(String password) {
BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
return passwordEncoder.encode(password);
}
@@ -105,13 +96,28 @@ public class SecurityUtils
/**
* 判断密码是否相同
*
- * @param rawPassword 真实密码
+ * @param rawPassword 真实密码
* @param encodedPassword 加密后字符
* @return 结果
*/
- public static boolean matchesPassword(String rawPassword, String encodedPassword)
- {
+ public static boolean matchesPassword(String rawPassword, String encodedPassword) {
BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
return passwordEncoder.matches(rawPassword, encodedPassword);
}
+
+
+ // AES密钥算法
+ private static final String key = "1234567890abcdef";
+
+ public static String encrypt(String data) {
+ AES aes = new AES(key.getBytes());
+ // 加密
+ return aes.encryptHex(data);
+ }
+
+ // 解密
+ public static String decrypt(String data) {
+ AES aes = new AES(key.getBytes());
+ return aes.decryptStr(data);
+ }
}
diff --git a/ruoyi-modules/management-platform/src/main/java/com/ruoyi/platform/service/impl/GitServiceImpl.java b/ruoyi-modules/management-platform/src/main/java/com/ruoyi/platform/service/impl/GitServiceImpl.java
index 26ae8ad2..f7059773 100644
--- a/ruoyi-modules/management-platform/src/main/java/com/ruoyi/platform/service/impl/GitServiceImpl.java
+++ b/ruoyi-modules/management-platform/src/main/java/com/ruoyi/platform/service/impl/GitServiceImpl.java
@@ -23,6 +23,8 @@ import java.util.HashMap;
import java.util.List;
import java.util.Map;
+import static com.ruoyi.common.security.utils.SecurityUtils.decrypt;
+
@Service
public class GitServiceImpl implements GitService {
@@ -81,7 +83,7 @@ public class GitServiceImpl implements GitService {
String ci4sUsername = loginUser.getUsername();
String token = jedis.get(ci4sUsername + "_gitToken");
String gitLinkUsername = loginUser.getSysUser().getGitLinkUsername();
- String gitLinkPassword = loginUser.getSysUser().getGitLinkPassword();
+ String gitLinkPassword = decrypt(loginUser.getSysUser().getGitLinkPassword());
if (StringUtils.isEmpty(token)) {
login(gitLinkUsername, gitLinkPassword);
diff --git a/ruoyi-modules/management-platform/src/main/java/com/ruoyi/platform/service/impl/ModelsServiceImpl.java b/ruoyi-modules/management-platform/src/main/java/com/ruoyi/platform/service/impl/ModelsServiceImpl.java
index 9e1dd09b..fac618f8 100644
--- a/ruoyi-modules/management-platform/src/main/java/com/ruoyi/platform/service/impl/ModelsServiceImpl.java
+++ b/ruoyi-modules/management-platform/src/main/java/com/ruoyi/platform/service/impl/ModelsServiceImpl.java
@@ -50,6 +50,8 @@ import java.util.stream.Collectors;
import java.util.zip.ZipEntry;
import java.util.zip.ZipOutputStream;
+import static com.ruoyi.common.security.utils.SecurityUtils.decrypt;
+
/**
* (Models)表服务实现类
*
@@ -561,7 +563,7 @@ public class ModelsServiceImpl implements ModelsService {
LoginUser loginUser = SecurityUtils.getLoginUser();
String ci4sUsername = loginUser.getUsername();
String gitLinkUsername = loginUser.getSysUser().getGitLinkUsername();
- String gitLinkPassword = loginUser.getSysUser().getGitLinkPassword();
+ String gitLinkPassword = decrypt(loginUser.getSysUser().getGitLinkPassword());
Map userInfo = getUserInfo(ci4sUsername, gitLinkUsername, gitLinkPassword);
Integer userId = (Integer) userInfo.get("user_id");
@@ -690,7 +692,7 @@ public class ModelsServiceImpl implements ModelsService {
LoginUser loginUser = SecurityUtils.getLoginUser();
String ci4sUsername = loginUser.getUsername();
String gitLinkUsername = loginUser.getSysUser().getGitLinkUsername();
- String gitLinkPassword = loginUser.getSysUser().getGitLinkPassword();
+ String gitLinkPassword = decrypt(loginUser.getSysUser().getGitLinkPassword());
Map userInfo = getUserInfo(ci4sUsername, gitLinkUsername, gitLinkPassword);
ci4sUsername = modelsVo.getIsPublic() ? Constant.Item_Public : loginUser.getUsername();
@@ -925,7 +927,7 @@ public class ModelsServiceImpl implements ModelsService {
LoginUser loginUser = SecurityUtils.getLoginUser();
String ci4sUsername = loginUser.getUsername();
String gitLinkUsername = loginUser.getSysUser().getGitLinkUsername();
- String gitLinkPassword = loginUser.getSysUser().getGitLinkPassword();
+ String gitLinkPassword = decrypt(loginUser.getSysUser().getGitLinkPassword());
Map userInfo = getUserInfo(ci4sUsername, gitLinkUsername, gitLinkPassword);
String token = (String) userInfo.get("token");
@@ -955,7 +957,7 @@ public class ModelsServiceImpl implements ModelsService {
LoginUser loginUser = SecurityUtils.getLoginUser();
String ci4sUsername = loginUser.getUsername();
String gitLinkUsername = loginUser.getSysUser().getGitLinkUsername();
- String gitLinkPassword = loginUser.getSysUser().getGitLinkPassword();
+ String gitLinkPassword = decrypt(loginUser.getSysUser().getGitLinkPassword());
Map userInfo = getUserInfo(ci4sUsername, gitLinkUsername, gitLinkPassword);
String token = (String) userInfo.get("token");
diff --git a/ruoyi-modules/management-platform/src/main/java/com/ruoyi/platform/service/impl/NewDatasetServiceImpl.java b/ruoyi-modules/management-platform/src/main/java/com/ruoyi/platform/service/impl/NewDatasetServiceImpl.java
index 413ec5c0..727fa89d 100644
--- a/ruoyi-modules/management-platform/src/main/java/com/ruoyi/platform/service/impl/NewDatasetServiceImpl.java
+++ b/ruoyi-modules/management-platform/src/main/java/com/ruoyi/platform/service/impl/NewDatasetServiceImpl.java
@@ -49,6 +49,8 @@ import java.util.stream.Collectors;
import java.util.zip.ZipEntry;
import java.util.zip.ZipOutputStream;
+import static com.ruoyi.common.security.utils.SecurityUtils.decrypt;
+
@Service
public class NewDatasetServiceImpl implements NewDatasetService {
@@ -94,7 +96,7 @@ public class NewDatasetServiceImpl implements NewDatasetService {
LoginUser loginUser = SecurityUtils.getLoginUser();
String ci4sUsername = loginUser.getUsername();
String gitLinkUsername = loginUser.getSysUser().getGitLinkUsername();
- String gitLinkPassword = loginUser.getSysUser().getGitLinkPassword();
+ String gitLinkPassword = decrypt(loginUser.getSysUser().getGitLinkPassword());
String userReq = jedis.get(ci4sUsername + "_gitUserInfo");
// 得到用户操作的路径
Map userInfo = JsonUtils.jsonToMap(userReq);
@@ -202,7 +204,7 @@ public class NewDatasetServiceImpl implements NewDatasetService {
LoginUser loginUser = SecurityUtils.getLoginUser();
String ci4sUsername = loginUser.getUsername();
String gitLinkUsername = loginUser.getSysUser().getGitLinkUsername();
- String gitLinkPassword = loginUser.getSysUser().getGitLinkPassword();
+ String gitLinkPassword = decrypt(loginUser.getSysUser().getGitLinkPassword());
String userReq = jedis.get(ci4sUsername + "_gitUserInfo");
ci4sUsername = datasetVo.getIsPublic() ? Constant.Item_Public : loginUser.getUsername();
Map userInfo = JsonUtils.jsonToMap(userReq);
diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserController.java
index aa7b3039..e42bde3e 100644
--- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserController.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserController.java
@@ -28,6 +28,8 @@ import java.util.List;
import java.util.Set;
import java.util.stream.Collectors;
+import static com.ruoyi.common.security.utils.SecurityUtils.*;
+
/**
* 用户信息
*
@@ -186,7 +188,7 @@ public class SysUserController extends BaseController {
}
user.setCreateBy(SecurityUtils.getUsername());
user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
-// user.setGitLinkPassword(SecurityUtils.encryptPassword(user.getGitLinkPassword()));
+ user.setGitLinkPassword(encrypt(user.getGitLinkPassword()));
return toAjax(userService.insertUser(user));
}
@@ -209,12 +211,12 @@ public class SysUserController extends BaseController {
return error("新增用户'" + user.getUserName() + "'失败,gitLink用户名已存在");
}
user.setUpdateBy(SecurityUtils.getUsername());
- if(StringUtils.isNotEmpty(user.getPassword())){
+ if (StringUtils.isNotEmpty(user.getPassword())) {
user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
}
-// if(StringUtils.isNotEmpty(user.getGitLinkPassword())){
-// user.setGitLinkPassword(SecurityUtils.encryptPassword(user.getGitLinkPassword()));
-// }
+ if (StringUtils.isNotEmpty(user.getGitLinkPassword())) {
+ user.setGitLinkPassword(encrypt(user.getGitLinkPassword()));
+ }
return toAjax(userService.updateUser(user));
}