若依基于jsencrypt实现前后端登录密码加密

若依虽然有加密解密功能,然后只有前端有,在用户点击保存密码的时候,会将密码保存到本地,但是为了防止密码泄露,所以在保存的时候,进行加密,在回显密码的时候进行解密显示,用户在登录的时候密码照样会明文传输,我们可以使用,为了解决这个问题,我们可以在登陆的时候,前端加密,后端解密验证密码正确性。
代码如下:
首先去生成秘钥,然后复制里面的公钥和私钥
若依基于jsencrypt实现前后端登录密码加密_第1张图片

前端代码

然后把公钥和私钥粘贴到前端的jsencrypt.js文件中,注意粘贴的使用要先输入一对双引号,使用idea进行粘贴,如果使用vscode粘贴就无法出现\n

import JSEncrypt from 'jsencrypt/bin/jsencrypt.min'

// 密钥对生成 http://web.chacuo.net/netrsakeypair

const publicKey = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWms4iFd/TMBkAae2FP8\n" +
  "4Typ80/uvIRo1cN9AR9ircKkIjpksCUC/mnopE1WsSk/Kqtf8aDAOxJ9Bs6drCs+\n" +
  "9GxfduwoIjbAR9mllzoP67ncn1dtuLXU6w/Va/pt8YebtzhZqfp7DVs5IGwkXf1c\n" +
  "Xxfw9dxa9F8ftlCEHSQxBFcn8707XJ3iGNRBcp8gS+Zofiaj8Xn1Ws4kUyBb6Dg4\n" +
  "f2SaBreaof7Wl9QWXkgXG7egHj4xtC5ztiBnFa8GC55ecBDLnO3EyTvY9PzvAd5Y\n" +
  "Aj7FDNN70w1zeazunX02oeMQa+TmtOGag73StoipsNbO8zbeeDblgXT1xNcrAx5m\n" +
  "XwIDAQAB"

const privateKey = "MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCtaaziIV39MwGQ\n" +
  "Bp7YU/zhPKnzT+68hGjVw30BH2KtwqQiOmSwJQL+aeikTVaxKT8qq1/xoMA7En0G\n" +
  "zp2sKz70bF927CgiNsBH2aWXOg/rudyfV224tdTrD9Vr+m3xh5u3OFmp+nsNWzkg\n" +
  "bCRd/VxfF/D13Fr0Xx+2UIQdJDEEVyfzvTtcneIY1EFynyBL5mh+JqPxefVaziRT\n" +
  "IFvoODh/ZJoGt5qh/taX1BZeSBcbt6AePjG0LnO2IGcVrwYLnl5wEMuc7cTJO9j0\n" +
  "/O8B3lgCPsUM03vTDXN5rO6dfTah4xBr5Oa04ZqDvdK2iKmw1s7zNt54NuWBdPXE\n" +
  "1ysDHmZfAgMBAAECggEABPVqniS6HU1iFA48aI8uQfqMGYsFlppqrQIkBu4w0iso\n" +
  "qlnlGyxTw5afsmMLwZEeX0f7PFuOY6IJtTIfTBcIe9DFgg8Krr/GC8frdkGQxvrP\n" +
  "ljbXylpYtkgDoEzO7AMmrryLw9KHxj//iC/PcmiWRZnXqBAfAbHepEX1ISgxxp/z\n" +
  "UKNURlMNvCQT93p/3j9oacKIFMEKqShDTvus139uK9EmL3D8mm3Bp/kI4mOyKua3\n" +
  "byuGG6kpmEACclWhNdCKN8dz7jLYbCWcOdWD6koqdSZy10Dbf6BD0FPhVJ9oFRC2\n" +
  "g7l9vlihZJB9BkrZhb/+bDOhhb2kyrPUlVR6dxRzgQKBgQDfMeTGX8Bdi8MIEH3u\n" +
  "RbPt/vDR//sXFfEYt/p0gqCWZuAnT2eDo14pAuuQjc0idoQxpiazmAZR9/33td1L\n" +
  "KYKb5WBogb56+J7bI/w0u0MpG3TCyd6QIr1XXsDOuaEzhjKmwW3TwN1UI8YNjMGl\n" +
  "vb36Vy3PL3wYV+fFE28iI5ScfwKBgQDG5qQmE6I4+zKKloXTqfNGs0PGkOXzAYbr\n" +
  "eFDSePQGMb7qTWtnrBGAz9PqKXffzLIn/u2EO2cSheglSWfJKos55Fj/tFnTGuws\n" +
  "ELJZldOi1kXGeABK+Ur+yl3T3kti8PWXx2zDvmp98m0I0C5Qo+51gUDVLPnXOVAW\n" +
  "lE0DvhTGIQKBgQChac/ttynDfWQa3PJ182rg39MBzIKme3PVUJiM0juZCeVqCH7w\n" +
  "MKHUPwxlimekWNnZnjO3BmbruNGu55OW2/pdDFHgwpQjEtKv4SJwcE1t2TFj/eI7\n" +
  "kyQjn58I4i62uILBHnpy/bQTOZvuCLGzT7mo5ot2nvy8DjbLy/Y/VkQPuQKBgQCq\n" +
  "X1vSBdVaK8myLpc5pITvVZTDnNBrpC42utu4PcUBHVFkj6Zlql1f0iW6mYTGHieo\n" +
  "3NQFBYEXu74LWmJdTWTu1OtrNMgQbSpJ4I9070LWY+Zmx9mwXvPfZeaTGgHHIZGt\n" +
  "TjSbQxsjASpmdzSE/LbAzlODhsAHnF8+yA9kGkjfIQKBgEA2GzJIUnuzT8WTdSZL\n" +
  "rJ0/6SBkSd9rlQvBx2jWa4G92zD6++MeItbgEp8xlRKWzRfwGmEnt7R0SC3eGzWV\n" +
  "EToc3UVRi750Cd0qNo7Q7blfnzGuca16t5lTaeeCp3P8FVlDbhg1F5ijrDNItoSH\n" +
  "wWlvkBwJ0C1nQsBVrV08quVy"

// 加密
export function encrypt(txt) {
  const encryptor = new JSEncrypt()
  encryptor.setPublicKey(publicKey) // 设置公钥
  return encryptor.encrypt(txt) // 对数据进行加密
}

// 解密
export function decrypt(txt) {
  const encryptor = new JSEncrypt()
  encryptor.setPrivateKey(privateKey) // 设置私钥
  return encryptor.decrypt(txt) // 对数据进行解密
}

然后调用登录接口的encrypt方法,对密码进行加密
若依基于jsencrypt实现前后端登录密码加密_第2张图片
到这里,浏览器出现的密码被加密了,就说明前端代码就搞定了
在这里插入图片描述

后端代码

在com.ruoyi.common.utils.sign包下新建RsaUtils类,把私钥粘贴过来

package com.ruoyi.common.utils.sign;

import org.apache.commons.codec.binary.Base64;

import javax.crypto.Cipher;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.spec.PKCS8EncodedKeySpec;

/**
 * RSA加密解密
 *
 * @author ruoyi
 **/
public class RsaUtils {
    // Rsa 私钥
    public static String privateKey = "MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCtaaziIV39MwGQ\n" +
            "Bp7YU/zhPKnzT+68hGjVw30BH2KtwqQiOmSwJQL+aeikTVaxKT8qq1/xoMA7En0G\n" +
            "zp2sKz70bF927CgiNsBH2aWXOg/rudyfV224tdTrD9Vr+m3xh5u3OFmp+nsNWzkg\n" +
            "bCRd/VxfF/D13Fr0Xx+2UIQdJDEEVyfzvTtcneIY1EFynyBL5mh+JqPxefVaziRT\n" +
            "IFvoODh/ZJoGt5qh/taX1BZeSBcbt6AePjG0LnO2IGcVrwYLnl5wEMuc7cTJO9j0\n" +
            "/O8B3lgCPsUM03vTDXN5rO6dfTah4xBr5Oa04ZqDvdK2iKmw1s7zNt54NuWBdPXE\n" +
            "1ysDHmZfAgMBAAECggEABPVqniS6HU1iFA48aI8uQfqMGYsFlppqrQIkBu4w0iso\n" +
            "qlnlGyxTw5afsmMLwZEeX0f7PFuOY6IJtTIfTBcIe9DFgg8Krr/GC8frdkGQxvrP\n" +
            "ljbXylpYtkgDoEzO7AMmrryLw9KHxj//iC/PcmiWRZnXqBAfAbHepEX1ISgxxp/z\n" +
            "UKNURlMNvCQT93p/3j9oacKIFMEKqShDTvus139uK9EmL3D8mm3Bp/kI4mOyKua3\n" +
            "byuGG6kpmEACclWhNdCKN8dz7jLYbCWcOdWD6koqdSZy10Dbf6BD0FPhVJ9oFRC2\n" +
            "g7l9vlihZJB9BkrZhb/+bDOhhb2kyrPUlVR6dxRzgQKBgQDfMeTGX8Bdi8MIEH3u\n" +
            "RbPt/vDR//sXFfEYt/p0gqCWZuAnT2eDo14pAuuQjc0idoQxpiazmAZR9/33td1L\n" +
            "KYKb5WBogb56+J7bI/w0u0MpG3TCyd6QIr1XXsDOuaEzhjKmwW3TwN1UI8YNjMGl\n" +
            "vb36Vy3PL3wYV+fFE28iI5ScfwKBgQDG5qQmE6I4+zKKloXTqfNGs0PGkOXzAYbr\n" +
            "eFDSePQGMb7qTWtnrBGAz9PqKXffzLIn/u2EO2cSheglSWfJKos55Fj/tFnTGuws\n" +
            "ELJZldOi1kXGeABK+Ur+yl3T3kti8PWXx2zDvmp98m0I0C5Qo+51gUDVLPnXOVAW\n" +
            "lE0DvhTGIQKBgQChac/ttynDfWQa3PJ182rg39MBzIKme3PVUJiM0juZCeVqCH7w\n" +
            "MKHUPwxlimekWNnZnjO3BmbruNGu55OW2/pdDFHgwpQjEtKv4SJwcE1t2TFj/eI7\n" +
            "kyQjn58I4i62uILBHnpy/bQTOZvuCLGzT7mo5ot2nvy8DjbLy/Y/VkQPuQKBgQCq\n" +
            "X1vSBdVaK8myLpc5pITvVZTDnNBrpC42utu4PcUBHVFkj6Zlql1f0iW6mYTGHieo\n" +
            "3NQFBYEXu74LWmJdTWTu1OtrNMgQbSpJ4I9070LWY+Zmx9mwXvPfZeaTGgHHIZGt\n" +
            "TjSbQxsjASpmdzSE/LbAzlODhsAHnF8+yA9kGkjfIQKBgEA2GzJIUnuzT8WTdSZL\n" +
            "rJ0/6SBkSd9rlQvBx2jWa4G92zD6++MeItbgEp8xlRKWzRfwGmEnt7R0SC3eGzWV\n" +
            "EToc3UVRi750Cd0qNo7Q7blfnzGuca16t5lTaeeCp3P8FVlDbhg1F5ijrDNItoSH\n" +
            "wWlvkBwJ0C1nQsBVrV08quVy";

    /**
     * 私钥解密
     *
     * @param privateKeyString 私钥
     * @param text             待解密的文本
     * @return 解密后的文本
     */
    public static String decryptByPrivateKey(String text) throws Exception {
        return decryptByPrivateKey(privateKey, text);
    }


    /**
     * 私钥解密
     *
     * @param privateKeyString 私钥
     * @param text             待解密的文本
     * @return 解密后的文本
     */
    public static String decryptByPrivateKey(String privateKeyString, String text) throws Exception {
        PKCS8EncodedKeySpec pkcs8EncodedKeySpec5 = new PKCS8EncodedKeySpec(Base64.decodeBase64(privateKeyString));
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec5);
        Cipher cipher = Cipher.getInstance("RSA");
        cipher.init(Cipher.DECRYPT_MODE, privateKey);
        byte[] result = cipher.doFinal(Base64.decodeBase64(text));
        return new String(result);
    }

}

然后再登录接口那里,对密码进行解密同时如果解密成功抛出异常,代码如下:

/**
 * 登录方法
 * 
 * @param loginBody 登录信息
 * @return 结果
 */
@PostMapping("/login")
public AjaxResult login(@RequestBody LoginBody loginBody) throws Exception
{
    AjaxResult ajax = AjaxResult.success();
    // 生成令牌
    String token = loginService.login(loginBody.getUsername(), RsaUtils.decryptByPrivateKey(loginBody.getPassword()), loginBody.getCode(),
            loginBody.getUuid());
    ajax.put(Constants.TOKEN, token);
    return ajax;
}

到此代码就结束了,最终测试:登录成功,再测试记住密码功能,也正常,如果下次想要该公钥和私钥记得前后端都要改
在这里插入图片描述
这里只是演示了基于若依自带的密码工具进行加密,如果想要基于别的工具进行加密解密可以研究一下sm-crypto

你可能感兴趣的:(java,前端,ruoyi)