密码算法

2025-08-23 02:50:26 +08:00 · 2025-08-23 02:50:26 +08:00 · b6b635d7d8
commit b6b635d7d8
parent 7177f49918
7 changed files with 127 additions and 9 deletions
--- a/ebike-common/src/main/java/com/cdzy/common/utils/SHA256WithSaltUtil.java
+++ b/ebike-common/src/main/java/com/cdzy/common/utils/SHA256WithSaltUtil.java
@ -0,0 +1,86 @@
+package com.cdzy.common.utils;
+
+import java.nio.charset.StandardCharsets;
+import java.security.MessageDigest;
+import java.security.SecureRandom;
+import java.util.Base64;
+import java.util.HexFormat;
+
+/**
+ * SHA-256 加盐加密工具类
+ */
+public class SHA256WithSaltUtil {
+
+    private static final int SALT_LENGTH = 16; // 盐值长度（16字节 = 128位）
+    private static final String ALGORITHM = "SHA-256";
+    private static final HexFormat HEX_FORMAT = HexFormat.of();
+
+    /**
+     * 生成随机盐值
+     */
+    public static String generateSalt() {
+        SecureRandom random = new SecureRandom();
+        byte[] salt = new byte[SALT_LENGTH];
+        random.nextBytes(salt);
+        return Base64.getEncoder().encodeToString(salt);
+    }
+
+    /**
+     * 加密密码（SHA-256 + 盐值）
+     * @param password 原始密码
+     * @param salt 盐值（如果为null则自动生成）
+     * @return 返回加密后的密码和盐值组合字符串（格式：密文:盐值）
+     */
+    public static String encrypt(String password, String salt) {
+        try {
+            // 如果未提供盐值，则生成新盐值
+            String usedSalt = (salt == null) ? generateSalt() : salt;
+
+            MessageDigest md = MessageDigest.getInstance(ALGORITHM);
+            md.update(Base64.getDecoder().decode(usedSalt)); // 加入盐值
+            byte[] hash = md.digest(password.getBytes(StandardCharsets.UTF_8));
+
+            // 返回格式：HEX(哈希值):Base64(盐值)
+            return HEX_FORMAT.formatHex(hash) + ":" + usedSalt;
+        } catch (Exception e) {
+            throw new RuntimeException("密码加密失败", e);
+        }
+    }
+
+    /**
+     * 验证密码
+     * @param inputPassword 用户输入的密码
+     * @param storedHash 数据库存储的加密字符串（格式：密文:盐值）
+     * @return 是否匹配
+     */
+    public static boolean verify(String inputPassword, String storedHash) {
+        if (inputPassword == null || storedHash == null) {
+            return false;
+        }
+
+        String[] parts = storedHash.split(":");
+        if (parts.length != 2) {
+            throw new IllegalArgumentException("存储的密码格式无效");
+        }
+
+        String inputHash = encrypt(inputPassword, parts[1]);
+        return inputHash.equals(storedHash);
+    }
+
+    // 测试示例
+    public static void main(String[] args) {
+        String password = "admin123";
+
+        // 加密
+        String encrypted = encrypt(password, null);
+        System.out.println("加密结果: " + encrypted);
+
+        // 验证
+        boolean matched = verify(password, encrypted);
+        System.out.println("验证结果: " + matched);
+
+        // 错误密码测试
+        boolean wrongMatch = verify("wrongPassword", encrypted);
+        System.out.println("错误密码测试: " + wrongMatch);
+    }
+}
--- a/ebike-gateway/src/main/java/com/cdzy/gateway/GatewayExceptionHandler.java
+++ b/ebike-gateway/src/main/java/com/cdzy/gateway/GatewayExceptionHandler.java
@ -54,7 +54,6 @@ public class GatewayExceptionHandler implements ErrorWebExceptionHandler {
        if (ex instanceof NoResourceFoundException) {
            msg = "路径不存在";
        }
-        ex.printStackTrace();
        log.error("[网关异常处理]请求路径:{},异常信息:{}", exchange.getRequest().getPath(), ex.getMessage());

        return webFluxResponseWriter(response, msg,null);
--- a/ebike-gateway/src/main/resources/application.yml
+++ b/ebike-gateway/src/main/resources/application.yml
@ -1,3 +1,3 @@
 spring:
  profiles:
-    active: @profile.active@
+    active: @profile.active@
--- a/ebike-staff/src/main/java/com/cdzy/staff/controller/EbikeOperatorStaffController.java
+++ b/ebike-staff/src/main/java/com/cdzy/staff/controller/EbikeOperatorStaffController.java
@ -79,8 +79,8 @@ public class EbikeOperatorStaffController {
     *
     * @return 运营商员工账户表详情
     */
-    @GetMapping("getInfo")
-    public JsonResult<?> getInfo() {
+    @GetMapping("getStaffInfo")
+    public JsonResult<?> getStaffInfo() {
      StaffInfo info = ebikeOperatorStaffService.getStaffInfo();
        return JsonResult.success(info);
    }
--- a/ebike-staff/src/main/java/com/cdzy/staff/model/dto/StaffInfo.java
+++ b/ebike-staff/src/main/java/com/cdzy/staff/model/dto/StaffInfo.java
@ -15,8 +15,13 @@ public class StaffInfo implements Serializable {

    private EbikeOperatorStaff staff;

-    private EbikeRole role;
+//    private List<EbikeRole> roles;

-    private List<EbikePermission> permissions;
+    private List<String> roles;
+
+    /**
+     *权限码集合
+     */
+    private List<String> permissions;

 }
--- a/ebike-staff/src/main/java/com/cdzy/staff/service/impl/EbikeOperatorStaffServiceImpl.java
+++ b/ebike-staff/src/main/java/com/cdzy/staff/service/impl/EbikeOperatorStaffServiceImpl.java
@ -12,6 +12,9 @@ import com.mybatisflex.spring.service.impl.ServiceImpl;
 import jakarta.annotation.Resource;
 import org.springframework.stereotype.Service;

+import java.util.ArrayList;
+import java.util.List;
+
 import static com.cdzy.staff.model.entity.table.EbikeOperatorStaffTableDef.EBIKE_OPERATOR_STAFF;

 /**
@ -46,14 +49,20 @@ public class EbikeOperatorStaffServiceImpl extends ServiceImpl<EbikeOperatorStaf

    @Override
    public StaffInfo getStaffInfo() {
-        Long loginId = (Long)StpUtil.getLoginId();
+        Long loginId = StpUtil.getLoginIdAsLong();
        QueryWrapper queryWrapper = QueryWrapper.create()
                .where(EBIKE_OPERATOR_STAFF.STAFF_ID.eq(loginId));
        EbikeOperatorStaff ebikeOperatorStaff = staffMapper.selectOneByQuery(queryWrapper);
+        List<String> permissions = new ArrayList<>();
+        permissions.add("common:btn:add");
+        permissions.add("common:btn:edit");
+        permissions.add("common:btn:delete");
+        List<String> roles = new ArrayList<>();
+        permissions.add("common");
        return StaffInfo.builder()
                .staff(ebikeOperatorStaff)
-                .role(null)
-                .permissions(null)
+                .roles(null)
+                .permissions(permissions)
                .build();
    }
 }
--- a/ebike-staff/src/test/java/com/cdzy/staff/PasswordTest.java
+++ b/ebike-staff/src/test/java/com/cdzy/staff/PasswordTest.java
@ -0,0 +1,19 @@
+package com.cdzy.staff;
+
+import com.cdzy.common.utils.SHA256WithSaltUtil;
+import org.junit.jupiter.api.Test;
+import org.springframework.boot.test.context.SpringBootTest;
+
+@SpringBootTest(classes = com.cdzy.staff.EbikeStaffApplication.class)
+public class PasswordTest {
+
+    @Test
+    public void test() {
+        String salt = SHA256WithSaltUtil.generateSalt();
+        System.out.println(salt);
+        String password = "123456";
+        String encrypt = SHA256WithSaltUtil.encrypt(password, salt);
+        System.out.println(encrypt);
+    }
+
+}