前后端分离密码登陆加密RSA⽅案(java后端)
前⾔:密码加密有很多种⽅案,这⾥不做过多讨论,本篇⽂章是基于RSA加密实现。
⾸先在前端⼯程中需要引⼊加密js: "jsencrypt": "2.3.1",(注意单独导⼊可能报错,可以删除整个node_modules,然后重新npm install)
然后在登陆提交表单的地⽅代码修改如下:
// 引⼊js
import {JSEncrypt} from 'jsencrypt'
// 提交表单⽅法
dataFormSubmit () {
this.dataForm.password = this.passwordEncryption(this.dataForm.password + ',' + new Date().getTime())
    this.$http({
url: this.$http.adornUrl('/sys/login'),
method: 'post',
data: this.$http.adornData({
'username': this.dataForm.userName,
'password': this.dataForm.password,
'uuid': this.dataForm.uuid,
'captcha': this.dataForm.captcha
})
      },
  //密码加密⽅法
  passwordEncryption (passwordUser) {
  console.log(this.rsaKey + ' ********后台获取公钥********** ')
  let publicKey = this.rsaKey // 从后台获取公钥
  let encryptor = new JSEncrypt()  // 新建JSEncrypt对象
  encryptor.setPublicKey(publicKey)  // 设置公钥
  let passwordEncryp = pt(passwordUser)  // 对密码进⾏加密
  console.log(passwordEncryp + ' ****************** ')
  return passwordEncryp
  },
// 获取公钥的⽅法
getRsaKey () {
this.$http({
url: this.$http.adornUrl('/sys/login/rsaKey'),
method: 'get'
}).then(({data}) => {
this.rsaKey = data
})
js代码加密软件}
后端⼯程代码如下
//controller 密码加密后⽤密钥解密
form.setPassword(AccountSecurityUtils.Password()));
//AccountSecurityUtils ⼯具类
public static final String PUBLIC_KEY = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCs
D1gI70BxYujhNw8NpaVKRXkcRofoeUbN9Dj5m3i3h9XAIS6LkjI01L4ieRpTHnMEzoXUY8a2/svDf//xuHuDJlZBNtCXK4DPx5x4zHdUWDjFGpWlMQ private static final String PRIVATE_KEY = "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKwPWAjvQHFi6OE3Dw2lpUpFeRxGh+h5Rs30OPmbeLeH1cAhLouSMjTUviJ5GlMecwTOhdRjxrb+y8N///G4e4MmVkE20JcrgM/HnH /**
* 加密数据和秘钥的编码⽅式
*/
public static final String UTF_8 = "UTF-8";
public static final String RSA_ALGORITHM_NO_PADDING = "RSA";
public static String decrypt(String password) {
try {
String getPass = decryptRSADefault(PRIVATE_KEY, password);
String longtime = StringUtils.substringAfterLast(getPass, ",");
if ((System.currentTimeMillis() - Long.valueOf(longtime) > 30 * 60 * 1000)) {
        //抛出⾃定义异常
throw new MYException("密码超时");
}
return StringUtils.substringBeforeLast(getPass, ",");
} catch (Exception e) {
if (e instanceof MYException) {
throw new Message());
}
<("password is :" + password + " 密码解密异常:" + e.getMessage());
}
return null;
}
public static String decryptRSADefault(String privateKeyStr, String data) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException, Unsupp    KeyFactory keyFactory = Instance(RSA_ALGORITHM_NO_PADDING);
byte[] privateKeyArray = Bytes();
byte[] dataArray = Bytes();
PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(Base64.decodeBase64(privateKeyArray));
PrivateKey privateKey = atePrivate(pkcs8EncodedKeySpec);
Cipher cipher = Instance(RSA_ALGORITHM_NO_PADDING);
cipher.init(Cipher.DECRYPT_MODE, privateKey);
return new String(cipher.doFinal(Base64.decodeBase64(dataArray)), UTF_8);
}
相关代码参考博客:blog.csdn/qq_37346607/article/details/85237368

版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。