diff --git a/src/main/java/com/xydl/cac/config/BizConfig.java b/src/main/java/com/xydl/cac/config/BizConfig.java new file mode 100644 index 0000000..27481c8 --- /dev/null +++ b/src/main/java/com/xydl/cac/config/BizConfig.java @@ -0,0 +1,21 @@ +package com.xydl.cac.config; + +import lombok.Data; +import lombok.extern.slf4j.Slf4j; +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.context.annotation.Configuration; + +import java.util.ArrayList; +import java.util.List; + + +@Configuration +@ConfigurationProperties(prefix = "cac") +@Data +@Slf4j +public class BizConfig { + + private String rsakey; + + +} diff --git a/src/main/java/com/xydl/cac/controller/UserController.java b/src/main/java/com/xydl/cac/controller/UserController.java new file mode 100644 index 0000000..b5ad585 --- /dev/null +++ b/src/main/java/com/xydl/cac/controller/UserController.java @@ -0,0 +1,71 @@ +package com.xydl.cac.controller; + +import com.xydl.cac.entity.Admin; +import com.xydl.cac.exception.BusinessException; +import com.xydl.cac.model.Response; +import com.xydl.cac.service.AdminService; +import io.swagger.annotations.Api; +import io.swagger.annotations.ApiOperation; +import lombok.extern.slf4j.Slf4j; +import org.springframework.validation.annotation.Validated; +import org.springframework.web.bind.annotation.*; + +import javax.annotation.Resource; +import javax.validation.constraints.NotNull; +import java.util.List; + +@RestController +@Api(tags = {"管理员相关接口"}) +@RequestMapping("user") +@Slf4j +public class UserController extends BasicController { + + @Resource + AdminService service; + + @GetMapping("listAll") + @ApiOperation("查询全部列表") + public Response> listAll() { + List result = service.listAll(); + for (Admin item : result) { + item.setPassword(""); + } + return Response.success(result); + } + + @PostMapping("add") + @ApiOperation("新增") + public Response add(@Validated @RequestBody Admin item) throws Exception { + Admin result = service.add(item); + return Response.success(result); + } + + @PostMapping("updatePasswd") + @ApiOperation("更新") + public Response updatePasswd(@Validated @RequestBody Admin item) throws Exception { + if (item.getId() == null) { + throw new BusinessException("id不能为空!"); + } + service.updatePasswd(item); + return Response.success("OK"); + } + + @PostMapping("delete") + @ApiOperation("删除") + public Response delete(@Validated @NotNull(message = "id不能为空!") Integer id) throws Exception { + if (id == null) { + throw new BusinessException("id不能为空!"); + } + service.delete(id); + return Response.success("OK"); + } + + @ApiOperation(value = "登录") + @PostMapping(value = "login") + public Response login(String username, String password) throws Exception { + Admin user = service.login(username, password); + user.setPassword(""); + return Response.success(user); + } + +} diff --git a/src/main/java/com/xydl/cac/entity/Admin.java b/src/main/java/com/xydl/cac/entity/Admin.java new file mode 100644 index 0000000..46d6e52 --- /dev/null +++ b/src/main/java/com/xydl/cac/entity/Admin.java @@ -0,0 +1,38 @@ +package com.xydl.cac.entity; + +import com.fasterxml.jackson.annotation.JsonInclude; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; + +import javax.persistence.*; +import javax.validation.constraints.NotBlank; + +@JsonInclude(JsonInclude.Include.NON_NULL) +@Data +@Builder +@AllArgsConstructor +@NoArgsConstructor +@Entity +@Table(name = "admin") +@ApiModel("admin表") +public class Admin { + + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + @Column(name = "id") + private Integer id; + + @NotBlank(message = "管理员名称不能为空") + @ApiModelProperty("管理员名称") + @Column(name = "name") + private String name; + + @ApiModelProperty("管理员密码") + @Column(name = "password") + private String password; + +} \ No newline at end of file diff --git a/src/main/java/com/xydl/cac/repository/AdminRepository.java b/src/main/java/com/xydl/cac/repository/AdminRepository.java new file mode 100644 index 0000000..3475020 --- /dev/null +++ b/src/main/java/com/xydl/cac/repository/AdminRepository.java @@ -0,0 +1,13 @@ +package com.xydl.cac.repository; + +import com.xydl.cac.entity.Admin; +import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.data.jpa.repository.JpaSpecificationExecutor; +import org.springframework.stereotype.Repository; + +import java.util.List; + +@Repository +public interface AdminRepository extends JpaRepository, JpaSpecificationExecutor { + List findByName(String name); +} \ No newline at end of file diff --git a/src/main/java/com/xydl/cac/service/AdminService.java b/src/main/java/com/xydl/cac/service/AdminService.java new file mode 100644 index 0000000..245d0e6 --- /dev/null +++ b/src/main/java/com/xydl/cac/service/AdminService.java @@ -0,0 +1,18 @@ +package com.xydl.cac.service; + +import com.xydl.cac.entity.Admin; + +import java.util.List; + +public interface AdminService { + + List listAll(); + + Admin add(Admin item) throws Exception; + + void updatePasswd(Admin item) throws Exception; + + void delete(Integer id); + + Admin login(String name, String password) throws Exception; +} diff --git a/src/main/java/com/xydl/cac/service/impl/AdminServiceImpl.java b/src/main/java/com/xydl/cac/service/impl/AdminServiceImpl.java new file mode 100644 index 0000000..453e770 --- /dev/null +++ b/src/main/java/com/xydl/cac/service/impl/AdminServiceImpl.java @@ -0,0 +1,76 @@ +package com.xydl.cac.service.impl; + +import com.xydl.cac.config.BizConfig; +import com.xydl.cac.entity.Admin; +import com.xydl.cac.exception.BusinessException; +import com.xydl.cac.repository.AdminRepository; +import com.xydl.cac.service.AdminService; +import com.xydl.cac.util.Md5; +import com.xydl.cac.util.RsaUtils; +import lombok.extern.slf4j.Slf4j; +import org.springframework.stereotype.Service; +import org.springframework.transaction.annotation.Transactional; +import org.springframework.util.CollectionUtils; +import org.springframework.util.DigestUtils; + +import javax.annotation.Resource; +import java.util.List; +import java.util.UUID; + +@Service +@Slf4j +@Transactional(rollbackFor = Exception.class) +public class AdminServiceImpl implements AdminService { + + @Resource + AdminRepository repository; + @Resource + BizConfig bizConfig; + + @Override + public List listAll() { + return repository.findAll(); + } + + @Override + public Admin add(Admin item) throws Exception { + item.setId(null); + List list = repository.findByName(item.getName()); + if (!CollectionUtils.isEmpty(list)) { + throw new BusinessException("该名称已存在"); + } + String salt = UUID.randomUUID().toString().replace("-", ""); + String password = Md5.getMD5Code(salt + item.getPassword()); + item.setPassword(password); + return repository.save(item); + } + + @Override + public void updatePasswd(Admin item) throws Exception { + String salt = UUID.randomUUID().toString().replace("-", ""); + String password = Md5.getMD5Code(salt + item.getPassword()); + item.setPassword(password); + repository.save(item); + } + + @Override + public void delete(Integer id) { + repository.deleteById(id); + } + + @Override + public Admin login(String name, String password) throws Exception { + List list = repository.findByName(name); + if (CollectionUtils.isEmpty(list)) { + throw new BusinessException("用户或密码不正确"); + } + Admin admin = list.get(0); + String newPwd = RsaUtils.decryptByPrivateKey(bizConfig.getRsakey(), password); + String userPassword = DigestUtils.md5DigestAsHex(newPwd.getBytes()); + if (!admin.getPassword().equals(userPassword)) { + throw new BusinessException("用户或密码不正确"); + } + return admin; + } + +} diff --git a/src/main/java/com/xydl/cac/util/Md5.java b/src/main/java/com/xydl/cac/util/Md5.java new file mode 100644 index 0000000..baf2bb5 --- /dev/null +++ b/src/main/java/com/xydl/cac/util/Md5.java @@ -0,0 +1,50 @@ +package com.xydl.cac.util; + + +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; + + +public class Md5 { + + private static final String[] STR_DIGITS = new String[]{"0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "a", "b", "c", "d", "e", "f"}; + + public Md5() { + } + + private static String byteToArrayString(byte bByte) { + int iRet = bByte; + if (bByte < 0) { + iRet = bByte + 256; + } + + int iD1 = iRet / 16; + int iD2 = iRet % 16; + return STR_DIGITS[iD1] + STR_DIGITS[iD2]; + } + + private static String byteToString(byte[] bByte) { + StringBuffer sBuffer = new StringBuffer(); + + for (int i = 0; i < bByte.length; ++i) { + sBuffer.append(byteToArrayString(bByte[i])); + } + + return sBuffer.toString().toUpperCase(); + } + + public static String getMD5Code(String strObj) { + String resultString = null; + + try { + new String(strObj); + MessageDigest md = MessageDigest.getInstance("MD5"); + resultString = byteToString(md.digest(strObj.getBytes())); + } catch (NoSuchAlgorithmException var3) { + var3.printStackTrace(); + } + + return resultString; + } + +} diff --git a/src/main/java/com/xydl/cac/util/RsaUtils.java b/src/main/java/com/xydl/cac/util/RsaUtils.java new file mode 100644 index 0000000..6e7fa23 --- /dev/null +++ b/src/main/java/com/xydl/cac/util/RsaUtils.java @@ -0,0 +1,167 @@ +package com.xydl.cac.util; + +import org.apache.commons.codec.binary.Base64; + +import javax.crypto.Cipher; +import java.security.*; +import java.security.interfaces.RSAPrivateKey; +import java.security.interfaces.RSAPublicKey; +import java.security.spec.PKCS8EncodedKeySpec; +import java.security.spec.X509EncodedKeySpec; + + +public class RsaUtils { + + private static final String SRC = "123456"; + + + /** + * 公钥加密私钥解密 + */ + private static void test1(RsaKeyPair keyPair) throws Exception { + System.out.println("***************** 公钥加密私钥解密开始 *****************"); + String text1 = encryptByPublicKey(keyPair.getPublicKey(), RsaUtils.SRC); + String text2 = decryptByPrivateKey(keyPair.getPrivateKey(), text1); + System.out.println("加密前:" + RsaUtils.SRC); + System.out.println("加密后:" + text1); + System.out.println("解密后:" + text2); + if (RsaUtils.SRC.equals(text2)) { + System.out.println("解密字符串和原始字符串一致,解密成功"); + } else { + System.out.println("解密字符串和原始字符串不一致,解密失败"); + } + System.out.println("***************** 公钥加密私钥解密结束 *****************"); + } + + /** + * 私钥加密公钥解密 + * + * @throws Exception / + */ + private static void test2(RsaKeyPair keyPair) throws Exception { + System.out.println("***************** 私钥加密公钥解密开始 *****************"); + String text1 = encryptByPrivateKey(keyPair.getPrivateKey(), RsaUtils.SRC); + String text2 = decryptByPublicKey(keyPair.getPublicKey(), text1); + System.out.println("加密前:" + RsaUtils.SRC); + System.out.println("加密后:" + text1); + System.out.println("解密后:" + text2); + if (RsaUtils.SRC.equals(text2)) { + System.out.println("解密字符串和原始字符串一致,解密成功"); + } else { + System.out.println("解密字符串和原始字符串不一致,解密失败"); + } + System.out.println("***************** 私钥加密公钥解密结束 *****************"); + } + + /** + * 公钥解密 + * + * @param publicKeyText 公钥 + * @param text 待解密的信息 + * @return / + * @throws Exception / + */ + public static String decryptByPublicKey(String publicKeyText, String text) throws Exception { + X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(Base64.decodeBase64(publicKeyText)); + KeyFactory keyFactory = KeyFactory.getInstance("RSA"); + PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec); + Cipher cipher = Cipher.getInstance("RSA"); + cipher.init(Cipher.DECRYPT_MODE, publicKey); + byte[] result = cipher.doFinal(Base64.decodeBase64(text)); + return new String(result); + } + + /** + * 私钥加密 + * + * @param privateKeyText 私钥 + * @param text 待加密的信息 + * @return / + * @throws Exception / + */ + public static String encryptByPrivateKey(String privateKeyText, String text) throws Exception { + PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(Base64.decodeBase64(privateKeyText)); + KeyFactory keyFactory = KeyFactory.getInstance("RSA"); + PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec); + Cipher cipher = Cipher.getInstance("RSA"); + cipher.init(Cipher.ENCRYPT_MODE, privateKey); + byte[] result = cipher.doFinal(text.getBytes()); + return Base64.encodeBase64String(result); + } + + /** + * 私钥解密 + * + * @param privateKeyText 私钥 + * @param text 待解密的文本 + * @return / + * @throws Exception / + */ + public static String decryptByPrivateKey(String privateKeyText, String text) throws Exception { + PKCS8EncodedKeySpec pkcs8EncodedKeySpec5 = new PKCS8EncodedKeySpec(Base64.decodeBase64(privateKeyText)); + KeyFactory keyFactory = KeyFactory.getInstance("RSA"); + PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec5); + Cipher cipher = Cipher.getInstance("RSA"); + cipher.init(Cipher.DECRYPT_MODE, privateKey); + byte[] result = cipher.doFinal(Base64.decodeBase64(text)); + return new String(result); + } + + /** + * 公钥加密 + * + * @param publicKeyText 公钥 + * @param text 待加密的文本 + * @return / + */ + public static String encryptByPublicKey(String publicKeyText, String text) throws Exception { + X509EncodedKeySpec x509EncodedKeySpec2 = new X509EncodedKeySpec(Base64.decodeBase64(publicKeyText)); + KeyFactory keyFactory = KeyFactory.getInstance("RSA"); + PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec2); + Cipher cipher = Cipher.getInstance("RSA"); + cipher.init(Cipher.ENCRYPT_MODE, publicKey); + byte[] result = cipher.doFinal(text.getBytes()); + return Base64.encodeBase64String(result); + } + + /** + * 构建RSA密钥对 + * + * @return / + * @throws NoSuchAlgorithmException / + */ + public static RsaKeyPair generateKeyPair() throws NoSuchAlgorithmException { + KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA"); + keyPairGenerator.initialize(1024); + KeyPair keyPair = keyPairGenerator.generateKeyPair(); + RSAPublicKey rsaPublicKey = (RSAPublicKey) keyPair.getPublic(); + RSAPrivateKey rsaPrivateKey = (RSAPrivateKey) keyPair.getPrivate(); + String publicKeyString = Base64.encodeBase64String(rsaPublicKey.getEncoded()); + String privateKeyString = Base64.encodeBase64String(rsaPrivateKey.getEncoded()); + return new RsaKeyPair(publicKeyString, privateKeyString); + } + + + /** + * RSA密钥对对象 + */ + public static class RsaKeyPair { + + private final String publicKey; + private final String privateKey; + + public RsaKeyPair(String publicKey, String privateKey) { + this.publicKey = publicKey; + this.privateKey = privateKey; + } + + public String getPublicKey() { + return publicKey; + } + + public String getPrivateKey() { + return privateKey; + } + + } +} diff --git a/src/main/resources/application-dev.yml b/src/main/resources/application-dev.yml index c0d29a6..e4eaf51 100644 --- a/src/main/resources/application-dev.yml +++ b/src/main/resources/application-dev.yml @@ -29,3 +29,6 @@ proxy: solr: servlet_url: /prod-api/* target_url: http://127.0.0.1:8082/ + +cac: + rsakey: MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEAqhHyZfSsYourNxaY7Nt+PrgrxkiA50efORdI5U5lsW79MmFnusUA355oaSXcLhu5xxB38SMSyP2KvuKNPuH3owIDAQABAkAfoiLyL+Z4lf4Myxk6xUDgLaWGximj20CUf+5BKKnlrK+Ed8gAkM0HqoTt2UZwA5E2MzS4EI2gjfQhz5X28uqxAiEA3wNFxfrCZlSZHb0gn2zDpWowcSxQAgiCstxGUoOqlW8CIQDDOerGKH5OmCJ4Z21v+F25WaHYPxCFMvwxpcw99EcvDQIgIdhDTIqD2jfYjPTY8Jj3EDGPbH2HHuffvflECt3Ek60CIQCFRlCkHpi7hthhYhovyloRYsM+IS9h/0BzlEAuO0ktMQIgSPT3aFAgJYwKpqRYKlLDVcflZFCKY7u3UP8iWi1Qw0Y= diff --git a/src/main/resources/application-prod.yml b/src/main/resources/application-prod.yml index 788ac02..c592d2b 100644 --- a/src/main/resources/application-prod.yml +++ b/src/main/resources/application-prod.yml @@ -29,3 +29,6 @@ proxy: solr: servlet_url: /prod-api/* target_url: http://127.0.0.1:8082/ + +cac: + rsakey: MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEAqhHyZfSsYourNxaY7Nt+PrgrxkiA50efORdI5U5lsW79MmFnusUA355oaSXcLhu5xxB38SMSyP2KvuKNPuH3owIDAQABAkAfoiLyL+Z4lf4Myxk6xUDgLaWGximj20CUf+5BKKnlrK+Ed8gAkM0HqoTt2UZwA5E2MzS4EI2gjfQhz5X28uqxAiEA3wNFxfrCZlSZHb0gn2zDpWowcSxQAgiCstxGUoOqlW8CIQDDOerGKH5OmCJ4Z21v+F25WaHYPxCFMvwxpcw99EcvDQIgIdhDTIqD2jfYjPTY8Jj3EDGPbH2HHuffvflECt3Ek60CIQCFRlCkHpi7hthhYhovyloRYsM+IS9h/0BzlEAuO0ktMQIgSPT3aFAgJYwKpqRYKlLDVcflZFCKY7u3UP8iWi1Qw0Y=