free-sun
/
GovernmentDataResourceCenter
8
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

(*) 密码传输加密

master
liujiangyong 1 year ago
parent
5db772a1f1
commit
6d43da7941
4 changed files with 20 additions and 6 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 6
      api/app/lib/controllers/auth/index.js
  2. 8
      api/app/lib/controllers/member/index.js
  3. 8
      web/client/src/layout/components/header/index.js
  4. 4
      web/client/src/sections/auth/containers/login.js

6
api/app/lib/controllers/auth/index.js
View File

@ -2,6 +2,7 @@
const Hex = require('crypto-js/enc-hex'); const Hex = require('crypto-js/enc-hex');
const SHA1 = require('crypto-js/sha1'); const SHA1 = require('crypto-js/sha1');
const MD5 = require('crypto-js/md5'); const MD5 = require('crypto-js/md5');
const CryptoJS = require('crypto-js');
const moment = require('moment'); const moment = require('moment');
const uuid = require('uuid'); const uuid = require('uuid');
@ -11,10 +12,11 @@ async function login (ctx, next) {
const models = ctx.fs.dc.models; const models = ctx.fs.dc.models;
const params = ctx.request.body; const params = ctx.request.body;
let userRes = null let userRes = null
if (params.username && params.password) { if (params.username && params.password) {
const password = Hex.stringify(MD5(params.password)); const secretKey = 'freesun';
const decryptedPassword = CryptoJS.AES.decrypt(params.password, secretKey).toString(CryptoJS.enc.Utf8);
const password = Hex.stringify(MD5(decryptedPassword));
userRes = await models.User.findOne({ userRes = await models.User.findOne({
attributes: { exclude: ['password'] }, attributes: { exclude: ['password'] },
where: { where: {

8
api/app/lib/controllers/member/index.js
View File

@ -1,6 +1,7 @@
'use strict'; 'use strict';
const Hex = require('crypto-js/enc-hex'); const Hex = require('crypto-js/enc-hex');
const MD5 = require('crypto-js/md5'); const MD5 = require('crypto-js/md5');
const CryptoJS = require('crypto-js');
function getUserList(opts) { function getUserList(opts) {
return async function (ctx, next) { return async function (ctx, next) {
@ -83,14 +84,17 @@ function editUser(opts) {
const { id } = ctx.params; const { id } = ctx.params;
const body = ctx.request.body; const body = ctx.request.body;
if (body.oldpassword) { if (body.oldpassword) {
const password = Hex.stringify(MD5(body.oldpassword)); const secretKey = 'freesun';
const decryptedOldPassword = CryptoJS.AES.decrypt(body.oldpassword, secretKey).toString(CryptoJS.enc.Utf8);
const decryptedPassword = CryptoJS.AES.decrypt(body.password, secretKey).toString(CryptoJS.enc.Utf8);
const password = Hex.stringify(MD5(decryptedOldPassword));
const checkPwd = await models.User.findOne({ where: { id: id, password } }); const checkPwd = await models.User.findOne({ where: { id: id, password } });
if (!checkPwd) { if (!checkPwd) {
ctx.status = 400; ctx.status = 400;
ctx.body = { message: '旧密码错误' } ctx.body = { message: '旧密码错误' }
} else { } else {
await models.User.update( await models.User.update(
{ password: Hex.stringify(MD5(body.password)) }, { password: Hex.stringify(MD5(decryptedPassword)) },
{ where: { id: id, } } { where: { id: id, } }
) )
ctx.status = 204; ctx.status = 204;

8
web/client/src/layout/components/header/index.js
View File

@ -3,6 +3,7 @@ import React from 'react';
import { Menu } from 'antd'; import { Menu } from 'antd';
import { Link } from 'react-router-dom'; import { Link } from 'react-router-dom';
import { connect } from 'react-redux'; import { connect } from 'react-redux';
import CryptoJS from 'crypto-js';
import styles from './style.css'; import styles from './style.css';
import { import {
MenuFoldOutlined, MenuUnfoldOutlined, UserOutlined, LogoutOutlined MenuFoldOutlined, MenuUnfoldOutlined, UserOutlined, LogoutOutlined
@ -12,7 +13,12 @@ const Header = props => {
const { dispatch, history, user, pathname, toggleCollapsed, collapsed, actions } = props const { dispatch, history, user, pathname, toggleCollapsed, collapsed, actions } = props
const onFinish = async (values) => { const onFinish = async (values) => {
const dataToSave = { ...values } const secretKey = "freesun";
const dataToSave = {
...values,
oldpassword: CryptoJS.AES.encrypt(values.oldpassword, secretKey).toString(),
password: CryptoJS.AES.encrypt(values.password, secretKey).toString(),
}
return dispatch( return dispatch(
actions.memberManagement.modifyUser(user.id, dataToSave, values?.msg || ''), actions.memberManagement.modifyUser(user.id, dataToSave, values?.msg || ''),
).then((res) => { ).then((res) => {

4
web/client/src/sections/auth/containers/login.js
View File

@ -4,6 +4,7 @@ import { connect } from 'react-redux';
import { push } from 'react-router-redux'; import { push } from 'react-router-redux';
import SHA1 from 'crypto-js/sha1'; import SHA1 from 'crypto-js/sha1';
import Hex from 'crypto-js/enc-hex'; import Hex from 'crypto-js/enc-hex';
import CryptoJS from 'crypto-js';
import { ApiTable } from '$utils' import { ApiTable } from '$utils'
import { Request } from '@peace/utils' import { Request } from '@peace/utils'
import { Button, Input, Form, Row, Col, message, Tabs } from 'antd'; import { Button, Input, Form, Row, Col, message, Tabs } from 'antd';
@ -72,7 +73,8 @@ const Login = props => {
payload: { error: '请输入账号名和密码' } payload: { error: '请输入账号名和密码' }
}); });
setInputChanged(false) setInputChanged(false)
dispatch(login({ username, password })); const secretKey = "freesun";
dispatch(login({ username, password: CryptoJS.AES.encrypt(password, secretKey).toString() }));
} else { } else {
if (!phone || !code) if (!phone || !code)
dispatch({ dispatch({

Write Preview
Loading…
Cancel
Save