登录用户名密码数据加密

onemap-gateway/src/main/java/com/onemap/gateway/filter/ValidateCodeFilter.java

@@ -3,12 +3,15 @@ package com.onemap.gateway.filter;
 import java.nio.CharBuffer;
 import java.nio.charset.StandardCharsets;
 import java.util.concurrent.atomic.AtomicReference;
+
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.cloud.gateway.filter.GatewayFilter;
 import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory;
 import org.springframework.core.io.buffer.DataBuffer;
 import org.springframework.core.io.buffer.DataBufferUtils;
+import org.springframework.http.HttpHeaders;
 import org.springframework.http.server.reactive.ServerHttpRequest;
+import org.springframework.http.server.reactive.ServerHttpRequestDecorator;
 import org.springframework.stereotype.Component;
 import com.alibaba.fastjson2.JSON;
 import com.alibaba.fastjson2.JSONObject;
@@ -24,9 +27,8 @@ import reactor.core.publisher.Flux;
  * @author onemap
  */
 @Component
-public class ValidateCodeFilter extends AbstractGatewayFilterFactory<Object>
-{
-    private final static String[] VALIDATE_URL = new String[] { "/auth/login", "/auth/register" };
+public class ValidateCodeFilter extends AbstractGatewayFilterFactory<Object> {
+    private final static String[] VALIDATE_URL = new String[]{"/auth/login", "/auth/register"};
 
     @Autowired
     private ValidateCodeService validateCodeService;
@@ -38,34 +40,59 @@ public class ValidateCodeFilter extends AbstractGatewayFilterFactory<Object>
 
     private static final String UUID = "uuid";
 
+    private static final String USERNAME = "username";
+
+    private static final String PASSWORD = "password";
+
     @Override
-    public GatewayFilter apply(Object config)
-    {
+    public GatewayFilter apply(Object config) {
         return (exchange, chain) -> {
             ServerHttpRequest request = exchange.getRequest();
 
             // 非登录/注册请求或验证码关闭，不处理
-            if (!StringUtils.containsAnyIgnoreCase(request.getURI().getPath(), VALIDATE_URL) || !captchaProperties.getEnabled())
-            {
+            if (!StringUtils.containsAnyIgnoreCase(request.getURI().getPath(), VALIDATE_URL) || !captchaProperties.getEnabled()) {
                 return chain.filter(exchange);
             }
 
-            try
-            {
+            try {
                 String rspStr = resolveBodyFromRequest(request);
                 JSONObject obj = JSON.parseObject(rspStr);
                 validateCodeService.checkCaptcha(obj.getString(CODE), obj.getString(UUID));
-            }
-            catch (Exception e)
-            {
+
+
+                obj.put(PASSWORD, validateCodeService.decryptString(obj.getString(UUID), obj.getString(PASSWORD)));
+                obj.put(USERNAME, validateCodeService.decryptString(obj.getString(UUID), obj.getString(USERNAME)));
+                String modifiedBody = obj.toString();
+                validateCodeService.deletePrivateKey(obj.getString(UUID));
+                byte[] bodyBytes = modifiedBody.getBytes(StandardCharsets.UTF_8);
+                DataBuffer bodyDataBuffer = exchange.getResponse().bufferFactory().wrap(bodyBytes);
+                Flux<DataBuffer> modifiedBodyFlux = Flux.just(bodyDataBuffer);
+
+                HttpHeaders headers = new HttpHeaders();
+                headers.putAll(request.getHeaders());
+                headers.setContentLength(bodyBytes.length);
+
+                ServerHttpRequest decoratedRequest = new ServerHttpRequestDecorator(request) {
+                    @Override
+                    public HttpHeaders getHeaders() {
+                        return headers;
+                    }
+
+                    @Override
+                    public Flux<DataBuffer> getBody() {
+                        return modifiedBodyFlux;
+                    }
+                };
+
+                return chain.filter(exchange.mutate().request(decoratedRequest).build());
+            } catch (Exception e) {
                 return ServletUtils.webFluxResponseWriter(exchange.getResponse(), e.getMessage());
             }
-            return chain.filter(exchange);
+//            return chain.filter(exchange);
         };
     }
 
-    private String resolveBodyFromRequest(ServerHttpRequest serverHttpRequest)
-    {
+    private String resolveBodyFromRequest(ServerHttpRequest serverHttpRequest) {
         // 获取请求体
         Flux<DataBuffer> body = serverHttpRequest.getBody();
         AtomicReference<String> bodyRef = new AtomicReference<>();

onemap-gateway/src/main/java/com/onemap/gateway/service/ValidateCodeService.java

@@ -12,8 +12,7 @@ import com.onemap.common.core.web.domain.AjaxResult;
  *
  * @author onemap
  */
-public interface ValidateCodeService
-{
+public interface ValidateCodeService {
     /**
      * 生成验证码
      */
@@ -23,4 +22,11 @@ public interface ValidateCodeService
      * 校验验证码
      */
     public void checkCaptcha(String key, String value) throws CaptchaException;
+
+    /**
+     * 解米
+     */
+    public String decryptString(String uuid, String value) throws Exception;
+
+    public void deletePrivateKey(String uuid);
 }

onemap-gateway/src/main/java/com/onemap/gateway/service/impl/ValidateCodeServiceImpl.java

@@ -92,7 +92,7 @@ public class ValidateCodeServiceImpl implements ValidateCodeService {
         ajax.put("publicKeyString", keyPair[0]);
         // 保存私钥信息
         String keyPairKey = CacheConstants.LOGIN_RSA_KEY + uuid;
-        redisService.setCacheObject(keyPairKey,  keyPair[1], Constants.CAPTCHA_EXPIRATION, TimeUnit.MINUTES);
+        redisService.setCacheObject(keyPairKey, keyPair[1], Constants.CAPTCHA_EXPIRATION, TimeUnit.MINUTES);
         return ajax;
     }
 
@@ -115,4 +115,30 @@ public class ValidateCodeServiceImpl implements ValidateCodeService {
             throw new CaptchaException("验证码错误");
         }
     }
+
+    /**
+     * 数据解密
+     */
+    @Override
+    public String decryptString(String uuid, String value) throws Exception {
+        if (StringUtils.isEmpty(value)) {
+            throw new CaptchaException("验证数据不能为空");
+        }
+        if (StringUtils.isEmpty(uuid)) {
+            throw new CaptchaException("验证码已失效");
+        }
+        String keyPairKey = CacheConstants.LOGIN_RSA_KEY + uuid;
+        String privateKeyString = redisService.getCacheObject(keyPairKey);
+        String code = RSAUtils.decryptByPrivateKey(privateKeyString, value);
+        if (StringUtils.isEmpty(code)) {
+            throw new CaptchaException("验证数据错误");
+        }
+        return code;
+    }
+
+    @Override
+    public void deletePrivateKey(String uuid) {
+        String keyPairKey = CacheConstants.LOGIN_RSA_KEY + uuid;
+        redisService.deleteObject(keyPairKey);
+    }
 }