From a31a2ea0269bfce01bc01fc85e1ba11f714f29f8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?F=E5=98=89=E9=98=B3?= Date: Mon, 5 Feb 2018 21:12:27 +0800 Subject: [PATCH] =?UTF-8?q?=E5=AE=9E=E7=8E=B0=E7=94=A8=E6=88=B7=E5=AF=86?= =?UTF-8?q?=E7=A0=81SHA=E5=8A=A0=E5=AF=86?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../fjy/spring/constant/GlobalConstant.java | 3 + .../spring/controller/LoginController.java | 5 + .../spring/controller/RegisterController.java | 18 ++- .../spring/controller/UpLoadController.java | 12 +- .../java/com/fjy/spring/domain/TbFile.java | 11 +- .../com/fjy/spring/untils/CodingUtil.java | 104 ++++++++++++++++++ 6 files changed, 149 insertions(+), 4 deletions(-) create mode 100644 src/main/java/com/fjy/spring/untils/CodingUtil.java diff --git a/src/main/java/com/fjy/spring/constant/GlobalConstant.java b/src/main/java/com/fjy/spring/constant/GlobalConstant.java index 04f870a..1ab4c26 100644 --- a/src/main/java/com/fjy/spring/constant/GlobalConstant.java +++ b/src/main/java/com/fjy/spring/constant/GlobalConstant.java @@ -1,5 +1,8 @@ package com.fjy.spring.constant; +/** + * 存储全局变量 + */ public class GlobalConstant { public static final String USER_SESSION_KEY = "USER_SESSION"; } diff --git a/src/main/java/com/fjy/spring/controller/LoginController.java b/src/main/java/com/fjy/spring/controller/LoginController.java index 798c636..23f1ad2 100644 --- a/src/main/java/com/fjy/spring/controller/LoginController.java +++ b/src/main/java/com/fjy/spring/controller/LoginController.java @@ -3,6 +3,7 @@ package com.fjy.spring.controller; import com.fjy.spring.domain.TbUser; import com.fjy.spring.properties.ServerProperties; import com.fjy.spring.service.UserService; +import com.fjy.spring.untils.CodingUtil; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.GetMapping; @@ -11,6 +12,8 @@ import org.springframework.web.bind.annotation.PostMapping; import javax.annotation.Resource; import javax.servlet.http.HttpServletRequest; +import java.math.BigInteger; + import static com.fjy.spring.constant.GlobalConstant.USER_SESSION_KEY; @Controller @@ -26,6 +29,8 @@ public class LoginController { @PostMapping("/login/dologin") public String doLogin(TbUser tbUser)throws Exception{ + //加密用户密码 + tbUser.setColpassword(new BigInteger(CodingUtil.encryptSHA(tbUser.getColpassword().getBytes())).toString()); TbUser user = userService.doLoginService(tbUser.getColname(),tbUser.getColpassword()); if (user!=null){ request.getSession().setAttribute(USER_SESSION_KEY,user); diff --git a/src/main/java/com/fjy/spring/controller/RegisterController.java b/src/main/java/com/fjy/spring/controller/RegisterController.java index 92ee638..9f93001 100644 --- a/src/main/java/com/fjy/spring/controller/RegisterController.java +++ b/src/main/java/com/fjy/spring/controller/RegisterController.java @@ -3,14 +3,18 @@ package com.fjy.spring.controller; import com.fjy.spring.domain.TbUser; import com.fjy.spring.enums.ResultEnum; import com.fjy.spring.exception.UserException; +import com.fjy.spring.properties.ServerProperties; import com.fjy.spring.service.UserService; +import com.fjy.spring.untils.CodingUtil; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.validation.BindingResult; -import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PostMapping; +import javax.annotation.Resource; +import javax.servlet.http.HttpServletRequest; import javax.validation.Valid; +import java.math.BigInteger; @Controller public class RegisterController { @@ -18,6 +22,12 @@ public class RegisterController { @Autowired private UserService userService; + @Autowired + private ServerProperties serverProperties; + + @Resource + HttpServletRequest request; + @PostMapping(value = "/register/doregister") public String doRegister(@Valid TbUser tbUser, BindingResult bindingResult)throws Exception{ if (bindingResult.hasErrors()){ @@ -25,8 +35,12 @@ public class RegisterController { resultEnum.setData(bindingResult.getFieldError().getDefaultMessage()); throw new UserException(resultEnum); } + //加密用户密码 + tbUser.setColpassword(new BigInteger(CodingUtil.encryptSHA(tbUser.getColpassword().getBytes())).toString()); if (userService.doRegisterService(tbUser)){ - return "login"; + return "redirect:" + request.getScheme() + "://" + request.getServerName() + ":" + + serverProperties.getPortNum() + request.getContextPath() + "/index"; + // return "login"; } throw new UserException(ResultEnum.UNKOWN_ERROR); } diff --git a/src/main/java/com/fjy/spring/controller/UpLoadController.java b/src/main/java/com/fjy/spring/controller/UpLoadController.java index de99396..b699077 100644 --- a/src/main/java/com/fjy/spring/controller/UpLoadController.java +++ b/src/main/java/com/fjy/spring/controller/UpLoadController.java @@ -1,6 +1,8 @@ package com.fjy.spring.controller; +import com.fjy.spring.constant.GlobalConstant; import com.fjy.spring.domain.TbFile; +import com.fjy.spring.domain.TbUser; import com.fjy.spring.properties.ServerProperties; import com.fjy.spring.service.FileService; import com.fjy.spring.untils.FormatFileSizeUtil; @@ -13,7 +15,9 @@ import org.springframework.web.multipart.MultipartHttpServletRequest; import javax.servlet.http.HttpServletRequest; import java.io.File; import java.io.IOException; +import java.sql.Timestamp; import java.util.ArrayList; +import java.util.Date; import java.util.List; import java.util.Map; @@ -60,6 +64,7 @@ public class UpLoadController { @RequestMapping(value = "/oneUpload") public String oneUpload(@RequestParam("imageFile") MultipartFile imageFile, HttpServletRequest request) { + TbUser user = (TbUser)request.getSession().getAttribute(GlobalConstant.USER_SESSION_KEY); //String uploadUrl = request.getSession().getServletContext().getRealPath("/") + "upload/"; String uploadUrl = serverProperties.getFilePath()+ "upload/"; String filename = imageFile.getOriginalFilename(); @@ -75,7 +80,7 @@ public class UpLoadController { file.setColfilename(filename); file.setColfilepath(uploadUrl + filename); file.setColip(request.getRemoteAddr()); - + file.setColuserid(user.getColuserid()); if (fileService.addFile(file)) System.out.println("记录写入数据库成功"); else @@ -122,6 +127,9 @@ public class UpLoadController { MultipartHttpServletRequest multipartHttpServletRequest = (MultipartHttpServletRequest) request; Map files = multipartHttpServletRequest.getFileMap(); + TbUser user = (TbUser)request.getSession().getAttribute(GlobalConstant.USER_SESSION_KEY); + Date date = new Date(); + Timestamp currentTime = new Timestamp(date.getTime()); //String uploadUrl = request.getSession().getServletContext().getRealPath("/") + "upload/"; String uploadUrl = serverProperties.getFilePath()+ "upload/"; @@ -143,8 +151,10 @@ public class UpLoadController { TbFile tbFile = new TbFile(); tbFile.setColfilesize(new FormatFileSizeUtil().GetFileSize(file.getSize())); tbFile.setColfilename(filename); + tbFile.setColtime(currentTime); tbFile.setColfilepath(uploadUrl + filename); tbFile.setColip(request.getRemoteAddr()); + tbFile.setColuserid(user.getColuserid()); if (fileService.addFile(tbFile)) System.out.println("记录写入数据库成功"); diff --git a/src/main/java/com/fjy/spring/domain/TbFile.java b/src/main/java/com/fjy/spring/domain/TbFile.java index f009a63..449a746 100644 --- a/src/main/java/com/fjy/spring/domain/TbFile.java +++ b/src/main/java/com/fjy/spring/domain/TbFile.java @@ -3,6 +3,7 @@ package com.fjy.spring.domain; import javax.persistence.Entity; import javax.persistence.GeneratedValue; import javax.persistence.Id; +import java.sql.Timestamp; @Entity public class TbFile { @@ -12,7 +13,7 @@ public class TbFile { private int coluserid; - //private String coltime; + private Timestamp coltime; private String colip; @@ -35,6 +36,14 @@ public class TbFile { '}'; } + public Timestamp getColtime() { + return coltime; + } + + public void setColtime(Timestamp coltime) { + this.coltime = coltime; + } + public int getColfileid() { return colfileid; } diff --git a/src/main/java/com/fjy/spring/untils/CodingUtil.java b/src/main/java/com/fjy/spring/untils/CodingUtil.java new file mode 100644 index 0000000..a862e15 --- /dev/null +++ b/src/main/java/com/fjy/spring/untils/CodingUtil.java @@ -0,0 +1,104 @@ +package com.fjy.spring.untils; + +import org.apache.tomcat.util.codec.binary.Base64; + +import javax.crypto.KeyGenerator; +import javax.crypto.Mac; +import javax.crypto.SecretKey; +import javax.crypto.spec.SecretKeySpec; +import java.math.BigInteger; +import java.security.InvalidKeyException; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; + +public class CodingUtil { + public static final String KEY_SHA = "SHA"; + public static final String KEY_MD5 = "MD5"; + public static final String KEY_MAC = "HmacMD5"; + + // sun不推荐使用它们自己的base64,用apache的挺好 + /** + * BASE64解密 + */ + public static byte[] decryptBASE64(byte[] dest) { + if (dest == null) { + return null; + } + return Base64.decodeBase64(dest); + } + + /** + * BASE64加密 + */ + public static byte[] encryptBASE64(byte[] origin) { + if (origin == null) { + return null; + } + return Base64.encodeBase64(origin); + } + + /** + * MD5加密 + * + * @throws NoSuchAlgorithmException + */ + public static byte[] encryptMD5(byte[] data) throws NoSuchAlgorithmException { + if (data == null) { + return null; + } + MessageDigest md5 = MessageDigest.getInstance(KEY_MD5); + md5.update(data); + return md5.digest(); + } + + /** + * SHA加密 + * + * @throws NoSuchAlgorithmException + */ + public static byte[] encryptSHA(byte[] data) throws NoSuchAlgorithmException { + if (data == null) { + return null; + } + MessageDigest sha = MessageDigest.getInstance(KEY_SHA); + sha.update(data); + return sha.digest(); + } + + /** + * 初始化HMAC密钥 + * + * @throws NoSuchAlgorithmException + */ + public static String initMacKey() throws NoSuchAlgorithmException { + KeyGenerator keyGenerator = KeyGenerator.getInstance(KEY_MAC); + SecretKey secretKey = keyGenerator.generateKey(); + return new String(encryptBASE64(secretKey.getEncoded())); + } + + /** + * HMAC加密 + * + * @throws NoSuchAlgorithmException + * @throws InvalidKeyException + */ + public static byte[] encryptHMAC(byte[] data, String key) throws NoSuchAlgorithmException, InvalidKeyException { + SecretKey secretKey = new SecretKeySpec(decryptBASE64(key.getBytes()), KEY_MAC); + Mac mac = Mac.getInstance(secretKey.getAlgorithm()); + mac.init(secretKey); + return mac.doFinal(data); + + } + + public static void main(String[] args) throws Exception { + // TODO Auto-generated method stub + String data = "简单加密"; + System.out.println(new BigInteger(encryptBASE64(data.getBytes())).toString(16)); + System.out.println(new BigInteger(encryptBASE64(data.getBytes())).toString(32)); + System.out.println(new String(decryptBASE64(encryptBASE64(data.getBytes())))); + + System.out.println(new BigInteger(encryptMD5(data.getBytes())).toString()); + System.out.println(new BigInteger(encryptSHA(data.getBytes())).toString()); + System.out.println(new BigInteger(encryptHMAC(data.getBytes(), initMacKey())).toString()); + } +}