实现用户密码SHA加密

src/main/java/com/fjy/spring/constant/GlobalConstant.java

@@ -1,5 +1,8 @@
 package com.fjy.spring.constant;
 
+/**
+ * 存储全局变量
+ */
 public class GlobalConstant {
     public static final String USER_SESSION_KEY = "USER_SESSION";
 }

src/main/java/com/fjy/spring/controller/LoginController.java

@@ -3,6 +3,7 @@ package com.fjy.spring.controller;
 import com.fjy.spring.domain.TbUser;
 import com.fjy.spring.properties.ServerProperties;
 import com.fjy.spring.service.UserService;
+import com.fjy.spring.untils.CodingUtil;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.GetMapping;
@@ -11,6 +12,8 @@ import org.springframework.web.bind.annotation.PostMapping;
 import javax.annotation.Resource;
 import javax.servlet.http.HttpServletRequest;
 
+import java.math.BigInteger;
+
 import static com.fjy.spring.constant.GlobalConstant.USER_SESSION_KEY;
 
 @Controller
@@ -26,6 +29,8 @@ public class LoginController {
 
     @PostMapping("/login/dologin")
     public String doLogin(TbUser tbUser)throws Exception{
+        //加密用户密码
+        tbUser.setColpassword(new BigInteger(CodingUtil.encryptSHA(tbUser.getColpassword().getBytes())).toString());
         TbUser user = userService.doLoginService(tbUser.getColname(),tbUser.getColpassword());
         if (user!=null){
             request.getSession().setAttribute(USER_SESSION_KEY,user);

src/main/java/com/fjy/spring/controller/RegisterController.java

@@ -3,14 +3,18 @@ package com.fjy.spring.controller;
 import com.fjy.spring.domain.TbUser;
 import com.fjy.spring.enums.ResultEnum;
 import com.fjy.spring.exception.UserException;
+import com.fjy.spring.properties.ServerProperties;
 import com.fjy.spring.service.UserService;
+import com.fjy.spring.untils.CodingUtil;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 import org.springframework.validation.BindingResult;
-import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
 
+import javax.annotation.Resource;
+import javax.servlet.http.HttpServletRequest;
 import javax.validation.Valid;
+import java.math.BigInteger;
 
 @Controller
 public class RegisterController {
@@ -18,6 +22,12 @@ public class RegisterController {
     @Autowired
     private UserService userService;
 
+    @Autowired
+    private ServerProperties serverProperties;
+
+    @Resource
+    HttpServletRequest request;
+
     @PostMapping(value = "/register/doregister")
     public String doRegister(@Valid TbUser tbUser, BindingResult bindingResult)throws Exception{
         if (bindingResult.hasErrors()){
@@ -25,8 +35,12 @@ public class RegisterController {
             resultEnum.setData(bindingResult.getFieldError().getDefaultMessage());
             throw new UserException(resultEnum);
         }
+        //加密用户密码
+        tbUser.setColpassword(new BigInteger(CodingUtil.encryptSHA(tbUser.getColpassword().getBytes())).toString());
         if (userService.doRegisterService(tbUser)){
-            return "login";
+            return "redirect:" + request.getScheme() + "://" + request.getServerName() + ":"
+                    + serverProperties.getPortNum() + request.getContextPath() + "/index";
+            // return "login";
         }
         throw new UserException(ResultEnum.UNKOWN_ERROR);
     }

src/main/java/com/fjy/spring/controller/UpLoadController.java

@@ -1,6 +1,8 @@
 package com.fjy.spring.controller;
 
+import com.fjy.spring.constant.GlobalConstant;
 import com.fjy.spring.domain.TbFile;
+import com.fjy.spring.domain.TbUser;
 import com.fjy.spring.properties.ServerProperties;
 import com.fjy.spring.service.FileService;
 import com.fjy.spring.untils.FormatFileSizeUtil;
@@ -13,7 +15,9 @@ import org.springframework.web.multipart.MultipartHttpServletRequest;
 import javax.servlet.http.HttpServletRequest;
 import java.io.File;
 import java.io.IOException;
+import java.sql.Timestamp;
 import java.util.ArrayList;
+import java.util.Date;
 import java.util.List;
 import java.util.Map;
 
@@ -60,6 +64,7 @@ public class UpLoadController {
     @RequestMapping(value = "/oneUpload")
     public String oneUpload(@RequestParam("imageFile") MultipartFile imageFile, HttpServletRequest request) {
 
+        TbUser user = (TbUser)request.getSession().getAttribute(GlobalConstant.USER_SESSION_KEY);
         //String uploadUrl = request.getSession().getServletContext().getRealPath("/") + "upload/";
         String uploadUrl =  serverProperties.getFilePath()+ "upload/";
         String filename = imageFile.getOriginalFilename();
@@ -75,7 +80,7 @@ public class UpLoadController {
         file.setColfilename(filename);
         file.setColfilepath(uploadUrl + filename);
         file.setColip(request.getRemoteAddr());
-
+        file.setColuserid(user.getColuserid());
         if (fileService.addFile(file))
             System.out.println("记录写入数据库成功");
         else
@@ -122,6 +127,9 @@ public class UpLoadController {
         MultipartHttpServletRequest multipartHttpServletRequest = (MultipartHttpServletRequest) request;
         Map<String, MultipartFile> files = multipartHttpServletRequest.getFileMap();
 
+        TbUser user = (TbUser)request.getSession().getAttribute(GlobalConstant.USER_SESSION_KEY);
+        Date date = new Date();
+        Timestamp currentTime = new Timestamp(date.getTime());
         //String uploadUrl = request.getSession().getServletContext().getRealPath("/") + "upload/";
         String uploadUrl = serverProperties.getFilePath()+ "upload/";
 
@@ -143,8 +151,10 @@ public class UpLoadController {
             TbFile tbFile = new TbFile();
             tbFile.setColfilesize(new FormatFileSizeUtil().GetFileSize(file.getSize()));
             tbFile.setColfilename(filename);
+            tbFile.setColtime(currentTime);
             tbFile.setColfilepath(uploadUrl + filename);
             tbFile.setColip(request.getRemoteAddr());
+            tbFile.setColuserid(user.getColuserid());
 
             if (fileService.addFile(tbFile))
                 System.out.println("记录写入数据库成功");

src/main/java/com/fjy/spring/domain/TbFile.java

@@ -3,6 +3,7 @@ package com.fjy.spring.domain;
 import javax.persistence.Entity;
 import javax.persistence.GeneratedValue;
 import javax.persistence.Id;
+import java.sql.Timestamp;
 
 @Entity
 public class TbFile {
@@ -12,7 +13,7 @@ public class TbFile {
 
     private int coluserid;
 
-    //private String coltime;
+    private Timestamp coltime;
 
     private String colip;
 
@@ -35,6 +36,14 @@ public class TbFile {
                 '}';
     }
 
+    public Timestamp getColtime() {
+        return coltime;
+    }
+
+    public void setColtime(Timestamp coltime) {
+        this.coltime = coltime;
+    }
+
     public int getColfileid() {
         return colfileid;
     }

src/main/java/com/fjy/spring/untils/CodingUtil.java

@@ -0,0 +1,104 @@
+package com.fjy.spring.untils;
+
+import org.apache.tomcat.util.codec.binary.Base64;
+
+import javax.crypto.KeyGenerator;
+import javax.crypto.Mac;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
+import java.math.BigInteger;
+import java.security.InvalidKeyException;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+
+public class CodingUtil {
+    public static final String KEY_SHA = "SHA";
+    public static final String KEY_MD5 = "MD5";
+    public static final String KEY_MAC = "HmacMD5";
+
+    // sun不推荐使用它们自己的base64,用apache的挺好
+    /**
+     * BASE64解密
+     */
+    public static byte[] decryptBASE64(byte[] dest) {
+        if (dest == null) {
+            return null;
+        }
+        return Base64.decodeBase64(dest);
+    }
+
+    /**
+     * BASE64加密
+     */
+    public static byte[] encryptBASE64(byte[] origin) {
+        if (origin == null) {
+            return null;
+        }
+        return Base64.encodeBase64(origin);
+    }
+
+    /**
+     * MD5加密
+     *
+     * @throws NoSuchAlgorithmException
+     */
+    public static byte[] encryptMD5(byte[] data) throws NoSuchAlgorithmException {
+        if (data == null) {
+            return null;
+        }
+        MessageDigest md5 = MessageDigest.getInstance(KEY_MD5);
+        md5.update(data);
+        return md5.digest();
+    }
+
+    /**
+     * SHA加密
+     *
+     * @throws NoSuchAlgorithmException
+     */
+    public static byte[] encryptSHA(byte[] data) throws NoSuchAlgorithmException {
+        if (data == null) {
+            return null;
+        }
+        MessageDigest sha = MessageDigest.getInstance(KEY_SHA);
+        sha.update(data);
+        return sha.digest();
+    }
+
+    /**
+     * 初始化HMAC密钥
+     *
+     * @throws NoSuchAlgorithmException
+     */
+    public static String initMacKey() throws NoSuchAlgorithmException {
+        KeyGenerator keyGenerator = KeyGenerator.getInstance(KEY_MAC);
+        SecretKey secretKey = keyGenerator.generateKey();
+        return new String(encryptBASE64(secretKey.getEncoded()));
+    }
+
+    /**
+     * HMAC加密
+     *
+     * @throws NoSuchAlgorithmException
+     * @throws InvalidKeyException
+     */
+    public static byte[] encryptHMAC(byte[] data, String key) throws NoSuchAlgorithmException, InvalidKeyException {
+        SecretKey secretKey = new SecretKeySpec(decryptBASE64(key.getBytes()), KEY_MAC);
+        Mac mac = Mac.getInstance(secretKey.getAlgorithm());
+        mac.init(secretKey);
+        return mac.doFinal(data);
+
+    }
+
+    public static void main(String[] args) throws Exception {
+        // TODO Auto-generated method stub
+        String data = "简单加密";
+        System.out.println(new BigInteger(encryptBASE64(data.getBytes())).toString(16));
+        System.out.println(new BigInteger(encryptBASE64(data.getBytes())).toString(32));
+        System.out.println(new String(decryptBASE64(encryptBASE64(data.getBytes()))));
+
+        System.out.println(new BigInteger(encryptMD5(data.getBytes())).toString());
+        System.out.println(new BigInteger(encryptSHA(data.getBytes())).toString());
+        System.out.println(new BigInteger(encryptHMAC(data.getBytes(), initMacKey())).toString());
+    }
+}