增加账号密码加密。

cc0735f5 · gdj · 776efb54 · cc0735f5 · cc0735f5
Commit cc0735f5 authored Apr 22, 2025 by gdj
Hide whitespace changes
Inline Side-by-side

Showing with 38 additions and 1 deletions

sample/src/main/java/com/dji/sample/common/util/SecurityUtils.java
+33 -0

sample/src/main/java/com/dji/sample/manage/service/impl/UserServiceImpl.java
+5 -1

No files found.
--- a/sample/src/main/java/com/dji/sample/common/util/SecurityUtils.java
+++ b/sample/src/main/java/com/dji/sample/common/util/SecurityUtils.java
+package com.dji.sample.common.util;
+
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+
+/**
+ * @author guan
+ */
+public class SecurityUtils {
+
+    /**
+     * 生成BCryptPasswordEncoder密码
+     *
+     * @param password 密码
+     * @return 加密字符串
+     */
+    public static String encryptPassword(String password) {
+        BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
+        return passwordEncoder.encode(password);
+    }
+
+    /**
+     * 判断密码是否相同
+     *
+     * @param rawPassword 真实密码
+     * @param encodedPassword 加密后字符
+     * @return 结果
+     */
+    public static boolean matchesPassword(String rawPassword, String encodedPassword) {
+        BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
+        return passwordEncoder.matches(rawPassword, encodedPassword);
+    }
+
+}
--- a/sample/src/main/java/com/dji/sample/manage/service/impl/UserServiceImpl.java
+++ b/sample/src/main/java/com/dji/sample/manage/service/impl/UserServiceImpl.java
@@ -9,6 +9,7 @@ import com.baomidou.mybatisplus.core.conditions.update.LambdaUpdateWrapper;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.dji.sample.common.model.CustomClaim;
 import com.dji.sample.common.util.JwtUtil;
+import com.dji.sample.common.util.SecurityUtils;
 import com.dji.sample.component.mqtt.config.MqttPropertyConfiguration;
 import com.dji.sample.manage.dao.IUserMapper;
 import com.dji.sample.manage.model.dto.UserDTO;
@@ -25,6 +26,7 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
+import org.springframework.util.CollectionUtils;
 import org.springframework.util.StringUtils;

 import java.time.Instant;
@@ -76,7 +78,9 @@ public class UserServiceImpl implements IUserService {
        if (flag.intValue() != userEntity.getUserType().intValue()) {
            return HttpResultResponse.error("The account type does not match.");
        }
-        if (!password.equals(userEntity.getPassword())) {
+        // 密码加密验证
+        // if (!password.equals(userEntity.getPassword())) {
+        if (!SecurityUtils.matchesPassword(password, userEntity.getPassword())) {
            return new HttpResultResponse()
                    .setCode(HttpStatus.UNAUTHORIZED.value())
                    .setMessage("invalid password");