private static KeyPair initKey() {
try {
Provider provider =new BouncyCastleProvider();
Security.addProvider(provider);
SecureRandom random = new SecureRandom();
KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA", provider);
generator.initialize(1024,random);
return generator.generateKeyPair();
} catch(Exception e) {
throw new RuntimeException(e);
}
}
private static byte[] decrypt(byte[] byteArray) {
try {
Provider provider = new org.bouncycastle.jce.provider.BouncyCastleProvider();
Security.addProvider(provider);
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", provider);
PrivateKey privateKey = keyPair.getPrivate();
cipher.init(Cipher.DECRYPT_MODE, privateKey);
byte[] plainText = cipher.doFinal(byteArray);
return plainText;
} catch(Exception e) {
throw new RuntimeException(e);
}
}
public static String decryptBase64(String string) {
return new String(decrypt(Base64.decodeBase64(string.getBytes())));
}
public static String generateBase64PublicKey() {
PublicKey publicKey = (RSAPublicKey)keyPair.getPublic();
return new String(Base64.encodeBase64(publicKey.getEncoded()));
}
}
编写前端需要调用后端生成公钥方法接口:
// 后端登录生成公钥方法
@RequestMapping(value = “/getPublicKey”, method = RequestMethod.GET)
public R RSAKey(){
String publicKey = RSAUtil.generateBase64PublicKey();
return R.ok().put(“publicKey”,publicKey);
}
前端向后台发送登录请求前,先向后台请求获取公钥,加密后再发起登录请求。
需要提前引入 jsencrypt.min.js文件或npm安装就行
// 获取公钥
export function encryption(username, password) {
return new Promise((resolve, reject) => {
PublicKey().then((res) => {
console.log(res);
let encrypt = new JSEncrypt(); //创建加密实例
let PublicKey = res.publicKey;
encrypt.setPublicKey(PublicKey);
username = encrypt.encrypt(username);
password = encrypt.encrypt(password);
resolve({
username: username,
password: password
})
})
})
}
后端登录接收并解密:
![](https://img-blog.csdnimg.cn/c7d6dd53dd4a4ed795335d4e4c83f3f5.png?x-oss-process=image/watermark,type_d3F5LXplbmhlaQ,shadow_50,text_Q1NETiBAamF2YeadjuadqOWLhw==,size_20,color_FFFFFF,t_70,g_se,x_16)
![](https://img-blog.csdnimg.cn/c1e104d2ba0a45248707926f47511849.png?x-oss-process=image/watermark,type_d3F5LXplbmhlaQ,shadow_50,text_Q1NETiBAamF2YeadjuadqOWLhw==,size_20,color_FFFFFF,t_70,g_se,x_16)
后端登录接口实现:
/**
* 登录
*/
@RequestMapping(value = “/sys/login”,method = {RequestMethod.GET,RequestMethod.POST})
public Map<String, Object> login(@RequestParam String username, @RequestParam String password)throws IOException {username=username.replaceAll(" “, “+”);
password=password.replaceAll(” ", “+”);
username = RSAUtil.decryptBase64(username.trim());
password = RSAUtil.decryptBase64(password.trim());
System.out.println(username+password);
SysUserEntity user = sysUserService.queryByUserName(username);
//账号不存在、密码错误
if(user == null || !user.getPassword().equals(new Sha256Hash(password, user.getSalt()).toHex())) {
return R.error(“账号或密码不正确”);
}
//账号锁定
if(user.getStatus() == 0){
return R.error(“账号已被锁定,请联系管理员”);
}
//生成token,并保存到数据库
R r = sysUserTokenService.createToken(user.getUserId());
r.put(“user”,user);
return r;
}
>
> ### 源码获取:
### 最后
**一个好的心态和一个坚持的心很重要**,很多冲着高薪的人想学习前端,但是能学到最后的没有几个,遇到困难就放弃了,这种人到处都是,就是因为有的东西难,所以他的回报才很大,我们评判一个前端开发者是什么水平,就是他解决问题的能力有多强。
**分享一些前端面试题以及学习路线给大家**
![](https://img-blog.csdnimg.cn/img_convert/a53de69437a2f60b7b6ebf7d92df66a7.webp?x-oss-process=image/format,png)
到处都是,就是因为有的东西难,所以他的回报才很大,我们评判一个前端开发者是什么水平,就是他解决问题的能力有多强。
**分享一些前端面试题以及学习路线给大家**
[外链图片转存中...(img-t8xjmDOX-1720100757560)]
![](https://img-blog.csdnimg.cn/img_convert/373a9118632490ddcd441dc8c250fda2.webp?x-oss-process=image/format,png)