文章目录
商城项目实战开发-GRPC和GIN的直连调用
01、本次课程微服务的技术栈
- grpc
- consoul
- gateway
- protobuf
- gorm/ent/sqlx/xorm/beego
- gin
- apifox
- vue/vite/typescript/uniapp
整体架构如下:
02、用户服务接口定义和实现登录
1、密码问题
- 对称加密
- rsa
- 非对称加密
- rsa
- des
- 不可逆加密
- md5
- shaxxx
01、MD5的方式
为什么选择MD5。因为md5是不可逆。只能加密不能解密。
package utils
import (
"crypto/md5"
"encoding/hex"
"io"
)
/**
* MD5加密
* @author feige
* @date 2024-04-08
* @version 1.0
* @desc
*/
func Md5(value string) string {
hash := md5.New()
_, _ = io.WriteString(hash, value)
return hex.EncodeToString(hash.Sum(nil))
}
真的安全吗?https://www.somd5.com/ 通过解密发现md5并不可靠,怎么办,它又是如何解密的呢?
如何处理呢?加盐。
02、加盐的方式
加盐其实就是让密码变的有“味道”
package main
import (
"fmt"
"kuangstudy-mall/apis/user-web/utils"
)
func main() {
fmt.Println(utils.Md5("kuangstudyxxxxxx123456"))
}
这里的:kuangstudyxxxxx 就的盐,但是这个属于静态盐。不安全。为什么呢?而且这个盐一定要稍微复杂一点,不太过于简单,否则很容易被破解掉,
这个静态盐会存在几个问题
- 大家盐一样的
- A—-123456 –kuangstudyxxxxx — fc5867e066a370165cf1b57e38b61180
- B—-123456 –kuangstudyxxxxx — fc5867e066a370165cf1b57e38b61180
- 在后台的数据库中很容易就可以被识别出来,A和B设置的密码都是一样的。这样就不安全
- 静态盐对于内部来说是不安全。很容易被泄露。一旦泄露密码就不安全了。
- 怎么办—-动态盐
03、动态盐
-
注册的时候,给每个用户生成一个 UUID
- A—-123456 –uuid (dc336722ed0c44bdae2c7f9f39764278) — xxxxxxxx
- B—-123456 –uuid (f5a919aae4fd40ea950f8c1abb9fccae)— xxxxxxx
-
登录解密的时候
- A 输入账号,根据账号查询出每个用户自己盐和加密的密码
- 用户输入的密码 + 每个用户自己盐 =加密==真实加密密码
- 真实加密密码 和 数据库的密码去比较 如果相等就说明密码是正确的,反之输入密码有误,
04、使用加盐框架passwordEncoder
-
动态盐需要使用额外的列来存在的盐值,所以就浪费的数据存储空间。如何解决这个问题。可以使用组件框架:passwordencoder
-
https://github.com/anaskhan96/go-password-encoder
/*
*
注册时候把密码加密
采用组合的方式存在到password列,就可以让slat列不需要定义了
*/
func PasswordEncoder(pwd string) string {
options := &password.Options{
16, 100, 32, sha512.New}
salt, encodedPwd := password.Encode(pwd, options)
return fmt.Sprintf("$pbkdf2-sha512$%s$%s", salt, encodedPwd)
}
/*
*
在验证的时候,根据账号把数据库中存储的encodePwd查询出来
和 用户输入密码进行验证,如果是正确的就返回true, 否则返回 false
*/
func PasswordVerfiy(pwd string, encodePwd string) bool {
options := &password.Options{
16, 100, 32, sha512.New}
passwordInfo := strings.Split(encodePwd, "$")
return password.Verify(pwd, passwordInfo[2], passwordInfo[3], options)
}
上面的主要目的就是把slat和password组合存储。不需要分开
2、用户服务接口的暴露
syntax = "proto3";
option go_package = ".;proto";
// 开始定义用户登录相关的接口服务
service User {
rpc findUserList(PageInfo) returns (UserListResponse);
rpc getUserByTelephone(TelephoneRequest) returns (UserInfoResponse);
rpc getUserById(IdRequest) returns (UserInfoResponse);
rpc saveUser(CreateUserRequest) returns (UserInfoResponse);
rpc updateUser(UpdateUserRequeest) returns (BooleanResponse);
rpc checkPassword(PasswordCheckRequest) returns (CheckResponse);
}
message PasswordCheckRequest{
string password = 1;
string encodePassword = 2;
}
message BooleanResponse{
bool success = 1;
}
message CheckResponse{
bool success = 1;
}
message UpdateUserRequeest{
uint64 id = 1;
string nickName = 2;
string mobile = 3;
string passWord = 4;
uint64 birthDay = 5;
string gender = 6;
}
message CreateUserRequest{
string nickName = 1;
string mobile = 2;
string passWord = 3;
uint64 birthDay = 4;
string gender = 5;
}
message IdRequest{
uint64 id = 1;
}
message TelephoneRequest{
string telephone = 1;
}
message PageInfo{
uint32 pageNo = 1;
uint32 pageSize = 2;
}
message UserListResponse {
int32 total = 1;
repeated UserInfoResponse data = 2;
}
message UserInfoResponse {
uint64 id = 1;
string passWord = 2;
string mobile = 3;
string nickName = 4;
uint64 birthDay = 5;
string gender = 6;
int32 role = 7;
}
然后执行命令
protoc -I . user.proto --go_out=plugins=grpc:.
得到user.pb.go文件
// Code generated by protoc-gen-go. DO NOT EDIT.
// versions:
// protoc-gen-go v1.33.0
// protoc v3.20.3
// source: user.proto
package proto
import (
context "context"
grpc "google.golang.org/grpc"
codes "google.golang.org/grpc/codes"
status "google.golang.org/grpc/status"
protoreflect "google.golang.org/protobuf/reflect/protoreflect"
protoimpl "google.golang.org/protobuf/runtime/protoimpl"
reflect "reflect"
sync "sync"
)
const (
// Verify that this generated code is sufficiently up-to-date.
_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
// Verify that runtime/protoimpl is sufficiently up-to-date.
_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
)
type PasswordCheckRequest struct {
state protoimpl.MessageState
sizeCache protoimpl.SizeCache
unknownFields protoimpl.UnknownFields
Password string `protobuf:"bytes,1,opt,name=password,proto3" json:"password,omitempty"`
EncodePassword string `protobuf:"bytes,2,opt,name=encodePassword,proto3" json:"encodePassword,omitempty"`
}
func (x *PasswordCheckRequest) Reset() {
*x = PasswordCheckRequest{
}
if protoimpl.UnsafeEnabled {
mi := &file_user_proto_msgTypes[0]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
}
func (x *PasswordCheckRequest) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*PasswordCheckRequest) ProtoMessage() {
}
func (x *PasswordCheckRequest) ProtoReflect() protoreflect.Message {
mi := &file_user_proto_msgTypes[0]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
ms.StoreMessageInfo(mi)
}
return ms
}
return mi.MessageOf(x)
}
// Deprecated: Use PasswordCheckRequest.ProtoReflect.Descriptor instead.
func (*PasswordCheckRequest) Descriptor() ([]byte, []int) {
return file_user_proto_rawDescGZIP(), []int{
0}
}
func (x *PasswordCheckRequest) GetPassword() string {
if x != nil {
return x.Password
}
return ""
}
func (x *PasswordCheckRequest) GetEncodePassword() string {
if x != nil {
return x.EncodePassword
}
return ""
}
type BooleanResponse struct {
state protoimpl.MessageState
sizeCache protoimpl.SizeCache
unknownFields protoimpl.UnknownFields
Success bool `protobuf:"varint,1,opt,name=success,proto3" json:"success,omitempty"`
}
func (x *BooleanResponse) Reset() {
*x = BooleanResponse{
}
if protoimpl.UnsafeEnabled {
mi := &file_user_proto_msgTypes[1]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
}
func (x *BooleanResponse) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*BooleanResponse) ProtoMessage() {
}
func (x *BooleanResponse) ProtoReflect() protoreflect.Message {
mi := &file_user_proto_msgTypes[1]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
ms.StoreMessageInfo(mi)
}
return ms
}
return mi.MessageOf(x)
}
// Deprecated: Use BooleanResponse.ProtoReflect.Descriptor instead.
func (*BooleanResponse) Descriptor() ([]byte, []int) {
return file_user_proto_rawDescGZIP(), []int{
1}
}
func (x *BooleanResponse) GetSuccess() bool {
if x != nil {
return x.Success
}
return false
}
type CheckResponse struct {
state protoimpl.MessageState
sizeCache protoimpl.SizeCache
unknownFields protoimpl.UnknownFields
Success bool `protobuf:"varint,1,opt,name=success,proto3" json:"success,omitempty"`
}
func (x *CheckResponse) Reset() {
*x = CheckResponse{
}
if protoimpl.UnsafeEnabled {
mi := &file_user_proto_msgTypes[2]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
}
func (x *CheckResponse) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*CheckResponse) ProtoMessage() {
}
func (x *CheckResponse) ProtoReflect() protoreflect.Message {
mi := &file_user_proto_msgTypes[2]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
ms.StoreMessageInfo(mi)
}
return ms
}
return mi.MessageOf(x)
}
// Deprecated: Use CheckResponse.ProtoReflect.Descriptor instead.
func (*CheckResponse) Descriptor() ([]byte, []int) {
return file_user_proto_rawDescGZIP(), []int{
2}
}
func (x *CheckResponse) GetSuccess() bool {
if x != nil {
return x.Success
}
return false
}
type UpdateUserRequeest struct {
state protoimpl.MessageState
sizeCache protoimpl.SizeCache
unknownFields protoimpl.UnknownFields
Id uint64 `protobuf:"varint,1,opt,name=id,proto3" json:"id,omitempty"`
NickName string `protobuf:"bytes,2,opt,name=nickName,proto3" json:"nickName,omitempty"`
Mobile string `protobuf:"bytes,3,opt,name=mobile,proto3" json:"mobile,omitempty"`
PassWord string `protobuf:"bytes,4,opt,name=passWord,proto3" json:"passWord,omitempty"`
BirthDay uint64 `protobuf:"varint,5,opt,name=birthDay,proto3" json:"birthDay,omitempty"`
Gender string `protobuf:"bytes,6,opt,name=gender,proto3" json:"gender,omitempty"`
}
func (x *UpdateUserRequeest) Reset() {
*x = UpdateUserRequeest{
}
if protoimpl.UnsafeEnabled {
mi := &file_user_proto_msgTypes[3]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
}
func (x *UpdateUserRequeest) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*UpdateUserRequeest) ProtoMessage() {
}
func (x *UpdateUserRequeest) ProtoReflect() protoreflect.Message {
mi := &file_user_proto_msgTypes[3]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
ms.StoreMessageInfo(mi)
}
return ms
}
return mi.MessageOf(x)
}
// Deprecated: Use UpdateUserRequeest.ProtoReflect.Descriptor instead.
func (*UpdateUserRequeest) Descriptor() ([]byte, []int) {
return file_user_proto_rawDescGZIP(), []int{
3}
}
func (x *UpdateUserRequeest) GetId() uint64 {
if x != nil {
return x.Id
}
return 0
}
func (x *UpdateUserRequeest) GetNickName() string {
if x != nil {
return x.NickName
}
return ""
}
func (x *UpdateUserRequeest) GetMobile() string {
if x != nil {
return x.Mobile
}
return ""
}
func (x *UpdateUserRequeest) GetPassWord() string {
if x != nil {
return x.PassWord
}
return ""
}
func (x *UpdateUserRequeest) GetBirthDay() uint64 {
if x != nil {
return x.BirthDay
}
return 0
}
func (x *UpdateUserRequeest) GetGender() string {
if x != nil {
return x.Gender
}
return ""
}
type CreateUserRequest struct {
state protoimpl.MessageState
sizeCache protoimpl.SizeCache
unknownFields protoimpl.UnknownFields
NickName string `protobuf:"bytes,1,opt,name=nickName,proto3" json:"nickName,omitempty"`
Mobile string `protobuf:"bytes,2,opt,name=mobile,proto3" json:"mobile,omitempty"`
PassWord string `protobuf:"bytes,3,opt,name=passWord,proto3" json:"passWord,omitempty"`
BirthDay uint64 `protobuf:"varint,4,opt,name=birthDay,proto3" json:"birthDay,omitempty"`
Gender string `protobuf:"bytes,5,opt,name=gender,proto3" json:"gender,omitempty"`
}
func (x *CreateUserRequest) Reset() {
*x = CreateUserRequest{
}
if protoimpl.UnsafeEnabled {
mi := &file_user_proto_msgTypes[4]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
}
func (x *CreateUserRequest) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*CreateUserRequest) ProtoMessage() {
}
func (x *CreateUserRequest) ProtoReflect() protoreflect.Message {
mi := &file_user_proto_msgTypes[4]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
ms.StoreMessageInfo(mi)
}
return ms
}
return mi.MessageOf(x)
}
// Deprecated: Use CreateUserRequest.ProtoReflect.Descriptor instead.
func (*CreateUserRequest) Descriptor() ([]byte, []int) {
return file_user_proto_rawDescGZIP(), []int{
4}
}
func (x *CreateUserRequest) GetNickName() string {
if x != nil {
return x.NickName
}
return ""
}
func (x *CreateUserRequest) GetMobile() string {
if x != nil {
return x.Mobile
}
return ""
}
func (x *CreateUserRequest) GetPassWord() string {
if x != nil {
return x.PassWord
}
return ""
}
func (x *CreateUserRequest) GetBirthDay() uint64 {
if x != nil {
return x.BirthDay
}
return 0
}
func (x *CreateUserRequest) GetGender() string {
if x != nil {
return x.Gender
}
return ""
}
type IdRequest struct {
state protoimpl.MessageState
sizeCache protoimpl.SizeCache
unknownFields protoimpl.UnknownFields
Id uint64 `protobuf:"varint,1,opt,name=id,proto3" json:"id,omitempty"`
}
func (x *IdRequest) Reset() {
*x = IdRequest{
}
if protoimpl.UnsafeEnabled {
mi := &file_user_proto_msgTypes[5]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
}
func (x *IdRequest) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*IdRequest) ProtoMessage() {
}
func (x *IdRequest) ProtoReflect() protoreflect.Message {
mi := &file_user_proto_msgTypes[5]
if protoimpl.UnsafeEnabled && x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo(
最低0.47元/天 解锁文章
1426
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
