登录密码加密

src/main/java/com/project/zcustom/controller/system/LoginController.java

@@ -2,6 +2,7 @@ package com.project.zcustom.controller.system;
 
 import cn.dev33.satoken.stp.StpUtil;
 import com.project.zcustom.controller.core.AjaxResult;
+import com.project.zcustom.tools.AESUtil;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
@@ -19,6 +20,8 @@ public class LoginController {
 
     @PostMapping("/doLogin")
     public AjaxResult login(@RequestParam String username, @RequestParam String password) {
+        // 密码解密
+        password = AESUtil.decrypt(password);
         StpUtil.login(1);
         String token = StpUtil.getTokenValue();
         return AjaxResult.success(token);

src/main/java/com/project/zcustom/exception/GlobalExceptionHandler.java

@@ -1,6 +1,7 @@
 package com.project.zcustom.exception;
 
 import com.project.zcustom.controller.core.AjaxResult;
+import org.springframework.web.bind.MissingServletRequestParameterException;
 import org.springframework.web.bind.annotation.ExceptionHandler;
 import org.springframework.web.bind.annotation.RestControllerAdvice;
 
@@ -13,6 +14,12 @@ import org.springframework.web.bind.annotation.RestControllerAdvice;
 @RestControllerAdvice
 public class GlobalExceptionHandler {
 
+    @ExceptionHandler(MissingServletRequestParameterException.class)
+    public AjaxResult handleMissingParams(MissingServletRequestParameterException ex) {
+        String paramName = ex.getParameterName();
+        String message = "缺少必要参数: " + paramName;
+        return AjaxResult.error(message);
+    }
     @ExceptionHandler
     public AjaxResult handlerException(Exception e) {
         return AjaxResult.error(e.getMessage());

src/main/java/com/project/zcustom/tools/AESUtil.java

@@ -0,0 +1,102 @@
+package com.project.zcustom.tools;
+
+import lombok.SneakyThrows;
+import lombok.extern.slf4j.Slf4j;
+
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.util.Base64;
+
+@Slf4j
+public class AESUtil {
+	
+	/***
+     * key和iv值可以随机生成
+     */
+    private static String KEY = "X4RjV51wQxSxZHHQ";
+    private static String IV = "g49GarVwCTR6nBHQ";
+    
+    /***
+     * 加密
+     * @param  data 要加密的数据
+     * @return encrypt
+     */
+    public static String encrypt(String data) {
+        return encrypt(data, KEY, IV);
+    }
+
+    /***
+     * param data 需要解密的数据
+     * 调用desEncrypt（）方法
+     */
+    public static String decrypt(String data) {
+        return decrypt(data, KEY, IV);
+    }
+
+    /**
+     * 加密方法
+     * @param data  要加密的数据
+     * @param key 加密key
+     * @param iv 加密iv
+     * @return 加密的结果
+
+     */
+    @SneakyThrows
+    private static String encrypt(String data, String key, String iv) {
+    	Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
+        int blockSize = cipher.getBlockSize();
+
+        byte[] dataBytes = data.getBytes();
+        int plaintextLength = dataBytes.length;
+        if (plaintextLength % blockSize != 0) {
+            plaintextLength = plaintextLength + (blockSize - (plaintextLength % blockSize));
+        }
+
+        byte[] plaintext = new byte[plaintextLength];
+        System.arraycopy(dataBytes, 0, plaintext, 0, dataBytes.length);
+
+        SecretKeySpec keyspec = new SecretKeySpec(key.getBytes(), "AES");
+        IvParameterSpec ivspec = new IvParameterSpec(iv.getBytes());
+
+        cipher.init(Cipher.ENCRYPT_MODE, keyspec, ivspec);
+        byte[] encrypted = cipher.doFinal(plaintext);
+        
+        return Base64.getEncoder().encodeToString(encrypted);
+    }
+
+    /**
+     * 解密方法
+     * @param data 要解密的数据
+     * @param key  解密key
+     * @param iv 解密iv
+     * @return 解密的结果
+     * @throws NoSuchPaddingException 
+     * @throws NoSuchAlgorithmException 
+     * @throws InvalidAlgorithmParameterException 
+     * @throws InvalidKeyException 
+     * @throws BadPaddingException 
+     * @throws IllegalBlockSizeException 
+     */
+    public static String decrypt(String data, String key, String iv) {
+    	byte[] encrypted1 = Base64.getDecoder().decode(data);
+        try {
+        	Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
+            SecretKeySpec keySpec = new SecretKeySpec(key.getBytes(), "AES");
+            IvParameterSpec ivSpec = new IvParameterSpec(iv.getBytes());
+			cipher.init(Cipher.DECRYPT_MODE, keySpec, ivSpec);
+			byte[] original = cipher.doFinal(encrypted1);
+	        return new String(original).trim();
+		} catch (Exception e) {
+			log.error("decrypt exception", e);
+		}
+		return "";
+    }
+
+}