Ver Fonte

[Mod 0000] 修改前端密码加密算法

hongrunxia há 1 mês atrás
pai
commit
2e5d6ab49a
3 ficheiros alterados com 10 adições e 19 exclusões
  1. 2 2
      src/settings/encryptionSetting.ts
  2. 8 3
      src/store/modules/user.ts
  3. 0 14
      src/utils/ventutil.ts

+ 2 - 2
src/settings/encryptionSetting.ts

@@ -11,8 +11,8 @@ export const cacheCipher = {
 
 // 开启登录密码加密,采用aes加密
 export const loginCipher = {
-  key: '_11111000001111@',
-  iv: '@11111000001111_',
+  key: 'PF1ZTosoRRBOocKLMEIxkoOrle+2NPJCEr57ckGJl80=',
+  iv: 'NfHCCRv0MdS7e948',
 };
 
 // 是否加密缓存,默认生产环境加密

+ 8 - 3
src/store/modules/user.ts

@@ -20,7 +20,8 @@ import { RoleEnum } from '/@/enums/roleEnum';
 import { useSso } from '/@/hooks/web/useSso';
 import { getActions } from '/@/qiankun/state';
 import { MOCK_LOGIN_PASSWORD, MOCK_LOGIN_UESRNAME } from '../constant';
-import { encrypt } from '/@/utils/ventutil';
+import { AesEncryption } from '/@/utils/cipher';
+import { loginCipher } from '/@/settings/encryptionSetting';
 
 interface UserState {
   userInfo: Nullable<UserInfo>;
@@ -148,7 +149,9 @@ export const useUserStore = defineStore({
       try {
         const { goHome = true, mode, successMode, ...loginParams } = params;
         // 进行加密
-        const { key, iv, encryptData } = await encrypt(loginParams.password);
+        const encryption = new AesEncryption({ key: loginCipher.key, iv: loginCipher.iv });
+        encryption.encryptByAES(loginParams.password);
+        // loginParams.password = encryption.encryptByAES(loginParams.password);
         const data = await loginApi(loginParams, mode, successMode);
         const { token, userInfo } = data;
         // save token
@@ -415,7 +418,9 @@ export const useUserStore = defineStore({
     ) {
       const { goHome = true, mode, successMode = 'none', ...loginParams } = params;
       // 进行加密
-      // const { key, iv, encryptData } = await encrypt(loginParams.password);
+      // const encryption = new AesEncryption({ key: loginCipher.key, iv: loginCipher.iv });
+      // loginParams.password = encryption.encryptByAES(loginParams.password);
+      // encryption.encryptByAES(loginParams.password);
       const data = await autoLoginApi(loginParams, mode, successMode);
       const { token, userInfo } = data;
       // save token

+ 0 - 14
src/utils/ventutil.ts

@@ -277,17 +277,3 @@ export const get: typeof _.get = (o, p, defaultValue = '-') => {
   const d = _.get(o, p, defaultValue);
   return d === null ? defaultValue : d;
 };
-
-export async function encrypt(data) {
-  const encodedData = new TextEncoder().encode(data);
-  const key = await window.crypto.subtle.generateKey({ name: 'AES-GCM', length: 256 }, true, ['encrypt', 'decrypt']);
-  const iv = window.crypto.getRandomValues(new Uint8Array(12));
-  const encryptedData = await window.crypto.subtle.encrypt({ name: 'AES-GCM', iv: iv }, key, encodedData);
-
-  // 将密钥、IV和加密数据转换为Base64以便传输
-  return {
-    key: btoa(String.fromCharCode.apply(null, new Uint8Array(await window.crypto.subtle.exportKey('raw', key)))),
-    iv: btoa(String.fromCharCode.apply(null, iv)),
-    encryptData: btoa(String.fromCharCode.apply(null, new Uint8Array(encryptedData))),
-  };
-}