用户密码改为DES加密

2 years ago · 2f9a1add26
parent 853c12fd80
commit 2f9a1add26
10 changed files with 91 additions and 27 deletions
--- a/Myshipping.Application/Myshipping.Application.xml
+++ b/Myshipping.Application/Myshipping.Application.xml
@ -1548,9 +1548,9 @@
            <param name="input"></param>
            <returns></returns>
        </member>
-        <member name="M:Magic.Application.BookingOrderService.List(Magic.Application.BookingOrderInput)">
+        <member name="M:Magic.Application.BookingOrderService.Updata">
            <summary>
-            获取订舱主表列表
+            
            </summary>
            <param name="input"></param>
            <returns></returns>
--- a/Myshipping.Application/Service/BookingOrder/BookingOrderService.cs
+++ b/Myshipping.Application/Service/BookingOrder/BookingOrderService.cs
@ -7,6 +7,12 @@ using SqlSugar;
 using System.Linq;
 using System.Threading.Tasks;
 using Myshipping.Application.Entity;
 using Microsoft.AspNetCore.Authorization;
 using Furion;
 using Microsoft.AspNetCore.Http;
 using Furion.DataEncryption;
 using System.Collections.Generic;
 namespace Magic.Application
 {
    /// <summary>
@ -204,14 +210,47 @@ namespace Magic.Application
        }
        /// <summary>
-        /// 获取订舱主表列表
+        /// 
        /// </summary>
        /// <param name="input"></param>
        /// <returns></returns>
-        [HttpGet("/BookingOrder/list")]
+        [AllowAnonymous]
-        public async Task<dynamic> List([FromQuery] BookingOrderInput input)
+        [HttpGet("/BookingOrder/updata")]
        public async Task<dynamic> Updata()
        {
            var accessToken = JWTEncryption.Encrypt(new Dictionary<string, object>
        {
            {ClaimConst.CLAINM_USERID, 111},
            {ClaimConst.TENANT_ID, 10},
            {ClaimConst.CLAINM_ACCOUNT, "admin"},
            {ClaimConst.CLAINM_NAME, "管理员"},
            {ClaimConst.CLAINM_SUPERADMIN, AdminType.Admin},
            { ClaimConst.CLAINM_TENANT_TYPE, TenantTypeEnum.SYSTEM },
            { ClaimConst.CLAINM_TENANT_NAME, "测试" },
        });
            var httpContext = App.GetService<IHttpContextAccessor>().HttpContext;
            httpContext.SigninToSwagger(accessToken);
            return Task.Run(() =>
            {
                return $"当前用户:{UserManager.Name}";
            });
        }
        [AllowAnonymous]
        [HttpGet("/BookingOrder/test")]
        public async Task<dynamic> Test(string str, bool encrpyt = true)
        {
            var keyDES = App.GetOptions<EncryptKeyOptions>().DES;
            if (encrpyt)
            {
-            return await _rep.ToListAsync();
+                return $"{keyDES} {DESCEncryption.Encrypt(str, keyDES)}";
            }
            else
            {
                return DESCEncryption.Decrypt(str, keyDES);
            }
        }
    }
 }
--- a/Myshipping.Application/Service/BookingOrder/IBookingOrderService.cs
+++ b/Myshipping.Application/Service/BookingOrder/IBookingOrderService.cs
@ -9,7 +9,6 @@ namespace Magic.Application
        Task Add(AddBookingOrderInput input);
        Task Delete(DeleteBookingOrderInput input);
        Task<BookingOrder> Get([FromQuery] QueryeBookingOrderInput input);
        Task<dynamic> List([FromQuery] BookingOrderInput input);
        Task<dynamic> Page([FromQuery] BookingOrderInput input);
        Task Update(UpdateBookingOrderInput input);
    }
--- a/Myshipping.Core/ConfigOption/ConfigOptions.cs
+++ b/Myshipping.Core/ConfigOption/ConfigOptions.cs
@ -208,3 +208,12 @@ public class ThirdParty
    public string scope { get; set; }
 }
 /// <summary>
 /// 加密key
 /// </summary>
 public class EncryptKeyOptions: IConfigurableOptions
 {
    public string AES { get; set; }
    public string DES { get; set; }
 }
--- a/Myshipping.Core/Myshipping.Core.xml
+++ b/Myshipping.Core/Myshipping.Core.xml
@ -492,6 +492,11 @@
            scope
            </summary>
        </member>
        <member name="T:Myshipping.Core.EncryptKeyOptions">
            <summary>
            加密key
            </summary>
        </member>
        <member name="F:Myshipping.Core.ClaimConst.CLAINM_USERID">
            <summary>
            用户Id
--- a/Myshipping.Core/Service/Auth/AuthService.cs
+++ b/Myshipping.Core/Service/Auth/AuthService.cs
@ -68,8 +68,9 @@ public class AuthService : IAuthService, IDynamicApiController, ITransient
    [AllowAnonymous]
    public async Task<string> LoginAsync([Required] LoginInput input)
    {
        var keyDES = App.GetOptions<EncryptKeyOptions>().DES;
        // 获取加密后的密码
-        var encryptPassword = MD5Encryption.Encrypt(input.Password);
+        var encryptPassword = DESCEncryption.Encrypt(input.Password, keyDES);
        // 判断用户名和密码是否正确(排除全局多租户过滤器)Filter(null,true)
        var user = _sysUserRep.AsQueryable().Filter(null, true)
--- a/Myshipping.Core/Service/Tenant/SysTenantService.cs
+++ b/Myshipping.Core/Service/Tenant/SysTenantService.cs
@ -12,6 +12,7 @@ using SqlSugar;
 using System.Collections.Generic;
 using System.Linq;
 using System.Threading.Tasks;
 using Furion;
 namespace Myshipping.Core.Service;
@ -315,8 +316,9 @@ public class SysTenantService : ISysTenantService, IDynamicApiController, ITrans
    [HttpPost("/sysTenant/resetPwd")]
    public async Task ResetUserPwd(QueryTenantInput input)
    {
        var keyDES = App.GetOptions<EncryptKeyOptions>().DES;
        var tenantAdminUser = await GetTenantAdminUser(input.Id);
-        tenantAdminUser.Password = MD5Encryption.Encrypt(await _sysConfigService.GetDefaultPassword());
+        tenantAdminUser.Password = DESCEncryption.Encrypt(await _sysConfigService.GetDefaultPassword(), keyDES);
        // 更新密码
        await _sysUserRep.AsUpdateable(tenantAdminUser)
            .Where(wh => wh.Id.Equals(tenantAdminUser.Id)).IgnoreColumns(ignoreAllNullColumns: true).ExecuteCommandAsync();
--- a/Myshipping.Core/Service/User/SysUserService.cs
+++ b/Myshipping.Core/Service/User/SysUserService.cs
@ -15,6 +15,7 @@ using System.IO;
 using System.Linq;
 using System.Threading.Tasks;
 using Yitter.IdGenerator;
 using Furion;
 namespace Myshipping.Core.Service;
@ -97,9 +98,10 @@ public class SysUserService : ISysUserService, IDynamicApiController, ITransient
        var isExist = await _sysUserRep.AnyAsync(u => u.Account == input.Account);
        if (isExist) throw Oops.Oh(ErrorCode.D1003);
        var keyDES = App.GetOptions<EncryptKeyOptions>().DES;
        var user = input.Adapt<SysUser>();
        user.AdminType = AdminType.None;
-        user.Password = MD5Encryption.Encrypt(input.Password);
+        user.Password = DESCEncryption.Encrypt(input.Password, keyDES);
        if (string.IsNullOrEmpty(user.Name))
            user.Name = user.Account;
        if (string.IsNullOrEmpty(user.NickName))
@ -297,10 +299,11 @@ public class SysUserService : ISysUserService, IDynamicApiController, ITransient
    [HttpPost("/sysUser/updatePwd")]
    public async Task UpdateUserPwd(ChangePasswordUserInput input)
    {
        var keyDES = App.GetOptions<EncryptKeyOptions>().DES;
        var user = await _sysUserRep.FirstOrDefaultAsync(u => u.Id == input.Id);
-        if (MD5Encryption.Encrypt(input.Password) != user.Password)
+        if (DESCEncryption.Encrypt(input.Password, keyDES) != user.Password)
            throw Oops.Oh(ErrorCode.D1004);
-        user.Password = MD5Encryption.Encrypt(input.NewPassword);
+        user.Password = DESCEncryption.Encrypt(input.NewPassword, keyDES);
        await _sysUserRep.AsUpdateable(user).IgnoreColumns(ignoreAllNullColumns: true).ExecuteCommandAsync();
    }
@ -334,8 +337,9 @@ public class SysUserService : ISysUserService, IDynamicApiController, ITransient
    [HttpPost("/sysUser/resetPwd")]
    public async Task ResetUserPwd(QueryUserInput input)
    {
        var keyDES = App.GetOptions<EncryptKeyOptions>().DES;
        var user = await _sysUserRep.FirstOrDefaultAsync(u => u.Id == input.Id);
-        user.Password = MD5Encryption.Encrypt(await _sysConfigService.GetDefaultPassword());
+        user.Password = DESCEncryption.Encrypt(await _sysConfigService.GetDefaultPassword(), keyDES);
        await _sysUserRep.AsUpdateable(user).IgnoreColumns(it => new { it.AdminType }).IgnoreColumns(ignoreAllNullColumns: true).ExecuteCommandAsync();
    }
--- a/Myshipping.Web.Core/Startup.cs
+++ b/Myshipping.Web.Core/Startup.cs
@ -37,6 +37,7 @@ public class Startup : AppStartup
        services.AddConfigurableOptions<SystemSettingsOptions>();
        services.AddConfigurableOptions<UploadFileOptions>();
        services.AddConfigurableOptions<OAuthOptions>();
        services.AddConfigurableOptions<EncryptKeyOptions>();
        #region 上传文件大小限制
        long maxRequestBodySize = Convert.ToInt64(App.Configuration["MaxRequestBodySize"]);
--- a/Myshipping.Web.Core/applicationconfig.json
+++ b/Myshipping.Web.Core/applicationconfig.json
@ -49,6 +49,10 @@
    "ExpiredTime": 1440, // 过期时间，long 类型，单位分钟，默认20分钟
    "ClockSkew": 5 // 过期时间容错值，long 类型，单位秒，默认5秒
  },
  "EncryptKey": {
    "AES": "072B13C9AD5644C5B914DFE66F4B5D11",
    "DES": "072B13C9"
  },
  "Cache": {
    "CacheType": "MemoryCache", // RedisCache
    "RedisConnectionString": "127.0.0.1:6379,password=,defaultDatabase=2"