由于使用若依后臺管理系統需要匹配其它平臺使用同一套數據庫，故需要有相同的加密解密方式，下面分享使用手機號+密碼登錄且加密解密方式為AES的實現代碼。
總體的實現思路是先將若依設置為免密登錄，即不使用若依自帶的加密解密方式，然后再加入AES方式

---

修改身份認證接口

在SecurityConfig.java文件中找到身份認證接口函數做下述修改

/*** 身份認證接口*/@Overrideprotected void configure(AuthenticationManagerBuilder auth) throws Exception{//添加自己的身份驗證類，userDetailsService這個可以自己在重新定義根據那個字段驗證用戶存在與否auth.authenticationProvider(new CustomLoginAuthenticationProvider(userDetailsService));auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder());}

SysLoginController.java

這里重新鏈接一下要使用的登錄驗證函數

@Autowiredprivate ILoginService LoginService;/*** 登錄方法* * @param loginBody 登錄信息* @return 結果* @throws Exception */@PostMapping("/login")public AjaxResult login(@RequestBody LoginBody loginBody) throws Exception{AjaxResult ajax = AjaxResult.success(); //注意此處調用了LoginService.loginByMobile,需要自己添加String token = LoginService.loginByMobile(loginBody.getUsername(), loginBody.getPassword(), loginBody.getCode(),loginBody.getUuid());ajax.put(Constants.TOKEN, token);return ajax;}

ILoginService.java

package com.ruoyi.framework.web.service;/*** @DESCRIPTION 手機號關于登錄接口* @author cy* @date 2021-11-3 19:56*/ public interface ILoginService {String loginByMobile(String username, String password, String code, String uuid) throws Exception;}

LoginServiceImpl.java

此文件是實現的關鍵

package com.ruoyi.framework.web.service;import org.slf4j.Logger; import org.slf4j.LoggerFactory; import com.ruoyi.common.constant.Constants; import com.ruoyi.common.core.domain.entity.SysUser; import com.ruoyi.common.core.domain.model.LoginUser; import com.ruoyi.common.core.redis.RedisCache; import com.ruoyi.common.exception.CustomException; import com.ruoyi.common.exception.user.CaptchaException; import com.ruoyi.common.exception.user.CaptchaExpireException; import com.ruoyi.common.exception.user.UserPasswordNotMatchException; import com.ruoyi.common.utils.MessageUtils; import com.ruoyi.common.utils.StringUtils; import com.ruoyi.framework.manager.AsyncManager; import com.ruoyi.framework.manager.factory.AsyncFactory; import com.ruoyi.system.service.ISysUserService; import com.ruoyi.web.controller.tool.AESForNodejs;import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.stereotype.Service;import javax.annotation.Resource;/*** @description: 手機號關于登錄接口* @author: cy* @date: 2021-11-03 20:12*/ @Service public class LoginServiceImpl implements ILoginService {private static final Logger log = LoggerFactory.getLogger(UserDetailsServiceImpl.class);@Autowiredprivate TokenService tokenService;@Resourceprivate AuthenticationManager authenticationManager;@Autowiredprivate ISysUserService userService;@Autowiredprivate RedisCache redisCache;/*** 免密常量*/public static final String CUSTOM_LOGIN_SMS = "CUSTOM_LOGIN_SMS";/*** @Description 手機號+密碼登錄* @author cy* @date 2021-11-03 20:32* @return java.lang.String* @throws Exception */public String loginByMobile(String account, String password, String code, String uuid) throws Exception{String verifyKey = Constants.CAPTCHA_CODE_KEY + uuid;String captcha = redisCache.getCacheObject(verifyKey);redisCache.deleteObject(verifyKey);//校驗驗證碼是否正確if (captcha == null){AsyncManager.me().execute(AsyncFactory.recordLogininfor(account, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.expire")));throw new CaptchaExpireException();}if (!code.equalsIgnoreCase(captcha)){AsyncManager.me().execute(AsyncFactory.recordLogininfor(account, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.error")));throw new CaptchaException();}//通過手機號或許數據庫中儲存的用戶信息SysUser user = userService.selectUserByAccount(account); if (StringUtils.isNull(user)){log.info("登錄用戶：{} 不存在.", account);return loginVerify(account,Constants.LOGIN_FAIL);}//解密,判斷與數據庫中儲存的密碼是否相同，此處使用AES進行加密解密String db_password = AESForNodejs.decrypt(user.getPassword());if(!db_password.equals(password)) {log.info("登錄用戶：{} 密碼錯誤.", account);return loginVerify(account,Constants.LOGIN_FAIL);}//TODO 2、用戶驗證return loginVerify(account,Constants.CUSTOM_LOGIN_SMS);}/*** @Description 登錄驗證* @author cy* @date 2021-11-03 20:45* @param userName 用戶名* @param passWord 密碼* @return java.lang.String*/private String loginVerify(String userName,String passWord) {//TODO 1、用戶驗證Authentication authentication = null;try {//TODO 1.1該方法會去調用UserDetailsServiceImpl.loadUserByUsernameauthentication = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(userName, passWord));} catch (Exception e) {if (e instanceof BadCredentialsException) {AsyncManager.me().execute(AsyncFactory.recordLogininfor(userName, Constants.LOGIN_FAIL, MessageUtils.message("user.password.not.match")));throw new UserPasswordNotMatchException();} else {AsyncManager.me().execute(AsyncFactory.recordLogininfor(userName, Constants.LOGIN_FAIL, e.getMessage()));throw new CustomException(e.getMessage());}}AsyncManager.me().execute(AsyncFactory.recordLogininfor(userName, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success")));LoginUser loginUser = (LoginUser) authentication.getPrincipal();//TODO 2、生成tokenreturn tokenService.createToken(loginUser);}}

①由于在LoginServiceImpl.java文件中定義了免密常量，所以需要在Constants文件中增加免密常量

/*** 免密常量*/public static final String CUSTOM_LOGIN_SMS = "CUSTOM_LOGIN_SMS";

②由于在LoginServiceImpl.java文件中使用了自定義的AES解密方式，所以需要定義該類

AESForNodejs.java

package com.ruoyi.web.controller.tool;import java.security.MessageDigest;import javax.crypto.Cipher; import javax.crypto.spec.SecretKeySpec;/*** AES加密，與Nodejs 保持一致* @author lmiky* @date 2014-2-25*/ public class AESForNodejs {public static final String DEFAULT_CODING = "utf-8";/*** 解密* @author lmiky* @date 2014-2-25* @param encrypted* @param seed* @return* @throws Exception*/public static String decrypt(String encrypted) throws Exception {String seed = "1234567887654321";byte[] keyb = seed.getBytes(DEFAULT_CODING);MessageDigest md = MessageDigest.getInstance("MD5");byte[] thedigest = md.digest(keyb);SecretKeySpec skey = new SecretKeySpec(thedigest, "AES");Cipher dcipher = Cipher.getInstance("AES");dcipher.init(Cipher.DECRYPT_MODE, skey);byte[] clearbyte = dcipher.doFinal(toByte(encrypted));return new String(clearbyte);}/*** 加密* @author lmiky* @date 2014-2-25* @param content* @param key* @return* @throws Exception*/public static String encrypt(String content) throws Exception {String key = "1234567887654321";byte[] input = content.getBytes(DEFAULT_CODING);MessageDigest md = MessageDigest.getInstance("MD5");byte[] thedigest = md.digest(key.getBytes(DEFAULT_CODING));SecretKeySpec skc = new SecretKeySpec(thedigest, "AES");Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");cipher.init(Cipher.ENCRYPT_MODE, skc);byte[] cipherText = new byte[cipher.getOutputSize(input.length)];int ctLength = cipher.update(input, 0, input.length, cipherText, 0);ctLength += cipher.doFinal(cipherText, ctLength);return parseByte2HexStr(cipherText);}/*** 字符串轉字節數組* @author lmiky* @date 2014-2-25* @param hexString* @return*/private static byte[] toByte(String hexString) {int len = hexString.length() / 2;byte[] result = new byte[len];for (int i = 0; i < len; i++) {result[i] = Integer.valueOf(hexString.substring(2 * i, 2 * i + 2), 16).byteValue();}return result;}/*** 字節轉16進制數組* @author lmiky* @date 2014-2-25* @param buf* @return*/private static String parseByte2HexStr(byte buf[]) {StringBuffer sb = new StringBuffer();for (int i = 0; i < buf.length; i++) {String hex = Integer.toHexString(buf[i] & 0xFF);if (hex.length() == 1) {hex = '0' + hex;}sb.append(hex);}return sb.toString();} }

如此輸入手機號+密碼便可以實現特定方式的加密解密登錄！

總結

以上是生活随笔為你收集整理的若依项目实现手机号+密码登录且密码验证为自定义加密方式的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。