feat(system): 加密方式调整

2026-03-30 16:22:20 +08:00
parent 1e47618406
commit a22991f7a0
14 changed files with 100 additions and 28 deletions
--- a/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/controller/admin/auth/AuthController.java
+++ b/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/controller/admin/auth/AuthController.java
@@ -4,6 +4,7 @@ import cn.hutool.core.collection.CollUtil;
 import cn.hutool.core.util.StrUtil;
 import com.njcn.rdms.framework.common.enums.CommonStatusEnum;
 import com.njcn.rdms.framework.common.pojo.CommonResult;
+import com.njcn.rdms.framework.encrypt.core.annotation.ApiEncrypt;
 import com.njcn.rdms.framework.security.config.SecurityProperties;
 import com.njcn.rdms.framework.security.core.util.SecurityFrameworkUtils;
 import com.njcn.rdms.module.system.controller.admin.auth.vo.AuthLoginReqVO;
@@ -69,6 +70,7 @@ public class AuthController {
    @PostMapping("/login")
    @PermitAll
    @Operation(summary = "使用账号密码登录")
+    @ApiEncrypt(response = false, requestFields = {"password"})
    public CommonResult<AuthLoginRespVO> login(@RequestBody @Valid AuthLoginReqVO reqVO) {
        return success(authService.login(reqVO));
    }
@@ -141,6 +143,7 @@ public class AuthController {
    @PostMapping("/register")
    @PermitAll
    @Operation(summary = "注册用户")
+    @ApiEncrypt(response = false, requestFields = {"password"})
    public CommonResult<AuthLoginRespVO> register(@RequestBody @Valid AuthRegisterReqVO registerReqVO) {
        return success(authService.register(registerReqVO));
    }
--- a/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/controller/admin/user/UserController.java
+++ b/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/controller/admin/user/UserController.java
@@ -6,6 +6,7 @@ import com.njcn.rdms.framework.common.enums.CommonStatusEnum;
 import com.njcn.rdms.framework.common.pojo.CommonResult;
 import com.njcn.rdms.framework.common.pojo.PageParam;
 import com.njcn.rdms.framework.common.pojo.PageResult;
+import com.njcn.rdms.framework.encrypt.core.annotation.ApiEncrypt;
 import com.njcn.rdms.framework.excel.core.util.ExcelUtils;
 import com.njcn.rdms.module.system.controller.admin.user.vo.user.UserImportExcelVO;
 import com.njcn.rdms.module.system.controller.admin.user.vo.user.UserImportRespVO;
@@ -67,6 +68,7 @@ public class UserController {
    @PostMapping("/create")
    @Operation(summary = "新增用户")
    @PreAuthorize("@ss.hasPermission('system:user:create')")
+    @ApiEncrypt(response = false, requestFields = {"password"})
    public CommonResult<Long> createUser(@Valid @RequestBody UserSaveReqVO reqVO) {
        Long id = userService.createUser(reqVO);
        return success(id);
@@ -101,6 +103,7 @@ public class UserController {
    @PutMapping("/update-password")
    @Operation(summary = "重置用户密码")
    @PreAuthorize("@ss.hasPermission('system:user:update-password')")
+    @ApiEncrypt(response = false, requestFields = {"password"})
    public CommonResult<Boolean> updateUserPassword(@Valid @RequestBody UserUpdatePasswordReqVO reqVO) {
        userService.updateUserPassword(reqVO.getId(), reqVO.getPassword());
        return success(true);
--- a/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/controller/admin/user/UserProfileController.java
+++ b/rdms-system/rdms-system-boot/src/main/java/com/njcn/rdms/module/system/controller/admin/user/UserProfileController.java
@@ -2,6 +2,7 @@ package com.njcn.rdms.module.system.controller.admin.user;

 import com.njcn.rdms.framework.common.pojo.CommonResult;
 import com.njcn.rdms.framework.common.enums.CommonStatusEnum;
+import com.njcn.rdms.framework.encrypt.core.annotation.ApiEncrypt;
 import com.njcn.rdms.module.system.controller.admin.user.vo.profile.UserProfileRespVO;
 import com.njcn.rdms.module.system.controller.admin.user.vo.profile.UserProfileUpdatePasswordReqVO;
 import com.njcn.rdms.module.system.controller.admin.user.vo.profile.UserProfileUpdateReqVO;
@@ -77,6 +78,7 @@ public class UserProfileController {

    @PutMapping("/update-password")
    @Operation(summary = "修改用户个人密码")
+    @ApiEncrypt(response = false, requestFields = {"oldPassword", "newPassword"})
    public CommonResult<Boolean> updateUserProfilePassword(@Valid @RequestBody UserProfileUpdatePasswordReqVO reqVO) {
        userService.updateUserPassword(getLoginUserId(), reqVO);
        return success(true);
--- a/rdms-system/rdms-system-boot/src/main/resources/application-dev.yaml
+++ b/rdms-system/rdms-system-boot/src/main/resources/application-dev.yaml
@@ -7,12 +7,12 @@ spring:
      username: # Nacos 账号
      password: # Nacos 密码
      discovery: # 【配置中心】配置项
-        namespace: dev # 命名空间。这里使用 dev 开发环境
+        namespace: 1e0fcd92-49b4-4cda-b531-828c7d36fef5 # 命名空间。这里使用 dev 开发环境
        group: DEFAULT_GROUP # 使用的 Nacos 配置分组，默认为 DEFAULT_GROUP
        metadata:
          version: 1.0.0 # 服务实例的版本号，可用于灰度发布
      config: # 【注册中心】配置项
-        namespace: dev # 命名空间。这里使用 dev 开发环境
+        namespace: 1e0fcd92-49b4-4cda-b531-828c7d36fef5 # 命名空间。这里使用 dev 开发环境
        group: DEFAULT_GROUP # 使用的 Nacos 配置分组，默认为 DEFAULT_GROUP

 #################### 数据库相关配置 ####################
--- a/rdms-system/rdms-system-boot/src/main/resources/application-local.yaml
+++ b/rdms-system/rdms-system-boot/src/main/resources/application-local.yaml
@@ -6,12 +6,12 @@ spring:
      username: # Nacos 账号
      password: # Nacos 密码
      discovery: # 【配置中心】配置项
-        namespace: dev # 命名空间。这里使用 dev 开发环境
+        namespace: 1e0fcd92-49b4-4cda-b531-828c7d36fef5 # 命名空间。这里使用 dev 开发环境
        group: DEFAULT_GROUP # 使用的 Nacos 配置分组，默认为 DEFAULT_GROUP
        metadata:
          version: 1.0.0 # 服务实例的版本号，可用于灰度发布
      config: # 【注册中心】配置项
-        namespace: dev # 命名空间。这里使用 dev 开发环境
+        namespace: 1e0fcd92-49b4-4cda-b531-828c7d36fef5 # 命名空间。这里使用 dev 开发环境
        group: DEFAULT_GROUP # 使用的 Nacos 配置分组，默认为 DEFAULT_GROUP

 #################### 数据库相关配置 ####################
--- a/rdms-system/rdms-system-boot/src/main/resources/application.yaml
+++ b/rdms-system/rdms-system-boot/src/main/resources/application.yaml
@@ -119,6 +119,10 @@ rdms:
  websocket:
    enable: true # 是否开启 WebSocket
    path: /system/ws # WebSocket 路径
+  api-encrypt:
+    enable: true # 启用密码相关接口的请求解密能力
+    header: X-Api-Encrypt # 请求加密标记头
+    algorithm: RSA # 密码相关接口的请求体采用 RSA 非对称加密
+    request-key: 'MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC/aShtWjlpINa+ZZkgp4sbt2jA4tPCN1YjDLv5SZMHDd7q8lbkE0SOudbuSKp5P3tVCPZXowyZom5+l56AAIYCaG5OcbzeRUtB6JcvmuU9SZ008zw7z2BIzeIzMtJSGf6u8BocVeMo27bGyyh1ifUXbpKVU7V7DBLzYADAQ9Jqi0vsqrxDGDu+Zm3LpFwSOnv85pgC0d+9re57CIYynXVmTLAo+V5DedPsceNCAByRs1kUyFMwyoPNbmgjcpKbewD6laxR9GtnFR/bCzfnz8Up7ANtuHCPe7vfU1teU75ZR+/cW9t2GS1e1T/XkULRv5PH5gchSGQ1NHO4imIbv5dzAgMBAAECggEACTjSS051BKUh44N2mLWpxJiWEfD7vdg3rLGg3tZWIJlg+5XYbN2myG+YtNtIZ1YRJZwsbjV7Vm2WgD/i0Yz05+nLIrllHZpeEVtY6WC/ma/RxKrRZJpNq8RLmSbiLjV1aU1FHMdgjefkCvjfxqXyaoIXyt0BGeAPi6087AZ4fUyKVYgPyGr53RnD8+4nCDaRhZYMCv6zpb+YVF3llZZNhvK7+hDLZX0WhUgIAzStzFsPZhDfJxW8MQFB4FNtmnJ4kpInkgIAROlfVvKIwRKwoCH+sveGjYdlZR/wTYt6HQoKudG9Qx2IssUcVGFwAsCiWM+81rfBDd5pMUwzyGQ9OQKBgQDHOp7Eio4M6LaPO1Uz6Ozlp28evWBVPaU+wk50p5SQl//pF0VgDkmrrt3Wu9IppBL6VObIzjOsZJrEVHXheA/1qqOVYm/m6nel1EUAqbIqxREtw+GJPoKp3Ql1CxK6pvm/KxOhJvCDIUNCZ4in+rvsCvquF784iIbQ33ED3hWi2wKBgQD19DbAL1Y6/XHXX17t6yZJVsIijmSOo5tjeNHouOSP5emgc8i2ESaW4WPIzkgi7EJ2aertgUkwIOpunYvMWYfn6zrYNaSuvCCZF+6oIiYPPXEVZJTnzGA/KsJtHeH6xtiGuettw6RnPxXvNZibJhfLdOqQvZmRDRTXh/MiRuelSQKBgQC154IbNd7pTnmRYb0zvlK+hRfiW0rfyX9dRBBaVsBBHWedrY+8Wo9NYEZQ0ADd4F8rjeWCJzPrDZh59hwDl5oK1pixxsUhc6d3E89FAawZfQFoZddBdn/bFGSUJ14camTR9UTg+SrUr8Q3l0yhA0AeDxA/cJM5zP47LCiGPXpHzQKBgQDV00sGKiE9h7nBFBjjntvaRqLgiArEN1iQUimruZJ7x9YkuIR2RNLXuXuWyD/OnLfrWonzkcKfJP6qzC0Nq4iMB+VQstJJVyS/9B537bhI55G4l4kdPIEwaWw+kQw1iUoVVu1mr//uAtp+7ImP2L43E54Z17v6bvT/rCGkWyBogQKBgQC6pqnciYteAE5KmWnPM9LWoEorSBPCzbWCVwuja7NbVoADUPvAnUeDgvKs8KpWvL+X3eRGSZXOBqjBMsdDPBnQzr5yZCI3Mv6Svg9RxBfuWw1mF1w2GAwK1r7+6ZDwxFqRUiVUACRRJ8S1kBa+CvNWm7UFi/7V1D4UDyKKmBU6Sw=='

 debug: false
-