Ana Sayfa Keşfet Yardım
Giriş Yap
skl
/
skl-service
2
0
Çatalla 0
Dosyalar Sorunlar 0 Değişiklik İstekleri 0 Wiki
Kaynağa Gözat

修改消息加密方法

asd123a20 2 yıl önce
ebeveyn
5d6eb473b3
işleme
4541c3f9c3
7 değiştirilmiş dosya ile 35 ekleme ve 23 silme
Görünümü Böl Farklılık Durumunu Göster
  1. 7 6
      service-log/app/service/log.js
  2. 8 8
      service-login/app/controller/pwdlogin.js
  3. 1 0
      service-login/app/model/adminUser.js
  4. 1 0
      service-login/package.json
  5. 1 0
      service-naf/app/model/adminUser.js
  6. 15 8
      service-naf/app/service/adminUser.js
  7. 2 1
      service-naf/package.json

+ 7 - 6
service-log/app/service/log.js
Dosyayı Görüntüle 

@@ -9,11 +9,11 @@ class LogService extends Service {
 
     this.model = this.ctx.model.Log;
 
   }
 
   async create({ service, module, method, details, result, userName, name }) {
 
-    assert(service, '服务不存在');
 
-    assert(module, '模块不存在');
 
-    assert(method, '方法不存在');
 
-    assert(details, '详情不存在');
 
-    assert(result, '结果不存在');
 
+    assert(service, 'service不存在');
 
+    assert(module, 'module不存在');
 
+    assert(method, 'method不存在');
 
+    assert(details, 'details不存在');
 
+    assert(result, 'result不存在');
 
     try {
 
       const createAt = moment().format('x');
 
       const updateAt = moment().format('x');
 
@@ -54,7 +54,8 @@ class LogService extends Service {
 
       const total = await this.model.find({ ...filter });
 
       let res;
 
       if (skip && limit) {
 
-        res = await this.model.find({ ...filter }).skip(Number(skip) * Number(limit)).limit(Number(limit)).sort({ createAt: -1 });
 
+        res = await this.model.find({ ...filter }).sort({ createAt: -1 }).skip(Number(skip) * Number(limit))
 
+          .limit(Number(limit));
 
       } else {
 
         res = await this.model.find({ ...filter });
 
       }

+ 8 - 8
service-login/app/controller/pwdlogin.js
Dosyayı Görüntüle 

@@ -1,7 +1,7 @@
 
 'use strict';
 
 
 const Controller = require('egg').Controller;
 
-const crypto = require('crypto');
 
+const sm3 = require('sm3');
 
 const assert = require('assert');
 
 const jsonwebtoken = require('jsonwebtoken');
 
 const svgCaptcha = require('svg-captcha');
 
@@ -32,22 +32,22 @@ class LoginController extends Controller {
 
     // 验证码
 
     const redisCode = await this.app.redis.get(uuid);
 
     if (!redisCode) {
 
-      this.ctx.body = { errcode: -1001, errmsg: '验证码已失效', dat: '' };
 
+      this.ctx.body = { errcode: -1001, errmsg: '验证码已失效', data: '' };
 
       return;
 
     }
 
     if (code !== redisCode) {
 
-      this.ctx.body = { errcode: -1001, errmsg: '验证码错误', dat: '' };
 
+      this.ctx.body = { errcode: -1001, errmsg: '验证码错误', data: '' };
 
       return;
 
     }
 
-    // 密码
 
-    const pwd = crypto.createHash('md5').update(password).digest('hex');
 
     const res = await this.model.findOne({ userName });
 
+    // 密码
 
+    const pwd = sm3(`${password}:${res.salt}`);
 
     if (!res) {
 
-      this.ctx.body = { errcode: -1001, errmsg: '用户不存在', dat: '' };
 
+      this.ctx.body = { errcode: -1001, errmsg: '用户不存在', data: '' };
 
       return;
 
     }
 
-    if (res && res.password !== pwd) {
 
-      this.ctx.body = { errcode: -1001, errmsg: '密码错误', dat: '' };
 
+    if (res.password !== pwd) {
 
+      this.ctx.body = { errcode: -1001, errmsg: '密码错误', data: { pwd, password: res.password, salt: res.salt } };
 
       return;
 
     }
 
     const token = jsonwebtoken.sign({ ...res }, jwt.secret, { expiresIn: jwt.expiresIn, issuer: jwt.issuer });

+ 1 - 0
service-login/app/model/adminUser.js
Dosyayı Görüntüle 

@@ -6,6 +6,7 @@ const SchemaDefine = {
 
   openid: { type: String, required: false },
 
   name: { type: String, required: false },
 
   phone: { type: String, required: false },
 
+  salt: { type: String, required: true },
 
 };
 
 const schema = new Schema(SchemaDefine);
 
 module.exports = app => {

+ 1 - 0
service-login/package.json
Dosyayı Görüntüle 

@@ -14,6 +14,7 @@
 
     "egg-scripts": "^2.11.0",
 
     "egg-view-nunjucks": "^2.3.0",
 
     "jsonwebtoken": "^8.5.1",
 
+    "sm3": "^1.0.3",
 
     "svg-captcha": "^1.4.0",
 
     "uuid": "^8.3.2"
 
   },

+ 1 - 0
service-naf/app/model/adminUser.js
Dosyayı Görüntüle 

@@ -6,6 +6,7 @@ const SchemaDefine = {
 
   openid: { type: String, required: false },
 
   name: { type: String, required: false },
 
   phone: { type: String, required: false },
 
+  salt: { type: String, required: true },
 
 };
 
 const schema = new Schema(SchemaDefine);
 
 module.exports = app => {

+ 15 - 8
service-naf/app/service/adminUser.js
Dosyayı Görüntüle 

@@ -1,7 +1,9 @@
 
 'use strict';
 
-const crypto = require('crypto');
 
+// const crypto = require('crypto');
 
 const assert = require('assert');
 
 const Service = require('egg').Service;
 
+const sm3 = require('sm3');
 
+const uuid = require('uuid');
 
 class AdminUserService extends Service {
 
   constructor(ctx) {
 
     super(ctx);
 
@@ -11,11 +13,16 @@ class AdminUserService extends Service {
 
   async create({ userName, password, openid, name, phone }) {
 
     assert(userName, '缺少用户名');
 
     assert(password, '缺少密码');
 
-    password = crypto.createHash('md5').update(password).digest('hex');
 
+    // 生成uuid盐值
 
+    const salt = uuid.v1();
 
+    // sm3 加盐加密
 
+    password = sm3(`${password}:${salt}`);
 
+    console.log(password, 'password');
 
+    console.log(salt, 'salt');
 
     const obj = await this.model.findOne({ userName });
 
     if (obj) return { errcode: -1001, errmsg: '用户名已存在', data: '' };
 
     try {
 
-      const res = await this.model.create({ userName, password, openid, name, phone });
 
+      const res = await this.model.create({ userName, password, openid, name, phone, salt });
 
       return { errcode: 0, errmsg: 'ok', data: res };
 
     } catch (error) {
 
       throw error;
 
@@ -23,10 +30,10 @@ class AdminUserService extends Service {
 
   }
 
   async update({ id, userName, password, openid, name, phone }) {
 
     assert(id, '缺少用户ID');
 
-    if (password) password = crypto.createHash('md5').update(password).digest('hex');
 
+    const user = await this.model.findOne({ _id: id });
 
+    if (!user) return { errcode: -1001, errmsg: '用户不存在', data: '' };
 
+    if (password) password = sm3(`${password}:${user.salt}`);
 
     try {
 
-      const user = await this.model.findOne({ _id: id });
 
-      if (!user) return { errcode: -1001, errmsg: '用户不存在', data: '' };
 
       await this.model.updateOne({ _id: id }, { userName, password, openid, name, phone });
 
       return { errcode: 0, errmsg: 'ok', data: 'update' };
 
     } catch (error) {
 
@@ -68,11 +75,11 @@ class AdminUserService extends Service {
 
     assert(id, '缺少用ID');
 
     assert(password, '缺少新密码');
 
     assert(oldpassword, '缺少原密码');
 
-    oldpassword = crypto.createHash('md5').update(oldpassword).digest('hex');
 
     const user = await this.model.findOne({ _id: id });
 
     if (!user) return { errcode: -1001, errmsg: '用户不存在', data: '' };
 
+    oldpassword = sm3(`${password}:${user.salt}`);
 
     if (user.password !== oldpassword) return { errcode: -1001, errmsg: '原密码不正确', data: '' };
 
-    password = crypto.createHash('md5').update(password).digest('hex');
 
+    password = sm3(`${password}:${user.salt}`);
 
     try {
 
       const res = await this.model.updateOne({ _id: id }, { password });
 
       return { errcode: 0, errmsg: 'ok', data: { ...res, password: '' } };

+ 2 - 1
service-naf/package.json
Dosyayı Görüntüle 

@@ -10,7 +10,8 @@
 
     "crypto": "^1.0.1",
 
     "egg": "^2.15.1",
 
     "egg-mongoose": "^3.3.1",
 
-    "egg-scripts": "^2.11.0"
 
+    "egg-scripts": "^2.11.0",
 
+    "sm3": "^1.0.3"
 
   },
 
   "devDependencies": {
 
     "autod": "^3.0.1",