完善密码加密

lenve · lenve · commit abc45a9366c0 · 2020-05-15T15:53:24.000+08:00
diff --git a/blogserver/pom.xml b/blogserver/pom.xml
@@ -14,7 +14,7 @@
 	<parent>
 		<groupId>org.springframework.boot</groupId>
 		<artifactId>spring-boot-starter-parent</artifactId>
-		<version>1.5.9.RELEASE</version>
+		<version>2.2.7.RELEASE</version>
 		<relativePath/> <!-- lookup parent from repository -->
 	</parent>
 
diff --git a/blogserver/src/main/java/org/sang/config/MyPasswordEncoder.java b/blogserver/src/main/java/org/sang/config/MyPasswordEncoder.java
@@ -0,0 +1,27 @@
+package org.sang.config;
+
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.stereotype.Component;
+import org.springframework.util.DigestUtils;
+
+/**
+ * @作者 江南一点雨
+ * @微信公众号 江南一点雨
+ * @网站 http://www.itboyhub.com
+ * @国际站 http://www.javaboy.org
+ * @微信 a_java_boy
+ * @GitHub https://github.com/lenve
+ * @Gitee https://gitee.com/lenve
+ */
+@Component
+public class MyPasswordEncoder implements PasswordEncoder {
+    @Override
+    public String encode(CharSequence rawPassword) {
+        return DigestUtils.md5DigestAsHex(rawPassword.toString().getBytes());
+    }
+
+    @Override
+    public boolean matches(CharSequence rawPassword, String encodedPassword) {
+        return encodedPassword.equals(DigestUtils.md5DigestAsHex(rawPassword.toString().getBytes()));
+    }
+}
diff --git a/blogserver/src/main/java/org/sang/config/WebSecurityConfig.java b/blogserver/src/main/java/org/sang/config/WebSecurityConfig.java
@@ -32,22 +32,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 
     @Override
     protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-        auth.userDetailsService(userService).passwordEncoder(new PasswordEncoder() {
-            @Override
-            public String encode(CharSequence charSequence) {
-                return DigestUtils.md5DigestAsHex(charSequence.toString().getBytes());
-            }
-
-            /**
-             * @param charSequence 明文
-             * @param s 密文
-             * @return
-             */
-            @Override
-            public boolean matches(CharSequence charSequence, String s) {
-                return s.equals(DigestUtils.md5DigestAsHex(charSequence.toString().getBytes()));
-            }
-        });
+        auth.userDetailsService(userService);
     }
 
     @Override
diff --git a/blogserver/src/main/java/org/sang/controller/LoginRegController.java b/blogserver/src/main/java/org/sang/controller/LoginRegController.java
@@ -4,6 +4,7 @@
 import org.sang.bean.User;
 import org.sang.service.UserService;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
@@ -38,7 +39,7 @@ public RespBean loginPage() {
         return new RespBean("error", "尚未登录，请登录!");
     }
 
-    @RequestMapping("/reg")
+    @PostMapping("/reg")
     public RespBean reg(User user) {
         int result = userService.reg(user);
         if (result == 0) {
diff --git a/blogserver/src/main/java/org/sang/service/UserService.java b/blogserver/src/main/java/org/sang/service/UserService.java
@@ -2,13 +2,15 @@
 
 import org.sang.bean.Role;
 import org.sang.bean.User;
+import org.sang.config.MyPasswordEncoder;
 import org.sang.mapper.RolesMapper;
 import org.sang.mapper.UserMapper;
 import org.sang.utils.Util;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 import org.springframework.util.DigestUtils;
@@ -25,6 +27,8 @@ public class UserService implements UserDetailsService {
     UserMapper userMapper;
     @Autowired
     RolesMapper rolesMapper;
+    @Autowired
+    PasswordEncoder passwordEncoder;
 
     @Override
     public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {
@@ -51,7 +55,7 @@ public int reg(User user) {
             return 1;
         }
         //插入用户,插入之前先对密码进行加密
-        user.setPassword(DigestUtils.md5DigestAsHex(user.getPassword().getBytes()));
+        user.setPassword(passwordEncoder.encode(user.getPassword()));
         user.setEnabled(true);//用户可用
         long result = userMapper.reg(user);
         //配置用户的角色，默认都是普通用户
diff --git a/blogserver/src/main/resources/application.properties b/blogserver/src/main/resources/application.properties
@@ -1,7 +1,7 @@
 spring.datasource.type=com.alibaba.druid.pool.DruidDataSource
-spring.datasource.url=jdbc:mysql:///vueblog?useUnicode=true&characterEncoding=UTF-8
-spring.datasource.username=username
-spring.datasource.password=password
+spring.datasource.url=jdbc:mysql:///vueblog2?useUnicode=true&characterEncoding=UTF-8&serverTimezone=Asia/Shanghai
+spring.datasource.username=root
+spring.datasource.password=123
 mybatis.config-location=classpath:/mybatis-config.xml
         
 server.port=8081
