From 6b21290b17702ace3bf97cbe2e2e7c673a1adf70 Mon Sep 17 00:00:00 2001 From: shichen Date: Mon, 13 Dec 2021 16:37:44 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E4=BC=AA=E9=80=A0cookie?= =?UTF-8?q?=E7=99=BB=E5=BD=95=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../java/com/sohu/cache/util/ConstUtils.java | 2 + .../UserLoginStatusCookieServiceImpl.java | 40 ++++- .../com/sohu/cache/web/util/AESCoder.java | 164 ++++++++++++++++++ .../main/resources/static/wiki/intro/index.md | 2 +- .../resources/static/wiki/quickstart/index.md | 2 +- redis-ecs/help.md | 2 +- 6 files changed, 207 insertions(+), 5 deletions(-) create mode 100644 cachecloud-web/src/main/java/com/sohu/cache/web/util/AESCoder.java diff --git a/cachecloud-web/src/main/java/com/sohu/cache/util/ConstUtils.java b/cachecloud-web/src/main/java/com/sohu/cache/util/ConstUtils.java index dde2b6fe..4f3cb1ed 100644 --- a/cachecloud-web/src/main/java/com/sohu/cache/util/ConstUtils.java +++ b/cachecloud-web/src/main/java/com/sohu/cache/util/ConstUtils.java @@ -132,6 +132,7 @@ public class ConstUtils { */ public static final String DEFAULT_USERNAME = "cachecloud"; public static final String DEFAULT_PASSWORD = "cachecloud"; + public static final String DEFAULT_USER_LOGIN_ENCRY_KEY = "97c9d9de0a2dbd64"; public static final int DEFAULT_SSH_PORT_DEFAULT = 22; /** * ssh授权方式:参考SshAuthTypeEnum @@ -219,6 +220,7 @@ public class ConstUtils { public static String SUPER_ADMIN_NAME = DEFAULT_SUPER_ADMIN_NAME; public static String SUPER_ADMIN_PASS = DEFAULT_SUPER_ADMIN_PASS; public static String SUPER_ADMINS = DEFAULT_SUPER_ADMINS; + public static String USER_LOGIN_ENCRY_KEY = DEFAULT_USER_LOGIN_ENCRY_KEY; public static List SUPER_MANAGER; /** * 联系人 diff --git a/cachecloud-web/src/main/java/com/sohu/cache/web/service/impl/UserLoginStatusCookieServiceImpl.java b/cachecloud-web/src/main/java/com/sohu/cache/web/service/impl/UserLoginStatusCookieServiceImpl.java index 699f144b..d9a1394c 100644 --- a/cachecloud-web/src/main/java/com/sohu/cache/web/service/impl/UserLoginStatusCookieServiceImpl.java +++ b/cachecloud-web/src/main/java/com/sohu/cache/web/service/impl/UserLoginStatusCookieServiceImpl.java @@ -4,11 +4,14 @@ import com.sohu.cache.login.LoginComponent; import com.sohu.cache.util.ConstUtils; import com.sohu.cache.util.EnvUtil; +import com.sohu.cache.util.StringUtil; import com.sohu.cache.web.service.UserLoginStatusService; import com.sohu.cache.web.service.UserService; -import com.sohu.cache.web.util.IpUtil; +import com.sohu.cache.web.util.AESCoder; import com.sohu.cache.web.util.WebUtil; import org.apache.commons.lang.StringUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.core.env.Environment; import org.springframework.stereotype.Service; @@ -16,6 +19,7 @@ import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import java.util.Random; /** * cookie保护登录状态 @@ -25,6 +29,8 @@ @Service("userLoginStatusService") public class UserLoginStatusCookieServiceImpl implements UserLoginStatusService { + private Logger logger = LoggerFactory.getLogger(UserLoginStatusCookieServiceImpl.class); + @Autowired private LoginComponent loginComponent; @@ -34,13 +40,29 @@ public class UserLoginStatusCookieServiceImpl implements UserLoginStatusService @Autowired private Environment environment; + private static final String CONCATE_STR = "&&"; + @Override public String getUserNameFromLoginStatus(HttpServletRequest request) { if (EnvUtil.isLocal(environment)) { //todo for local return "admin"; } - String userName = WebUtil.getLoginCookieValue(request); + String userName = null; + String userCookie = null; + String cookie = WebUtil.getLoginCookieValue(request); + try { + userCookie = AESCoder.decrypt(cookie, ConstUtils.USER_LOGIN_ENCRY_KEY); + } catch (Exception e) { + logger.error("getUserNameFromLoginStatus decrypt error: ", e); + } + if(StringUtil.isBlank(userCookie)){ + return null; + } + String[] userInfos = userCookie.split(CONCATE_STR); + if(userInfos != null && userInfos.length > 0){ + userName = userInfos[0]; + } if (StringUtils.isNotBlank(userName)) { return userName; } @@ -80,6 +102,16 @@ public String getRegisterUrl(AppUser user) { @Override public void addLoginStatus(HttpServletRequest request, HttpServletResponse response, String userName) { + if(userName == null){ + userName = ""; + }else{ + userName = userName + CONCATE_STR + getRandomStr4Encrypt(); + try { + userName = AESCoder.encrypt(userName, ConstUtils.USER_LOGIN_ENCRY_KEY); + } catch (Exception e) { + logger.error("addLoginStatus encrypt error: ",e); + } + } Cookie cookie = new Cookie(LOGIN_USER_STATUS_NAME, userName); cookie.setDomain(request.getServerName()); cookie.setPath("/"); @@ -91,4 +123,8 @@ public void addLoginStatus(HttpServletRequest request, HttpServletResponse respo public void removeLoginStatus(HttpServletRequest request, HttpServletResponse response) { addLoginStatus(request, response, ""); } + + private String getRandomStr4Encrypt(){ + return String.valueOf(new Random().nextInt(Integer.MAX_VALUE)); + } } diff --git a/cachecloud-web/src/main/java/com/sohu/cache/web/util/AESCoder.java b/cachecloud-web/src/main/java/com/sohu/cache/web/util/AESCoder.java new file mode 100644 index 00000000..c8896fa9 --- /dev/null +++ b/cachecloud-web/src/main/java/com/sohu/cache/web/util/AESCoder.java @@ -0,0 +1,164 @@ +package com.sohu.cache.web.util; + +import com.sohu.cache.util.StringUtil; + +import javax.crypto.Cipher; +import javax.crypto.KeyGenerator; +import javax.crypto.SecretKey; +import javax.crypto.spec.SecretKeySpec; +import java.security.Key; + +public class AESCoder { + + /** + * 密钥算法 + * java6支持56位密钥,bouncycastle支持64位 + * */ + public static final String KEY_ALGORITHM="AES"; + + /** + * 加密/解密算法/工作模式/填充方式 + * + * JAVA6 支持PKCS5PADDING填充方式 + * Bouncy castle支持PKCS7Padding填充方式 + * */ + public static final String CIPHER_ALGORITHM="AES/ECB/PKCS5Padding"; + + /** + * + * 生成密钥,java6只支持56位密钥,bouncycastle支持64位密钥 + * @return byte[] 二进制密钥 + * */ + public static byte[] initkey() throws Exception{ + + //实例化密钥生成器 + KeyGenerator kg=KeyGenerator.getInstance(KEY_ALGORITHM); + //初始化密钥生成器,AES要求密钥长度为128位、192位、256位 + kg.init(256); + //生成密钥 + SecretKey secretKey=kg.generateKey(); + //获取二进制密钥编码形式 + return secretKey.getEncoded(); + } + /** + * 转换密钥 + * @param key 二进制密钥 + * @return Key 密钥 + * */ + public static Key toKey(byte[] key) throws Exception{ + //实例化DES密钥 + //生成密钥 + SecretKey secretKey=new SecretKeySpec(key,KEY_ALGORITHM); + return secretKey; + } + + /** + * 加密数据 + * @param data 待加密数据 + * @return byte[] 加密后的数据 + * */ + public static String encrypt(String data, String key) throws Exception{ + if(StringUtil.isBlank(data)){ + return ""; + } + byte[] encrypt = encrypt(data.getBytes(), key.getBytes()); + return parseByte2HexStr(encrypt); + } + + /** + * 加密数据 + * @param data 待加密数据 + * @param key 密钥 + * @return byte[] 加密后的数据 + * */ + public static byte[] encrypt(byte[] data,byte[] key) throws Exception{ + //还原密钥 + Key k=toKey(key); + /** + * 实例化 + * 使用 PKCS7PADDING 填充方式,按如下方式实现,就是调用bouncycastle组件实现 + * Cipher.getInstance(CIPHER_ALGORITHM,"BC") + */ + Cipher cipher=Cipher.getInstance(CIPHER_ALGORITHM); + //初始化,设置为加密模式 + cipher.init(Cipher.ENCRYPT_MODE, k); + //执行操作 + return cipher.doFinal(data); + } + + /** + * 解密数据 + * @param data 待解密数据 + * @return byte[] 解密后的数据 + * */ + public static String decrypt(String data, String key) throws Exception{ + if(StringUtil.isBlank(data)){ + return null; + } + byte[] dataByte = parseHexStr2Byte(data); + if(dataByte == null || dataByte.length < 1){ + return null; + } + byte[] decrypt = decrypt(dataByte, key.getBytes()); + return new String(decrypt, "UTF-8"); + } + + /** + * 解密数据 + * @param data 待解密数据 + * @param key 密钥 + * @return byte[] 解密后的数据 + * */ + public static byte[] decrypt(byte[] data,byte[] key) throws Exception{ + //欢迎密钥 + Key k =toKey(key); + /** + * 实例化 + * 使用 PKCS7PADDING 填充方式,按如下方式实现,就是调用bouncycastle组件实现 + * Cipher.getInstance(CIPHER_ALGORITHM,"BC") + */ + Cipher cipher=Cipher.getInstance(CIPHER_ALGORITHM); + //初始化,设置为解密模式 + cipher.init(Cipher.DECRYPT_MODE, k); + //执行操作 + return cipher.doFinal(data); + } + + /** + * 将16进制转换为二进制 + * + * @param hexStr 字符串 + * @return 字节数组 + */ + public static byte[] parseHexStr2Byte(String hexStr) { + if (hexStr.length() < 1) { + return null; + } + byte[] result = new byte[hexStr.length() / 2]; + for (int i = 0; i < hexStr.length() / 2; i++) { + int high = Integer.parseInt(hexStr.substring(i * 2, i * 2 + 1), 16); + int low = Integer.parseInt(hexStr.substring(i * 2 + 1, i * 2 + 2), 16); + result[i] = (byte) (high * 16 + low); + } + return result; + } + + /** + * 将二进制转换成16进制 + * + * @param buf 字节数组 + * @return 字符串 + */ + public static String parseByte2HexStr(byte buf[]) { + StringBuffer sb = new StringBuffer(); + for (int i = 0; i < buf.length; i++) { + String hex = Integer.toHexString(buf[i] & 0xFF); + if (hex.length() == 1) { + hex = '0' + hex; + } + sb.append(hex.toUpperCase()); + } + return sb.toString(); + } + +} \ No newline at end of file diff --git a/cachecloud-web/src/main/resources/static/wiki/intro/index.md b/cachecloud-web/src/main/resources/static/wiki/intro/index.md index 0d5b143a..9369142b 100644 --- a/cachecloud-web/src/main/resources/static/wiki/intro/index.md +++ b/cachecloud-web/src/main/resources/static/wiki/intro/index.md @@ -43,7 +43,7 @@ CacheCloud是一个Redis云管理平台:支持Redis多种架构(Standalone、S ## 五、阿里云ecs试用版本 -+ CacheCloud后台地址:[地址](http://47.97.112.178:8080/admin/app/list) ++ CacheCloud后台地址:[地址](http://122.9.1.235:8080/admin/app/list) + 用户名/登录密码:cachecloud_user:cachecloud_user + 开源版本试用时间: 2021-01-18 ,如果大家有空闲公网资源可以贡献,请[联系我们](#cc8) diff --git a/cachecloud-web/src/main/resources/static/wiki/quickstart/index.md b/cachecloud-web/src/main/resources/static/wiki/quickstart/index.md index 133c2dac..4b616e2e 100644 --- a/cachecloud-web/src/main/resources/static/wiki/quickstart/index.md +++ b/cachecloud-web/src/main/resources/static/wiki/quickstart/index.md @@ -91,7 +91,7 @@ b.也可以clone源码,自行打包: * 1.准备脚本 - 下载 [cachecloud-init.sh](http://47.97.112.178/redis-ecs/script) + 下载 [cachecloud-init.sh](http://122.9.1.235/redis-ecs/script) cachecloud-init.sh脚本作用: a.初始化环境变量 diff --git a/redis-ecs/help.md b/redis-ecs/help.md index e95d509f..cf4fb5b1 100644 --- a/redis-ecs/help.md +++ b/redis-ecs/help.md @@ -1,6 +1,6 @@ ### 资源说明 -由于github不能上传过大资源包,这里提供临时的下载地址:[资源下载](http://47.97.112.178/redis-ecs/) +由于github不能上传过大资源包,这里提供临时的下载地址:[资源下载](http://122.9.1.235/redis-ecs/) ### 1. 准备Redis二进制资源包: