From 4d55f5df17ccba0788acf5666f690bd1f8b46804 Mon Sep 17 00:00:00 2001 From: RuoYi Date: Sat, 15 May 2021 21:54:32 +0800 Subject: [PATCH] =?UTF-8?q?=E5=8A=A8=E6=80=81=E7=94=9F=E6=88=90=E5=AF=86?= =?UTF-8?q?=E5=8C=99=EF=BC=8C=E9=98=B2=E6=AD=A2=E9=BB=98=E8=AE=A4=E5=AF=86?= =?UTF-8?q?=E9=92=A5=E6=B3=84=E9=9C=B2?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../src/main/resources/application.yml | 2 -- .../common/utils/security/CipherUtils.java | 36 +++++++++++++++++++ .../ruoyi/framework/config/ShiroConfig.java | 10 ++---- 3 files changed, 38 insertions(+), 10 deletions(-) create mode 100644 ruoyi-common/src/main/java/com/ruoyi/common/utils/security/CipherUtils.java diff --git a/ruoyi-admin/src/main/resources/application.yml b/ruoyi-admin/src/main/resources/application.yml index 4d386ea2..764a13fd 100644 --- a/ruoyi-admin/src/main/resources/application.yml +++ b/ruoyi-admin/src/main/resources/application.yml @@ -108,8 +108,6 @@ shiro: httpOnly: true # 设置Cookie的过期时间,天为单位 maxAge: 30 - # 设置密钥,务必保持唯一性(生成方式,直接拷贝到main运行即可)KeyGenerator keygen = KeyGenerator.getInstance("AES"); SecretKey deskey = keygen.generateKey(); System.out.println(Base64.encodeToString(deskey.getEncoded())); - cipherKey: zSyK5Kp6PZAAjlT+eeNMlg== session: # Session超时时间,-1代表永不过期(默认30分钟) expireTime: 30 diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/utils/security/CipherUtils.java b/ruoyi-common/src/main/java/com/ruoyi/common/utils/security/CipherUtils.java new file mode 100644 index 00000000..34c1a79d --- /dev/null +++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/security/CipherUtils.java @@ -0,0 +1,36 @@ +package com.ruoyi.common.utils.security; + +import java.security.Key; +import java.security.NoSuchAlgorithmException; +import javax.crypto.KeyGenerator; + +/** + * 对称密钥密码算法工具类 + * + * @author ruoyi + */ +public class CipherUtils +{ + /** + * 生成随机秘钥 + * + * @param keyBitSize 字节大小 + * @param algorithmName 算法名称 + * @return 创建密匙 + */ + public static Key generateNewKey(int keyBitSize, String algorithmName) + { + KeyGenerator kg; + try + { + kg = KeyGenerator.getInstance(algorithmName); + } + catch (NoSuchAlgorithmException e) + { + String msg = "Unable to acquire " + algorithmName + " algorithm. This is required to function."; + throw new IllegalStateException(msg, e); + } + kg.init(keyBitSize); + return kg.generateKey(); + } +} diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/ShiroConfig.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/ShiroConfig.java index e34c1889..d6967278 100644 --- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/ShiroConfig.java +++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/ShiroConfig.java @@ -8,7 +8,6 @@ import java.util.Map; import javax.servlet.Filter; import org.apache.commons.io.IOUtils; import org.apache.shiro.cache.ehcache.EhCacheManager; -import org.apache.shiro.codec.Base64; import org.apache.shiro.config.ConfigurationException; import org.apache.shiro.io.ResourceUtils; import org.apache.shiro.mgt.SecurityManager; @@ -23,6 +22,7 @@ import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import com.ruoyi.common.constant.Constants; import com.ruoyi.common.utils.StringUtils; +import com.ruoyi.common.utils.security.CipherUtils; import com.ruoyi.common.utils.spring.SpringUtils; import com.ruoyi.framework.shiro.realm.UserRealm; import com.ruoyi.framework.shiro.session.OnlineSessionDAO; @@ -104,12 +104,6 @@ public class ShiroConfig @Value("${shiro.cookie.maxAge}") private int maxAge; - /** - * 设置cipherKey密钥 - */ - @Value("${shiro.cookie.cipherKey}") - private String cipherKey; - /** * 登录地址 */ @@ -357,7 +351,7 @@ public class ShiroConfig { CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager(); cookieRememberMeManager.setCookie(rememberMeCookie()); - cookieRememberMeManager.setCipherKey(Base64.decode(cipherKey)); + cookieRememberMeManager.setCipherKey(CipherUtils.generateNewKey(128, "AES").getEncoded()); return cookieRememberMeManager; }