接入登录注册密码解密
This commit is contained in:
@@ -18,6 +18,7 @@ import com.ruoyi.common.core.text.Convert;
|
||||
import com.ruoyi.common.utils.DateUtils;
|
||||
import com.ruoyi.common.utils.SecurityUtils;
|
||||
import com.ruoyi.common.utils.StringUtils;
|
||||
import com.ruoyi.framework.web.service.PasswordTransferCryptoService;
|
||||
import com.ruoyi.framework.web.service.SysLoginService;
|
||||
import com.ruoyi.framework.web.service.SysPermissionService;
|
||||
import com.ruoyi.framework.web.service.TokenService;
|
||||
@@ -47,6 +48,9 @@ public class SysLoginController
|
||||
@Autowired
|
||||
private ISysConfigService configService;
|
||||
|
||||
@Autowired
|
||||
private PasswordTransferCryptoService passwordTransferCryptoService;
|
||||
|
||||
/**
|
||||
* 登录方法
|
||||
*
|
||||
@@ -57,6 +61,7 @@ public class SysLoginController
|
||||
public AjaxResult login(@RequestBody LoginBody loginBody)
|
||||
{
|
||||
AjaxResult ajax = AjaxResult.success();
|
||||
loginBody.setPassword(passwordTransferCryptoService.decrypt(loginBody.getPassword()));
|
||||
// 生成令牌
|
||||
String token = loginService.login(loginBody.getUsername(), loginBody.getPassword(), loginBody.getCode(),
|
||||
loginBody.getUuid());
|
||||
|
||||
@@ -8,6 +8,7 @@ import com.ruoyi.common.core.controller.BaseController;
|
||||
import com.ruoyi.common.core.domain.AjaxResult;
|
||||
import com.ruoyi.common.core.domain.model.RegisterBody;
|
||||
import com.ruoyi.common.utils.StringUtils;
|
||||
import com.ruoyi.framework.web.service.PasswordTransferCryptoService;
|
||||
import com.ruoyi.framework.web.service.SysRegisterService;
|
||||
import com.ruoyi.system.service.ISysConfigService;
|
||||
|
||||
@@ -25,6 +26,9 @@ public class SysRegisterController extends BaseController
|
||||
@Autowired
|
||||
private ISysConfigService configService;
|
||||
|
||||
@Autowired
|
||||
private PasswordTransferCryptoService passwordTransferCryptoService;
|
||||
|
||||
@PostMapping("/register")
|
||||
public AjaxResult register(@RequestBody RegisterBody user)
|
||||
{
|
||||
@@ -32,6 +36,7 @@ public class SysRegisterController extends BaseController
|
||||
{
|
||||
return error("当前系统没有开启注册功能!");
|
||||
}
|
||||
user.setPassword(passwordTransferCryptoService.decrypt(user.getPassword()));
|
||||
String msg = registerService.register(user);
|
||||
return StringUtils.isEmpty(msg) ? success() : error(msg);
|
||||
}
|
||||
|
||||
@@ -0,0 +1,40 @@
|
||||
package com.ruoyi.web.controller.system;
|
||||
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.mockito.Mockito.verify;
|
||||
import static org.mockito.Mockito.when;
|
||||
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
||||
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.springframework.test.util.ReflectionTestUtils;
|
||||
import org.springframework.test.web.servlet.MockMvc;
|
||||
import org.springframework.test.web.servlet.setup.MockMvcBuilders;
|
||||
import com.ruoyi.framework.web.service.PasswordTransferCryptoService;
|
||||
import com.ruoyi.framework.web.service.SysLoginService;
|
||||
|
||||
class SysLoginControllerPasswordTransferTest
|
||||
{
|
||||
@Test
|
||||
void shouldDecryptPasswordBeforeCallingLoginService() throws Exception
|
||||
{
|
||||
SysLoginService loginService = mock(SysLoginService.class);
|
||||
PasswordTransferCryptoService passwordTransferCryptoService = mock(PasswordTransferCryptoService.class);
|
||||
when(passwordTransferCryptoService.decrypt("cipher")).thenReturn("admin123");
|
||||
when(loginService.login("admin", "admin123", "1", "u")).thenReturn("token");
|
||||
|
||||
SysLoginController controller = new SysLoginController();
|
||||
ReflectionTestUtils.setField(controller, "loginService", loginService);
|
||||
ReflectionTestUtils.setField(controller, "passwordTransferCryptoService", passwordTransferCryptoService);
|
||||
|
||||
MockMvc mockMvc = MockMvcBuilders.standaloneSetup(controller).build();
|
||||
|
||||
mockMvc.perform(post("/login")
|
||||
.contentType("application/json")
|
||||
.content("{\"username\":\"admin\",\"password\":\"cipher\",\"code\":\"1\",\"uuid\":\"u\"}"))
|
||||
.andExpect(status().isOk());
|
||||
|
||||
verify(passwordTransferCryptoService).decrypt("cipher");
|
||||
verify(loginService).login("admin", "admin123", "1", "u");
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,50 @@
|
||||
package com.ruoyi.web.controller.system;
|
||||
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.mockito.Mockito.verify;
|
||||
import static org.mockito.Mockito.when;
|
||||
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
||||
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.mockito.ArgumentCaptor;
|
||||
import org.springframework.test.util.ReflectionTestUtils;
|
||||
import org.springframework.test.web.servlet.MockMvc;
|
||||
import org.springframework.test.web.servlet.setup.MockMvcBuilders;
|
||||
import com.ruoyi.common.core.domain.model.RegisterBody;
|
||||
import com.ruoyi.framework.web.service.PasswordTransferCryptoService;
|
||||
import com.ruoyi.framework.web.service.SysRegisterService;
|
||||
import com.ruoyi.system.service.ISysConfigService;
|
||||
|
||||
class SysRegisterControllerPasswordTransferTest
|
||||
{
|
||||
@Test
|
||||
void shouldDecryptPasswordBeforeCallingRegisterService() throws Exception
|
||||
{
|
||||
SysRegisterService registerService = mock(SysRegisterService.class);
|
||||
ISysConfigService configService = mock(ISysConfigService.class);
|
||||
PasswordTransferCryptoService passwordTransferCryptoService = mock(PasswordTransferCryptoService.class);
|
||||
when(configService.selectConfigByKey("sys.account.registerUser")).thenReturn("true");
|
||||
when(passwordTransferCryptoService.decrypt("cipher")).thenReturn("admin123");
|
||||
when(registerService.register(any(RegisterBody.class))).thenReturn("");
|
||||
|
||||
SysRegisterController controller = new SysRegisterController();
|
||||
ReflectionTestUtils.setField(controller, "registerService", registerService);
|
||||
ReflectionTestUtils.setField(controller, "configService", configService);
|
||||
ReflectionTestUtils.setField(controller, "passwordTransferCryptoService", passwordTransferCryptoService);
|
||||
|
||||
MockMvc mockMvc = MockMvcBuilders.standaloneSetup(controller).build();
|
||||
|
||||
mockMvc.perform(post("/register")
|
||||
.contentType("application/json")
|
||||
.content("{\"username\":\"u1\",\"password\":\"cipher\",\"code\":\"1\",\"uuid\":\"u\"}"))
|
||||
.andExpect(status().isOk());
|
||||
|
||||
verify(passwordTransferCryptoService).decrypt("cipher");
|
||||
ArgumentCaptor<RegisterBody> captor = ArgumentCaptor.forClass(RegisterBody.class);
|
||||
verify(registerService).register(captor.capture());
|
||||
assertEquals("admin123", captor.getValue().getPassword());
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user