🔨 加密参数.
This commit is contained in:
lijiahang
@@ -27,6 +27,7 @@ import lombok.AllArgsConstructor;
|
||||
import lombok.Builder;
|
||||
import lombok.Data;
|
||||
import lombok.NoArgsConstructor;
|
||||
import org.dromara.visor.framework.web.core.annotation.ParamDecrypt;
|
||||
|
||||
import javax.validation.constraints.NotBlank;
|
||||
import javax.validation.constraints.Size;
|
||||
@@ -61,7 +62,7 @@ public class HostIdentityCreateRequest implements Serializable {
|
||||
@Schema(description = "用户名")
|
||||
private String username;
|
||||
|
||||
@Size(max = 512)
|
||||
@ParamDecrypt
|
||||
@Schema(description = "用户密码")
|
||||
private String password;
|
||||
|
||||
|
||||
@@ -61,10 +61,6 @@ public class HostIdentityQueryRequest extends PageRequest {
|
||||
@Schema(description = "用户名")
|
||||
private String username;
|
||||
|
||||
@Size(max = 512)
|
||||
@Schema(description = "用户密码")
|
||||
private String password;
|
||||
|
||||
@Schema(description = "密钥id")
|
||||
private Long keyId;
|
||||
|
||||
|
||||
@@ -28,6 +28,7 @@ import lombok.Builder;
|
||||
import lombok.Data;
|
||||
import lombok.NoArgsConstructor;
|
||||
import org.dromara.visor.common.security.UpdatePasswordAction;
|
||||
import org.dromara.visor.framework.web.core.annotation.ParamDecrypt;
|
||||
|
||||
import javax.validation.constraints.NotBlank;
|
||||
import javax.validation.constraints.NotNull;
|
||||
@@ -66,7 +67,7 @@ public class HostIdentityUpdateRequest implements UpdatePasswordAction {
|
||||
@Schema(description = "用户名")
|
||||
private String username;
|
||||
|
||||
@Size(max = 512)
|
||||
@ParamDecrypt
|
||||
@Schema(description = "用户密码")
|
||||
private String password;
|
||||
|
||||
|
||||
@@ -27,6 +27,7 @@ import lombok.AllArgsConstructor;
|
||||
import lombok.Builder;
|
||||
import lombok.Data;
|
||||
import lombok.NoArgsConstructor;
|
||||
import org.dromara.visor.framework.web.core.annotation.ParamDecrypt;
|
||||
|
||||
import javax.validation.constraints.NotBlank;
|
||||
import javax.validation.constraints.Size;
|
||||
@@ -51,14 +52,16 @@ public class HostKeyCreateRequest implements Serializable {
|
||||
@Schema(description = "名称")
|
||||
private String name;
|
||||
|
||||
@ParamDecrypt
|
||||
@Schema(description = "公钥文本")
|
||||
private String publicKey;
|
||||
|
||||
@NotBlank
|
||||
@ParamDecrypt
|
||||
@Schema(description = "私钥文本")
|
||||
private String privateKey;
|
||||
|
||||
@Size(max = 512)
|
||||
@ParamDecrypt
|
||||
@Schema(description = "密码")
|
||||
private String password;
|
||||
|
||||
|
||||
@@ -28,6 +28,7 @@ import lombok.Builder;
|
||||
import lombok.Data;
|
||||
import lombok.NoArgsConstructor;
|
||||
import org.dromara.visor.common.security.UpdatePasswordAction;
|
||||
import org.dromara.visor.framework.web.core.annotation.ParamDecrypt;
|
||||
|
||||
import javax.validation.constraints.NotBlank;
|
||||
import javax.validation.constraints.NotNull;
|
||||
@@ -56,14 +57,16 @@ public class HostKeyUpdateRequest implements UpdatePasswordAction {
|
||||
@Schema(description = "名称")
|
||||
private String name;
|
||||
|
||||
@ParamDecrypt
|
||||
@Schema(description = "公钥文本")
|
||||
private String publicKey;
|
||||
|
||||
@NotBlank
|
||||
@ParamDecrypt
|
||||
@Schema(description = "私钥文本")
|
||||
private String privateKey;
|
||||
|
||||
@Size(max = 512)
|
||||
@ParamDecrypt
|
||||
@Schema(description = "密码")
|
||||
private String password;
|
||||
|
||||
|
||||
@@ -24,12 +24,12 @@ package org.dromara.visor.module.asset.handler.host.config.strategy;
|
||||
|
||||
import cn.orionsec.kit.lang.utils.Booleans;
|
||||
import cn.orionsec.kit.lang.utils.Charsets;
|
||||
import cn.orionsec.kit.lang.utils.Exceptions;
|
||||
import cn.orionsec.kit.lang.utils.Strings;
|
||||
import org.dromara.visor.common.constant.Const;
|
||||
import org.dromara.visor.common.constant.ErrorMessage;
|
||||
import org.dromara.visor.common.handler.data.strategy.AbstractGenericsDataStrategy;
|
||||
import org.dromara.visor.common.security.PasswordModifier;
|
||||
import org.dromara.visor.common.utils.AesEncryptUtils;
|
||||
import org.dromara.visor.common.utils.RsaEncryptUtils;
|
||||
import org.dromara.visor.common.utils.Valid;
|
||||
import org.dromara.visor.module.asset.dao.HostIdentityDAO;
|
||||
import org.dromara.visor.module.asset.dao.HostKeyDAO;
|
||||
@@ -126,16 +126,18 @@ public class HostSshConfigStrategy extends AbstractGenericsDataStrategy<HostSshC
|
||||
after.setPassword(before.getPassword());
|
||||
return;
|
||||
}
|
||||
// 检查是否无密码
|
||||
if (Booleans.isTrue(after.getUseNewPassword()) && Strings.isBlank(after.getPassword())) {
|
||||
throw Exceptions.argument(ErrorMessage.PASSWORD_MISSING);
|
||||
// 使用原始密码
|
||||
if (!Booleans.isTrue(after.getUseNewPassword())) {
|
||||
after.setPassword(before.getPassword());
|
||||
return;
|
||||
}
|
||||
// 检查新密码
|
||||
String newPassword = Valid.notBlank(after.getPassword(), ErrorMessage.PASSWORD_MISSING);
|
||||
// 解密密码
|
||||
newPassword = RsaEncryptUtils.decrypt(newPassword);
|
||||
Valid.notBlank(newPassword, ErrorMessage.DECRYPT_ERROR);
|
||||
// 设置密码
|
||||
String newPassword = PasswordModifier.getEncryptNewPassword(after);
|
||||
if (newPassword == null) {
|
||||
newPassword = before.getPassword();
|
||||
}
|
||||
after.setPassword(newPassword);
|
||||
after.setPassword(AesEncryptUtils.encryptAsString(newPassword));
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
Reference in New Issue
Block a user