子用户密码加密

c4729da9 · renjie · a4d43e3e · c4729da9 · c4729da9 · c4729da9
Commit c4729da9 authored Apr 03, 2020 by renjie
10 changed files
--- a/src/main/java/com/edgec/browserbackend/account/controller/AdministratorController.java
+++ b/src/main/java/com/edgec/browserbackend/account/controller/AdministratorController.java
 package com.edgec.browserbackend.account.controller;
+import com.edgec.browserbackend.account.dto.BillQueryResultDto;
 import com.edgec.browserbackend.account.dto.ResultDto;
 import com.edgec.browserbackend.account.service.*;
 import com.edgec.browserbackend.account.domain.*;
@@ -111,7 +112,7 @@ public class AdministratorController {
    //根据用户名查询用户账单tested
    @PreAuthorize("hasRole('ADMIN')")
    @RequestMapping(path ="/0xadministrator/searchuserbill/{name}",method = RequestMethod.GET)
-    public List<UserPrePaidBilling> getUserBillByName(@PathVariable String name){
+    public BillQueryResultDto getUserBillByName(@PathVariable String name){
        return administratorService.getUserBillingByName(name);
    }

--- a/src/main/java/com/edgec/browserbackend/account/dto/BillQueryResultDto.java
+++ b/src/main/java/com/edgec/browserbackend/account/dto/BillQueryResultDto.java
+package com.edgec.browserbackend.account.dto;
+import com.edgec.browserbackend.account.domain.UserPrePaidBilling;
+import java.util.List;
+public class BillQueryResultDto {
+    List<UserPrePaidBilling> userPrePaidBillingList;
+    double totalExpense;
+    double totalEarn;
+    public double getTotalEarn() {
+        return totalEarn;
+    }
+    public void setTotalEarn(double totalEarn) {
+        this.totalEarn = totalEarn;
+    }
+    public double getTotalExpense() {
+        return totalExpense;
+    }
+    public void setTotalExpense(double totalExpense) {
+        this.totalExpense = totalExpense;
+    }
+    public List<UserPrePaidBilling> getUserPrePaidBillingList() {
+        return userPrePaidBillingList;
+    }
+    public void setUserPrePaidBillingList(List<UserPrePaidBilling> userPrePaidBillingList) {
+        this.userPrePaidBillingList = userPrePaidBillingList;
+    }
+}
--- a/src/main/java/com/edgec/browserbackend/account/repository/UserPrePaidBillingRepository.java
+++ b/src/main/java/com/edgec/browserbackend/account/repository/UserPrePaidBillingRepository.java
@@ -22,6 +22,10 @@ public interface UserPrePaidBillingRepository extends MongoRepository<UserPrePai
    List<UserPrePaidBilling> findByUsernameAndYearAndMonthAndPayMethodIsNot(String username, int year, int month, int payMethod);
+    List<UserPrePaidBilling> findByUsernameAndPayMethodIsNot(String username, int payMethod);
+    List<UserPrePaidBilling> findByUsernameAndChargeType(String username, int chargeType);
    List<UserPrePaidBilling> findByYearAndMonth(int year, int month);
    List<UserPrePaidBilling> findByStatus(BillStatus status);

--- a/src/main/java/com/edgec/browserbackend/account/service/AdministratorService.java
+++ b/src/main/java/com/edgec/browserbackend/account/service/AdministratorService.java
 package com.edgec.browserbackend.account.service;
 import com.edgec.browserbackend.account.domain.*;
+import com.edgec.browserbackend.account.dto.BillQueryResultDto;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.Pageable;
@@ -22,7 +23,7 @@ public interface AdministratorService {
    Account getAccountByEmail(String target);
-    List<UserPrePaidBilling> getUserBillingByName(String name);
+    BillQueryResultDto getUserBillingByName(String name);
    Account unLockLockedAccount(String name, Account account);

--- a/src/main/java/com/edgec/browserbackend/account/service/impl/AccountServiceImpl.java
+++ b/src/main/java/com/edgec/browserbackend/account/service/impl/AccountServiceImpl.java
@@ -23,6 +23,7 @@ import com.edgec.browserbackend.browser.service.IpResourceService;
 import com.edgec.browserbackend.browser.service.ShopService;
 import com.edgec.browserbackend.common.commons.error.ClientRequestException;
 import com.edgec.browserbackend.common.commons.utils.CommonStringUtils;
+import com.edgec.browserbackend.common.utils.Aes;
 import com.edgec.browserbackend.common.utils.FileUtil;
 import com.mongodb.DB;
 import com.mongodb.client.gridfs.GridFSBucket;
@@ -761,7 +762,7 @@ public class AccountServiceImpl implements AccountService {
            if (user.getWhiteList() != null && user.getWhiteList().size() > 0)
                whiteList.addAll(user.getWhiteList());
            account.setWhiteList(whiteList);
-            account.setPassword(password);
+            account.setPassword(Aes.aesEncrypt(password));
            repository.save(account);
 //        emailService.sendEmailVerification(user.getUsername(), user.getEmail(), user.getVerificationCode());
@@ -819,9 +820,7 @@ public class AccountServiceImpl implements AccountService {
                whiteList.addAll(subUsersRequestDto.getWhiteList());
            childAccount.setWhiteList(whiteList);
            if (org.apache.commons.lang3.StringUtils.isNotBlank(subUsersRequestDto.getPassword()))
-                childAccount.setPassword(subUsersRequestDto.getPassword());
+                childAccount.setPassword(Aes.aesEncrypt(subUsersRequestDto.getPassword()));
-            else
-                childAccount.setPassword(makeRandomPassword(8));
            repository.save(childAccount);
        }

--- a/src/main/java/com/edgec/browserbackend/account/service/impl/AdministratorServiceImpl.java
+++ b/src/main/java/com/edgec/browserbackend/account/service/impl/AdministratorServiceImpl.java
 package com.edgec.browserbackend.account.service.impl;
 import com.edgec.browserbackend.account.domain.*;
+import com.edgec.browserbackend.account.dto.BillQueryResultDto;
 import com.edgec.browserbackend.account.exception.AccountErrorCode;
 import com.edgec.browserbackend.account.repository.*;
 import com.edgec.browserbackend.account.service.AdministratorService;
@@ -18,6 +19,7 @@ import org.springframework.stereotype.Service;
 import java.text.ParseException;
 import java.text.SimpleDateFormat;
+import java.time.YearMonth;
 import java.time.ZoneOffset;
 import java.time.ZonedDateTime;
 import java.util.ArrayList;
@@ -103,12 +105,23 @@ public class AdministratorServiceImpl implements AdministratorService {
    @Override
-    public List<UserPrePaidBilling> getUserBillingByName(String name) {
+    public BillQueryResultDto getUserBillingByName(String name) {
        List<UserPrePaidBilling> userBillingList = userPrePaidBillingRepository.findByUsername(name);
        if (userBillingList == null)
            throw new ClientRequestException(AccountErrorCode.NAMENOTEXIST, "Username does not exist: " + name);
-        double total = userBillingList.stream().mapToDouble(UserPrePaidBilling::getTotal).sum();
+        List<UserPrePaidBilling> userPrePaidBillings = userPrePaidBillingRepository.findByUsernameAndPayMethodIsNot(name, 0);
-        return userBillingList;
+        double totalexpense = 0;
+        if (userPrePaidBillings != null)
+            totalexpense = userPrePaidBillings.stream().mapToDouble(UserPrePaidBilling::getTotal).sum();
+        List<UserPrePaidBilling> userPrePaidBillings1 = userPrePaidBillingRepository.findByUsernameAndChargeType(name, 4);
+        double totalearn = 0;
+        if (userPrePaidBillings1 != null)
+            totalearn = userPrePaidBillings1.stream().mapToDouble(UserPrePaidBilling::getTotal).sum();
+        BillQueryResultDto billQueryResultDto = new BillQueryResultDto();
+        billQueryResultDto.setUserPrePaidBillingList(userBillingList);
+        billQueryResultDto.setTotalEarn(totalearn);
+        billQueryResultDto.setTotalExpense(totalexpense);
+        return billQueryResultDto;
    }
    @Override

--- a/src/main/java/com/edgec/browserbackend/account/service/impl/PaymentServiceImpl.java
+++ b/src/main/java/com/edgec/browserbackend/account/service/impl/PaymentServiceImpl.java
@@ -306,6 +306,8 @@ public class PaymentServiceImpl implements PaymentService {
                        int year = lastmonth.getYear();
                        bill.setYear(year);
                        bill.setMonth(monthValue);
+                        userPrePaidBillingRepository.save(bill);
                    }
                    balance.setBalanced(balance.getBalanced() + byTradeNo.getAmount() + payBack.getBack());

--- a/src/main/java/com/edgec/browserbackend/common/charge/ChargeType.java
+++ b/src/main/java/com/edgec/browserbackend/common/charge/ChargeType.java
@@ -8,4 +8,5 @@ public interface ChargeType {
    int newip = 1;      // 购买vps， ip
    int renew = 2;      // 续费ip
    int returnunused = 3; // 退还
+    int gift = 4;       // 礼金提现
 }
--- a/src/main/java/com/edgec/browserbackend/common/utils/Aes.java
+++ b/src/main/java/com/edgec/browserbackend/common/utils/Aes.java
+package com.edgec.browserbackend.common.utils;
+import org.bouncycastle.jce.provider.BouncyCastleProvider;
+import org.springframework.util.StringUtils;
+import sun.misc.BASE64Decoder;
+import javax.crypto.*;
+import javax.crypto.spec.PBEKeySpec;
+import javax.crypto.spec.SecretKeySpec;
+import java.io.UnsupportedEncodingException;
+import java.math.BigInteger;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.Security;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.KeySpec;
+import java.util.Base64;
+public class Aes {
+    //密钥 (需要前端和后端保持一致)
+    private static final String KEY = "iefWFOAjfwefnWEI";
+    //算法
+    private static final String ALGORITHMSTR = "AES/ECB/PKCS5Padding";
+    /**
+     * aes解密
+     *
+     * @param encrypt 内容
+     * @return
+     * @throws Exception
+     */
+    public static String aesDecrypt(String encrypt) {
+        try {
+            return aesDecrypt(encrypt, KEY);
+        } catch (Exception e) {
+            e.printStackTrace();
+            return "";
+        }
+    }
+    /**
+     * aes加密
+     *
+     * @param content
+     * @return
+     * @throws Exception
+     */
+    public static String aesEncrypt(String content) {
+        try {
+            return aesEncrypt(content, KEY);
+        } catch (Exception e) {
+            e.printStackTrace();
+            return "";
+        }
+    }
+    /**
+     * 将byte[]转为各种进制的字符串
+     *
+     * @param bytes byte[]
+     * @param radix 可以转换进制的范围，从Character.MIN_RADIX到Character.MAX_RADIX，超出范围后变为10进制
+     * @return 转换后的字符串
+     */
+    public static String binary(byte[] bytes, int radix) {
+        return new BigInteger(1, bytes).toString(radix);// 这里的1代表正数
+    }
+    /**
+     * base 64 encode
+     *
+     * @param bytes 待编码的byte[]
+     * @return 编码后的base 64 code
+     */
+    public static String base64Encode(byte[] bytes) {
+        return Base64.getEncoder().encodeToString(bytes);
+    }
+    /**
+     * base 64 decode
+     *
+     * @param base64Code 待解码的base 64 code
+     * @return 解码后的byte[]
+     * @throws Exception
+     */
+    public static byte[] base64Decode(String base64Code) throws Exception {
+        return StringUtils.isEmpty(base64Code) ? null : new BASE64Decoder().decodeBuffer(base64Code);
+    }
+    /**
+     * AES加密
+     *
+     * @param content    待加密的内容
+     * @param encryptKey 加密密钥
+     * @return 加密后的byte[]
+     * @throws Exception
+     */
+    public static byte[] aesEncryptToBytes(String content, String encryptKey) throws Exception {
+        KeyGenerator kgen = KeyGenerator.getInstance("AES");
+        kgen.init(128);
+        Cipher cipher = Cipher.getInstance(ALGORITHMSTR);
+        cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(encryptKey.getBytes(), "AES"));
+        return cipher.doFinal(content.getBytes("utf-8"));
+    }
+    /**
+     * AES加密为base 64 code
+     *
+     * @param content    待加密的内容
+     * @param encryptKey 加密密钥
+     * @return 加密后的base 64 code
+     * @throws Exception
+     */
+    public static String aesEncrypt(String content, String encryptKey) throws Exception {
+        return base64Encode(aesEncryptToBytes(content, encryptKey));
+    }
+    /**
+     * AES解密
+     *
+     * @param encryptBytes 待解密的byte[]
+     * @param decryptKey   解密密钥
+     * @return 解密后的String
+     * @throws Exception
+     */
+    public static String aesDecryptByBytes(byte[] encryptBytes, String decryptKey) throws Exception {
+        KeyGenerator kgen = KeyGenerator.getInstance("AES");
+        kgen.init(128);
+        Cipher cipher = Cipher.getInstance(ALGORITHMSTR);
+        cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(decryptKey.getBytes(), "AES"));
+        byte[] decryptBytes = cipher.doFinal(encryptBytes);
+        return new String(decryptBytes);
+    }
+    /**
+     * 将base 64 code AES解密
+     *
+     * @param encryptStr 待解密的base 64 code
+     * @param decryptKey 解密密钥
+     * @return 解密后的string
+     * @throws Exception
+     */
+    public static String aesDecrypt(String encryptStr, String decryptKey) throws Exception {
+        return StringUtils.isEmpty(encryptStr) ? null : aesDecryptByBytes(base64Decode(encryptStr), decryptKey);
+    }
+    /**
+     * 测试
+     */
+    public static void main(String[] args) throws Exception {
+        String content = "123";
+        System.out.println("加密前：" + content);
+        System.out.println("加密密钥和解密密钥：" + KEY);
+        String encrypt = aesEncrypt(content, KEY);
+        System.out.println("加密后：" + encrypt);
+        String decrypt = aesDecrypt(encrypt, KEY);
+        System.out.println("解密后：" + decrypt);
+    }
+}
--- a/src/main/java/com/edgec/browserbackend/common/utils/EncodeUtil.java
+++ b/src/main/java/com/edgec/browserbackend/common/utils/EncodeUtil.java
-package com.edgec.browserbackend.common.utils;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.springframework.util.StringUtils;
-import javax.crypto.*;
-import javax.crypto.spec.PBEKeySpec;
-import javax.crypto.spec.SecretKeySpec;
-import java.io.UnsupportedEncodingException;
-import java.security.InvalidKeyException;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.Security;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.KeySpec;
-import java.util.Base64;
-public class EncodeUtil {
-    public void decodeBase64() {
-        System.out.println(Base64.getDecoder().decode("G65nlqVr9c7ZBUN/uEG136nZ/a1lneIHbQ3sY8Cj5SA="));
-    }
-    public void encodeBase64() throws NoSuchPaddingException, NoSuchAlgorithmException, NoSuchProviderException, UnsupportedEncodingException, InvalidKeySpecException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
-        byte[] byteContent = new byte[0];
-        byteContent = "b3LcaXzXzf4Z6GzB6q2KyMP5RC1pF6".getBytes("utf-8");
-        byte[] salt = new byte[]{
-                0x47, 0x8, 0x0e, 0x0b, 0x02, 0x0f, 0x0b, 0x0c,
-                0x01, 0x03, 0x12, 0x07, 0x0c, 0x02, 0x07, 0x09,
-                0x0a, 0x0a, 0x01, 0x07, 0x0b, 0x07, 0x09, 0x0d};
-        SecretKeyFactory factory = null;
-        factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
-        char[] passphrase = (StringUtils.isEmpty(System.getenv("INTELLIGROUP_PHRASE")) ?
-                "ACtrecje!@9cs93cdeMMdkc" : System.getenv("INTELLIGROUP_PHRASE")).toCharArray();
-        KeySpec spec = new PBEKeySpec(passphrase, salt, 65536, 256);
-        SecretKey tmp = null;
-        tmp = factory.generateSecret(spec);
-        SecretKeySpec secret = new SecretKeySpec(tmp.getEncoded(), "AES");
-        Security.addProvider(new BouncyCastleProvider());
-        Cipher encryptor = null;
-        encryptor = Cipher.getInstance("AES/ECB/PKCS7Padding", "BC");
-        encryptor.init(Cipher.ENCRYPT_MODE, secret);
-        byte[] cryptograph = new byte[0];
-        cryptograph = encryptor.doFinal(byteContent);
-        String encryptedKeyId = Base64.getEncoder().encodeToString(cryptograph);
-        System.out.println(encryptedKeyId);
-    }
-}