publish 0.8.0

CHANGELOG.md

@@ -0,0 +1,25 @@
+## 0.8.0
+
+### 调整
+
+> 1，移除**PasswordUtil**类，新增**EncryptConfig**配置；  
+> 2，默认启用网络请求的加解密，前端请配合接口使用。  
+
+## 0.7.4
+
+### 新增
+
+> 现在操作日志默认收集（不包括GET请求）：使用方法名称和接口作为参数存储。如果存在OperationLog注解，则使用注解的内容。
+
+## 0.7.3
+
+### 增加
+
+> 1，TsTokenConfig增加新的属性**ignorePaths**，用于通过路径忽略token；  
+> 2，PasswordUtils增加密码复杂度校验方法；  
+> 3，PasswordUtils.verifyPassword增加登录次数限制：10分钟内不能错误6次；
+>
+
+### 调整
+
+> 1，TsTokenConfig中的**ignores**属性调整为**testMap**；  

README.md

@@ -0,0 +1,4 @@
+## 杭州铁晟科技有限公司基础项目
+
+更新日志可点击查看[changelog](./CHANGELOG.md ':include')
+

pom.xml

@@ -6,7 +6,7 @@
 
     <groupId>com.tiesheng.springboot-parent</groupId>
     <artifactId>springboot-parent</artifactId>
-    <version>0.7.2</version>
+    <version>0.8.0</version>
     <packaging>pom</packaging>
     <name>springboot-parent</name>
     <description>杭州铁晟科技有限公司基础依赖</description>
@@ -57,55 +57,55 @@
             <dependency>
                 <groupId>com.tiesheng.springboot-parent</groupId>
                 <artifactId>springboot-database</artifactId>
-                <version>0.7.2</version>
+                <version>0.8.0</version>
             </dependency>
 
             <dependency>
                 <groupId>com.tiesheng.springboot-parent</groupId>
                 <artifactId>springboot-login</artifactId>
-                <version>0.7.2</version>
+                <version>0.8.0</version>
             </dependency>
 
             <dependency>
                 <groupId>com.tiesheng.springboot-parent</groupId>
                 <artifactId>springboot-web</artifactId>
-                <version>0.7.2</version>
+                <version>0.8.0</version>
             </dependency>
 
             <dependency>
                 <groupId>com.tiesheng.springboot-parent</groupId>
                 <artifactId>springboot-util</artifactId>
-                <version>0.7.2</version>
+                <version>0.8.0</version>
             </dependency>
 
             <dependency>
                 <groupId>com.tiesheng.springboot-parent</groupId>
                 <artifactId>springboot-platform</artifactId>
-                <version>0.7.2</version>
+                <version>0.8.0</version>
             </dependency>
 
             <dependency>
                 <groupId>com.tiesheng.springboot-parent</groupId>
                 <artifactId>springboot-message</artifactId>
-                <version>0.7.2</version>
+                <version>0.8.0</version>
             </dependency>
 
             <dependency>
                 <groupId>com.tiesheng.springboot-parent</groupId>
                 <artifactId>springboot-encrypt</artifactId>
-                <version>0.7.2</version>
+                <version>0.8.0</version>
             </dependency>
 
             <dependency>
                 <groupId>com.tiesheng.springboot-parent</groupId>
                 <artifactId>springboot-annotation</artifactId>
-                <version>0.7.2</version>
+                <version>0.8.0</version>
             </dependency>
 
             <dependency>
                 <groupId>com.tiesheng.springboot-parent</groupId>
                 <artifactId>springboot-poi</artifactId>
-                <version>0.7.2</version>
+                <version>0.8.0</version>
             </dependency>
 
             <dependency>

springboot-ademo/pom.xml

@@ -6,7 +6,7 @@
     <parent>
         <groupId>com.tiesheng.springboot-parent</groupId>
         <artifactId>springboot-parent</artifactId>
-        <version>0.7.2</version>
+        <version>0.8.0</version>
     </parent>
 
     <artifactId>springboot-ademo</artifactId>

springboot-ademo/src/main/java/com/tiesheng/demo/DemoApplication.java

@@ -3,6 +3,7 @@ package com.tiesheng.demo;
 
 import com.tiesheng.core.EnableTieshengWeb;
 import com.tiesheng.demo.config.DemoWebConfigurer;
+import com.tiesheng.encrypt.EnableEncryptConfig;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.transaction.annotation.EnableTransactionManagement;
@@ -13,6 +14,7 @@ import org.springframework.transaction.annotation.EnableTransactionManagement;
 @EnableTransactionManagement
 @SpringBootApplication
 @EnableTieshengWeb(webConfigurer = DemoWebConfigurer.class)
+@EnableEncryptConfig
 public class DemoApplication {
 
     public static void main(String[] args) {

springboot-ademo/src/main/java/com/tiesheng/demo/config/DemoWebConfigurer.java

@@ -20,7 +20,10 @@ public class DemoWebConfigurer implements TieshengWebConfigurer {
 
     @Override
     public RequestUserInfo getCurrentUserName(TokenBean tokenBean) {
-        return null;
+        RequestUserInfo info = new RequestUserInfo();
+        info.setId("1");
+        info.setName("test");
+        return info;
     }
 
     @Override

springboot-ademo/src/main/java/com/tiesheng/demo/controller/TestController.java

@@ -9,6 +9,7 @@ import com.tiesheng.login.config.token.TsTokenConfig;
 import com.tiesheng.login.config.token.bean.TokenBean;
 import com.tiesheng.message.config.aliyun.AliyunSmsConfig;
 import com.tiesheng.message.pojos.MessageReqResp;
+import com.tiesheng.util.config.EncryptConfig;
 import com.tiesheng.util.config.GlobalConfig;
 import com.tiesheng.util.config.Ip2regionConfig;
 import com.tiesheng.util.pojos.ApiResp;
@@ -35,6 +36,8 @@ public class TestController {
     TsTokenConfig tsTokenConfig;
     @Autowired
     Ip2regionConfig ip2regionConfig;
+    @Autowired
+    EncryptConfig encryptConfig;
 
 
     @RequestMapping("/index")
@@ -48,6 +51,7 @@ public class TestController {
     }
 
     @RequestMapping("/redirect")
+    @TokenIgnore
     public void redirect(HttpServletResponse response) {
 //        tsTokenConfig.validToken("eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE2NzYwMDY4NzUsImlkIjoiMSIsImVudmlyb25tZW50VHlwZSI6Im1vYmlsZSIsInNlcnZpY2UiOiJjb250ZXN0LXJlc2VydmUiLCJleHRyYSI6IiJ9.nsfxEFpCNHC7eNCS5DJXdu1VDdnHrTjSfgrozND70Lc", true);
 //        globalConfig.redirect("mobile", "/test", response);
@@ -102,4 +106,16 @@ public class TestController {
         return ApiResp.respOK(CollUtil.newArrayList(file, file1));
     }
 
+
+    @RequestMapping("passwd")
+    @TokenIgnore
+    public ApiResp<String> passwd() {
+
+        String passwdCreate = encryptConfig.passwdCreate("12345Zeng!", "");
+        LogFactory.get().info(passwdCreate);
+        encryptConfig.passwdVerify("12345Zeng!", passwdCreate);
+
+        return ApiResp.respOK("");
+    }
+
 }

springboot-ademo/src/main/resources/application-test.yml

@@ -16,7 +16,7 @@ platform:
 
 tiesheng:
   token:
-    ignores:
+    test-map:
       "1111":
         id: "1111"
   global:

springboot-annotation/pom.xml

@@ -6,7 +6,7 @@
     <parent>
         <groupId>com.tiesheng.springboot-parent</groupId>
         <artifactId>springboot-parent</artifactId>
-        <version>0.7.2</version>
+        <version>0.8.0</version>
     </parent>
 
     <artifactId>springboot-annotation</artifactId>

springboot-annotation/src/main/java/com/tiesheng/annotation/encrypt/EncryptedRespBody.java

@@ -1,12 +0,0 @@
-package com.tiesheng.annotation.encrypt;
-
-import java.lang.annotation.*;
-
-/**
- * @author hao
- */
-@Target({ElementType.TYPE})
-@Retention(RetentionPolicy.RUNTIME)
-@Documented
-public @interface EncryptedRespBody {
-}

springboot-database/pom.xml

@@ -6,7 +6,7 @@
     <parent>
         <groupId>com.tiesheng.springboot-parent</groupId>
         <artifactId>springboot-parent</artifactId>
-        <version>0.7.2</version>
+        <version>0.8.0</version>
     </parent>
 
     <artifactId>springboot-database</artifactId>

springboot-database/src/main/java/com/tiesheng/database/service/DbMigrationInitializer.java

@@ -4,7 +4,6 @@ package com.tiesheng.database.service;
 import cn.hutool.core.date.DateUtil;
 import cn.hutool.core.io.IoUtil;
 import cn.hutool.core.lang.func.VoidFunc1;
-import cn.hutool.core.util.ArrayUtil;
 import cn.hutool.core.util.IdUtil;
 import cn.hutool.core.util.StrUtil;
 import cn.hutool.db.Db;
@@ -20,6 +19,8 @@ import javax.servlet.ServletContext;
 import javax.sql.DataSource;
 import java.io.InputStream;
 import java.sql.SQLException;
+import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.List;
 import java.util.zip.Checksum;
 
@@ -61,14 +62,16 @@ public class DbMigrationInitializer implements ServletContextInitializer {
         dbMigrationConfig.checkDbExists(coreDb);
 
         PathMatchingResourcePatternResolver patternResolver = new PathMatchingResourcePatternResolver();
+        List<Resource> resourceList = new ArrayList<>();
         for (String location : dbMigrationConfig.getLocations()) {
             Resource[] resources = patternResolver.getResources(location);
-            if (ArrayUtil.isEmpty(resources)) {
+            resourceList.addAll(Arrays.asList(resources));
-                return;
+        }
-            }
+
-            for (Resource resource : resources) {
+        // 排序后执行sql
-                migrationByResource(resource, coreDb);
+        resourceList.sort((o1, o2) -> StrUtil.compare(o1.getFilename(), o2.getFilename(), true));
-            }
+        for (Resource resource : resourceList) {
+            migrationByResource(resource, coreDb);
         }
     }
 

springboot-encrypt/pom.xml

@@ -6,7 +6,7 @@
     <parent>
         <groupId>com.tiesheng.springboot-parent</groupId>
         <artifactId>springboot-parent</artifactId>
-        <version>0.7.2</version>
+        <version>0.8.0</version>
     </parent>
 
     <artifactId>springboot-encrypt</artifactId>
@@ -18,11 +18,6 @@
     </properties>
 
     <dependencies>
-        <dependency>
-            <groupId>org.bouncycastle</groupId>
-            <artifactId>bcprov-jdk15to18</artifactId>
-            <version>1.68</version>
-        </dependency>
 
         <dependency>
             <groupId>org.springframework.boot</groupId>

springboot-encrypt/src/main/java/com/tiesheng/encrypt/EnableEncryptConfig.java

@@ -1,20 +1,21 @@
 package com.tiesheng.encrypt;
 
 
-import com.tiesheng.encrypt.config.EncryptConfig;
 import com.tiesheng.encrypt.config.EncryptRequestBodyAdvice;
 import com.tiesheng.encrypt.config.EncryptResponseBodyAdvice;
-import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Import;
-import org.springframework.context.annotation.Configuration;
+
+import java.lang.annotation.*;
 
 /**
  * @author hao
  */
-@Configuration
+@Retention(RetentionPolicy.RUNTIME)
-@ComponentScan(basePackageClasses = {
+@Target({ElementType.TYPE})
-        EncryptConfig.class,
+@Documented
+@Import({
         EncryptRequestBodyAdvice.class,
         EncryptResponseBodyAdvice.class,
 })
-public class EnableEncryptConfig {
+public @interface EnableEncryptConfig {
 }

springboot-encrypt/src/main/java/com/tiesheng/encrypt/config/EncryptConfig.java

@@ -1,44 +0,0 @@
-package com.tiesheng.encrypt.config;
-
-import org.springframework.boot.context.properties.ConfigurationProperties;
-import org.springframework.context.annotation.Configuration;
-
-/**
- * @author hao
- */
-@Configuration
-@ConfigurationProperties(prefix = "tiesheng.encrypt")
-public class EncryptConfig {
-
-    public String publicD;
-    public String privateQ;
-    private boolean enable = false;
-
-    ///////////////////////////////////////////////////////////////////////////
-    // setter\getter
-    ///////////////////////////////////////////////////////////////////////////
-
-    public boolean isEnable() {
-        return enable;
-    }
-
-    public void setEnable(boolean enable) {
-        this.enable = enable;
-    }
-
-    public String getPublicD() {
-        return publicD;
-    }
-
-    public void setPublicD(String publicD) {
-        this.publicD = publicD;
-    }
-
-    public String getPrivateQ() {
-        return privateQ;
-    }
-
-    public void setPrivateQ(String privateQ) {
-        this.privateQ = privateQ;
-    }
-}

springboot-encrypt/src/main/java/com/tiesheng/encrypt/config/EncryptRequestBodyAdvice.java

@@ -3,13 +3,8 @@ package com.tiesheng.encrypt.config;
 import cn.hutool.core.io.IoUtil;
 import cn.hutool.core.util.CharsetUtil;
 import cn.hutool.core.util.StrUtil;
-import cn.hutool.crypto.ECKeyUtil;
-import cn.hutool.crypto.SmUtil;
-import cn.hutool.crypto.asymmetric.KeyType;
-import cn.hutool.crypto.asymmetric.SM2;
 import cn.hutool.json.JSONUtil;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
+import com.tiesheng.util.config.EncryptConfig;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.core.MethodParameter;
 import org.springframework.http.HttpHeaders;
@@ -42,12 +37,8 @@ public class EncryptRequestBodyAdvice implements RequestBodyAdvice {
     public HttpInputMessage beforeBodyRead(HttpInputMessage inputMessage, MethodParameter parameter, Type targetType,
                                            Class<? extends HttpMessageConverter<?>> converterType) {
 
-        if (!encryptConfig.isEnable()) {
-            return inputMessage;
-        }
-
         try {
-            return new DecryptHttpInputMessage(inputMessage, encryptConfig.getPrivateQ());
+            return new DecryptHttpInputMessage(inputMessage, encryptConfig);
         } catch (Exception ignore) {
         }
 
@@ -72,16 +63,12 @@ public class EncryptRequestBodyAdvice implements RequestBodyAdvice {
         private HttpHeaders headers;
         private InputStream body;
 
-        DecryptHttpInputMessage(HttpInputMessage inputMessage, String privateQ) throws Exception {
+        DecryptHttpInputMessage(HttpInputMessage inputMessage, EncryptConfig encryptConfig) throws Exception {
             this.headers = inputMessage.getHeaders();
             String bodyStr = IoUtil.read(inputMessage.getBody(), CharsetUtil.CHARSET_UTF_8);
             String encryptData = JSONUtil.parseObj(bodyStr).getStr("encryptData");
             if (!StrUtil.isEmpty(encryptData)) {
-                // 部分语言加密之后缺少04前缀，如果解密失败，可尝试增加04
+                String decrypt = encryptConfig.decrypt(encryptData);
-                ECPrivateKeyParameters privateKeyParameters = ECKeyUtil.toSm2PrivateParams(privateQ);
-                ECPublicKeyParameters publicKeyParameters = ECKeyUtil.getPublicParams(privateKeyParameters);
-                SM2 sm2 = SmUtil.sm2(privateKeyParameters, publicKeyParameters);
-                String decrypt = sm2.decryptStr(encryptData, KeyType.PrivateKey);
                 this.body = IoUtil.toStream(decrypt, Charset.defaultCharset());
             } else {
                 this.body = IoUtil.toStream(bodyStr, Charset.defaultCharset());

springboot-encrypt/src/main/java/com/tiesheng/encrypt/config/EncryptResponseBodyAdvice.java

@@ -2,16 +2,10 @@ package com.tiesheng.encrypt.config;
 
 import cn.hutool.core.annotation.AnnotationUtil;
 import cn.hutool.core.util.StrUtil;
-import cn.hutool.crypto.ECKeyUtil;
-import cn.hutool.crypto.SmUtil;
-import cn.hutool.crypto.asymmetric.KeyType;
-import cn.hutool.crypto.asymmetric.SM2;
 import cn.hutool.json.JSONObject;
 import cn.hutool.json.JSONUtil;
 import cn.hutool.log.LogFactory;
-import com.tiesheng.annotation.encrypt.EncryptedRespBody;
+import com.tiesheng.util.config.EncryptConfig;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.core.MethodParameter;
 import org.springframework.http.MediaType;
@@ -19,6 +13,7 @@ import org.springframework.http.converter.HttpMessageConverter;
 import org.springframework.http.server.ServerHttpRequest;
 import org.springframework.http.server.ServerHttpResponse;
 import org.springframework.web.bind.annotation.ControllerAdvice;
+import org.springframework.web.bind.annotation.RestController;
 import org.springframework.web.servlet.mvc.method.annotation.ResponseBodyAdvice;
 
 
@@ -33,22 +28,13 @@ public class EncryptResponseBodyAdvice implements ResponseBodyAdvice<Object> {
 
     @Override
     public boolean supports(MethodParameter returnType, Class<? extends HttpMessageConverter<?>> converterType) {
-        return true;
+        return AnnotationUtil.getAnnotation(returnType.getContainingClass(), RestController.class) != null;
     }
 
     @Override
     public Object beforeBodyWrite(Object body, MethodParameter returnType, MediaType selectedContentType, Class<? extends
             HttpMessageConverter<?>> selectedConverterType, ServerHttpRequest request, ServerHttpResponse response) {
 
-        if (!encryptConfig.isEnable()) {
-            return body;
-        }
-
-        boolean encrypt = AnnotationUtil.getAnnotation(returnType.getContainingClass(), EncryptedRespBody.class) != null;
-        if (!encrypt) {
-            return body;
-        }
-
         try {
 
             String content = JSONUtil.toJsonStr(body);
@@ -62,12 +48,7 @@ public class EncryptResponseBodyAdvice implements ResponseBodyAdvice<Object> {
             JSONObject resp = JSONUtil.parseObj(content);
             resp.set("encrypted", true);
             if (resp.getInt("code") == 200) {
-                // 用公钥进行加密
+                resp.set("data", encryptConfig.encrypt(respData));
-                ECPrivateKeyParameters privateKeyParameters = ECKeyUtil.toSm2PrivateParams(encryptConfig.getPrivateQ());
-                ECPublicKeyParameters publicKeyParameters = ECKeyUtil.getPublicParams(privateKeyParameters);
-                SM2 sm2 = SmUtil.sm2(privateKeyParameters, publicKeyParameters);
-                String decrypt = sm2.encryptHex(respData, KeyType.PublicKey);
-                resp.set("data", decrypt.substring(2));
             }
             return resp;
         } catch (Exception var17) {

springboot-login/pom.xml

@@ -6,7 +6,7 @@
     <parent>
         <groupId>com.tiesheng.springboot-parent</groupId>
         <artifactId>springboot-parent</artifactId>
-        <version>0.7.2</version>
+        <version>0.8.0</version>
     </parent>
 
     <artifactId>springboot-login</artifactId>

springboot-login/src/main/java/com/tiesheng/login/config/token/TsTokenConfig.java

@@ -23,7 +23,7 @@ import java.util.Map;
 @ConfigurationProperties("tiesheng.token")
 public class TsTokenConfig {
 
-    private Map<String, TokenBean> ignores = MapUtil.newHashMap();
+    private Map<String, TokenBean> testMap = MapUtil.newHashMap();
     private String encryptKey = "%kIp9frQCu";
     private Integer expireHours = 48;
     private String[] ignorePaths;
@@ -57,11 +57,11 @@ public class TsTokenConfig {
      * @param token
      * @return
      */
-    public TokenBean isIgnored(String token) {
+    public TokenBean isTestToken(String token) {
-        if (ignores == null) {
+        if (testMap == null) {
             return null;
         }
-        return ignores.get(token);
+        return testMap.get(token);
     }
 
 
@@ -83,7 +83,7 @@ public class TsTokenConfig {
      * @return
      */
     public TokenBean validToken(String token, boolean thrExp) {
-        TokenBean tokenBean = isIgnored(token);
+        TokenBean tokenBean = isTestToken(token);
         if (tokenBean != null) {
             return tokenBean;
         }
@@ -101,7 +101,8 @@ public class TsTokenConfig {
         }
 
         if (tokenBean == null && thrExp) {
-            throw new ApiException(StrUtil.isEmpty(token) ? "请先登录" : "登录过期，请重新登陆");
+            throw new ApiException(StrUtil.isEmpty(token) ? 110 : 112,
+                    StrUtil.isEmpty(token) ? "请先登录" : "登录过期，请重新登陆");
         }
 
         if (tokenBean == null) {
@@ -116,12 +117,12 @@ public class TsTokenConfig {
     // setter\getter
     ///////////////////////////////////////////////////////////////////////////
 
-    public Map<String, TokenBean> getIgnores() {
+    public Map<String, TokenBean> getTestMap() {
-        return ignores;
+        return testMap;
     }
 
-    public void setIgnores(Map<String, TokenBean> ignores) {
+    public void setTestMap(Map<String, TokenBean> testMap) {
-        this.ignores = ignores;
+        this.testMap = testMap;
     }
 
     public String getEncryptKey() {

springboot-message/pom.xml

@@ -6,7 +6,7 @@
     <parent>
         <groupId>com.tiesheng.springboot-parent</groupId>
         <artifactId>springboot-parent</artifactId>
-        <version>0.7.2</version>
+        <version>0.8.0</version>
     </parent>
 
     <artifactId>springboot-message</artifactId>

springboot-platform/pom.xml

@@ -6,7 +6,7 @@
     <parent>
         <groupId>com.tiesheng.springboot-parent</groupId>
         <artifactId>springboot-parent</artifactId>
-        <version>0.7.2</version>
+        <version>0.8.0</version>
     </parent>
 
     <artifactId>springboot-platform</artifactId>

springboot-poi/pom.xml

@@ -6,7 +6,7 @@
     <parent>
         <groupId>com.tiesheng.springboot-parent</groupId>
         <artifactId>springboot-parent</artifactId>
-        <version>0.7.2</version>
+        <version>0.8.0</version>
     </parent>
 
     <artifactId>springboot-poi</artifactId>

springboot-util/pom.xml

@@ -6,7 +6,7 @@
     <parent>
         <groupId>com.tiesheng.springboot-parent</groupId>
         <artifactId>springboot-parent</artifactId>
-        <version>0.7.2</version>
+        <version>0.8.0</version>
     </parent>
 
     <artifactId>springboot-util</artifactId>
@@ -37,6 +37,14 @@
             <artifactId>fastjson</artifactId>
             <version>1.2.78</version>
         </dependency>
+
+        <!--   加解密     -->
+        <dependency>
+            <groupId>org.bouncycastle</groupId>
+            <artifactId>bcprov-jdk15to18</artifactId>
+            <version>1.68</version>
+        </dependency>
+
     </dependencies>
 
 </project>

springboot-util/src/main/java/com/tiesheng/util/PasswordUtils.java

@@ -1,44 +0,0 @@
-package com.tiesheng.util;
-
-import cn.hutool.core.util.RandomUtil;
-import cn.hutool.core.util.StrUtil;
-import cn.hutool.crypto.SecureUtil;
-import com.tiesheng.util.exception.ApiException;
-
-public class PasswordUtils {
-
-    private static final int PREFIX_SIZE = 8;
-
-
-    /**
-     * 获取加密密码
-     *
-     * @param password
-     * @return
-     */
-    public static String buildPassword(String password) {
-        String prefix = RandomUtil.randomString(PREFIX_SIZE);
-        return prefix + SecureUtil.sha1(password);
-    }
-
-
-    /**
-     * 验证密码
-     *
-     * @param userInput
-     * @param encrypted
-     * @return
-     */
-    public static void verifyPassword(String userInput, String encrypted) {
-        String userEncrypted = buildPassword(userInput);
-
-        userEncrypted = StrUtil.subSuf(userEncrypted, PREFIX_SIZE);
-        encrypted = StrUtil.subSuf(encrypted, PREFIX_SIZE);
-
-        if (!StrUtil.equals(userEncrypted, encrypted)) {
-            throw new ApiException("账号或密码错误");
-        }
-    }
-
-
-}

springboot-util/src/main/java/com/tiesheng/util/ServletKit.java

@@ -20,5 +20,14 @@ public class ServletKit extends ServletUtil {
         return attributes.getRequest();
     }
 
+    /**
+     * 获取客户端IP
+     *
+     * @return
+     */
+    public static String getClientIP() {
+        return getClientIP(getRequest());
+    }
+
 
 }

springboot-util/src/main/java/com/tiesheng/util/config/EncryptConfig.java

@@ -0,0 +1,136 @@
+package com.tiesheng.util.config;
+
+import cn.hutool.core.codec.Base64;
+import cn.hutool.core.util.NumberUtil;
+import cn.hutool.core.util.RandomUtil;
+import cn.hutool.core.util.StrUtil;
+import cn.hutool.crypto.SecureUtil;
+import cn.hutool.crypto.SmUtil;
+import cn.hutool.crypto.symmetric.SM4;
+import com.tiesheng.util.ServletKit;
+import com.tiesheng.util.TimedCacheHelper;
+import com.tiesheng.util.exception.ApiException;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.context.annotation.Configuration;
+
+/**
+ * @author hao
+ */
+@Configuration
+@ConfigurationProperties(prefix = "tiesheng.encrypt")
+public class EncryptConfig {
+
+    /**
+     * 加解密对象
+     */
+    private final SM4 sm4;
+
+    /**
+     * 加密密钥
+     */
+    private String key = "WmdUzPJXbngVNiaSsQrihg==";
+    private Integer saltSize = 8;
+
+    public EncryptConfig() {
+        sm4 = SmUtil.sm4(Base64.decode(getKey()));
+    }
+
+    /**
+     * 加密
+     *
+     * @param content
+     * @return
+     */
+    public String encrypt(String content) {
+        if (StrUtil.isEmpty(content)) {
+            return "";
+        }
+        return sm4.encryptBase64(content);
+    }
+
+
+    /**
+     * 解密
+     *
+     * @param base64
+     * @return
+     */
+    public String decrypt(String base64) {
+        try {
+            return sm4.decryptStr(base64);
+        } catch (Exception ignore) {
+        }
+        return base64;
+    }
+
+
+    /**
+     * 创建密码
+     *
+     * @param inputPasswd
+     * @param salt        盐，不存将自动生成
+     * @return
+     */
+    public String passwdCreate(String inputPasswd, String salt) {
+        if (StrUtil.isEmpty(salt)) {
+            salt = RandomUtil.randomString(saltSize);
+        }
+        if (!passwdComplexity(inputPasswd)) {
+            throw new ApiException("需要包含数字、大小写字母、特殊符号，且长度不低于8位");
+        }
+        return encrypt(salt + SecureUtil.sha1(salt + inputPasswd));
+    }
+
+
+    /**
+     * 复杂度校验
+     *
+     * @param inputPasswd
+     * @return
+     */
+    public boolean passwdComplexity(String inputPasswd) {
+        String password = "^(?![A-Za-z0-9]+$)(?![a-z0-9\\W]+$)(?![A-Za-z\\W]+$)(?![A-Z0-9\\W]+$)[a-zA-Z0-9\\W]{8,}$";
+        return inputPasswd.matches(password);
+    }
+
+
+    /**
+     * 密码校验
+     *
+     * @param inputPasswd
+     */
+    public void passwdVerify(String inputPasswd, String encrypted) {
+        String salt = decrypt(encrypted).substring(0, saltSize);
+        String inputEncrypted = passwdCreate(inputPasswd, salt);
+        if (!StrUtil.equals(inputEncrypted, encrypted)) {
+            String clientIp = ServletKit.getClientIP();
+            int num = NumberUtil.parseInt(TimedCacheHelper.getTimedCache().get(clientIp, false));
+            if (num > 5) {
+                throw new ApiException("登录失败已达6次，请10分钟后再试");
+            }
+            TimedCacheHelper.getTimedCache().put(clientIp, String.valueOf(num + 1), 10 * 60 * 1000);
+            throw new ApiException("账号或密码错误");
+        }
+    }
+
+
+    ///////////////////////////////////////////////////////////////////////////
+    // setter\getter
+    ///////////////////////////////////////////////////////////////////////////
+
+    public String getKey() {
+        return key;
+    }
+
+    public void setKey(String key) {
+        this.key = key;
+    }
+
+    public Integer getSaltSize() {
+        return saltSize;
+    }
+
+    public void setSaltSize(Integer saltSize) {
+        this.saltSize = saltSize;
+    }
+}

springboot-web/pom.xml

@@ -6,7 +6,7 @@
     <parent>
         <groupId>com.tiesheng.springboot-parent</groupId>
         <artifactId>springboot-parent</artifactId>
-        <version>0.7.2</version>
+        <version>0.8.0</version>
     </parent>
 
     <artifactId>springboot-web</artifactId>
@@ -87,6 +87,11 @@
             <artifactId>springboot-message</artifactId>
         </dependency>
 
+        <dependency>
+            <groupId>com.tiesheng.springboot-parent</groupId>
+            <artifactId>springboot-encrypt</artifactId>
+        </dependency>
+
     </dependencies>
 
 </project>

springboot-web/src/main/java/com/tiesheng/core/config/operation/OperationAspect.java

@@ -5,6 +5,7 @@ import cn.hutool.core.map.MapUtil;
 import cn.hutool.core.util.StrUtil;
 import com.tiesheng.annotation.operation.OperationLog;
 import com.tiesheng.core.service.CoreLogService;
+import com.tiesheng.util.ServletKit;
 import org.aspectj.lang.ProceedingJoinPoint;
 import org.aspectj.lang.annotation.Around;
 import org.aspectj.lang.annotation.Aspect;
@@ -13,6 +14,7 @@ import org.aspectj.lang.reflect.MethodSignature;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 
+import javax.servlet.http.HttpServletRequest;
 import java.lang.reflect.Method;
 import java.util.HashMap;
 import java.util.Map;
@@ -35,7 +37,7 @@ public class OperationAspect {
     CoreLogService coreLogService;
 
 
-    @Pointcut("@annotation(com.tiesheng.annotation.operation.OperationLog)")
+    @Pointcut("execution(* com..controller..*.*(..))")
     public void methodArgs() {
 
     }
@@ -48,11 +50,24 @@ public class OperationAspect {
      */
     @Around("methodArgs()")
     public Object around(ProceedingJoinPoint joinPoint) throws Throwable {
+
+        // GET请求不处理
+        HttpServletRequest request = ServletKit.getRequest();
+        if (StrUtil.equalsIgnoreCase(request.getMethod(), "GET")) {
+            return joinPoint.proceed(joinPoint.getArgs());
+        }
+
+        String title = "", subject = "";
+        String insertKey = "";
+
         MethodSignature signature = (MethodSignature) joinPoint.getSignature();
         Method method = signature.getMethod();
         OperationLog operationLog = method.getAnnotation(OperationLog.class);
-        String subject = operationLog.subject();
+        if (operationLog != null) {
-        String insertKey = operationLog.insertKey();
+            title = operationLog.title();
+            subject = operationLog.subject();
+            insertKey = operationLog.insertKey();
+        }
 
         Object reqObj = null;
         Map<String, Object> allParams = new HashMap<>(16);
@@ -65,7 +80,6 @@ public class OperationAspect {
         allParams.putAll(BeanUtil.beanToMap(response));
 
         if (!StrUtil.isEmpty(subject)) {
-
             // 添加、编辑关键字处理
             if (!StrUtil.isEmpty(insertKey)) {
                 String insertVal = MapUtil.getStr(allParams, insertKey);
@@ -74,9 +88,12 @@ public class OperationAspect {
 
             // 占位符处理
             subject = StrUtil.format(subject, allParams);
+        } else {
+            title = method.getName();
+            subject = ServletKit.getRequest().getRequestURI();
         }
 
-        coreLogService.addOperationLog(operationLog.title(), subject, reqObj);
+        coreLogService.addOperationLog(title, subject, reqObj);
 
         return response;
     }

springboot-web/src/main/java/com/tiesheng/core/service/CoreLogService.java

@@ -1,6 +1,7 @@
 package com.tiesheng.core.service;
 
 import cn.hutool.core.bean.BeanUtil;
+import cn.hutool.core.util.StrUtil;
 import cn.hutool.extra.servlet.ServletUtil;
 import cn.hutool.json.JSONUtil;
 import com.tiesheng.core.mapper.CoreLogLoginMapper;
@@ -54,8 +55,13 @@ public class CoreLogService extends TsServiceBase<CoreLogOperationMapper, CoreLo
      * 添加操作日志
      */
     public void addOperationLog(String title, String subject, Object params) {
+        TokenBean tokenBean = TsTokenConfig.getWithoutThr();
+        if (tokenBean == null || StrUtil.isEmpty(tokenBean.getId())) {
+            return;
+        }
+
+        RequestUserInfo requestUserInfo = tieshengWebConfigurer.getCurrentUserName(tokenBean);
         CoreLogOperation operation = new CoreLogOperation();
-        RequestUserInfo requestUserInfo = tieshengWebConfigurer.getCurrentUserName(TsTokenConfig.get());
         operation.setUserId(requestUserInfo.getId());
         operation.setUserName(requestUserInfo.getName());
         operation.setTitle(title);