密码md5加密避免明文传递

2025-09-26 20:21:19 +08:00 · 2024-06-12 16:25:00 +08:00
parent 1769a9b315
commit 271f4c2003
6 changed files with 36 additions and 25 deletions
--- a/admin/src/components/verify/Verify/VerifyPoints.vue
+++ b/admin/src/components/verify/Verify/VerifyPoints.vue
@@ -196,7 +196,7 @@ export default {
            checkPosArr.splice(0, checkPosArr.length)
            num.value = 1
            getPicture()
-            text.value = '验证失败'
+            text.value = '获取中...'
            showRefresh.value = true
        }

--- a/admin/src/utils/util.ts
+++ b/admin/src/utils/util.ts
@@ -5,16 +5,11 @@ import MD5 from 'crypto-js/md5'
 /**
 * 密码加密
 * @param {String} password 密码
- * @param {String} beforeSalt 前置盐
- * @param {String} afterSalt 后置盐
+ * @param {String} salt 后置盐
 * @returns {String} 加密后的密码
 */
-export const encryptPassword = (
-    password: string,
-    beforeSalt = 'opuoaqwehjkyuisdf',
-    afterSalt = 'asdjioewurtjfgiopu'
-): string => {
-    return MD5(beforeSalt + MD5(password).toString() + afterSalt).toString()
+export const encryptPassword = (password: string, salt = 'asdjioewurtjfgiopu'): string => {
+    return MD5(MD5(password).toString() + salt).toString()
 }
 /**
 * @description 添加单位
--- a/admin/src/views/account/login.vue
+++ b/admin/src/views/account/login.vue
@@ -111,7 +111,7 @@ import cache from '@/utils/cache'
 import { ACCOUNT_KEY } from '@/enums/cacheEnums'
 import { PageEnum } from '@/enums/pageEnum'
 import { useLockFn } from '@/hooks/useLockFn'
-
+import { encryptPassword } from '@/utils/util'
 import Verify from '@/components/verify/Verify.vue'

 // const verifyRef = ref(null)
@@ -157,14 +157,22 @@ const rules = {

 // 登录处理
 const handleLogin = async (captchaInfo) => {
-    console.log('captchaInfo', captchaInfo, { ...formData, ...captchaInfo })
+    console.log('captchaInfo', {
+        username: formData.username,
+        password: encryptPassword(formData.password),
+        ...captchaInfo
+    })

    await formRef.value?.validate()
    // 记住账号，缓存
    cache.set(ACCOUNT_KEY, {
        username: formData.username
    })
-    await userStore.login({ ...formData, ...verifyInfo })
+    await userStore.login({
+        username: formData.username,
+        password: encryptPassword(formData.password),
+        ...verifyInfo
+    })
    const {
        query: { redirect }
    } = route
--- a/admin/src/views/user/setting.vue
+++ b/admin/src/views/user/setting.vue
@@ -81,6 +81,7 @@
 import { setUserInfo } from '@/api/user'
 import useUserStore from '@/stores/modules/user'
 import feedback from '@/utils/feedback'
+import { encryptPassword } from '@/utils/util'
 import type { FormInstance } from 'element-plus'
 defineOptions({
    name: 'userSetting'
@@ -160,7 +161,19 @@ const getUser = async () => {

 // 设置个人设置
 const setUser = async () => {
-    await setUserInfo(formData)
+    const info = {
+        avatar: formData.avatar,
+        nickname: formData.nickname,
+        password: '',
+        currPassword: ''
+    }
+    if (formData.password) {
+        info.password = encryptPassword(formData.password)
+    }
+    if (formData.currPassword) {
+        info.currPassword = encryptPassword(formData.currPassword)
+    }
+    await setUserInfo(info)
    feedback.msgSuccess('保存成功')
    userStore.getUserInfo()
 }
--- a/server/admin/system/admin/service.go
+++ b/server/admin/system/admin/service.go
@@ -316,8 +316,8 @@ func (adminSrv systemAuthAdminService) Edit(c *gin.Context, editReq SystemAuthAd
 	}
 	if editReq.Password != "" {
 		passwdLen := len(editReq.Password)
-		if !(passwdLen >= 6 && passwdLen <= 20) {
-			return response.Failed.Make("密码必须在6~20位")
+		if passwdLen != 32 {
+			return response.Failed.Make("密码格式不正确")
 		}
 		salt := util.ToolsUtil.RandomString(5)
 		adminMap["Salt"] = salt
@@ -376,8 +376,8 @@ func (adminSrv systemAuthAdminService) Update(c *gin.Context, updateReq SystemAu
 			return response.Failed.Make("当前密码不正确!")
 		}
 		passwdLen := len(updateReq.Password)
-		if !(passwdLen >= 6 && passwdLen <= 20) {
-			return response.Failed.Make("密码必须在6~20位")
+		if passwdLen != 32 {
+			return response.Failed.Make("新密码格式不正确")
 		}
 		salt := util.ToolsUtil.RandomString(5)
 		adminMap["Salt"] = salt
--- a/x_admin_app/utils/utils.ts
+++ b/x_admin_app/utils/utils.ts
@@ -4,16 +4,11 @@ import MD5 from 'crypto-js/md5'
 /**
 * 密码加密
 * @param {String} password 密码
- * @param {String} beforeSalt 前置盐
- * @param {String} afterSalt 后置盐
+ * @param {String} salt 后置盐
 * @returns {String} 加密后的密码
 */
-export const encryptPassword = (
-    password: string,
-    beforeSalt = 'opuoaqwehjkyuisdf',
-    afterSalt = 'asdjioewurtjfgiopu'
-): string => {
-	return MD5(beforeSalt + MD5(password).toString() + afterSalt).toString()
+export const encryptPassword = (password: string, salt = 'asdjioewurtjfgiopu'): string => {
+    return MD5(MD5(password).toString() + salt).toString()
 }

 /**