|
|
@@ -1,10 +1,14 @@
|
|
|
-using Hotline.Application.Identity;
|
|
|
+using System.Security.Cryptography;
|
|
|
+using System.Text;
|
|
|
+using Hotline.Application.Identity;
|
|
|
using Hotline.Caches;
|
|
|
using Hotline.Settings;
|
|
|
using Hotline.Share.Dtos.Identity;
|
|
|
using Microsoft.AspNetCore.Authorization;
|
|
|
using Microsoft.AspNetCore.Mvc;
|
|
|
+using XC.RSAUtil;
|
|
|
using XF.Domain.Constants;
|
|
|
+using XF.Domain.Exceptions;
|
|
|
|
|
|
namespace Hotline.Api.Controllers;
|
|
|
|
|
|
@@ -12,11 +16,47 @@ public class IdentityController : BaseController
|
|
|
{
|
|
|
private readonly IIdentityAppService _identityAppService;
|
|
|
private readonly ISystemSettingCacheManager _systemSettingCacheManager;
|
|
|
-
|
|
|
+ private const string PublicKey = @"-----BEGIN PUBLIC KEY-----
|
|
|
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgw+/x6IQPkH0A4eoF63j
|
|
|
+kLThsOXWyNBdcL9LATGy/G1yTHOr1RyKJB//iNug+V8DIoIHuFTlhgLHDbSqxvRW
|
|
|
+MONxIIF289riS6bDI4Ox/pFmOfmElFRk0lKGihaTE2Aefd6g/N+RfLLaHWztY+/v
|
|
|
+oVeDTiOIw9y3tokIxjKwuJ/mQ66MkKh78AqQjjSD/3jcBP8ZhMyCJOK9XQcqvhD6
|
|
|
+WBFWkxlAqKOWggDU7YohfrbNkg3bd0oGE6zCE2EHhkcQbzGCh3lu1zf4TfKMXD+P
|
|
|
+Prr5JWDNYQTXFQklqgae+Puge7xxZGYRoi5YpIUnkQGm6zpPxhIOdxlz+Yb5geSJ
|
|
|
+UQIDAQAB
|
|
|
+-----END PUBLIC KEY-----";
|
|
|
+ private const string PrivateKey = @"-----BEGIN RSA PRIVATE KEY-----
|
|
|
+MIIEowIBAAKCAQEAgw+/x6IQPkH0A4eoF63jkLThsOXWyNBdcL9LATGy/G1yTHOr
|
|
|
+1RyKJB//iNug+V8DIoIHuFTlhgLHDbSqxvRWMONxIIF289riS6bDI4Ox/pFmOfmE
|
|
|
+lFRk0lKGihaTE2Aefd6g/N+RfLLaHWztY+/voVeDTiOIw9y3tokIxjKwuJ/mQ66M
|
|
|
+kKh78AqQjjSD/3jcBP8ZhMyCJOK9XQcqvhD6WBFWkxlAqKOWggDU7YohfrbNkg3b
|
|
|
+d0oGE6zCE2EHhkcQbzGCh3lu1zf4TfKMXD+PPrr5JWDNYQTXFQklqgae+Puge7xx
|
|
|
+ZGYRoi5YpIUnkQGm6zpPxhIOdxlz+Yb5geSJUQIDAQABAoIBAAe+312BKUbsp0BV
|
|
|
+fOyCqoTLqTJHBcBneWY86pte9bjaZQYPU1PsdF452o8a38gXwpErBcwcjwCyWv48
|
|
|
+iQKUv8qdiSWGe+Jh3hGM1lKGfsyl3i3wnlJqgcI2U1zc2a4BoREHnmm4yBnfs2lI
|
|
|
+HegpRCG7u3cGPZfJtxJyxdHPfsc3wk8sXt+Byqkuym87l0a8wEF7b33f2hP2R7m/
|
|
|
+37qYvTaGX3yN4s1rssQ3wBEfHEsesQmrQrEkRIUnWfgpkH3FdR5T1V4USC6GhM6x
|
|
|
+sIxqwBBYLL2LhVcNEifegqHtLZOw0VfUfpvoKnH5omSjUP5X+c8dmY9KPoKGpYFT
|
|
|
+l09fiRMCgYEAwSAmJr8G/xOCPtkRZ9qpxOwAeqA9iEhB3ViIydESrYMZGUaIKAWV
|
|
|
+ofOuDIdaMgW/2hyQtJasAnlX87Za7iODcBAMMAPSNiLEXk9nHWO+Xw/oMakgS5Dg
|
|
|
+uE2J02Bn4KFTCGALtfo70A40kkikkR2UdD4RG6j+DgI2JxxrCgaKiIMCgYEArbrv
|
|
|
+cvJs62LlvOFdVCY3mWEJkoBbStHGq2GdtZ5Rx9oNqiy3j/xT7Wav061OPCaC2rcd
|
|
|
+ALEH7AA3JJtAMr6QRv3HYyd2NIrlqS6pn4tInIpqlarrnVkkOk0WhsWVkScQJyx6
|
|
|
+eLKQ24zEF3wHslrRpHcclCWjtQ52TmWOuUvy9psCgYAWw6BbntbHSFho6hNIJ5kt
|
|
|
+Uhg4XB0ErGe/HIl7KH7IHxTdStgPx6C8p0mTxnyWOuFDZ2yTLNN3sy/v1UXgniUH
|
|
|
+F40oN7sWkICPEVL5PuGYuPpIqEPbRGeIsfMWDF4SN1HfQdr/h1B3lMUTnSZwyIjQ
|
|
|
+LuS7Wu8fXZlegNYJJ3462wKBgE5TSF9vktGw/djhVj15GXoKONGXExGxcDuWQA9A
|
|
|
++Kf81EpT7NJ6tbADquPpb6tIxZgsFGRabDLnifT0FcaLCesnwXwfr3hS4uYaxpjK
|
|
|
+qAsDkLg3nhCLvvyWAsDyVdNiZDL1J6ZBA3Qoi8P2xFWSApB+ryDPs3YOtiH0QZui
|
|
|
+9UBfAoGBAIQ2uv4J7ql++EpNNtLzOhTEpyjWS+qRSZRRXfKN2lm7e7czOsSpKIJx
|
|
|
+Q9PP8NTEmKqdI3WVFYqW/OlOFC6sjiscTOOn9Tc5Mrcn8ocCjAPjkhkCCVRMiJnv
|
|
|
+jxrWXHbT1FB6DqkdOnBbQqS1Azqz5HxLlSyEK3F60e3SgB5iZsDZ
|
|
|
+-----END RSA PRIVATE KEY-----";
|
|
|
+
|
|
|
public IdentityController(IIdentityAppService identityAppService, ISystemSettingCacheManager systemSettingCacheManager)
|
|
|
{
|
|
|
_identityAppService = identityAppService;
|
|
|
- _systemSettingCacheManager = systemSettingCacheManager;
|
|
|
+ _systemSettingCacheManager = systemSettingCacheManager;
|
|
|
}
|
|
|
|
|
|
/// <summary>
|
|
|
@@ -28,6 +68,7 @@ public class IdentityController : BaseController
|
|
|
[HttpPost("login")]
|
|
|
public async Task<string> Login([FromBody] LoginDto dto)
|
|
|
{
|
|
|
+ dto = Decrypt(dto);
|
|
|
return await _identityAppService.LoginAsync(dto, HttpContext.RequestAborted);
|
|
|
}
|
|
|
|
|
|
@@ -42,7 +83,24 @@ public class IdentityController : BaseController
|
|
|
var SysName = _systemSettingCacheManager.GetSetting(SettingConstants.SysName).SettingValue;
|
|
|
var LoginImage = _systemSettingCacheManager.GetSetting(SettingConstants.LoginImage).SettingValue;
|
|
|
|
|
|
- return new LoginPageInfoDto() { SysName = SysName, LoginImage= LoginImage };
|
|
|
+ return new LoginPageInfoDto() { SysName = SysName, LoginImage = LoginImage };
|
|
|
}
|
|
|
|
|
|
+ private LoginDto Decrypt(LoginDto dto)
|
|
|
+ {
|
|
|
+ if (string.IsNullOrEmpty(dto.UserName) || string.IsNullOrEmpty(dto.Password))
|
|
|
+ throw UserFriendlyException.SameMessage("非法参数");
|
|
|
+
|
|
|
+ var pkcs1 = new RsaPkcs1Util(Encoding.UTF8, PublicKey, PrivateKey);
|
|
|
+ try
|
|
|
+ {
|
|
|
+ var uname = pkcs1.Decrypt(dto.UserName, RSAEncryptionPadding.Pkcs1);
|
|
|
+ var pwd = pkcs1.Decrypt(dto.Password, RSAEncryptionPadding.Pkcs1);
|
|
|
+ return new LoginDto { UserName = uname, Password = pwd };
|
|
|
+ }
|
|
|
+ catch (Exception e)
|
|
|
+ {
|
|
|
+ throw new UserFriendlyException($"解密失败:{e.Message}", "无效参数");
|
|
|
+ }
|
|
|
+ }
|
|
|
}
|
xf