Переглянути джерело

防止修改密码时明文传输

FunCoder 2 роки тому
батько
коміт
18bb93ca0d

+ 2 - 2
Admin.NET/Admin.NET.Core/Service/User/Dto/UserInput.cs

@@ -112,8 +112,8 @@ public class ChangePwdInput
     /// <summary>
     /// 新密码
     /// </summary>
-    [Required(ErrorMessage = "新密码不能为空")]
-    [StringLength(20, MinimumLength = 5, ErrorMessage = "密码需要大于5个字符")]
+    [Required(ErrorMessage = "新密码不能为空"), MinLength(5, ErrorMessage = "密码需要大于5个字符")]
+    //[StringLength(20, MinimumLength = 5, ErrorMessage = "密码需要大于5个字符")]
     public string PasswordNew { get; set; }
 }
 

+ 4 - 0
Admin.NET/Admin.NET.Core/Service/User/SysUserService.cs

@@ -255,6 +255,10 @@ public class SysUserService : IDynamicApiController, ITransient
     [DisplayName("修改用户密码")]
     public virtual async Task<int> ChangePwd(ChangePwdInput input)
     {
+        // 国密SM2解密(前端密码传输SM2加密后的)
+        input.PasswordOld = CryptogramUtil.SM2Decrypt(input.PasswordOld);
+        input.PasswordNew = CryptogramUtil.SM2Decrypt(input.PasswordNew);
+        //
         var user = await _sysUserRep.GetFirstAsync(u => u.Id == _userManager.UserId) ?? throw Oops.Oh(ErrorCodeEnum.D0009);
         if (CryptogramUtil.CryptoType == CryptogramEnum.MD5.ToString())
         {

+ 8 - 2
Web/src/views/system/user/component/userCenter.vue

@@ -169,7 +169,7 @@ import { base64ToFile } from '/@/utils/base64Conver';
 import OrgTree from '/@/views/system/user/component/orgTree.vue';
 import CropperDialog from '/@/components/cropper/index.vue';
 import VueGridLayout from 'vue-grid-layout';
-
+import { sm2 } from 'sm-crypto-v2';
 import { clearAccessTokens, getAPI } from '/@/utils/axios-utils';
 import { SysFileApi, SysUserApi } from '/@/api-services/api';
 import { ChangePwdInput, SysUser, SysFile } from '/@/api-services/models';
@@ -290,7 +290,13 @@ const resetPassword = () => {
 const submitPassword = () => {
 	ruleFormPasswordRef.value?.validate(async (valid: boolean) => {
 		if (!valid) return;
-		await getAPI(SysUserApi).apiSysUserChangePwdPost(state.ruleFormPassword);
+		// SM2加密密码
+		const cpwd:ChangePwdInput={passwordOld:'',passwordNew:''};
+		const publicKey = `0484C7466D950E120E5ECE5DD85D0C90EAA85081A3A2BD7C57AE6DC822EFCCBD66620C67B0103FC8DD280E36C3B282977B722AAEC3C56518EDCEBAFB72C5A05312`;
+		cpwd.passwordOld = sm2.doEncrypt(state.ruleFormPassword.passwordOld, publicKey, 1);
+		cpwd.passwordNew = sm2.doEncrypt(state.ruleFormPassword.passwordNew, publicKey, 1);
+		//
+		await getAPI(SysUserApi).apiSysUserChangePwdPost(cpwd);
 		// 退出系统
 		ElMessageBox.confirm('密码已修改,是否重新登录系统?', '提示', {
 			confirmButtonText: '确定',