在Javaweb项目进行后端管理员RSA加密登录验证的具体代码实现,要求使用MVC模式和ajax接口,layIU框架
时间: 2023-06-01 14:02:01 浏览: 56
首先需要在后端生成RSA密钥对,可以使用如下代码:
```java
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
keyPairGenerator.initialize(1024);
KeyPair keyPair = keyPairGenerator.generateKeyPair();
RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
```
然后将公钥传递给前端,前端使用jsencrypt库进行加密,将加密后的密码传递给后端进行验证。
具体的代码实现如下:
1. 后端Controller代码
```java
@RestController
@RequestMapping("/admin")
public class AdminController {
@Autowired
private AdminService adminService;
@GetMapping("/login")
public Result login(String username, String password, HttpServletRequest request) throws Exception {
HttpSession session = request.getSession();
Object obj = session.getAttribute("privateKey");
if (obj == null) {
// 生成RSA密钥对
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
keyPairGenerator.initialize(1024);
KeyPair keyPair = keyPairGenerator.generateKeyPair();
RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
session.setAttribute("privateKey", privateKey);
session.setAttribute("publicKey", publicKey);
// 将公钥返回给前端
return Result.success(publicKey);
} else {
// 对密码进行解密
String passwordDecrypt = RSAUtil.decrypt(password, (RSAPrivateKey) obj);
Admin admin = adminService.login(username, passwordDecrypt);
if (admin != null) {
session.setAttribute("admin", admin);
return Result.success();
} else {
return Result.fail("用户名或密码错误");
}
}
}
}
```
2. 前端代码
```html
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>管理员登录</title>
<link rel="stylesheet" href="https://cdn.bootcss.com/layui/2.5.6/css/layui.min.css">
<script src="https://cdn.bootcss.com/jquery/3.3.1/jquery.min.js"></script>
<script src="https://cdn.bootcss.com/jsencrypt/2.3.1/jsencrypt.min.js"></script>
<script src="https://cdn.bootcss.com/layui/2.5.6/layui.min.js"></script>
</head>
<body>
<div class="layui-container">
<form class="layui-form" action="">
<div class="layui-form-item">
<label class="layui-form-label">用户名</label>
<div class="layui-input-block">
<input type="text" name="username" required lay-verify="required" placeholder="请输入用户名"
autocomplete="off" class="layui-input">
</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">密码</label>
<div class="layui-input-block">
<input type="password" name="password" required lay-verify="required" placeholder="请输入密码"
autocomplete="off" class="layui-input">
</div>
</div>
<div class="layui-form-item">
<div class="layui-input-block">
<button class="layui-btn" lay-submit lay-filter="login">立即登录</button>
<button type="reset" class="layui-btn layui-btn-primary">重置</button>
</div>
</div>
</form>
</div>
<script>
layui.use(['form', 'layer'], function () {
var form = layui.form;
var layer = layui.layer;
// 获取RSA公钥
$.get('/admin/login', function (res) {
if (res.code === 0) {
var publicKey = new JSEncrypt();
publicKey.setPublicKey(res.data.publicExponent + ',' + res.data.modulus);
// 监听登录按钮
form.on('submit(login)', function (data) {
// 加密密码
var encrypt = publicKey.encrypt(data.field.password);
// 发送登录请求
$.post('/admin/login', {
username: data.field.username,
password: encrypt
}, function (res) {
if (res.code === 0) {
layer.msg('登录成功');
window.location.href = '/admin/index.html';
} else {
layer.msg(res.msg, {icon: 5});
}
});
return false;
});
} else {
layer.msg(res.msg, {icon: 5});
}
});
});
</script>
</body>
</html>
```
其中,使用了layui框架构建了登录表单,使用了jquery发送ajax请求,使用了jsencrypt库进行RSA加密。