123

ruoyi-cai/src/main/java/com/ruoyi/cai/config/CaiProperties.java

@@ -11,4 +11,5 @@ public class CaiProperties {
 
     private String homeName = "蜜瓜";
     private String coinName = "紫贝";
+    private boolean enableApiEncryption = true;
 }

ruoyi-cai/src/main/java/com/ruoyi/cai/controller/UserPictureAuditController.java

@@ -1,90 +0,0 @@
-package com.ruoyi.cai.controller;
-
-import cn.dev33.satoken.annotation.SaCheckPermission;
-import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
-import com.ruoyi.cai.domain.UserPictureAudit;
-import com.ruoyi.cai.dto.admin.vo.user.UserPictureAuditAdminVo;
-import com.ruoyi.cai.service.UserPictureAuditService;
-import com.ruoyi.common.annotation.Log;
-import com.ruoyi.common.annotation.RepeatSubmit;
-import com.ruoyi.common.core.controller.BaseController;
-import com.ruoyi.common.core.domain.PageQuery;
-import com.ruoyi.common.core.domain.R;
-import com.ruoyi.common.core.page.TableDataInfo;
-import com.ruoyi.common.enums.BusinessType;
-import lombok.RequiredArgsConstructor;
-import org.springframework.validation.annotation.Validated;
-import org.springframework.web.bind.annotation.*;
-
-import javax.validation.constraints.NotEmpty;
-import javax.validation.constraints.NotNull;
-import java.util.Arrays;
-
-/**
- * 头像审核
- *
- * @author 77
- * @date 2024-02-01
- */
-@Validated
-@RequiredArgsConstructor
-@RestController
-@RequestMapping("/cai/userPictureAudit")
-public class UserPictureAuditController extends BaseController {
-
-    private final UserPictureAuditService userPictureAuditService;
-
-    /**
-     * 查询头像审核列表
-     */
-    @SaCheckPermission("cai:userPictureAudit:list")
-    @GetMapping("/list")
-    public TableDataInfo<UserPictureAuditAdminVo> list(UserPictureAuditAdminVo bo, PageQuery pageQuery) {
-        Page<UserPictureAuditAdminVo> page = userPictureAuditService.pageAdmin(pageQuery, bo);
-        return TableDataInfo.build(page);
-    }
-
-    /**
-     * 获取头像审核详细信息
-     *
-     * @param id 主键
-     */
-    @SaCheckPermission("cai:userPictureAudit:query")
-    @GetMapping("/{id}")
-    public R<UserPictureAudit> getInfo(@NotNull(message = "主键不能为空")
-                                     @PathVariable Long id) {
-        return R.ok(userPictureAuditService.getById(id));
-    }
-
-    @SaCheckPermission("cai:userPictureAudit:edit")
-    @Log(title = "头像审核通过", businessType = BusinessType.UPDATE)
-    @RepeatSubmit()
-    @PutMapping("/audit/success")
-    public R<Void> auditSuccess(@RequestBody UserPictureAudit bo) {
-        userPictureAuditService.auditSuccess(bo.getId());
-        return R.ok();
-    }
-
-    @SaCheckPermission("cai:userPictureAudit:edit")
-    @Log(title = "头像审核不通过", businessType = BusinessType.UPDATE)
-    @RepeatSubmit()
-    @PutMapping("/audit/fail")
-    public R<Void> auditFail(@RequestBody UserPictureAudit bo) {
-        userPictureAuditService.auditFail(bo.getId());
-        return R.ok();
-    }
-
-
-    /**
-     * 删除头像审核
-     *
-     * @param ids 主键串
-     */
-    @SaCheckPermission("cai:userPictureAudit:remove")
-    @Log(title = "头像审核", businessType = BusinessType.DELETE)
-    @DeleteMapping("/{ids}")
-    public R<Void> remove(@NotEmpty(message = "主键不能为空")
-                          @PathVariable Long[] ids) {
-        return toAjax(userPictureAuditService.removeBatchByIds(Arrays.asList(ids)));
-    }
-}

ruoyi-cai/src/main/java/com/ruoyi/cai/controller/VersionController.java

@@ -1,95 +0,0 @@
-package com.ruoyi.cai.controller;
-
-import cn.dev33.satoken.annotation.SaCheckPermission;
-import com.baomidou.mybatisplus.core.toolkit.Wrappers;
-import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
-import com.ruoyi.cai.domain.Version;
-import com.ruoyi.cai.service.VersionService;
-import com.ruoyi.common.annotation.Log;
-import com.ruoyi.common.annotation.RepeatSubmit;
-import com.ruoyi.common.core.controller.BaseController;
-import com.ruoyi.common.core.domain.PageQuery;
-import com.ruoyi.common.core.domain.R;
-import com.ruoyi.common.core.page.TableDataInfo;
-import com.ruoyi.common.core.validate.AddGroup;
-import com.ruoyi.common.core.validate.EditGroup;
-import com.ruoyi.common.enums.BusinessType;
-import lombok.RequiredArgsConstructor;
-import org.springframework.validation.annotation.Validated;
-import org.springframework.web.bind.annotation.*;
-
-import javax.validation.constraints.NotEmpty;
-import javax.validation.constraints.NotNull;
-import java.util.Arrays;
-
-/**
- * 版本
- *
- * @author 77
- * @date 2024-02-02
- */
-@Validated
-@RequiredArgsConstructor
-@RestController
-@RequestMapping("/cai/version")
-public class VersionController extends BaseController {
-
-    private final VersionService versionService;
-
-    /**
-     * 查询版本列表
-     */
-    @SaCheckPermission("cai:version:list")
-    @GetMapping("/list")
-    public TableDataInfo<Version> list(Version bo, PageQuery pageQuery) {
-        Page<Version> page = versionService.page(pageQuery.build(), Wrappers.lambdaQuery(bo));
-        return TableDataInfo.build(page);
-    }
-
-    /**
-     * 获取版本详细信息
-     *
-     * @param id 主键
-     */
-    @SaCheckPermission("cai:version:query")
-    @GetMapping("/{id}")
-    public R<Version> getInfo(@NotNull(message = "主键不能为空")
-                                     @PathVariable Long id) {
-        return R.ok(versionService.getById(id));
-    }
-
-    /**
-     * 新增版本
-     */
-    @SaCheckPermission("cai:version:add")
-    @Log(title = "版本", businessType = BusinessType.INSERT)
-    @RepeatSubmit()
-    @PostMapping()
-    public R<Void> add(@Validated(AddGroup.class) @RequestBody Version bo) {
-        return toAjax(versionService.save(bo));
-    }
-
-    /**
-     * 修改版本
-     */
-    @SaCheckPermission("cai:version:edit")
-    @Log(title = "版本", businessType = BusinessType.UPDATE)
-    @RepeatSubmit()
-    @PutMapping()
-    public R<Void> edit(@Validated(EditGroup.class) @RequestBody Version bo) {
-        return toAjax(versionService.updateById(bo));
-    }
-
-    /**
-     * 删除版本
-     *
-     * @param ids 主键串
-     */
-    @SaCheckPermission("cai:version:remove")
-    @Log(title = "版本", businessType = BusinessType.DELETE)
-    @DeleteMapping("/{ids}")
-    public R<Void> remove(@NotEmpty(message = "主键不能为空")
-                          @PathVariable Long[] ids) {
-        return toAjax(versionService.removeBatchByIds(Arrays.asList(ids)));
-    }
-}

ruoyi-cai/src/main/java/com/ruoyi/cai/filter/EncryptionFilter.java

@@ -0,0 +1,70 @@
+package com.ruoyi.cai.filter;
+
+import com.ruoyi.cai.config.CaiProperties;
+import com.ruoyi.cai.util.AES;
+import lombok.SneakyThrows;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+import org.springframework.util.AntPathMatcher;
+
+import javax.servlet.*;
+import javax.servlet.annotation.WebFilter;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.HashSet;
+import java.util.Set;
+
+@Component
+@Slf4j
+@WebFilter(urlPatterns = "/api/**", filterName = "encryptionFilter")
+public class EncryptionFilter implements Filter {
+    private static final Set<String> IGNORE_URL = new HashSet<>();
+    static {
+        IGNORE_URL.add("/api/ali/notify");
+        IGNORE_URL.add("/api/wx/notify");
+    }
+    private static final AntPathMatcher ANT_PATH_MATCHER = new AntPathMatcher();
+
+    private static final String KEY = "UCEfSKns45SWjHov";
+    @Autowired
+    private CaiProperties caiProperties;
+
+    @Override
+    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
+        if(!(servletRequest instanceof HttpServletRequest)){
+            filterChain.doFilter(servletRequest, servletResponse);
+            return;
+        }
+        if(!caiProperties.isEnableApiEncryption()){
+            filterChain.doFilter(servletRequest, servletResponse);
+            return;
+        }
+        HttpServletRequest request = (HttpServletRequest) servletRequest;
+        HttpServletResponse originalResponse = (HttpServletResponse) servletResponse;
+        String requestURI = request.getRequestURI();
+        for (String ignoreUrlMatch : IGNORE_URL) {
+            boolean match = ANT_PATH_MATCHER.match(ignoreUrlMatch, requestURI);
+            if(match){
+                filterChain.doFilter(servletRequest, servletResponse);
+                return;
+            }
+        }
+        ResponseWrapper responseWrapper = new ResponseWrapper((HttpServletResponse) servletResponse);
+        filterChain.doFilter(request, responseWrapper);
+        byte[] resData = responseWrapper.getContent();
+        if(resData.length > 0){
+            try {
+                byte[] encrypt = AES.encrypt(resData, KEY);
+                originalResponse.setContentLength(encrypt.length);
+                ServletOutputStream outputStream = originalResponse.getOutputStream();
+                outputStream.write(encrypt);
+                outputStream.flush();
+                outputStream.close();
+            } catch (Exception e) {
+                throw new RuntimeException(e);
+            }
+        }
+    }
+}

ruoyi-cai/src/main/java/com/ruoyi/cai/filter/ResponseWrapper.java

@@ -0,0 +1,77 @@
+package com.ruoyi.cai.filter;
+
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+
+import javax.servlet.ServletOutputStream;
+import javax.servlet.WriteListener;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpServletResponseWrapper;
+
+
+/**
+ * 返回值输出代理类
+ *
+ * @author kokJuis
+ * @Title: ResponseWrapper
+ * @Description:
+ * @date 上午9:52:11
+ */
+public class ResponseWrapper extends HttpServletResponseWrapper {
+
+    private ByteArrayOutputStream buffer;
+
+    private ServletOutputStream out;
+
+    public ResponseWrapper(HttpServletResponse httpServletResponse) {
+        super(httpServletResponse);
+        buffer = new ByteArrayOutputStream();
+        out = new WrapperOutputStream(buffer);
+    }
+
+    @Override
+    public ServletOutputStream getOutputStream()
+            throws IOException {
+        return out;
+    }
+
+    @Override
+    public void flushBuffer()
+            throws IOException {
+        if (out != null) {
+            out.flush();
+        }
+    }
+
+    public byte[] getContent()
+            throws IOException {
+        flushBuffer();
+        return buffer.toByteArray();
+    }
+
+    class WrapperOutputStream extends ServletOutputStream {
+        private ByteArrayOutputStream bos;
+
+        public WrapperOutputStream(ByteArrayOutputStream bos) {
+            this.bos = bos;
+        }
+
+        @Override
+        public void write(int b) {
+            bos.write(b);
+        }
+
+        @Override
+        public boolean isReady() {
+            return false;
+
+        }
+
+        @Override
+        public void setWriteListener(WriteListener arg0) {
+
+        }
+    }
+
+}

ruoyi-cai/src/main/java/com/ruoyi/cai/util/AES.java

@@ -8,13 +8,19 @@ import java.util.Base64;
 public class AES {
 
     public static void main(String[] args) throws Exception {
-        String jsonData ="zTmtrzE4t6jFriRIde3X+AFG9PQPSTQb5GrZcsBZySFUne3NGpRbb19LUbcKKLaRXj31TSE6nrVz3jLD7nCH+ArJzZwEgMb3hLXZPh53Xluk1Rkq/8wUMsDhAWjPRG012dhoaINUggAJwDKvKDqRgA==";
-//        String jsonData = "123";
-        String key = "K2AwvosrwtoAgOEP";
-        String encod = encrypt(jsonData, key);
+        String jsonData ="YRdHX2hqWMGguxfvSXfHzK5kuljBah5luDUo/YcmoQVKtSSAtEY2ndScZIi2dgLvjJ6noUDcIctq653wt83OCgj3P4+jgnopMps12RY1DnxHtLUd2Rnv3TCCKf+Br5+iGi9ruuq27JimqOYOjT+K8CWVESSQsoTN6knQA69s2kctSaHkmpirf4N3gJxp84BW4xi+hyayuKFe5/jva0X/Cg==";
+        String key = "UCEfSKns45SWjHov";
         System.out.println(decrypt(jsonData,key));
     }
 
+    public static byte[] encrypt(byte[] data, String key) throws Exception {
+        Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
+        SecretKeySpec secretKeySpec = new SecretKeySpec(key.getBytes(StandardCharsets.UTF_8), "AES");
+        cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec);
+        byte[] encryptedBytes = cipher.doFinal(data);
+        return Base64.getEncoder().encode(encryptedBytes);
+    }
+
     public static String encrypt(String data, String key) throws Exception {
         Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
         SecretKeySpec secretKeySpec = new SecretKeySpec(key.getBytes(StandardCharsets.UTF_8), "AES");