From 808ec6b60a34e484031acbc8d0ec6f037887a352 Mon Sep 17 00:00:00 2001
From: NoahLan <6995syu@163.com>
Date: Sat, 11 May 2024 14:28:39 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20=E4=BF=AE=E5=A4=8DBCrypt=E5=8A=A0?=
=?UTF-8?q?=E5=AF=86=E7=AE=97=E6=B3=95=E5=AD=98=E5=9C=A8=E7=9A=84=E7=94=9F?=
=?UTF-8?q?=E6=88=90salt=E9=97=AE=E9=A2=98=E3=80=82?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
.../Crypt/BCrypt/BCrypt.cs | 85 ++++++++++---------
.../Entities/UserEntity.cs | 29 ++++---
2 files changed, 61 insertions(+), 53 deletions(-)
diff --git a/framework/NPin.Framework.Core/Crypt/BCrypt/BCrypt.cs b/framework/NPin.Framework.Core/Crypt/BCrypt/BCrypt.cs
index 9b682bc..c76f1d8 100644
--- a/framework/NPin.Framework.Core/Crypt/BCrypt/BCrypt.cs
+++ b/framework/NPin.Framework.Core/Crypt/BCrypt/BCrypt.cs
@@ -1,40 +1,47 @@
-using System.Security.Cryptography;
-using System.Text;
-
-namespace NPin.Framework.Core.Crypt.BCrypt;
-
-public static class BCrypt
-{
- public static byte[] Generate(string password, string salt, int cost)
- {
- var passBytes = Encoding.UTF8.GetBytes(password);
- var saltBytes = Encoding.UTF8.GetBytes(salt);
-
- return Org.BouncyCastle.Crypto.Generators.BCrypt.Generate(passBytes, saltBytes, cost);
- }
-
- public static string GenerateSalt()
- {
- var buf = new byte[16];
- using var rand = RandomNumberGenerator.Create();
- rand.GetBytes(buf);
-
- return Convert.ToBase64String(buf);
- }
-
- ///
- /// 检查密码是否正确
- /// 通过再次生成一次密码匹配
- ///
- ///
- ///
- ///
- ///
- ///
- public static bool Check(string encrypt, string password, string salt, int cost)
- {
- var passStr = Generate(password, salt, cost).ToString();
-
- return string.Equals(encrypt, passStr);
- }
+using System.Security.Cryptography;
+using System.Text;
+using BBCrypt = Org.BouncyCastle.Crypto.Generators.BCrypt;
+
+namespace NPin.Framework.Core.Crypt.BCrypt;
+
+public static class BCrypt
+{
+ public static byte[] Generate(string password, string salt, int cost = 4)
+ {
+ var passBytes = BBCrypt.PasswordToByteArray(password.ToCharArray());
+ var saltBytes = Convert.FromBase64String(salt);
+
+ return BBCrypt.Generate(passBytes, saltBytes, cost);
+ }
+
+ public static string GenerateStr(string password, string salt, int cost = 4)
+ {
+ var bytes = Generate(password, salt, cost);
+ return Convert.ToBase64String(bytes);
+ }
+
+ public static string GenerateSalt()
+ {
+ var buf = new byte[16];
+ using var rand = RandomNumberGenerator.Create();
+ rand.GetBytes(buf);
+
+ return Convert.ToBase64String(buf, 0, 16);
+ }
+
+ ///
+ /// 检查密码是否正确
+ /// 通过再次生成一次密码匹配
+ ///
+ ///
+ ///
+ ///
+ ///
+ ///
+ public static bool Check(string encrypt, string password, string salt, int cost)
+ {
+ var passStr = GenerateStr(password, salt, cost);
+
+ return string.Equals(encrypt, passStr);
+ }
}
\ No newline at end of file
diff --git a/module/upms/NPin.Framework.Upms.Domain/Entities/UserEntity.cs b/module/upms/NPin.Framework.Upms.Domain/Entities/UserEntity.cs
index d414f79..ede549f 100644
--- a/module/upms/NPin.Framework.Upms.Domain/Entities/UserEntity.cs
+++ b/module/upms/NPin.Framework.Upms.Domain/Entities/UserEntity.cs
@@ -1,4 +1,5 @@
-using NPin.Framework.Core.Crypt.BCrypt;
+using System.Text;
+using NPin.Framework.Core.Crypt.BCrypt;
using NPin.Framework.SqlSugarCore.Abstractions.Data;
using NPin.Framework.Upms.Domain.Entities.ValueObjects;
using NPin.Framework.Upms.Domain.Shared.Enums;
@@ -28,8 +29,8 @@ public class UserEntity : Entity, ISoftDelete, IAuditedObject, IEnabled, I
[SugarColumn(ColumnDescription = "昵称")]
public string? Nickname { get; set; }
- [SugarColumn(ColumnDescription = "密码", IsOwnsOne = true)]
- public EncryptPasswordValueObject? EncryptPassword { get; set; } = new EncryptPasswordValueObject();
+ [SugarColumn(IsOwnsOne = true)]
+ public EncryptPasswordValueObject EncryptPassword { get; set; } = new();
[SugarColumn(ColumnDescription = "简介")]
public string? Introduction { get; set; }
@@ -50,12 +51,12 @@ public class UserEntity : Entity, ISoftDelete, IAuditedObject, IEnabled, I
///
/// 逻辑删除
///
- public bool IsDeleted { get; }
+ public bool IsDeleted { get; set; }
- public DateTime CreationTime { get; } = DateTime.Now;
- public Guid? CreatorId { get; }
- public DateTime? LastModificationTime { get; }
- public Guid? LastModifierId { get; }
+ public DateTime CreationTime { get; set; } = DateTime.Now;
+ public Guid? CreatorId { get; set; }
+ public DateTime? LastModificationTime { get; set; }
+ public Guid? LastModifierId { get; set; }
///
/// 是否启用
@@ -123,10 +124,10 @@ public class UserEntity : Entity, ISoftDelete, IAuditedObject, IEnabled, I
{
// 若传入密码无值,则使用原本Password
// 若原本Password依然无值,则抛出参数异常
- password ??= EncryptPassword?.Password ?? throw new ArgumentNullException(nameof(EncryptPassword.Password));
-
+ password ??= EncryptPassword.Password ?? throw new ArgumentNullException(nameof(EncryptPassword.Password));
+
EncryptPassword.Salt = BCrypt.GenerateSalt();
- EncryptPassword.Password = BCrypt.Generate(password, EncryptPassword.Salt, 0).ToString()!;
+ EncryptPassword.Password = BCrypt.GenerateStr(password, EncryptPassword.Salt, 10);
return this;
}
@@ -139,11 +140,11 @@ public class UserEntity : Entity, ISoftDelete, IAuditedObject, IEnabled, I
///
public bool CheckPassword(string password)
{
- if (EncryptPassword?.Salt is null)
+ if (EncryptPassword.Salt is null)
{
throw new ArgumentNullException(nameof(EncryptPassword.Salt));
}
-
- return BCrypt.Check(EncryptPassword.Password, password, EncryptPassword.Salt, 0);
+
+ return BCrypt.Check(EncryptPassword.Password, password, EncryptPassword.Salt, 10);
}
}
\ No newline at end of file