feat: :memo: 优化授权加解密逻辑处理

app/service/admin/auth_service/auth_rule.go

@@ -7,7 +7,8 @@ import (
 	"gfast/app/model/admin/user"
 	"gfast/app/model/admin/user_post"
 	"gfast/app/service/casbin_adapter_service"
-	"gfast/library/utils"
+	"gfast/library/service"
+
 	"github.com/gogf/gf/database/gdb"
 	"github.com/gogf/gf/errors/gerror"
 	"github.com/gogf/gf/frame/g"
@@ -197,7 +198,7 @@ func DeleteRoleRule(roleId int) (err error) {
 //添加管理员操作
 func AddUser(req *user.AddUserReq) (InsertId int64, err error) {
 	//密码加密
-	req.Password = utils.EncryptCBC(gconv.String(req.Password), utils.AdminCbcPublicKey)
+	req.Password = service.EncryptData(req.Password)
 	return user.Add(req)
 }
 

app/service/admin/user_service/user.go

@@ -15,6 +15,7 @@ import (
 	"gfast/boot"
 	"gfast/library/service"
 	"gfast/library/utils"
+
 	"github.com/gogf/gf/errors/gerror"
 	"github.com/gogf/gf/frame/g"
 	"github.com/gogf/gf/net/ghttp"
@@ -46,7 +47,7 @@ func UpdatePwd(r *ghttp.Request, data *UpdatePwdReq) error {
 		return err
 	}
 
-	OldPassword := utils.EncryptCBC(gconv.String(data.OldPassword), utils.AdminCbcPublicKey)
+	OldPassword := service.EncryptData(data.OldPassword)
 
 	if OldPassword != currentUser["user_password"].(string) {
 		return errors.New("原始密码错误!")
@@ -284,7 +285,7 @@ func ChangeUserStatus(req *user.StatusReq) error {
 
 func ResetUserPwd(req *user.ResetPwdReq) error {
 	//密码加密
-	req.Password = utils.EncryptCBC(gconv.String(req.Password), utils.AdminCbcPublicKey)
+	req.Password = service.EncryptData(req.Password)
 	return user.ResetUserPwd(req)
 }
 

boot/bootAdmin.go

@@ -2,6 +2,7 @@ package boot
 
 import (
 	"gfast/library/service"
+
 	"github.com/goflyfox/gtoken/gtoken"
 	"github.com/gogf/gf/frame/g"
 )
@@ -13,6 +14,8 @@ func initAdmin() {
 	service.NotCheckAuthAdminIds = g.Cfg().GetInts("adminInfo.notCheckAuthAdminIds")
 	//后端分页长度配置
 	service.AdminPageNum = g.Cfg().GetInt("adminInfo.pageNum")
+	//后端数据加密密钥
+	service.AdminEncryptKey = g.Cfg().GetString("server.EncryptKey")
 	// 设置并启动后台gtoken处理
 	initAdminGfToken()
 }

config/config.toml

@@ -27,7 +27,8 @@
     SessionPath      = "./data/session"
     SessionMaxAge    = "24h"
     DumpRouterMap    = true
-    NameToUriType = 3
+    NameToUriType    = 3
+    EncryptKey       = "HqmP1KLMuz09Q0Bu" 
 
 
 # Redis数据库配置

library/service/adminService.go

@@ -1,20 +1,20 @@
 package service
 
 import (
-	"gfast/library/response"
 	"gfast/library/utils"
+
+	"github.com/goflyfox/gtoken/gtoken"
 	"github.com/gogf/gf/crypto/gmd5"
 	"github.com/gogf/gf/net/ghttp"
 	"github.com/gogf/gf/util/gvalid"
 )
 
 var (
-	AdminMultiLogin      bool  //是否允许后台管理员多端登陆
-	AdminPageNum         = 20  //后台分页长度
-	NotCheckAuthAdminIds []int //无需验证权限的用户id
-)
-
-//AdminLogin 后台用户登陆验证
+	AdminMultiLogin      bool   //是否允许后台管理员多端登陆
+	AdminPageNum         = 20   //后台分页长度
+	NotCheckAuthAdminIds []int  //无需验证权限的用户id
+	AdminEncryptKey      string //后台数据加密密钥
+) //AdminLogin 后台用户登陆验证
 func AdminLogin(r *ghttp.Request) (string, interface{}) {
 
 	data := r.GetFormMapStrStr()
@@ -30,13 +30,13 @@ func AdminLogin(r *ghttp.Request) (string, interface{}) {
 	}
 
 	if e := gvalid.CheckMap(data, rules, msgs); e != nil {
-		response.JsonExit(r, response.ErrorCode, e.String())
+		r.Response.WriteJsonExit(gtoken.Fail(e.String()))
 	}
 	//判断验证码是否正确
 	if !VerifyString(data["idKeyC"], data["idValueC"]) {
-		response.JsonExit(r, response.ErrorCode, "验证码输入错误")
+		r.Response.WriteJsonExit(gtoken.Fail("验证码输入错误"))
 	}
-	password := utils.EncryptCBC(data["password"], utils.AdminCbcPublicKey)
+	password := EncryptData(data["password"])
 	var keys string
 	if AdminMultiLogin {
 		keys = data["username"] + password + gmd5.MustEncryptString(utils.GetClientIp(r))
@@ -47,11 +47,11 @@ func AdminLogin(r *ghttp.Request) (string, interface{}) {
 	userAgent := r.Header.Get("User-Agent")
 	if err, user := signIn(data["username"], password, r); err != nil {
 		go loginLog(0, data["username"], ip, userAgent, err.Error(), "系统后台")
-		response.JsonExit(r, response.ErrorCode, err.Error())
+		r.Response.WriteJsonExit(gtoken.Fail(err.Error()))
 	} else {
 		//判断是否后台用户
 		if user.IsAdmin != 1 {
-			response.JsonExit(r, response.ErrorCode, "抱歉!此用户不属于后台管理员!")
+			r.Response.WriteJsonExit(gtoken.Fail("抱歉!此用户不属于后台管理员!"))
 		}
 		r.SetParam("userInfo", user)
 		go loginLog(1, data["username"], ip, userAgent, "登录成功", "系统后台")
@@ -59,3 +59,13 @@ func AdminLogin(r *ghttp.Request) (string, interface{}) {
 	}
 	return keys, nil
 }
+
+// EncryptData 数据加密方法
+func EncryptData(plainText string) string {
+	return utils.EncryptCBC(plainText, AdminEncryptKey)
+}
+
+// DecryptData 数据解密方法
+func DecryptData(plainText string) string {
+	return utils.DecryptCBC(plainText, AdminEncryptKey)
+}

library/utils/tools.go

@@ -2,6 +2,9 @@ package utils
 
 import (
 	"fmt"
+	"net"
+	"time"
+
 	"github.com/gogf/gf/crypto/gaes"
 	"github.com/gogf/gf/encoding/gbase64"
 	"github.com/gogf/gf/encoding/gcharset"
@@ -12,12 +15,8 @@ import (
 	"github.com/gogf/gf/net/ghttp"
 	"github.com/gogf/gf/os/gtime"
 	"github.com/gogf/gf/text/gstr"
-	"net"
-	"time"
 )
 
-const AdminCbcPublicKey = "HqmP1KLMuz09Q0Bu"
-
 //字符串加密
 func EncryptCBC(plainText, publicKey string) string {
 	key := []byte(publicKey)