优化AppSecret生成规则: 不使用key作为加密字符串,防止被破解

d8313c69 · hweeeeeei · 4233f56a · d8313c69 · d8313c69
Commit d8313c69 authored Jan 10, 2022 by hweeeeeei
Show whitespace changes
Inline Side-by-side

Showing with 13 additions and 10 deletions

bootstrap/src/test/java/io/geekidea/springbootplus/test/ImApplicationTest.java
+4 -4

core/src/main/java/com/wecloud/im/ws/utils/KeyGenerator.java
+9 -6

No files found.
--- a/bootstrap/src/test/java/io/geekidea/springbootplus/test/ImApplicationTest.java
+++ b/bootstrap/src/test/java/io/geekidea/springbootplus/test/ImApplicationTest.java
@@ -27,8 +27,8 @@ public class ImApplicationTest {
    private ImApplicationService imApplicationService;

    public static void main(String[] args) {
-        String appKey = KeyGenerator.getAppKey();  //定义变量接收
-        String appSecret = KeyGenerator.getAppSecret(appKey);
+        String appKey = KeyGenerator.getRandomString();  //定义变量接收
+        String appSecret = KeyGenerator.getAppSecret();

        int i = 1;
    }
@@ -42,10 +42,10 @@ public class ImApplicationTest {

    private void addDb( int i) {
        // 生成AppKey
-        String appKey = KeyGenerator.getAppKey();  //定义变量接收
+        String appKey = KeyGenerator.getRandomString();  //定义变量接收

        // 生成appSecret
-        String appSecret = KeyGenerator.getAppSecret(appKey);
+        String appSecret = KeyGenerator.getAppSecret();

        ImApplication imApplication = new ImApplication();
        imApplication.setCreateTime(new Date());

--- a/core/src/main/java/com/wecloud/im/ws/utils/KeyGenerator.java
+++ b/core/src/main/java/com/wecloud/im/ws/utils/KeyGenerator.java
@@ -12,8 +12,10 @@ public class KeyGenerator {
            "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V",
            "W", "X", "Y", "Z"};

-    //生成8位appKey
-    public static String getAppKey() {
+    /*
+     * 生成随机字符串
+     */
+    public static String getRandomString() {
        StringBuffer shortBuffer = new StringBuffer();
        //获取用户id进行字符串截取
        String uuid = UUID.randomUUID().toString().replace("-", "");
@@ -25,15 +27,16 @@ public class KeyGenerator {
        return shortBuffer.toString();

 //        return UUID.randomUUID().toString().replace("-", "");
-
    }

-    //生成32位appSecret
-    public static String getAppSecret(String appId) {
+    /*
+     *生成32位appSecret
+     */
+    public static String getAppSecret() {
        String encryoAppSecret = "";
        try {
            EncrypDES des1 = new EncrypDES();// 使用默认密钥
-            encryoAppSecret = des1.encrypt(appId);
+            encryoAppSecret = des1.encrypt(KeyGenerator.getRandomString());
        } catch (Exception e) {
            e.printStackTrace();
        }