logo 范 · 拾光录
网址收集 关于作者 Github Gitee
杂文随笔5
Hexo博客:基础使用Hexo博客:Next主题Hexo博客:Next进阶使用Hexo博客:Next高级配置基于Node的WIKI管理
前端知识16
HTML常用知识CSS常用知识CSS美化checkbox复选框JavaScript常用知识JavaScript格式化时间戳JavaScript窗口宽高处理JavaScript黑夜主题切换实现方案JavaScript数字转大写简易图片查看器TypeScript基础知识Threejs基础三要素Threejs网格辅助和轨道控制器Threejs物体绘制Electron基础使用Nodejs基础知识animate.css页面动画
Vue框架19
Vite的使用及扩展Vue3父子组件Vue3使用Marked解析MarkdownMermaid图表生成库初始化页面加载动画Axios表单提交二维码解决方案NProgress加载进度条Vue3动态菜单实现Vue3使用ECharts图表Vue3处理Excel导入导出keep-alive页面缓存及setup问题Element:文件上传Element:结合Pinia实现动态菜单Element:图片上传组件Element:自定义统一弹窗组件Element:表格自定义指令控制按钮显示(鉴权)可视化大屏使用缩放适配分辨率
UniApp15
UniApp的基础使用封装网络请求工具及文件上传uni-app的开发记录微信小程序分享原生文件上传Pinia取消滚动条(兼容小程序)tabbar消息数量显示scroll-view上滑到底部加载数据状态栏高度动态设配数据共享与传递uview-plus导航栏实现背景融合Wot UIWot UI实现顶部背景图融合uni-app x
Java基础知识10
基础知识面向对象Lambda表达式常用API常用知识积累try-with-resource注解反射多线程经纬度距离计算
SpringBoot31
application配置Maven创建聚合项目全局异常处理锁机制项目启动初始化数据方式邮件功能集成原生定时任务异步集成阿里云OSS阿里OSS预签名上传基于hutool读excelJSR303WebSocketWebSocket版AI接口流式调用Smart-Doc接口文档生成器application配置信息加密雪花算法工具AOP实现请求参数脱敏思路JWT生成Token及工具类SpringBoot默认JSON与对象转换若依框架:安装使用若依框架:优化和调整文件上传若依框架:管理后台页面优化若依框架:后端接口代码优化SpringAISpringBoot实现AI接口流式调用服务启动时创建MySQL连接自建项目工程树形结构处理工具微信支付代码微信手机号登录
SpringMVC14
跨域处理拦截器RESTful风格伪前后端分离Jackson转换器调整Thymeleaf基于拦截器做权限校验AOP打印接口请求响应日志AOP打印接口请求响应耗时文件上传和回显POST请求加解密实现(AES)POST请求加解密实现(RSA+AES)参数动态校验实现方案真实IP和归属地
MyBatis8
MyBatis基本使用与配置Mapper使用相关MaBatis多数据源配置MyBatisPlus数据统计类处理方案MyBatisPlus条件查询正向工程的实现(H2)mybatis-plus-join
SpringCloud15
Netflix:微服务与搭建Netflix:服务的消费与提供Netflix:EurekaNetflix:ActuatorNetflix:RibbonNetflix:FeignNetflix:HystrixNetflix:ZuulAlibaba:简介与搭建Alibaba:Nacos注册中心Alibaba:RibbonAlibaba:OpenFeignAlibaba:Nacos配置中心Alibaba:GetewayAlibaba:Sentinel
MySQL6
MySQL基础知识MySQL多表查询与事务MySQL常用函数及解决方案MySQL视图MySQL索引安装MySQL
Redis7
Redis介绍和安装Redis配置文件Redis持久化Redis集群Redis语法基础Redis相关问题及解决方案SpringBoot集成Redis使用记录
MongoDB10
Linux安装MongoDBMongoDB基础语法MongoTemplate及SpringBoot配置MongoTemplate中Update操作MongoTemplate中聚合查询MongoTemplate日期归档示例项目使用相关知识归纳地理位置存储与距离查询MongoDB副本集与事务获取类名和属性名工具类
其他数据库1
H2数据库
Python编程6
Python基础知识Python语法yolo目标检测OpenCV的使用及树莓派平台condauv
工具集合13
IDEAMavenGradleGitNginx安装Nginx配置VSCodeJMeter压测DockerOllamaRustFSPicGoObs录制
Linux知识11
Linux常用命令Jar启动脚本VirtualBox安装CentOSVirtualBox安装Ubuntu树莓派安装及使用frp内网穿透ArchLinux:基础系统安装ArchLInux:图形化界面安装ArchLinux:常用软件ArchLinux:深度优化ArchLinux:Niri
创意设计2
Blender:入门知识UI设计基础知识
AI相关9
Claude CodeHermes AgentOpenAI基本使用OpenAI工具调用OpenAI记忆管理OpenAI推理执行OpenAI开发框架Langchainllama.cpp

前端加解密

基于axios的请求响应做拦截处理,需要安装:

import axios from "axios";
import { loadStart, loadEnd } from "../util/Load.js";
import { sysStore } from "../store/index.js";
import CryptoJS from "crypto-js";
import JSEncrypt from "jsencrypt";

const store = sysStore();

// 接口地址
let api = import.meta.env.vite_http_base_url;

// 服务端 RSA 公钥
let publicKey =
  "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3dNyA26jkX/FTmNuY+1QwcvuJThsgKRbnPB91J3uw0YdabVNQy5swyPlON2E/FnH/VKRd8tCntZFIfeeQXtBrB5kim0iG4Wnz/3n83D0aUzvdBI2LXtCdf09iVu3bzrEbFTwqWqPufgcrrhavT1K57cQNQ5ZoO/dnkyP+/AgCojPmpx2QBMtG4BpVf7Fq21y4DpeWNRehgb6fMKqbBvDe+5sivplK6bDh2/4xTA9yBlJ690DvichBSZwVeSXHpPww8BiHw9ualUHwfLtbZv+ddVDCNSOAqPONgjIUKZVKNsLq4nWu3eu71PKX/FojeU8e5Lk/st8ubSUUvb+SPNlvwIDAQAB";

// 随机生成AES密钥
let aesKey = generateAesKey();

// axios配置
const http = axios.create({
  baseURL: api,
  timeout: 1000 * 10, // 请求超时,秒
  // 携带cookie
  withCredentials: true,
  // headers: {'content-type': 'application/x-www-form-urlencoded'} // 请求数据类型 默认application/json
  headers: { "content-type": "application/json" }, // 请求数据类型 默认application/json
});

let reqRecord = {};

// 请求拦截器
http.interceptors.request.use(
  (config) => {
    loadStart();
    if (
      new Date().getTime() - reqRecord[encodeURI(config.url)] < 1000 &&
      config.url != "/sysDict/listAll"
    ) {
      // 排除菜单列表
      return Promise.reject(new Error("请勿重复请求"));
    } else {
      reqRecord[encodeURI(config.url)] = new Date().getTime();
    }
    // 如果要携带头部数据,如token,在此写,不要写在create中,create启动就会创建,需要刷新才会更新
    config.headers["token"] = store.token;

    // 加密
    if (config.method === "post") {
      // console.log('请求参数:' + JSON.stringify(config.data))
      // 将 AES 密钥进行 RSA 加密
      let aesKeyEn = encryptByJavaPublicKey(aesKey);
      // 从请求头给到服务端
      config.headers["aesKey"] = aesKeyEn;
      // 请求体进行内容加密
      config.data = encryptedCom(JSON.stringify(config.data));
    }
    return config;
  },
  function (error) {
    // 请求错误的执行
    return Promise.reject(error);
  },
);

// 响应拦截器
http.interceptors.response.use(
  (response) => {
    loadEnd();
    // 解密
    if (response.config.method === "post") {
      // 响应内容进行解密
      response.data = JSON.parse(decryptedCom(response.data));
      // console.log(response.data)
    }
    if (response.status === 200) {
      return response.data;
    } else {
      ElMessage.error("服务异常");
    }
  },
  function (error) {
    loadEnd();
    if (error.toString().indexOf("请勿重复请求") > -1) {
      ElMessage.error("请勿重复请求");
    } else {
      ElMessage.error("服务异常");
    }
    return Promise.reject(error);
  },
);

/**
 * 生成随机的 AES 密钥 (Base64 格式) 24位字符
 */
function generateAesKey(keySize = 128) {
  const byteLength = keySize / 8;
  const wordArray = CryptoJS.lib.WordArray.random(byteLength);
  return wordArray.toString(CryptoJS.enc.Base64);
}

/**
 * 使用 RSA 公钥加密数据 (兼容 Java RsaUtil.encryptAesKey)
 */
function encryptByJavaPublicKey(data) {
  const encryptor = new JSEncrypt();
  let key = publicKey;
  if (!key.includes("BEGIN")) {
    key = `-----BEGIN PUBLIC KEY-----\n${publicKey}\n-----END PUBLIC KEY-----`;
  }
  encryptor.setPublicKey(key);
  const encrypted = encryptor.encrypt(data);
  if (!encrypted) {
    throw new Error("加密失败,请检查密钥长度或数据长度是否超过限制");
  }
  return encrypted;
}

/**
 * 加密Aes
 */
export const encryptedCom = (data) => {
  let key = CryptoJS.enc.Base64.parse(aesKey);
  let encrypted = CryptoJS.AES.encrypt(data, key, {
    mode: CryptoJS.mode.ECB,
    padding: CryptoJS.pad.Pkcs7,
  });
  return encrypted.ciphertext.toString(CryptoJS.enc.Base64);
};

/**
 * 解密Aes
 */
export const decryptedCom = (data) => {
  let key = CryptoJS.enc.Base64.parse(aesKey);
  let decrypted = CryptoJS.AES.decrypt(data, key, {
    mode: CryptoJS.mode.ECB,
    padding: CryptoJS.pad.Pkcs7,
  });
  return decrypted.toString(CryptoJS.enc.Utf8);
};

export default http;

后端处理

RSA加解密工具类

package com.fan.util;

import lombok.extern.slf4j.Slf4j;

import javax.crypto.Cipher;
import java.security.*;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
import java.util.HashMap;
import java.util.Map;

/**
 * 加解密
 */
@Slf4j
public class RsaUtil {

    // 定义返回结果的键名常量
    public static final String PUBLIC_KEY = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3dNyA26jkX/FTmNuY+1QwcvuJThsgKRbnPB91J3uw0YdabVNQy5swyPlON2E/FnH/VKRd8tCntZFIfeeQXtBrB5kim0iG4Wnz/3n83D0aUzvdBI2LXtCdf09iVu3bzrEbFTwqWqPufgcrrhavT1K57cQNQ5ZoO/dnkyP+/AgCojPmpx2QBMtG4BpVf7Fq21y4DpeWNRehgb6fMKqbBvDe+5sivplK6bDh2/4xTA9yBlJ690DvichBSZwVeSXHpPww8BiHw9ualUHwfLtbZv+ddVDCNSOAqPONgjIUKZVKNsLq4nWu3eu71PKX/FojeU8e5Lk/st8ubSUUvb+SPNlvwIDAQAA";
    public static final String PRIVATE_KEY = "MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDd03IDbqORf8VOY25j7VDBy+4lOGyApFuc8H3Une7DRh1ptU1DLmzDI+U43YT8Wcf9UpF3y0Ke1kUh955Be0GsHmSKbSIbhafP/efzcPRpTO90EjYte0J1/T2JW7dvOsRsVPCpao+5+ByuuFq9PUrntxA1Dlmg792eTI/78CAKiM+anHZAEy0bgGlV/sWrbXLgOl5Y1F6GBvp8wqpsG8N77myK+mUrpsOHb/jFMD3IGUnr3QO+JyEFJnBV5Jcek/DDwGIfD25qVQfB8u1tm/511UMI1I4Co842CMhQplUo2wurida7d67vU8pf8WiN5Tx7kuT+y3y5tJRS9v5I82W/AgMBAAECggEAAj4joyjYmuov/eV/3AWUateVL83zPHwgHphIqjNykrzZvUdDYbaz2M4H5w97GB+pDis28OW4MoNRRzejfPjL2cg9rslnR+BaqWRHlqy0rxl2oYJk09VKmO2Xh3tkgZZjHmlGPNN1lb7BcEhi4N9TkfL5RSzakSFiHAcDVnVZQMhk5VwGz4iKR7dtTy2CO//lR5TQ4JWcHowMq0z3aO5k6wG6Q1RX41pEJebH/JzY9H92K3ZErpRZG5p+8ejy5DJvBzrOrCPqeDe0RQPd6CKRYhH5hfWIA9yMvXJNnBEU000Qk/4PEatT+ZSDAmvSWexxdSlQ5r15at4Pa7LggKIGoQKBgQDhGlWylfZRXBl1gAZJs0tKtrBaKFKCO0RPwrg/LaJIto2dceUiPwcymJsT3VQcLxtiNE5kQIhpguaur7N4eQXwv9KR85jWRV/MQGmFroRaD4Qz0TBgT/3LzdCImZMJWUlJfHCbPk6e0zL+N8ynWCmv0o7vSnXzXJ0ahvFMvMxw8QKBgQD8RfdrDLrfgxbP5x4wH8z5Jsw3HHXX53qRA75rIQhV1b34pd54IJE7Z/FzUbVafY3V5Zic2FMwYUC0H9uoNe0wSRK1m9IApBRW0GDKa9edqY8cYQmlURF+RkfpzRAD4MQb37oCpRxflI+IB4XlPU6ubRAk+QmsKIRk8xV02NVBrwKBgEDAdo5cnPJib+Bg524j6TCgxLHqj3Fu4wOem6lw0xHfkXUM4kCrqMJhK5rXO+6vjkz9ht9HwPW49eqiGBo7lf3e8A+T5w8b/aafkLsnrGLLu9e8ARJzcCpEFgx1QNqbmH1PEoVVsv/0+OIv4urwbW1qQDuNS8iph3euAZN1a8nBAoGAL8Un9tNwR4bROQkwxDghXkSkgwMWpY2lvfQRiMO2ilpxILZ4DBNOrQsfw5CDYOFJjGlvnrOv/QdNc05dD9s2UOBldJJPD+QCHfZTfcEyER7chKkzZGSXhWvVjkZQdAuJ1yVkWb/eQZMmIsIZ7rDPR2RLnFS0Ki958ou9UmUE7O0CgYBuFYNyD/E++FeR+gLvuJ8fYE0RZfkC26uAW5gQCx8MLvwgBu1zyGkDc513fmjYw8bMvOIibyG4uhtpiz2gEWF6lGFDFpb7VV8CfKfWSth6CcOODrNefM/yg136IGQC+RTiRvGHXxIRSaSmXO7V5K91kGwj6kD69aTYE1ysM/ZrzA==";

    /**
     * 生成 RSA 密钥对
     *
     * @param keySize 密钥长度,推荐 2048 或 4096
     * @return 包含公钥和私钥的 Map,key 为 "publicKey" 和 "privateKey",value 为 Base64 编码的字符串
     * @throws NoSuchAlgorithmException 如果 RSA 算法不可用
     */
    public static Map<String, String> generateKeyPair(int keySize) throws NoSuchAlgorithmException {
        // 1. 创建 KeyPairGenerator 实例,指定算法为 RSA
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");

        // 2. 初始化,设置密钥长度 (1024, 2048, 4096 等),2048 是目前的安全标准
        keyPairGenerator.initialize(keySize);

        // 3. 生成密钥对
        KeyPair keyPair = keyPairGenerator.generateKeyPair();

        // 4. 获取公钥和私钥对象
        PublicKey publicKey = keyPair.getPublic();
        PrivateKey privateKey = keyPair.getPrivate();

        // 5. 将公钥和私钥编码为 Base64 字符串
        String publicKeyStr = Base64.getEncoder().encodeToString(publicKey.getEncoded());
        String privateKeyStr = Base64.getEncoder().encodeToString(privateKey.getEncoded());

        log.info("RSA 密钥对生成成功,长度: {} bits", keySize);

        // 6. 放入 Map 返回
        Map<String, String> keyMap = new HashMap<>(2);
        keyMap.put(PUBLIC_KEY, publicKeyStr);
        keyMap.put(PRIVATE_KEY, privateKeyStr);

        return keyMap;
    }

    /**
     * RSA加密AES密钥
     */
    public static String encryptAesKey(String aesKey, String rsaPublicKey) throws Exception {
        PublicKey publicKey = getPublicKey(rsaPublicKey);
        Cipher cipher = Cipher.getInstance("RSA");
        cipher.init(Cipher.ENCRYPT_MODE, publicKey);

        byte[] encrypted = cipher.doFinal(aesKey.getBytes());
        return Base64.getEncoder().encodeToString(encrypted);
    }

    /**
     * RSA解密AES密钥
     */
    public static String decryptAesKey(String encryptedAesKey, String rsaPrivateKey) throws Exception {
        PrivateKey privateKey = getPrivateKey(rsaPrivateKey);
        Cipher cipher = Cipher.getInstance("RSA");
        cipher.init(Cipher.DECRYPT_MODE, privateKey);

        byte[] decrypted = cipher.doFinal(Base64.getDecoder().decode(encryptedAesKey));
        return new String(decrypted);
    }

    /**
     * 获取公钥
     */
    private static PublicKey getPublicKey(String key) throws Exception {
        byte[] keyBytes = Base64.getDecoder().decode(key);
        X509EncodedKeySpec spec = new X509EncodedKeySpec(keyBytes);
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        return keyFactory.generatePublic(spec);
    }

    /**
     * 获取私钥
     */
    private static PrivateKey getPrivateKey(String key) throws Exception {
        byte[] keyBytes = Base64.getDecoder().decode(key);
        PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes);
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        return keyFactory.generatePrivate(spec);
    }

    // --- 生成密钥对 ---
    public static void main(String[] args) {
        try {
            // 生成密钥对
            Map<String, String> keys = generateKeyPair(2048);
            String pubKey = keys.get(PUBLIC_KEY);
            String priKey = keys.get(PRIVATE_KEY);
            System.out.println("公钥: " + pubKey);
            System.out.println("私钥: " + priKey);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

}

AES加解密工具类

package com.fan.util;

import lombok.extern.slf4j.Slf4j;

import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import java.nio.charset.StandardCharsets;
import java.util.Base64;

/**
 * 加解密
 */
@Slf4j
public class AesUtil {


    private static final String ALGORITHM = "AES/ECB/PKCS5Padding";

    /**
     * AES 加密
     */
    public static String encrypt(String key, String plaintext) {
        try {
            byte[] keyBytes = Base64.getDecoder().decode(key);
            SecretKeySpec keySpec = new SecretKeySpec(keyBytes, "AES");
            Cipher cipher = Cipher.getInstance(ALGORITHM);
            cipher.init(Cipher.ENCRYPT_MODE, keySpec);
            byte[] encryptedBytes = cipher.doFinal(plaintext.getBytes(StandardCharsets.UTF_8));
            return Base64.getEncoder().encodeToString(encryptedBytes);
        } catch (Exception e) {
            log.error(e.getMessage());
            return null;
        }
    }

    /**
     * AES 解密
     */
    public static String decrypt(String key, String cipherText) {
        try {
            byte[] keyBytes = Base64.getDecoder().decode(key);
            SecretKeySpec keySpec = new SecretKeySpec(keyBytes, "AES");
            byte[] cipherBytes = Base64.getDecoder().decode(cipherText);
            Cipher cipher = Cipher.getInstance(ALGORITHM);
            cipher.init(Cipher.DECRYPT_MODE, keySpec);
            byte[] decryptedBytes = cipher.doFinal(cipherBytes);
            return new String(decryptedBytes, StandardCharsets.UTF_8);
        } catch (Exception e) {
            log.error(e.getMessage());
            return null;
        }
    }

}

重写请求类

package com.fan.config;

import jakarta.servlet.ReadListener;
import jakarta.servlet.ServletInputStream;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletRequestWrapper;

import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.StringReader;

/**
 * 重写请求体,方便进行数据解密,防止读取一次后数据丢失问题
 */
public class WrapperRequest extends HttpServletRequestWrapper {

    private final String requestBody;
    HttpServletRequest req;

    public WrapperRequest(HttpServletRequest request, String requestBody) {
        super(request);
        this.requestBody = requestBody;
        this.req = request;
    }

    @Override
    public BufferedReader getReader() {
        return new BufferedReader(new StringReader(requestBody));
    }

    @Override
    public ServletInputStream getInputStream() throws IOException {
        return new ServletInputStream() {

            private final InputStream in = new ByteArrayInputStream(requestBody.getBytes(req.getCharacterEncoding()));

            @Override
            public int read() throws IOException {
                return in.read();
            }

            @Override
            public boolean isFinished() {
                return false;
            }

            @Override
            public boolean isReady() {
                return false;
            }

            @Override
            public void setReadListener(ReadListener readListener) {
            }
        };
    }

}

重写响应类

package com.fan.config;

import io.micrometer.common.lang.NonNullApi;
import jakarta.servlet.ServletOutputStream;
import jakarta.servlet.WriteListener;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpServletResponseWrapper;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStreamWriter;
import java.io.PrintWriter;

/**
 * 重写响应体,方便数据加密
 */
@NonNullApi
public class WrapperResponse extends HttpServletResponseWrapper {

    private final ByteArrayOutputStream buffer;
    private final ServletOutputStream out;
    private final PrintWriter writer;

    public WrapperResponse(HttpServletResponse resp) throws IOException {
        super(resp);
        // 真正存储数据的流
        buffer = new ByteArrayOutputStream();
        out = new WrapperOutputStream(buffer);
        writer = new PrintWriter(new OutputStreamWriter(buffer, this.getCharacterEncoding()));
    }

    @Override
    public ServletOutputStream getOutputStream() {
        return out;
    }

    @Override
    public PrintWriter getWriter() {
        return writer;
    }

    @Override
    public void flushBuffer() throws IOException {
        if (out != null) {
            out.flush();
        }
        if (writer != null) {
            writer.flush();
        }
    }

    @Override
    public void reset() {
        buffer.reset();
    }

    public byte[] getResponseData() throws IOException {
        flushBuffer();
        return buffer.toByteArray();
    }

    private static class WrapperOutputStream extends ServletOutputStream {
        private final ByteArrayOutputStream bos;

        public WrapperOutputStream(ByteArrayOutputStream stream) {
            bos = stream;
        }

        @Override
        public void write(int b) {
            bos.write(b);
        }

        @Override
        public void write(byte[] b) {
            bos.write(b, 0, b.length);
        }

        @Override
        public boolean isReady() {
            return false;
        }

        @Override
        public void setWriteListener(WriteListener writeListener) {
        }
    }

}

基于过滤器进行拦截

package com.fan.config;

import com.fan.util.AesUtil;
import com.fan.util.RsaUtil;
import jakarta.servlet.*;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import lombok.extern.slf4j.Slf4j;

import java.io.BufferedReader;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Objects;

/**
 * 响应数据过滤器
 */
@Slf4j
public class ResponseDataFilter implements Filter {

    @Override
    public void init(FilterConfig filterConfig) {
    }

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
        HttpServletRequest requests = (HttpServletRequest) request;
        String uri = requests.getRequestURI();
        // 请求方式
        String method = requests.getMethod();
        log.debug("uri: {}, method: {}, type: {}", uri, method, request.getContentType());
        // 只对POST、put请求加解密
        if ((Objects.equals("POST", method) || Objects.equals("PUT", method)) && requests.getContentType().contains("application/json")) {
            // 先判断是否已经有密钥
            Object aesKeyObj = requests.getAttribute("aesKey");
            String aesKey = "";
            if (Objects.isNull(aesKeyObj)) {
                // 密钥不存在, 则从请求头中获取,并进行解密
                try {
                    aesKey = RsaUtil.decryptAesKey(requests.getHeader("aesKey"), RsaUtil.PRIVATE_KEY);
                } catch (Exception e) {
                    throw new RuntimeException(e);
                }
                if (aesKey.length() != 24) {
                    throw new RuntimeException("密钥长度错误");
                }
            } else {
                aesKey = String.valueOf(aesKeyObj);
            }
            if (aesKey.isEmpty()) {
                throw new RuntimeException("密钥不存在");
            }
            String requestBody = getRequestBody(requests).replaceAll("\"", "");
            String requestBodyMw = AesUtil.decrypt(aesKey, requestBody);
            log.debug("请求参数: {}", requestBodyMw);
            WrapperRequest wrapRequest = new WrapperRequest((HttpServletRequest) request, requestBodyMw);
            WrapperResponse wrapResponse = new WrapperResponse((HttpServletResponse) response);
            chain.doFilter(wrapRequest, wrapResponse);
            byte[] data = wrapResponse.getResponseData();
            if (data.length == 0) {
                data = "{}".getBytes();
            }
            log.debug("返回参数:{}", new String(data, StandardCharsets.UTF_8));
            String responseBodyMw = AesUtil.encrypt(aesKey, new String(data, StandardCharsets.UTF_8));
            assert responseBodyMw != null;
            response.getOutputStream().write(responseBodyMw.getBytes());
        } else {
            chain.doFilter(request, response);
        }
    }

    @Override
    public void destroy() {
    }

    private String getRequestBody(HttpServletRequest req) {
        try {
            BufferedReader reader = req.getReader();
            StringBuilder sb = new StringBuilder();
            String line;
            while ((line = reader.readLine()) != null) {
                sb.append(line);
            }
            return sb.toString();
        } catch (IOException e) {
            log.error("请求体读取失败, {}", e.getMessage());
        }
        return "";
    }

}

注册

在启动类中注册

 @Bean
public FilterRegistrationBean requestDataFilter() {
    FilterRegistrationBean registration = new FilterRegistrationBean();
    //自己的过滤器叫什么名字就写上什么名字
    registration.setFilter(new ResponseDataFilter());
    registration.addUrlPatterns("/*");
    registration.setName("responseDataFilter");
    //过滤器的顺序,数字越小,越先执行,反之亦然
    registration.setOrder(FilterRegistrationBean.LOWEST_PRECEDENCE);
    return registration;
}
前端加解密
后端处理
RSA加解密工具类
AES加解密工具类
重写请求类
重写响应类
基于过滤器进行拦截
注册