前端使用base64及jsencrypt加密明文传输

在项目中遇到如下需求：用户在登录时密码经常使用明文传输，在不安全的网络环境下，很容易造成密码泄露，而密码直接存储在数据库中，如果数据泄露，也会造成安全问题。

解决方法：前端给后端传输密码关键信息时，进行加密后再传输，后端解密验证，然后将密码加密后再存储到数据库中。
这里使用了base64和jsencrypt对其加密密码明文问题。如下为引用的base64.js代码内容：

//1.加密解密方法使用：//1.加密// var str = '124中文内容';// var base = new Base64();// var result = base.encode(str);// //document.write(result);// //2.解密// var result2 = base.decode(result);// document.write(result2);// //2.加密、解密算法封装：function Base64() {    // private property    var _keyStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";    // public method for encoding    this.encode = function (input) { var output = ""; var chr1, chr2, chr3, enc1, enc2, enc3, enc4; var i = 0; input = _utf8_encode(input); while (i < input.length) {     chr1 = input.charCodeAt(i++);     chr2 = input.charCodeAt(i++);     chr3 = input.charCodeAt(i++);     enc1 = chr1 >> 2;     enc2 = ((chr1 & 3) << 4) | (chr2 >> 4);     enc3 = ((chr2 & 15) << 2) | (chr3 >> 6);     enc4 = chr3 & 63;     if (isNaN(chr2)) {  enc3 = enc4 = 64;     } else if (isNaN(chr3)) {  enc4 = 64;     }     output = output +     _keyStr.charAt(enc1) + _keyStr.charAt(enc2) +     _keyStr.charAt(enc3) + _keyStr.charAt(enc4); } return output;    }    // public method for decoding    this.decode = function (input) { var output = ""; var chr1, chr2, chr3; var enc1, enc2, enc3, enc4; var i = 0; input = input.replace(/[^A-Za-z0-9\+\/\=]/g, ""); while (i < input.length) {     enc1 = _keyStr.indexOf(input.charAt(i++));     enc2 = _keyStr.indexOf(input.charAt(i++));     enc3 = _keyStr.indexOf(input.charAt(i++));     enc4 = _keyStr.indexOf(input.charAt(i++));     chr1 = (enc1 << 2) | (enc2 >> 4);     chr2 = ((enc2 & 15) << 4) | (enc3 >> 2);     chr3 = ((enc3 & 3) << 6) | enc4;     output = output + String.fromCharCode(chr1);     if (enc3 != 64) {  output = output + String.fromCharCode(chr2);     }     if (enc4 != 64) {  output = output + String.fromCharCode(chr3);     } } output = _utf8_decode(output); return output;    }    // private method for UTF-8 encoding    var _utf8_encode = function (string) { string = string.replace(/\r\n/g,"\n"); var utftext = ""; for (var n = 0; n < string.length; n++) {     var c = string.charCodeAt(n);     if (c < 128) {  utftext += String.fromCharCode(c);     } else if((c > 127) && (c < 2048)) {  utftext += String.fromCharCode((c >> 6) | 192);  utftext += String.fromCharCode((c & 63) | 128);     } else {  utftext += String.fromCharCode((c >> 12) | 224);  utftext += String.fromCharCode(((c >> 6) & 63) | 128);  utftext += String.fromCharCode((c & 63) | 128);     } } return utftext;     }    // private method for UTF-8 decoding   var  _utf8_decode = function (utftext) { var string = ""; var i = 0; var c = c1 = c2 = 0; while ( i < utftext.length ) {     c = utftext.charCodeAt(i);     if (c < 128) {  string += String.fromCharCode(c);  i++;     } else if((c > 191) && (c < 224)) {  c2 = utftext.charCodeAt(i+1);  string += String.fromCharCode(((c & 31) << 6) | (c2 & 63));  i += 2;     } else {  c2 = utftext.charCodeAt(i+1);  c3 = utftext.charCodeAt(i+2);  string += String.fromCharCode(((c & 15) << 12) | ((c2 & 63) << 6) | (c3 & 63));  i += 3;     } } return string;    }}export default Base64

jsencrypt.js代码内容如下：

import JSEncrypt from 'jsencrypt/bin/jsencrypt.min'// 密钥对生成 http://web.chacuo.net/netrsakeypair// const publicKey = 'MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKoR8mX0rGKLqzcWmOzbfj64K8ZIgOdH\n' +//   'nzkXSOVOZbFu/TJhZ7rFAN+eaGkl3C4buccQd/EjEsj9ir7ijT7h96MCAwEAAQ=='const publicKey ='MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCQe/BSGAGmket3wie4zFB2tht1CUGsUZ0ly6wWLTp1uumSKBF0n5hwdfJUNrr7uRjL8hkJYYp55h0GtgsOQ2gaiIbmyJZ5enwEQKI4QWdUDw5A8F9FmKFube0TNw4PUX9AL0tBinSMhVNq9uznF5TWHoSPZYO+pjgkXuziv7YjQIDAQAB'// const privateKey = 'MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEAqhHyZfSsYourNxaY\n' +//   '7Nt+PrgrxkiA50efORdI5U5lsW79MmFnusUA355oaSXcLhu5xxB38SMSyP2KvuKN\n' +//   'PuH3owIDAQABAkAfoiLyL+Z4lf4Myxk6xUDgLaWGximj20CUf+5BKKnlrK+Ed8gA\n' +//   'kM0HqoTt2UZwA5E2MzS4EI2gjfQhz5X28uqxAiEA3wNFxfrCZlSZHb0gn2zDpWow\n' +//   'cSxQAgiCstxGUoOqlW8CIQDDOerGKH5OmCJ4Z21v+F25WaHYPxCFMvwxpcw99Ecv\n' +//   'DQIgIdhDTIqD2jfYjPTY8Jj3EDGPbH2HHuffvflECt3Ek60CIQCFRlCkHpi7hthh\n' +//   'YhovyloRYsM+IS9h/0BzlEAuO0ktMQIgSPT3aFAgJYwKpqRYKlLDVcflZFCKY7u3\n' +//   'UP8iWi1Qw0Y='const privateKey ='MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAMJB78FIYAaaR63fCJ7jMUHa2G3UJQaxRnSXLrBYtOnW66ZIoEXSfmHB18lQ2uvu5GMvyGQlhinnmHQa2Cw5DaBqIhubIlnl6fARAojhBZ1QPDkDwX0WYoW5t7RM3Dg9Rf0AvS0GKdIyFU2r27OcXlNYehI9lg76mOCRe7OK/tiNAgMBAAECgYBSASfHPlhbMTHlMmwfNuWKWWpYIuBmjNujSFcLVsc4l+Pu1GXkU9HKTtxbPejNBJIhVQCRVk3mzr/K87IiKQuY2fBgPt9YqsXul2Nm2NwGOWPdUZbDqLrLS86ZWMIGWUSwQ2DACzKHgg/6/sBk+qim2NKj8AFFHz1qf0jiYDLJAQJBAOp9Kc5xTfRjn/3lR51JcNDLwlUkHPAbMliLuO9xpEgbCgRNblJHRhUvOgjYgkYdIdqR7dsm93yMne33c/i8QGECQQDUE/aQDLalYizv6j+55AuUiS6DDLxosbNd+J2itdofTCK2sdr7JeeCyBYg3LOmVegZm0Jb6JOJWbGdlO0BAretAkBTNYcYUuyuxIuJtUrsbZsy/JtBS0dZjM0YzrwZe+IoFDBBxphXaiNccR3O9cWEy+Gvhgk5s2IvOFbyktT8dxEBAkB0YFwN4hwcFwqnwLiljmFYagru+P8uyEywRWxjTD1crU/jRyfuZ3dqSdfywomGvl92Jb+9ZZwIZALWgVGpG0+lAkAE/gN+2jLgOrBvAk4aeOMlpJWMOQYLLRseKYKInMwuM8/zujM9boZfj7VJnsRhZPJ+7C/q6I8Y9boUxNu93iTz'// 加密export function encrypt(txt) {  const encryptor = new JSEncrypt()  encryptor.setPublicKey(publicKey) // 设置公钥  return encryptor.encrypt(txt) // 对数据进行加密}// 解密export function decrypt(txt) {  const encryptor = new JSEncrypt()  encryptor.setPrivateKey(privateKey) // 设置私钥  return encryptor.decrypt(txt) // 对数据进行解密}

如下图所示，对其密码已进行加密处理：

奇石交易网