添加日志的操作人和时间的完整性

ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/SysLogininforController.java

@@ -2,6 +2,9 @@ package com.ruoyi.web.controller.monitor;
 
 import java.util.List;
 import javax.servlet.http.HttpServletResponse;
+
+import com.ruoyi.common.utils.EncryptDecryptUtil;
+import org.quickssl.api.CryptoClient;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.DeleteMapping;
@@ -34,6 +37,8 @@ public class SysLogininforController extends BaseController
 
     @Autowired
     private SysPasswordService passwordService;
+    @Autowired
+    private EncryptDecryptUtil encryptDecryptUtil;
 
     @PreAuthorize("@ss.hasPermi('monitor:logininfor:list')")
     @GetMapping("/list")
@@ -41,6 +46,21 @@ public class SysLogininforController extends BaseController
     {
         startPage();
         List<SysLogininfor> list = logininforService.selectLogininforList(logininfor);
+        for(SysLogininfor sysLogininfor:list){
+            boolean verifyName;
+            boolean verifyTime;
+            try {
+                verifyName=encryptDecryptUtil.sm3Verify(sysLogininfor.getUserName(),sysLogininfor.getUserNameCipher());
+                verifyTime=encryptDecryptUtil.sm3Verify(sysLogininfor.getLoginTime(),sysLogininfor.getLoginTimeCipher());
+            } catch (CryptoClient.CryptoException e) {
+                verifyName = false;
+                verifyTime = false;
+            }
+            if(!verifyTime || !verifyName){
+                System.out.println("完整性校验失败:{}==========="+sysLogininfor.getInfoId());
+                return error(500,"日志数据已被篡改，请联系管理员确定!");
+            }
+        }
         return getDataTable(list);
     }
 

ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/SysOperlogController.java

@@ -2,6 +2,9 @@ package com.ruoyi.web.controller.monitor;
 
 import java.util.List;
 import javax.servlet.http.HttpServletResponse;
+
+import com.ruoyi.common.utils.EncryptDecryptUtil;
+import org.quickssl.api.CryptoClient;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.DeleteMapping;
@@ -30,6 +33,8 @@ public class SysOperlogController extends BaseController
 {
     @Autowired
     private ISysOperLogService operLogService;
+    @Autowired
+    private EncryptDecryptUtil encryptDecryptUtil;
 
     @PreAuthorize("@ss.hasPermi('monitor:operlog:list')")
     @GetMapping("/list")
@@ -37,6 +42,21 @@ public class SysOperlogController extends BaseController
     {
         startPage();
         List<SysOperLog> list = operLogService.selectOperLogList(operLog);
+        for(SysOperLog sysOperLog:list){
+            boolean verifyName;
+            boolean verifyTime;
+            try {
+                verifyName=encryptDecryptUtil.sm3Verify(sysOperLog.getOperName(),sysOperLog.getOperNameCipher());
+                verifyTime=encryptDecryptUtil.sm3Verify(sysOperLog.getOperTime(),sysOperLog.getOperTimeCipher());
+            } catch (CryptoClient.CryptoException e) {
+                verifyName = false;
+                verifyTime = false;
+            }
+            if(!verifyTime || !verifyName){
+                System.out.println("完整性校验失败:{}==========="+sysOperLog.getOperId());
+                return error(500,"日志数据已被篡改，请联系管理员确定!");
+            }
+        }
         return getDataTable(list);
     }
 

ruoyi-admin/src/main/resources/application.yml

@@ -147,6 +147,10 @@ ocr:
   ocr_llm_url: http://39.98.44.136:6016/inner-ai/aicoapi/gateway/v2/chatbot/api_run/1763386387_d4c07131-a047-4c0d-9623-7e3c3a45bd7e
   ocr_llm_apiKey: NfzPnFRtogHlYCAh2hHIB7ra5EsrSQEM
 
+cipher-security:
+  socket: 39.106.16.89:11028
+  path: /data/downloadmodel/cert
+
 #nginx节点健康检查
 management:
   endpoints: