code验证码进行aes192加密

package.json

@@ -31,6 +31,7 @@
     "argon2": "^0.30.2",
     "class-transformer": "^0.5.1",
     "class-validator": "^0.13.2",
+    "crypto": "^1.0.1",
     "ioredis": "^5.2.4",
     "passport": "^0.6.0",
     "passport-jwt": "^4.0.0",

src/auth/auth.controller.ts

@@ -11,7 +11,7 @@ export class AuthController {
   constructor(private auto: AuthService, private readonly codService: CodService) {}
   @Post('register')
   async register(@Body() dto: registerDto, @Req() req: Request, @Headers() headers: any) {
-    const rescod = await this.codService.verifycod(req.ip, headers.cod)
+    const rescod = await this.codService.verifyCod(req.ip, headers.cod)
     if (!rescod.status) {
       return rescod
     }

src/cod/cod.controller.ts

@@ -7,6 +7,6 @@ export class CodController {
   constructor(private readonly codService: CodService) {}
   @Get('getcod')
   async getcod(@Req() req: Request) {
-    return await this.codService.getcod(req.ip)
+    return await this.codService.getCod(req.ip)
   }
 }

src/cod/cod.service.ts

@@ -1,28 +1,25 @@
 import { RedisService } from '@/redis/redis.service'
 import { Injectable } from '@nestjs/common'
-
+import { ConfigService } from '@nestjs/config'
+import { createCipheriv, createDecipheriv } from 'crypto'
 @Injectable()
 export class CodService {
-  constructor(private readonly redisservice: RedisService) {}
-  async getcod(ip: string) {
+  constructor(private readonly redisservice: RedisService, private configservice: ConfigService) {}
+  async getCod(ip: string) {
     const cod = this.randomString(6)
-    await this.redisservice.set(`cod${ip}`, cod, 'EX', 60)
+    await this.redisservice.set(`cod:${ip}`, this.encrypt(cod), 'EX', 60)
     return { status: true, msg: '验证码已发送', cod }
   }
-  async verifycod(ip: string, cod: string) {
-    //是否存在
-    const cod1 = await this.redisservice.get(`cod${ip}`)
-    if (!cod1) {
+  async verifyCod(ip: string, cod: string) {
+    const Rcod = await this.redisservice.get(`cod:${ip}`)
+    if (!Rcod) {
       return { status: false, msg: '验证码不存在' }
     }
-    //是否正确
-    if (cod1 !== cod) {
-      await this.redisservice.del(`cod${ip}`)
+    if (Rcod === this.decrypt(cod)) {
+      await this.redisservice.del(`cod:${ip}`)
       return { status: false, msg: '验证码错误' }
     }
-    //是否过期
-    const ttl = await this.redisservice.ttl(`cod${ip}`)
-    if (ttl < 0) {
+    if ((await this.redisservice.ttl(`cod:${ip}`)) < 0) {
       return { status: false, msg: '验证码已过期' }
     }
     return { status: true, msg: '验证码正确' }
@@ -37,4 +34,22 @@ export class CodService {
     }
     return pwd
   }
+  private encrypt(
+    data: string,
+    key: string = this.configservice.get('CODE_KEY'),
+    iv: string = this.configservice.get('CODE_IV'),
+  ) {
+    const cipher = createCipheriv('aes192', Buffer.from(key, 'utf-8'), iv)
+    cipher.update(data, 'utf-8', 'hex')
+    return cipher.final('hex')
+  }
+  private decrypt(
+    encrypted: string,
+    key: string = this.configservice.get('CODE_KEY'),
+    iv: string = this.configservice.get('CODE_IV'),
+  ) {
+    const decipher = createDecipheriv('aes192', Buffer.from(key, 'utf-8'), iv)
+    decipher.update(encrypted, 'hex', 'utf8')
+    return decipher.final('utf8')
+  }
 }

yarn.lock

@@ -2038,6 +2038,11 @@ cross-spawn@^7.0.0, cross-spawn@^7.0.2, cross-spawn@^7.0.3:
     shebang-command "^2.0.0"
     which "^2.0.1"
 
+crypto@^1.0.1:
+  version "1.0.1"
+  resolved "https://mirrors.cloud.tencent.com/npm/crypto/-/crypto-1.0.1.tgz#2af1b7cad8175d24c8a1b0778255794a21803037"
+  integrity sha512-VxBKmeNcqQdiUQUW2Tzq0t377b54N2bMtXO/qiLa+6eRRmmC4qT3D4OnTGoT/U6O9aklQ/jTwbOtRMTTY8G0Ig==
+
 debug@2.6.9:
   version "2.6.9"
   resolved "https://mirrors.cloud.tencent.com/npm/debug/-/debug-2.6.9.tgz#5d128515df134ff327e90a4c93f4e077a536341f"