otto/halo

Support logging in with encrypted password (#3480)

What type of PR is this?

/kind feature /kind api-change /area core /area console

What this PR does / why we need it:

This PR creates AuthenticationWebFilter by ourselves instead of using FormLoginSpec directly. Because we have no chance to customize org.springframework.security.web.server.authentication.ServerAuthenticationConverter currently.

Meanwhile, we provide CryptoService(RSA) to generate key pair, get public key and decrypt message encrypted by public key.

There is a new endpoint to get public key which is used by console:

❯ curl localhost:8090/login/public-key -s | jq .
{
  "base64Format": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouDtdDS751U8NcWfAAQ53ijEtkLnIHh1Thqkq5QHGslq2hBmWnNsIZFnc/bwVp00ImKLV2NtLgOuv5RRNS5iO+oqRvfOGdXLdW2nzqU2towtaMkYTEMJrsNMZp5BUNCGI7Z2xpPBZzvys0d1BvcpNFobX/LkOtcTyfB1DRp9ZAhxRYOZkTkCzaKo+6X11lnMexTsB3exzaXk9rRZ8XoJ+dWT5G0URs/PF2cDkgxuMdOFJzqDsb9HQYGI/etajdCcKs7mZsjmDgse9Cw9/3mgoTNnEGx9Wl89S0P+FJ7T5DALGt3/nSAlzmKdXJNBLf6Q44ogFpTWdq27JpJD3SKicQIDAQAB"
}

Which issue(s) this PR fixes:

Fixes https://github.com/halo-dev/halo/issues/3419

Does this PR introduce a user-facing change?

支持登录时密码加密传输

Halo [ˈheɪloʊ]，强大易用的开源建站工具。

官网文档社区 Gitee Telegram 频道

快速开始

docker run \
  -it -d \
  --name halo \
  -p 8090:8090 \
  -v ~/.halo2:/root/.halo2 \
  halohub/halo:2.2 \
  --halo.external-url=http://localhost:8090/ \
  --halo.security.initializer.superadminusername=admin \
  --halo.security.initializer.superadminpassword=P@88w0rd

以上仅作为体验使用，详细部署文档请查阅：https://docs.halo.run/getting-started/install/docker-compose

在线体验

环境地址：https://demo.halo.run
后台地址：https://demo.halo.run/console
用户名：demo
密码：P@ssw0rd123..

生态

可访问 awesome-halo 查看已经适用于 Halo 2.0 的主题和插件，以及适用于 Halo 1.x 的相关仓库。

许可证

Halo 使用 GPL-v3.0 协议开源，请遵守开源协议。

贡献

参考 CONTRIBUTING。

状态

Repobeats analytics