mirror of
https://github.com/SyncrowIOT/backend.git
synced 2025-07-16 02:36:19 +00:00
61 lines
1.8 KiB
TypeScript
61 lines
1.8 KiB
TypeScript
import { HttpException, HttpStatus, Injectable } from '@nestjs/common';
|
|
import * as CryptoJS from 'crypto-js';
|
|
import { ConfigService } from '@nestjs/config';
|
|
import { EnableDisableStatusEnum } from '@app/common/constants/days.enum';
|
|
|
|
@Injectable()
|
|
export class PasswordEncryptionService {
|
|
constructor(private readonly configService: ConfigService) {}
|
|
|
|
encrypt(plainText: string, secretKey: string): string {
|
|
const keyBytes = CryptoJS.enc.Utf8.parse(secretKey);
|
|
|
|
const encrypted = CryptoJS.AES.encrypt(plainText, keyBytes, {
|
|
mode: CryptoJS.mode.ECB,
|
|
padding: CryptoJS.pad.Pkcs7,
|
|
});
|
|
|
|
return encrypted.ciphertext.toString(CryptoJS.enc.Hex);
|
|
}
|
|
|
|
decrypt(encryptedText: string, secretKey: string): string {
|
|
const keyBytes = CryptoJS.enc.Utf8.parse(secretKey);
|
|
|
|
const decrypted = CryptoJS.AES.decrypt(
|
|
{
|
|
ciphertext: CryptoJS.enc.Hex.parse(encryptedText),
|
|
} as any,
|
|
keyBytes,
|
|
{
|
|
mode: CryptoJS.mode.ECB,
|
|
padding: CryptoJS.pad.Pkcs7,
|
|
},
|
|
);
|
|
|
|
return decrypted.toString(CryptoJS.enc.Utf8);
|
|
}
|
|
|
|
generateEncryptedPassword(
|
|
plainTextPassword: string,
|
|
ticketKey: string,
|
|
): string {
|
|
try {
|
|
const accessSecret = this.configService.get<string>(
|
|
'auth-config.SECRET_KEY',
|
|
);
|
|
// The accessSecret must be 32 bytes, ensure it is properly padded or truncated
|
|
const paddedAccessSecret = accessSecret
|
|
.padEnd(32, EnableDisableStatusEnum.DISABLED)
|
|
.slice(0, 32);
|
|
const plainTextTicketKey = this.decrypt(ticketKey, paddedAccessSecret);
|
|
|
|
return this.encrypt(plainTextPassword, plainTextTicketKey);
|
|
} catch (error) {
|
|
throw new HttpException(
|
|
`Error encrypting password: ${error.message}`,
|
|
HttpStatus.INTERNAL_SERVER_ERROR,
|
|
);
|
|
}
|
|
}
|
|
}
|