使用sharding-jdbc實現數據脫敏,比如用戶表中的password字段,日常開發都會進行數據脫敏,對其進行加密。
項目結構:
pom.xml:
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.2.6.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<groupId>com.lucifer</groupId>
<artifactId>sharding-jdbc-demo</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>sharding-jdbc-demo</name>
<description>Demo project for Spring Boot</description>
<properties>
<java.version>1.8</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter</artifactId>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>8.0.19</version>
</dependency>
<dependency>
<groupId>org.mybatis.spring.boot</groupId>
<artifactId>mybatis-spring-boot-starter</artifactId>
<version>2.1.1</version>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid-spring-boot-starter</artifactId>
<version>1.1.20</version>
</dependency>
<dependency>
<groupId>org.apache.shardingsphere</groupId>
<artifactId>sharding-jdbc-spring-boot-starter</artifactId>
<version>4.0.0-RC1</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
<exclusions>
<exclusion>
<groupId>org.junit.vintage</groupId>
<artifactId>junit-vintage-engine</artifactId>
</exclusion>
</exclusions>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
userDao:操作數據庫接口
package com.lucifer.sharding.dao;
import com.lucifer.sharding.pojo.User;
import org.apache.ibatis.annotations.Insert;
import org.apache.ibatis.annotations.Param;
import org.apache.ibatis.annotations.Select;
public interface UserDao {
@Insert("INSERT INTO t_user (user_name,password) VALUES (#{userName}, #{password})")
void addUser(@Param("userName") String userName, @Param("password") String password);
@Select("SELECT id,user_name as userName,password FROM t_user WHERE user_name=#{userName} and password= #{password}")
User selectUser(@Param("userName") String userName, @Param("password") String password);
}
User實體類 :
package com.lucifer.sharding.pojo;
import lombok.Data;
import java.io.Serializable;
/**
* t_user
* @author
*/
@Data
public class User implements Serializable {
private Long id;
private String userName;
private String password;
}
SpringBoot啓動類:
用MapperScan註解開啓掃描dao層
package com.lucifer.sharding;
import org.mybatis.spring.annotation.MapperScan;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration;
@MapperScan(value = "com.lucifer.sharding.dao")
@SpringBootApplication
public class ShardingJdbcDemoApplication {
public static void main(String[] args) {
SpringApplication.run(ShardingJdbcDemoApplication.class, args);
}
}
application.yml:
############################數據脫敏#################################
#服務端口
server:
port: 56081
#服務名
spring:
application:
name: sharding-jdbc-examples
main:
allow-bean-definition-overriding: true
shardingsphere:
datasource: #數據源配置
names: ds
ds:
url: jdbc:mysql://192.168.160.131:3306/test1?useSSL=false&useUnicode=true&serverTimezone=UTC
type: com.alibaba.druid.pool.DruidDataSource
username: root
password: 123456
driver-class-name: com.mysql.cj.jdbc.Driver
encrypt:
encryptors:
encryptor_aes:
type: AES #加解密器類型,可自定義或選擇內置類型:MD5/AES
props:
aes.key.value: 123456abc #屬性配置, 注意:使用AES加密器,需要配置AES加密器的KEY屬性:aes.key.value
qualifiedColumns: t_user.password
tables:
t_user:
columns:
password:
cipherColumn: password #存儲密文的字段
encryptor: aes_encryptor #加解密器名字
props:
sql:
show: true #是否開啓SQL顯示,默認值: false
query:
with:
cipher:
column: true #是否使用密文列查詢
#日誌打印
logging:
level:
root: info
org.springframework.web: info
com.lucifer.sharding.dao: debug
druid.sql: debug
測試類:
package com.lucifer.sharding;
import com.lucifer.sharding.dao.UserDao;
import com.lucifer.sharding.pojo.User;
import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
@SpringBootTest
class ShardingJdbcDemoApplicationTests {
@Autowired
private UserDao userDao;
@Test
void add() {
userDao.addUser("張三","123456");
}
@Test
public void query() {
User user = userDao.selectUser("張三", "123456");
System.out.println(user);
}
}
測試1: add():
2020-05-02 23:33:29.553 DEBUG 24528 --- [ main] c.lucifer.sharding.dao.UserDao.addUser : ==> Preparing: INSERT INTO t_user (user_name,password) VALUES (?, ?)
2020-05-02 23:33:29.565 DEBUG 24528 --- [ main] c.lucifer.sharding.dao.UserDao.addUser : ==> Parameters: 張三(String), 123456(String)
2020-05-02 23:33:30.535 DEBUG 24528 --- [ main] c.lucifer.sharding.dao.UserDao.addUser : <== Updates: 1
測試2:query():
2020-05-02 23:35:37.137 DEBUG 9036 --- [ main] c.l.sharding.dao.UserDao.selectUser : ==> Preparing: SELECT id,user_name as userName,password FROM t_user WHERE user_name=? and password= ?
2020-05-02 23:35:37.154 DEBUG 9036 --- [ main] c.l.sharding.dao.UserDao.selectUser : ==> Parameters: 張三(String), 123456(String)
2020-05-02 23:35:38.151 DEBUG 9036 --- [ main] c.l.sharding.dao.UserDao.selectUser : <== Total: 1
User(id=3, userName=張三, password=123456)
如果使用mybatis-plus,可以將
<dependency>
<groupId>org.mybatis.spring.boot</groupId>
<artifactId>mybatis-spring-boot-starter</artifactId>
<version>2.1.1</version>
</dependency>
替換爲:
<dependency>
<groupId>com.baomidou</groupId>
<artifactId>mybatis-plus-boot-starter</artifactId>
<version>3.3.1</version>
</dependency>
User實體類:
@Data
@TableName(value = "t_user")
public class User implements Serializable {
@TableId
private Long id;
@TableField(value = "user_name")
private String userName;
@TableField(value = "password")
private String password;
}
UserDao:
public interface UserDao extends BaseMapper<User> {
}
測試方法:
@Autowired
private UserDao userDao;
@Test
void test() {
User user = new User();
user.setId(1L);
user.setUserName("張三");
user.setPassword("123456");
userDao.insert(user);
}
@Test
public void query() {
QueryWrapper<User> queryWrapper=new QueryWrapper<>();
queryWrapper.eq("user_name","張三");
queryWrapper.eq("password","123456");
List<User> users = userDao.selectList(queryWrapper);
System.out.println(users);
}