比Md5的好处是相同密码每次生成的加密密码不同，但是不同的加密密码与原密码却能正确匹配，从而能防止彩虹表攻击

Maven中引入

<dependencies>

<!--        用于调用 BCryptPasswordEncoder 加解密-->

    <dependency>

<groupId>org.springframework.security</groupId>

<artifactId>spring-security-crypto</artifactId>

<version>5.3.2.RELEASE</version>

<scope>compile</scope>

</dependency>

</dependencies>

在业务层的使用

@Autowired

UmsMemberMapperumsMemberMapper;

public int register(UmsMemberREgisterParamDTO umsMemberREgisterParamDTO) {

UmsMember umsMember =new UmsMember();

BeanUtils.copyProperties(umsMemberREgisterParamDTO, umsMember);

String destPwd =new BCryptPasswordEncoder().encode(umsMember.getPassword());//把密码进行加密

umsMember.setPassword(destPwd);

int result =umsMemberMapper.insert(umsMember);

return result;

}

@Override

public boolean login(UmsMemberLoginParamDTO umsMemberLoginParamDTO) {

boolean result =false;

UmsMember umsMember =umsMemberMapper.selectByName(umsMemberLoginParamDTO.getUsername());

if (null != umsMember) {

result =new BCryptPasswordEncoder().matches(umsMemberLoginParamDTO.getPassword(), umsMember.getPassword());//第一个参数是未加密的密码，第二个参数是已加密的密码，如果返回true则密码匹配，反之则为false

}

return result;

}