From 8e9d214f443f0458c1556a26963f9d14adc6bc04 Mon Sep 17 00:00:00 2001 From: zhangzhiqiang Date: Thu, 15 Dec 2022 15:20:08 +0800 Subject: [PATCH] =?UTF-8?q?=E7=99=BB=E5=85=A5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../rest => common/utils}/DesUtil.java | 2 +- .../modules/common/utils/SecurityUtils.java | 2 +- .../modules/common/utils/dto/CurrentUser.java | 2 +- .../system/service/impl/ParamServiceImpl.java | 4 +- .../secutiry}/AuthorizationController.java | 83 ++----------------- .../controller/user}/OnlineController.java | 4 +- .../service/secutiry}/dto/AuthUserDto.java | 2 +- .../secutiry/impl}/OnlineUserService.java | 82 +++++++++++++++++- .../nl/system/service/user/dao/SysUser.java | 13 +-- .../service/user}/dto/OnlineUserDto.java | 2 +- 10 files changed, 103 insertions(+), 93 deletions(-) rename nladmin-system/nlsso-server/src/main/java/org/nl/{modules/security/rest => common/utils}/DesUtil.java (99%) rename nladmin-system/nlsso-server/src/main/java/org/nl/{modules/security/rest => system/controller/secutiry}/AuthorizationController.java (55%) rename nladmin-system/nlsso-server/src/main/java/org/nl/{modules/security/rest => system/controller/user}/OnlineController.java (95%) rename nladmin-system/nlsso-server/src/main/java/org/nl/{modules/security/service => system/service/secutiry}/dto/AuthUserDto.java (95%) rename nladmin-system/nlsso-server/src/main/java/org/nl/{modules/security/service => system/service/secutiry/impl}/OnlineUserService.java (62%) rename nladmin-system/nlsso-server/src/main/java/org/nl/{modules/security/service => system/service/user}/dto/OnlineUserDto.java (96%) diff --git a/nladmin-system/nlsso-server/src/main/java/org/nl/modules/security/rest/DesUtil.java b/nladmin-system/nlsso-server/src/main/java/org/nl/common/utils/DesUtil.java similarity index 99% rename from nladmin-system/nlsso-server/src/main/java/org/nl/modules/security/rest/DesUtil.java rename to nladmin-system/nlsso-server/src/main/java/org/nl/common/utils/DesUtil.java index 89f9a32..35f7c49 100644 --- a/nladmin-system/nlsso-server/src/main/java/org/nl/modules/security/rest/DesUtil.java +++ b/nladmin-system/nlsso-server/src/main/java/org/nl/common/utils/DesUtil.java @@ -1,4 +1,4 @@ -package org.nl.modules.security.rest; +package org.nl.common.utils; // // Source code recreated from a .class file by IntelliJ IDEA diff --git a/nladmin-system/nlsso-server/src/main/java/org/nl/modules/common/utils/SecurityUtils.java b/nladmin-system/nlsso-server/src/main/java/org/nl/modules/common/utils/SecurityUtils.java index 3601c80..aa31f86 100644 --- a/nladmin-system/nlsso-server/src/main/java/org/nl/modules/common/utils/SecurityUtils.java +++ b/nladmin-system/nlsso-server/src/main/java/org/nl/modules/common/utils/SecurityUtils.java @@ -50,7 +50,7 @@ public class SecurityUtils { * @return 系统用户名称 */ public static String getCurrentNickName() { - return getCurrentUser().getPreson_name(); + return getCurrentUser().getPresonName(); } /** diff --git a/nladmin-system/nlsso-server/src/main/java/org/nl/modules/common/utils/dto/CurrentUser.java b/nladmin-system/nlsso-server/src/main/java/org/nl/modules/common/utils/dto/CurrentUser.java index b87f89c..276948e 100644 --- a/nladmin-system/nlsso-server/src/main/java/org/nl/modules/common/utils/dto/CurrentUser.java +++ b/nladmin-system/nlsso-server/src/main/java/org/nl/modules/common/utils/dto/CurrentUser.java @@ -22,7 +22,7 @@ public class CurrentUser implements Serializable { //账号 private String username; //姓名 - private String preson_name; + private String presonName; //用户详细信息 private SysUser user; diff --git a/nladmin-system/nlsso-server/src/main/java/org/nl/modules/system/service/impl/ParamServiceImpl.java b/nladmin-system/nlsso-server/src/main/java/org/nl/modules/system/service/impl/ParamServiceImpl.java index c0e892c..174719a 100644 --- a/nladmin-system/nlsso-server/src/main/java/org/nl/modules/system/service/impl/ParamServiceImpl.java +++ b/nladmin-system/nlsso-server/src/main/java/org/nl/modules/system/service/impl/ParamServiceImpl.java @@ -82,8 +82,8 @@ public class ParamServiceImpl implements ParamService { dto.setId(IdUtil.simpleUUID()); dto.setCreate_id(currentId); dto.setUpdate_optid(currentId); - dto.setCreate_name(currentUsername.getPreson_name()); - dto.setUpdate_optname(currentUsername.getPreson_name()); + dto.setCreate_name(currentUsername.getPresonName()); + dto.setUpdate_optname(currentUsername.getPresonName()); dto.setUpdate_time(now); dto.setCreate_time(now); diff --git a/nladmin-system/nlsso-server/src/main/java/org/nl/modules/security/rest/AuthorizationController.java b/nladmin-system/nlsso-server/src/main/java/org/nl/system/controller/secutiry/AuthorizationController.java similarity index 55% rename from nladmin-system/nlsso-server/src/main/java/org/nl/modules/security/rest/AuthorizationController.java rename to nladmin-system/nlsso-server/src/main/java/org/nl/system/controller/secutiry/AuthorizationController.java index 2fd95bf..e368536 100644 --- a/nladmin-system/nlsso-server/src/main/java/org/nl/modules/security/rest/AuthorizationController.java +++ b/nladmin-system/nlsso-server/src/main/java/org/nl/system/controller/secutiry/AuthorizationController.java @@ -13,35 +13,27 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package org.nl.modules.security.rest; +package org.nl.system.controller.secutiry; + -import cn.dev33.satoken.secure.SaSecureUtil; -import cn.dev33.satoken.stp.SaLoginModel; import cn.dev33.satoken.stp.StpUtil; import cn.hutool.core.util.IdUtil; import cn.hutool.core.util.ObjectUtil; -import cn.hutool.core.util.StrUtil; import com.alibaba.fastjson.JSONObject; import com.wf.captcha.base.Captcha; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; -import org.nl.modules.common.config.RsaProperties; -import org.nl.modules.common.exception.BadRequestException; import org.nl.modules.common.utils.RedisUtils; -import org.nl.modules.common.utils.RsaUtils; import org.nl.modules.common.utils.SecurityUtils; import org.nl.modules.common.utils.dto.CurrentUser; import org.nl.modules.security.config.bean.LoginCodeEnum; import org.nl.modules.security.config.bean.LoginProperties; -import org.nl.modules.security.service.OnlineUserService; -import org.nl.modules.security.service.dto.AuthUserDto; +import org.nl.system.service.secutiry.impl.OnlineUserService; import org.nl.modules.system.service.RoleService; -import org.nl.modules.system.service.dto.UserDto; import org.nl.modules.wql.core.bean.WQLObject; import org.nl.system.service.user.ISysUserService; -import org.springframework.http.HttpEntity; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.validation.annotation.Validated; @@ -49,7 +41,6 @@ import org.springframework.web.bind.annotation.*; import javax.annotation.Resource; import javax.servlet.http.HttpServletRequest; -import java.util.ArrayList; import java.util.HashMap; import java.util.List; import java.util.Map; @@ -76,72 +67,13 @@ public class AuthorizationController { @ApiOperation("登录授权") @PostMapping(value = "/login") - public ResponseEntity login(@Validated @RequestBody AuthUserDto authUser, HttpServletRequest request) throws Exception { - // 密码解密 - 前端的加密规则: encrypt - String password = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey, authUser.getPassword()); - // 查询验证码 - String code = (String) redisUtils.get(authUser.getUuid()); - // 清除验证码 - redisUtils.del(authUser.getUuid()); - if (StrUtil.isEmpty(code)) { - throw new BadRequestException("验证码不存在或已过期"); + public ResponseEntity login(@RequestBody Map authMap) throws Exception { + if (ObjectUtil.isEmpty(authMap)){ + return ResponseEntity.noContent().build(); } - if (StrUtil.isEmpty(authUser.getCode()) || !authUser.getCode().equalsIgnoreCase(code)) { - throw new BadRequestException("验证码错误"); - } - // 校验数据库 - // 根据用户名查询,在比对密码 - - - JSONObject userInfo = WQLObject.getWQLObject("sys_user").query("username = '" + authUser.getUsername() + "'").uniqueResult(0); - - String password1 = userInfo.getString("password"); - if (!password1.equals(SaSecureUtil.md5BySalt(password, "salt"))) { // 这里需要密码加密 - throw new BadRequestException("账号或密码错误"); - } - - // 获取权限列表 - 登录查找权限 - List permissionList = roleService.getPermissionList(userInfo); - - // 判断是否被锁 - String is_used = userInfo.getString("is_used"); - - if (!StrUtil.equals(is_used, "1")) throw new BadRequestException("账号未激活"); - - // 登录输入,登出删除 - CurrentUser user = new CurrentUser(); - user.setId(userInfo.getLong("user_id")); - user.setUsername(userInfo.getString("username")); - user.setPreson_name((userInfo.getString("person_name"))); - user.setUser(userService.getById(userInfo.getLong("user_id"))); - user.setPermissions(permissionList); - - // SaLoginModel 配置登录相关参数 - StpUtil.login(userInfo.getLong("user_id"), new SaLoginModel() - .setDevice("PC") // 此次登录的客户端设备类型, 用于[同端互斥登录]时指定此次登录的设备类型 - .setExtra("loginInfo", user) // Token挂载的扩展参数 (此方法只有在集成jwt插件时才会生效) - ); - - // 返回 token 与 用户信息 - JSONObject jsonObject = new JSONObject(); - jsonObject.put("roles", permissionList); - jsonObject.put("user", userInfo); - Map authInfo = new HashMap(2) {{ - put("token", "Bearer " + StpUtil.getTokenValue()); - put("user", user); - }}; - // 保存在线信息 -// onlineUserService.save(userDto, StpUtil.getTokenValue(), request); - return ResponseEntity.ok(authInfo); + return ResponseEntity.ok(onlineUserService.login(authMap)); } - private UserDto getById(Long user_id) { - WQLObject userTab = WQLObject.getWQLObject("sys_user"); - JSONObject user = userTab.query("user_id = '" + user_id + "'").uniqueResult(0); - UserDto userDto = user.toJavaObject(UserDto.class); - return userDto; - - } @ApiOperation("获取用户信息") @GetMapping(value = "/info") @@ -191,7 +123,6 @@ public class AuthorizationController { if (ObjectUtil.isNotEmpty(StpUtil.getTokenValue())) { onlineUserService.logout(StpUtil.getTokenValue()); } - StpUtil.logout(); return new ResponseEntity<>(HttpStatus.OK); } diff --git a/nladmin-system/nlsso-server/src/main/java/org/nl/modules/security/rest/OnlineController.java b/nladmin-system/nlsso-server/src/main/java/org/nl/system/controller/user/OnlineController.java similarity index 95% rename from nladmin-system/nlsso-server/src/main/java/org/nl/modules/security/rest/OnlineController.java rename to nladmin-system/nlsso-server/src/main/java/org/nl/system/controller/user/OnlineController.java index e5b1839..6b0f7bd 100644 --- a/nladmin-system/nlsso-server/src/main/java/org/nl/modules/security/rest/OnlineController.java +++ b/nladmin-system/nlsso-server/src/main/java/org/nl/system/controller/user/OnlineController.java @@ -13,13 +13,13 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package org.nl.modules.security.rest; +package org.nl.system.controller.user; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import lombok.RequiredArgsConstructor; import org.nl.modules.common.utils.EncryptUtils; -import org.nl.modules.security.service.OnlineUserService; +import org.nl.system.service.secutiry.impl.OnlineUserService; import org.springframework.data.domain.Pageable; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; diff --git a/nladmin-system/nlsso-server/src/main/java/org/nl/modules/security/service/dto/AuthUserDto.java b/nladmin-system/nlsso-server/src/main/java/org/nl/system/service/secutiry/dto/AuthUserDto.java similarity index 95% rename from nladmin-system/nlsso-server/src/main/java/org/nl/modules/security/service/dto/AuthUserDto.java rename to nladmin-system/nlsso-server/src/main/java/org/nl/system/service/secutiry/dto/AuthUserDto.java index 61d9bed..9d810f0 100644 --- a/nladmin-system/nlsso-server/src/main/java/org/nl/modules/security/service/dto/AuthUserDto.java +++ b/nladmin-system/nlsso-server/src/main/java/org/nl/system/service/secutiry/dto/AuthUserDto.java @@ -13,7 +13,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package org.nl.modules.security.service.dto; +package org.nl.system.service.secutiry.dto; import lombok.Getter; import lombok.Setter; diff --git a/nladmin-system/nlsso-server/src/main/java/org/nl/modules/security/service/OnlineUserService.java b/nladmin-system/nlsso-server/src/main/java/org/nl/system/service/secutiry/impl/OnlineUserService.java similarity index 62% rename from nladmin-system/nlsso-server/src/main/java/org/nl/modules/security/service/OnlineUserService.java rename to nladmin-system/nlsso-server/src/main/java/org/nl/system/service/secutiry/impl/OnlineUserService.java index 619fdda..930fd7f 100644 --- a/nladmin-system/nlsso-server/src/main/java/org/nl/modules/security/service/OnlineUserService.java +++ b/nladmin-system/nlsso-server/src/main/java/org/nl/system/service/secutiry/impl/OnlineUserService.java @@ -13,14 +13,31 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package org.nl.modules.security.service; +package org.nl.system.service.secutiry.impl; +import cn.dev33.satoken.secure.SaSecureUtil; +import cn.dev33.satoken.stp.SaLoginModel; import cn.dev33.satoken.stp.StpUtil; import cn.hutool.core.util.StrUtil; +import com.alibaba.fastjson.JSON; +import com.alibaba.fastjson.JSONObject; +import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; +import com.baomidou.mybatisplus.extension.conditions.query.LambdaQueryChainWrapper; +import lombok.SneakyThrows; import lombok.extern.slf4j.Slf4j; +import org.apache.poi.ss.formula.functions.T; +import org.nl.modules.common.config.RsaProperties; +import org.nl.modules.common.exception.BadRequestException; import org.nl.modules.common.utils.*; -import org.nl.modules.security.service.dto.OnlineUserDto; +import org.nl.modules.common.utils.dto.CurrentUser; +import org.nl.modules.system.service.RoleService; import org.nl.modules.system.service.dto.UserDto; +import org.nl.modules.wql.core.bean.WQLObject; +import org.nl.system.service.secutiry.dto.AuthUserDto; +import org.nl.system.service.user.ISysUserService; +import org.nl.system.service.user.dao.SysUser; +import org.nl.system.service.user.dto.OnlineUserDto; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.data.domain.Pageable; import org.springframework.scheduling.annotation.Async; import org.springframework.stereotype.Service; @@ -38,6 +55,10 @@ import java.util.*; @Slf4j public class OnlineUserService { + @Autowired + private ISysUserService sysUserService; + @Autowired + private RoleService roleService; private final RedisUtils redisUtils; public OnlineUserService(RedisUtils redisUtils) { @@ -191,4 +212,61 @@ public class OnlineUserService { } } } + @SneakyThrows + public Map login(Map paramMap){ + // 密码解密 - 前端的加密规则: encrypt + AuthUserDto authUser = JSON.toJavaObject((JSON) JSON.toJSON(paramMap), AuthUserDto.class); + String password = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey, authUser.getPassword()); + // 查询验证码 + String code = (String) redisUtils.get(authUser.getUuid()); + // 清除验证码 + redisUtils.del(authUser.getUuid()); + if (StrUtil.isEmpty(code)) { + throw new BadRequestException("验证码不存在或已过期"); + } + if (StrUtil.isEmpty(authUser.getCode()) || !authUser.getCode().equalsIgnoreCase(code)) { + throw new BadRequestException("验证码错误"); + } + // 校验数据库 + // 根据用户名查询,在比对密码 + SysUser userInfo = sysUserService.getOne(new QueryWrapper().eq("username",authUser.getUsername())); + String dbPassword = userInfo.getPassword(); + if (!dbPassword.equals(SaSecureUtil.md5BySalt(password, "salt"))) { // 这里需要密码加密 + throw new BadRequestException("账号或密码错误"); + } + + // 获取权限列表 - 登录查找权限 + List permissionList = roleService.getPermissionList((JSONObject) JSON.toJSON(userInfo)); + + + if (!userInfo.getIsUsed()) { + throw new BadRequestException("账号未激活"); + } + + // 登录输入,登出删除 + CurrentUser user = new CurrentUser(); + user.setId(userInfo.getUserId()); + user.setUsername(userInfo.getUsername()); + user.setPresonName((userInfo.getPersonName())); + user.setUser(userInfo); + user.setPermissions(permissionList); + + // SaLoginModel 配置登录相关参数 + StpUtil.login(userInfo.getUserId(), new SaLoginModel() + .setDevice("PC") // 此次登录的客户端设备类型, 用于[同端互斥登录]时指定此次登录的设备类型 + .setExtra("loginInfo", user) // Token挂载的扩展参数 (此方法只有在集成jwt插件时才会生效) + ); + + // 返回 token 与 用户信息 + JSONObject jsonObject = new JSONObject(); + jsonObject.put("roles", permissionList); + jsonObject.put("user", userInfo); + Map authInfo = new HashMap(2) {{ + put("token", "Bearer " + StpUtil.getTokenValue()); + put("user", user); + }}; + // 保存在线信息 +// onlineUserService.save(userDto, StpUtil.getTokenValue(), request); + return authInfo; + } } diff --git a/nladmin-system/nlsso-server/src/main/java/org/nl/system/service/user/dao/SysUser.java b/nladmin-system/nlsso-server/src/main/java/org/nl/system/service/user/dao/SysUser.java index 5fa7e27..09508bc 100644 --- a/nladmin-system/nlsso-server/src/main/java/org/nl/system/service/user/dao/SysUser.java +++ b/nladmin-system/nlsso-server/src/main/java/org/nl/system/service/user/dao/SysUser.java @@ -7,6 +7,7 @@ import lombok.Data; import lombok.EqualsAndHashCode; import java.io.Serializable; +import java.util.Date; /** *

@@ -72,22 +73,22 @@ public class SysUser implements Serializable { /** * 是否为admin账号 */ - private String isAdmin; + private Boolean isAdmin; /** * 是否启用 */ - private String isUsed; + private Boolean isUsed; /** * 密码重置者 */ - private String pwdResetUserId; + private Long pwdResetUserId; /** * 密码重置时间 */ - private String pwdResetTime; + private Date pwdResetTime; /** * 创建人标识 @@ -102,7 +103,7 @@ public class SysUser implements Serializable { /** * 创建时间 */ - private String createTime; + private Date createTime; /** * 修改人标识 @@ -117,7 +118,7 @@ public class SysUser implements Serializable { /** * 修改时间 */ - private String updateTime; + private Date updateTime; /** * 外部人员标识 diff --git a/nladmin-system/nlsso-server/src/main/java/org/nl/modules/security/service/dto/OnlineUserDto.java b/nladmin-system/nlsso-server/src/main/java/org/nl/system/service/user/dto/OnlineUserDto.java similarity index 96% rename from nladmin-system/nlsso-server/src/main/java/org/nl/modules/security/service/dto/OnlineUserDto.java rename to nladmin-system/nlsso-server/src/main/java/org/nl/system/service/user/dto/OnlineUserDto.java index e5468d6..18eccae 100644 --- a/nladmin-system/nlsso-server/src/main/java/org/nl/modules/security/service/dto/OnlineUserDto.java +++ b/nladmin-system/nlsso-server/src/main/java/org/nl/system/service/user/dto/OnlineUserDto.java @@ -13,7 +13,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package org.nl.modules.security.service.dto; +package org.nl.system.service.user.dto; import lombok.AllArgsConstructor; import lombok.Data;