登入

nladmin-system/nlsso-server/src/main/java/org/nl/common/utils/DesUtil.java

@@ -1,4 +1,4 @@
-package org.nl.modules.security.rest;
+package org.nl.common.utils;
 
 //
 // Source code recreated from a .class file by IntelliJ IDEA

nladmin-system/nlsso-server/src/main/java/org/nl/modules/common/utils/SecurityUtils.java

@@ -50,7 +50,7 @@ public class SecurityUtils {
      * @return 系统用户名称
      */
     public static String getCurrentNickName() {
-        return getCurrentUser().getPreson_name();
+        return getCurrentUser().getPresonName();
     }
 
     /**

nladmin-system/nlsso-server/src/main/java/org/nl/modules/common/utils/dto/CurrentUser.java

@@ -22,7 +22,7 @@ public class CurrentUser implements Serializable {
     //账号
     private String username;
     //姓名
-    private String preson_name;
+    private String presonName;
 
     //用户详细信息
     private SysUser user;

nladmin-system/nlsso-server/src/main/java/org/nl/modules/system/service/impl/ParamServiceImpl.java

@@ -82,8 +82,8 @@ public class ParamServiceImpl implements ParamService {
         dto.setId(IdUtil.simpleUUID());
         dto.setCreate_id(currentId);
         dto.setUpdate_optid(currentId);
-        dto.setCreate_name(currentUsername.getPreson_name());
+        dto.setCreate_name(currentUsername.getPresonName());
-        dto.setUpdate_optname(currentUsername.getPreson_name());
+        dto.setUpdate_optname(currentUsername.getPresonName());
         dto.setUpdate_time(now);
         dto.setCreate_time(now);
 

nladmin-system/nlsso-server/src/main/java/org/nl/system/controller/secutiry/AuthorizationController.java

@@ -13,35 +13,27 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  */
-package org.nl.modules.security.rest;
+package org.nl.system.controller.secutiry;
+
 
-import cn.dev33.satoken.secure.SaSecureUtil;
-import cn.dev33.satoken.stp.SaLoginModel;
 import cn.dev33.satoken.stp.StpUtil;
 import cn.hutool.core.util.IdUtil;
 import cn.hutool.core.util.ObjectUtil;
-import cn.hutool.core.util.StrUtil;
 import com.alibaba.fastjson.JSONObject;
 import com.wf.captcha.base.Captcha;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
-import org.nl.modules.common.config.RsaProperties;
-import org.nl.modules.common.exception.BadRequestException;
 import org.nl.modules.common.utils.RedisUtils;
-import org.nl.modules.common.utils.RsaUtils;
 import org.nl.modules.common.utils.SecurityUtils;
 import org.nl.modules.common.utils.dto.CurrentUser;
 import org.nl.modules.security.config.bean.LoginCodeEnum;
 import org.nl.modules.security.config.bean.LoginProperties;
-import org.nl.modules.security.service.OnlineUserService;
+import org.nl.system.service.secutiry.impl.OnlineUserService;
-import org.nl.modules.security.service.dto.AuthUserDto;
 import org.nl.modules.system.service.RoleService;
-import org.nl.modules.system.service.dto.UserDto;
 import org.nl.modules.wql.core.bean.WQLObject;
 import org.nl.system.service.user.ISysUserService;
-import org.springframework.http.HttpEntity;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.validation.annotation.Validated;
@@ -49,7 +41,6 @@ import org.springframework.web.bind.annotation.*;
 
 import javax.annotation.Resource;
 import javax.servlet.http.HttpServletRequest;
-import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@@ -76,72 +67,13 @@ public class AuthorizationController {
 
     @ApiOperation("登录授权")
     @PostMapping(value = "/login")
-    public ResponseEntity<Object> login(@Validated @RequestBody AuthUserDto authUser, HttpServletRequest request) throws Exception {
+    public ResponseEntity<Object> login(@RequestBody Map authMap) throws Exception {
-        // 密码解密 - 前端的加密规则: encrypt
+        if (ObjectUtil.isEmpty(authMap)){
-        String password = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey, authUser.getPassword());
+          return   ResponseEntity.noContent().build();
-        // 查询验证码
-        String code = (String) redisUtils.get(authUser.getUuid());
-        // 清除验证码
-        redisUtils.del(authUser.getUuid());
-        if (StrUtil.isEmpty(code)) {
-            throw new BadRequestException("验证码不存在或已过期");
         }
-        if (StrUtil.isEmpty(authUser.getCode()) || !authUser.getCode().equalsIgnoreCase(code)) {
+        return ResponseEntity.ok(onlineUserService.login(authMap));
-            throw new BadRequestException("验证码错误");
-        }
-        // 校验数据库
-        // 根据用户名查询，在比对密码
-
-
-        JSONObject userInfo = WQLObject.getWQLObject("sys_user").query("username = '" + authUser.getUsername() + "'").uniqueResult(0);
-
-        String password1 = userInfo.getString("password");
-        if (!password1.equals(SaSecureUtil.md5BySalt(password, "salt"))) { // 这里需要密码加密
-            throw new BadRequestException("账号或密码错误");
-        }
-
-        // 获取权限列表 - 登录查找权限
-        List<String> permissionList = roleService.getPermissionList(userInfo);
-
-        // 判断是否被锁
-        String is_used = userInfo.getString("is_used");
-
-        if (!StrUtil.equals(is_used, "1")) throw new BadRequestException("账号未激活");
-
-        // 登录输入，登出删除
-        CurrentUser user = new CurrentUser();
-        user.setId(userInfo.getLong("user_id"));
-        user.setUsername(userInfo.getString("username"));
-        user.setPreson_name((userInfo.getString("person_name")));
-        user.setUser(userService.getById(userInfo.getLong("user_id")));
-        user.setPermissions(permissionList);
-
-        // SaLoginModel 配置登录相关参数
-        StpUtil.login(userInfo.getLong("user_id"), new SaLoginModel()
-                .setDevice("PC")                // 此次登录的客户端设备类型, 用于[同端互斥登录]时指定此次登录的设备类型
-                .setExtra("loginInfo", user)    // Token挂载的扩展参数 （此方法只有在集成jwt插件时才会生效）
-        );
-
-        // 返回 token 与 用户信息
-        JSONObject jsonObject = new JSONObject();
-        jsonObject.put("roles", permissionList);
-        jsonObject.put("user", userInfo);
-        Map<String, Object> authInfo = new HashMap<String, Object>(2) {{
-            put("token", "Bearer " + StpUtil.getTokenValue());
-            put("user", user);
-        }};
-        // 保存在线信息
-//        onlineUserService.save(userDto, StpUtil.getTokenValue(), request);
-        return ResponseEntity.ok(authInfo);
     }
 
-    private UserDto getById(Long user_id) {
-        WQLObject userTab = WQLObject.getWQLObject("sys_user");
-        JSONObject user = userTab.query("user_id = '" + user_id + "'").uniqueResult(0);
-        UserDto userDto = user.toJavaObject(UserDto.class);
-        return userDto;
-
-    }
 
     @ApiOperation("获取用户信息")
     @GetMapping(value = "/info")
@@ -191,7 +123,6 @@ public class AuthorizationController {
         if (ObjectUtil.isNotEmpty(StpUtil.getTokenValue())) {
             onlineUserService.logout(StpUtil.getTokenValue());
         }
-
         StpUtil.logout();
         return new ResponseEntity<>(HttpStatus.OK);
     }

nladmin-system/nlsso-server/src/main/java/org/nl/system/controller/user/OnlineController.java

@@ -13,13 +13,13 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  */
-package org.nl.modules.security.rest;
+package org.nl.system.controller.user;
 
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.RequiredArgsConstructor;
 import org.nl.modules.common.utils.EncryptUtils;
-import org.nl.modules.security.service.OnlineUserService;
+import org.nl.system.service.secutiry.impl.OnlineUserService;
 import org.springframework.data.domain.Pageable;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;

nladmin-system/nlsso-server/src/main/java/org/nl/system/service/secutiry/dto/AuthUserDto.java

@@ -13,7 +13,7 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  */
-package org.nl.modules.security.service.dto;
+package org.nl.system.service.secutiry.dto;
 
 import lombok.Getter;
 import lombok.Setter;

nladmin-system/nlsso-server/src/main/java/org/nl/system/service/secutiry/impl/OnlineUserService.java

@@ -13,14 +13,31 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  */
-package org.nl.modules.security.service;
+package org.nl.system.service.secutiry.impl;
 
+import cn.dev33.satoken.secure.SaSecureUtil;
+import cn.dev33.satoken.stp.SaLoginModel;
 import cn.dev33.satoken.stp.StpUtil;
 import cn.hutool.core.util.StrUtil;
+import com.alibaba.fastjson.JSON;
+import com.alibaba.fastjson.JSONObject;
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.baomidou.mybatisplus.extension.conditions.query.LambdaQueryChainWrapper;
+import lombok.SneakyThrows;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.poi.ss.formula.functions.T;
+import org.nl.modules.common.config.RsaProperties;
+import org.nl.modules.common.exception.BadRequestException;
 import org.nl.modules.common.utils.*;
-import org.nl.modules.security.service.dto.OnlineUserDto;
+import org.nl.modules.common.utils.dto.CurrentUser;
+import org.nl.modules.system.service.RoleService;
 import org.nl.modules.system.service.dto.UserDto;
+import org.nl.modules.wql.core.bean.WQLObject;
+import org.nl.system.service.secutiry.dto.AuthUserDto;
+import org.nl.system.service.user.ISysUserService;
+import org.nl.system.service.user.dao.SysUser;
+import org.nl.system.service.user.dto.OnlineUserDto;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.domain.Pageable;
 import org.springframework.scheduling.annotation.Async;
 import org.springframework.stereotype.Service;
@@ -38,6 +55,10 @@ import java.util.*;
 @Slf4j
 public class OnlineUserService {
 
+    @Autowired
+    private ISysUserService sysUserService;
+    @Autowired
+    private RoleService roleService;
     private final RedisUtils redisUtils;
 
     public OnlineUserService(RedisUtils redisUtils) {
@@ -191,4 +212,61 @@ public class OnlineUserService {
             }
         }
     }
+    @SneakyThrows
+    public Map<String, Object>  login(Map paramMap){
+        // 密码解密 - 前端的加密规则: encrypt
+        AuthUserDto authUser = JSON.toJavaObject((JSON) JSON.toJSON(paramMap), AuthUserDto.class);
+        String password = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey, authUser.getPassword());
+        // 查询验证码
+        String code = (String) redisUtils.get(authUser.getUuid());
+        // 清除验证码
+        redisUtils.del(authUser.getUuid());
+        if (StrUtil.isEmpty(code)) {
+            throw new BadRequestException("验证码不存在或已过期");
+        }
+        if (StrUtil.isEmpty(authUser.getCode()) || !authUser.getCode().equalsIgnoreCase(code)) {
+            throw new BadRequestException("验证码错误");
+        }
+        // 校验数据库
+        // 根据用户名查询，在比对密码
+        SysUser userInfo = sysUserService.getOne(new QueryWrapper<SysUser>().eq("username",authUser.getUsername()));
+        String dbPassword = userInfo.getPassword();
+        if (!dbPassword.equals(SaSecureUtil.md5BySalt(password, "salt"))) { // 这里需要密码加密
+            throw new BadRequestException("账号或密码错误");
+        }
+
+        // 获取权限列表 - 登录查找权限
+        List<String> permissionList = roleService.getPermissionList((JSONObject) JSON.toJSON(userInfo));
+
+
+        if (!userInfo.getIsUsed()) {
+            throw new BadRequestException("账号未激活");
+        }
+
+        // 登录输入，登出删除
+        CurrentUser user = new CurrentUser();
+        user.setId(userInfo.getUserId());
+        user.setUsername(userInfo.getUsername());
+        user.setPresonName((userInfo.getPersonName()));
+        user.setUser(userInfo);
+        user.setPermissions(permissionList);
+
+        // SaLoginModel 配置登录相关参数
+        StpUtil.login(userInfo.getUserId(), new SaLoginModel()
+                .setDevice("PC")                // 此次登录的客户端设备类型, 用于[同端互斥登录]时指定此次登录的设备类型
+                .setExtra("loginInfo", user)    // Token挂载的扩展参数 （此方法只有在集成jwt插件时才会生效）
+        );
+
+        // 返回 token 与 用户信息
+        JSONObject jsonObject = new JSONObject();
+        jsonObject.put("roles", permissionList);
+        jsonObject.put("user", userInfo);
+        Map<String, Object> authInfo = new HashMap<String, Object>(2) {{
+            put("token", "Bearer " + StpUtil.getTokenValue());
+            put("user", user);
+        }};
+        // 保存在线信息
+//        onlineUserService.save(userDto, StpUtil.getTokenValue(), request);
+        return authInfo;
+    }
 }

nladmin-system/nlsso-server/src/main/java/org/nl/system/service/user/dao/SysUser.java

@@ -7,6 +7,7 @@ import lombok.Data;
 import lombok.EqualsAndHashCode;
 
 import java.io.Serializable;
+import java.util.Date;
 
 /**
  * <p>
@@ -72,22 +73,22 @@ public class SysUser implements Serializable {
     /**
      * 是否为admin账号
      */
-    private String isAdmin;
+    private Boolean isAdmin;
 
     /**
      * 是否启用
      */
-    private String isUsed;
+    private Boolean isUsed;
 
     /**
      * 密码重置者
      */
-    private String pwdResetUserId;
+    private Long pwdResetUserId;
 
     /**
      * 密码重置时间
      */
-    private String pwdResetTime;
+    private Date pwdResetTime;
 
     /**
      * 创建人标识
@@ -102,7 +103,7 @@ public class SysUser implements Serializable {
     /**
      * 创建时间
      */
-    private String createTime;
+    private Date createTime;
 
     /**
      * 修改人标识
@@ -117,7 +118,7 @@ public class SysUser implements Serializable {
     /**
      * 修改时间
      */
-    private String updateTime;
+    private Date updateTime;
 
     /**
      * 外部人员标识

nladmin-system/nlsso-server/src/main/java/org/nl/system/service/user/dto/OnlineUserDto.java

@@ -13,7 +13,7 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  */
-package org.nl.modules.security.service.dto;
+package org.nl.system.service.user.dto;
 
 import lombok.AllArgsConstructor;
 import lombok.Data;