server/company/src/main/java/com/doumee/api/system/SystemController.java
@@ -8,6 +8,7 @@ import com.doumee.core.model.LoginUserInfo; import com.doumee.core.utils.Constants; import com.doumee.dao.system.dto.LoginDTO; import com.doumee.dao.system.dto.LoginPhoneDTO; import com.doumee.dao.system.dto.UpdatePwdDto; import com.doumee.dao.system.dto.WebLoginDTO; import com.doumee.service.system.SystemLoginService; @@ -49,14 +50,13 @@ } @PreventRepeat(limit = 10, lockTime = 10000) @ApiOperation("ç»å½ - H5") @PostMapping("/loginH5") public ApiResponse<String> loginH5 (@Validated @RequestBody WebLoginDTO dto, HttpServletRequest request) { LoginDTO loginDTO = new LoginDTO(); BeanUtils.copyProperties(dto,loginDTO); return ApiResponse.success(systemLoginService.loginByPassword(loginDTO, Constants.TWO, request)); @ApiOperation("çä¿¡éªè¯ç ç»å½") @PostMapping("/loginByPhone") public ApiResponse<String> loginByPhone (@Validated @RequestBody LoginPhoneDTO dto, HttpServletRequest request) { return ApiResponse.success(systemLoginService.loginByPhone(dto, Constants.ZERO, request)); } @ApiOperation("éåºç»å½") @PostMapping("/logout") public ApiResponse logout () { server/company/src/main/java/com/doumee/config/shiro/ShiroAuthFilter.java
ÎļþÒÑɾ³ý server/company/src/main/java/com/doumee/config/shiro/ShiroCache.java
ÎļþÒÑɾ³ý server/company/src/main/java/com/doumee/config/shiro/ShiroConfig.java
ÎļþÒÑɾ³ý server/company/src/main/java/com/doumee/config/shiro/ShiroSessionDAO.java
ÎļþÒÑɾ³ý server/company/src/main/java/com/doumee/config/shiro/ShiroSessionManager.java
ÎļþÒÑɾ³ý server/company/src/main/java/com/doumee/config/shiro/ShiroToken.java
ÎļþÒÑɾ³ý server/platform/src/main/java/com/doumee/api/business/SmsEmailController.java
@@ -37,6 +37,13 @@ public ApiResponse create(@RequestBody SmsEmail smsEmail) { return ApiResponse.success(smsEmailService.create(smsEmail)); } @PreventRepeat @ApiOperation("åéçä¿¡éªè¯ç ") @PostMapping("/sendSms") // @RequiresPermissions("business:smsemail:sendSms") public ApiResponse sendSms(@RequestBody SmsEmail smsEmail) { return ApiResponse.success(smsEmailService.sendSms(smsEmail)); } @ApiOperation("æ ¹æ®IDå é¤") @GetMapping("/delete/{id}") server/platform/src/main/java/com/doumee/api/system/SystemController.java
@@ -8,6 +8,7 @@ import com.doumee.core.model.LoginUserInfo; import com.doumee.core.utils.Constants; import com.doumee.dao.system.dto.LoginDTO; import com.doumee.dao.system.dto.LoginPhoneDTO; import com.doumee.dao.system.dto.UpdatePwdDto; import com.doumee.service.system.SystemLoginService; import io.swagger.annotations.Api; @@ -45,6 +46,12 @@ public ApiResponse<String> login (@Validated @RequestBody LoginDTO dto, HttpServletRequest request) { return ApiResponse.success(systemLoginService.loginByPassword(dto, Constants.ZERO, request)); } @PreventRepeat(limit = 10, lockTime = 10000) @ApiOperation("çä¿¡éªè¯ç ç»å½") @PostMapping("/loginByPhone") public ApiResponse<String> loginByPhone (@Validated @RequestBody LoginPhoneDTO dto, HttpServletRequest request) { return ApiResponse.success(systemLoginService.loginByPhone(dto, Constants.ZERO, request)); } @ApiOperation("éåºç»å½") @PostMapping("/logout") server/platform/src/main/java/com/doumee/shiro/ShiroCacheManager.java
ÎļþÒÑɾ³ý server/platform/src/main/java/com/doumee/shiro/ShiroCredentialsMatcher.java
ÎļþÒÑɾ³ý server/platform/src/main/java/com/doumee/shiro/ShiroRealm.java
ÎļþÒÑɾ³ý server/platform/src/main/java/com/doumee/shiro/ShiroSessionSerializer.java
ÎļþÒÑɾ³ý server/platform/src/main/java/com/doumee/shiro/ShiroToken.java
ÎļþÒÑɾ³ý server/platform/src/main/java/com/doumee/shiro/ShiroTokenManager.java
ÎļþÒÑɾ³ý server/service/src/main/java/com/doumee/config/shiro/ShiroAuthFilter.java
ÎļþÃû´Ó server/platform/src/main/java/com/doumee/shiro/ShiroAuthFilter.java ÐÞ¸Ä @@ -1,4 +1,4 @@ package com.doumee.shiro; package com.doumee.config.shiro; import com.alibaba.fastjson.JSON; import com.doumee.core.model.ApiResponse; server/service/src/main/java/com/doumee/config/shiro/ShiroCache.java
ÎļþÃû´Ó server/platform/src/main/java/com/doumee/shiro/ShiroCache.java ÐÞ¸Ä @@ -1,4 +1,4 @@ package com.doumee.shiro; package com.doumee.config.shiro; import lombok.extern.slf4j.Slf4j; import org.apache.shiro.cache.Cache; server/service/src/main/java/com/doumee/config/shiro/ShiroCacheManager.java
server/service/src/main/java/com/doumee/config/shiro/ShiroConfig.java
ÎļþÃû´Ó server/platform/src/main/java/com/doumee/shiro/ShiroConfig.java ÐÞ¸Ä @@ -1,4 +1,4 @@ package com.doumee.shiro; package com.doumee.config.shiro; import org.apache.shiro.mgt.SecurityManager; import org.apache.shiro.session.mgt.SessionManager; @@ -91,6 +91,7 @@ map.put("/system/login", "anon"); map.put("/system/logout", "anon"); map.put("/common/captcha", "anon"); map.put("/business/smsEmail/sendSms", "anon"); map.put("/business/areas/*", "anon"); // - æ¾è¡swagger map.put("/doc.html", "anon"); server/service/src/main/java/com/doumee/config/shiro/ShiroCredentialsMatcher.java
ÎļþÃû´Ó server/company/src/main/java/com/doumee/config/shiro/ShiroCredentialsMatcher.java ÐÞ¸Ä @@ -24,7 +24,7 @@ @Override public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) { UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) token; ShiroToken usernamePasswordToken = (ShiroToken) token; SystemUser queryUserDto = new SystemUser(); queryUserDto.setUsername(usernamePasswordToken.getUsername()); queryUserDto.setDeleted(Boolean.FALSE); @@ -32,12 +32,9 @@ if (systemUser == null) { return Boolean.FALSE; } // if(usernamePasswordToken.getDdLogin()){ // return Boolean.TRUE; // } // if(usernamePasswordToken.getWxLogin()){ // return Boolean.TRUE; // } if(!usernamePasswordToken.isNeedPassword()){ return Boolean.TRUE; } // å å¯å¯ç String pwd = Utils.Secure.encryptPassword(new String(usernamePasswordToken.getPassword()), systemUser.getSalt()); // æ¯è¾å¯ç server/service/src/main/java/com/doumee/config/shiro/ShiroRealm.java
ÎļþÃû´Ó server/company/src/main/java/com/doumee/config/shiro/ShiroRealm.java ÐÞ¸Ä @@ -4,12 +4,13 @@ import com.doumee.core.exception.BusinessException; import com.doumee.core.model.LoginUserInfo; import com.doumee.core.utils.Constants; import com.doumee.core.utils.DateUtil; import com.doumee.dao.business.model.Company; import com.doumee.dao.business.model.CompanyPermission; import com.doumee.dao.system.model.SystemPermission; import com.doumee.dao.system.model.SystemRole; import com.doumee.dao.system.model.SystemUser; import com.doumee.service.business.CompanyService; import com.doumee.service.business.CompanyPermissionService; import com.doumee.service.business.impl.CompanyServiceImpl; import com.doumee.service.system.SystemDataPermissionService; import com.doumee.service.system.SystemPermissionService; import com.doumee.service.system.SystemRoleService; @@ -26,7 +27,7 @@ import org.springframework.context.annotation.Lazy; import org.springframework.stereotype.Component; import java.util.Date; import java.util.ArrayList; import java.util.List; /** @@ -43,6 +44,12 @@ @Lazy @Autowired private SystemUserService systemUserService; @Lazy @Autowired private CompanyPermissionService companyPermissionService; @Lazy @Autowired private CompanyServiceImpl companyService; @Lazy @Autowired @@ -51,10 +58,6 @@ @Lazy @Autowired private SystemPermissionService systemPermissionService; @Lazy @Autowired private CompanyService companyService; /** * æéå¤ç @@ -77,34 +80,53 @@ * @date 2022/03/15 09:54 */ @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException{ protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { // è·åç¨æ·å ShiroToken authenticationToken = (ShiroToken)token; String username = authenticationToken.getPrincipal().toString(); // æ ¹æ®ç¨æ·åæ¥è¯¢ç¨æ·å¯¹è±¡ SystemUser queryDto = new SystemUser(); if(authenticationToken.isNeedPassword()){ //è´¦å·å¯ç ç»å½ queryDto.setUsername(username); }else{ //ææºå·éªè¯ç ç»å½ queryDto.setMobile(username); } queryDto.setType(authenticationToken.getUserType()); queryDto.setDeleted(Boolean.FALSE); SystemUser user = systemUserService.findOne(queryDto); if(user == null){ throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对ä¸èµ·ï¼è´¦å·æå¯ç ä¸æ£ç¡®ï¼"); } if(!Constants.equalsInteger(user.getType(),Constants.UserType.COMPANY.getKey())){ throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对ä¸èµ·ï¼éä¼ä¸è´¦æ·èº«ä»½ï¼æ æ³ç»å½è¯¥å¹³å°ï¼ï¼"); throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对ä¸èµ·ï¼è´¦å·ä¿¡æ¯ä¸æ£ç¡®ï¼"); } if(!Constants.equalsInteger(user.getStatus(),Constants.ZERO)){ throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对ä¸èµ·ï¼è´¦å·ä¿¡æ¯å·²è¢«ç¦ç¨ï¼å¦æçé®è¯·è系系ç»ç®¡çåï¼"); } if(!user.getType().equals(Constants.UserType.SYSTEM)){ Company company = companyService.findById(user.getCompanyId()); if(company.getStatus().equals(Constants.ONE)){ throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对ä¸èµ·ï¼ä¼ä¸ä¿¡æ¯å·²è¢«ç¦ç¨ï¼å¦æçé®è¯·è系系ç»ç®¡çåï¼"); } user.setCompany(company); } // è·åç»å½ç¨æ·ä¿¡æ¯ List<SystemRole> roles = systemRoleService.findByUserId(user.getId()); List<SystemPermission> permissions = systemPermissionService.findByUserId(user.getId()); LoginUserInfo userInfo = LoginUserInfo.from(user, roles, permissions); if(authenticationToken.getUserType() == 0){ CompanyPermission c = new CompanyPermission(); c.setUserId(user.getId()); c.setIsdeleted(Constants.ZERO); List<CompanyPermission> pList = companyPermissionService.findList(c); if(pList!=null){ for (CompanyPermission cc : pList){ if(user.getCompanyIdList() == null){ user.setCompanyIdList(new ArrayList<>()); } user.getCompanyIdList().add(cc.getCompanyId()); } } }else{ Company company = companyService.findById(user.getCompanyId()); if(company == null){ throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对ä¸èµ·ï¼ä¼ä¸è´¦å·ä¿¡æ¯ä¸æ£ç¡®ï¼"); } user.setCompany(company); } // éªè¯ç¨æ· return new SimpleAuthenticationInfo(userInfo, user.getPassword(), this.getName()); } server/service/src/main/java/com/doumee/config/shiro/ShiroRedisSessionDAO.java
ÎļþÃû´Ó server/platform/src/main/java/com/doumee/shiro/ShiroRedisSessionDAO.java ÐÞ¸Ä @@ -1,4 +1,4 @@ package com.doumee.shiro; package com.doumee.config.shiro; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang.SerializationUtils; server/service/src/main/java/com/doumee/config/shiro/ShiroSessionDAO.java
ÎļþÃû´Ó server/platform/src/main/java/com/doumee/shiro/ShiroSessionDAO.java ÐÞ¸Ä @@ -1,4 +1,4 @@ package com.doumee.shiro; package com.doumee.config.shiro; import lombok.Data; import lombok.extern.slf4j.Slf4j; server/service/src/main/java/com/doumee/config/shiro/ShiroSessionManager.java
ÎļþÃû´Ó server/platform/src/main/java/com/doumee/shiro/ShiroSessionManager.java ÐÞ¸Ä @@ -1,4 +1,4 @@ package com.doumee.shiro; package com.doumee.config.shiro; import lombok.extern.slf4j.Slf4j; import org.apache.shiro.session.Session; server/service/src/main/java/com/doumee/config/shiro/ShiroSessionSerializer.java
server/service/src/main/java/com/doumee/config/shiro/ShiroToken.java
¶Ô±ÈÐÂÎļþ @@ -0,0 +1,42 @@ package com.doumee.config.shiro; import org.apache.shiro.authc.UsernamePasswordToken; /** * èªå®ä¹Token ï¼å¤ç认è¯åæé * @author Eva.Caesar Liu * @date 2022/04/18 18:12 */ //@Component public class ShiroToken extends UsernamePasswordToken { /** * å ¬å¸ID */ boolean needPassword; int userType; public ShiroToken() { } public ShiroToken( String username, String password, boolean needPassword,int userType) { super(username, password, false, (String)null); this.needPassword = needPassword; this.userType = userType; } public boolean isNeedPassword() { return needPassword; } public void setNeedPassword(boolean needPassword) { this.needPassword = needPassword; } public int getUserType() { return userType; } public void setUserType(int userType) { this.userType = userType; } } server/service/src/main/java/com/doumee/config/shiro/ShiroTokenManager.java
server/service/src/main/java/com/doumee/dao/system/dto/LoginPhoneDTO.java
¶Ô±ÈÐÂÎļþ @@ -0,0 +1,25 @@ package com.doumee.dao.system.dto; import io.swagger.annotations.ApiModel; import io.swagger.annotations.ApiModelProperty; import lombok.Data; import javax.validation.constraints.NotBlank; import java.io.Serializable; /** * @author Eva.Caesar Liu * @date 2023/02/14 11:14 */ @Data @ApiModel("ææºå·ç»å½åæ°") public class LoginPhoneDTO implements Serializable { @NotBlank(message = "ææºå·ä¸è½ä¸ºç©º") @ApiModelProperty(value = "ææºå·") private String phone; @NotBlank(message = "éªè¯ç ä¸è½ä¸ºç©º") @ApiModelProperty(value = "éªè¯ç ") private String code; } server/service/src/main/java/com/doumee/service/business/impl/CompanyServiceImpl.java
@@ -25,6 +25,7 @@ import org.apache.commons.lang3.StringUtils; import org.apache.shiro.SecurityUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.scheduling.annotation.Async; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; @@ -43,6 +44,8 @@ @Service public class CompanyServiceImpl implements CompanyService { @Value("${debug_model}") private boolean debugModel; @Autowired private CompanyMapper companyMapper; @Autowired @@ -221,8 +224,11 @@ ||StringUtils.isBlank(company.getEmail())){ throw new BusinessException(ResponseStatus.BAD_REQUEST); } if(!debugModel){ //ææºéªè¯ç æ ¡éª SmsEmailServiceImpl.isCaptcheValide(smsEmailMapper,company.getPhone(),company.getCaptche()); } }
@@ -17,6 +17,7 @@ import com.doumee.service.business.third.EmayService; import org.apache.commons.lang3.StringUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Service; import org.springframework.util.CollectionUtils; @@ -81,6 +82,7 @@ smsEmail.setTitle("çä¿¡éªè¯ç "); smsEmail.setContent(systemDictDataBiz.queryByCode(Constants.SMS,Constants.SMS_COMNAME).getCode()+"éªè¯ç 为ï¼"+code+"ï¼æ¤éªè¯ç ææ为3åéã请å¿æ³é²"); smsEmailMapper.insert(smsEmail); return smsEmail.getId(); }
@@ -1,6 +1,7 @@ package com.doumee.service.system; import com.doumee.dao.system.dto.LoginDTO; import com.doumee.dao.system.dto.LoginPhoneDTO; import javax.servlet.http.HttpServletRequest; @@ -17,4 +18,5 @@ * @date 2023/03/21 14:49 */ String loginByPassword (LoginDTO dto,int type, HttpServletRequest request); String loginByPhone (LoginPhoneDTO dto, int type, HttpServletRequest request); } server/service/src/main/java/com/doumee/service/system/impl/SystemLoginServiceImpl.java
@@ -1,13 +1,17 @@ package com.doumee.service.system.impl; import com.baomidou.mybatisplus.extension.api.R; import com.doumee.config.shiro.ShiroToken; import com.doumee.core.constants.ResponseStatus; import com.doumee.core.exception.BusinessException; import com.doumee.core.model.LoginUserInfo; import com.doumee.core.utils.Constants; import com.doumee.core.utils.Utils; import com.doumee.dao.business.SmsEmailMapper; import com.doumee.dao.system.dto.LoginDTO; import com.doumee.dao.system.dto.LoginPhoneDTO; import com.doumee.dao.system.model.SystemLoginLog; import com.doumee.service.business.impl.SmsEmailServiceImpl; import com.doumee.service.common.CaptchaService; import com.doumee.service.system.SystemLoginLogService; import com.doumee.service.system.SystemLoginService; @@ -30,9 +34,10 @@ @Value("${project.version}") private String systemVersion; @Value("${captcha_check}") private boolean captchaCheck; @Value("${debug_model}") private Boolean debugModel; @Autowired private SmsEmailMapper smsEmailMapper; @Autowired private CaptchaService captchaService; @@ -52,10 +57,51 @@ loginLog.setOsInfo(Utils.User_Client.getOS(request)); loginLog.setServerIp(Utils.Server.getIP()); // æ ¡éªéªè¯ç try { if(debugModel){ captchaService.check(dto.getUuid(), dto.getCode()); } } catch (Exception e) { log.error(e.getMessage(), e); loginLog.setReason(e.getMessage().length() > 200 ? (e.getMessage().substring(0, 190) + "...") : e.getMessage()); loginLog.setSuccess(Boolean.FALSE); systemLoginLogService.create(loginLog); throw e; } // æ ¡éªç¨æ·ååå¯ç Subject subject = SecurityUtils.getSubject(); ShiroToken token = new ShiroToken(dto.getUsername(), dto.getPassword(),true,Constants.ZERO); try { subject.login(token); loginLog.setUserId(((LoginUserInfo)subject.getPrincipal()).getId()); loginLog.setSuccess(Boolean.TRUE); systemLoginLogService.create(loginLog); return (String)subject.getSession().getId(); } catch (AuthenticationException e) { log.error(ResponseStatus.ACCOUNT_INCORRECT.getMessage(), e); loginLog.setReason(e.getMessage().length() > 200 ? (e.getMessage().substring(0, 190) + "...") : e.getMessage()); loginLog.setSuccess(Boolean.FALSE); systemLoginLogService.create(loginLog); throw new BusinessException(ResponseStatus.ACCOUNT_INCORRECT.getCode(), Objects.isNull(e.getCause())?ResponseStatus.ACCOUNT_INCORRECT.getMessage():e.getCause().getMessage()); } } @Override public String loginByPhone (LoginPhoneDTO dto, int type, HttpServletRequest request) { SystemLoginLog loginLog = new SystemLoginLog(); loginLog.setLoginUsername(dto.getPhone()); loginLog.setLoginTime(new Date()); loginLog.setSystemVersion(systemVersion); loginLog.setIp(Utils.User_Client.getIP(request)); loginLog.setLocation(Utils.Location.getLocationString(loginLog.getIp())); loginLog.setPlatform(Utils.User_Client.getPlatform(request)); loginLog.setClientInfo(Utils.User_Client.getBrowser(request)); loginLog.setOsInfo(Utils.User_Client.getOS(request)); loginLog.setServerIp(Utils.Server.getIP()); // æ ¡éªéªè¯ç if(type!= Constants.TWO){ try { if(captchaCheck){ captchaService.check(dto.getUuid(), dto.getCode()); if(debugModel){ SmsEmailServiceImpl.isCaptcheValide(smsEmailMapper,dto.getPhone(), dto.getCode()); } } catch (Exception e) { log.error(e.getMessage(), e); @@ -67,7 +113,7 @@ } // æ ¡éªç¨æ·ååå¯ç Subject subject = SecurityUtils.getSubject(); UsernamePasswordToken token = new UsernamePasswordToken(dto.getUsername(), dto.getPassword()); ShiroToken token = new ShiroToken(dto.getPhone(), null,false,Constants.ZERO); try { subject.login(token); loginLog.setUserId(((LoginUserInfo)subject.getPrincipal()).getId()); server/service/src/main/resources/application-dev.yml
@@ -39,7 +39,6 @@ debug_model: true captcha_check: false # Swaggeré ç½® swagger:
