From aaea4819b873c5ca7b9be1a87af173ee2015a12a Mon Sep 17 00:00:00 2001
From: jiangping <jp@doumee.com>
Date: 星期四, 25 一月 2024 14:52:24 +0800
Subject: [PATCH] 开发业务接口
---
server/service/src/main/java/com/doumee/config/shiro/ShiroSessionManager.java | 2
server/service/src/main/java/com/doumee/config/shiro/ShiroToken.java | 42 ++++++++
server/service/src/main/java/com/doumee/config/shiro/ShiroRealm.java | 62 ++++++++----
server/service/src/main/java/com/doumee/config/shiro/ShiroTokenManager.java | 0
server/service/src/main/java/com/doumee/service/business/impl/CompanyServiceImpl.java | 10 +
server/service/src/main/java/com/doumee/config/shiro/ShiroConfig.java | 3
server/service/src/main/java/com/doumee/service/business/impl/SmsEmailServiceImpl.java | 2
server/service/src/main/java/com/doumee/config/shiro/ShiroCache.java | 2
server/platform/src/main/java/com/doumee/api/business/SmsEmailController.java | 7 +
server/service/src/main/java/com/doumee/service/system/impl/SystemLoginServiceImpl.java | 58 ++++++++++-
server/service/src/main/java/com/doumee/config/shiro/ShiroCacheManager.java | 0
server/service/src/main/java/com/doumee/config/shiro/ShiroCredentialsMatcher.java | 11 -
/dev/null | 25 -----
server/service/src/main/java/com/doumee/config/shiro/ShiroSessionDAO.java | 2
server/service/src/main/java/com/doumee/service/system/SystemLoginService.java | 2
server/service/src/main/java/com/doumee/dao/system/dto/LoginPhoneDTO.java | 25 +++++
server/service/src/main/resources/application-dev.yml | 1
server/service/src/main/java/com/doumee/config/shiro/ShiroRedisSessionDAO.java | 2
server/service/src/main/java/com/doumee/config/shiro/ShiroSessionSerializer.java | 0
server/company/src/main/java/com/doumee/api/system/SystemController.java | 12 +-
server/platform/src/main/java/com/doumee/api/system/SystemController.java | 7 +
server/service/src/main/java/com/doumee/config/shiro/ShiroAuthFilter.java | 2
22 files changed, 204 insertions(+), 73 deletions(-)
diff --git a/server/company/src/main/java/com/doumee/api/system/SystemController.java b/server/company/src/main/java/com/doumee/api/system/SystemController.java
index 1f3c5e3..a65b2c8 100644
--- a/server/company/src/main/java/com/doumee/api/system/SystemController.java
+++ b/server/company/src/main/java/com/doumee/api/system/SystemController.java
@@ -8,6 +8,7 @@
import com.doumee.core.model.LoginUserInfo;
import com.doumee.core.utils.Constants;
import com.doumee.dao.system.dto.LoginDTO;
+import com.doumee.dao.system.dto.LoginPhoneDTO;
import com.doumee.dao.system.dto.UpdatePwdDto;
import com.doumee.dao.system.dto.WebLoginDTO;
import com.doumee.service.system.SystemLoginService;
@@ -49,14 +50,13 @@
}
@PreventRepeat(limit = 10, lockTime = 10000)
- @ApiOperation("鐧诲綍 - H5")
- @PostMapping("/loginH5")
- public ApiResponse<String> loginH5 (@Validated @RequestBody WebLoginDTO dto, HttpServletRequest request) {
- LoginDTO loginDTO = new LoginDTO();
- BeanUtils.copyProperties(dto,loginDTO);
- return ApiResponse.success(systemLoginService.loginByPassword(loginDTO, Constants.TWO, request));
+ @ApiOperation("鐭俊楠岃瘉鐮佺櫥褰�")
+ @PostMapping("/loginByPhone")
+ public ApiResponse<String> loginByPhone (@Validated @RequestBody LoginPhoneDTO dto, HttpServletRequest request) {
+ return ApiResponse.success(systemLoginService.loginByPhone(dto, Constants.ZERO, request));
}
+
@ApiOperation("閫�鍑虹櫥褰�")
@PostMapping("/logout")
public ApiResponse logout () {
diff --git a/server/company/src/main/java/com/doumee/config/shiro/ShiroAuthFilter.java b/server/company/src/main/java/com/doumee/config/shiro/ShiroAuthFilter.java
deleted file mode 100644
index 541d234..0000000
--- a/server/company/src/main/java/com/doumee/config/shiro/ShiroAuthFilter.java
+++ /dev/null
@@ -1,37 +0,0 @@
-package com.doumee.config.shiro;
-
-import com.alibaba.fastjson.JSON;
-import com.doumee.core.model.ApiResponse;
-import com.doumee.core.model.LoginUserInfo;
-import com.doumee.core.utils.Constants;
-import org.apache.shiro.cache.Cache;
-import org.apache.shiro.cache.MapCache;
-import org.apache.shiro.session.Session;
-import org.apache.shiro.session.mgt.DefaultSessionKey;
-import org.apache.shiro.session.mgt.SessionManager;
-import org.apache.shiro.subject.Subject;
-import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
-import org.springframework.http.HttpStatus;
-
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletResponse;
-import java.io.Serializable;
-import java.util.Deque;
-import java.util.LinkedList;
-
-/**
- * Shiro璁よ瘉杩囨护鍣紝澶勭悊鏈璇佹儏鍐电殑鍝嶅簲
- * @author Eva.Caesar Liu
- * @date 2023/04/17 12:11
- */
-public class ShiroAuthFilter extends FormAuthenticationFilter {
-
- @Override
- protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
- HttpServletResponse servletResponse = (HttpServletResponse) response;
- servletResponse.setHeader("content-type", "application/json;charset=UTF-8");
- servletResponse.getWriter().write(JSON.toJSONString(ApiResponse.failed(HttpStatus.UNAUTHORIZED.value(), "鏈櫥褰曟垨鐧诲綍淇℃伅宸茶繃鏈�")));
- return Boolean.FALSE;
- }
-}
diff --git a/server/company/src/main/java/com/doumee/config/shiro/ShiroCache.java b/server/company/src/main/java/com/doumee/config/shiro/ShiroCache.java
deleted file mode 100644
index 6fe6153..0000000
--- a/server/company/src/main/java/com/doumee/config/shiro/ShiroCache.java
+++ /dev/null
@@ -1,163 +0,0 @@
-package com.doumee.config.shiro;
-
-import lombok.extern.slf4j.Slf4j;
-import org.apache.shiro.cache.Cache;
-import org.apache.shiro.cache.CacheException;
-import org.apache.shiro.subject.PrincipalCollection;
-import org.apache.shiro.util.CollectionUtils;
-import org.springframework.context.annotation.Scope;
-import org.springframework.data.redis.core.RedisTemplate;
-import org.springframework.data.redis.serializer.SerializationException;
-import org.springframework.stereotype.Component;
-
-import javax.annotation.Resource;
-import java.io.Serializable;
-import java.lang.reflect.Method;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.Set;
-import java.util.concurrent.TimeUnit;
-
-/**
- * Shiro缂撳瓨
- * @author Eva.Caesar Liu
- * @date 2023/04/17 12:11
- */
-@Scope(value = "prototype")
-@Slf4j
-@Component
-public class ShiroCache implements Cache<Object, Serializable> {
-
- private String keyPrefix = "ProSelect";
-
- @Resource(name="sessionRedisTemplate")
- private RedisTemplate<Object, Serializable> redisTemplate;
-
- public ShiroCache () {
- log.debug("ShiroCache: new, keyPrefix = [" + keyPrefix + "]");
- }
-
- public ShiroCache(String keyPrefix) {
- log.debug("ShiroCache: new, keyPrefix = [" + keyPrefix + "]");
- this.keyPrefix = keyPrefix;
- }
-
- @Override
- public Serializable get(Object key) throws CacheException {
- if (key == null) {
- return null;
- }
- return redisTemplate.opsForValue().get(getKey(key));
- }
-
- @Override
- public Serializable put(Object key, Serializable value) throws CacheException {
- if (key == null) {
- return null;
- }
- redisTemplate.opsForValue().set(getKey(key), value);
- return value;
- }
-
- public Serializable put(Object key, Serializable value, int timeout) throws CacheException {
- if (key == null) {
- return null;
- }
- try {
- redisTemplate.opsForValue().set(getKey(key), value, timeout, TimeUnit.SECONDS);
- }catch (Exception e){
-
- }
- return value;
- }
-
- @Override
- public void clear() throws CacheException {
- Set<Object> keys = this.keys();
- redisTemplate.delete(keys);
- }
-
- @Override
- public int size() {
- return this.keys().size();
- }
-
- @Override
- public Set<Object> keys() {
- Set<Object> keys = redisTemplate.keys(keyPrefix + "*");
- if (CollectionUtils.isEmpty(keys)) {
- return Collections.emptySet();
- }
- return keys;
- }
-
- @Override
- public Collection<Serializable> values() {
- Collection<Serializable> values = new ArrayList<>();
- Set<Object> keys = this.keys();
- if (CollectionUtils.isEmpty(keys)) {
- return values;
- }
- for (Object k : keys) {
- values.add(redisTemplate.opsForValue().get(k));
- }
- return values;
- }
-
- @Override
- public Serializable remove(Object key) throws CacheException {
- if (key == null) {
- return null;
- }
- Serializable value = this.get(getKey(key));
- redisTemplate.delete(getKey(key));
- return value;
- }
-
- private Object getKey (Object key) {
- if (key instanceof PrincipalCollection) {
- return this.keyPrefix + getRedisKeyFromPrincipalIdField((PrincipalCollection)key);
- }
- return (key instanceof String ? (this.keyPrefix + key) : key);
- }
-
- /**
- * 鑾峰彇redis cache key
- */
- private String getRedisKeyFromPrincipalIdField(PrincipalCollection key) {
- Object principalObject = key.getPrimaryPrincipal();
- if (principalObject instanceof String) {
- return principalObject.toString();
- } else {
- Method pincipalIdGetter = this.getPrincipalIdGetter(principalObject);
- return this.getIdObj(principalObject, pincipalIdGetter);
- }
- }
-
- private Method getPrincipalIdGetter(Object principalObject) {
- Method pincipalIdGetter;
- String principalIdMethodName = this.getPrincipalIdMethodName();
-
- try {
- pincipalIdGetter = principalObject.getClass().getMethod(principalIdMethodName);
- return pincipalIdGetter;
- } catch (NoSuchMethodException e) {
- throw new SerializationException(e.getMessage(), e);
- }
- }
-
- private String getIdObj(Object principalObject, Method pincipalIdGetter) {
- try {
- Object idObj = pincipalIdGetter.invoke(principalObject);
- String redisKey = idObj.toString();
- return redisKey;
- } catch (Exception e) {
- throw new SerializationException(e.getMessage(), e);
- }
- }
-
- private String getPrincipalIdMethodName() {
- return "getId";
- }
-}
diff --git a/server/company/src/main/java/com/doumee/config/shiro/ShiroConfig.java b/server/company/src/main/java/com/doumee/config/shiro/ShiroConfig.java
deleted file mode 100644
index fdd05c9..0000000
--- a/server/company/src/main/java/com/doumee/config/shiro/ShiroConfig.java
+++ /dev/null
@@ -1,153 +0,0 @@
-package com.doumee.config.shiro;
-
-import org.apache.shiro.mgt.SecurityManager;
-import org.apache.shiro.session.mgt.SessionManager;
-import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
-import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
-import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
-import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.data.redis.connection.RedisConnectionFactory;
-import org.springframework.data.redis.core.RedisTemplate;
-import org.springframework.data.redis.serializer.StringRedisSerializer;
-
-import javax.servlet.Filter;
-import java.io.Serializable;
-import java.util.LinkedHashMap;
-import java.util.Map;
-
-/**
- * Shiro閰嶇疆
- * @author Eva.Caesar Liu
- * @date 2023/04/17 12:11
- */
-@Configuration
-public class ShiroConfig {
-
- @Value("${cache.session.expire}")
- private int sessionExpireTime;
-
- @Autowired
- private ShiroCredentialsMatcher shiroCredentialsMatcher;
-
- @Autowired
- private ShiroSessionDAO shiroSessionDAO;
-
- @Autowired
- private ShiroCacheManager shiroCacheManager;
-
- @Autowired
- private ShiroRealm shiroRealm;
-
- @Bean("sessionRedisTemplate")
- public RedisTemplate<Object, Serializable> sessionRedisTemplate(RedisConnectionFactory redisConnectionFactory) {
- RedisTemplate<Object, Serializable> redisTemplate = new RedisTemplate<>();
- redisTemplate.setConnectionFactory(redisConnectionFactory);
- // 榛樿搴忓垪鍖栨柟寮�
- redisTemplate.setDefaultSerializer(new StringRedisSerializer());
- // 鍊煎簭鍒楀寲鏂瑰紡
- ShiroSessionSerializer serializer = new ShiroSessionSerializer();
- redisTemplate.setValueSerializer(serializer);
- redisTemplate.setHashValueSerializer(serializer);
- redisTemplate.afterPropertiesSet();
- return redisTemplate;
- }
-
- @Bean
- public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
- DefaultAdvisorAutoProxyCreator autoProxyCreator = new DefaultAdvisorAutoProxyCreator();
- autoProxyCreator.setProxyTargetClass(true);
- return autoProxyCreator;
- }
-
- @Bean
- public SessionManager sessionManager() {
- ShiroSessionManager sessionManager = new ShiroSessionManager();
- sessionManager.setSessionDAO(shiroSessionDAO);
- sessionManager.setGlobalSessionTimeout(sessionExpireTime*1000);
- // 鍒犻櫎澶辨晥鐨剆ession
- sessionManager.setDeleteInvalidSessions(true);
- return sessionManager;
- }
-
- @Bean
- public SecurityManager securityManager() {
- DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
- securityManager.setRealm(shiroRealm);
- securityManager.setSessionManager(this.sessionManager());
- securityManager.setCacheManager(shiroCacheManager);
- return securityManager;
- }
-
- @Bean
- public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager) {
- ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
- shiroFilterFactoryBean.setSecurityManager(securityManager);
- Map<String, String> map = new LinkedHashMap<>();
- // 璺緞鎷︽埅閰嶇疆
- // 璺緞鎷︽埅閰嶇疆
-// map.put("/system/dictData/companyUserRules","anon");
-// map.put("/system/login", "anon");
-// map.put("/system/logout", "anon");
-// map.put("/common/captcha", "anon");
-// map.put("/business/areas/*", "anon");
-// map.put("/public/uploadPicture","anon");
-// map.put("/public/uploadLocal","anon");
-
- map.put("/system/dictData/companyUserRules","anon");
- map.put("/system/login", "anon");
- map.put("/system/logout", "anon");
- map.put("/system/loginH5", "anon");
- map.put("/common/captcha", "anon");
- map.put("/business/areas/*", "anon");
- map.put("/public/uploadPicture","anon");
- map.put("/public/uploadLocal","anon");
-
-
-// map.put("/business/company/register", "anon");
-// map.put("/business/labels/page","anon");
-// map.put("/business/*/list","anon");
-// map.put("/business/goods/goodsPage","anon");
-// map.put("/business/goods/h5Image","anon");
-// map.put("/business/goods/export","anon");
-// map.put("/business/goods/listForH5","anon");
-
-
- // - 鏀捐swagger
- map.put("/doc.html", "anon");
- map.put("/webjars/**", "anon");
- map.put("/swagger-resources/**", "anon");
- map.put("/v2/api-docs/**", "anon");
-
- // - 鍏朵粬鎺ュ彛缁熶竴鎷︽埅
- map.put("/**", "authc");
- shiroFilterFactoryBean.setFilterChainDefinitionMap(map);
- // 娣诲姞璁よ瘉杩囨护鍣�
- Map<String, Filter> filters = new LinkedHashMap<>();
- filters.put("authc", new ShiroAuthFilter());
- shiroFilterFactoryBean.setFilters(filters);
- return shiroFilterFactoryBean;
- }
-
- @Bean
- public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {
- AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
- authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
- return authorizationAttributeSourceAdvisor;
- }
-
- @Bean
- public ShiroSessionDAO getShiroSessionDAO () {
- shiroSessionDAO.setExpireTime(sessionExpireTime);
- return shiroSessionDAO;
- }
-
- @Bean
- public ShiroRealm getShiroRealm () {
- shiroRealm.setCredentialsMatcher(shiroCredentialsMatcher);
- return shiroRealm;
- }
-}
diff --git a/server/company/src/main/java/com/doumee/config/shiro/ShiroSessionDAO.java b/server/company/src/main/java/com/doumee/config/shiro/ShiroSessionDAO.java
deleted file mode 100644
index 1fe90bf..0000000
--- a/server/company/src/main/java/com/doumee/config/shiro/ShiroSessionDAO.java
+++ /dev/null
@@ -1,113 +0,0 @@
-package com.doumee.config.shiro;
-
-import lombok.Data;
-import lombok.extern.slf4j.Slf4j;
-import org.apache.shiro.session.Session;
-import org.apache.shiro.session.UnknownSessionException;
-import org.apache.shiro.session.mgt.SimpleSession;
-import org.apache.shiro.session.mgt.eis.SessionDAO;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Component;
-
-import java.io.Serializable;
-import java.util.Collection;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.Set;
-
-/**
- * 鑷畾涔塖hiro SessionDAO锛屽皢浼氳瘽淇℃伅瀛樺叆缂撳瓨涓�
- * @author Eva.Caesar Liu
- * @date 2023/04/17 12:11
- */
-@Data
-@Slf4j
-@Component
-public class ShiroSessionDAO implements SessionDAO {
-
- private static final String KEY_PREFIX = "shiro:session:";
-
- @Autowired
- private ShiroCache shiroCache;
-
- private int expireTime = 60 * 60 * 24;
-
- @Autowired
- private ShiroTokenManager shiroTokenManager;
-
- @Override
- public Serializable create(Session session) {
- if (session == null) {
- log.error("session is null");
- throw new UnknownSessionException("session is null");
- }
- Serializable sessionId = shiroTokenManager.build();
- ((SimpleSession)session).setId(sessionId);
- this.saveSession(session);
- return sessionId;
- }
-
- @Override
- public Session readSession(Serializable sessionId) throws UnknownSessionException{
- if (sessionId == null) {
- log.warn("session id is null");
- return null;
- }
- if (sessionId instanceof String) {
- // 瀵筍essionId杩涜楠岃瘉锛堝彲鐢ㄤ簬闃叉Session鎹曡幏銆佹毚鍔涙崟鎹夌瓑涓�绯诲垪瀹夊叏闂锛屾渶缁堝畨鍏ㄦ�у彇鍐充簬check濡備綍瀹炵幇锛�
- shiroTokenManager.check((String) sessionId);
- }
- log.debug("read session from cache");
- Session session = getSessionFromCache(sessionId);
- if (session == null) {
- throw new UnknownSessionException("There is no session with id [" + sessionId + "]");
- }
- return session;
- }
-
- @Override
- public void update(Session session) throws UnknownSessionException {
- this.saveSession(session);
- }
-
- @Override
- public void delete(Session session) {
- if (session != null && session.getId() != null) {
- shiroCache.remove(KEY_PREFIX + session.getId());
- }
- }
-
- @Override
- public Collection<Session> getActiveSessions() {
- Set<Session> sessions = new HashSet<>();
- Set<Object> keys = shiroCache.keys();
- if (keys != null && keys.size() > 0) {
- Iterator iter = keys.iterator();
- while(iter.hasNext()) {
- sessions.add((Session) shiroCache.get(iter.next()));
- }
- }
- return sessions;
- }
-
- private void saveSession(Session session) throws UnknownSessionException {
- if (session == null || session.getId() == null) {
- log.error("session or session id is null");
- throw new UnknownSessionException("session or session id is null");
- }
- shiroCache.put(KEY_PREFIX + session.getId(), (SimpleSession)session, expireTime);
- }
-
- private Session getSessionFromCache (Serializable sessionId) {
- Serializable object = shiroCache.get(KEY_PREFIX + sessionId);
- Session session = null;
- if (object != null) {
- session = (Session)shiroCache.get(KEY_PREFIX + sessionId);
- }
- return session;
- }
-
- public void setExpireTime (int expireTime) {
- this.expireTime = expireTime;
- }
-}
diff --git a/server/company/src/main/java/com/doumee/config/shiro/ShiroSessionManager.java b/server/company/src/main/java/com/doumee/config/shiro/ShiroSessionManager.java
deleted file mode 100644
index 32b0379..0000000
--- a/server/company/src/main/java/com/doumee/config/shiro/ShiroSessionManager.java
+++ /dev/null
@@ -1,85 +0,0 @@
-package com.doumee.config.shiro;
-
-import lombok.extern.slf4j.Slf4j;
-import org.apache.shiro.session.Session;
-import org.apache.shiro.session.mgt.DefaultSessionManager;
-import org.apache.shiro.session.mgt.SessionContext;
-import org.apache.shiro.session.mgt.SessionKey;
-import org.apache.shiro.web.servlet.Cookie;
-import org.apache.shiro.web.servlet.ShiroHttpServletRequest;
-import org.apache.shiro.web.servlet.SimpleCookie;
-import org.apache.shiro.web.session.mgt.WebSessionManager;
-import org.apache.shiro.web.util.WebUtils;
-
-import javax.servlet.ServletRequest;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.Serializable;
-
-/**
- * 鑷畾涔変細璇濈鐞嗗櫒
- * @author Eva.Caesar Liu
- * @date 2023/04/17 12:11
- */
-@Slf4j
-public class ShiroSessionManager extends DefaultSessionManager implements WebSessionManager {
-
- private static final String AUTH_TOKEN = "eva-auth-token";
-
- @Override
- protected void onStart(Session session, SessionContext context) {
- super.onStart(session, context);
- if (!WebUtils.isHttp(context)) {
- log.debug("SessionContext argument is not Http compatible or does not have an Http request/response pair. No session ID cookie will be set.");
- return;
- }
- HttpServletRequest request = WebUtils.getHttpRequest(context);
- HttpServletResponse response = WebUtils.getHttpResponse(context);
- Serializable sessionId = session.getId();
- this.storeSessionId(sessionId, request, response);
- request.removeAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID_SOURCE);
- request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_IS_NEW, Boolean.TRUE);
- }
-
- @Override
- public Serializable getSessionId(SessionKey key) {
- Serializable sessionId = super.getSessionId(key);
- if (sessionId == null && WebUtils.isWeb(key)) {
- ServletRequest servletRequest = WebUtils.getRequest(key);
- if (!(servletRequest instanceof HttpServletRequest)) {
- log.trace("Can not get sessionId from header, the request is not HttpServletRequest");
- return null;
- }
- HttpServletRequest request = (HttpServletRequest) servletRequest;
- // 浠巆ookie涓幏鍙栬璇�
- javax.servlet.http.Cookie[] cookies = request.getCookies();
- if (cookies != null) {
- for (javax.servlet.http.Cookie cookie : cookies) {
- if (AUTH_TOKEN.equals(cookie.getName())) {
- return cookie.getValue();
- }
- }
- }
- // 浠巋eader涓幏鍙栬璇�
- return request.getHeader(AUTH_TOKEN);
- }
- return sessionId;
- }
- @Override
- public boolean isServletContainerSessions() {
- return false;
- }
-
- private void storeSessionId(Serializable currentId, HttpServletRequest request, HttpServletResponse response) {
- if (currentId == null) {
- String msg = "sessionId cannot be null when persisting for subsequent requests.";
- throw new IllegalArgumentException(msg);
- }
- Cookie cookie = new SimpleCookie(AUTH_TOKEN);
- cookie.setHttpOnly(false);
- String idString = currentId.toString();
- cookie.setValue(idString);
- cookie.saveTo(request, response);
- log.trace("Set session ID cookie for session with id {}", idString);
- }
-}
diff --git a/server/company/src/main/java/com/doumee/config/shiro/ShiroToken.java b/server/company/src/main/java/com/doumee/config/shiro/ShiroToken.java
deleted file mode 100644
index 74c09df..0000000
--- a/server/company/src/main/java/com/doumee/config/shiro/ShiroToken.java
+++ /dev/null
@@ -1,54 +0,0 @@
-package com.doumee.config.shiro;
-
-import org.apache.shiro.authc.UsernamePasswordToken;
-import org.springframework.stereotype.Component;
-
-/**
- * 鑷畾涔塗oken 锛屽鐞嗚璇佸拰鏉冮檺
- * @author Eva.Caesar Liu
- * @date 2022/04/18 18:12
- */
-@Component
-public class ShiroToken extends UsernamePasswordToken {
-
- /**
- * 鍏徃ID
- */
- Integer companyId;
- Boolean isDdLogin;
- Boolean isWxLogin;
-
- public ShiroToken() {
- }
- public ShiroToken(Integer companyId, String username, String password, boolean isDdLogin, boolean isWxLogin) {
- super(username, password, false, (String)null);
- this.companyId = companyId;
- this.isDdLogin = isDdLogin;
- this.isWxLogin = isWxLogin;
- }
-
- public Boolean getDdLogin() {
- return isDdLogin;
- }
-
- public void setDdLogin(Boolean ddLogin) {
- isDdLogin = ddLogin;
- }
-
-
- public Boolean getWxLogin() {
- return isWxLogin;
- }
-
- public void setWxLogin(Boolean wxLogin) {
- isWxLogin = wxLogin;
- }
-
- public Integer getCompanyId() {
- return companyId;
- }
-
- public void setCompanyId(Integer companyId) {
- this.companyId = companyId;
- }
-}
diff --git a/server/platform/src/main/java/com/doumee/api/business/SmsEmailController.java b/server/platform/src/main/java/com/doumee/api/business/SmsEmailController.java
index 5f7ba37..f25bdb8 100644
--- a/server/platform/src/main/java/com/doumee/api/business/SmsEmailController.java
+++ b/server/platform/src/main/java/com/doumee/api/business/SmsEmailController.java
@@ -37,6 +37,13 @@
public ApiResponse create(@RequestBody SmsEmail smsEmail) {
return ApiResponse.success(smsEmailService.create(smsEmail));
}
+ @PreventRepeat
+ @ApiOperation("鍙戦�佺煭淇¢獙璇佺爜")
+ @PostMapping("/sendSms")
+// @RequiresPermissions("business:smsemail:sendSms")
+ public ApiResponse sendSms(@RequestBody SmsEmail smsEmail) {
+ return ApiResponse.success(smsEmailService.sendSms(smsEmail));
+ }
@ApiOperation("鏍规嵁ID鍒犻櫎")
@GetMapping("/delete/{id}")
diff --git a/server/platform/src/main/java/com/doumee/api/system/SystemController.java b/server/platform/src/main/java/com/doumee/api/system/SystemController.java
index 11aabd4..f2d6829 100644
--- a/server/platform/src/main/java/com/doumee/api/system/SystemController.java
+++ b/server/platform/src/main/java/com/doumee/api/system/SystemController.java
@@ -8,6 +8,7 @@
import com.doumee.core.model.LoginUserInfo;
import com.doumee.core.utils.Constants;
import com.doumee.dao.system.dto.LoginDTO;
+import com.doumee.dao.system.dto.LoginPhoneDTO;
import com.doumee.dao.system.dto.UpdatePwdDto;
import com.doumee.service.system.SystemLoginService;
import io.swagger.annotations.Api;
@@ -45,6 +46,12 @@
public ApiResponse<String> login (@Validated @RequestBody LoginDTO dto, HttpServletRequest request) {
return ApiResponse.success(systemLoginService.loginByPassword(dto, Constants.ZERO, request));
}
+ @PreventRepeat(limit = 10, lockTime = 10000)
+ @ApiOperation("鐭俊楠岃瘉鐮佺櫥褰�")
+ @PostMapping("/loginByPhone")
+ public ApiResponse<String> loginByPhone (@Validated @RequestBody LoginPhoneDTO dto, HttpServletRequest request) {
+ return ApiResponse.success(systemLoginService.loginByPhone(dto, Constants.ZERO, request));
+ }
@ApiOperation("閫�鍑虹櫥褰�")
@PostMapping("/logout")
diff --git a/server/platform/src/main/java/com/doumee/shiro/ShiroCacheManager.java b/server/platform/src/main/java/com/doumee/shiro/ShiroCacheManager.java
deleted file mode 100644
index 246bfe0..0000000
--- a/server/platform/src/main/java/com/doumee/shiro/ShiroCacheManager.java
+++ /dev/null
@@ -1,44 +0,0 @@
-package com.doumee.shiro;
-
-import lombok.extern.slf4j.Slf4j;
-import org.apache.shiro.cache.Cache;
-import org.apache.shiro.cache.CacheException;
-import org.apache.shiro.cache.CacheManager;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.ApplicationContext;
-import org.springframework.stereotype.Component;
-
-import java.util.concurrent.ConcurrentHashMap;
-import java.util.concurrent.ConcurrentMap;
-
-/**
- * 鑷畾涔塖hiro CacheManager
- * @author Eva.Caesar Liu
- * @date 2023/04/17 12:11
- */
-@Slf4j
-@Component
-public class ShiroCacheManager implements CacheManager {
-
- private final ConcurrentMap<String, Cache> caches = new ConcurrentHashMap();
-
- private static ApplicationContext applicationContext;
-
- @Override
- public <K, V> Cache<K, V> getCache(String name) throws CacheException {
- log.debug("get cache, name=" + name);
- Cache cache = this.caches.get(name);
- if (cache == null) {
- cache = applicationContext.getBean(ShiroCache.class, "shiro:cache:");
- this.caches.put(name, cache);
- }
- return cache;
- }
-
- @Autowired
- public void setApplicationContext (ApplicationContext applicationContext) {
- if (ShiroCacheManager.applicationContext == null) {
- ShiroCacheManager.applicationContext = applicationContext;
- }
- }
-}
diff --git a/server/platform/src/main/java/com/doumee/shiro/ShiroCredentialsMatcher.java b/server/platform/src/main/java/com/doumee/shiro/ShiroCredentialsMatcher.java
deleted file mode 100644
index abe6a10..0000000
--- a/server/platform/src/main/java/com/doumee/shiro/ShiroCredentialsMatcher.java
+++ /dev/null
@@ -1,46 +0,0 @@
-package com.doumee.shiro;
-
-import com.doumee.core.utils.Utils;
-import com.doumee.dao.system.model.SystemUser;
-import com.doumee.service.system.SystemUserService;
-import org.apache.shiro.authc.AuthenticationInfo;
-import org.apache.shiro.authc.AuthenticationToken;
-import org.apache.shiro.authc.UsernamePasswordToken;
-import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.Lazy;
-import org.springframework.stereotype.Component;
-
-/**
- * Shiro瀵嗙爜姣斿澶勭悊
- * @author Eva.Caesar Liu
- * @date 2023/04/17 12:11
- */
-@Component
-public class ShiroCredentialsMatcher extends HashedCredentialsMatcher {
- @Lazy
- @Autowired
- private SystemUserService systemUserService;
-
- @Override
- public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
- UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) token;
- SystemUser queryUserDto = new SystemUser();
- queryUserDto.setUsername(usernamePasswordToken.getUsername());
- queryUserDto.setDeleted(Boolean.FALSE);
- SystemUser systemUser = systemUserService.findOne(queryUserDto);
- if (systemUser == null) {
- return Boolean.FALSE;
- }
-// if(usernamePasswordToken.getDdLogin()){
-// return Boolean.TRUE;
-// }
-// if(usernamePasswordToken.getWxLogin()){
-// return Boolean.TRUE;
-// }
- // 鍔犲瘑瀵嗙爜
- String pwd = Utils.Secure.encryptPassword(new String(usernamePasswordToken.getPassword()), systemUser.getSalt());
- // 姣旇緝瀵嗙爜
- return this.equals(pwd, systemUser.getPassword());
- }
-}
diff --git a/server/platform/src/main/java/com/doumee/shiro/ShiroRealm.java b/server/platform/src/main/java/com/doumee/shiro/ShiroRealm.java
deleted file mode 100644
index 6fbf47c..0000000
--- a/server/platform/src/main/java/com/doumee/shiro/ShiroRealm.java
+++ /dev/null
@@ -1,113 +0,0 @@
-package com.doumee.shiro;
-
-import com.doumee.core.constants.ResponseStatus;
-import com.doumee.core.exception.BusinessException;
-import com.doumee.core.model.LoginUserInfo;
-import com.doumee.core.utils.Constants;
-import com.doumee.dao.business.model.CompanyPermission;
-import com.doumee.dao.system.model.SystemPermission;
-import com.doumee.dao.system.model.SystemRole;
-import com.doumee.dao.system.model.SystemUser;
-import com.doumee.service.business.CompanyPermissionService;
-import com.doumee.service.system.SystemDataPermissionService;
-import com.doumee.service.system.SystemPermissionService;
-import com.doumee.service.system.SystemRoleService;
-import com.doumee.service.system.SystemUserService;
-import org.apache.shiro.authc.AuthenticationException;
-import org.apache.shiro.authc.AuthenticationInfo;
-import org.apache.shiro.authc.AuthenticationToken;
-import org.apache.shiro.authc.SimpleAuthenticationInfo;
-import org.apache.shiro.authz.AuthorizationInfo;
-import org.apache.shiro.authz.SimpleAuthorizationInfo;
-import org.apache.shiro.realm.AuthorizingRealm;
-import org.apache.shiro.subject.PrincipalCollection;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.Lazy;
-import org.springframework.stereotype.Component;
-
-import java.util.ArrayList;
-import java.util.List;
-
-/**
- * 鑷畾涔塕ealm锛屽鐞嗚璇佸拰鏉冮檺
- * @author Eva.Caesar Liu
- * @date 2022/03/15 09:54
- */
-@Component
-public class ShiroRealm extends AuthorizingRealm {
-
- @Lazy
- @Autowired
- private SystemDataPermissionService systemDataPermissionService;
- @Lazy
- @Autowired
- private SystemUserService systemUserService;
- @Lazy
- @Autowired
- private CompanyPermissionService companyPermissionService;
-
- @Lazy
- @Autowired
- private SystemRoleService systemRoleService;
-
- @Lazy
- @Autowired
- private SystemPermissionService systemPermissionService;
-
- /**
- * 鏉冮檺澶勭悊
- * @author Eva.Caesar Liu
- * @date 2022/03/15 09:54
- */
- @Override
- protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
- LoginUserInfo loginUserInfo = (LoginUserInfo)principalCollection.getPrimaryPrincipal();
- // 璁剧疆鐢ㄦ埛瑙掕壊鍜屾潈闄�
- SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
- authorizationInfo.addRoles(loginUserInfo.getRoles());
- authorizationInfo.addStringPermissions(loginUserInfo.getPermissions());
- return authorizationInfo;
- }
-
- /**
- * 璁よ瘉澶勭悊
- * @author Eva.Caesar Liu
- * @date 2022/03/15 09:54
- */
- @Override
- protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
- // 鑾峰彇鐢ㄦ埛鍚�
- String username = authenticationToken.getPrincipal().toString();
- // 鏍规嵁鐢ㄦ埛鍚嶆煡璇㈢敤鎴峰璞�
- SystemUser queryDto = new SystemUser();
- queryDto.setUsername(username);
- queryDto.setType(Constants.UserType.SYSTEM.getKey());
- queryDto.setDeleted(Boolean.FALSE);
- SystemUser user = systemUserService.findOne(queryDto);
- if(user == null){
- throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"瀵逛笉璧凤紝璐﹀彿鎴栧瘑鐮佷笉姝g‘锛�");
- }
- if(!Constants.equalsInteger(user.getStatus(),Constants.ZERO)){
- throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"瀵逛笉璧凤紝璐﹀彿淇℃伅宸茶绂佺敤锛屽鏈夌枒闂鑱旂郴绯荤粺绠$悊鍛橈紒");
- }
- // 鑾峰彇鐧诲綍鐢ㄦ埛淇℃伅
- List<SystemRole> roles = systemRoleService.findByUserId(user.getId());
- List<SystemPermission> permissions = systemPermissionService.findByUserId(user.getId());
- LoginUserInfo userInfo = LoginUserInfo.from(user, roles, permissions);
- CompanyPermission c = new CompanyPermission();
- c.setUserId(user.getId());
- c.setIsdeleted(Constants.ZERO);
- List<CompanyPermission> pList = companyPermissionService.findList(c);
- if(pList!=null){
- for (CompanyPermission cc : pList){
- if(user.getCompanyIdList() == null){
- user.setCompanyIdList(new ArrayList<>());
- }
- user.getCompanyIdList().add(cc.getCompanyId());
- }
- }
- // 楠岃瘉鐢ㄦ埛
- return new SimpleAuthenticationInfo(userInfo, user.getPassword(), this.getName());
- }
-
-}
diff --git a/server/platform/src/main/java/com/doumee/shiro/ShiroSessionSerializer.java b/server/platform/src/main/java/com/doumee/shiro/ShiroSessionSerializer.java
deleted file mode 100644
index 5ab375c..0000000
--- a/server/platform/src/main/java/com/doumee/shiro/ShiroSessionSerializer.java
+++ /dev/null
@@ -1,36 +0,0 @@
-package com.doumee.shiro;
-
-import org.apache.commons.lang3.SerializationUtils;
-import org.apache.shiro.codec.Base64;
-import org.springframework.data.redis.serializer.RedisSerializer;
-import org.springframework.data.redis.serializer.SerializationException;
-
-import java.io.Serializable;
-import java.nio.charset.StandardCharsets;
-
-/**
- * Session搴忓垪鍖�
- * @author Eva.Caesar Liu
- * @date 2023/04/17 12:11
- */
-public class ShiroSessionSerializer implements RedisSerializer<Serializable> {
-
- @Override
- public byte[] serialize(Serializable obj) throws SerializationException {
- if (obj == null) {
- return new byte[0];
- }
- String sessionBase64 = Base64.encodeToString(SerializationUtils.serialize(obj));
- return sessionBase64.getBytes(StandardCharsets.UTF_8);
- }
-
- @Override
- public Serializable deserialize(byte[] bytes) throws SerializationException {
- if (bytes == null || bytes.length == 0) {
- return null;
- }
- String sessionString = new String(bytes, StandardCharsets.UTF_8);
- byte[] sessionBytes = Base64.decode(sessionString);
- return SerializationUtils.deserialize(sessionBytes);
- }
-}
diff --git a/server/platform/src/main/java/com/doumee/shiro/ShiroToken.java b/server/platform/src/main/java/com/doumee/shiro/ShiroToken.java
deleted file mode 100644
index f316d1d..0000000
--- a/server/platform/src/main/java/com/doumee/shiro/ShiroToken.java
+++ /dev/null
@@ -1,54 +0,0 @@
-package com.doumee.shiro;
-
-import org.apache.shiro.authc.UsernamePasswordToken;
-import org.springframework.stereotype.Component;
-
-/**
- * 鑷畾涔塗oken 锛屽鐞嗚璇佸拰鏉冮檺
- * @author Eva.Caesar Liu
- * @date 2022/04/18 18:12
- */
-//@Component
-public class ShiroToken extends UsernamePasswordToken {
-
- /**
- * 鍏徃ID
- */
- Integer companyId;
- Boolean isDdLogin;
- Boolean isWxLogin;
-
- public ShiroToken() {
- }
- public ShiroToken(Integer companyId, String username, String password, boolean isDdLogin, boolean isWxLogin) {
- super(username, password, false, (String)null);
- this.companyId = companyId;
- this.isDdLogin = isDdLogin;
- this.isWxLogin = isWxLogin;
- }
-
- public Boolean getDdLogin() {
- return isDdLogin;
- }
-
- public void setDdLogin(Boolean ddLogin) {
- isDdLogin = ddLogin;
- }
-
-
- public Boolean getWxLogin() {
- return isWxLogin;
- }
-
- public void setWxLogin(Boolean wxLogin) {
- isWxLogin = wxLogin;
- }
-
- public Integer getCompanyId() {
- return companyId;
- }
-
- public void setCompanyId(Integer companyId) {
- this.companyId = companyId;
- }
-}
diff --git a/server/platform/src/main/java/com/doumee/shiro/ShiroTokenManager.java b/server/platform/src/main/java/com/doumee/shiro/ShiroTokenManager.java
deleted file mode 100644
index 5870cf2..0000000
--- a/server/platform/src/main/java/com/doumee/shiro/ShiroTokenManager.java
+++ /dev/null
@@ -1,25 +0,0 @@
-package com.doumee.shiro;
-
-import com.doumee.core.exception.UnSafeSessionException;
-import org.springframework.stereotype.Component;
-
-import java.util.UUID;
-
-/**
- * 榛樿Token绠$悊鍣�
- * @author Eva.Caesar Liu
- * @date 2023/04/17 12:11
- */
-@Component
-public class ShiroTokenManager {
-
- String build() {
- return UUID.randomUUID().toString();
- }
-
- void check(String token) throws UnSafeSessionException {
- if (token == null || token.length() != 36) {
- throw new UnSafeSessionException();
- }
- }
-}
diff --git a/server/platform/src/main/java/com/doumee/shiro/ShiroAuthFilter.java b/server/service/src/main/java/com/doumee/config/shiro/ShiroAuthFilter.java
similarity index 96%
rename from server/platform/src/main/java/com/doumee/shiro/ShiroAuthFilter.java
rename to server/service/src/main/java/com/doumee/config/shiro/ShiroAuthFilter.java
index 838a581..30d7dc0 100644
--- a/server/platform/src/main/java/com/doumee/shiro/ShiroAuthFilter.java
+++ b/server/service/src/main/java/com/doumee/config/shiro/ShiroAuthFilter.java
@@ -1,4 +1,4 @@
-package com.doumee.shiro;
+package com.doumee.config.shiro;
import com.alibaba.fastjson.JSON;
import com.doumee.core.model.ApiResponse;
diff --git a/server/platform/src/main/java/com/doumee/shiro/ShiroCache.java b/server/service/src/main/java/com/doumee/config/shiro/ShiroCache.java
similarity index 98%
rename from server/platform/src/main/java/com/doumee/shiro/ShiroCache.java
rename to server/service/src/main/java/com/doumee/config/shiro/ShiroCache.java
index 4e28b64..c71de30 100644
--- a/server/platform/src/main/java/com/doumee/shiro/ShiroCache.java
+++ b/server/service/src/main/java/com/doumee/config/shiro/ShiroCache.java
@@ -1,4 +1,4 @@
-package com.doumee.shiro;
+package com.doumee.config.shiro;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.cache.Cache;
diff --git a/server/company/src/main/java/com/doumee/config/shiro/ShiroCacheManager.java b/server/service/src/main/java/com/doumee/config/shiro/ShiroCacheManager.java
similarity index 100%
rename from server/company/src/main/java/com/doumee/config/shiro/ShiroCacheManager.java
rename to server/service/src/main/java/com/doumee/config/shiro/ShiroCacheManager.java
diff --git a/server/platform/src/main/java/com/doumee/shiro/ShiroConfig.java b/server/service/src/main/java/com/doumee/config/shiro/ShiroConfig.java
similarity index 97%
rename from server/platform/src/main/java/com/doumee/shiro/ShiroConfig.java
rename to server/service/src/main/java/com/doumee/config/shiro/ShiroConfig.java
index de2c792..680ae76 100644
--- a/server/platform/src/main/java/com/doumee/shiro/ShiroConfig.java
+++ b/server/service/src/main/java/com/doumee/config/shiro/ShiroConfig.java
@@ -1,4 +1,4 @@
-package com.doumee.shiro;
+package com.doumee.config.shiro;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.session.mgt.SessionManager;
@@ -91,6 +91,7 @@
map.put("/system/login", "anon");
map.put("/system/logout", "anon");
map.put("/common/captcha", "anon");
+ map.put("/business/smsEmail/sendSms", "anon");
map.put("/business/areas/*", "anon");
// - 鏀捐swagger
map.put("/doc.html", "anon");
diff --git a/server/company/src/main/java/com/doumee/config/shiro/ShiroCredentialsMatcher.java b/server/service/src/main/java/com/doumee/config/shiro/ShiroCredentialsMatcher.java
similarity index 83%
rename from server/company/src/main/java/com/doumee/config/shiro/ShiroCredentialsMatcher.java
rename to server/service/src/main/java/com/doumee/config/shiro/ShiroCredentialsMatcher.java
index 8550e9d..cde2c50 100644
--- a/server/company/src/main/java/com/doumee/config/shiro/ShiroCredentialsMatcher.java
+++ b/server/service/src/main/java/com/doumee/config/shiro/ShiroCredentialsMatcher.java
@@ -24,7 +24,7 @@
@Override
public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
- UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) token;
+ ShiroToken usernamePasswordToken = (ShiroToken) token;
SystemUser queryUserDto = new SystemUser();
queryUserDto.setUsername(usernamePasswordToken.getUsername());
queryUserDto.setDeleted(Boolean.FALSE);
@@ -32,12 +32,9 @@
if (systemUser == null) {
return Boolean.FALSE;
}
-// if(usernamePasswordToken.getDdLogin()){
-// return Boolean.TRUE;
-// }
-// if(usernamePasswordToken.getWxLogin()){
-// return Boolean.TRUE;
-// }
+ if(!usernamePasswordToken.isNeedPassword()){
+ return Boolean.TRUE;
+ }
// 鍔犲瘑瀵嗙爜
String pwd = Utils.Secure.encryptPassword(new String(usernamePasswordToken.getPassword()), systemUser.getSalt());
// 姣旇緝瀵嗙爜
diff --git a/server/company/src/main/java/com/doumee/config/shiro/ShiroRealm.java b/server/service/src/main/java/com/doumee/config/shiro/ShiroRealm.java
similarity index 71%
rename from server/company/src/main/java/com/doumee/config/shiro/ShiroRealm.java
rename to server/service/src/main/java/com/doumee/config/shiro/ShiroRealm.java
index 64a8776..10bcf6d 100644
--- a/server/company/src/main/java/com/doumee/config/shiro/ShiroRealm.java
+++ b/server/service/src/main/java/com/doumee/config/shiro/ShiroRealm.java
@@ -4,12 +4,13 @@
import com.doumee.core.exception.BusinessException;
import com.doumee.core.model.LoginUserInfo;
import com.doumee.core.utils.Constants;
-import com.doumee.core.utils.DateUtil;
import com.doumee.dao.business.model.Company;
+import com.doumee.dao.business.model.CompanyPermission;
import com.doumee.dao.system.model.SystemPermission;
import com.doumee.dao.system.model.SystemRole;
import com.doumee.dao.system.model.SystemUser;
-import com.doumee.service.business.CompanyService;
+import com.doumee.service.business.CompanyPermissionService;
+import com.doumee.service.business.impl.CompanyServiceImpl;
import com.doumee.service.system.SystemDataPermissionService;
import com.doumee.service.system.SystemPermissionService;
import com.doumee.service.system.SystemRoleService;
@@ -26,7 +27,7 @@
import org.springframework.context.annotation.Lazy;
import org.springframework.stereotype.Component;
-import java.util.Date;
+import java.util.ArrayList;
import java.util.List;
/**
@@ -43,6 +44,12 @@
@Lazy
@Autowired
private SystemUserService systemUserService;
+ @Lazy
+ @Autowired
+ private CompanyPermissionService companyPermissionService;
+ @Lazy
+ @Autowired
+ private CompanyServiceImpl companyService;
@Lazy
@Autowired
@@ -51,10 +58,6 @@
@Lazy
@Autowired
private SystemPermissionService systemPermissionService;
-
- @Lazy
- @Autowired
- private CompanyService companyService;
/**
* 鏉冮檺澶勭悊
@@ -77,34 +80,53 @@
* @date 2022/03/15 09:54
*/
@Override
- protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException{
+ protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
// 鑾峰彇鐢ㄦ埛鍚�
+ ShiroToken authenticationToken = (ShiroToken)token;
String username = authenticationToken.getPrincipal().toString();
// 鏍规嵁鐢ㄦ埛鍚嶆煡璇㈢敤鎴峰璞�
SystemUser queryDto = new SystemUser();
- queryDto.setUsername(username);
+ if(authenticationToken.isNeedPassword()){
+ //璐﹀彿瀵嗙爜鐧诲綍
+ queryDto.setUsername(username);
+ }else{
+ //鎵嬫満鍙烽獙璇佺爜鐧诲綍
+ queryDto.setMobile(username);
+ }
+ queryDto.setType(authenticationToken.getUserType());
queryDto.setDeleted(Boolean.FALSE);
SystemUser user = systemUserService.findOne(queryDto);
if(user == null){
- throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"瀵逛笉璧凤紝璐﹀彿鎴栧瘑鐮佷笉姝g‘锛�");
- }
- if(!Constants.equalsInteger(user.getType(),Constants.UserType.COMPANY.getKey())){
- throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"瀵逛笉璧凤紝闈炰紒涓氳处鎴疯韩浠斤紝鏃犳硶鐧诲綍璇ュ钩鍙帮紒锛�");
+ throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"瀵逛笉璧凤紝璐﹀彿淇℃伅涓嶆纭紒");
}
if(!Constants.equalsInteger(user.getStatus(),Constants.ZERO)){
throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"瀵逛笉璧凤紝璐﹀彿淇℃伅宸茶绂佺敤锛屽鏈夌枒闂鑱旂郴绯荤粺绠$悊鍛橈紒");
- }
- if(!user.getType().equals(Constants.UserType.SYSTEM)){
- Company company = companyService.findById(user.getCompanyId());
- if(company.getStatus().equals(Constants.ONE)){
- throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"瀵逛笉璧凤紝浼佷笟淇℃伅宸茶绂佺敤锛屽鏈夌枒闂鑱旂郴绯荤粺绠$悊鍛橈紒");
- }
- user.setCompany(company);
}
// 鑾峰彇鐧诲綍鐢ㄦ埛淇℃伅
List<SystemRole> roles = systemRoleService.findByUserId(user.getId());
List<SystemPermission> permissions = systemPermissionService.findByUserId(user.getId());
LoginUserInfo userInfo = LoginUserInfo.from(user, roles, permissions);
+ if(authenticationToken.getUserType() == 0){
+ CompanyPermission c = new CompanyPermission();
+ c.setUserId(user.getId());
+ c.setIsdeleted(Constants.ZERO);
+ List<CompanyPermission> pList = companyPermissionService.findList(c);
+ if(pList!=null){
+ for (CompanyPermission cc : pList){
+ if(user.getCompanyIdList() == null){
+ user.setCompanyIdList(new ArrayList<>());
+ }
+ user.getCompanyIdList().add(cc.getCompanyId());
+ }
+ }
+ }else{
+ Company company = companyService.findById(user.getCompanyId());
+ if(company == null){
+ throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"瀵逛笉璧凤紝浼佷笟璐﹀彿淇℃伅涓嶆纭紒");
+ }
+ user.setCompany(company);
+ }
+
// 楠岃瘉鐢ㄦ埛
return new SimpleAuthenticationInfo(userInfo, user.getPassword(), this.getName());
}
diff --git a/server/platform/src/main/java/com/doumee/shiro/ShiroRedisSessionDAO.java b/server/service/src/main/java/com/doumee/config/shiro/ShiroRedisSessionDAO.java
similarity index 98%
rename from server/platform/src/main/java/com/doumee/shiro/ShiroRedisSessionDAO.java
rename to server/service/src/main/java/com/doumee/config/shiro/ShiroRedisSessionDAO.java
index b592ada..aac166d 100644
--- a/server/platform/src/main/java/com/doumee/shiro/ShiroRedisSessionDAO.java
+++ b/server/service/src/main/java/com/doumee/config/shiro/ShiroRedisSessionDAO.java
@@ -1,4 +1,4 @@
-package com.doumee.shiro;
+package com.doumee.config.shiro;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang.SerializationUtils;
diff --git a/server/platform/src/main/java/com/doumee/shiro/ShiroSessionDAO.java b/server/service/src/main/java/com/doumee/config/shiro/ShiroSessionDAO.java
similarity index 98%
rename from server/platform/src/main/java/com/doumee/shiro/ShiroSessionDAO.java
rename to server/service/src/main/java/com/doumee/config/shiro/ShiroSessionDAO.java
index 726a21f..d6cb34f 100644
--- a/server/platform/src/main/java/com/doumee/shiro/ShiroSessionDAO.java
+++ b/server/service/src/main/java/com/doumee/config/shiro/ShiroSessionDAO.java
@@ -1,4 +1,4 @@
-package com.doumee.shiro;
+package com.doumee.config.shiro;
import lombok.Data;
import lombok.extern.slf4j.Slf4j;
diff --git a/server/platform/src/main/java/com/doumee/shiro/ShiroSessionManager.java b/server/service/src/main/java/com/doumee/config/shiro/ShiroSessionManager.java
similarity index 98%
rename from server/platform/src/main/java/com/doumee/shiro/ShiroSessionManager.java
rename to server/service/src/main/java/com/doumee/config/shiro/ShiroSessionManager.java
index acd2b46..a279ee8 100644
--- a/server/platform/src/main/java/com/doumee/shiro/ShiroSessionManager.java
+++ b/server/service/src/main/java/com/doumee/config/shiro/ShiroSessionManager.java
@@ -1,4 +1,4 @@
-package com.doumee.shiro;
+package com.doumee.config.shiro;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.session.Session;
diff --git a/server/company/src/main/java/com/doumee/config/shiro/ShiroSessionSerializer.java b/server/service/src/main/java/com/doumee/config/shiro/ShiroSessionSerializer.java
similarity index 100%
rename from server/company/src/main/java/com/doumee/config/shiro/ShiroSessionSerializer.java
rename to server/service/src/main/java/com/doumee/config/shiro/ShiroSessionSerializer.java
diff --git a/server/service/src/main/java/com/doumee/config/shiro/ShiroToken.java b/server/service/src/main/java/com/doumee/config/shiro/ShiroToken.java
new file mode 100644
index 0000000..c58c505
--- /dev/null
+++ b/server/service/src/main/java/com/doumee/config/shiro/ShiroToken.java
@@ -0,0 +1,42 @@
+package com.doumee.config.shiro;
+
+import org.apache.shiro.authc.UsernamePasswordToken;
+
+/**
+ * 鑷畾涔塗oken 锛屽鐞嗚璇佸拰鏉冮檺
+ * @author Eva.Caesar Liu
+ * @date 2022/04/18 18:12
+ */
+//@Component
+public class ShiroToken extends UsernamePasswordToken {
+
+ /**
+ * 鍏徃ID
+ */
+ boolean needPassword;
+ int userType;
+
+ public ShiroToken() {
+ }
+ public ShiroToken( String username, String password, boolean needPassword,int userType) {
+ super(username, password, false, (String)null);
+ this.needPassword = needPassword;
+ this.userType = userType;
+ }
+
+ public boolean isNeedPassword() {
+ return needPassword;
+ }
+
+ public void setNeedPassword(boolean needPassword) {
+ this.needPassword = needPassword;
+ }
+
+ public int getUserType() {
+ return userType;
+ }
+
+ public void setUserType(int userType) {
+ this.userType = userType;
+ }
+}
diff --git a/server/company/src/main/java/com/doumee/config/shiro/ShiroTokenManager.java b/server/service/src/main/java/com/doumee/config/shiro/ShiroTokenManager.java
similarity index 100%
rename from server/company/src/main/java/com/doumee/config/shiro/ShiroTokenManager.java
rename to server/service/src/main/java/com/doumee/config/shiro/ShiroTokenManager.java
diff --git a/server/service/src/main/java/com/doumee/dao/system/dto/LoginPhoneDTO.java b/server/service/src/main/java/com/doumee/dao/system/dto/LoginPhoneDTO.java
new file mode 100644
index 0000000..b1bbdf4
--- /dev/null
+++ b/server/service/src/main/java/com/doumee/dao/system/dto/LoginPhoneDTO.java
@@ -0,0 +1,25 @@
+package com.doumee.dao.system.dto;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+import javax.validation.constraints.NotBlank;
+import java.io.Serializable;
+
+/**
+ * @author Eva.Caesar Liu
+ * @date 2023/02/14 11:14
+ */
+@Data
+@ApiModel("鎵嬫満鍙风櫥褰曞弬鏁�")
+public class LoginPhoneDTO implements Serializable {
+
+ @NotBlank(message = "鎵嬫満鍙蜂笉鑳戒负绌�")
+ @ApiModelProperty(value = "鎵嬫満鍙�")
+ private String phone;
+ @NotBlank(message = "楠岃瘉鐮佷笉鑳戒负绌�")
+ @ApiModelProperty(value = "楠岃瘉鐮�")
+ private String code;
+
+}
diff --git a/server/service/src/main/java/com/doumee/service/business/impl/CompanyServiceImpl.java b/server/service/src/main/java/com/doumee/service/business/impl/CompanyServiceImpl.java
index 25f67a1..8ba0cf6 100644
--- a/server/service/src/main/java/com/doumee/service/business/impl/CompanyServiceImpl.java
+++ b/server/service/src/main/java/com/doumee/service/business/impl/CompanyServiceImpl.java
@@ -25,6 +25,7 @@
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.SecurityUtils;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
import org.springframework.scheduling.annotation.Async;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
@@ -43,6 +44,8 @@
@Service
public class CompanyServiceImpl implements CompanyService {
+ @Value("${debug_model}")
+ private boolean debugModel;
@Autowired
private CompanyMapper companyMapper;
@Autowired
@@ -221,8 +224,11 @@
||StringUtils.isBlank(company.getEmail())){
throw new BusinessException(ResponseStatus.BAD_REQUEST);
}
- //鎵嬫満楠岃瘉鐮佹牎楠�
- SmsEmailServiceImpl.isCaptcheValide(smsEmailMapper,company.getPhone(),company.getCaptche());
+
+ if(!debugModel){
+ //鎵嬫満楠岃瘉鐮佹牎楠�
+ SmsEmailServiceImpl.isCaptcheValide(smsEmailMapper,company.getPhone(),company.getCaptche());
+ }
}
diff --git a/server/service/src/main/java/com/doumee/service/business/impl/SmsEmailServiceImpl.java b/server/service/src/main/java/com/doumee/service/business/impl/SmsEmailServiceImpl.java
index ea97e2a..0679e4b 100644
--- a/server/service/src/main/java/com/doumee/service/business/impl/SmsEmailServiceImpl.java
+++ b/server/service/src/main/java/com/doumee/service/business/impl/SmsEmailServiceImpl.java
@@ -17,6 +17,7 @@
import com.doumee.service.business.third.EmayService;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
import org.springframework.util.CollectionUtils;
@@ -81,6 +82,7 @@
smsEmail.setTitle("鐭俊楠岃瘉鐮�");
smsEmail.setContent(systemDictDataBiz.queryByCode(Constants.SMS,Constants.SMS_COMNAME).getCode()+"楠岃瘉鐮佷负锛�"+code+"锛屾楠岃瘉鐮佹湁鏁堜负3鍒嗛挓銆傝鍕挎硠闇�");
smsEmailMapper.insert(smsEmail);
+
return smsEmail.getId();
}
diff --git a/server/service/src/main/java/com/doumee/service/system/SystemLoginService.java b/server/service/src/main/java/com/doumee/service/system/SystemLoginService.java
index a7efb36..6805744 100644
--- a/server/service/src/main/java/com/doumee/service/system/SystemLoginService.java
+++ b/server/service/src/main/java/com/doumee/service/system/SystemLoginService.java
@@ -1,6 +1,7 @@
package com.doumee.service.system;
import com.doumee.dao.system.dto.LoginDTO;
+import com.doumee.dao.system.dto.LoginPhoneDTO;
import javax.servlet.http.HttpServletRequest;
@@ -17,4 +18,5 @@
* @date 2023/03/21 14:49
*/
String loginByPassword (LoginDTO dto,int type, HttpServletRequest request);
+ String loginByPhone (LoginPhoneDTO dto, int type, HttpServletRequest request);
}
diff --git a/server/service/src/main/java/com/doumee/service/system/impl/SystemLoginServiceImpl.java b/server/service/src/main/java/com/doumee/service/system/impl/SystemLoginServiceImpl.java
index b41579c..1c5593b 100644
--- a/server/service/src/main/java/com/doumee/service/system/impl/SystemLoginServiceImpl.java
+++ b/server/service/src/main/java/com/doumee/service/system/impl/SystemLoginServiceImpl.java
@@ -1,13 +1,17 @@
package com.doumee.service.system.impl;
import com.baomidou.mybatisplus.extension.api.R;
+import com.doumee.config.shiro.ShiroToken;
import com.doumee.core.constants.ResponseStatus;
import com.doumee.core.exception.BusinessException;
import com.doumee.core.model.LoginUserInfo;
import com.doumee.core.utils.Constants;
import com.doumee.core.utils.Utils;
+import com.doumee.dao.business.SmsEmailMapper;
import com.doumee.dao.system.dto.LoginDTO;
+import com.doumee.dao.system.dto.LoginPhoneDTO;
import com.doumee.dao.system.model.SystemLoginLog;
+import com.doumee.service.business.impl.SmsEmailServiceImpl;
import com.doumee.service.common.CaptchaService;
import com.doumee.service.system.SystemLoginLogService;
import com.doumee.service.system.SystemLoginService;
@@ -30,9 +34,10 @@
@Value("${project.version}")
private String systemVersion;
- @Value("${captcha_check}")
- private boolean captchaCheck;
-
+ @Value("${debug_model}")
+ private Boolean debugModel;
+ @Autowired
+ private SmsEmailMapper smsEmailMapper;
@Autowired
private CaptchaService captchaService;
@@ -52,10 +57,51 @@
loginLog.setOsInfo(Utils.User_Client.getOS(request));
loginLog.setServerIp(Utils.Server.getIP());
// 鏍¢獙楠岃瘉鐮�
+ try {
+ if(debugModel){
+ captchaService.check(dto.getUuid(), dto.getCode());
+ }
+ } catch (Exception e) {
+ log.error(e.getMessage(), e);
+ loginLog.setReason(e.getMessage().length() > 200 ? (e.getMessage().substring(0, 190) + "...") : e.getMessage());
+ loginLog.setSuccess(Boolean.FALSE);
+ systemLoginLogService.create(loginLog);
+ throw e;
+ }
+ // 鏍¢獙鐢ㄦ埛鍚嶅拰瀵嗙爜
+ Subject subject = SecurityUtils.getSubject();
+ ShiroToken token = new ShiroToken(dto.getUsername(), dto.getPassword(),true,Constants.ZERO);
+ try {
+ subject.login(token);
+ loginLog.setUserId(((LoginUserInfo)subject.getPrincipal()).getId());
+ loginLog.setSuccess(Boolean.TRUE);
+ systemLoginLogService.create(loginLog);
+ return (String)subject.getSession().getId();
+ } catch (AuthenticationException e) {
+ log.error(ResponseStatus.ACCOUNT_INCORRECT.getMessage(), e);
+ loginLog.setReason(e.getMessage().length() > 200 ? (e.getMessage().substring(0, 190) + "...") : e.getMessage());
+ loginLog.setSuccess(Boolean.FALSE);
+ systemLoginLogService.create(loginLog);
+ throw new BusinessException(ResponseStatus.ACCOUNT_INCORRECT.getCode(), Objects.isNull(e.getCause())?ResponseStatus.ACCOUNT_INCORRECT.getMessage():e.getCause().getMessage());
+ }
+ }
+ @Override
+ public String loginByPhone (LoginPhoneDTO dto, int type, HttpServletRequest request) {
+ SystemLoginLog loginLog = new SystemLoginLog();
+ loginLog.setLoginUsername(dto.getPhone());
+ loginLog.setLoginTime(new Date());
+ loginLog.setSystemVersion(systemVersion);
+ loginLog.setIp(Utils.User_Client.getIP(request));
+ loginLog.setLocation(Utils.Location.getLocationString(loginLog.getIp()));
+ loginLog.setPlatform(Utils.User_Client.getPlatform(request));
+ loginLog.setClientInfo(Utils.User_Client.getBrowser(request));
+ loginLog.setOsInfo(Utils.User_Client.getOS(request));
+ loginLog.setServerIp(Utils.Server.getIP());
+ // 鏍¢獙楠岃瘉鐮�
if(type!= Constants.TWO){
try {
- if(captchaCheck){
- captchaService.check(dto.getUuid(), dto.getCode());
+ if(debugModel){
+ SmsEmailServiceImpl.isCaptcheValide(smsEmailMapper,dto.getPhone(), dto.getCode());
}
} catch (Exception e) {
log.error(e.getMessage(), e);
@@ -67,7 +113,7 @@
}
// 鏍¢獙鐢ㄦ埛鍚嶅拰瀵嗙爜
Subject subject = SecurityUtils.getSubject();
- UsernamePasswordToken token = new UsernamePasswordToken(dto.getUsername(), dto.getPassword());
+ ShiroToken token = new ShiroToken(dto.getPhone(), null,false,Constants.ZERO);
try {
subject.login(token);
loginLog.setUserId(((LoginUserInfo)subject.getPrincipal()).getId());
diff --git a/server/service/src/main/resources/application-dev.yml b/server/service/src/main/resources/application-dev.yml
index f9b0360..997e0f8 100644
--- a/server/service/src/main/resources/application-dev.yml
+++ b/server/service/src/main/resources/application-dev.yml
@@ -39,7 +39,6 @@
debug_model: true
-captcha_check: false
# Swagger閰嶇疆
swagger:
--
Gitblit v1.9.3