first commit

qiaoba-auth/src/main/java/com/qiaoba/auth/config/SpringSecurityConfig.java

@@ -1,16 +1,11 @@
 package com.qiaoba.auth.config;
 
-import cn.hutool.core.util.RandomUtil;
-import cn.hutool.crypto.SecureUtil;
 import com.qiaoba.auth.constants.SecurityConstant;
 import com.qiaoba.auth.filters.AuthenticationCoreFilter;
 import com.qiaoba.auth.handler.AccessDeniedHandler;
 import com.qiaoba.auth.handler.LogoutHandler;
 import com.qiaoba.auth.properties.AuthConfigProperties;
-import com.qiaoba.auth.utils.TokenUtil;
 import com.qiaoba.common.base.constants.BaseConstant;
-import com.qiaoba.common.base.constants.ConfigConstant;
-import com.qiaoba.common.redis.service.RedisService;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.context.annotation.Bean;
@@ -25,8 +20,6 @@ import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import org.springframework.security.web.authentication.logout.LogoutFilter;
 
-import javax.annotation.PostConstruct;
-
 /**
  * SpringSecurity安全配置
  *
@@ -44,27 +37,8 @@ public class SpringSecurityConfig {
     private final AuthConfigProperties authConfigProperties;
     private final AccessDeniedHandler accessDeniedHandler;
     private final AuthenticationCoreFilter authenticationCoreFilter;
-    private final RedisService redisService;
     private final LogoutHandler logoutHandler;
 
-    /**
-     * 创建Token秘钥和Token有效期
-     */
-    @PostConstruct
-    public void init() {
-
-        if (redisService.hasKey(ConfigConstant.TOKEN_EXPIRE_TIME_KEY)) {
-            TokenUtil.expireTime = Integer.parseInt(redisService.get(ConfigConstant.TOKEN_EXPIRE_TIME_KEY).toString());
-        }
-
-        if (redisService.hasKey(SecurityConstant.REDIS_SECRET_KEY)) {
-            TokenUtil.secret = SecureUtil.md5(SecureUtil.md5(redisService.get(SecurityConstant.REDIS_SECRET_KEY).toString()));
-        } else {
-            String random = RandomUtil.randomString(8);
-            TokenUtil.secret = SecureUtil.md5(SecureUtil.md5(random));
-            redisService.set(SecurityConstant.REDIS_SECRET_KEY, random);
-        }
-    }
 
     @Bean
     SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {

qiaoba-auth/src/main/java/com/qiaoba/auth/constants/SecurityConstant.java

@@ -1,11 +1,5 @@
 package com.qiaoba.auth.constants;
 
-import com.qiaoba.common.base.constants.BaseConstant;
-import com.qiaoba.common.base.constants.ConfigConstant;
-
-import java.util.Arrays;
-import java.util.List;
-
 /**
  * 安全常量
  *
@@ -15,17 +9,10 @@ import java.util.List;
  */
 public class SecurityConstant {
 
-    /**
-     * 被挤下线
-     */
-    public static final int HTTP_SQUEEZED_OFFLINE = 4011;
-
-
-    public static final int MAX_ERROR_COUNT = 5;
     public static final String LOGOUT_URI = "/logout";
-    public static final String HAS_BEEN_PULLED_BLACK = "您的IP已经被系统拉黑";
+    public static final String HAS_BEEN_PULLED_BLACK = "你的IP已经被系统拉黑, 请联系管理员处理";
     public static final String ACCESS_DENIED = "暂无权限访问, 请重新登录";
-    public static final String BLACKLIST_KEY = "login:blacklist";
+    public static final String BLACKLIST_KEY = "login:blacklist:";
     public static final String LOGIN_ERROR_COUNT = "login:errorCount:";
     public static final String BLACKLIST_ON = "true";
 
@@ -37,7 +24,6 @@ public class SecurityConstant {
     public static final String LOGGED_USER_REDIS_KEY = "logged_user:";
 
 
-
     /**
      * 密码错误
      */

qiaoba-auth/src/main/java/com/qiaoba/auth/service/impl/AuthConfigServiceImpl.java

@@ -9,6 +9,8 @@ import com.qiaoba.common.redis.service.RedisService;
 import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Service;
 
+import java.util.Objects;
+
 /**
  * 安全配置 服务层实现
  *
@@ -37,6 +39,22 @@ public class AuthConfigServiceImpl implements AuthConfigApiService {
         return ConfigConstant.COMMON_ON_VALUE.equals(redisService.get(ConfigConstant.REGISTER_ON_OFF_KEY));
     }
 
+    @Override
+    public Boolean getBlacklistConfig() {
+        return ConfigConstant.COMMON_ON_VALUE.equals(redisService.get(ConfigConstant.BLACKLIST_ON_OFF_KEY));
+    }
+
+    @Override
+    public Long getBlacklistExpireTime() {
+        return redisService.getObject(ConfigConstant.BLACKLIST_EXPIRE_TIME_KEY, Long.class);
+    }
+
+    @Override
+    public Integer getAllowMaxErrorCount() {
+        Integer count = redisService.getObject(ConfigConstant.LOGIN_ERROR_MAX_COUNT_KEY, Integer.class);
+        return Objects.isNull(count) ? ConfigConstant.DEFAULT_LOGIN_ERROR_MAX_COUNT : count;
+    }
+
     @Override
     public void validateCaptcha(String code, String uuid) {
         if (getCaptchaConfig()) {