first commit
This commit is contained in:
@ -72,6 +72,9 @@ public class SysLoginServiceImpl implements SysLoginService {
|
||||
|
||||
@Override
|
||||
public String login(LoginDto dto) {
|
||||
Boolean blacklistSwitch = authConfigApiService.getBlacklistConfig();
|
||||
// 校验黑名单
|
||||
validateBlacklist(blacklistSwitch);
|
||||
// 校验验证码
|
||||
authConfigApiService.validateCaptcha(dto.getCode(), dto.getUuid());
|
||||
// username查询用户信息
|
||||
@ -79,7 +82,7 @@ public class SysLoginServiceImpl implements SysLoginService {
|
||||
// 检查账号信息
|
||||
validateUser(dto.getUsername(), sysUser);
|
||||
// 检验密码
|
||||
validatePassword(dto.getUsername(), sysUser.getPassword(), dto.getPassword());
|
||||
validatePassword(blacklistSwitch, dto.getUsername(), sysUser.getPassword(), dto.getPassword());
|
||||
// 缓存在线用户
|
||||
String deviceSn = cacheOnlineUser(dto.getUsername(), sysUser.getNickname());
|
||||
// 缓存userDetails
|
||||
@ -88,15 +91,46 @@ public class SysLoginServiceImpl implements SysLoginService {
|
||||
return TokenUtil.generateToken(sysUser.getUsername(), deviceSn);
|
||||
}
|
||||
|
||||
private void validatePassword(String username, String password, String inputPassword) {
|
||||
boolean result = SecurityUtil.matchesPassword(inputPassword, password);
|
||||
if (!result) {
|
||||
ThreadUtil.execAsync(() -> beforePasswordError(username));
|
||||
throw new ServiceException(SecurityConstant.PASSWORD_ERROR);
|
||||
private void validateBlacklist(Boolean blacklistSwitch) {
|
||||
String ip = IpUtil.getIp(request);
|
||||
if (blacklistSwitch && redisService.hasKey(SecurityConstant.BLACKLIST_KEY + ip)) {
|
||||
throw new ServiceException(SecurityConstant.HAS_BEEN_PULLED_BLACK);
|
||||
}
|
||||
}
|
||||
|
||||
private void beforePasswordError(String username) {
|
||||
private void validatePassword(Boolean blacklistSwitch, String username, String password, String inputPassword) {
|
||||
boolean result = SecurityUtil.matchesPassword(inputPassword, password);
|
||||
if (result && blacklistSwitch) {
|
||||
// 密码正确, 删除错误次数
|
||||
String ip = IpUtil.getIp(request);
|
||||
redisService.del(SecurityConstant.LOGIN_ERROR_COUNT + ip);
|
||||
} else {
|
||||
// 密码错误
|
||||
String msg = beforePasswordError(blacklistSwitch, username);
|
||||
throw new ServiceException(msg);
|
||||
}
|
||||
}
|
||||
|
||||
private String beforePasswordError(Boolean blacklistSwitch, String username) {
|
||||
String ip = IpUtil.getIp(request);
|
||||
// 未开启->直接结束
|
||||
if (!blacklistSwitch) {
|
||||
return "密码错误";
|
||||
}
|
||||
// 开启->继续
|
||||
// 错误次数是否到达允许最大错误次数
|
||||
Integer maxAllowCount = authConfigApiService.getAllowMaxErrorCount();
|
||||
Integer ipErrorCount = redisService.getObject(SecurityConstant.LOGIN_ERROR_COUNT + ip, Integer.class);
|
||||
if (ipErrorCount >= maxAllowCount) {
|
||||
// 是-> 进入黑名单库 && 返回"IP已被拉黑"
|
||||
redisService.set(SecurityConstant.BLACKLIST_KEY + ip, username, authConfigApiService.getBlacklistExpireTime());
|
||||
return SecurityConstant.HAS_BEEN_PULLED_BLACK;
|
||||
} else {
|
||||
// 否-> 错误次数+1 && 返回"你还剩xx次错误机会"
|
||||
ipErrorCount++;
|
||||
redisService.set(SecurityConstant.LOGIN_ERROR_COUNT + ip, ipErrorCount);
|
||||
return StrUtil.format("密码错误, 还有[{}]次错误机会", ipErrorCount);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
@ -2,14 +2,12 @@ package com.qiaoba.module.tenant.filters;
|
||||
|
||||
import cn.hutool.core.date.DateUtil;
|
||||
import cn.hutool.core.util.StrUtil;
|
||||
import com.qiaoba.auth.properties.AuthConfigProperties;
|
||||
import com.qiaoba.common.base.code.TenantErrorCode;
|
||||
import com.qiaoba.common.base.constants.TenantConstant;
|
||||
import com.qiaoba.common.base.context.BaseContext;
|
||||
import com.qiaoba.common.database.config.DynamicDataSourceConfig;
|
||||
import com.qiaoba.common.database.constants.DynamicDatasourceConstant;
|
||||
import com.qiaoba.common.web.utils.ResponseUtil;
|
||||
import com.qiaoba.common.web.utils.UriUtil;
|
||||
import com.qiaoba.module.tenant.entity.SysTenant;
|
||||
import com.qiaoba.module.tenant.enums.TenantStatusEnum;
|
||||
import com.qiaoba.module.tenant.service.SysTenantService;
|
||||
@ -43,17 +41,14 @@ public class DynamicDataSourceFilter extends OncePerRequestFilter {
|
||||
private SysTenantService sysTenantService;
|
||||
@Resource
|
||||
private DynamicDataSourceConfig dynamicDataSourceConfig;
|
||||
@Resource
|
||||
private AuthConfigProperties authConfigProperties;
|
||||
|
||||
private final String LOGIN_TENANT_LIST_URI = "/tenant/normal-list";
|
||||
|
||||
@Override
|
||||
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
|
||||
log.debug(StrUtil.format("Start run DynamicDataSourceFilter, Uri: {}", request.getRequestURI()));
|
||||
String tenantId = request.getHeader(TenantConstant.HEADER_KEY_TENANT);
|
||||
// 主系统 or 登录入口获取租户列表
|
||||
if (TenantConstant.DEFAULT_TENANT_ID.equals(tenantId) || LOGIN_TENANT_LIST_URI.equals(request.getRequestURI())) {
|
||||
if (TenantConstant.DEFAULT_TENANT_ID.equals(tenantId) || TenantConstant.LOGIN_TENANT_LIST_URI.equals(request.getRequestURI())) {
|
||||
dynamicDataSourceConfig.setDefaultSetting();
|
||||
filterChain.doFilter(request, response);
|
||||
after();
|
||||
@ -61,7 +56,7 @@ public class DynamicDataSourceFilter extends OncePerRequestFilter {
|
||||
}
|
||||
|
||||
|
||||
SysTenant sysTenant = sysTenantService.selectById(tenantId);
|
||||
SysTenant sysTenant = sysTenantService.selectFromCache(tenantId);
|
||||
// 检查租户是否允许访问
|
||||
if (checkTenantIsNotAllow(response, sysTenant)) {
|
||||
return;
|
||||
|
@ -50,6 +50,14 @@ public interface SysTenantService {
|
||||
*/
|
||||
SysTenant selectById(String tenantId);
|
||||
|
||||
/**
|
||||
* 在缓存中查询详情
|
||||
*
|
||||
* @param tenantId tenantId
|
||||
* @return info
|
||||
*/
|
||||
SysTenant selectFromCache(String tenantId);
|
||||
|
||||
/**
|
||||
* 获取设置信息
|
||||
*
|
||||
@ -73,4 +81,9 @@ public interface SysTenantService {
|
||||
* @param status status
|
||||
*/
|
||||
void updateStatus(String tenantId, String status);
|
||||
|
||||
/**
|
||||
* 更新缓存
|
||||
*/
|
||||
void resetCache();
|
||||
}
|
||||
|
@ -4,6 +4,8 @@ import cn.hutool.core.util.StrUtil;
|
||||
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
||||
import com.qiaoba.auth.utils.SecurityUtil;
|
||||
import com.qiaoba.common.base.constants.BaseConstant;
|
||||
import com.qiaoba.common.base.constants.TenantConstant;
|
||||
import com.qiaoba.common.base.context.BaseContext;
|
||||
import com.qiaoba.common.base.enums.BaseEnum;
|
||||
import com.qiaoba.common.base.enums.DataBaseEnum;
|
||||
import com.qiaoba.common.base.exceptions.ServiceException;
|
||||
@ -12,6 +14,7 @@ import com.qiaoba.common.database.entity.PageQuery;
|
||||
import com.qiaoba.common.database.entity.TableDataInfo;
|
||||
import com.qiaoba.common.database.properties.PoolInfo;
|
||||
import com.qiaoba.common.database.utils.JdbcUtil;
|
||||
import com.qiaoba.common.redis.service.RedisService;
|
||||
import com.qiaoba.module.tenant.entity.SysTenant;
|
||||
import com.qiaoba.module.tenant.entity.SysTenantDatasource;
|
||||
import com.qiaoba.module.tenant.entity.param.SysTenantParam;
|
||||
@ -24,6 +27,7 @@ import lombok.RequiredArgsConstructor;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import javax.annotation.PostConstruct;
|
||||
import java.sql.Connection;
|
||||
import java.util.Date;
|
||||
import java.util.List;
|
||||
@ -54,20 +58,36 @@ public class SysTenantServiceImpl implements SysTenantService {
|
||||
private final SysTenantMapper sysTenantMapper;
|
||||
private final SysTenantDatasourceService sysTenantDatasourceService;
|
||||
private final DynamicDataSourceConfig dynamicDataSourceConfig;
|
||||
private final RedisService redisService;
|
||||
|
||||
@PostConstruct
|
||||
public void init() {
|
||||
BaseContext.setTenantId(TenantConstant.DEFAULT_TENANT_ID);
|
||||
resetCache();
|
||||
BaseContext.clearTenantId();
|
||||
}
|
||||
|
||||
@Override
|
||||
public int insert(SysTenant sysTenant) {
|
||||
sysTenant.setCreateTime(new Date());
|
||||
sysTenant.setCreateUser(SecurityUtil.getLoginUsername());
|
||||
sysTenant.setStatus(BaseEnum.NORMAL.getCode());
|
||||
return sysTenantMapper.insert(sysTenant);
|
||||
int result = sysTenantMapper.insert(sysTenant);
|
||||
if (result > BaseConstant.HANDLE_ERROR) {
|
||||
toCache(sysTenant);
|
||||
}
|
||||
return result;
|
||||
}
|
||||
|
||||
@Override
|
||||
public int update(SysTenant sysTenant) {
|
||||
sysTenant.setUpdateTime(new Date());
|
||||
sysTenant.setUpdateUser(SecurityUtil.getLoginUsername());
|
||||
return sysTenantMapper.updateById(sysTenant);
|
||||
int result = sysTenantMapper.updateById(sysTenant);
|
||||
if (result > BaseConstant.HANDLE_ERROR) {
|
||||
toCache(sysTenant);
|
||||
}
|
||||
return result;
|
||||
}
|
||||
|
||||
@Override
|
||||
@ -80,6 +100,14 @@ public class SysTenantServiceImpl implements SysTenantService {
|
||||
return sysTenantMapper.selectById(tenantId);
|
||||
}
|
||||
|
||||
@Override
|
||||
public SysTenant selectFromCache(String tenantId) {
|
||||
BaseContext.setTenantId(TenantConstant.DEFAULT_TENANT_ID);
|
||||
SysTenant sysTenant = redisService.getObject(TenantConstant.TENANT_INFO_KEY_PREFIX + tenantId, SysTenant.class);
|
||||
BaseContext.clearTenantId();
|
||||
return sysTenant;
|
||||
}
|
||||
|
||||
@Override
|
||||
public TenantSettingVo getSetting(String tenantId) {
|
||||
SysTenant sysTenant = selectById(tenantId);
|
||||
@ -118,6 +146,15 @@ public class SysTenantServiceImpl implements SysTenantService {
|
||||
@Override
|
||||
public void updateStatus(String tenantId, String status) {
|
||||
sysTenantMapper.updateById(new SysTenant(tenantId, status));
|
||||
toCache(selectById(tenantId));
|
||||
}
|
||||
|
||||
@Override
|
||||
public void resetCache() {
|
||||
List<SysTenant> sysTenants = sysTenantMapper.selectList(param2Wrapper(new SysTenantParam()));
|
||||
for (SysTenant sysTenant : sysTenants) {
|
||||
toCache(sysTenant);
|
||||
}
|
||||
}
|
||||
|
||||
private QueryWrapper<SysTenant> param2Wrapper(SysTenantParam param) {
|
||||
@ -184,4 +221,7 @@ public class SysTenantServiceImpl implements SysTenantService {
|
||||
return JdbcUtil.getConnection(DataBaseEnum.getDriver(master.getType()), DataBaseEnum.getUrl(master.getType(), master.getIp(), master.getPort(), master.getName()), master.getUsername(), master.getPassword());
|
||||
}
|
||||
|
||||
private void toCache(SysTenant sysTenant) {
|
||||
redisService.set(TenantConstant.TENANT_INFO_KEY_PREFIX + sysTenant.getTenantId(), sysTenant);
|
||||
}
|
||||
}
|
||||
|
Reference in New Issue
Block a user