fangqiao/qiaoba-boot
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

first commit

Browse Source
This commit is contained in:
ailanyin
2023-06-12 22:49:55 +08:00
parent c931657a8a
commit 95bae3f9b3
11 changed files with 172 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
qiaoba-modules/qiaoba-module-system/src/main/java/com/qiaoba/module/system/service/impl/SysLoginServiceImpl.java
View File

@ -72,6 +72,9 @@ public class SysLoginServiceImpl implements SysLoginService {
@Override
public String login(LoginDto dto) {
Boolean blacklistSwitch = authConfigApiService.getBlacklistConfig();
// 校验黑名单
validateBlacklist(blacklistSwitch);
// 校验验证码
authConfigApiService.validateCaptcha(dto.getCode(), dto.getUuid());
// username查询用户信息
@ -79,7 +82,7 @@ public class SysLoginServiceImpl implements SysLoginService {
// 检查账号信息
validateUser(dto.getUsername(), sysUser);
// 检验密码
validatePassword(dto.getUsername(), sysUser.getPassword(), dto.getPassword());
validatePassword(blacklistSwitch, dto.getUsername(), sysUser.getPassword(), dto.getPassword());
// 缓存在线用户
String deviceSn = cacheOnlineUser(dto.getUsername(), sysUser.getNickname());
// 缓存userDetails
@ -88,15 +91,46 @@ public class SysLoginServiceImpl implements SysLoginService {
return TokenUtil.generateToken(sysUser.getUsername(), deviceSn);
}
private void validatePassword(String username, String password, String inputPassword) {
boolean result = SecurityUtil.matchesPassword(inputPassword, password);
if (!result) {
ThreadUtil.execAsync(() -> beforePasswordError(username));
throw new ServiceException(SecurityConstant.PASSWORD_ERROR);
private void validateBlacklist(Boolean blacklistSwitch) {
String ip = IpUtil.getIp(request);
if (blacklistSwitch && redisService.hasKey(SecurityConstant.BLACKLIST_KEY + ip)) {
throw new ServiceException(SecurityConstant.HAS_BEEN_PULLED_BLACK);
}
}
private void beforePasswordError(String username) {
private void validatePassword(Boolean blacklistSwitch, String username, String password, String inputPassword) {
boolean result = SecurityUtil.matchesPassword(inputPassword, password);
if (result && blacklistSwitch) {
// 密码正确, 删除错误次数
String ip = IpUtil.getIp(request);
redisService.del(SecurityConstant.LOGIN_ERROR_COUNT + ip);
} else {
// 密码错误
String msg = beforePasswordError(blacklistSwitch, username);
throw new ServiceException(msg);
}
}
private String beforePasswordError(Boolean blacklistSwitch, String username) {
String ip = IpUtil.getIp(request);
// 未开启->直接结束
if (!blacklistSwitch) {
return "密码错误";
}
// 开启->继续
// 错误次数是否到达允许最大错误次数
Integer maxAllowCount = authConfigApiService.getAllowMaxErrorCount();
Integer ipErrorCount = redisService.getObject(SecurityConstant.LOGIN_ERROR_COUNT + ip, Integer.class);
if (ipErrorCount >= maxAllowCount) {
// 是-> 进入黑名单库 && 返回"IP已被拉黑"
redisService.set(SecurityConstant.BLACKLIST_KEY + ip, username, authConfigApiService.getBlacklistExpireTime());
return SecurityConstant.HAS_BEEN_PULLED_BLACK;
} else {
// 否-> 错误次数+1 && 返回"你还剩xx次错误机会"
ipErrorCount++;
redisService.set(SecurityConstant.LOGIN_ERROR_COUNT + ip, ipErrorCount);
return StrUtil.format("密码错误, 还有[{}]次错误机会", ipErrorCount);
}
}

9
qiaoba-modules/qiaoba-module-tenant/src/main/java/com/qiaoba/module/tenant/filters/DynamicDataSourceFilter.java
View File

@ -2,14 +2,12 @@ package com.qiaoba.module.tenant.filters;
import cn.hutool.core.date.DateUtil;
import cn.hutool.core.util.StrUtil;
import com.qiaoba.auth.properties.AuthConfigProperties;
import com.qiaoba.common.base.code.TenantErrorCode;
import com.qiaoba.common.base.constants.TenantConstant;
import com.qiaoba.common.base.context.BaseContext;
import com.qiaoba.common.database.config.DynamicDataSourceConfig;
import com.qiaoba.common.database.constants.DynamicDatasourceConstant;
import com.qiaoba.common.web.utils.ResponseUtil;
import com.qiaoba.common.web.utils.UriUtil;
import com.qiaoba.module.tenant.entity.SysTenant;
import com.qiaoba.module.tenant.enums.TenantStatusEnum;
import com.qiaoba.module.tenant.service.SysTenantService;
@ -43,17 +41,14 @@ public class DynamicDataSourceFilter extends OncePerRequestFilter {
private SysTenantService sysTenantService;
@Resource
private DynamicDataSourceConfig dynamicDataSourceConfig;
@Resource
private AuthConfigProperties authConfigProperties;
private final String LOGIN_TENANT_LIST_URI = "/tenant/normal-list";
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
log.debug(StrUtil.format("Start run DynamicDataSourceFilter, Uri: {}", request.getRequestURI()));
String tenantId = request.getHeader(TenantConstant.HEADER_KEY_TENANT);
// 主系统 or 登录入口获取租户列表
if (TenantConstant.DEFAULT_TENANT_ID.equals(tenantId) || LOGIN_TENANT_LIST_URI.equals(request.getRequestURI())) {
if (TenantConstant.DEFAULT_TENANT_ID.equals(tenantId) || TenantConstant.LOGIN_TENANT_LIST_URI.equals(request.getRequestURI())) {
dynamicDataSourceConfig.setDefaultSetting();
filterChain.doFilter(request, response);
after();
@ -61,7 +56,7 @@ public class DynamicDataSourceFilter extends OncePerRequestFilter {
}
SysTenant sysTenant = sysTenantService.selectById(tenantId);
SysTenant sysTenant = sysTenantService.selectFromCache(tenantId);
// 检查租户是否允许访问
if (checkTenantIsNotAllow(response, sysTenant)) {
return;

13
qiaoba-modules/qiaoba-module-tenant/src/main/java/com/qiaoba/module/tenant/service/SysTenantService.java
View File

@ -50,6 +50,14 @@ public interface SysTenantService {
*/
SysTenant selectById(String tenantId);
/**
* 在缓存中查询详情
*
* @param tenantId tenantId
* @return info
*/
SysTenant selectFromCache(String tenantId);
/**
* 获取设置信息
*
@ -73,4 +81,9 @@ public interface SysTenantService {
* @param status status
*/
void updateStatus(String tenantId, String status);
/**
* 更新缓存
*/
void resetCache();
}

44
qiaoba-modules/qiaoba-module-tenant/src/main/java/com/qiaoba/module/tenant/service/impl/SysTenantServiceImpl.java
View File

@ -4,6 +4,8 @@ import cn.hutool.core.util.StrUtil;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.qiaoba.auth.utils.SecurityUtil;
import com.qiaoba.common.base.constants.BaseConstant;
import com.qiaoba.common.base.constants.TenantConstant;
import com.qiaoba.common.base.context.BaseContext;
import com.qiaoba.common.base.enums.BaseEnum;
import com.qiaoba.common.base.enums.DataBaseEnum;
import com.qiaoba.common.base.exceptions.ServiceException;
@ -12,6 +14,7 @@ import com.qiaoba.common.database.entity.PageQuery;
import com.qiaoba.common.database.entity.TableDataInfo;
import com.qiaoba.common.database.properties.PoolInfo;
import com.qiaoba.common.database.utils.JdbcUtil;
import com.qiaoba.common.redis.service.RedisService;
import com.qiaoba.module.tenant.entity.SysTenant;
import com.qiaoba.module.tenant.entity.SysTenantDatasource;
import com.qiaoba.module.tenant.entity.param.SysTenantParam;
@ -24,6 +27,7 @@ import lombok.RequiredArgsConstructor;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
import javax.annotation.PostConstruct;
import java.sql.Connection;
import java.util.Date;
import java.util.List;
@ -54,20 +58,36 @@ public class SysTenantServiceImpl implements SysTenantService {
private final SysTenantMapper sysTenantMapper;
private final SysTenantDatasourceService sysTenantDatasourceService;
private final DynamicDataSourceConfig dynamicDataSourceConfig;
private final RedisService redisService;
@PostConstruct
public void init() {
BaseContext.setTenantId(TenantConstant.DEFAULT_TENANT_ID);
resetCache();
BaseContext.clearTenantId();
}
@Override
public int insert(SysTenant sysTenant) {
sysTenant.setCreateTime(new Date());
sysTenant.setCreateUser(SecurityUtil.getLoginUsername());
sysTenant.setStatus(BaseEnum.NORMAL.getCode());
return sysTenantMapper.insert(sysTenant);
int result = sysTenantMapper.insert(sysTenant);
if (result > BaseConstant.HANDLE_ERROR) {
toCache(sysTenant);
}
return result;
}
@Override
public int update(SysTenant sysTenant) {
sysTenant.setUpdateTime(new Date());
sysTenant.setUpdateUser(SecurityUtil.getLoginUsername());
return sysTenantMapper.updateById(sysTenant);
int result = sysTenantMapper.updateById(sysTenant);
if (result > BaseConstant.HANDLE_ERROR) {
toCache(sysTenant);
}
return result;
}
@Override
@ -80,6 +100,14 @@ public class SysTenantServiceImpl implements SysTenantService {
return sysTenantMapper.selectById(tenantId);
}
@Override
public SysTenant selectFromCache(String tenantId) {
BaseContext.setTenantId(TenantConstant.DEFAULT_TENANT_ID);
SysTenant sysTenant = redisService.getObject(TenantConstant.TENANT_INFO_KEY_PREFIX + tenantId, SysTenant.class);
BaseContext.clearTenantId();
return sysTenant;
}
@Override
public TenantSettingVo getSetting(String tenantId) {
SysTenant sysTenant = selectById(tenantId);
@ -118,6 +146,15 @@ public class SysTenantServiceImpl implements SysTenantService {
@Override
public void updateStatus(String tenantId, String status) {
sysTenantMapper.updateById(new SysTenant(tenantId, status));
toCache(selectById(tenantId));
}
@Override
public void resetCache() {
List<SysTenant> sysTenants = sysTenantMapper.selectList(param2Wrapper(new SysTenantParam()));
for (SysTenant sysTenant : sysTenants) {
toCache(sysTenant);
}
}
private QueryWrapper<SysTenant> param2Wrapper(SysTenantParam param) {
@ -184,4 +221,7 @@ public class SysTenantServiceImpl implements SysTenantService {
return JdbcUtil.getConnection(DataBaseEnum.getDriver(master.getType()), DataBaseEnum.getUrl(master.getType(), master.getIp(), master.getPort(), master.getName()), master.getUsername(), master.getPassword());
}
private void toCache(SysTenant sysTenant) {
redisService.set(TenantConstant.TENANT_INFO_KEY_PREFIX + sysTenant.getTenantId(), sysTenant);
}
}