diff --git a/qiaoba-apis/qiaoba-api-auth/src/main/java/com/qiaoba/api/auth/service/AuthConfigApiService.java b/qiaoba-apis/qiaoba-api-auth/src/main/java/com/qiaoba/api/auth/service/AuthConfigApiService.java new file mode 100644 index 0000000..5134ccf --- /dev/null +++ b/qiaoba-apis/qiaoba-api-auth/src/main/java/com/qiaoba/api/auth/service/AuthConfigApiService.java @@ -0,0 +1,40 @@ +package com.qiaoba.api.auth.service; + +/** + * 安全配置 对外暴露接口 + * + * @author ailanyin + * @version 1.0 + * @since 2023/5/19 17:17 + */ +public interface AuthConfigApiService { + + /** + * 是否允许账号同时在线 + * + * @return 是/否 + */ + Boolean checkAllowBothOnline(); + + /** + * 是否开启验证码 + * + * @return 是/否 + */ + Boolean getCaptchaConfig(); + + /** + * 是否开启注册 + * + * @return 是/否 + */ + Boolean getRegisterConfig(); + + /** + * 验证验证码 + * @param code code + * @param uuid uuid + */ + void validateCaptcha(String code, String uuid); + +} diff --git a/qiaoba-apis/qiaoba-api-auth/src/main/java/com/qiaoba/api/auth/service/SysUserDetailsApiService.java b/qiaoba-apis/qiaoba-api-auth/src/main/java/com/qiaoba/api/auth/service/SysUserDetailsApiService.java index c08d004..9ab4bd1 100644 --- a/qiaoba-apis/qiaoba-api-auth/src/main/java/com/qiaoba/api/auth/service/SysUserDetailsApiService.java +++ b/qiaoba-apis/qiaoba-api-auth/src/main/java/com/qiaoba/api/auth/service/SysUserDetailsApiService.java @@ -3,7 +3,7 @@ package com.qiaoba.api.auth.service; import org.springframework.security.core.userdetails.UserDetails; /** - * SysUserDetails 暴露接口 + * SysUserDetails 对外暴露接口 * * @author ailanyin * @version 1.0 diff --git a/qiaoba-auth/src/main/java/com/qiaoba/auth/config/SpringSecurityConfig.java b/qiaoba-auth/src/main/java/com/qiaoba/auth/config/SpringSecurityConfig.java index 176227e..5715697 100644 --- a/qiaoba-auth/src/main/java/com/qiaoba/auth/config/SpringSecurityConfig.java +++ b/qiaoba-auth/src/main/java/com/qiaoba/auth/config/SpringSecurityConfig.java @@ -3,12 +3,13 @@ package com.qiaoba.auth.config; import cn.hutool.core.util.RandomUtil; import cn.hutool.crypto.SecureUtil; import com.qiaoba.auth.constants.SecurityConstant; -import com.qiaoba.auth.filters.JwtAuthenticationTokenFilter; +import com.qiaoba.auth.filters.AuthenticationCoreFilter; import com.qiaoba.auth.handler.AccessDeniedHandler; import com.qiaoba.auth.handler.LogoutHandler; import com.qiaoba.auth.properties.AuthConfigProperties; import com.qiaoba.auth.utils.TokenUtil; import com.qiaoba.common.base.constants.BaseConstant; +import com.qiaoba.common.base.constants.ConfigConstant; import com.qiaoba.common.redis.service.RedisService; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; @@ -42,7 +43,7 @@ public class SpringSecurityConfig { private final AuthConfigProperties authConfigProperties; private final AccessDeniedHandler accessDeniedHandler; - private final JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter; + private final AuthenticationCoreFilter authenticationCoreFilter; private final RedisService redisService; private final LogoutHandler logoutHandler; @@ -52,8 +53,8 @@ public class SpringSecurityConfig { @PostConstruct public void init() { - if (redisService.hasKey(SecurityConstant.TOKEN_EXPIRE_TIME_KEY)) { - TokenUtil.expireTime = Integer.parseInt(redisService.get(SecurityConstant.TOKEN_EXPIRE_TIME_KEY).toString()); + if (redisService.hasKey(ConfigConstant.TOKEN_EXPIRE_TIME_KEY)) { + TokenUtil.expireTime = Integer.parseInt(redisService.get(ConfigConstant.TOKEN_EXPIRE_TIME_KEY).toString()); } if (redisService.hasKey(SecurityConstant.REDIS_SECRET_KEY)) { @@ -95,10 +96,10 @@ public class SpringSecurityConfig { // 禁用缓存 httpSecurity.headers().cacheControl(); // 退出处理 - httpSecurity.logout().logoutUrl(SecurityConstant.LOGOUT_URL).logoutSuccessHandler(logoutHandler); + httpSecurity.logout().logoutUrl(SecurityConstant.LOGOUT_URI).logoutSuccessHandler(logoutHandler); // 添加JWT filter - httpSecurity.addFilterBefore(jwtAuthenticationTokenFilter, UsernamePasswordAuthenticationFilter.class); - httpSecurity.addFilterBefore(jwtAuthenticationTokenFilter, LogoutFilter.class); + httpSecurity.addFilterBefore(authenticationCoreFilter, UsernamePasswordAuthenticationFilter.class); + httpSecurity.addFilterBefore(authenticationCoreFilter, LogoutFilter.class); return httpSecurity.build(); } } diff --git a/qiaoba-auth/src/main/java/com/qiaoba/auth/constants/SecurityConstant.java b/qiaoba-auth/src/main/java/com/qiaoba/auth/constants/SecurityConstant.java index a1510e1..e38f2a5 100644 --- a/qiaoba-auth/src/main/java/com/qiaoba/auth/constants/SecurityConstant.java +++ b/qiaoba-auth/src/main/java/com/qiaoba/auth/constants/SecurityConstant.java @@ -21,34 +21,23 @@ public class SecurityConstant { public static final int HTTP_SQUEEZED_OFFLINE = 4011; - - public static final int MAX_ERROR_COUNT = 5; - public static final String LOGOUT_URL = "/logout"; + public static final String LOGOUT_URI = "/logout"; public static final String HAS_BEEN_PULLED_BLACK = "您的IP已经被系统拉黑"; public static final String ACCESS_DENIED = "暂无权限访问, 请重新登录"; public static final String BLACKLIST_KEY = "login:blacklist"; public static final String LOGIN_ERROR_COUNT = "login:errorCount:"; public static final String BLACKLIST_ON = "true"; - public static final String BLACKLIST_ON_OFF_KEY = ConfigConstant.SYS_CONFIG_KEY_PREFIX + "sys.account.blacklistOnOff"; + public static final String CAPTCHA_KEY = "login:captcha:"; - public static final String CAPTCHA_ON_OFF_KEY = ConfigConstant.SYS_CONFIG_KEY_PREFIX + "sys.account.captchaOnOff"; - public static final String CAPTCHA_ON = "true"; - public static final String REGISTER_ON_OFF_KEY = ConfigConstant.SYS_CONFIG_KEY_PREFIX + "sys.account.registerUser"; - public static final String REGISTER_ON = "true"; + public static final String REDIS_SECRET_KEY = "sys:secret:secret"; public static final String USER_DETAILS_REDIS_KEY = "user_details:"; public static final String ONLINE_USER_REDIS_KEY = "online_user:"; public static final String LOGGED_USER_REDIS_KEY = "logged_user:"; - public static final String TOKEN_EXPIRE_TIME_KEY = ConfigConstant.SYS_CONFIG_KEY_PREFIX + "sys.token.expireTime"; - /** - * 登录成功 - */ - public static final String LOGIN_SUCCESS = "登录成功"; - /** - * 登录失败 - */ - public static final String LOGIN_FAIL = "登录失败"; + + + /** * 密码错误 */ @@ -65,33 +54,4 @@ public class SecurityConstant { public static final String TOKEN_HEAD = "Bearer "; - /** - * Xss过滤白名单 - */ - public final static List XSS_WHITELIST = Arrays.asList( - "/captchaImage", - "/login", - "/workflow/process/start", - "/workflow/model/save" - ); - - /** - * 需要限流的接口 - */ - public final static List LIMIT_URI = Arrays.asList( - "/captchaImage", - "/login", - "/register" - ); - - /** - * 限流的RedisKey - */ - public final static String RATE_LIMIT_KEY = "rateLimit:"; - - /** - * 同IP每秒最大允许访问次数 - */ - public final static Integer MAX_RATE_LIMIT_TOTAL = 5; - } diff --git a/qiaoba-auth/src/main/java/com/qiaoba/auth/entity/dto/OnlineUserDto.java b/qiaoba-auth/src/main/java/com/qiaoba/auth/entity/dto/OnlineUserDto.java new file mode 100644 index 0000000..b12706c --- /dev/null +++ b/qiaoba-auth/src/main/java/com/qiaoba/auth/entity/dto/OnlineUserDto.java @@ -0,0 +1,33 @@ +package com.qiaoba.auth.entity.dto; + +import lombok.AllArgsConstructor; +import lombok.Data; +import lombok.NoArgsConstructor; + +import java.io.Serializable; + +/** + * 在线用户 + * + * @author ailanyin + * @version 1.0 + * @since 2023/5/22 17:08 + */ +@Data +@AllArgsConstructor +@NoArgsConstructor +public class OnlineUserDto implements Serializable { + + private static final long serialVersionUID = 1L; + + /** + * 登录账号 + */ + private String username; + + /** + * 设备号 暂用UUID + */ + private String deviceSn; + +} diff --git a/qiaoba-auth/src/main/java/com/qiaoba/auth/entity/dto/RoleDto.java b/qiaoba-auth/src/main/java/com/qiaoba/auth/entity/dto/RoleDto.java index ce1bb82..b6cf7c2 100644 --- a/qiaoba-auth/src/main/java/com/qiaoba/auth/entity/dto/RoleDto.java +++ b/qiaoba-auth/src/main/java/com/qiaoba/auth/entity/dto/RoleDto.java @@ -2,6 +2,8 @@ package com.qiaoba.auth.entity.dto; import lombok.Data; +import java.io.Serializable; + /** * 角色 * @@ -10,7 +12,9 @@ import lombok.Data; * @since 2023/5/22 17:08 */ @Data -public class RoleDto { +public class RoleDto implements Serializable { + + private static final long serialVersionUID = 1L; private String roleId; private String roleKey; diff --git a/qiaoba-auth/src/main/java/com/qiaoba/auth/filters/JwtAuthenticationTokenFilter.java b/qiaoba-auth/src/main/java/com/qiaoba/auth/filters/AuthenticationCoreFilter.java similarity index 58% rename from qiaoba-auth/src/main/java/com/qiaoba/auth/filters/JwtAuthenticationTokenFilter.java rename to qiaoba-auth/src/main/java/com/qiaoba/auth/filters/AuthenticationCoreFilter.java index 73828e5..43dcf3a 100644 --- a/qiaoba-auth/src/main/java/com/qiaoba/auth/filters/JwtAuthenticationTokenFilter.java +++ b/qiaoba-auth/src/main/java/com/qiaoba/auth/filters/AuthenticationCoreFilter.java @@ -1,8 +1,8 @@ package com.qiaoba.auth.filters; -import cn.hutool.core.util.StrUtil; +import com.qiaoba.api.auth.service.AuthConfigApiService; import com.qiaoba.auth.constants.SecurityConstant; -import com.qiaoba.auth.entity.OnlineUser; +import com.qiaoba.auth.entity.dto.OnlineUserDto; import com.qiaoba.auth.properties.AuthConfigProperties; import com.qiaoba.auth.service.OnlineUserService; import com.qiaoba.auth.utils.TokenUtil; @@ -24,20 +24,20 @@ import java.io.IOException; import java.util.Objects; /** - * JwtAuthenticationTokenFilter - * 为了保证 SecurityContext 上下文中 userInfo 是最新的 + * 鉴权核心过滤器 * * @author ailanyin * @version 1.0 - * @since 2021/10/21 0021 下午 14:13 + * @since 2023-05-28 15:31:55 */ @RequiredArgsConstructor -public class JwtAuthenticationTokenFilter extends OncePerRequestFilter { +public class AuthenticationCoreFilter extends OncePerRequestFilter { private final RedisService redisService; private final UserDetailsService userDetailsService; private final OnlineUserService onlineUserService; private final AuthConfigProperties authConfigProperties; + private final AuthConfigApiService authConfigApiService; @Override protected void doFilterInternal(HttpServletRequest request, @@ -49,18 +49,21 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter { return; } - // 取Header中的Token - String authHeader = request.getHeader(SecurityConstant.TOKEN_HEADER); - if (StrUtil.isNotBlank(authHeader) && authHeader.startsWith(SecurityConstant.TOKEN_HEAD)) { - String authToken = authHeader.substring(SecurityConstant.TOKEN_HEAD.length()); - String username = authToken.split(":")[0]; - String deviceSn = authToken.split(":")[1]; + String authToken = TokenUtil.getToken(request, false); - if (!"/logout".equals(request.getRequestURI())) { + OnlineUserDto onlineUserDto = TokenUtil.getUsernameAndDeviceSn(authToken); + String username = onlineUserDto.getUsername(); + String deviceSn = onlineUserDto.getDeviceSn(); + UserDetails userDetails = userDetailsService.loadUserByUsername(username); + + // 不是退出请求 + if (!SecurityConstant.LOGOUT_URI.equals(request.getRequestURI())) { + // 不允许同时在线 + if (!authConfigApiService.checkAllowBothOnline()) { if (redisService.hasKey(SecurityConstant.LOGGED_USER_REDIS_KEY + username)) { if (!onlineUserService.checkIsLastLogged(username, deviceSn)) { + onlineUserService.deleteOne(username, deviceSn, true); ResponseUtil.errorAuth(response, 4012, "被挤下线"); - onlineUserService.deleteOne(username, deviceSn); return; } } else { @@ -68,15 +71,22 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter { return; } } - - if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) { - UserDetails userDetails = userDetailsService.loadUserByUsername(username); - UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities()); - authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); - SecurityContextHolder.getContext().setAuthentication(authentication); + // 允许同时在线 + else { + if (Objects.isNull(userDetails)) { + ResponseUtil.errorAuth(response, 4011, "登陆过期"); + return; + } } } + // 更新 SecurityContextHolder Authentication, 为了保证 SecurityContext 上下文中 userDetails 是最新的 + if (Objects.isNull(SecurityContextHolder.getContext().getAuthentication())) { + UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities()); + authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); + SecurityContextHolder.getContext().setAuthentication(authentication); + } + chain.doFilter(request, response); } } diff --git a/qiaoba-auth/src/main/java/com/qiaoba/auth/handler/LogoutHandler.java b/qiaoba-auth/src/main/java/com/qiaoba/auth/handler/LogoutHandler.java index 38ca355..9a8717a 100644 --- a/qiaoba-auth/src/main/java/com/qiaoba/auth/handler/LogoutHandler.java +++ b/qiaoba-auth/src/main/java/com/qiaoba/auth/handler/LogoutHandler.java @@ -2,7 +2,6 @@ package com.qiaoba.auth.handler; import com.qiaoba.auth.entity.LoginUser; import com.qiaoba.auth.service.OnlineUserService; -import com.qiaoba.common.redis.service.RedisService; import lombok.RequiredArgsConstructor; import org.springframework.security.core.Authentication; import org.springframework.security.web.authentication.logout.LogoutSuccessHandler; @@ -24,13 +23,12 @@ import java.io.IOException; @RequiredArgsConstructor public class LogoutHandler implements LogoutSuccessHandler { - private final RedisService redisService; private final OnlineUserService onlineUserService; @Override public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException { // 删除缓存中的用户信息 LoginUser user = (LoginUser) authentication.getPrincipal(); - onlineUserService.deleteOne(user.getUsername(), user.getDeviceSn()); + onlineUserService.deleteOne(user.getUsername(), user.getDeviceSn(), true); } } diff --git a/qiaoba-auth/src/main/java/com/qiaoba/auth/service/OnlineUserService.java b/qiaoba-auth/src/main/java/com/qiaoba/auth/service/OnlineUserService.java index 2a9e9b8..45a2cd9 100644 --- a/qiaoba-auth/src/main/java/com/qiaoba/auth/service/OnlineUserService.java +++ b/qiaoba-auth/src/main/java/com/qiaoba/auth/service/OnlineUserService.java @@ -25,8 +25,9 @@ public interface OnlineUserService { * * @param username 登录账号 * @param deviceSn 设备号 + * @param deleteOwn 是否是删除自己 */ - void deleteOne(String username, String deviceSn); + void deleteOne(String username, String deviceSn, Boolean deleteOwn); /** * 删除(强退) @@ -60,4 +61,5 @@ public interface OnlineUserService { * @return 结果 */ Boolean checkIsLastLogged(String username, String deviceSn); + } diff --git a/qiaoba-auth/src/main/java/com/qiaoba/auth/service/impl/AuthConfigServiceImpl.java b/qiaoba-auth/src/main/java/com/qiaoba/auth/service/impl/AuthConfigServiceImpl.java new file mode 100644 index 0000000..eac3993 --- /dev/null +++ b/qiaoba-auth/src/main/java/com/qiaoba/auth/service/impl/AuthConfigServiceImpl.java @@ -0,0 +1,60 @@ +package com.qiaoba.auth.service.impl; + +import cn.hutool.core.util.StrUtil; +import com.qiaoba.api.auth.service.AuthConfigApiService; +import com.qiaoba.auth.constants.SecurityConstant; +import com.qiaoba.common.base.constants.ConfigConstant; +import com.qiaoba.common.base.exceptions.ServiceException; +import com.qiaoba.common.redis.service.RedisService; +import lombok.RequiredArgsConstructor; +import org.springframework.stereotype.Service; + +/** + * 安全配置 服务层实现 + * + * @author ailanyin + * @version 1.0 + * @since 2023-05-28 15:09:34 + */ +@Service +@RequiredArgsConstructor +public class AuthConfigServiceImpl implements AuthConfigApiService { + + private final RedisService redisService; + + @Override + public Boolean checkAllowBothOnline() { + return ConfigConstant.COMMON_ON_VALUE.equals(redisService.get(ConfigConstant.ALLOW_BOTH_ONLINE_KEY)); + } + + @Override + public Boolean getCaptchaConfig() { + return ConfigConstant.COMMON_ON_VALUE.equals(redisService.get(ConfigConstant.CAPTCHA_ON_OFF_KEY)); + } + + @Override + public Boolean getRegisterConfig() { + return ConfigConstant.COMMON_ON_VALUE.equals(redisService.get(ConfigConstant.REGISTER_ON_OFF_KEY)); + } + + @Override + public void validateCaptcha(String code, String uuid) { + if (getCaptchaConfig()) { + if (StrUtil.isBlank(code) || StrUtil.isBlank(uuid)) { + throw new ServiceException("验证码或uuid获取失败!"); + } + try { + if (!redisService.hasKey(SecurityConstant.CAPTCHA_KEY + uuid)) { + throw new ServiceException("验证码已经过期失效!"); + } else { + if (!code.equalsIgnoreCase(redisService.get(SecurityConstant.CAPTCHA_KEY + uuid).toString())) { + throw new ServiceException("验证码输入错误!"); + } + } + + } finally { + redisService.del(SecurityConstant.CAPTCHA_KEY + uuid); + } + } + } +} diff --git a/qiaoba-auth/src/main/java/com/qiaoba/auth/service/impl/OnlineUserServiceImpl.java b/qiaoba-auth/src/main/java/com/qiaoba/auth/service/impl/OnlineUserServiceImpl.java index a2f484a..475c94a 100644 --- a/qiaoba-auth/src/main/java/com/qiaoba/auth/service/impl/OnlineUserServiceImpl.java +++ b/qiaoba-auth/src/main/java/com/qiaoba/auth/service/impl/OnlineUserServiceImpl.java @@ -4,13 +4,16 @@ import cn.hutool.core.util.StrUtil; import com.qiaoba.api.auth.service.SysUserDetailsApiService; import com.qiaoba.auth.constants.SecurityConstant; import com.qiaoba.auth.entity.OnlineUser; +import com.qiaoba.auth.entity.dto.OnlineUserDto; import com.qiaoba.auth.service.OnlineUserService; import com.qiaoba.auth.utils.TokenUtil; import com.qiaoba.common.base.constants.BaseConstant; +import com.qiaoba.common.base.exceptions.ServiceException; import com.qiaoba.common.redis.service.RedisService; import lombok.RequiredArgsConstructor; import org.springframework.stereotype.Service; +import javax.servlet.http.HttpServletRequest; import java.util.ArrayList; import java.util.Collection; import java.util.List; @@ -28,16 +31,21 @@ public class OnlineUserServiceImpl implements OnlineUserService { private final RedisService redisService; private final SysUserDetailsApiService sysUserDetailsApiService; + private final HttpServletRequest request; + @Override public void insert(OnlineUser onlineUser) { - // key: username:deviceSn - // value: onlineUser redisService.set(handleKey(onlineUser.getUsername(), onlineUser.getDeviceSn()), onlineUser, TokenUtil.expireTime * 3600); } @Override - public void deleteOne(String username, String deviceSn) { + public void deleteOne(String username, String deviceSn, Boolean deleteOwn) { + + if (!deleteOwn && isOwn(deviceSn)) { + throw new ServiceException("禁止踢出自己!"); + } + if (deviceSn.equals(redisService.get(SecurityConstant.LOGGED_USER_REDIS_KEY + username))) { redisService.del(SecurityConstant.LOGGED_USER_REDIS_KEY + username); } @@ -69,8 +77,7 @@ public class OnlineUserServiceImpl implements OnlineUserService { List users = new ArrayList<>(); Collection keys = redisService.getKeys(key); for (String temp : keys) { - temp = temp.replace("tenant_1:", ""); - users.add(redisService.getObject(temp, OnlineUser.class)); + users.add(redisService.getObject(redisService.removeTenantPrefix(temp), OnlineUser.class)); } return users; } @@ -84,4 +91,10 @@ public class OnlineUserServiceImpl implements OnlineUserService { private String handleKey(String key, String deviceSn) { return SecurityConstant.ONLINE_USER_REDIS_KEY + key + BaseConstant.COLON_JOIN_STR + deviceSn; } + + private Boolean isOwn(String deviceSn) { + String token = TokenUtil.getToken(request, false); + OnlineUserDto dto = TokenUtil.getUsernameAndDeviceSn(token); + return deviceSn.equals(dto.getDeviceSn()); + } } diff --git a/qiaoba-auth/src/main/java/com/qiaoba/auth/utils/TokenUtil.java b/qiaoba-auth/src/main/java/com/qiaoba/auth/utils/TokenUtil.java index 1e8d679..45df510 100644 --- a/qiaoba-auth/src/main/java/com/qiaoba/auth/utils/TokenUtil.java +++ b/qiaoba-auth/src/main/java/com/qiaoba/auth/utils/TokenUtil.java @@ -1,12 +1,12 @@ package com.qiaoba.auth.utils; -import cn.hutool.core.date.DateField; -import cn.hutool.core.date.DateTime; -import cn.hutool.jwt.JWTPayload; -import cn.hutool.jwt.JWTUtil; +import cn.hutool.core.util.StrUtil; +import com.qiaoba.auth.constants.SecurityConstant; +import com.qiaoba.auth.entity.dto.OnlineUserDto; +import com.qiaoba.common.base.constants.BaseConstant; +import com.qiaoba.common.base.exceptions.ServiceException; -import java.util.HashMap; -import java.util.Map; +import javax.servlet.http.HttpServletRequest; /** * TokenUtil @@ -23,47 +23,32 @@ public class TokenUtil { */ public static String secret; public static Integer expireTime = 72; + private static final String TOKEN_TEMPLATE = "{}:{}"; - public static String generateToken(String username) { - DateTime now = DateTime.now(); - - DateTime newTime = now.offsetNew(DateField.HOUR, expireTime); - - Map payload = new HashMap(4); - //签发时间 - payload.put(JWTPayload.ISSUED_AT, now); - //过期时间 - payload.put(JWTPayload.EXPIRES_AT, newTime); - //生效时间 - payload.put(JWTPayload.NOT_BEFORE, now); - //载荷 - payload.put(JWTPayload.SUBJECT, username); - return JWTUtil.createToken(payload, secret.getBytes()); + public static String generateToken(String username, String deviceSn) { + return StrUtil.format(TOKEN_TEMPLATE, username, deviceSn); } - public static String getUserNameFromToken(String token) { - try { - return JWTUtil.parseToken(token).getPayload(JWTPayload.SUBJECT).toString(); - } catch (Exception e) { + public static String getToken(HttpServletRequest request, boolean allowNull) { + // 取Header中的Token + String authHeader = request.getHeader(SecurityConstant.TOKEN_HEADER); + if (StrUtil.isNotBlank(authHeader) && authHeader.startsWith(SecurityConstant.TOKEN_HEAD)) { + return authHeader.substring(SecurityConstant.TOKEN_HEAD.length()); + } + + if (allowNull) { return null; } + + throw new ServiceException("Token不存在"); } - /** - * 验证Token是否有效 - * - * @param token token - * @return 是/否 - */ - public static boolean validateToken(String token) { + public static OnlineUserDto getUsernameAndDeviceSn(String token) { try { - if (!JWTUtil.verify(token, secret.getBytes())) { - return false; - } - long expireTime = Long.parseLong(JWTUtil.parseToken(token).getPayload(JWTPayload.EXPIRES_AT).toString() + "000"); - return new DateTime(expireTime).after(DateTime.now()); + String[] split = token.split(BaseConstant.COLON_JOIN_STR); + return new OnlineUserDto(split[0], split[1]); } catch (Exception e) { - return false; + throw new ServiceException("Token解析失败"); } } } diff --git a/qiaoba-auth/src/main/resources/META-INF/spring.factories b/qiaoba-auth/src/main/resources/META-INF/spring.factories index 7d860de..4bb9578 100644 --- a/qiaoba-auth/src/main/resources/META-INF/spring.factories +++ b/qiaoba-auth/src/main/resources/META-INF/spring.factories @@ -2,8 +2,9 @@ org.springframework.boot.autoconfigure.EnableAutoConfiguration=\ com.qiaoba.auth.properties.AuthConfigProperties,\ com.qiaoba.auth.handler.AccessDeniedHandler,\ com.qiaoba.auth.handler.LogoutHandler,\ - com.qiaoba.auth.filters.JwtAuthenticationTokenFilter,\ + com.qiaoba.auth.filters.AuthenticationCoreFilter,\ com.qiaoba.auth.advice.SecurityExceptionAdvice,\ com.qiaoba.auth.aspectj.DataScopeAspect,\ com.qiaoba.auth.service.impl.OnlineUserServiceImpl,\ + com.qiaoba.auth.service.impl.AuthConfigServiceImpl,\ com.qiaoba.auth.config.SpringSecurityConfig diff --git a/qiaoba-commons/qiaoba-common-base/src/main/java/com/qiaoba/common/base/constants/BaseConstant.java b/qiaoba-commons/qiaoba-common-base/src/main/java/com/qiaoba/common/base/constants/BaseConstant.java index 7081af7..dfe05f7 100644 --- a/qiaoba-commons/qiaoba-common-base/src/main/java/com/qiaoba/common/base/constants/BaseConstant.java +++ b/qiaoba-commons/qiaoba-common-base/src/main/java/com/qiaoba/common/base/constants/BaseConstant.java @@ -63,4 +63,9 @@ public class BaseConstant { * 处理失败 个数 0 */ public static final Integer HANDLE_ERROR = 0; + + /** + * 租户 key 前缀 + */ + public static final String TENANT_KEY_PREFIX = "tenant_"; } diff --git a/qiaoba-commons/qiaoba-common-base/src/main/java/com/qiaoba/common/base/constants/ConfigConstant.java b/qiaoba-commons/qiaoba-common-base/src/main/java/com/qiaoba/common/base/constants/ConfigConstant.java index 5536ccc..ccb8007 100644 --- a/qiaoba-commons/qiaoba-common-base/src/main/java/com/qiaoba/common/base/constants/ConfigConstant.java +++ b/qiaoba-commons/qiaoba-common-base/src/main/java/com/qiaoba/common/base/constants/ConfigConstant.java @@ -14,4 +14,38 @@ public class ConfigConstant { */ public static final String SYS_CONFIG_KEY_PREFIX = "sys_config:"; + /** + * 参数配置-Token有效期 + */ + public static final String TOKEN_EXPIRE_TIME_KEY = SYS_CONFIG_KEY_PREFIX + "sys.token.expireTime"; + + /** + * 参数配置-允许同时在线 + */ + public static final String ALLOW_BOTH_ONLINE_KEY = SYS_CONFIG_KEY_PREFIX + "sys.account.allowBothOnline"; + + /** + * 参数配置-系统注册开关 + */ + public static final String REGISTER_ON_OFF_KEY = SYS_CONFIG_KEY_PREFIX + "sys.account.registerUser"; + + /** + * 参数配置-验证码开关 + */ + public static final String CAPTCHA_ON_OFF_KEY = SYS_CONFIG_KEY_PREFIX + "sys.account.captchaOnOff"; + + /** + * 参数配置-黑名单开关 + */ + public static final String BLACKLIST_ON_OFF_KEY = SYS_CONFIG_KEY_PREFIX + "sys.account.blacklistOnOff"; + + /** + * 开 + */ + public static final String COMMON_ON_VALUE = "true"; + + /** + * 关 + */ + public static final String COMMON_OFF_VALUE = "false"; } diff --git a/qiaoba-commons/qiaoba-common-base/src/main/java/com/qiaoba/common/base/entity/BasePage.java b/qiaoba-commons/qiaoba-common-base/src/main/java/com/qiaoba/common/base/entity/BasePage.java new file mode 100644 index 0000000..8d37fa2 --- /dev/null +++ b/qiaoba-commons/qiaoba-common-base/src/main/java/com/qiaoba/common/base/entity/BasePage.java @@ -0,0 +1,71 @@ +package com.qiaoba.common.base.entity; + +import cn.hutool.http.HttpStatus; +import lombok.Getter; +import lombok.NoArgsConstructor; +import lombok.Setter; + +import java.io.Serializable; +import java.util.List; + +/** + * 基础分页封装对象 + * + * @author ailanyin + * @version 1.0 + * @since 2023-04-23 15:37:43 + */ +@Getter +@Setter +@NoArgsConstructor +public class BasePage implements Serializable { + private static final long serialVersionUID = 1L; + + /** + * 总记录数 + */ + public long total; + + /** + * 列表数据 + */ + public List rows; + + /** + * 消息状态码 + */ + public int code; + + /** + * 消息内容 + */ + public String msg; + + /** + * 分页 + * + * @param list 列表数据 + * @param total 总记录数 + */ + public BasePage(List list, long total) { + this.rows = list; + this.total = total; + } + + + public static BasePage build(List list) { + BasePage basePage = new BasePage<>(); + basePage.setCode(HttpStatus.HTTP_OK); + basePage.setMsg("查询成功"); + basePage.setRows(list); + basePage.setTotal(list.size()); + return basePage; + } + + public static BasePage build() { + BasePage basePage = new BasePage<>(); + basePage.setCode(HttpStatus.HTTP_OK); + basePage.setMsg("查询成功"); + return basePage; + } +} diff --git a/qiaoba-commons/qiaoba-common-datasource/src/main/java/com/qiaoba/common/database/entity/TableDataInfo.java b/qiaoba-commons/qiaoba-common-datasource/src/main/java/com/qiaoba/common/database/entity/TableDataInfo.java index a5953ec..f499cd3 100644 --- a/qiaoba-commons/qiaoba-common-datasource/src/main/java/com/qiaoba/common/database/entity/TableDataInfo.java +++ b/qiaoba-commons/qiaoba-common-datasource/src/main/java/com/qiaoba/common/database/entity/TableDataInfo.java @@ -2,54 +2,26 @@ package com.qiaoba.common.database.entity; import cn.hutool.http.HttpStatus; import com.baomidou.mybatisplus.core.metadata.IPage; +import com.qiaoba.common.base.entity.BasePage; import lombok.Data; +import lombok.EqualsAndHashCode; import lombok.NoArgsConstructor; -import java.io.Serializable; -import java.util.List; - /** - * 表格分页数据对象 + * Mybatis-plus 分页封装对象 * - * @author Lion Li + * @author ailanyin + * @version 1.0 + * @since 2023-04-23 15:37:43 */ - @Data @NoArgsConstructor -public class TableDataInfo implements Serializable { +@EqualsAndHashCode(callSuper = false) +@SuppressWarnings("unchecked") +public class TableDataInfo extends BasePage { + private static final long serialVersionUID = 1L; - /** - * 总记录数 - */ - private long total; - - /** - * 列表数据 - */ - private List rows; - - /** - * 消息状态码 - */ - private int code; - - /** - * 消息内容 - */ - private String msg; - - /** - * 分页 - * - * @param list 列表数据 - * @param total 总记录数 - */ - public TableDataInfo(List list, long total) { - this.rows = list; - this.total = total; - } - public static TableDataInfo build(IPage page) { TableDataInfo rspData = new TableDataInfo<>(); rspData.setCode(HttpStatus.HTTP_OK); @@ -59,20 +31,4 @@ public class TableDataInfo implements Serializable { return rspData; } - public static TableDataInfo build(List list) { - TableDataInfo rspData = new TableDataInfo<>(); - rspData.setCode(HttpStatus.HTTP_OK); - rspData.setMsg("查询成功"); - rspData.setRows(list); - rspData.setTotal(list.size()); - return rspData; - } - - public static TableDataInfo build() { - TableDataInfo rspData = new TableDataInfo<>(); - rspData.setCode(HttpStatus.HTTP_OK); - rspData.setMsg("查询成功"); - return rspData; - } - } diff --git a/qiaoba-commons/qiaoba-common-redis/src/main/java/com/qiaoba/common/redis/service/RedisService.java b/qiaoba-commons/qiaoba-common-redis/src/main/java/com/qiaoba/common/redis/service/RedisService.java index 44a5f7e..3708b6d 100644 --- a/qiaoba-commons/qiaoba-common-redis/src/main/java/com/qiaoba/common/redis/service/RedisService.java +++ b/qiaoba-commons/qiaoba-common-redis/src/main/java/com/qiaoba/common/redis/service/RedisService.java @@ -1,5 +1,7 @@ package com.qiaoba.common.redis.service; +import com.qiaoba.common.base.entity.BasePage; + import java.util.Collection; import java.util.List; import java.util.Map; @@ -325,6 +327,15 @@ public interface RedisService { */ Long lRemove(String key, long count, Object value); + /** + * 分页查询 + * + * @param key key + * @param pageNumber pageNumber + * @param pageSize pageSize + * @return // List + */ + BasePage getPageList(String key, long pageNumber, long pageSize); /** * 模糊查询所有key @@ -358,11 +369,27 @@ public interface RedisService { /** * hGetObject * - * @param key key - * @param hashKey hashKey - * @param clazz clazz - * @param T + * @param key key + * @param hashKey hashKey + * @param clazz clazz + * @param T * @return clazz */ T hGetObject(String key, String hashKey, Class clazz); + + /** + * key添加租户前缀 + * + * @param key key + * @return newKey + */ + String addTenantPrefix(String key); + + /** + * key去除租户前缀 + * + * @param key key + * @return newKey + */ + String removeTenantPrefix(String key); } diff --git a/qiaoba-commons/qiaoba-common-redis/src/main/java/com/qiaoba/common/redis/service/impl/RedisServiceImpl.java b/qiaoba-commons/qiaoba-common-redis/src/main/java/com/qiaoba/common/redis/service/impl/RedisServiceImpl.java index 017dd32..06418c6 100644 --- a/qiaoba-commons/qiaoba-common-redis/src/main/java/com/qiaoba/common/redis/service/impl/RedisServiceImpl.java +++ b/qiaoba-commons/qiaoba-common-redis/src/main/java/com/qiaoba/common/redis/service/impl/RedisServiceImpl.java @@ -1,16 +1,15 @@ package com.qiaoba.common.redis.service.impl; +import com.qiaoba.common.base.constants.BaseConstant; import com.qiaoba.common.base.context.BaseContext; +import com.qiaoba.common.base.entity.BasePage; import com.qiaoba.common.redis.service.RedisService; import lombok.RequiredArgsConstructor; import org.springframework.data.redis.core.RedisTemplate; import org.springframework.stereotype.Service; -import java.util.Collection; -import java.util.List; -import java.util.Map; -import java.util.Set; +import java.util.*; import java.util.concurrent.TimeUnit; import java.util.stream.Collectors; @@ -29,27 +28,27 @@ public class RedisServiceImpl implements RedisService { @Override public void set(String key, Object value, long time) { - redisTemplate.opsForValue().set(handleKey(key), value, time, TimeUnit.SECONDS); + redisTemplate.opsForValue().set(addTenantPrefix(key), value, time, TimeUnit.SECONDS); } @Override public void set(String key, Object value) { - redisTemplate.opsForValue().set(handleKey(key), value); + redisTemplate.opsForValue().set(addTenantPrefix(key), value); } @Override public Object get(String key) { - return redisTemplate.opsForValue().get(handleKey(key)); + return redisTemplate.opsForValue().get(addTenantPrefix(key)); } @Override public Boolean del(String key) { - return redisTemplate.delete(handleKey(key)); + return redisTemplate.delete(addTenantPrefix(key)); } @Override public void del(Collection keys) { - List list = keys.stream().map(key -> key = handleKey(key)).collect(Collectors.toList()); + List list = keys.stream().map(key -> key = addTenantPrefix(key)).collect(Collectors.toList()); redisTemplate.delete(list); } @@ -60,91 +59,91 @@ public class RedisServiceImpl implements RedisService { @Override public Long getExpire(String key) { - return redisTemplate.getExpire(handleKey(key), TimeUnit.SECONDS); + return redisTemplate.getExpire(addTenantPrefix(key), TimeUnit.SECONDS); } @Override public Boolean hasKey(String key) { - return redisTemplate.hasKey(handleKey(key)); + return redisTemplate.hasKey(addTenantPrefix(key)); } @Override public Long incr(String key, long delta) { - return redisTemplate.opsForValue().increment(handleKey(key), delta); + return redisTemplate.opsForValue().increment(addTenantPrefix(key), delta); } @Override public Long decr(String key, long delta) { - return redisTemplate.opsForValue().increment(handleKey(key), -delta); + return redisTemplate.opsForValue().increment(addTenantPrefix(key), -delta); } @Override public Object hGet(String key, String hashKey) { - return redisTemplate.opsForHash().get(handleKey(key), hashKey); + return redisTemplate.opsForHash().get(addTenantPrefix(key), hashKey); } @Override public Boolean hSet(String key, String hashKey, Object value, long time) { - String newKey = handleKey(key); + String newKey = addTenantPrefix(key); redisTemplate.opsForHash().put(newKey, hashKey, value); return expire(newKey, time); } @Override public void hSet(String key, String hashKey, Object value) { - redisTemplate.opsForHash().put(handleKey(key), hashKey, value); + redisTemplate.opsForHash().put(addTenantPrefix(key), hashKey, value); } @Override public Map hGetAll(String key) { - return redisTemplate.opsForHash().entries(handleKey(key)); + return redisTemplate.opsForHash().entries(addTenantPrefix(key)); } @Override public Boolean hSetAll(String key, Map map, long time) { - String newKey = handleKey(key); + String newKey = addTenantPrefix(key); redisTemplate.opsForHash().putAll(newKey, map); return expire(newKey, time); } @Override public void hSetAll(String key, Map map) { - redisTemplate.opsForHash().putAll(handleKey(key), map); + redisTemplate.opsForHash().putAll(addTenantPrefix(key), map); } @Override public void hDel(String key, Object... hashKey) { - redisTemplate.opsForHash().delete(handleKey(key), hashKey); + redisTemplate.opsForHash().delete(addTenantPrefix(key), hashKey); } @Override public Boolean hHasKey(String key, String hashKey) { - return redisTemplate.opsForHash().hasKey(handleKey(key), hashKey); + return redisTemplate.opsForHash().hasKey(addTenantPrefix(key), hashKey); } @Override public Long hIncr(String key, String hashKey, Long delta) { - return redisTemplate.opsForHash().increment(handleKey(key), hashKey, delta); + return redisTemplate.opsForHash().increment(addTenantPrefix(key), hashKey, delta); } @Override public Long hDecr(String key, String hashKey, Long delta) { - return redisTemplate.opsForHash().increment(handleKey(key), hashKey, -delta); + return redisTemplate.opsForHash().increment(addTenantPrefix(key), hashKey, -delta); } @Override public Set sMembers(String key) { - return redisTemplate.opsForSet().members(handleKey(key)); + return redisTemplate.opsForSet().members(addTenantPrefix(key)); } @Override public Long sAdd(String key, Object... values) { - return redisTemplate.opsForSet().add(handleKey(key), values); + return redisTemplate.opsForSet().add(addTenantPrefix(key), values); } @Override public Long sAdd(String key, long time, Object... values) { - String newKey = handleKey(key); + String newKey = addTenantPrefix(key); Long count = redisTemplate.opsForSet().add(newKey, values); expire(newKey, time); return count; @@ -152,42 +151,42 @@ public class RedisServiceImpl implements RedisService { @Override public Boolean sIsMember(String key, Object value) { - return redisTemplate.opsForSet().isMember(handleKey(key), value); + return redisTemplate.opsForSet().isMember(addTenantPrefix(key), value); } @Override public Long sSize(String key) { - return redisTemplate.opsForSet().size(handleKey(key)); + return redisTemplate.opsForSet().size(addTenantPrefix(key)); } @Override public Long sRemove(String key, Object... values) { - return redisTemplate.opsForSet().remove(handleKey(key), values); + return redisTemplate.opsForSet().remove(addTenantPrefix(key), values); } @Override public List lRange(String key, long start, long end) { - return redisTemplate.opsForList().range(handleKey(key), start, end); + return redisTemplate.opsForList().range(addTenantPrefix(key), start, end); } @Override public Long lSize(String key) { - return redisTemplate.opsForList().size(handleKey(key)); + return redisTemplate.opsForList().size(addTenantPrefix(key)); } @Override public Object lIndex(String key, long index) { - return redisTemplate.opsForList().index(handleKey(key), index); + return redisTemplate.opsForList().index(addTenantPrefix(key), index); } @Override public Long lPush(String key, Object value) { - return redisTemplate.opsForList().rightPush(handleKey(key), value); + return redisTemplate.opsForList().rightPush(addTenantPrefix(key), value); } @Override public Long lPush(String key, Object value, long time) { - String newKey = handleKey(key); + String newKey = addTenantPrefix(key); Long index = redisTemplate.opsForList().rightPush(newKey, value); expire(newKey, time); return index; @@ -195,12 +194,12 @@ public class RedisServiceImpl implements RedisService { @Override public Long lPushAll(String key, Object... values) { - return redisTemplate.opsForList().rightPushAll(handleKey(key), values); + return redisTemplate.opsForList().rightPushAll(addTenantPrefix(key), values); } @Override public Long lPushAll(String key, Long time, Object... values) { - String newKey = handleKey(key); + String newKey = addTenantPrefix(key); Long count = redisTemplate.opsForList().rightPushAll(newKey, values); expire(newKey, time); return count; @@ -208,13 +207,29 @@ public class RedisServiceImpl implements RedisService { @Override public Long lRemove(String key, long count, Object value) { - return redisTemplate.opsForList().remove(handleKey(key), count, value); + return redisTemplate.opsForList().remove(addTenantPrefix(key), count, value); + } + + @Override + @SuppressWarnings("unchecked") + public BasePage getPageList(String key, long pageNumber, long pageSize) { + //获取数据总量 + Long totalCount = redisTemplate.opsForSet().size(key); + if (Objects.isNull(totalCount)) { + return new BasePage(new ArrayList(), 0); + } + //获取当前要取分页数据的游标位置 + long start = (pageNumber - 1) * pageSize; + long end = start + pageSize - 1; + //获取当前页分页数据 + List list = redisTemplate.opsForList().range(key, start, end); + return new BasePage(list, totalCount); } @Override public Collection getKeys(String key) { - return redisTemplate.keys(handleKey(key)); + return redisTemplate.keys(addTenantPrefix(key)); } @Override @@ -235,9 +250,17 @@ public class RedisServiceImpl implements RedisService { return (T) hGet(key, hashKey); } - private String handleKey(String key) { + @Override + public String addTenantPrefix(String key) { StringBuilder sb = new StringBuilder(); - sb.append("tenant_").append(BaseContext.getTenantId()).append(":").append(key); + sb.append(BaseConstant.TENANT_KEY_PREFIX).append(BaseContext.getTenantId()).append(BaseConstant.COLON_JOIN_STR).append(key); return sb.toString(); } + + @Override + public String removeTenantPrefix(String key) { + StringBuilder sb = new StringBuilder(); + sb.append(BaseConstant.TENANT_KEY_PREFIX).append(BaseContext.getTenantId()).append(BaseConstant.COLON_JOIN_STR); + return key.replace(sb.toString(), ""); + } } diff --git a/qiaoba-commons/qiaoba-common-web/src/main/java/com/qiaoba/common/web/config/IpConfig.java b/qiaoba-commons/qiaoba-common-web/src/main/java/com/qiaoba/common/web/config/IpConfig.java index c2eb3c5..c839d38 100644 --- a/qiaoba-commons/qiaoba-common-web/src/main/java/com/qiaoba/common/web/config/IpConfig.java +++ b/qiaoba-commons/qiaoba-common-web/src/main/java/com/qiaoba/common/web/config/IpConfig.java @@ -28,8 +28,9 @@ public class IpConfig { ClassPathResource classPathResource = new ClassPathResource("ip2region.xdb"); InputStream inputStream = classPathResource.getInputStream(); IpUtil.setSearcher(Searcher.newWithBuffer(IoUtil.read(inputStream).toByteArray())); - log.info("加载IP离线库到成功"); + log.info("加载IP离线库到内存成功"); } catch (Exception e) { + e.printStackTrace(); log.error("加载IP离线库到内存失败, 请联系管理员!"); } } diff --git a/qiaoba-modules/qiaoba-module-monitor/src/main/java/com/qiaoba/module/monitor/controller/OnlineUserController.java b/qiaoba-modules/qiaoba-module-monitor/src/main/java/com/qiaoba/module/monitor/controller/OnlineUserController.java index 959110f..c25f891 100644 --- a/qiaoba-modules/qiaoba-module-monitor/src/main/java/com/qiaoba/module/monitor/controller/OnlineUserController.java +++ b/qiaoba-modules/qiaoba-module-monitor/src/main/java/com/qiaoba/module/monitor/controller/OnlineUserController.java @@ -1,6 +1,8 @@ package com.qiaoba.module.monitor.controller; +import com.qiaoba.auth.entity.OnlineUser; import com.qiaoba.auth.service.OnlineUserService; +import com.qiaoba.common.base.entity.BasePage; import com.qiaoba.common.base.result.AjaxResult; import com.qiaoba.common.database.entity.TableDataInfo; import io.swagger.v3.oas.annotations.Operation; @@ -9,6 +11,7 @@ import lombok.RequiredArgsConstructor; import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.*; + /** * 在线用户管理 Web层 * @@ -27,7 +30,7 @@ public class OnlineUserController { @PreAuthorize("hasAuthority('monitor:online:list')") @Operation(summary = "获取列表") @GetMapping("/list") - public TableDataInfo getList(String username) { + public BasePage getList(String username) { return TableDataInfo.build(onlineUserService.selectList(username)); } @@ -35,7 +38,7 @@ public class OnlineUserController { @DeleteMapping("/{username}/{deviceSn}") @Operation(summary = "强退用户") public AjaxResult forceLogout(@PathVariable String username, @PathVariable String deviceSn) { - onlineUserService.deleteOne(username, deviceSn); + onlineUserService.deleteOne(username, deviceSn, false); return AjaxResult.success(); } } diff --git a/qiaoba-modules/qiaoba-module-system/src/main/java/com/qiaoba/module/system/service/impl/SysLoginServiceImpl.java b/qiaoba-modules/qiaoba-module-system/src/main/java/com/qiaoba/module/system/service/impl/SysLoginServiceImpl.java index 03014ab..dc43acc 100644 --- a/qiaoba-modules/qiaoba-module-system/src/main/java/com/qiaoba/module/system/service/impl/SysLoginServiceImpl.java +++ b/qiaoba-modules/qiaoba-module-system/src/main/java/com/qiaoba/module/system/service/impl/SysLoginServiceImpl.java @@ -8,14 +8,16 @@ import cn.hutool.core.util.ObjectUtil; import cn.hutool.core.util.StrUtil; import cn.hutool.http.useragent.UserAgent; import cn.hutool.http.useragent.UserAgentUtil; +import com.qiaoba.api.auth.service.AuthConfigApiService; +import com.qiaoba.api.auth.service.SysUserDetailsApiService; import com.qiaoba.api.system.entity.SysUser; import com.qiaoba.api.system.entity.dto.LoginDto; -import com.qiaoba.api.auth.service.SysUserDetailsApiService; import com.qiaoba.auth.constants.SecurityConstant; import com.qiaoba.auth.entity.OnlineUser; import com.qiaoba.auth.service.OnlineUserService; import com.qiaoba.auth.utils.SecurityUtil; import com.qiaoba.auth.utils.TokenUtil; +import com.qiaoba.common.base.constants.BaseConstant; import com.qiaoba.common.base.enums.BaseEnum; import com.qiaoba.common.base.exceptions.ServiceException; import com.qiaoba.common.redis.service.RedisService; @@ -46,13 +48,15 @@ public class SysLoginServiceImpl implements SysLoginService { private final SysUserDetailsApiService userDetailsService; private final SysUserService sysUserService; private final OnlineUserService onlineUserService; + private final AuthConfigApiService authConfigApiService; + @Override public Map getCaptchaImage() { Map map = new HashMap(4); - map.put("register", getRegisterConfig()); - if (!getCaptchaConfig()) { + map.put("register", authConfigApiService.getRegisterConfig()); + if (!authConfigApiService.getCaptchaConfig()) { map.put("captchaEnabled", false); return map; } @@ -69,7 +73,7 @@ public class SysLoginServiceImpl implements SysLoginService { @Override public String login(LoginDto dto) { // 校验验证码 - validateCaptcha(dto.getCode(), dto.getUuid()); + authConfigApiService.validateCaptcha(dto.getCode(), dto.getUuid()); // username查询用户信息 SysUser sysUser = sysUserService.selectByUsername(dto.getUsername()); // 检查账号信息 @@ -81,7 +85,7 @@ public class SysLoginServiceImpl implements SysLoginService { // 缓存userDetails userDetailsService.toCache(sysUser.getUsername(), deviceSn); // 生成Token - return dto.getUsername() + ":" + deviceSn; + return TokenUtil.generateToken(sysUser.getUsername(), deviceSn); } private void validatePassword(String username, String password, String inputPassword) { @@ -104,52 +108,20 @@ public class SysLoginServiceImpl implements SysLoginService { } } - private boolean getCaptchaConfig() { - try { - return SecurityConstant.CAPTCHA_ON.equals(redisService.get(SecurityConstant.CAPTCHA_ON_OFF_KEY)); - } catch (Exception e) { - throw new ServiceException("Redis中验证码配置不存在!"); - } - } - - private boolean getRegisterConfig() { - try { - return SecurityConstant.REGISTER_ON.equals(redisService.get(SecurityConstant.REGISTER_ON_OFF_KEY)); - } catch (Exception e) { - throw new ServiceException("Redis中注册配置不存在!"); - } - } - - private void validateCaptcha(String code, String uuid) { - if (getCaptchaConfig()) { - if (StrUtil.isBlank(code) || StrUtil.isBlank(uuid)) { - throw new ServiceException("验证码或uuid获取失败!"); - } - try { - if (!redisService.hasKey(SecurityConstant.CAPTCHA_KEY + uuid)) { - throw new ServiceException("验证码已经过期失效!"); - } else { - if (!code.equalsIgnoreCase(redisService.get(SecurityConstant.CAPTCHA_KEY + uuid).toString())) { - throw new ServiceException("验证码输入错误!"); - } - } - - } finally { - redisService.del(SecurityConstant.CAPTCHA_KEY + uuid); - } - } - } private String cacheOnlineUser(String username, String nickname) { String deviceSn = UUID.fastUUID().toString(true); String ip = IpUtil.getIp(request); String address = IpUtil.getIpAddr(ip); UserAgent userAgent = UserAgentUtil.parse(request.getHeader("User-Agent")); - String browser = userAgent.getBrowser().getName() + userAgent.getVersion(); + String browser = userAgent.getBrowser().getName() + BaseConstant.LINE_JOIN_STR + userAgent.getVersion(); String os = userAgent.getOs().getName(); - redisService.set(SecurityConstant.LOGGED_USER_REDIS_KEY + username, deviceSn, TokenUtil.expireTime * 3600); + if (!authConfigApiService.checkAllowBothOnline()) { + redisService.set(SecurityConstant.LOGGED_USER_REDIS_KEY + username, deviceSn, TokenUtil.expireTime * 3600); + } onlineUserService.insert(new OnlineUser(deviceSn, username, nickname, ip, address, browser, os, new Date())); return deviceSn; } + }