package com.ruoyi.auth.service;
|
|
import com.ruoyi.common.core.constant.CacheConstants;
|
import com.ruoyi.common.core.constant.Constants;
|
import com.ruoyi.common.core.constant.SecurityConstants;
|
import com.ruoyi.common.core.constant.UserConstants;
|
import com.ruoyi.common.core.domain.R;
|
import com.ruoyi.common.core.enums.UserStatus;
|
import com.ruoyi.common.core.exception.ServiceException;
|
import com.ruoyi.common.core.text.Convert;
|
import com.ruoyi.common.core.utils.StringUtils;
|
import com.ruoyi.common.core.utils.ip.IpUtils;
|
import com.ruoyi.common.redis.service.RedisService;
|
import com.ruoyi.common.security.utils.SecurityUtils;
|
import com.ruoyi.system.api.RemoteUserService;
|
import com.ruoyi.system.api.domain.AppMiniLoginVO;
|
import com.ruoyi.system.api.domain.SysUser;
|
import com.ruoyi.system.api.domain.dto.AppMiniLoginDTO;
|
import com.ruoyi.system.api.domain.dto.AppMiniRegisterDTO;
|
import com.ruoyi.system.api.feignClient.AuctionClient;
|
import com.ruoyi.system.api.feignClient.MemberClient;
|
import com.ruoyi.system.api.model.LoginUser;
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.stereotype.Component;
|
|
import javax.annotation.Resource;
|
|
/**
|
* 登录校验方法
|
*
|
* @author ruoyi
|
*/
|
@Component
|
public class SysLoginService
|
{
|
@Autowired
|
private RemoteUserService remoteUserService;
|
|
@Autowired
|
private SysPasswordService passwordService;
|
|
@Autowired
|
private SysRecordLogService recordLogService;
|
|
@Autowired
|
private RedisService redisService;
|
|
@Resource
|
private MemberClient MemberClient;
|
|
@Resource
|
private AuctionClient uctionClient;
|
|
/**
|
* 登录
|
*/
|
public LoginUser login(String username, String password)
|
{
|
// 用户名或密码为空 错误
|
if (StringUtils.isAnyBlank(username, password))
|
{
|
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户/密码必须填写");
|
throw new ServiceException("用户/密码必须填写");
|
}
|
// 密码如果不在指定范围内 错误
|
if (password.length() < UserConstants.PASSWORD_MIN_LENGTH
|
|| password.length() > UserConstants.PASSWORD_MAX_LENGTH)
|
{
|
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户密码不在指定范围");
|
throw new ServiceException("用户密码不在指定范围");
|
}
|
// 用户名不在指定范围内 错误
|
if (username.length() < UserConstants.USERNAME_MIN_LENGTH
|
|| username.length() > UserConstants.USERNAME_MAX_LENGTH)
|
{
|
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户名不在指定范围");
|
throw new ServiceException("用户名不在指定范围");
|
}
|
// IP黑名单校验
|
String blackStr = Convert.toStr(redisService.getCacheObject(CacheConstants.SYS_LOGIN_BLACKIPLIST));
|
if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr()))
|
{
|
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "很遗憾,访问IP已被列入系统黑名单");
|
throw new ServiceException("很遗憾,访问IP已被列入系统黑名单");
|
}
|
// 查询用户信息
|
R<LoginUser> userResult = remoteUserService.getUserInfo(username, SecurityConstants.INNER);
|
|
if (StringUtils.isNull(userResult) || StringUtils.isNull(userResult.getData()))
|
{
|
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "登录用户不存在");
|
throw new ServiceException("登录用户:" + username + " 不存在");
|
}
|
|
if (R.FAIL == userResult.getCode())
|
{
|
throw new ServiceException(userResult.getMsg());
|
}
|
|
LoginUser userInfo = userResult.getData();
|
SysUser user = userResult.getData().getSysUser();
|
if (UserStatus.DELETED.getCode().equals(user.getDelFlag()))
|
{
|
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "对不起,您的账号已被删除");
|
throw new ServiceException("对不起,您的账号:" + username + " 已被删除");
|
}
|
if (UserStatus.DISABLE.getCode().equals(user.getStatus()))
|
{
|
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户已停用,请联系管理员");
|
throw new ServiceException("对不起,您的账号:" + username + " 已停用");
|
}
|
passwordService.validate(user, password);
|
recordLogService.recordLogininfor(username, Constants.LOGIN_SUCCESS, "登录成功");
|
return userInfo;
|
}
|
|
|
public AppMiniLoginVO miniLogin(AppMiniLoginDTO appMiniLoginDto)
|
{
|
// 查询用户信息
|
R<AppMiniLoginVO> userResult = MemberClient.miniLogin(appMiniLoginDto);
|
if (R.FAIL == userResult.getCode())
|
{
|
throw new ServiceException(userResult.getMsg());
|
}
|
AppMiniLoginVO userInfo = userResult.getData();
|
SysUser user = userInfo.getSysUser();
|
if(user!=null){
|
String username = user.getUserName();
|
// IP黑名单校验
|
String blackStr = Convert.toStr(redisService.getCacheObject(CacheConstants.SYS_LOGIN_BLACKIPLIST));
|
if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr()))
|
{
|
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "很遗憾,访问IP已被列入系统黑名单");
|
throw new ServiceException("很遗憾,访问IP已被列入系统黑名单");
|
}
|
if (UserStatus.DELETED.getCode().equals(user.getDelFlag()))
|
{
|
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "对不起,您的账号已被删除");
|
throw new ServiceException(username,501);
|
}
|
if (UserStatus.DISABLE.getCode().equals(user.getStatus()))
|
{
|
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户已停用,请联系管理员");
|
throw new ServiceException(username,501);
|
}
|
recordLogService.recordLogininfor(username, Constants.LOGIN_SUCCESS, "登录成功");
|
}
|
return userInfo;
|
}
|
|
public AppMiniLoginVO actionMiniLogin(AppMiniLoginDTO appMiniLoginDto)
|
{
|
// 查询用户信息
|
R<AppMiniLoginVO> userResult = uctionClient.actionMiniLogin(appMiniLoginDto);
|
if (R.FAIL == userResult.getCode())
|
{
|
throw new ServiceException(userResult.getMsg());
|
}
|
AppMiniLoginVO userInfo = userResult.getData();
|
SysUser user = userInfo.getSysUser();
|
if(user!=null){
|
String username = user.getUserName();
|
// IP黑名单校验
|
String blackStr = Convert.toStr(redisService.getCacheObject(CacheConstants.SYS_LOGIN_BLACKIPLIST));
|
if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr()))
|
{
|
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "很遗憾,访问IP已被列入系统黑名单");
|
throw new ServiceException("很遗憾,访问IP已被列入系统黑名单");
|
}
|
if (UserStatus.DELETED.getCode().equals(user.getDelFlag()))
|
{
|
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "对不起,您的账号已被删除");
|
throw new ServiceException(username,501);
|
}
|
if (UserStatus.DISABLE.getCode().equals(user.getStatus()))
|
{
|
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户已停用,请联系管理员");
|
throw new ServiceException(username,501);
|
}
|
recordLogService.recordLogininfor(username, Constants.LOGIN_SUCCESS, "登录成功");
|
}
|
return userInfo;
|
}
|
|
|
public void logout(String loginName)
|
{
|
recordLogService.recordLogininfor(loginName, Constants.LOGOUT, "退出成功");
|
}
|
|
/**
|
* 注册
|
*/
|
public void register(String username, String password)
|
{
|
// 用户名或密码为空 错误
|
if (StringUtils.isAnyBlank(username, password))
|
{
|
throw new ServiceException("用户/密码必须填写");
|
}
|
if (username.length() < UserConstants.USERNAME_MIN_LENGTH
|
|| username.length() > UserConstants.USERNAME_MAX_LENGTH)
|
{
|
throw new ServiceException("账户长度必须在2到20个字符之间");
|
}
|
if (password.length() < UserConstants.PASSWORD_MIN_LENGTH
|
|| password.length() > UserConstants.PASSWORD_MAX_LENGTH)
|
{
|
throw new ServiceException("密码长度必须在5到20个字符之间");
|
}
|
|
// 注册用户信息
|
SysUser sysUser = new SysUser();
|
sysUser.setUserName(username);
|
sysUser.setNickName(username);
|
sysUser.setPassword(SecurityUtils.encryptPassword(password));
|
R<?> registerResult = remoteUserService.registerUserInfo(sysUser, SecurityConstants.INNER);
|
|
if (R.FAIL == registerResult.getCode())
|
{
|
throw new ServiceException(registerResult.getMsg());
|
}
|
recordLogService.recordLogininfor(username, Constants.REGISTER, "注册成功");
|
}
|
|
public void changePassword(String username, String password, String verificationCode) {
|
String verificationCodeCache = Convert.toStr(
|
redisService.getCacheObject(
|
CacheConstants.CHANGE_PASSWORD_CAPTCHA_CODE_KEY + username));
|
if (StringUtils.isEmpty(verificationCodeCache)) {
|
throw new ServiceException("验证码已过期,请重新获取!");
|
}
|
if (!verificationCodeCache.equals(verificationCode)) {
|
throw new ServiceException("验证码错误,请重新输入!");
|
}
|
R<LoginUser> userInfo = remoteUserService.getUserInfo(username, SecurityConstants.INNER);
|
if (R.FAIL == userInfo.getCode()) {
|
throw new ServiceException(userInfo.getMsg());
|
}
|
remoteUserService.changePassword(username, SecurityUtils.encryptPassword(password),
|
SecurityConstants.INNER);
|
}
|
}
|
