blame | 历史 | 原始文档
mitao
2024-05-16 4965b67d9e2a8e99894bd40aff7c88d695ec4040 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143

package com.ruoyi.auth.service;


 


import org.springframework.beans.factory.annotation.Autowired;


import org.springframework.stereotype.Component;


import com.ruoyi.common.core.constant.CacheConstants;


import com.ruoyi.common.core.constant.Constants;


import com.ruoyi.common.core.constant.SecurityConstants;


import com.ruoyi.common.core.constant.UserConstants;


import com.ruoyi.common.core.domain.R;


import com.ruoyi.common.core.enums.UserStatus;


import com.ruoyi.common.core.exception.ServiceException;


import com.ruoyi.common.core.text.Convert;


import com.ruoyi.common.core.utils.StringUtils;


import com.ruoyi.common.core.utils.ip.IpUtils;


import com.ruoyi.common.redis.service.RedisService;


import com.ruoyi.common.security.utils.SecurityUtils;


import com.ruoyi.system.api.RemoteUserService;


import com.ruoyi.system.api.domain.SysUser;


import com.ruoyi.system.api.model.LoginUser;


 


/**


 * 登录校验方法


 * 


 * @author ruoyi


 */


@Component


public class SysLoginService


{


    @Autowired


    private RemoteUserService remoteUserService;


 


    @Autowired


    private SysPasswordService passwordService;


 


    @Autowired


    private SysRecordLogService recordLogService;


 


    @Autowired


    private RedisService redisService;


 


    /**


     * 登录


     */


    public LoginUser login(String username, String password)


    {


        // 用户名或密码为空 错误


        if (StringUtils.isAnyBlank(username, password))


        {


            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户/密码必须填写");


            throw new ServiceException("用户/密码必须填写");


        }


        // 密码如果不在指定范围内 错误


        if (password.length() < UserConstants.PASSWORD_MIN_LENGTH


                || password.length() > UserConstants.PASSWORD_MAX_LENGTH)


        {


            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户密码不在指定范围");


            throw new ServiceException("用户密码不在指定范围");


        }


        // 用户名不在指定范围内 错误


        if (username.length() < UserConstants.USERNAME_MIN_LENGTH


                || username.length() > UserConstants.USERNAME_MAX_LENGTH)


        {


            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户名不在指定范围");


            throw new ServiceException("用户名不在指定范围");


        }


        // IP黑名单校验


        String blackStr = Convert.toStr(redisService.getCacheObject(CacheConstants.SYS_LOGIN_BLACKIPLIST));


        if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr()))


        {


            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "很遗憾,访问IP已被列入系统黑名单");


            throw new ServiceException("很遗憾,访问IP已被列入系统黑名单");


        }


        // 查询用户信息


        R<LoginUser> userResult = remoteUserService.getUserInfo(username, SecurityConstants.INNER);


 


        if (StringUtils.isNull(userResult) || StringUtils.isNull(userResult.getData()))


        {


            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "登录用户不存在");


            throw new ServiceException("登录用户:" + username + " 不存在");


        }


 


        if (R.FAIL == userResult.getCode())


        {


            throw new ServiceException(userResult.getMsg());


        }


        


        LoginUser userInfo = userResult.getData();


        SysUser user = userResult.getData().getSysUser();


        if (UserStatus.DELETED.getCode().equals(user.getDelFlag()))


        {


            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "对不起,您的账号已被删除");


            throw new ServiceException("对不起,您的账号:" + username + " 已被删除");


        }


        if (UserStatus.DISABLE.getCode().equals(user.getStatus()))


        {


            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户已停用,请联系管理员");


            throw new ServiceException("对不起,您的账号:" + username + " 已停用");


        }


        passwordService.validate(user, password);


        recordLogService.recordLogininfor(username, Constants.LOGIN_SUCCESS, "登录成功");


        return userInfo;


    }


 


    public void logout(String loginName)


    {


        recordLogService.recordLogininfor(loginName, Constants.LOGOUT, "退出成功");


    }


 


    /**


     * 注册


     */


    public void register(String username, String password)


    {


        // 用户名或密码为空 错误


        if (StringUtils.isAnyBlank(username, password))


        {


            throw new ServiceException("用户/密码必须填写");


        }


        if (username.length() < UserConstants.USERNAME_MIN_LENGTH


                || username.length() > UserConstants.USERNAME_MAX_LENGTH)


        {


            throw new ServiceException("账户长度必须在2到20个字符之间");


        }


        if (password.length() < UserConstants.PASSWORD_MIN_LENGTH


                || password.length() > UserConstants.PASSWORD_MAX_LENGTH)


        {


            throw new ServiceException("密码长度必须在5到20个字符之间");


        }


 


        // 注册用户信息


        SysUser sysUser = new SysUser();


        sysUser.setUserName(username);


        sysUser.setNickName(username);


        sysUser.setPassword(SecurityUtils.encryptPassword(password));


        R<?> registerResult = remoteUserService.registerUserInfo(sysUser, SecurityConstants.INNER);


 


        if (R.FAIL == registerResult.getCode())


        {


            throw new ServiceException(registerResult.getMsg());


        }


        recordLogService.recordLogininfor(username, Constants.REGISTER, "注册成功");


    }


}