bug
jiangqs
2023-08-13 a7389e026856e7a2369ad2e928778b036894a96c
ruoyi-auth/src/main/java/com/ruoyi/auth/service/SysLoginService.java
@@ -1,11 +1,5 @@
package com.ruoyi.auth.service;
import com.ruoyi.system.api.service.RemoteMemberService;
import com.ruoyi.system.api.service.RemoteShopService;
import com.ruoyi.system.api.domain.vo.ShopRelUserVo;
import com.ruoyi.system.api.model.*;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import com.ruoyi.common.core.constant.CacheConstants;
import com.ruoyi.common.core.constant.Constants;
import com.ruoyi.common.core.constant.SecurityConstants;
@@ -18,8 +12,18 @@
import com.ruoyi.common.core.utils.ip.IpUtils;
import com.ruoyi.common.redis.service.RedisService;
import com.ruoyi.common.security.utils.SecurityUtils;
import com.ruoyi.system.api.service.RemoteUserService;
import com.ruoyi.system.api.constant.AppErrorConstant;
import com.ruoyi.system.api.domain.dto.AppMiniRegisterDto;
import com.ruoyi.system.api.domain.poji.sys.SysUser;
import com.ruoyi.system.api.domain.vo.AppMiniRegisterVo;
import com.ruoyi.system.api.domain.vo.ShopRelUserVo;
import com.ruoyi.system.api.model.*;
import com.ruoyi.system.api.service.RemoteConfigService;
import com.ruoyi.system.api.service.RemoteMemberService;
import com.ruoyi.system.api.service.RemoteShopService;
import com.ruoyi.system.api.service.RemoteUserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
/**
 * 登录校验方法
@@ -47,6 +51,8 @@
    @Autowired
    private RedisService redisService;
    @Autowired
    private RemoteConfigService remoteConfigService;
    /**
     * 登录
     */
@@ -55,28 +61,28 @@
        // 用户名或密码为空 错误
        if (StringUtils.isAnyBlank(username, password))
        {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户/密码必须填写");
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户/密码必须填写",Constants.FROM_SYSTEM);
            throw new ServiceException("用户/密码必须填写");
        }
        // 密码如果不在指定范围内 错误
        if (password.length() < UserConstants.PASSWORD_MIN_LENGTH
                || password.length() > UserConstants.PASSWORD_MAX_LENGTH)
        {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户密码不在指定范围");
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户密码不在指定范围",Constants.FROM_SYSTEM);
            throw new ServiceException("用户密码不在指定范围");
        }
        // 用户名不在指定范围内 错误
        if (username.length() < UserConstants.USERNAME_MIN_LENGTH
                || username.length() > UserConstants.USERNAME_MAX_LENGTH)
        {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户名不在指定范围");
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户名不在指定范围",Constants.FROM_SYSTEM);
            throw new ServiceException("用户名不在指定范围");
        }
        // IP黑名单校验
        String blackStr = Convert.toStr(redisService.getCacheObject(CacheConstants.SYS_LOGIN_BLACKIPLIST));
        if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr()))
        {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "很遗憾,访问IP已被列入系统黑名单");
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "很遗憾,访问IP已被列入系统黑名单",Constants.FROM_SYSTEM);
            throw new ServiceException("很遗憾,访问IP已被列入系统黑名单");
        }
        // 查询用户信息
@@ -84,7 +90,7 @@
        if (StringUtils.isNull(userResult) || StringUtils.isNull(userResult.getData()))
        {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "登录用户不存在");
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "登录用户不存在",Constants.FROM_SYSTEM);
            throw new ServiceException("登录用户:" + username + " 不存在");
        }
@@ -97,16 +103,16 @@
        SysUser user = userResult.getData().getSysUser();
        if (UserStatus.DELETED.getCode().equals(user.getDelFlag()))
        {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "对不起,您的账号已被删除");
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "对不起,您的账号已被删除",Constants.FROM_SYSTEM);
            throw new ServiceException("对不起,您的账号:" + username + " 已被删除");
        }
        if (UserStatus.DISABLE.getCode().equals(user.getStatus()))
        {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户已停用,请联系管理员");
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户已停用,请联系管理员",Constants.FROM_SYSTEM);
            throw new ServiceException("对不起,您的账号:" + username + " 已停用");
        }
        passwordService.validate(user, password);
        recordLogService.recordLogininfor(username, Constants.LOGIN_SUCCESS, "登录成功");
        recordLogService.recordLogininfor(username, Constants.LOGIN_SUCCESS, "登录成功",Constants.FROM_SYSTEM);
        return userInfo;
    }
@@ -122,29 +128,70 @@
            throw new ServiceException(userResult.getMsg());
        }
        AppMiniLoginVo userInfo = userResult.getData();
        SysUser user = userResult.getData().getSysUser();
        String username = user.getUserName();
        // IP黑名单校验
        String blackStr = Convert.toStr(redisService.getCacheObject(CacheConstants.SYS_LOGIN_BLACKIPLIST));
        if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr()))
        {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "很遗憾,访问IP已被列入系统黑名单");
            throw new ServiceException("很遗憾,访问IP已被列入系统黑名单");
        SysUser user = userInfo.getSysUser();
        if(user!=null){
            String username = user.getUserName();
            // IP黑名单校验
            String blackStr = Convert.toStr(redisService.getCacheObject(CacheConstants.SYS_LOGIN_BLACKIPLIST));
            if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr()))
            {
                recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "很遗憾,访问IP已被列入系统黑名单",Constants.FROM_MINI_APP);
                throw new ServiceException("很遗憾,访问IP已被列入系统黑名单");
            }
            String servicePhone = remoteConfigService.getServicePhone().getData();
            if (UserStatus.DELETED.getCode().equals(user.getDelFlag()))
            {
                recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "对不起,您的账号已被删除",Constants.FROM_MINI_APP);
                throw new ServiceException(servicePhone,501);
            }
            if (UserStatus.DISABLE.getCode().equals(user.getStatus()))
            {
                recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户已停用,请联系管理员",Constants.FROM_MINI_APP);
                throw new ServiceException(servicePhone,501);
            }
            recordLogService.recordLogininfor(username, Constants.LOGIN_SUCCESS, "登录成功",Constants.FROM_MINI_APP);
        }
        if (UserStatus.DELETED.getCode().equals(user.getDelFlag()))
        {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "对不起,您的账号已被删除");
            throw new ServiceException("对不起,您的账号:" + username + " 已被删除");
        }
        if (UserStatus.DISABLE.getCode().equals(user.getStatus()))
        {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户已停用,请联系管理员");
            throw new ServiceException("对不起,您的账号:" + username + " 已停用");
        }
        recordLogService.recordLogininfor(username, Constants.LOGIN_SUCCESS, "登录成功");
        return userInfo;
    }
    public AppMiniLoginVo miniRegister(AppMiniRegisterDto appUserRegisterDto)
    {
        // 查询用户信息
        R<AppMiniRegisterVo> userResult = remoteMemberService.miniRegister(appUserRegisterDto);
        if (R.FAIL == userResult.getCode())
        {
            throw new ServiceException(userResult.getMsg());
        }
        AppMiniRegisterVo appMiniRegisterVo = userResult.getData();
        AppMiniLoginVo userInfo = new AppMiniLoginVo();
        userInfo.setMiniOpenid(appMiniRegisterVo.getOpenid());
        userInfo.setWxUnionid(appMiniRegisterVo.getUnionid());
        userInfo.setMobile(appMiniRegisterVo.getMobile());
        SysUser user = appMiniRegisterVo.getSysUser();
        userInfo.setSysUser(user);
        if(user!=null){
            String username = user.getUserName();
            // IP黑名单校验
            String blackStr = Convert.toStr(redisService.getCacheObject(CacheConstants.SYS_LOGIN_BLACKIPLIST));
            if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr()))
            {
                recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "很遗憾,访问IP已被列入系统黑名单",Constants.FROM_MINI_APP);
                throw new ServiceException("很遗憾,访问IP已被列入系统黑名单");
            }
            if (UserStatus.DELETED.getCode().equals(user.getDelFlag()))
            {
                recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "对不起,您的账号已被删除",Constants.FROM_MINI_APP);
                throw new ServiceException("对不起,您的账号: 已被删除");
            }
            if (UserStatus.DISABLE.getCode().equals(user.getStatus()))
            {
                recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户已停用,请联系管理员",Constants.FROM_MINI_APP);
                throw new ServiceException("对不起,您的账号: 已停用");
            }
            recordLogService.recordLogininfor(username, Constants.LOGIN_SUCCESS, "登录成功",Constants.FROM_MINI_APP);
        }
        return userInfo;
    }
    /**
     * 企业微信H5登录
@@ -152,7 +199,10 @@
    public QwH5LoginVo qwH5Login(QwUserDetailDto qwUserDetail)
    {
        // 查询用户信息
        R<QwH5LoginVo> userResult = remoteUserService.qwH5Login(qwUserDetail);
        R<QwH5LoginVo> userResult = remoteShopService.qwH5Login(qwUserDetail);
        if(userResult==null){
            throw new ServiceException(AppErrorConstant.USER_NO_SHOP);
        }
        if (R.FAIL == userResult.getCode())
        {
            throw new ServiceException(userResult.getMsg());
@@ -164,17 +214,17 @@
        String blackStr = Convert.toStr(redisService.getCacheObject(CacheConstants.SYS_LOGIN_BLACKIPLIST));
        if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr()))
        {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "很遗憾,访问IP已被列入系统黑名单");
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "很遗憾,访问IP已被列入系统黑名单",Constants.FROM_SHOP);
            throw new ServiceException("很遗憾,访问IP已被列入系统黑名单");
        }
        if (UserStatus.DELETED.getCode().equals(user.getDelFlag()))
        {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "对不起,您的账号已被删除");
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "对不起,您的账号已被删除",Constants.FROM_SHOP);
            throw new ServiceException("对不起,您的账号:" + username + " 已被删除");
        }
        if (UserStatus.DISABLE.getCode().equals(user.getStatus()))
        {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户已停用,请联系管理员");
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户已停用,请联系管理员",Constants.FROM_SHOP);
            throw new ServiceException("对不起,您的账号:" + username + " 已停用");
        }
        // 查询用户商户
@@ -187,15 +237,61 @@
            throw new ServiceException("未查询到商户信息");
        }
        userInfo.setShopId(shopInfo.getShopId());
        recordLogService.recordLogininfor(username, Constants.LOGIN_SUCCESS, "登录成功",Constants.FROM_SHOP);
        return userInfo;
    }
        recordLogService.recordLogininfor(username, Constants.LOGIN_SUCCESS, "登录成功");
    /**
     * 企业微信H5登录
     */
    public QwH5LoginVo qwH5StaffLogin(QwUserDetailDto qwUserDetail)
    {
        // 查询用户信息
        R<QwH5LoginVo> userResult = remoteUserService.qwH5StaffLogin(qwUserDetail);
        if(userResult==null){
            throw new ServiceException(AppErrorConstant.USER_NO_SHOP);
        }
        if (R.FAIL == userResult.getCode())
        {
            throw new ServiceException(userResult.getMsg());
        }
        QwH5LoginVo userInfo = userResult.getData();
        SysUser user = userInfo.getSysUser();
        String username = user.getUserName();
        // IP黑名单校验
        String blackStr = Convert.toStr(redisService.getCacheObject(CacheConstants.SYS_LOGIN_BLACKIPLIST));
        if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr()))
        {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "很遗憾,访问IP已被列入系统黑名单",Constants.FROM_SHOP);
            throw new ServiceException("很遗憾,访问IP已被列入系统黑名单");
        }
        if (UserStatus.DELETED.getCode().equals(user.getDelFlag()))
        {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "对不起,您的账号已被删除",Constants.FROM_SHOP);
            throw new ServiceException("对不起,您的账号:" + username + " 已被删除");
        }
        if (UserStatus.DISABLE.getCode().equals(user.getStatus()))
        {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户已停用,请联系管理员",Constants.FROM_SHOP);
            throw new ServiceException("对不起,您的账号:" + username + " 已停用");
        }
        // 查询用户商户
        R<ShopRelUserVo> shopResult = remoteShopService.getShopByBelongUserId(user.getUserId());
        if (R.FAIL == userResult.getCode()) {
            throw new ServiceException(userResult.getMsg());
        }
        ShopRelUserVo shopInfo = shopResult.getData();
        if(null == shopInfo){
            throw new ServiceException("未查询到商户信息");
        }
        userInfo.setShopId(shopInfo.getShopId());
        recordLogService.recordLogininfor(username, Constants.LOGIN_SUCCESS, "登录成功",Constants.FROM_SHOP);
        return userInfo;
    }
    public void logout(String loginName)
    {
        recordLogService.recordLogininfor(loginName, Constants.LOGOUT, "退出成功");
        recordLogService.recordLogininfor(loginName, Constants.LOGOUT, "退出成功",Constants.FROM_SYSTEM);
    }
    /**
@@ -231,6 +327,6 @@
        {
            throw new ServiceException(registerResult.getMsg());
        }
        recordLogService.recordLogininfor(username, Constants.REGISTER, "注册成功");
        recordLogService.recordLogininfor(username, Constants.REGISTER, "注册成功",Constants.FROM_SYSTEM);
    }
}