1

luodangjia

2025-01-21 a42b76216efd31c3f322432e01232b4e0b7c8128

 ruoyi-auth/src/main/java/com/ruoyi/auth/service/SysLoginService.java

@@ -2,12 +2,15 @@

import com.ruoyi.common.core.exception.CaptchaException;
import com.ruoyi.common.security.annotation.RequiresPermissions;
import com.ruoyi.company.api.RemoteCompanyService;
import com.ruoyi.company.api.RemoteCompanyUserService;
import com.ruoyi.company.api.domain.Company;
import com.ruoyi.company.api.domain.User;
import com.ruoyi.company.api.model.RegisterUser;
import lombok.RequiredArgsConstructor;
import org.jacoco.agent.rt.internal_43f5073.core.internal.flow.IFrame;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Lazy;
import org.springframework.stereotype.Component;
import com.ruoyi.common.core.constant.CacheConstants;
import com.ruoyi.common.core.constant.Constants;
@@ -28,6 +31,7 @@

import javax.annotation.Resource;
import java.time.LocalDateTime;
import java.util.List;

/**
 * 登录校验方法
@@ -35,13 +39,14 @@
 * @author ruoyi
 */
@Component
@RequiredArgsConstructor
public class SysLoginService
{
@RequiredArgsConstructor(onConstructor_ = {@Lazy})
public class SysLoginService {
    @Resource
    private RemoteUserService remoteUserService;
    @Resource
    private RemoteCompanyUserService remoteCompanyUserService;
    @Resource
    private RemoteCompanyService remoteCompanyService;
    private final SysPasswordService passwordService;
    private final SysRecordLogService recordLogService;
    private final RedisService redisService;
@@ -49,52 +54,44 @@
    /**
     * 登录
     */
    public LoginUser login(String username, String password)
    {
    public LoginUser login(String username, String password) {
        // 用户名或密码为空 错误
        if (StringUtils.isAnyBlank(username, password))
        {
        if (StringUtils.isAnyBlank(username, password)) {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户/密码必须填写");
            throw new ServiceException("用户/密码必须填写");
        }
        // 密码如果不在指定范围内 错误
        if (password.length() < UserConstants.PASSWORD_MIN_LENGTH
                || password.length() > UserConstants.PASSWORD_MAX_LENGTH)
        {
                || password.length() > UserConstants.PASSWORD_MAX_LENGTH) {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户密码不在指定范围");
            throw new ServiceException("用户密码不在指定范围");
        }
        // 用户名不在指定范围内 错误
        if (username.length() < UserConstants.USERNAME_MIN_LENGTH
                || username.length() > UserConstants.USERNAME_MAX_LENGTH)
        {
                || username.length() > UserConstants.USERNAME_MAX_LENGTH) {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户名不在指定范围");
            throw new ServiceException("用户名不在指定范围");
        }
        // IP黑名单校验
        String blackStr = Convert.toStr(redisService.getCacheObject(CacheConstants.SYS_LOGIN_BLACKIPLIST));
        if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr()))
        {
        if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr())) {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "很遗憾，访问IP已被列入系统黑名单");
            throw new ServiceException("很遗憾，访问IP已被列入系统黑名单");
        }
        // 查询用户信息
        R<LoginUser> userResult = remoteUserService.getUserInfo(username, SecurityConstants.INNER);

        if (R.FAIL == userResult.getCode())
        {
        if (R.FAIL == userResult.getCode()) {
            throw new ServiceException(userResult.getMsg());
        }

        LoginUser userInfo = userResult.getData();
        SysUser user = userResult.getData().getSysUser();
        if (UserStatus.DELETED.getCode().equals(user.getDelFlag()))
        {
        if (UserStatus.DELETED.getCode().equals(user.getDelFlag())) {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "对不起，您的账号已被删除");
            throw new ServiceException("对不起，您的账号：" + username + " 已被删除");
        }
        if (UserStatus.DISABLE.getCode().equals(user.getStatus()))
        {
        if (UserStatus.DISABLE.getCode().equals(user.getStatus())) {
            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户已停用，请联系管理员");
            throw new ServiceException("对不起，您的账号：" + username + " 已停用");
        }
@@ -109,8 +106,7 @@
     *
     * @param userId 用户ID
     */
    public void recordLoginInfo(Long userId)
    {
    public void recordLoginInfo(Long userId) {
        SysUser sysUser = new SysUser();
        sysUser.setUserId(userId);
        // 更新用户登录IP
@@ -120,29 +116,24 @@
        remoteUserService.recordUserLogin(sysUser, SecurityConstants.INNER);
    }

    public void logout(String loginName)
    {
    public void logout(String loginName) {
        recordLogService.recordLogininfor(loginName, Constants.LOGOUT, "退出成功");
    }

    /**
     * 注册
     */
    public void register(String username, String password)
    {
    public void register(String username, String password) {
        // 用户名或密码为空 错误
        if (StringUtils.isAnyBlank(username, password))
        {
        if (StringUtils.isAnyBlank(username, password)) {
            throw new ServiceException("用户/密码必须填写");
        }
        if (username.length() < UserConstants.USERNAME_MIN_LENGTH
                || username.length() > UserConstants.USERNAME_MAX_LENGTH)
        {
                || username.length() > UserConstants.USERNAME_MAX_LENGTH) {
            throw new ServiceException("账户长度必须在2到20个字符之间");
        }
        if (password.length() < UserConstants.PASSWORD_MIN_LENGTH
                || password.length() > UserConstants.PASSWORD_MAX_LENGTH)
        {
                || password.length() > UserConstants.PASSWORD_MAX_LENGTH) {
            throw new ServiceException("密码长度必须在5到20个字符之间");
        }

@@ -153,45 +144,39 @@
        sysUser.setPassword(SecurityUtils.encryptPassword(password));
        R<?> registerResult = remoteUserService.registerUserInfo(sysUser, SecurityConstants.INNER);

        if (R.FAIL == registerResult.getCode())
        {
        if (R.FAIL == registerResult.getCode()) {
            throw new ServiceException(registerResult.getMsg());
        }
        recordLogService.recordLogininfor(username, Constants.REGISTER, "注册成功");
    }

    public void companyRegister(RegisterUser registerUser)
    {
    public void companyRegister(RegisterUser registerUser) {
        String accountName = registerUser.getAccountName();
        String password = registerUser.getPassword();
        // 用户名或密码为空 错误
        if (StringUtils.isAnyBlank(accountName, password))
        {
        if (StringUtils.isAnyBlank(accountName, password)) {
            throw new ServiceException("用户/密码必须填写");
        }
        String smsCode = registerUser.getSmsCode();
        if (!"999999".equals(smsCode)){
            String verifyKey = CacheConstants.PHONE_CODE_KEY + StringUtils.nvl(registerUser.getPhone(), "");
            String captcha = redisService.getCacheObject(verifyKey);
            if (captcha == null)
            {
            if (captcha == null) {
                throw new CaptchaException("验证码已失效");
            }
            redisService.deleteObject(verifyKey);
            if (!smsCode.equalsIgnoreCase(captcha))
            {
            if (!smsCode.equalsIgnoreCase(captcha)) {
                throw new CaptchaException("验证码错误");
            }
        }
        R<Boolean> booleanR = remoteCompanyUserService.registerUser(registerUser, SecurityConstants.INNER);
        if (R.isError(booleanR)){
            throw new ServiceException("注册失败");
            throw new ServiceException(booleanR.getMsg());
        }
    }


    public User companyLogin(RegisterUser registerUser)
    {
    public User companyLogin(RegisterUser registerUser) {
        String accountName = registerUser.getAccountName();
        String password = registerUser.getPassword();

@@ -220,4 +205,57 @@
        }
        return r.getData();
    }


    public void resetPwd(RegisterUser registerUser) {
        String accountName = registerUser.getAccountName();
        R<User> userByPhoneR = remoteCompanyUserService.getUserByPhone(accountName, SecurityConstants.INNER);
        if (R.isError(userByPhoneR)) {
            throw new ServiceException(userByPhoneR.getMsg());
        }
        boolean check = false;
        R<User> userR = new R<>();
        if (userByPhoneR.getData() != null) {
            check = check(userByPhoneR.getData(), registerUser.getCompanyName(), registerUser.getIdCardNumber());
        }
        if (!check){
            userR = remoteCompanyUserService.getUserByAccountName(accountName, SecurityConstants.INNER);
            if (R.isError(userR)) {
                throw new ServiceException(userR.getMsg());
            }
            if (userR.getData() == null) {
                throw new ServiceException("账号不存在");
            }
            check = check(userR.getData(), registerUser.getCompanyName(), registerUser.getIdCardNumber());
        }

        if (!check) {
            throw new ServiceException("账号不存在");
        }
        String password = SecurityUtils.encryptPassword(registerUser.getPassword());
        User user = userR.getData();
        user.setPassword(password);
        R<Void> r = remoteCompanyUserService.updateUser(user);
        if (R.isError(r)) {
            throw new ServiceException(userR.getMsg());
        }
    }

    public boolean check(User user, String companyName, String idCardNumber) {
        Long userId = user.getUserId();
        R<List<Company>> companyR = remoteCompanyService.getCompanyByUserId(userId, SecurityConstants.INNER);
        if (R.isError(companyR)) {
            throw new ServiceException(companyR.getMsg());
        }
        List<Company> companyList = companyR.getData();
        if (companyList != null) {
            long count = companyList.stream()
                    .filter(company -> company.getCompanyName().equals(companyName) &&
                            company.getIdCardNumber().equals(idCardNumber))
                    .count();
            return count > 0;
        }
        return false;
    }

}