applet/src/main/java/com/jilongda/applet/config/AuthenticationFilter.java
File was renamed from applet/src/main/java/com/jilongda/applet/config/AuthenticationFilter1.java @@ -1,9 +1,5 @@ package com.jilongda.applet.config; import com.baomidou.mybatisplus.core.toolkit.Wrappers; import com.jilongda.applet.model.SecUser; import com.jilongda.applet.security.SecurityUserDetails; import com.jilongda.applet.service.SecUserService; import com.jilongda.common.basic.ApiResult; import com.jilongda.common.basic.Constant; import com.jilongda.common.cache.CaffineCache; @@ -13,16 +9,15 @@ import com.jilongda.common.utils.ResponseUtils; import com.jilongda.common.exception.ServiceException; import com.jilongda.common.exception.TokenException; import com.jilongda.optometry.service.SecUserService; import io.jsonwebtoken.Claims; import lombok.extern.slf4j.Slf4j; import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.stereotype.Component; import org.springframework.util.Base64Utils; import org.springframework.web.filter.OncePerRequestFilter; import javax.annotation.Resource; import javax.naming.ldap.PagedResultsControl; import javax.servlet.FilterChain; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; @@ -43,10 +38,10 @@ */ @Slf4j public class AuthenticationFilter1 extends OncePerRequestFilter { public class AuthenticationFilter extends OncePerRequestFilter { private final SecurityUtils securityUtils; private CaffineCache<String> accessTokenCache; public AuthenticationFilter1(SecurityUtils securityUtils) { public AuthenticationFilter(SecurityUtils securityUtils) { this.securityUtils = securityUtils; } @Resource @@ -79,7 +74,7 @@ Object principal = authentication.getPrincipal(); String string = principal.toString(); SecUser one = secUserService.getOne(Wrappers.lambdaQuery(SecUser.class).eq(SecUser::getPhone, principal.toString())); // SecUser one = secUserService.getOne(Wrappers.lambdaQuery(SecUser.class).eq(SecUser::getPhone, principal.toString())); // securityUtils.checkAuthentication(request); // chain.doFilter(request, response); } catch (Exception e) { applet/src/main/java/com/jilongda/applet/controller/LoginController.java
@@ -1,30 +1,15 @@ package com.jilongda.applet.controller; import com.alibaba.fastjson.JSONObject; import com.alipay.v3.ApiException; import com.aliyuncs.exceptions.ClientException; import com.baomidou.mybatisplus.core.toolkit.Wrappers; import com.dingtalk.api.DefaultDingTalkClient; import com.dingtalk.api.DingTalkClient; import com.dingtalk.api.request.OapiUserGetuserinfoRequest; import com.dingtalk.api.request.OapiV2UserGetRequest; import com.dingtalk.api.response.OapiUserGetuserinfoResponse; import com.dingtalk.api.response.OapiV2UserGetResponse; import com.github.xiaoymin.knife4j.core.util.StrUtil; import com.jilongda.applet.dto.*; import com.jilongda.applet.model.SecUser; import com.jilongda.applet.security.SecurityUserDetails; import com.jilongda.applet.security.SysUserDetailsService; import com.jilongda.applet.service.SecUserService; import com.jilongda.applet.utils.ALiSendSms; import com.jilongda.applet.utils.LoginInfoUtil; import com.jilongda.applet.utils.dingding.DingTalkAccessTokenRequest; import com.jilongda.applet.model.TAppUser; import com.jilongda.applet.service.TAppUserService; import com.jilongda.applet.wx.body.resp.Code2SessionRespBody; import com.jilongda.applet.wx.body.resq.Code2SessionResqBody; import com.jilongda.applet.wx.pojo.AppletUserDecodeData; import com.jilongda.applet.wx.pojo.AppletUserEncrypteData; import com.jilongda.applet.wx.utils.WeixinProperties; import com.jilongda.applet.wx.utils.WxAppletTools; import com.jilongda.applet.wx.utils.WxUtils; import com.jilongda.common.basic.ApiResult; import com.jilongda.common.basic.Constant; import com.jilongda.common.exception.ServiceException; import com.jilongda.common.log.OperLoginLog; import com.jilongda.common.log.OperationLog; import com.jilongda.common.msg.HuaweiCloudSMSUtil; import com.jilongda.common.redis.RedisAutoTemplate; import com.jilongda.common.security.SecurityUtils; import com.jilongda.common.utils.WebUtils; @@ -33,16 +18,11 @@ import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.util.Assert; import org.springframework.util.StringUtils; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; import org.springframework.web.client.RestTemplate; import java.util.HashMap; import java.util.Map; import java.util.Objects; /** * <p> @@ -57,303 +37,35 @@ @RestController @RequestMapping("/") public class LoginController { private final SecurityUtils securityUtils; private final AuthenticationManager authenticationManager; private final RedisAutoTemplate redisAutoTemplate; private final HuaweiCloudSMSUtil msgUtils; private final LoginInfoUtil loginInfoUtil; private final SysUserDetailsService loadUserDetailsService; @Autowired private SecUserService secUserService; private SecurityUtils securityUtils; @Autowired private PasswordEncoder passwordEncoder; private AuthenticationManager authenticationManager; @Autowired public LoginController(SecurityUtils securityUtils, AuthenticationManager authenticationManager, RedisAutoTemplate redisAutoTemplate, HuaweiCloudSMSUtil msgUtils, LoginInfoUtil loginInfoUtil,SysUserDetailsService loadUserDetailsService) { this.securityUtils = securityUtils; this.authenticationManager = authenticationManager; this.redisAutoTemplate = redisAutoTemplate; this.msgUtils = msgUtils; this.loginInfoUtil = loginInfoUtil; this.loadUserDetailsService = loadUserDetailsService; } private RedisAutoTemplate redisAutoTemplate; @Autowired private TAppUserService appUserService; @Autowired private WeixinProperties wxConfig; @Autowired private RestTemplate wxRestTemplate; // @ApiOperation(value = "通过code获得openid") // @GetMapping("openId-by-jscode2session/{code}") // public ApiResult<Map<String, Object>> jscode2session(@PathVariable("code") String code) { //// log.info("<<<<<<<<换取openid开始<<<<<<<<:{}", code); //// WxAppletTools appletTools = new WxAppletTools(wxRestTemplate, wxConfig); //// Code2SessionRespBody body = appletTools.getOpenIdByJscode2session(new Code2SessionResqBody().build(code)); //// String openid = body.getOpenid(); //// String sessionKey = body.getSessionKey(); //// SecUser secUser = secUserService.getOne(Wrappers.lambdaQuery(SecUser.class).eq(SecUser::getOpenId, openid).last("limit 1")); //// if (Objects.isNull(secUser)) { //// return ApiResult.failed(500, "请绑定账号"); //// } //// // 提前对sessionKey进行删除 //// //redisTemplate.delete(openid); //// log.info("换取sessionKey:{}", sessionKey); //// // 将sessionKey进行存储,后续获取信息需要 //// redisAutoTemplate.setStr(openid, sessionKey); // Map<String, Object> tokenInfos = securityUtils.login(null, null, authenticationManager, SecUser.class, 3); // return ApiResult.success(tokenInfos); // } // @ApiOperation(value = "账号与小程序进行绑定") // @GetMapping("openidBindPhone/{code}/{account}") // public ApiResult<String> openidBindPhone(@PathVariable("code") String code, @PathVariable("account") String account) { // SecUser secUser = secUserService.getOne(Wrappers.lambdaQuery(SecUser.class).eq(SecUser::getAccount, account).last("limit 1")); // Assert.isTrue(!StringUtils.hasLength(secUser.getOpenId()), "该账号已绑定微信"); // log.info("<<<<<<<<换取openid开始<<<<<<<<:{}", code); // WxAppletTools appletTools = new WxAppletTools(wxRestTemplate, wxConfig); // Code2SessionRespBody body = appletTools.getOpenIdByJscode2session(new Code2SessionResqBody().build(code)); // String openid = body.getOpenid(); // // 手机号绑定微信 // secUser.setOpenId(openid); // secUserService.updateById(secUser); // return ApiResult.success(); // } /** * 登录接口 */ // @OperLoginLog // @ApiOperation("用户账号登录") // @PostMapping(value = "login") // public ApiResult<Map<String, Object>> login(@Validated @RequestBody LoginDTO loginDto) { // // 先检验是否登录 // String username = loginDto.getAccount(); // String password = loginDto.getPassword(); // // log.info("<<<<<<<<换取openid开始<<<<<<<<:{}", loginDto.getCode()); //// WxAppletTools appletTools = new WxAppletTools(wxRestTemplate, wxConfig); //// Code2SessionRespBody body = appletTools.getOpenIdByJscode2session(new Code2SessionResqBody().build(loginDto.getCode())); //// String openid = body.getOpenid(); //// loginDto.setOpenId(openid); // // try { // Map<String, Object> token = securityUtils.login(username, password, authenticationManager, SecurityUserDetails.class, 2); // return ApiResult.success(token); // } catch (Exception e) { // e.printStackTrace(); // ApiResult<Map<String, Object>> failed = ApiResult.failed(new HashMap<>(1)); // failed.setCode(0); // failed.setSuccess(false); // failed.setMsg(e.getMessage()); // return failed; // } // } /** * 登录接口 */ @OperLoginLog @ApiOperation("后台登录") @PostMapping(value = "login") public ApiResult<Map<String, Object>> login1(@Validated @RequestBody LoginDTO loginDto) { //验证是否通过验证 // if (ObjectUtils.isEmpty(loginDto.getVerify()) || !loginDto.getVerify()) { // ApiResult<Map<String, Object>> failed = new ApiResult<>(); // failed.setMsg("登录失败,请正确验证!"); // return failed; // } // 先检验是否登录 String username = loginDto.getPhone(); String password = loginDto.getPassword(); try { SecUser secUser = secUserService.getOne(Wrappers.lambdaQuery(SecUser.class) .eq(SecUser::getAccount, loginDto.getPhone())); Assert.isTrue(Objects.nonNull(secUser), "该账号不存在"); SecUser one = secUserService.getOne(Wrappers.lambdaQuery(SecUser.class).eq(SecUser::getAccount, username)); if (one.getState()){ return ApiResult.failed(500, "该账号已被冻结,请联系管理员"); } Map<String, Object> token = securityUtils.login(username, password, authenticationManager, SecurityUserDetails.class, 1); return ApiResult.success(token); } catch (Exception e) { ApiResult<Map<String, Object>> failed = ApiResult.failed(new HashMap<>(1)); failed.setCode(0); failed.setSuccess(false); failed.setMsg(e.getMessage()); return failed; @ApiOperation(value = "通过code获得openid,获取用户信息",tags = {"微信小程序登录"}) @PostMapping("/openIdByJsCode") public ApiResult<Map<String, Object>> openIdByJsCode(@RequestBody AppletUserEncrypteData data) { log.info("<<<<<<<<换取openid开始<<<<<<<<:{}", data.getCode()); WxAppletTools appletTools = new WxAppletTools(wxRestTemplate, wxConfig, redisAutoTemplate); Code2SessionRespBody body = appletTools.getOpenIdByJscode2session(new Code2SessionResqBody().build(data.getCode())); String openid = body.getOpenid(); String sessionKey = body.getSessionKey(); if(!StringUtils.hasLength(data.getEncryptedData()) || !StringUtils.hasLength(data.getIv())){ return ApiResult.failed("已拒绝授权",null); } } /** * 登录接口 */ // @OperLoginLog // @ApiOperation("选择用户账号登录") // @PostMapping(value = "choose-login") // public ApiResult<Map<String, Object>> chooseLogin(@Validated @RequestBody LoginDTO loginDto) { // 先检验是否登录 // String username = loginDto.getAccount(); // //// SecUser one = secUserService.getOne(Wrappers.lambdaQuery(SecUser.class) //// .eq(SecUser::getAccount, username)); // // log.info("<<<<<<<<换取openid开始<<<<<<<<:{}", loginDto.getCode()); // WxAppletTools appletTools = new WxAppletTools(wxRestTemplate, wxConfig); // Code2SessionRespBody body = appletTools.getOpenIdByJscode2session(new Code2SessionResqBody().build(loginDto.getCode())); // String openid = body.getOpenid(); // loginDto.setOpenId(openid); // // try { // Map<String, Object> token = securityUtils.login(username, one, authenticationManager, SecUser.class, 2); // // //保存登录记录 // try { // loginRecordService.saveNew((SecurityUserDetails) token.get("userInfo")); // } catch (Exception e) { // log.error("登录记录失败!"); // } // // return ApiResult.success(token); // } catch (Exception e) { // ApiResult<Map<String, Object>> failed = ApiResult.failed(new HashMap<>(1)); // failed.setCode(0); // failed.setSuccess(false); // failed.setMsg(e.getMessage()); // return failed; // } // return ApiResult.success(new HashMap<>()); // } /** * 登录接口 */ // @ApiOperation("短信登录") // @PostMapping(value = "code/login") // public ApiResult<List<SecUser>> loginByCode(@Validated @RequestBody LoginCodeDTO dto) { // // 先检验是否登录 // String phone = dto.getPhone(); // String code = dto.getCode(); // // 校验验证码是否正确 // String redisCode = redisAutoTemplate.getStr(dto.getPhone()); // Assert.isTrue(StringUtils.hasLength(redisCode), "验证码已过期"); // if (!code.equals(redisCode)) { // throw new ServiceException(500, "验证码错误,请重新输入验证码!"); // } // try { //// List<SecUser> list = secUserService.list(Wrappers.lambdaQuery(SecUser.class) //// .eq(SecUser::getPhone, phone)); //// list = list.stream().filter(o -> !o.getShortName().contains("admin")).collect(Collectors.toList()); //// Map<String, Object> token = securityUtils.login(phone, code, authenticationManager, SecurityUserDetails.class, true); // //保存登录记录 // return ApiResult.success(new ArrayList<>()); // } catch (Exception e) { // ApiResult<List<SecUser>> failed = ApiResult.failed(new ArrayList<>(1)); // failed.setCode(0); // failed.setSuccess(false); // failed.setMsg(e.getMessage()); // return failed; // } // } @ApiOperation("发送验证码") @PostMapping(value = "sendCode") public ApiResult<String> sendCode(@RequestBody VerificationCodeDTO dto) throws ClientException { // 账号查询用户 SecUser secUser = secUserService.getOne(Wrappers.lambdaQuery(SecUser.class) .eq(SecUser::getAccount, dto.getPhone())); Assert.isTrue(Objects.nonNull(secUser), "该账号不存在"); // 发送验证码并存储到redis if (StringUtils.hasLength(dto.getPhone())) { if(!loginInfoUtil.checkPhoneExits(dto.getPhone())){ throw new ServiceException("无效手机号码"); } String code = String.valueOf((int) (Math.random() * 1000000)); //TODO 临时验证码,短信未开通前测试用 // code = "666666"; redisAutoTemplate.setStr("code:"+dto.getPhone(), code); redisAutoTemplate.expire(dto.getPhone(), Constant.REDIS_EXPIRE); // msgUtils.sendSMS(dto.getPhone(), code); AliSms aliSms =new AliSms(); aliSms.setCode(code); aliSms.setProduct(dto.getPhone()); String json = JSONObject.toJSONString(aliSms); aLiSendSms.sendSms(dto.getPhone(), "SMS_58880127", json); return ApiResult.success("发送短信验证码成功!15分钟内有效"); } return ApiResult.failed(500, "发送短信验证码失败,请确认手机号码!"); } @ApiOperation("发送修改密码验证码") @PostMapping(value = "sendPassCode") public ApiResult<String> sendPassCode(@RequestBody VerificationCodeDTO dto) throws ClientException { // 账号查询用户 SecUser secUser = secUserService.getOne(Wrappers.lambdaQuery(SecUser.class) .eq(SecUser::getAccount, dto.getPhone())); Assert.isTrue(Objects.nonNull(secUser), "该账号不存在"); // 发送验证码并存储到redis if (StringUtils.hasLength(dto.getPhone())) { if(!loginInfoUtil.checkPhoneExits(dto.getPhone())){ throw new ServiceException("无效手机号码"); } String code = String.valueOf((int) (Math.random() * 1000000)); //TODO 临时验证码,短信未开通前测试用 // code = "666666"; redisAutoTemplate.setStr("code:"+dto.getPhone(), code); redisAutoTemplate.expire(dto.getPhone(), Constant.REDIS_EXPIRE); // msgUtils.sendSMS(dto.getPhone(), code); AliSms aliSms =new AliSms(); aliSms.setCode(code); aliSms.setProduct(dto.getPhone()); String json = JSONObject.toJSONString(aliSms); aLiSendSms.sendSms(dto.getPhone(), "SMS_58880123", json); return ApiResult.success("发送短信验证码成功!15分钟内有效"); } return ApiResult.failed(500, "发送短信验证码失败,请确认手机号码!"); } @OperLoginLog @ApiOperation("短信登录") @PostMapping(value = "code/login") public ApiResult<Map<String, Object>> loginByCode(@Validated @RequestBody LoginCodeDTO dto) { String phone = dto.getPhone(); String code = dto.getCode(); // 校验验证码是否正确 if(!redisAutoTemplate.hasKey("code:"+phone)){ throw new ServiceException(500, "验证码错误"); } String redisCode = redisAutoTemplate.getStr("code:"+phone); if (!code.equals(redisCode)) { throw new ServiceException(500, "验证码错误"); } try { SecUser one = secUserService.getOne(Wrappers.lambdaQuery(SecUser.class).eq(SecUser::getAccount, phone)); if (Objects.isNull(one)){ return ApiResult.failed(500, "请输入正确的账号"); } if (one.getState()){ return ApiResult.failed(500, "该账号已被冻结,请联系管理员"); } Map<String, Object> token = securityUtils.login(phone, code, authenticationManager, SecurityUserDetails.class, 2); SecurityUserDetails userDetails = loadUserDetailsService.loadUserByUsername(phone); token.put("userInfo", userDetails); return ApiResult.success(token); } catch (Exception e) { ApiResult<Map<String, Object>> failed = ApiResult.failed(new HashMap<>(1)); failed.setCode(0); failed.setSuccess(false); failed.setMsg(e.getMessage()); return failed; } AppletUserDecodeData appletUserDecodeData = WxUtils.encryptedData(data.getEncryptedData(), sessionKey, data.getIv()); appletUserDecodeData.setOpenId(openid); appUserService.wxLogin(appletUserDecodeData); Map<String, Object> tokenInfos = securityUtils.login(null, null, authenticationManager, TAppUser.class, 3); return ApiResult.success(tokenInfos); } @ApiOperation("退出登录") @@ -365,99 +77,6 @@ } return ApiResult.success(); } @OperationLog(operType = "修改", operDesc = "密码修改", operModul = "用户") @ApiOperation("首页密码修改") @PostMapping("/pageResetPassword") public ApiResult<String> pageResetPassword(@Validated @RequestBody ResetPasswordDTO dto) { // 账号查询用户 SecUser secUser = secUserService.getOne(Wrappers.lambdaQuery(SecUser.class) .eq(SecUser::getPhone, dto.getPhone())); Assert.isTrue(Objects.nonNull(secUser), "该账号不存在"); // 校验短信验证码 String str = redisAutoTemplate.getStr("code:"+secUser.getPhone()); if(!StringUtils.hasLength(str)){ return ApiResult.failed("验证码已过期!"); } if(!str.equals(dto.getCode())){ return ApiResult.failed("验证码错误"); } // if (StrUtil.isNotBlank(dto.getPassword())) { // // 根据加密算法加密用户输入的密码,然后和数据库中保存的密码进行比较 // if (!this.passwordEncoder.matches(dto.getOldPassword(), secUser.getPassword())) { // throw new BadCredentialsException("输入原密码不正确"); // } // 修改密码 secUser.setPassword(passwordEncoder.encode(dto.getPassword())); // } else { // // 重置密码 // secUser.setPassword(passwordEncoder.encode(Constant.DEF_PASSWORD)); // } secUserService.updateById(secUser); return ApiResult.success(); } @ApiOperation("钉钉登录") @RequestMapping(value = "/dingding", method = RequestMethod.GET) public ApiResult login (@RequestParam("code") String requestAuthCode) throws Exception { OapiUserGetuserinfoResponse response; String accessTokenRequest = DingTalkAccessTokenRequest.getAccessTokenRequest(); String access_token = accessTokenRequest; try { // // 获取用户信息 DingTalkClient client = new DefaultDingTalkClient("https://oapi.dingtalk.com/user/getuserinfo"); OapiUserGetuserinfoRequest request = new OapiUserGetuserinfoRequest(); request.setCode(requestAuthCode); request.setHttpMethod("GET"); response = client.execute(request, access_token); } catch (Exception e) { // TODO Auto-generated catch block e.printStackTrace(); return null; } // 查询得到当前用户的userId // 获得到userId之后应用应该处理应用自身的登录会话管理(session),避免后续的业务交互(前端到应用服务端)每次都要重新获取用户身份,提升用户体验 String userId = response.getUserid(); Map<String, Object> returnMap = new HashMap<String,Object>(); returnMap.put("userId", userId); // return ServiceResult.success(returnMap); DingTalkClient client = new DefaultDingTalkClient("https://oapi.dingtalk.com/topapi/v2/user/get"); OapiV2UserGetRequest req = new OapiV2UserGetRequest(); req.setUserid(userId); OapiV2UserGetResponse rsp = client.execute(req, access_token); System.out.println(rsp.getBody()); return ApiResult.success(); } @Autowired private ALiSendSms aLiSendSms; // @ApiOperation(value = "发送验证码", notes = "发送验证码") // @PostMapping(value = "sendMsg") // public ApiResult<String> sendMsg(@RequestBody VerificationCodeDTO dto) throws Exception { // // 发送验证码并存储到redis // if (StringUtils.hasLength(dto.getPhone())) { // String code = String.valueOf((int) (Math.random() * 1000000)); // redisAutoTemplate.setStr(dto.getPhone(), code); // redisAutoTemplate.expire(dto.getPhone(), Constant.REDIS_EXPIRE); // AliSms aliSms =new AliSms(); // aliSms.setCode(code); // aliSms.setProduct(dto.getPhone()); // String json = JSONObject.toJSONString(aliSms); // aLiSendSms.sendSms(dto.getPhone(), "SMS_58880127", json); // return ApiResult.success("发送短信验证码成功!15分钟内有效"); // } // return ApiResult.failed(500, "发送短信验证码失败,请确认手机号码!"); // }
File was deleted applet/src/main/java/com/jilongda/applet/controller/SecRoleController.java
File was deleted applet/src/main/java/com/jilongda/applet/controller/SecRoleResourceController.java
File was deleted applet/src/main/java/com/jilongda/applet/controller/SecUserController.java
File was deleted applet/src/main/java/com/jilongda/applet/controller/SecUserRoleController.java
File was deleted applet/src/main/java/com/jilongda/applet/controller/TStoreController.java
@@ -1,6 +1,9 @@ package com.jilongda.applet.controller; import com.jilongda.applet.service.TStoreService; import io.swagger.annotations.Api; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; @@ -13,9 +16,16 @@ * @author 无关风月 * @since 2024-12-09 */ @Api(tags = "门店表") @RestController @RequestMapping("/t-store") public class TStoreController { @Autowired private TStoreService tStoreService; }
File was deleted applet/src/main/java/com/jilongda/applet/mapper/SecResourcesMapper.java
File was deleted applet/src/main/java/com/jilongda/applet/mapper/SecRoleMapper.java
File was deleted applet/src/main/java/com/jilongda/applet/mapper/SecRoleResourceMapper.java
File was deleted applet/src/main/java/com/jilongda/applet/mapper/SecUserMapper.java
File was deleted applet/src/main/java/com/jilongda/applet/mapper/SecUserRoleMapper.java
File was deleted applet/src/main/java/com/jilongda/applet/mapper/TUserMapper.java
File was deleted applet/src/main/java/com/jilongda/applet/model/TAppUser.java
@@ -6,6 +6,8 @@ import java.time.LocalDateTime; import com.baomidou.mybatisplus.annotation.TableField; import java.io.Serializable; import com.jilongda.common.pojo.BaseModel; import io.swagger.annotations.ApiModel; import io.swagger.annotations.ApiModelProperty; import lombok.Data; @@ -23,14 +25,16 @@ @EqualsAndHashCode(callSuper = false) @TableName("t_app_user") @ApiModel(value="TAppUser对象", description="用户表") public class TAppUser implements Serializable { public class TAppUser extends BaseModel { private static final long serialVersionUID = 1L; @ApiModelProperty(value = "主键id") @TableId(value = "id", type = IdType.AUTO) private Integer id; @ApiModelProperty(value = "头像") @TableField("avatar") private String avatar; @ApiModelProperty(value = "微信昵称") @TableField("name") private String name; @@ -57,23 +61,8 @@ @TableField("registerTime") private LocalDateTime registerTime; @ApiModelProperty(value = "创建时间") @TableField("createTime") private LocalDateTime createTime; @ApiModelProperty(value = "修改时间") @TableField("updateTime") private LocalDateTime updateTime; @TableField("createBy") private String createBy; @TableField("updateBy") private String updateBy; @ApiModelProperty(value = "是否删除 0否1是") @TableField("isDelete") private Integer isDelete; @ApiModelProperty(value = "状态 1=启用 0=禁用") @TableField("status") private Integer status; } applet/src/main/java/com/jilongda/applet/security/SysUserDetailsService.java
@@ -1,28 +1,14 @@ package com.jilongda.applet.security; import com.baomidou.mybatisplus.core.toolkit.Wrappers; import com.jilongda.applet.mapper.SecRoleMapper; import com.jilongda.applet.mapper.SecUserMapper; import com.jilongda.applet.model.SecRole; import com.jilongda.applet.model.SecUser; import com.jilongda.applet.service.SecUserService; import com.jilongda.applet.service.TUserService; import com.jilongda.applet.vo.SecResourceVO; import com.jilongda.common.basic.Constant; import com.jilongda.common.model.TUser; import com.jilongda.common.utils.SpringUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.ParameterResolutionDelegate; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.stereotype.Component; import org.springframework.util.CollectionUtils; import java.time.LocalDateTime; import java.util.ArrayList; import java.util.List; import java.util.Objects; import java.util.stream.Collectors; /** applet/src/main/java/com/jilongda/applet/service/SecResourcesService.java
File was deleted applet/src/main/java/com/jilongda/applet/service/SecRoleResourceService.java
File was deleted applet/src/main/java/com/jilongda/applet/service/SecRoleService.java
File was deleted applet/src/main/java/com/jilongda/applet/service/SecUserRoleService.java
File was deleted applet/src/main/java/com/jilongda/applet/service/SecUserService.java
File was deleted applet/src/main/java/com/jilongda/applet/service/TAppUserService.java
@@ -2,6 +2,9 @@ import com.jilongda.applet.model.TAppUser; import com.baomidou.mybatisplus.extension.service.IService; import com.jilongda.applet.wx.pojo.AppletUserDecodeData; import java.util.Map; /** * <p> @@ -12,5 +15,9 @@ * @since 2024-12-09 */ public interface TAppUserService extends IService<TAppUser> { /** * 微信小程序登录用户封装 * @param appletUserDecodeData */ void wxLogin(AppletUserDecodeData appletUserDecodeData); } applet/src/main/java/com/jilongda/applet/service/TUserService.java
File was deleted applet/src/main/java/com/jilongda/applet/service/impl/SecResourcesServiceImpl.java
File was deleted applet/src/main/java/com/jilongda/applet/service/impl/SecRoleResourceServiceImpl.java
File was deleted applet/src/main/java/com/jilongda/applet/service/impl/SecRoleServiceImpl.java
File was deleted applet/src/main/java/com/jilongda/applet/service/impl/SecUserRoleServiceImpl.java
File was deleted applet/src/main/java/com/jilongda/applet/service/impl/SecUserServiceImpl.java
File was deleted applet/src/main/java/com/jilongda/applet/service/impl/TAppUserServiceImpl.java
@@ -1,10 +1,20 @@ package com.jilongda.applet.service.impl; import com.baomidou.mybatisplus.core.toolkit.Wrappers; import com.jilongda.applet.model.TAppUser; import com.jilongda.applet.mapper.TAppUserMapper; import com.jilongda.applet.service.TAppUserService; import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; import com.jilongda.applet.utils.RptUtils; import com.jilongda.applet.wx.pojo.AppletUserDecodeData; import com.jilongda.common.exception.ServiceException; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.core.token.TokenService; import org.springframework.stereotype.Service; import org.springframework.util.StringUtils; import java.util.Map; import java.util.Objects; /** * <p> @@ -16,5 +26,25 @@ */ @Service public class TAppUserServiceImpl extends ServiceImpl<TAppUserMapper, TAppUser> implements TAppUserService { @Autowired private TokenService tokenService; @Override public void wxLogin(AppletUserDecodeData appletUserDecodeData) { // 通过手机号查询用户,是否已存在手动导入用户,包含支付宝用户 TAppUser appUser = this.getOne(Wrappers.lambdaQuery(TAppUser.class) .eq(TAppUser::getOpenId, appletUserDecodeData.getOpenId()) .last("LIMIT 1")); if(Objects.isNull(appUser)){ appUser = new TAppUser(); appUser.setPhone(appletUserDecodeData.getPhoneNumber()); appUser.setAvatar(StringUtils.hasLength(appUser.getAvatar())?appUser.getAvatar():""); appUser.setName(StringUtils.hasLength(appUser.getName())?appUser.getName(): RptUtils.around(appletUserDecodeData.getPhoneNumber(),3,4)); appUser.setOpenId(appletUserDecodeData.getOpenId()); this.save(appUser); }else { if(appUser.getStatus()!=1){ throw new ServiceException("账号被冻结,请联系管理员"); } } } } applet/src/main/java/com/jilongda/applet/service/impl/TUserServiceImpl.java
File was deleted applet/src/main/java/com/jilongda/applet/utils/LoginInfoUtil.java
@@ -2,16 +2,6 @@ import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import com.jilongda.applet.model.SecUser; import com.jilongda.applet.service.SecUserService; import com.jilongda.applet.service.TUserService; import com.jilongda.common.model.TUser; import com.jilongda.common.security.JwtTokenUtils; import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import com.jilongda.applet.service.TUserService; import com.jilongda.common.model.TUser; import com.jilongda.common.security.JwtTokenUtils; import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import com.jilongda.applet.service.TUserService; import com.jilongda.common.model.TUser; import com.jilongda.common.security.JwtTokenUtils; import org.springframework.beans.factory.annotation.Autowired; applet/src/main/java/com/jilongda/applet/utils/RptUtils.java
New file @@ -0,0 +1,33 @@ package com.jilongda.applet.utils; /** * 脱敏工具类 */ public class RptUtils { private static final String SYMBOL = "*"; /** * 脱敏 * @param str 待脱敏字符串 * @param left 左边保留多少位 * @param right 右边保留多少位 * @return 脱敏结果,除左右外,其余字符将被替换为* */ public static String around(String str, int left, int right){ if (str == null || (str.length() < left + right +1)){ return str; } String regex = String.format("(?<=\\w{%d})\\w(?=\\w{%d})", left, right); return str.replaceAll(regex, SYMBOL); } /** * 正则表达式实现金额数据脱敏 * @param money * @return */ public static String getMoney(String money){ //保留0个数到0个结束 return around(money,0,0); } } applet/src/main/java/com/jilongda/applet/wx/pojo/AppletUserEncrypteData.java
@@ -14,4 +14,5 @@ public class AppletUserEncrypteData extends AppletPhoneEncrypteData { private String rawData; private String signature; private String code; } applet/src/main/java/com/jilongda/applet/wx/utils/WxAppletTools.java
@@ -3,7 +3,9 @@ import com.jilongda.applet.wx.body.resp.AccessTokenRespBody; import com.jilongda.applet.wx.body.resp.Code2SessionRespBody; import com.jilongda.applet.wx.body.resq.Code2SessionResqBody; import com.jilongda.common.redis.RedisAutoTemplate; import lombok.extern.slf4j.Slf4j; import org.springframework.data.redis.cache.RedisCache; import org.springframework.util.StringUtils; import org.springframework.web.client.RestTemplate; @@ -55,12 +57,12 @@ public static String ACCESS_TOKEN_URL = "https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid={0}&secret={1}"; private WeixinProperties wxConfig; private RestTemplate wxRestTemplate; private WxCacheTemplate<String> wxCacheTemplate; private RedisAutoTemplate redisAutoTemplate; public WxAppletTools(RestTemplate wxRestTemplate, WeixinProperties wxConfig, WxCaffineCache wxCacheTemplate) { public WxAppletTools(RestTemplate wxRestTemplate, WeixinProperties wxConfig, RedisAutoTemplate redisAutoTemplate) { this.wxRestTemplate = wxRestTemplate; this.wxCacheTemplate = wxCacheTemplate; this.wxConfig = wxConfig; this.redisAutoTemplate = redisAutoTemplate; } public WxAppletTools(RestTemplate wxRestTemplate, WeixinProperties wxConfig) { @@ -105,7 +107,7 @@ * @return */ public String getAccessToken() { String accessToken = wxCacheTemplate.getKey(ACCESSTOKEN_CACHE_KEY); String accessToken = redisAutoTemplate.getStr(ACCESSTOKEN_CACHE_KEY); if (StringUtils.hasLength(accessToken)) { return accessToken; } @@ -117,7 +119,7 @@ // 抛出错误 throw new WxException(accessTokenRespBody.getErrorCode() + ":" + accessTokenRespBody.getErrorMsg()); } wxCacheTemplate.setKey(ACCESSTOKEN_CACHE_KEY, accessTokenRespBody.getAccessToken()); redisAutoTemplate.setStr(ACCESSTOKEN_CACHE_KEY, accessTokenRespBody.getAccessToken()); return accessTokenRespBody.getAccessToken(); }
New file @@ -0,0 +1,175 @@ package com.jilongda.applet.wx.utils; import com.jilongda.applet.wx.pojo.AppletUserDecodeData; import lombok.extern.slf4j.Slf4j; import org.apache.commons.codec.CharEncoding; import org.bouncycastle.jce.provider.BouncyCastleProvider; import org.bouncycastle.util.encoders.Base64; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import javax.crypto.Cipher; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; import javax.servlet.http.HttpServletRequest; import java.io.BufferedReader; import java.io.IOException; import java.io.InputStream; import java.io.InputStreamReader; import java.security.AlgorithmParameters; import java.security.Security; import java.util.Arrays; /** * @Description 获取用户信息工具类 * @Author xiaochen * @Date 2021/8/12 15:45 */ @Slf4j public class WxUtils { /** * 微信小程序API 用户数据的解密 * * @param encryptedData * @param sessionKey * @param iv * @return */ public static AppletUserDecodeData encryptedData(String encryptedData, String sessionKey, String iv) { // 被加密的数据 byte[] dataByte = Base64.decode(encryptedData); // 加密秘钥 byte[] keyByte = Base64.decode(sessionKey); // 偏移量 byte[] ivByte = Base64.decode(iv); try { // 如果密钥不足16位,那么就补足. 这个if 中的内容很重要 int base = 16; if (keyByte.length % base != 0) { int groups = keyByte.length / base + (keyByte.length % base != 0 ? 1 : 0); byte[] temp = new byte[groups * base]; Arrays.fill(temp, (byte) 0); System.arraycopy(keyByte, 0, temp, 0, keyByte.length); keyByte = temp; } // 初始化 Security.addProvider(new BouncyCastleProvider()); Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding", "BC"); SecretKeySpec spec = new SecretKeySpec(keyByte, "AES"); AlgorithmParameters parameters = AlgorithmParameters.getInstance("AES"); parameters.init(new IvParameterSpec(ivByte)); cipher.init(Cipher.DECRYPT_MODE, spec, parameters); byte[] resultByte = cipher.doFinal(dataByte); if (null != resultByte && resultByte.length > 0) { String result = new String(resultByte, CharEncoding.UTF_8); log.info("解密原串:{}", result); return WxJsonUtils.parseObject(result, AppletUserDecodeData.class); } throw new RuntimeException("解密的数据为空"); } catch (Exception e) { log.error("解密失败. error = {}", e.getMessage(), e); throw new RuntimeException(e.getMessage()); } } /** * 微信小程序API 用户数据的签名验证 * signature = sha1( rawData + session_key ) * * @param rawData 不包括敏感信息的原始数据字符串,用于计算签名。 * @param sessionKey */ public static void verifySignature(String rawData, String sessionKey, String signature) { String serverSignature = SHA1.getSHA1(rawData + sessionKey); log.info(rawData + ">>>>>>:" + sessionKey + " === " + serverSignature + " ======" + signature); if (!signature.equals(serverSignature)) { throw new RuntimeException("数据验签不通过"); } } /** * 根据流接收请求数据 * * @param request * @return */ public static String streamBodyByReceive(HttpServletRequest request) throws IOException { log.info("微信异步回调地址:{}", request.getRequestURL()); StringBuffer buffer = new StringBuffer(); InputStream inputStream = request.getInputStream(); InputStreamReader reader = new InputStreamReader(inputStream); BufferedReader bufferedReader = new BufferedReader(reader); String body = null; while ((body = bufferedReader.readLine()) != null) { buffer.append(body); } String data = buffer.toString(); reader.close(); inputStream.close(); log.info("微信异步回调数据:{}", data); return data; } /** * 日志 * * @return */ public static Logger getLogger() { Logger logger = LoggerFactory.getLogger("wxpay java sdk"); return logger; } /** * debug * * @param msg * @param args */ public static void debug(String msg, Object... args) { Logger log = getLogger(); if (log.isDebugEnabled()) { log.debug(msg, args); } } /** * info * * @param msg * @param args */ public static void info(String msg, Object... args) { Logger log = getLogger(); if (log.isInfoEnabled()) { log.info(msg, args); } } /** * warn * * @param msg * @param args */ public static void warn(String msg, Object... args) { Logger log = getLogger(); if (log.isWarnEnabled()) { log.warn(msg, args); } } /** * error * * @param msg * @param args */ public static void error(String msg, Object... args) { Logger log = getLogger(); if (log.isErrorEnabled()) { log.error(msg, args); } } } applet/src/main/resources/mapping/SecResourcesMapper.xml
File was deleted applet/src/main/resources/mapping/SecRoleMapper.xml
File was deleted applet/src/main/resources/mapping/SecRoleResourceMapper.xml
File was deleted applet/src/main/resources/mapping/SecUserMapper.xml
File was deleted applet/src/main/resources/mapping/SecUserRoleMapper.xml
File was deleted common/src/main/java/com/jilongda/common/config/CorsConfig.java
@@ -2,9 +2,19 @@ import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.http.HttpHeaders; import org.springframework.http.HttpMethod; import org.springframework.http.HttpStatus; import org.springframework.http.server.reactive.ServerHttpRequest; import org.springframework.http.server.reactive.ServerHttpResponse; import org.springframework.web.cors.CorsConfiguration; import org.springframework.web.cors.UrlBasedCorsConfigurationSource; import org.springframework.web.cors.reactive.CorsUtils; import org.springframework.web.filter.CorsFilter; import org.springframework.web.server.ServerWebExchange; import org.springframework.web.server.WebFilter; import org.springframework.web.server.WebFilterChain; import reactor.core.publisher.Mono; import java.util.Collections; @@ -24,6 +34,13 @@ */ @Configuration public class CorsConfig { private static final String ALLOWED_HEADERS = "X-Requested-With, Content-Type, Authorization, credential, X-XSRF-TOKEN, token, username, client, request-origion"; private static final String ALLOWED_METHODS = "GET,POST,PUT,DELETE"; private static final String ALLOWED_ORIGIN = "*"; private static final String ALLOWED_EXPOSE = "*"; private static final String MAX_AGE = "18000L"; private CorsConfiguration buildConfig() { CorsConfiguration corsConfiguration = new CorsConfiguration(); //1.允许任何来源 @@ -34,20 +51,31 @@ corsConfiguration.addAllowedMethod(CorsConfiguration.ALL); //4.允许凭证 corsConfiguration.setAllowCredentials(true); return corsConfiguration; } @Bean public CorsFilter corsFilter() { UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); // 对接口配置跨域设置 // source.registerCorsConfiguration("/v2/api-docs/**", buildConfig()); source.registerCorsConfiguration("/**", buildConfig()); return new CorsFilter(source); public WebFilter corsFilter() { return (ServerWebExchange ctx, WebFilterChain chain) -> { ServerHttpRequest request = ctx.getRequest(); if (CorsUtils.isCorsRequest(request)) { ServerHttpResponse response = ctx.getResponse(); HttpHeaders headers = response.getHeaders(); headers.add("Access-Control-Allow-Headers", ALLOWED_HEADERS); headers.add("Access-Control-Allow-Methods", ALLOWED_METHODS); headers.add("Access-Control-Allow-Origin", ALLOWED_ORIGIN); headers.add("Access-Control-Expose-Headers", ALLOWED_EXPOSE); headers.add("Access-Control-Max-Age", MAX_AGE); headers.add("Access-Control-Allow-Credentials", "false"); if (request.getMethod() == HttpMethod.OPTIONS) { response.setStatusCode(HttpStatus.OK); return Mono.empty(); } } return chain.filter(ctx); }; } } generator/target/maven-archiver/pom.properties
File was deleted generator/target/maven-status/maven-compiler-plugin/compile/default-compile/createdFiles.lst
File was deleted generator/target/maven-status/maven-compiler-plugin/compile/default-compile/inputFiles.lst
File was deleted generator/target/maven-status/maven-compiler-plugin/testCompile/default-testCompile/createdFiles.lst
File was deleted generator/target/maven-status/maven-compiler-plugin/testCompile/default-testCompile/inputFiles.lst
File was deleted logs/app.log
Diff too large manage/src/main/java/com/jilongda/manage/security/SysUserDetailsService.java
@@ -49,10 +49,6 @@ throw new UsernameNotFoundException("该用户不存在"); } if (user.getRoleType()==2){ throw new RuntimeException("该用户暂无权限"); } SecurityUserDetails vo = SpringUtils.beanCopy(user, SecurityUserDetails.class); if (user.getAccount().equals(Constant.ADMIN)) { getAdminPermission(vo); manage/src/main/java/com/jilongda/manage/service/impl/TSupplierServiceImpl.java
@@ -41,10 +41,11 @@ @Override public Boolean isExit(Integer id, String name) { if(Objects.nonNull(id)){ return this.lambdaQuery().ne(TSupplier::getId, id).eq(TSupplier::getName, name).count() > 0; return this.count(Wrappers.lambdaQuery(TSupplier.class) .ne(TSupplier::getId, id).eq(TSupplier::getName, name)) > 0; }else { // 如果是新增,则判断名称是否存在 return count(new LambdaQueryChainWrapper<>(getBaseMapper()).eq(TSupplier::getName, name)) > 0; return count(Wrappers.lambdaQuery(TSupplier.class).eq(TSupplier::getName, name)) > 0; } }
@@ -1,5 +1,5 @@ server: port: 9090 port: 9092 tomcat: max-swallow-size: 500MB # servlet:
