From 604d00f67ddcf25a9d079ceddd1c668b2a4e5288 Mon Sep 17 00:00:00 2001
From: mitao <2763622819@qq.com>
Date: 星期五, 19 四月 2024 15:08:22 +0800
Subject: [PATCH] bug修复
---
ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java | 191 +++++++++++++++++++++++------------------------
1 files changed, 94 insertions(+), 97 deletions(-)
diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java
index 306fd18..58e6d88 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java
@@ -8,7 +8,11 @@
import com.ruoyi.common.core.redis.RedisCache;
import com.ruoyi.common.enums.UserStatus;
import com.ruoyi.common.exception.ServiceException;
-import com.ruoyi.common.exception.user.*;
+import com.ruoyi.common.exception.user.BlackListException;
+import com.ruoyi.common.exception.user.CaptchaException;
+import com.ruoyi.common.exception.user.CaptchaExpireException;
+import com.ruoyi.common.exception.user.UserNotExistsException;
+import com.ruoyi.common.exception.user.UserPasswordNotMatchException;
import com.ruoyi.common.utils.DateUtils;
import com.ruoyi.common.utils.MessageUtils;
import com.ruoyi.common.utils.StringUtils;
@@ -19,6 +23,7 @@
import com.ruoyi.system.service.ISysConfigService;
import com.ruoyi.system.service.ISysUserService;
import com.ruoyi.system.service.TbDeptService;
+import javax.annotation.Resource;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationManager;
@@ -27,17 +32,15 @@
import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Component;
-import javax.annotation.Resource;
-
/**
* 登录校验方法
- *
+ *
* @author ruoyi
*/
@Slf4j
@Component
-public class SysLoginService
-{
+public class SysLoginService {
+
@Autowired
private TokenService tokenService;
@@ -46,7 +49,7 @@
@Autowired
private RedisCache redisCache;
-
+
@Autowired
private ISysUserService userService;
@@ -59,24 +62,23 @@
/**
* 登录验证
- *
+ *
* @param username 用户名
* @param password 密码
- * @param code 验证码
- * @param uuid 唯一标识
+ * @param code 验证码
+ * @param uuid 唯一标识
* @return 结果
*/
- public LoginUser login(String username, String password, String code, String uuid)
- {
+ public LoginUser login(String username, String password, String code, String uuid) {
// 验证码校验
- validateCaptcha(username, code, uuid);
+// validateCaptcha(username, code, uuid);
// 登录前置校验
loginPreCheck(username, password);
// 用户验证
Authentication authentication = null;
// 用户验证
SysUser user = userService.selectPlatUserByUserName(username);
- if (StringUtils.isNull(user)){
+ if (StringUtils.isNull(user)) {
log.info("登录用户:{} 不存在.", username);
throw new ServiceException(MessageUtils.message("user.not.exists"));
} else if (UserStatus.DELETED.getCode().equals(user.getDelFlag())) {
@@ -86,31 +88,29 @@
log.info("登录用户:{} 已被停用.", username);
throw new ServiceException(MessageUtils.message("user.blocked"));
}
- try
- {
- UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username, password);
+ try {
+ UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(
+ username, password);
AuthenticationContextHolder.setContext(authenticationToken);
// 该方法会去调用UserDetailsServiceImpl.loadUserByUsername
authentication = authenticationManager.authenticate(authenticationToken);
- }
- catch (Exception e)
- {
- if (e instanceof BadCredentialsException)
- {
- AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.password.not.match")));
+ } catch (Exception e) {
+ if (e instanceof BadCredentialsException) {
+ AsyncManager.me().execute(
+ AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL,
+ MessageUtils.message("user.password.not.match")));
throw new UserPasswordNotMatchException();
- }
- else
- {
- AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, e.getMessage()));
+ } else {
+ AsyncManager.me().execute(
+ AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL,
+ e.getMessage()));
throw new ServiceException(e.getMessage());
}
- }
- finally
- {
+ } finally {
AuthenticationContextHolder.clearContext();
}
- AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success")));
+ AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_SUCCESS,
+ MessageUtils.message("user.login.success")));
LoginUser loginUser = (LoginUser) authentication.getPrincipal();
recordLoginInfo(loginUser.getUserId());
// 生成token
@@ -121,21 +121,20 @@
* 登录验证
*
* @param username 用户名
- * @param code 验证码
+ * @param code 验证码
* @return 结果
*/
- public LoginUser loginCode(String username,String code)
- {
-
+ public LoginUser loginCode(String username, String code) {
// 登录前置校验
- if (StringUtils.isEmpty(username)){
- AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("not.null")));
+ if (StringUtils.isEmpty(username)) {
+ AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL,
+ MessageUtils.message("not.null")));
throw new UserNotExistsException();
}
// 用户验证
SysUser user = userService.selectUserByUserName(username);
- if (StringUtils.isNull(user)){
+ if (StringUtils.isNull(user)) {
log.info("登录用户:{} 不存在.", username);
throw new ServiceException(MessageUtils.message("user.not.exists"));
} else if (UserStatus.DELETED.getCode().equals(user.getDelFlag())) {
@@ -145,18 +144,20 @@
log.info("登录用户:{} 已被停用.", username);
throw new ServiceException(MessageUtils.message("user.blocked"));
}
- if(user.isAdmin()){
+ if (user.isAdmin()) {
log.info("登录用户:{} 不可用短信验证码登录.", username);
throw new ServiceException("不可用短信验证码登录");
}
// 校验验证码
Object cacheObject = redisCache.getCacheObject(user.getPhoneNumber());
- if(!code.equals(String.valueOf(cacheObject))){
- log.info("登录用户:{} 短信验证码错误{}", username,code);
+ if (!code.equals(String.valueOf(cacheObject))) {
+ log.info("登录用户:{} 短信验证码错误{}", username, code);
throw new ServiceException("短信验证码错误");
}
- AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success")));
- LoginUser loginUser = new LoginUser(user.getUserId(), user.getDeptId(), user, permissionService.getMenuPermission(user));
+ AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_SUCCESS,
+ MessageUtils.message("user.login.success")));
+ LoginUser loginUser = new LoginUser(user.getUserId(), user.getDeptId(), user,
+ permissionService.getMenuPermission(user));
recordLoginInfo(loginUser.getUserId());
// 生成token
return loginUser;
@@ -165,80 +166,77 @@
/**
* 登录验证
*
- * @param username 用户名
- * @param password 密码
- * @param uuid uuid
-
+ * @param username 用户名
+ * @param password 密码
+ * @param uuid uuid
* @return 结果
*/
- public LoginUser loginPwd(String username, String password, String code, String uuid)
- {
+ public LoginUser loginPwd(String username, String password, String code, String uuid) {
// 验证码校验
- validateCaptcha(username, code, uuid);
+// validateCaptcha(username, code, uuid);
// 登录前置校验
loginPreCheck(username, password);
// 用户验证
Authentication authentication = null;
// 用户验证
SysUser user = userService.selectDeptUserByUserName(username);
- if (StringUtils.isNull(user)){
+ if (StringUtils.isNull(user)) {
log.info("登录用户:{} 不存在.", username);
throw new ServiceException(MessageUtils.message("user.not.exists"));
}
- try
- {
- UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username, password);
+ try {
+ UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(
+ username, password);
AuthenticationContextHolder.setContext(authenticationToken);
// 该方法会去调用UserDetailsServiceImpl.loadUserByUsername
authentication = authenticationManager.authenticate(authenticationToken);
- }
- catch (Exception e)
- {
- if (e instanceof BadCredentialsException)
- {
- AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.password.not.match")));
+ } catch (Exception e) {
+ if (e instanceof BadCredentialsException) {
+ AsyncManager.me().execute(
+ AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL,
+ MessageUtils.message("user.password.not.match")));
throw new UserPasswordNotMatchException();
- }
- else
- {
- AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, e.getMessage()));
+ } else {
+ AsyncManager.me().execute(
+ AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL,
+ e.getMessage()));
throw new ServiceException(e.getMessage());
}
- }
- finally
- {
+ } finally {
AuthenticationContextHolder.clearContext();
}
- AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success")));
+ AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_SUCCESS,
+ MessageUtils.message("user.login.success")));
LoginUser loginUser = (LoginUser) authentication.getPrincipal();
recordLoginInfo(loginUser.getUserId());
// 生成token
return loginUser;
}
+
/**
* 校验验证码
- *
+ *
* @param username 用户名
- * @param code 验证码
- * @param uuid 唯一标识
+ * @param code 验证码
+ * @param uuid 唯一标识
* @return 结果
*/
- public void validateCaptcha(String username, String code, String uuid)
- {
+ public void validateCaptcha(String username, String code, String uuid) {
boolean captchaEnabled = configService.selectCaptchaEnabled();
- if (captchaEnabled)
- {
+ if (captchaEnabled) {
String verifyKey = CacheConstants.CAPTCHA_CODE_KEY + StringUtils.nvl(uuid, "");
String captcha = redisCache.getCacheObject(verifyKey);
redisCache.deleteObject(verifyKey);
- if (captcha == null)
- {
- AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.expire")));
+ if (captcha == null) {
+ AsyncManager.me().execute(
+ AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL,
+ MessageUtils.message("user.jcaptcha.expire")));
throw new CaptchaExpireException();
}
- if (!code.equalsIgnoreCase(captcha))
- {
- AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.error")));
+ if (!code.equalsIgnoreCase(captcha)) {
+ AsyncManager.me().execute(
+ AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL,
+ MessageUtils.message("user.jcaptcha.error")));
throw new CaptchaException();
}
}
@@ -246,36 +244,36 @@
/**
* 登录前置校验
+ *
* @param username 用户名
* @param password 用户密码
*/
- public void loginPreCheck(String username, String password)
- {
+ public void loginPreCheck(String username, String password) {
// 用户名或密码为空 错误
- if (StringUtils.isEmpty(username) || StringUtils.isEmpty(password))
- {
- AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("not.null")));
+ if (StringUtils.isEmpty(username) || StringUtils.isEmpty(password)) {
+ AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL,
+ MessageUtils.message("not.null")));
throw new UserNotExistsException();
}
// 密码如果不在指定范围内 错误
if (password.length() < UserConstants.PASSWORD_MIN_LENGTH
- || password.length() > UserConstants.PASSWORD_MAX_LENGTH)
- {
- AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.password.not.match")));
+ || password.length() > UserConstants.PASSWORD_MAX_LENGTH) {
+ AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL,
+ MessageUtils.message("user.password.not.match")));
throw new UserPasswordNotMatchException();
}
// 用户名不在指定范围内 错误
if (username.length() < UserConstants.USERNAME_MIN_LENGTH
- || username.length() > UserConstants.USERNAME_MAX_LENGTH)
- {
- AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.password.not.match")));
+ || username.length() > UserConstants.USERNAME_MAX_LENGTH) {
+ AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL,
+ MessageUtils.message("user.password.not.match")));
throw new UserPasswordNotMatchException();
}
// IP黑名单校验
String blackStr = configService.selectConfigByKey("sys.login.blackIPList");
- if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr()))
- {
- AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("login.blocked")));
+ if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr())) {
+ AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL,
+ MessageUtils.message("login.blocked")));
throw new BlackListException();
}
}
@@ -285,8 +283,7 @@
*
* @param userId 用户ID
*/
- public void recordLoginInfo(Long userId)
- {
+ public void recordLoginInfo(Long userId) {
SysUser sysUser = new SysUser();
sysUser.setUserId(userId);
sysUser.setLoginIp(IpUtils.getIpAddr());
--
Gitblit v1.7.1