From 604d00f67ddcf25a9d079ceddd1c668b2a4e5288 Mon Sep 17 00:00:00 2001
From: mitao <2763622819@qq.com>
Date: 星期五, 19 四月 2024 15:08:22 +0800
Subject: [PATCH] bug修复
---
ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java | 205 +++++++++++++++++++++++++--------------------------
1 files changed, 101 insertions(+), 104 deletions(-)
diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java
index 88fbc3b..58e6d88 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java
@@ -1,6 +1,5 @@
package com.ruoyi.framework.web.service;
-import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.ruoyi.common.constant.CacheConstants;
import com.ruoyi.common.constant.Constants;
import com.ruoyi.common.constant.UserConstants;
@@ -9,7 +8,11 @@
import com.ruoyi.common.core.redis.RedisCache;
import com.ruoyi.common.enums.UserStatus;
import com.ruoyi.common.exception.ServiceException;
-import com.ruoyi.common.exception.user.*;
+import com.ruoyi.common.exception.user.BlackListException;
+import com.ruoyi.common.exception.user.CaptchaException;
+import com.ruoyi.common.exception.user.CaptchaExpireException;
+import com.ruoyi.common.exception.user.UserNotExistsException;
+import com.ruoyi.common.exception.user.UserPasswordNotMatchException;
import com.ruoyi.common.utils.DateUtils;
import com.ruoyi.common.utils.MessageUtils;
import com.ruoyi.common.utils.StringUtils;
@@ -17,10 +20,10 @@
import com.ruoyi.framework.manager.AsyncManager;
import com.ruoyi.framework.manager.factory.AsyncFactory;
import com.ruoyi.framework.security.context.AuthenticationContextHolder;
-import com.ruoyi.system.domain.TbDept;
import com.ruoyi.system.service.ISysConfigService;
import com.ruoyi.system.service.ISysUserService;
import com.ruoyi.system.service.TbDeptService;
+import javax.annotation.Resource;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationManager;
@@ -29,17 +32,15 @@
import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Component;
-import javax.annotation.Resource;
-
/**
* 登录校验方法
- *
+ *
* @author ruoyi
*/
@Slf4j
@Component
-public class SysLoginService
-{
+public class SysLoginService {
+
@Autowired
private TokenService tokenService;
@@ -48,7 +49,7 @@
@Autowired
private RedisCache redisCache;
-
+
@Autowired
private ISysUserService userService;
@@ -61,24 +62,23 @@
/**
* 登录验证
- *
+ *
* @param username 用户名
* @param password 密码
- * @param code 验证码
- * @param uuid 唯一标识
+ * @param code 验证码
+ * @param uuid 唯一标识
* @return 结果
*/
- public LoginUser login(String username, String password, String code, String uuid)
- {
+ public LoginUser login(String username, String password, String code, String uuid) {
// 验证码校验
- validateCaptcha(username, code, uuid);
+// validateCaptcha(username, code, uuid);
// 登录前置校验
loginPreCheck(username, password);
// 用户验证
Authentication authentication = null;
// 用户验证
- SysUser user = userService.selectUserByUserName(username);
- if (StringUtils.isNull(user)){
+ SysUser user = userService.selectPlatUserByUserName(username);
+ if (StringUtils.isNull(user)) {
log.info("登录用户:{} 不存在.", username);
throw new ServiceException(MessageUtils.message("user.not.exists"));
} else if (UserStatus.DELETED.getCode().equals(user.getDelFlag())) {
@@ -88,31 +88,29 @@
log.info("登录用户:{} 已被停用.", username);
throw new ServiceException(MessageUtils.message("user.blocked"));
}
- try
- {
- UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username, password);
+ try {
+ UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(
+ username, password);
AuthenticationContextHolder.setContext(authenticationToken);
// 该方法会去调用UserDetailsServiceImpl.loadUserByUsername
authentication = authenticationManager.authenticate(authenticationToken);
- }
- catch (Exception e)
- {
- if (e instanceof BadCredentialsException)
- {
- AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.password.not.match")));
+ } catch (Exception e) {
+ if (e instanceof BadCredentialsException) {
+ AsyncManager.me().execute(
+ AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL,
+ MessageUtils.message("user.password.not.match")));
throw new UserPasswordNotMatchException();
- }
- else
- {
- AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, e.getMessage()));
+ } else {
+ AsyncManager.me().execute(
+ AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL,
+ e.getMessage()));
throw new ServiceException(e.getMessage());
}
- }
- finally
- {
+ } finally {
AuthenticationContextHolder.clearContext();
}
- AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success")));
+ AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_SUCCESS,
+ MessageUtils.message("user.login.success")));
LoginUser loginUser = (LoginUser) authentication.getPrincipal();
recordLoginInfo(loginUser.getUserId());
// 生成token
@@ -123,21 +121,20 @@
* 登录验证
*
* @param username 用户名
- * @param code 验证码
+ * @param code 验证码
* @return 结果
*/
- public LoginUser loginCode(String username,String code)
- {
-
+ public LoginUser loginCode(String username, String code) {
// 登录前置校验
- if (StringUtils.isEmpty(username)){
- AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("not.null")));
+ if (StringUtils.isEmpty(username)) {
+ AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL,
+ MessageUtils.message("not.null")));
throw new UserNotExistsException();
}
// 用户验证
SysUser user = userService.selectUserByUserName(username);
- if (StringUtils.isNull(user)){
+ if (StringUtils.isNull(user)) {
log.info("登录用户:{} 不存在.", username);
throw new ServiceException(MessageUtils.message("user.not.exists"));
} else if (UserStatus.DELETED.getCode().equals(user.getDelFlag())) {
@@ -147,18 +144,20 @@
log.info("登录用户:{} 已被停用.", username);
throw new ServiceException(MessageUtils.message("user.blocked"));
}
- if(user.isAdmin()){
+ if (user.isAdmin()) {
log.info("登录用户:{} 不可用短信验证码登录.", username);
throw new ServiceException("不可用短信验证码登录");
}
// 校验验证码
- Object cacheObject = redisCache.getCacheObject(user.getPhonenumber());
- if(!code.equals(String.valueOf(cacheObject))){
- log.info("登录用户:{} 短信验证码错误{}", username,code);
+ Object cacheObject = redisCache.getCacheObject(user.getPhoneNumber());
+ if (!code.equals(String.valueOf(cacheObject))) {
+ log.info("登录用户:{} 短信验证码错误{}", username, code);
throw new ServiceException("短信验证码错误");
}
- AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success")));
- LoginUser loginUser = new LoginUser(user.getUserId(), user.getDeptId(), user, permissionService.getMenuPermission(user));
+ AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_SUCCESS,
+ MessageUtils.message("user.login.success")));
+ LoginUser loginUser = new LoginUser(user.getUserId(), user.getDeptId(), user,
+ permissionService.getMenuPermission(user));
recordLoginInfo(loginUser.getUserId());
// 生成token
return loginUser;
@@ -167,80 +166,77 @@
/**
* 登录验证
*
- * @param account 用户名
- * @param password 密码
- * @param uuid uuid
- * @param loginBodyUuid
+ * @param username 用户名
+ * @param password 密码
+ * @param uuid uuid
* @return 结果
*/
- public LoginUser loginPwd(String account, String password, String code, String uuid)
- {
+ public LoginUser loginPwd(String username, String password, String code, String uuid) {
// 验证码校验
- validateCaptcha(account, code, uuid);
+// validateCaptcha(username, code, uuid);
// 登录前置校验
- loginPreCheck(account, password);
+ loginPreCheck(username, password);
// 用户验证
Authentication authentication = null;
// 用户验证
- TbDept dept = tbDeptService.getOne(Wrappers.<TbDept>lambdaQuery().eq(TbDept::getAccount, account));
- if (StringUtils.isNull(dept)){
- log.info("登录用户:{} 不存在.", account);
+ SysUser user = userService.selectDeptUserByUserName(username);
+ if (StringUtils.isNull(user)) {
+ log.info("登录用户:{} 不存在.", username);
throw new ServiceException(MessageUtils.message("user.not.exists"));
}
- try
- {
- UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(account, password);
+ try {
+ UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(
+ username, password);
AuthenticationContextHolder.setContext(authenticationToken);
// 该方法会去调用UserDetailsServiceImpl.loadUserByUsername
authentication = authenticationManager.authenticate(authenticationToken);
- }
- catch (Exception e)
- {
- if (e instanceof BadCredentialsException)
- {
- AsyncManager.me().execute(AsyncFactory.recordLogininfor(account, Constants.LOGIN_FAIL, MessageUtils.message("user.password.not.match")));
+ } catch (Exception e) {
+ if (e instanceof BadCredentialsException) {
+ AsyncManager.me().execute(
+ AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL,
+ MessageUtils.message("user.password.not.match")));
throw new UserPasswordNotMatchException();
- }
- else
- {
- AsyncManager.me().execute(AsyncFactory.recordLogininfor(account, Constants.LOGIN_FAIL, e.getMessage()));
+ } else {
+ AsyncManager.me().execute(
+ AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL,
+ e.getMessage()));
throw new ServiceException(e.getMessage());
}
- }
- finally
- {
+ } finally {
AuthenticationContextHolder.clearContext();
}
- AsyncManager.me().execute(AsyncFactory.recordLogininfor(account, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success")));
+ AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_SUCCESS,
+ MessageUtils.message("user.login.success")));
LoginUser loginUser = (LoginUser) authentication.getPrincipal();
recordLoginInfo(loginUser.getUserId());
// 生成token
return loginUser;
}
+
/**
* 校验验证码
- *
+ *
* @param username 用户名
- * @param code 验证码
- * @param uuid 唯一标识
+ * @param code 验证码
+ * @param uuid 唯一标识
* @return 结果
*/
- public void validateCaptcha(String username, String code, String uuid)
- {
+ public void validateCaptcha(String username, String code, String uuid) {
boolean captchaEnabled = configService.selectCaptchaEnabled();
- if (captchaEnabled)
- {
+ if (captchaEnabled) {
String verifyKey = CacheConstants.CAPTCHA_CODE_KEY + StringUtils.nvl(uuid, "");
String captcha = redisCache.getCacheObject(verifyKey);
redisCache.deleteObject(verifyKey);
- if (captcha == null)
- {
- AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.expire")));
+ if (captcha == null) {
+ AsyncManager.me().execute(
+ AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL,
+ MessageUtils.message("user.jcaptcha.expire")));
throw new CaptchaExpireException();
}
- if (!code.equalsIgnoreCase(captcha))
- {
- AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.error")));
+ if (!code.equalsIgnoreCase(captcha)) {
+ AsyncManager.me().execute(
+ AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL,
+ MessageUtils.message("user.jcaptcha.error")));
throw new CaptchaException();
}
}
@@ -248,36 +244,36 @@
/**
* 登录前置校验
+ *
* @param username 用户名
* @param password 用户密码
*/
- public void loginPreCheck(String username, String password)
- {
+ public void loginPreCheck(String username, String password) {
// 用户名或密码为空 错误
- if (StringUtils.isEmpty(username) || StringUtils.isEmpty(password))
- {
- AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("not.null")));
+ if (StringUtils.isEmpty(username) || StringUtils.isEmpty(password)) {
+ AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL,
+ MessageUtils.message("not.null")));
throw new UserNotExistsException();
}
// 密码如果不在指定范围内 错误
if (password.length() < UserConstants.PASSWORD_MIN_LENGTH
- || password.length() > UserConstants.PASSWORD_MAX_LENGTH)
- {
- AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.password.not.match")));
+ || password.length() > UserConstants.PASSWORD_MAX_LENGTH) {
+ AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL,
+ MessageUtils.message("user.password.not.match")));
throw new UserPasswordNotMatchException();
}
// 用户名不在指定范围内 错误
if (username.length() < UserConstants.USERNAME_MIN_LENGTH
- || username.length() > UserConstants.USERNAME_MAX_LENGTH)
- {
- AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.password.not.match")));
+ || username.length() > UserConstants.USERNAME_MAX_LENGTH) {
+ AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL,
+ MessageUtils.message("user.password.not.match")));
throw new UserPasswordNotMatchException();
}
// IP黑名单校验
String blackStr = configService.selectConfigByKey("sys.login.blackIPList");
- if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr()))
- {
- AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("login.blocked")));
+ if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr())) {
+ AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL,
+ MessageUtils.message("login.blocked")));
throw new BlackListException();
}
}
@@ -287,12 +283,13 @@
*
* @param userId 用户ID
*/
- public void recordLoginInfo(Long userId)
- {
+ public void recordLoginInfo(Long userId) {
SysUser sysUser = new SysUser();
sysUser.setUserId(userId);
sysUser.setLoginIp(IpUtils.getIpAddr());
sysUser.setLoginDate(DateUtils.getNowDate());
userService.updateUserProfile(sysUser);
}
+
+
}
--
Gitblit v1.7.1