From 698ae84adaf1b8d0e8dd61d7279863fe17c1e81d Mon Sep 17 00:00:00 2001
From: luodangjia <luodangjia>
Date: 星期四, 23 一月 2025 14:20:39 +0800
Subject: [PATCH] 1
---
ruoyi-auth/src/main/java/com/ruoyi/auth/service/SysLoginService.java | 158 ++++++++++++++++++++++++++++++++--------------------
1 files changed, 97 insertions(+), 61 deletions(-)
diff --git a/ruoyi-auth/src/main/java/com/ruoyi/auth/service/SysLoginService.java b/ruoyi-auth/src/main/java/com/ruoyi/auth/service/SysLoginService.java
index 7e4c896..76df49e 100644
--- a/ruoyi-auth/src/main/java/com/ruoyi/auth/service/SysLoginService.java
+++ b/ruoyi-auth/src/main/java/com/ruoyi/auth/service/SysLoginService.java
@@ -19,17 +19,22 @@
import com.ruoyi.company.api.RemoteCompanyUserService;
import com.ruoyi.company.api.domain.Company;
import com.ruoyi.company.api.domain.User;
+import com.ruoyi.company.api.domain.dto.MgtCompanyDTO;
import com.ruoyi.company.api.model.RegisterUser;
import com.ruoyi.system.api.RemoteUserService;
import com.ruoyi.system.api.domain.SysUser;
+import com.ruoyi.system.api.model.AppUser;
import com.ruoyi.system.api.model.LoginUser;
import lombok.RequiredArgsConstructor;
import org.springframework.context.annotation.Lazy;
import org.springframework.stereotype.Component;
import javax.annotation.Resource;
+import java.util.Collection;
import java.util.List;
import java.util.Objects;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
/**
* 登录校验方法
@@ -148,7 +153,7 @@
recordLogService.recordLogininfor(username, Constants.REGISTER, "注册成功");
}
- public void companyRegister(RegisterUser registerUser) {
+ public void companyRegister(MgtCompanyDTO registerUser) {
String accountName = registerUser.getAccountName();
String password = registerUser.getPassword();
// 用户名或密码为空 错误
@@ -159,10 +164,17 @@
if (!"999999".equals(smsCode)) {
String verifyKey = CacheConstants.PHONE_CODE_KEY + StringUtils.nvl(registerUser.getPhone(), "");
String captcha = redisService.getCacheObject(verifyKey);
- if (captcha == null) {
+ if (captcha == null){
+ throw new ServiceException("验证码错误");
+ }
+ String[] split = captcha.split(":");
+ long l = Long.parseLong(split[1]);
+ long l1 = System.currentTimeMillis();
+ // 判断是否大于两分钟
+ if (l1 - l > 2 * 60 * 1000) {
throw new CaptchaException("验证码已失效");
}
- redisService.deleteObject(verifyKey);
+ captcha = split[0];
if (!smsCode.equalsIgnoreCase(captcha)) {
throw new CaptchaException("验证码错误");
}
@@ -175,84 +187,108 @@
public User companyLogin(RegisterUser registerUser) {
+ // 输入验证
+ if (registerUser == null || registerUser.getAccountName() == null || registerUser.getPassword() == null) {
+ throw new ServiceException("无效的输入");
+ }
String accountName = registerUser.getAccountName();
String password = registerUser.getPassword();
-
R<User> userByPhoneR = remoteCompanyUserService.getUserByPhone(accountName, SecurityConstants.INNER);
- if (R.isError(userByPhoneR)) {
- throw new ServiceException(userByPhoneR.getMsg());
- }
+ R<User> userByAccountNameR = remoteCompanyUserService.getUserByAccountName(accountName, SecurityConstants.INNER);
+
+ User user = null;
if (userByPhoneR.getData() != null) {
- if (SecurityUtils.matchesPassword(password, userByPhoneR.getData().getPassword())) {
- return userByPhoneR.getData();
- }
+ user = userByPhoneR.getData();
+ } else if (userByAccountNameR.getData() != null) {
+ user = userByAccountNameR.getData();
}
-
- R<User> r = remoteCompanyUserService.getUserByAccountName(accountName, SecurityConstants.INNER);
- if (R.isError(r)) {
- throw new ServiceException(r.getMsg());
- }
- if (r.getData() == null) {
+ if (user == null) {
throw new ServiceException("账号不存在");
}
- if (!SecurityUtils.matchesPassword(password, r.getData().getPassword())) {
- throw new ServiceException("密码错误");
+
+ if (!SecurityUtils.matchesPassword(password, user.getPassword())) {
+ throw new ServiceException("账号或密码错误");
}
- return r.getData();
+
+ return user;
}
+
public void resetPwd(RegisterUser registerUser) {
+ User user = check(registerUser);
+
+ String verifyKey = CacheConstants.PHONE_CODE_KEY + StringUtils.nvl(registerUser.getPhone(), "");
+ String captcha = redisService.getCacheObject(verifyKey);
+ if (captcha == null) {
+ throw new CaptchaException("验证码错误");
+ }
+ String[] split = captcha.split(":");
+
+
+ long l = Long.parseLong(split[1]);
+ long l1 = System.currentTimeMillis();
+ // 判断是否大于两分钟
+ if (l1 - l > 2 * 60 * 1000) {
+ throw new CaptchaException("验证码已失效");
+ }
+ captcha = split[0];
+ if (!registerUser.getCode().equalsIgnoreCase(captcha)) {
+ throw new CaptchaException("验证码错误");
+ }
+
+ String password = SecurityUtils.encryptPassword(registerUser.getPassword());
+ user.setPassword(password);
+ R<Void> r = remoteCompanyUserService.updateUser(user, SecurityConstants.INNER);
+ if (R.isError(r)) {
+ throw new ServiceException(r.getMsg());
+ }
+ forceLogout(user.getUserId());
+ }
+
+ public void forceLogout(Long userId) {
+ Collection<String> keys = redisService.keys(CacheConstants.LOGIN_TOKEN_KEY + "*");
+ for (String key : keys) {
+ Object user = redisService.getCacheObject(key);
+ if (user instanceof AppUser) {
+ AppUser appUser = (AppUser) user;
+ if (appUser.getUserId().equals(userId)) {
+ redisService.deleteObject(key);
+ }
+ }
+ }
+ }
+
+
+
+ public User check(RegisterUser registerUser) {
String accountName = registerUser.getAccountName();
R<User> userByPhoneR = remoteCompanyUserService.getUserByPhone(accountName, SecurityConstants.INNER);
- if (R.isError(userByPhoneR)) {
- throw new ServiceException(userByPhoneR.getMsg());
- }
- boolean check = false;
- R<User> userR = new R<>();
- if (userByPhoneR.getData() != null) {
- check = check(userByPhoneR.getData(), registerUser.getCompanyName(), registerUser.getIdCardNumber());
- }
- if (!check){
- userR = remoteCompanyUserService.getUserByAccountName(accountName, SecurityConstants.INNER);
- if (R.isError(userR)) {
- throw new ServiceException(userR.getMsg());
- }
- if (userR.getData() == null) {
- throw new ServiceException("账号不存在");
- }
- check = check(userR.getData(), registerUser.getCompanyName(), registerUser.getIdCardNumber());
- }
+ R<User> userByAccountNameR= remoteCompanyUserService.getUserByAccountName(accountName, SecurityConstants.INNER);
- if (!check) {
+ User user;
+ if (userByPhoneR.getData() != null) {
+ user = userByPhoneR.getData();
+ } else if (userByAccountNameR.getData() != null) {
+ user = userByAccountNameR.getData();
+ }else {
throw new ServiceException("账号不存在");
}
- String password = SecurityUtils.encryptPassword(registerUser.getPassword());
- User user = userR.getData();
- user.setPassword(password);
- R<Void> r = remoteCompanyUserService.updateUser(user);
- if (R.isError(r)) {
- throw new ServiceException(userR.getMsg());
+
+ R<List<Company>> companyListR = remoteCompanyService.getCompanyByUserId(user.getUserId(), SecurityConstants.INNER);
+ List<Company> companyList = companyListR.getData();
+ long count = companyList.stream().filter(company -> company.getCompanyName()
+ .equals(registerUser.getCompanyName()) &&
+ company.getIdCardNumber().equals(registerUser.getIdCardNumber())).count();
+ if (count == 0) {
+ return null;
}
+
+ return user;
}
- public boolean check(User user, String companyName, String idCardNumber) {
- Long userId = user.getUserId();
- R<List<Company>> companyR = remoteCompanyService.getCompanyByUserId(userId, SecurityConstants.INNER);
- if (R.isError(companyR)) {
- throw new ServiceException(companyR.getMsg());
- }
- List<Company> companyList = companyR.getData();
- if (companyList != null) {
- long count = companyList.stream()
- .filter(company -> company.getCompanyName().equals(companyName) &&
- company.getIdCardNumber().equals(idCardNumber))
- .count();
- return count > 0;
- }
- return false;
- }
+
/**
* 管理端-修改密码
@@ -264,7 +300,7 @@
if (Objects.isNull(sysUser)){
throw new ServiceException("用户不存在");
}
- if (!SecurityUtils.matchesPassword(SecurityUtils.encryptPassword(dto.getOldPassword()), sysUser.getPassword())){
+ if (!SecurityUtils.matchesPassword(dto.getOldPassword(), sysUser.getPassword())){
throw new ServiceException("原密码错误");
}
sysUser.setPassword(SecurityUtils.encryptPassword(dto.getNewPassword()));
--
Gitblit v1.7.1