From 698ae84adaf1b8d0e8dd61d7279863fe17c1e81d Mon Sep 17 00:00:00 2001
From: luodangjia <luodangjia>
Date: 星期四, 23 一月 2025 14:20:39 +0800
Subject: [PATCH] 1
---
ruoyi-auth/src/main/java/com/ruoyi/auth/service/SysLoginService.java | 226 +++++++++++++++++++++++++++++++++++++++-----------------
1 files changed, 156 insertions(+), 70 deletions(-)
diff --git a/ruoyi-auth/src/main/java/com/ruoyi/auth/service/SysLoginService.java b/ruoyi-auth/src/main/java/com/ruoyi/auth/service/SysLoginService.java
index 2d6ab96..76df49e 100644
--- a/ruoyi-auth/src/main/java/com/ruoyi/auth/service/SysLoginService.java
+++ b/ruoyi-auth/src/main/java/com/ruoyi/auth/service/SysLoginService.java
@@ -1,20 +1,13 @@
package com.ruoyi.auth.service;
-import com.ruoyi.common.core.exception.CaptchaException;
-import com.ruoyi.common.security.annotation.RequiresPermissions;
-import com.ruoyi.company.api.RemoteCompanyUserService;
-import com.ruoyi.company.api.domain.User;
-import com.ruoyi.company.api.model.RegisterUser;
-import lombok.RequiredArgsConstructor;
-import org.jacoco.agent.rt.internal_43f5073.core.internal.flow.IFrame;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Component;
+import com.ruoyi.auth.form.MgtPasswordDTO;
import com.ruoyi.common.core.constant.CacheConstants;
import com.ruoyi.common.core.constant.Constants;
import com.ruoyi.common.core.constant.SecurityConstants;
import com.ruoyi.common.core.constant.UserConstants;
import com.ruoyi.common.core.domain.R;
import com.ruoyi.common.core.enums.UserStatus;
+import com.ruoyi.common.core.exception.CaptchaException;
import com.ruoyi.common.core.exception.ServiceException;
import com.ruoyi.common.core.text.Convert;
import com.ruoyi.common.core.utils.DateUtils;
@@ -22,26 +15,41 @@
import com.ruoyi.common.core.utils.ip.IpUtils;
import com.ruoyi.common.redis.service.RedisService;
import com.ruoyi.common.security.utils.SecurityUtils;
+import com.ruoyi.company.api.RemoteCompanyService;
+import com.ruoyi.company.api.RemoteCompanyUserService;
+import com.ruoyi.company.api.domain.Company;
+import com.ruoyi.company.api.domain.User;
+import com.ruoyi.company.api.domain.dto.MgtCompanyDTO;
+import com.ruoyi.company.api.model.RegisterUser;
import com.ruoyi.system.api.RemoteUserService;
import com.ruoyi.system.api.domain.SysUser;
+import com.ruoyi.system.api.model.AppUser;
import com.ruoyi.system.api.model.LoginUser;
+import lombok.RequiredArgsConstructor;
+import org.springframework.context.annotation.Lazy;
+import org.springframework.stereotype.Component;
import javax.annotation.Resource;
-import java.time.LocalDateTime;
+import java.util.Collection;
+import java.util.List;
+import java.util.Objects;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
/**
* 登录校验方法
- *
+ *
* @author ruoyi
*/
@Component
-@RequiredArgsConstructor
-public class SysLoginService
-{
+@RequiredArgsConstructor(onConstructor_ = {@Lazy})
+public class SysLoginService {
@Resource
private RemoteUserService remoteUserService;
@Resource
private RemoteCompanyUserService remoteCompanyUserService;
+ @Resource
+ private RemoteCompanyService remoteCompanyService;
private final SysPasswordService passwordService;
private final SysRecordLogService recordLogService;
private final RedisService redisService;
@@ -49,52 +57,44 @@
/**
* 登录
*/
- public LoginUser login(String username, String password)
- {
+ public LoginUser login(String username, String password) {
// 用户名或密码为空 错误
- if (StringUtils.isAnyBlank(username, password))
- {
+ if (StringUtils.isAnyBlank(username, password)) {
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户/密码必须填写");
throw new ServiceException("用户/密码必须填写");
}
// 密码如果不在指定范围内 错误
if (password.length() < UserConstants.PASSWORD_MIN_LENGTH
- || password.length() > UserConstants.PASSWORD_MAX_LENGTH)
- {
+ || password.length() > UserConstants.PASSWORD_MAX_LENGTH) {
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户密码不在指定范围");
throw new ServiceException("用户密码不在指定范围");
}
// 用户名不在指定范围内 错误
if (username.length() < UserConstants.USERNAME_MIN_LENGTH
- || username.length() > UserConstants.USERNAME_MAX_LENGTH)
- {
+ || username.length() > UserConstants.USERNAME_MAX_LENGTH) {
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户名不在指定范围");
throw new ServiceException("用户名不在指定范围");
}
// IP黑名单校验
String blackStr = Convert.toStr(redisService.getCacheObject(CacheConstants.SYS_LOGIN_BLACKIPLIST));
- if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr()))
- {
+ if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr())) {
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "很遗憾,访问IP已被列入系统黑名单");
throw new ServiceException("很遗憾,访问IP已被列入系统黑名单");
}
// 查询用户信息
R<LoginUser> userResult = remoteUserService.getUserInfo(username, SecurityConstants.INNER);
- if (R.FAIL == userResult.getCode())
- {
+ if (R.FAIL == userResult.getCode()) {
throw new ServiceException(userResult.getMsg());
}
LoginUser userInfo = userResult.getData();
SysUser user = userResult.getData().getSysUser();
- if (UserStatus.DELETED.getCode().equals(user.getDelFlag()))
- {
+ if (UserStatus.DELETED.getCode().equals(user.getDelFlag())) {
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "对不起,您的账号已被删除");
throw new ServiceException("对不起,您的账号:" + username + " 已被删除");
}
- if (UserStatus.DISABLE.getCode().equals(user.getStatus()))
- {
+ if (UserStatus.DISABLE.getCode().equals(user.getStatus())) {
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户已停用,请联系管理员");
throw new ServiceException("对不起,您的账号:" + username + " 已停用");
}
@@ -109,8 +109,7 @@
*
* @param userId 用户ID
*/
- public void recordLoginInfo(Long userId)
- {
+ public void recordLoginInfo(Long userId) {
SysUser sysUser = new SysUser();
sysUser.setUserId(userId);
// 更新用户登录IP
@@ -120,29 +119,24 @@
remoteUserService.recordUserLogin(sysUser, SecurityConstants.INNER);
}
- public void logout(String loginName)
- {
+ public void logout(String loginName) {
recordLogService.recordLogininfor(loginName, Constants.LOGOUT, "退出成功");
}
/**
* 注册
*/
- public void register(String username, String password)
- {
+ public void register(String username, String password) {
// 用户名或密码为空 错误
- if (StringUtils.isAnyBlank(username, password))
- {
+ if (StringUtils.isAnyBlank(username, password)) {
throw new ServiceException("用户/密码必须填写");
}
if (username.length() < UserConstants.USERNAME_MIN_LENGTH
- || username.length() > UserConstants.USERNAME_MAX_LENGTH)
- {
+ || username.length() > UserConstants.USERNAME_MAX_LENGTH) {
throw new ServiceException("账户长度必须在2到20个字符之间");
}
if (password.length() < UserConstants.PASSWORD_MIN_LENGTH
- || password.length() > UserConstants.PASSWORD_MAX_LENGTH)
- {
+ || password.length() > UserConstants.PASSWORD_MAX_LENGTH) {
throw new ServiceException("密码长度必须在5到20个字符之间");
}
@@ -153,71 +147,163 @@
sysUser.setPassword(SecurityUtils.encryptPassword(password));
R<?> registerResult = remoteUserService.registerUserInfo(sysUser, SecurityConstants.INNER);
- if (R.FAIL == registerResult.getCode())
- {
+ if (R.FAIL == registerResult.getCode()) {
throw new ServiceException(registerResult.getMsg());
}
recordLogService.recordLogininfor(username, Constants.REGISTER, "注册成功");
}
- public void companyRegister(RegisterUser registerUser)
- {
+ public void companyRegister(MgtCompanyDTO registerUser) {
String accountName = registerUser.getAccountName();
String password = registerUser.getPassword();
// 用户名或密码为空 错误
- if (StringUtils.isAnyBlank(accountName, password))
- {
+ if (StringUtils.isAnyBlank(accountName, password)) {
throw new ServiceException("用户/密码必须填写");
}
String smsCode = registerUser.getSmsCode();
- if (!"999999".equals(smsCode)){
+ if (!"999999".equals(smsCode)) {
String verifyKey = CacheConstants.PHONE_CODE_KEY + StringUtils.nvl(registerUser.getPhone(), "");
String captcha = redisService.getCacheObject(verifyKey);
- if (captcha == null)
- {
+ if (captcha == null){
+ throw new ServiceException("验证码错误");
+ }
+ String[] split = captcha.split(":");
+ long l = Long.parseLong(split[1]);
+ long l1 = System.currentTimeMillis();
+ // 判断是否大于两分钟
+ if (l1 - l > 2 * 60 * 1000) {
throw new CaptchaException("验证码已失效");
}
- redisService.deleteObject(verifyKey);
- if (!smsCode.equalsIgnoreCase(captcha))
- {
+ captcha = split[0];
+ if (!smsCode.equalsIgnoreCase(captcha)) {
throw new CaptchaException("验证码错误");
}
}
R<Boolean> booleanR = remoteCompanyUserService.registerUser(registerUser, SecurityConstants.INNER);
- if (R.isError(booleanR)){
- throw new ServiceException("注册失败");
+ if (R.isError(booleanR)) {
+ throw new ServiceException(booleanR.getMsg());
}
}
- public User companyLogin(RegisterUser registerUser)
- {
+ public User companyLogin(RegisterUser registerUser) {
+ // 输入验证
+ if (registerUser == null || registerUser.getAccountName() == null || registerUser.getPassword() == null) {
+ throw new ServiceException("无效的输入");
+ }
String accountName = registerUser.getAccountName();
String password = registerUser.getPassword();
-
R<User> userByPhoneR = remoteCompanyUserService.getUserByPhone(accountName, SecurityConstants.INNER);
- if (R.isError(userByPhoneR)){
- throw new ServiceException(userByPhoneR.getMsg());
+ R<User> userByAccountNameR = remoteCompanyUserService.getUserByAccountName(accountName, SecurityConstants.INNER);
+
+ User user = null;
+ if (userByPhoneR.getData() != null) {
+ user = userByPhoneR.getData();
+ } else if (userByAccountNameR.getData() != null) {
+ user = userByAccountNameR.getData();
}
- if (userByPhoneR.getData() == null){
+
+ if (user == null) {
throw new ServiceException("账号不存在");
}
- if (SecurityUtils.matchesPassword(password, userByPhoneR.getData().getPassword())){
- return userByPhoneR.getData();
+ if (!SecurityUtils.matchesPassword(password, user.getPassword())) {
+ throw new ServiceException("账号或密码错误");
}
+ return user;
+ }
- R<User> r = remoteCompanyUserService.getUserByAccountName(accountName, SecurityConstants.INNER);
- if (R.isError(r)){
+
+
+ public void resetPwd(RegisterUser registerUser) {
+ User user = check(registerUser);
+
+ String verifyKey = CacheConstants.PHONE_CODE_KEY + StringUtils.nvl(registerUser.getPhone(), "");
+ String captcha = redisService.getCacheObject(verifyKey);
+ if (captcha == null) {
+ throw new CaptchaException("验证码错误");
+ }
+ String[] split = captcha.split(":");
+
+
+ long l = Long.parseLong(split[1]);
+ long l1 = System.currentTimeMillis();
+ // 判断是否大于两分钟
+ if (l1 - l > 2 * 60 * 1000) {
+ throw new CaptchaException("验证码已失效");
+ }
+ captcha = split[0];
+ if (!registerUser.getCode().equalsIgnoreCase(captcha)) {
+ throw new CaptchaException("验证码错误");
+ }
+
+ String password = SecurityUtils.encryptPassword(registerUser.getPassword());
+ user.setPassword(password);
+ R<Void> r = remoteCompanyUserService.updateUser(user, SecurityConstants.INNER);
+ if (R.isError(r)) {
throw new ServiceException(r.getMsg());
}
- if (r.getData() == null){
+ forceLogout(user.getUserId());
+ }
+
+ public void forceLogout(Long userId) {
+ Collection<String> keys = redisService.keys(CacheConstants.LOGIN_TOKEN_KEY + "*");
+ for (String key : keys) {
+ Object user = redisService.getCacheObject(key);
+ if (user instanceof AppUser) {
+ AppUser appUser = (AppUser) user;
+ if (appUser.getUserId().equals(userId)) {
+ redisService.deleteObject(key);
+ }
+ }
+ }
+ }
+
+
+
+ public User check(RegisterUser registerUser) {
+ String accountName = registerUser.getAccountName();
+ R<User> userByPhoneR = remoteCompanyUserService.getUserByPhone(accountName, SecurityConstants.INNER);
+ R<User> userByAccountNameR= remoteCompanyUserService.getUserByAccountName(accountName, SecurityConstants.INNER);
+
+ User user;
+ if (userByPhoneR.getData() != null) {
+ user = userByPhoneR.getData();
+ } else if (userByAccountNameR.getData() != null) {
+ user = userByAccountNameR.getData();
+ }else {
throw new ServiceException("账号不存在");
}
- if (!SecurityUtils.matchesPassword(password, r.getData().getPassword())){
- throw new ServiceException("密码错误");
+
+ R<List<Company>> companyListR = remoteCompanyService.getCompanyByUserId(user.getUserId(), SecurityConstants.INNER);
+ List<Company> companyList = companyListR.getData();
+ long count = companyList.stream().filter(company -> company.getCompanyName()
+ .equals(registerUser.getCompanyName()) &&
+ company.getIdCardNumber().equals(registerUser.getIdCardNumber())).count();
+ if (count == 0) {
+ return null;
}
- return r.getData();
+
+ return user;
+ }
+
+
+
+ /**
+ * 管理端-修改密码
+ * @param dto
+ */
+ public void modifyPwd(MgtPasswordDTO dto) {
+ Long userId = SecurityUtils.getUserId();
+ SysUser sysUser = remoteUserService.getUserById(userId, SecurityConstants.INNER).getData();
+ if (Objects.isNull(sysUser)){
+ throw new ServiceException("用户不存在");
+ }
+ if (!SecurityUtils.matchesPassword(dto.getOldPassword(), sysUser.getPassword())){
+ throw new ServiceException("原密码错误");
+ }
+ sysUser.setPassword(SecurityUtils.encryptPassword(dto.getNewPassword()));
+ remoteUserService.updateUser(sysUser,SecurityConstants.INNER);
}
}
--
Gitblit v1.7.1