From f0a3a39f574c9b2a42a86e9e6b1e0d9c1440a109 Mon Sep 17 00:00:00 2001 From: zhaowenyuan Date: Fri, 7 Jun 2024 11:05:28 +0800 Subject: [PATCH] =?UTF-8?q?1.=20=E8=B0=83=E6=95=B4=20=E6=96=B0=E5=A2=9E?= =?UTF-8?q?=E4=BF=AE=E6=94=B9=E6=97=B6=20=E6=B7=BB=E5=8A=A0=20create=5Fby?= =?UTF-8?q?=20=E4=BB=A5=E5=8F=8A=20update=5FBy?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../core/constant/SecurityConstants.java | 4 ++ .../core}/context/SecurityContextHolder.java | 4 +- .../common/core/enums/PassCodeEnum.java | 38 ++++++++++ .../datascope/aspect/DataScopeAspect.java | 2 +- .../config/MybatisPlusMetaObjectHandler.java | 7 +- .../com/chushang/security/auth/AuthLogic.java | 2 +- .../interceptor/HeaderInterceptor.java | 2 +- .../security/service/TokenService.java | 3 +- .../security/utils/SecurityUtils.java | 2 +- .../auth/controller/UserController.java | 32 ++++++++- .../chushang/auth/service/UserService.java | 70 +++++++++++-------- .../chushang/gateway/filter/AuthFilter.java | 10 ++- .../system/entity/enums/LoginStatusEnum.java | 1 + .../chushang/system/entity/po/SysUser.java | 9 +-- .../main/resources/mapper/SysUserMapper.xml | 3 +- 15 files changed, 142 insertions(+), 47 deletions(-) rename chushang-common/{chushang-common-security/src/main/java/com/chushang/security => chushang-common-core/src/main/java/com/chushang/common/core}/context/SecurityContextHolder.java (98%) create mode 100644 chushang-common/chushang-common-core/src/main/java/com/chushang/common/core/enums/PassCodeEnum.java diff --git a/chushang-common/chushang-common-core/src/main/java/com/chushang/common/core/constant/SecurityConstants.java b/chushang-common/chushang-common-core/src/main/java/com/chushang/common/core/constant/SecurityConstants.java index 390a236..ca52a8a 100644 --- a/chushang-common/chushang-common-core/src/main/java/com/chushang/common/core/constant/SecurityConstants.java +++ b/chushang-common/chushang-common-core/src/main/java/com/chushang/common/core/constant/SecurityConstants.java @@ -30,6 +30,10 @@ public interface SecurityConstants { * 用户名字段 */ String DETAILS_USERNAME = "username"; + /** + * 登录端 + */ + String APP_CODE = "appCode"; /** * 授权信息字段 diff --git a/chushang-common/chushang-common-security/src/main/java/com/chushang/security/context/SecurityContextHolder.java b/chushang-common/chushang-common-core/src/main/java/com/chushang/common/core/context/SecurityContextHolder.java similarity index 98% rename from chushang-common/chushang-common-security/src/main/java/com/chushang/security/context/SecurityContextHolder.java rename to chushang-common/chushang-common-core/src/main/java/com/chushang/common/core/context/SecurityContextHolder.java index ce9c701..cdc552a 100644 --- a/chushang-common/chushang-common-security/src/main/java/com/chushang/security/context/SecurityContextHolder.java +++ b/chushang-common/chushang-common-core/src/main/java/com/chushang/common/core/context/SecurityContextHolder.java @@ -1,4 +1,4 @@ -package com.chushang.security.context; +package com.chushang.common.core.context; import com.alibaba.ttl.TransmittableThreadLocal; import com.chushang.common.core.constant.SecurityConstants; @@ -9,7 +9,7 @@ import java.util.Map; import java.util.concurrent.ConcurrentHashMap; /** - * 获取当前线程变量中的 用户id、用户名称、Token等信息 + * 获取当前线程变量中的 用户id、用户名称、Token等信息 * 注意: 必须在网关通过请求头的方法传入,同时在HeaderInterceptor拦截器设置值。 否则这里无法获取 * * @author ruoyi diff --git a/chushang-common/chushang-common-core/src/main/java/com/chushang/common/core/enums/PassCodeEnum.java b/chushang-common/chushang-common-core/src/main/java/com/chushang/common/core/enums/PassCodeEnum.java new file mode 100644 index 0000000..c6856a1 --- /dev/null +++ b/chushang-common/chushang-common-core/src/main/java/com/chushang/common/core/enums/PassCodeEnum.java @@ -0,0 +1,38 @@ +// +// Source code recreated from a .class file by IntelliJ IDEA +// (powered by FernFlower decompiler) +// + +package com.chushang.common.core.enums; + +import com.chushang.common.core.exception.ResultException; +import lombok.Getter; + +@Getter +public enum PassCodeEnum { + PUBLIC("PUBLIC", "公开", false), + PLATFORM("PLATFORM", "管理平台", true), + MINI("MINI", "小程序", true), + APP("APP", "应用", true), + ; + + private final String code; + private final String name; + private final Boolean openReg; + + private PassCodeEnum(String code, String name, boolean openReg) { + this.code = code; + this.name = name; + this.openReg = openReg; + } + + public static PassCodeEnum getEnumByCode(String code) { + PassCodeEnum[] var1 = values(); + for (PassCodeEnum e : var1) { + if (e.getCode().equals(code)) { + return e; + } + } + throw new ResultException("非法的应用"); + } +} diff --git a/chushang-common/chushang-common-data-scope/src/main/java/com/chushang/datascope/aspect/DataScopeAspect.java b/chushang-common/chushang-common-data-scope/src/main/java/com/chushang/datascope/aspect/DataScopeAspect.java index 536818e..04c9852 100644 --- a/chushang-common/chushang-common-data-scope/src/main/java/com/chushang/datascope/aspect/DataScopeAspect.java +++ b/chushang-common/chushang-common-data-scope/src/main/java/com/chushang/datascope/aspect/DataScopeAspect.java @@ -9,7 +9,7 @@ import com.chushang.datascope.annotation.DataScope; import com.chushang.datascope.constants.ScopeConstants; import com.chushang.datascope.entity.DataScopeEntity; import com.chushang.datascope.enums.ScopeKeyWord; -import com.chushang.security.context.SecurityContextHolder; +import com.chushang.common.core.context.SecurityContextHolder; import com.chushang.security.utils.SecurityUtils; import com.chushang.security.entity.vo.LoginUser; import lombok.extern.slf4j.Slf4j; diff --git a/chushang-common/chushang-common-mybatis/src/main/java/com/chushang/common/mybatis/config/MybatisPlusMetaObjectHandler.java b/chushang-common/chushang-common-mybatis/src/main/java/com/chushang/common/mybatis/config/MybatisPlusMetaObjectHandler.java index 8d413b4..2d4943e 100644 --- a/chushang-common/chushang-common-mybatis/src/main/java/com/chushang/common/mybatis/config/MybatisPlusMetaObjectHandler.java +++ b/chushang-common/chushang-common-mybatis/src/main/java/com/chushang/common/mybatis/config/MybatisPlusMetaObjectHandler.java @@ -2,6 +2,7 @@ package com.chushang.common.mybatis.config; import cn.hutool.core.util.StrUtil; import com.baomidou.mybatisplus.core.handlers.MetaObjectHandler; +import com.chushang.common.core.context.SecurityContextHolder; import lombok.extern.slf4j.Slf4j; import org.apache.ibatis.reflection.MetaObject; import org.springframework.util.ClassUtils; @@ -23,7 +24,9 @@ public class MybatisPlusMetaObjectHandler implements MetaObjectHandler { log.debug("mybatis plus start insert fill ...."); } LocalDateTime now = LocalDateTime.now(); - + // 修改人, 创建人 + Long userId = SecurityContextHolder.getUserId(); + fillValIfNullByName("createBy", userId, metaObject, true); fillValIfNullByName("createTime", now, metaObject, false); fillValIfNullByName("updateTime", now, metaObject, false); } @@ -32,6 +35,8 @@ public class MybatisPlusMetaObjectHandler implements MetaObjectHandler { public void updateFill(MetaObject metaObject) { log.debug("mybatis plus start update fill ...."); fillValIfNullByName("updateTime", LocalDateTime.now(), metaObject, true); + Long userId = SecurityContextHolder.getUserId(); + fillValIfNullByName("updateBy", userId, metaObject, true); } /** diff --git a/chushang-common/chushang-common-security/src/main/java/com/chushang/security/auth/AuthLogic.java b/chushang-common/chushang-common-security/src/main/java/com/chushang/security/auth/AuthLogic.java index 3898871..fff5256 100644 --- a/chushang-common/chushang-common-security/src/main/java/com/chushang/security/auth/AuthLogic.java +++ b/chushang-common/chushang-common-security/src/main/java/com/chushang/security/auth/AuthLogic.java @@ -3,7 +3,7 @@ package com.chushang.security.auth; import com.chushang.security.annotation.Logical; import com.chushang.security.annotation.RequiresPermissions; import com.chushang.security.annotation.RequiresRoles; -import com.chushang.security.context.SecurityContextHolder; +import com.chushang.common.core.context.SecurityContextHolder; import com.chushang.security.service.TokenService; import com.chushang.security.utils.SecurityUtils; import com.chushang.common.core.exception.auth.NotLoginException; diff --git a/chushang-common/chushang-common-security/src/main/java/com/chushang/security/interceptor/HeaderInterceptor.java b/chushang-common/chushang-common-security/src/main/java/com/chushang/security/interceptor/HeaderInterceptor.java index 186c660..1f89488 100644 --- a/chushang-common/chushang-common-security/src/main/java/com/chushang/security/interceptor/HeaderInterceptor.java +++ b/chushang-common/chushang-common-security/src/main/java/com/chushang/security/interceptor/HeaderInterceptor.java @@ -1,7 +1,7 @@ package com.chushang.security.interceptor; import com.chushang.security.auth.AuthUtil; -import com.chushang.security.context.SecurityContextHolder; +import com.chushang.common.core.context.SecurityContextHolder; import com.chushang.security.utils.SecurityUtils; import com.chushang.common.core.constant.SecurityConstants; import com.chushang.common.core.util.ServletUtils; diff --git a/chushang-common/chushang-common-security/src/main/java/com/chushang/security/service/TokenService.java b/chushang-common/chushang-common-security/src/main/java/com/chushang/security/service/TokenService.java index 8f51a6c..ca29614 100644 --- a/chushang-common/chushang-common-security/src/main/java/com/chushang/security/service/TokenService.java +++ b/chushang-common/chushang-common-security/src/main/java/com/chushang/security/service/TokenService.java @@ -39,7 +39,7 @@ public class TokenService /** * 创建令牌 */ - public Map createToken(LoginUser loginUser) + public Map createToken(LoginUser loginUser, String appCode) { String token = IdUtils.getId(31); Long userId = loginUser.getUserId(); @@ -55,6 +55,7 @@ public class TokenService claimsMap.put(SecurityConstants.USER_KEY, tokenKey); claimsMap.put(SecurityConstants.DETAILS_USER_ID, userId); claimsMap.put(SecurityConstants.DETAILS_USERNAME, username); + claimsMap.put(SecurityConstants.APP_CODE, appCode); // 接口返回信息 Map rspMap = new HashMap<>(); diff --git a/chushang-common/chushang-common-security/src/main/java/com/chushang/security/utils/SecurityUtils.java b/chushang-common/chushang-common-security/src/main/java/com/chushang/security/utils/SecurityUtils.java index b5a3881..40ca9c8 100644 --- a/chushang-common/chushang-common-security/src/main/java/com/chushang/security/utils/SecurityUtils.java +++ b/chushang-common/chushang-common-security/src/main/java/com/chushang/security/utils/SecurityUtils.java @@ -1,6 +1,6 @@ package com.chushang.security.utils; -import com.chushang.security.context.SecurityContextHolder; +import com.chushang.common.core.context.SecurityContextHolder; import com.chushang.common.core.constant.SecurityConstants; import com.chushang.common.core.constant.TokenConstants; import com.chushang.common.core.util.ServletUtils; diff --git a/chushang-modules/chushang-module-auth/auth-service/src/main/java/com/chushang/auth/controller/UserController.java b/chushang-modules/chushang-module-auth/auth-service/src/main/java/com/chushang/auth/controller/UserController.java index 1e71aad..890dd1b 100644 --- a/chushang-modules/chushang-module-auth/auth-service/src/main/java/com/chushang/auth/controller/UserController.java +++ b/chushang-modules/chushang-module-auth/auth-service/src/main/java/com/chushang/auth/controller/UserController.java @@ -1,6 +1,7 @@ package com.chushang.auth.controller; import com.chushang.auth.service.UserService; +import com.chushang.common.core.enums.PassCodeEnum; import com.chushang.common.core.util.JwtUtils; import com.chushang.common.core.util.StringUtils; import com.chushang.common.core.web.AjaxResult; @@ -31,13 +32,40 @@ public class UserController final TokenService tokenService; final UserService userService; + /** + * 后台登录 + */ @PostMapping("login") public AjaxResult login(@RequestBody LoginBody form) { // 用户登录 - LoginUser loginUser = userService.login(form.getUsername(), form.getPassword()); + LoginUser loginUser = userService.login(form.getUsername(), form.getPassword(), PassCodeEnum.PLATFORM.getCode()); // 获取登录token - return AjaxResult.success(tokenService.createToken(loginUser)); + return AjaxResult.success(tokenService.createToken(loginUser, PassCodeEnum.PLATFORM.getCode())); + } + + /** + * 前台登录 + */ + @PostMapping("/app/login") + public AjaxResult appLogin(@RequestBody LoginBody form) + { + // 用户登录 + LoginUser loginUser = userService.login(form.getUsername(), form.getPassword(), PassCodeEnum.APP.getCode()); + // 获取登录token + return AjaxResult.success(tokenService.createToken(loginUser, PassCodeEnum.APP.getCode())); + } + + /** + * 小程序登录 + */ + @PostMapping("/mini/login") + public AjaxResult miniLogin(@RequestBody LoginBody form) + { + // 用户登录 + LoginUser loginUser = userService.login(form.getUsername(), form.getPassword(), PassCodeEnum.MINI.getCode()); + // 获取登录token + return AjaxResult.success(tokenService.createToken(loginUser, PassCodeEnum.MINI.getCode())); } @DeleteMapping("logout") diff --git a/chushang-modules/chushang-module-auth/auth-service/src/main/java/com/chushang/auth/service/UserService.java b/chushang-modules/chushang-module-auth/auth-service/src/main/java/com/chushang/auth/service/UserService.java index 5bad5d4..f7c26fc 100644 --- a/chushang-modules/chushang-module-auth/auth-service/src/main/java/com/chushang/auth/service/UserService.java +++ b/chushang-modules/chushang-module-auth/auth-service/src/main/java/com/chushang/auth/service/UserService.java @@ -1,5 +1,6 @@ package com.chushang.auth.service; +import com.chushang.common.core.enums.PassCodeEnum; import com.chushang.common.core.constant.SecurityConstants; import com.chushang.common.core.exception.ResultException; import com.chushang.common.core.util.IPUtils; @@ -34,38 +35,47 @@ public class UserService { /** * 登录 */ - public LoginUser login(String username, String password) + public LoginUser login(String username, String password, String appCode) { - // 查询用户信息 - long start = System.currentTimeMillis(); - Result> rLoginUser = remoteUserService.getUserInfo(username, SecurityConstants.INNER); - long end = System.currentTimeMillis(); - log.info("time : {}",end - start); - if (Result.FAIL_CODE == rLoginUser.getCode()){ - throw new ResultException(rLoginUser.getMsg()); + PassCodeEnum pce = PassCodeEnum.getEnumByCode(appCode); + if (pce.getOpenReg()) { + // 查询用户信息 + long start = System.currentTimeMillis(); + Result> rLoginUser = remoteUserService.getUserInfo(username, SecurityConstants.INNER); + long end = System.currentTimeMillis(); + log.info("time : {}",end - start); + if (Result.FAIL_CODE == rLoginUser.getCode()){ + throw new ResultException(rLoginUser.getMsg()); + } + if (ObjectUtils.isEmpty(rLoginUser) || ObjectUtils.isEmpty(rLoginUser.getData()) ){ + recordLoginInfo(username, LoginStatusEnum.ACCOUNT_EMPTY); + throw new ResultException("登录用户:" + username + " 不存在"); + } + LoginUser loginUser = rLoginUser.getData(); + SysUser sysUser = loginUser.getSysUser(); + Boolean isPlatform = sysUser.getIsPlatform(); + if (!isPlatform && !PassCodeEnum.PLATFORM.equals(pce)){ + recordLoginInfo(username, LoginStatusEnum.ACCOUNT_TYPE_ERROR); + throw new ResultException("对不起,您的账号:" + username + " 不是平台账号"); + } + Boolean status = sysUser.getStatus(); + if (!status) + { + recordLoginInfo(username, LoginStatusEnum.ACCOUNT_STATUS_ERROR); + throw new ResultException("对不起,您的账号:" + username + " 已停用"); + } + // 进行比较了 + if (!SecurityUtils.matchesPassword(password, sysUser.getSalt(), sysUser.getPassword())) + { + recordLoginInfo(username, LoginStatusEnum.LOGIN_FAIL_STATUS); + throw new ResultException("用户不存在/密码错误"); + } + recordLoginInfo(username, LoginStatusEnum.LOGIN_SUCCESS); + loginUser.setSysUser(sysUser); + return loginUser; + } else { + throw new ResultException("非法请求端"); } - - if (ObjectUtils.isEmpty(rLoginUser) || ObjectUtils.isEmpty(rLoginUser.getData()) ){ - recordLoginInfo(username, LoginStatusEnum.ACCOUNT_EMPTY); - throw new ResultException("登录用户:" + username + " 不存在"); - } - LoginUser loginUser = rLoginUser.getData(); - SysUser sysUser = loginUser.getSysUser(); - Boolean status = sysUser.getStatus(); - if (!status) - { - recordLoginInfo(username, LoginStatusEnum.ACCOUNT_STATUS_ERROR); - throw new ResultException("对不起,您的账号:" + username + " 已停用"); - } - // 进行比较了 - if (!SecurityUtils.matchesPassword(password, sysUser.getSalt(), sysUser.getPassword())) - { - recordLoginInfo(username, LoginStatusEnum.LOGIN_FAIL_STATUS); - throw new ResultException("用户不存在/密码错误"); - } - recordLoginInfo(username, LoginStatusEnum.LOGIN_SUCCESS); - loginUser.setSysUser(sysUser); - return loginUser; } public static void main(String[] args) { diff --git a/chushang-modules/chushang-module-gateway/src/main/java/com/chushang/gateway/filter/AuthFilter.java b/chushang-modules/chushang-module-gateway/src/main/java/com/chushang/gateway/filter/AuthFilter.java index b61e11f..da56b9a 100644 --- a/chushang-modules/chushang-module-gateway/src/main/java/com/chushang/gateway/filter/AuthFilter.java +++ b/chushang-modules/chushang-module-gateway/src/main/java/com/chushang/gateway/filter/AuthFilter.java @@ -30,7 +30,7 @@ import java.util.stream.Collectors; /** * 网关鉴权 - * + * * @author ruoyi */ @Component @@ -84,6 +84,11 @@ public class AuthFilter implements GlobalFilter, Ordered } String userid = JwtUtils.getUserId(claims); String username = JwtUtils.getUserName(claims); + // appCode 用于区分 小程序,app以及平台请求, 应当不同的请求有不同的code, 根据code 判断是否允许创建 + String appCode = JwtUtils.getValue(claims, SecurityConstants.APP_CODE); + // todo 此处应该根据appCode 判断url 是否允许 + log.info("appCode {}", appCode); + if (StringUtils.isEmpty(userid) || StringUtils.isEmpty(username)) { return unauthorizedResponse(exchange, "令牌验证失败"); @@ -93,6 +98,7 @@ public class AuthFilter implements GlobalFilter, Ordered addHeader(mutate, SecurityConstants.USER_KEY, userkey); addHeader(mutate, SecurityConstants.DETAILS_USER_ID, userid); addHeader(mutate, SecurityConstants.DETAILS_USERNAME, username); + addHeader(mutate, SecurityConstants.APP_CODE, appCode); // 内部请求来源参数清除 removeHeader(mutate); @@ -162,4 +168,4 @@ public class AuthFilter implements GlobalFilter, Ordered { return 0; } -} \ No newline at end of file +} diff --git a/chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/enums/LoginStatusEnum.java b/chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/enums/LoginStatusEnum.java index e706612..046938d 100644 --- a/chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/enums/LoginStatusEnum.java +++ b/chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/enums/LoginStatusEnum.java @@ -20,6 +20,7 @@ public enum LoginStatusEnum implements IEnum { ACCOUNT_EMPTY(3, "登录用户不存在"), ACCOUNT_STATUS_ERROR(4, "用户已停用,请联系管理员"), ACCOUNT_PASS_ERROR(5, "用户密码错误"), + ACCOUNT_TYPE_ERROR(7, "非平台账号登录"), ; @JsonValue diff --git a/chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/po/SysUser.java b/chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/po/SysUser.java index 5f3d79b..fba64be 100644 --- a/chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/po/SysUser.java +++ b/chushang-modules/chushang-module-system/system-feign/src/main/java/com/chushang/system/entity/po/SysUser.java @@ -11,7 +11,7 @@ import java.util.List; /** *

- * + * *

* * @author author @@ -88,9 +88,10 @@ public class SysUser extends BaseEntity { */ @TableField(updateStrategy = FieldStrategy.NOT_NULL) private String updateBy; - - - private String deptName; + /** + * 是否可以登录平台, true 可以, false 不可以, 默认true + */ + private Boolean isPlatform; @TableField(exist = false) private SysDept dept; diff --git a/chushang-modules/chushang-module-system/system-service/src/main/resources/mapper/SysUserMapper.xml b/chushang-modules/chushang-module-system/system-service/src/main/resources/mapper/SysUserMapper.xml index 9c7f117..2560b7d 100644 --- a/chushang-modules/chushang-module-system/system-service/src/main/resources/mapper/SysUserMapper.xml +++ b/chushang-modules/chushang-module-system/system-service/src/main/resources/mapper/SysUserMapper.xml @@ -17,6 +17,7 @@ + @@ -41,7 +42,7 @@ select u.user_id, u.dept_id, u.username, u.password, u.status, u.del_state, u.create_by, u.create_time,u.update_time,u.salt, - u.phone,u.nick_name,u.gender,u.avatar,u.email, + u.phone,u.nick_name,u.gender,u.avatar,u.email, u.is_platform, d.parent_dept_id, d.ancestors, d.dept_name, d.order_num as dept_order_num,d.status as dept_status, r.role_id, r.role_name, r.role_key,r.order_num as role_order_num, r.data_scope, r.status as role_status from sys_user u