修改单点登录

Reviewed-on: #2

README.md

@@ -1 +1 @@
-# 本地址已停止维护了
+# 国瑞药业

doc/nginx.conf

@@ -2,8 +2,6 @@
 #user  nobody;
 worker_processes  1;
 
-
-
 events {
     worker_connections  1024;
 }

lidee-common/lidee-boot-security/src/main/java/top/lidee/taie/security/cache/CacheKeyEnum.java

@@ -0,0 +1,63 @@
+package top.lidee.taie.security.cache;
+
+/**
+ * 缓存对象key.
+ *
+ * @author lr
+ * @since 2019-07-30 09:28
+ */
+public enum CacheKeyEnum {
+
+    /**
+     * 保存5分钟签名，防止恶意重复请求
+     */
+    REPEAT_REQUEST_SIGN("system:repeat:sign:","请求签名"),
+
+
+    /**
+     * 保存用户可权限路径
+     */
+    USER_AUTH("system:user:auth:","用户权限"),
+
+    /**
+     * 用户权限url
+     */
+    USER_URL("system:user:url:","用户权限url"),
+
+    /**
+     * 保存用户角色
+     */
+    USER_ROLE("system:user:role:","用户角色"),
+
+    /**
+     * 登录token
+     */
+    TOKEN_JWT_USER("system:user:token:", "存放用户名及对应的token"),
+
+    /**
+     * 密码错误次数
+     */
+    USER_PASSWORD_ERROR_NUMBER("system:user:password:errorNumber:", "密码错误次数"),
+
+    /**
+     * 保存用户对应的权限
+     */
+    USER_AUTHORITIES("system:user:authorities:", "保存用户对应的权限");
+
+
+    private String key;
+
+    private String value;
+
+    CacheKeyEnum(String key, String value) {
+        this.key = key;
+        this.value = value;
+    }
+
+    public String getKey() {
+        return key;
+    }
+
+    public String getValue() {
+        return value;
+    }}

lidee-common/lidee-boot-security/src/main/java/top/lidee/taie/security/security/SecurityConfiguration.java

@@ -178,7 +178,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
                 .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
                 .and()
                 .authorizeRequests()
-                .antMatchers("/login/**","/logout", "/health", "/user/loginCode/**").permitAll()
+                .antMatchers("/login/**","/logout","/outlogcas", "/health", "/user/loginCode/**").permitAll()
                 .mvcMatchers(HttpMethod.GET,"/dict/item/**").permitAll()
                 .anyRequest().authenticated()
                 .and()

lidee-common/lidee-boot-taie/pom.xml

@@ -106,6 +106,14 @@
             <groupId>org.projectlombok</groupId>
             <artifactId>lombok</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.apache.httpcomponents</groupId>
+            <artifactId>httpcore</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.httpcomponents</groupId>
+            <artifactId>httpclient</artifactId>
+        </dependency>
     </dependencies>
 
     <build>

lidee-common/lidee-boot-taie/src/main/java/top/lidee/taie/http/HttpClientUtils.java

@@ -1,6 +1,12 @@
 package top.lidee.taie.http;
 
 import com.alibaba.fastjson.JSONObject;
+import org.apache.http.client.methods.CloseableHttpResponse;
+import org.apache.http.client.methods.HttpPost;
+import org.apache.http.entity.StringEntity;
+import org.apache.http.impl.client.CloseableHttpClient;
+import org.apache.http.impl.client.HttpClients;
+import org.apache.http.util.EntityUtils;
 import top.lidee.taie.http.ssl.SslSocketClient;
 import okhttp3.*;
 
@@ -135,4 +141,40 @@ public class HttpClientUtils {
         Request request = new Request.Builder().url(url).headers(headers).delete().build();
         httpClient.newCall(request).enqueue(callback);
     }
+
+
+    public  static String getPost(String url,String Token)
+    {
+
+        try {
+            // 创建HttpClient实例
+            CloseableHttpClient httpClient = HttpClients.createDefault();
+            // 创建POST请求
+            HttpPost httpPost = new HttpPost(url);
+
+            // 设置请求体
+            StringEntity params = new StringEntity("refreshToken="+Token);
+            httpPost.setEntity(params);
+
+            httpPost.setHeader("Authorization",Token);
+
+            // 发送请求并获取响应
+            CloseableHttpResponse response = httpClient.execute(httpPost);
+            try {
+                // 获取响应状态码
+                System.out.println(response.getStatusLine().getStatusCode());
+                // 获取响应体内容
+                String result = EntityUtils.toString(response.getEntity());
+                System.out.println(result);
+                return  result;
+            } finally {
+                response.close();
+            }
+        } catch (Exception e) {
+            e.printStackTrace();
+        }
+        return "";
+    }
+
+
 }

lidee-common/pom.xml

@@ -8,7 +8,7 @@
         <artifactId>spring-boot-starter-parent</artifactId>
         <version>2.7.14</version>
         <!--<version>2.3.5.RELEASE</version>-->
-        <relativePath/> <!-- lookup parent from repository -->
+        <relativePath/>
     </parent>
     <groupId>top.lidee.taie</groupId>
     <artifactId>lidee-common</artifactId>

lidee-server/src/main/java/top/lidee/taie/business/cache/ReportCacheHelper.java

@@ -0,0 +1,150 @@
+package top.lidee.taie.business.cache;
+
+
+import top.lidee.taie.cache.CacheHelper;
+import com.google.common.collect.Maps;
+import org.springframework.beans.BeansException;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.cache.Cache;
+import org.springframework.context.ApplicationContext;
+import org.springframework.context.ApplicationContextAware;
+
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+public class ReportCacheHelper implements CacheHelper, ApplicationContextAware {
+
+    @Autowired
+    private Cache cache;
+
+    @Override
+    public String stringGet(String key) {
+        Cache.ValueWrapper valueWrapper = cache.get(key);
+        if (valueWrapper != null) {
+            return (String) valueWrapper.get();
+        }
+        return CacheHelper.super.stringGet(key);
+    }
+
+    @Override
+    public Boolean setIfAbsent(String key, String value) {
+        cache.putIfAbsent(key, value);
+        return true;
+    }
+
+
+    @Override
+    public boolean exist(String key) {
+        String cacheHoldTime = stringGet(key + "_HoldTime");
+        if (cacheHoldTime != null && Long.parseLong(cacheHoldTime) > 0) {
+            if (Long.parseLong(cacheHoldTime) < System.currentTimeMillis()) {
+                delete(key + "_HoldTime");
+                delete(key);
+                return false;
+            }
+        }
+        return cache.get(key) != null;
+    }
+
+
+    @Override
+    public void stringSet(String key, String value) {
+        cache.put(key, value);
+    }
+
+
+    @Override
+    public String regKey(String key) {
+        return CacheHelper.super.regKey(key);
+    }
+
+    @Override
+    public void stringSetExpire(String key, String value, long seconds) {
+        stringSet(key, value);
+        if (seconds > 0) {
+            //缓存失效时间
+            stringSet(key + "_HoldTime", String.valueOf(System.currentTimeMillis() + seconds * 1000));
+        }
+    }
+
+    @Override
+    public Map<String, String> hashGet(String key) {
+        Cache.ValueWrapper t = cache.get(key);
+        if (t != null) {
+            return (Map<String, String>) t.get();
+        }
+        return Maps.newHashMap();
+    }
+
+    @Override
+    public String hashGetString(String key, String hashKey) {
+        Map<String, String> stringStringMap = hashGet(key);
+        return stringStringMap.get(hashKey);
+    }
+
+    @Override
+    public void hashDel(String key, String hashKey) {
+        Map<String, String> stringStringMap = hashGet(key);
+        stringStringMap.remove(hashKey);
+    }
+
+    @Override
+    public void hashBatchDel(String key, Set<String> hashKeys) {
+        Map<String, String> stringStringMap = hashGet(key);
+        hashKeys.forEach(stringStringMap::remove);
+    }
+
+    @Override
+    public boolean hashExist(String key, String hashKey) {
+        if (exist(key)) {
+            Map<String, String> map = hashGet(key);
+            return map.containsKey(hashKey);
+        }
+        return false;
+    }
+
+    @Override
+    public boolean hashAnyExist(String key, String[] hashKeys) {
+        return CacheHelper.super.hashAnyExist(key, hashKeys);
+    }
+
+    @Override
+    public void hashSet(String key, String hashKey, String hashValue) {
+        Map<String, String> map;
+        if (exist(key)) {
+            map = hashGet(key);
+        } else {
+            map = new HashMap<>();
+        }
+        map.put(hashKey, hashValue);
+        hashSet(key, map);
+    }
+
+    @Override
+    public void hashSet(String key, Map<String, String> hash) {
+        cache.put(key, hash);
+    }
+
+    @Override
+    public boolean delete(String key) {
+        if (exist(key)) {
+            cache.evict(key);
+        }
+        return true;
+    }
+
+    @Override
+    public boolean delete(List<String> keys) {
+        keys.forEach(this::delete);
+        return true;
+    }
+
+
+    @Override
+    public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
+        /*基于内存的本地缓存*/
+        cache = (Cache) applicationContext.getBean("ehCacheCache");
+    }
+}

lidee-server/src/main/java/top/lidee/taie/business/modules/accessuser/controller/AccessUserController.java

@@ -21,6 +21,7 @@ import org.springframework.web.bind.annotation.RestController;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 
+import java.io.IOException;
 import java.util.Map;
 
 /**
@@ -98,6 +99,21 @@ public class AccessUserController extends LideeBaseController<AccessUserParam, A
         return responseSuccessWithData(accessUserService.login(dto));
     }
 
+    @PostMapping({"/logincas"})
+    public ResponseBean logincas(@RequestBody @Validated LideeUserDto dto) throws IOException {
+        return responseSuccessWithData(accessUserService.logincas(dto));
+    }
+    @PostMapping({"/outlogcas"})
+    public ResponseBean outlogcas(@RequestBody @Validated LideeUserDto dto){
+
+        Boolean data =accessUserService.outlogincas(dto);
+        return responseSuccessWithData(data);
+    }
+
+
+
+
+
     /**
      * 修改自己的密码
      * @param dto

lidee-server/src/main/java/top/lidee/taie/business/modules/accessuser/service/AccessUserService.java

@@ -8,6 +8,7 @@ import top.lidee.taie.business.modules.accessuser.dao.entity.AccessUser;
 import top.lidee.taie.business.modules.accessuser.controller.param.AccessUserParam;
 import top.lidee.taie.curd.service.LideeBaseService;
 
+import java.io.IOException;
 import java.util.Map;
 
 /**
@@ -43,6 +44,11 @@ public interface AccessUserService extends LideeBaseService<AccessUserParam, Acc
      */
     LideeUserDto login(LideeUserDto lideeUserDto);
 
+    LideeUserDto logincas(LideeUserDto lideeUserDto) throws IOException;
+    Boolean outlogincas(LideeUserDto lideeUserDto);
+
+
+
     /**
      * 修改密码
      * @param dto

lidee-server/src/main/java/top/lidee/taie/business/modules/accessuser/service/impl/AccessUserServiceImpl.java

@@ -10,6 +10,7 @@ import top.lidee.taie.exception.BusinessException;
 import top.lidee.taie.exception.BusinessExceptionBuilder;
 import top.lidee.taie.curd.mapper.LideeBaseMapper;
 import top.lidee.taie.holder.UserContentHolder;
+import top.lidee.taie.http.HttpClientUtils;
 import top.lidee.taie.utils.LideeUtils;
 import top.lidee.taie.utils.JwtBean;
 import top.lidee.taie.business.code.ResponseCode;
@@ -34,6 +35,7 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Service;
 
+import java.io.IOException;
 import java.util.*;
 import java.util.stream.Collectors;
 
@@ -71,6 +73,14 @@ public class AccessUserServiceImpl implements AccessUserService {
     @Autowired
     private CacheHelper cacheHelper;
 
+    @Value("${cas.loginurl:}")
+    private  String casLoginUrl;
+
+    @Value("${cas.outlogouturl:}")
+    private  String casoutlogouturl;
+
+
+
     @Override
     public Map getRoleTree(String loginName, String operator) {
         Map<String, Object> result = new HashMap<String, Object>();
@@ -146,7 +156,7 @@ public class AccessUserServiceImpl implements AccessUserService {
             throw BusinessExceptionBuilder.build("用户不存在");
         }
         //默认密码
-        accessUser.setPassword(MD5Util.encrypt(MD5Util.encrypt(defaultPassword.concat("lidee@123"))));
+        accessUser.setPassword(MD5Util.encrypt(MD5Util.encrypt(defaultPassword.concat("Lidee@654!"))));
         accessUserMapper.updateById(accessUser);
         return true;
     }
@@ -217,6 +227,98 @@ public class AccessUserServiceImpl implements AccessUserService {
         return lduser;
     }
 
+
+    @Override
+    public LideeUserDto logincas(LideeUserDto lideeUserDto) {
+        String loginName="";
+        String url = casLoginUrl+"?refreshToken="+ lideeUserDto.getLoginName();
+
+        String response = HttpClientUtils.getPost(url, lideeUserDto.getLoginName());
+
+        JSONObject jsonObject = null;
+        jsonObject= JSONObject.parseObject(response);
+        if(Integer.parseInt(jsonObject.getString("code"))==0)
+        {
+            loginName=jsonObject.getJSONObject("data").getString("username");
+        }
+
+        String password ="Lidee@654!";
+        // 1.判断用户是否存在
+        LambdaQueryWrapper<AccessUser> wrapper = Wrappers.lambdaQuery();
+        wrapper.eq(AccessUser::getLoginName, loginName);
+        AccessUser accessUser = accessUserMapper.selectOne(wrapper);
+        if (null == accessUser) {
+            throw BusinessExceptionBuilder.build(ResponseCode.LOGIN_ERROR);
+        }
+        // 2.密码错误
+        String sss=MD5Util.encrypt(password);
+//        if (!accessUser.getPassword().equals(MD5Util.encrypt(password))) {
+//            throw BusinessExceptionBuilder.build(ResponseCode.USER_PASSWORD_ERROR);
+//        }
+
+        // 3.如果该用户登录未过期，这里允许一个用户在多个终端登录
+        String tokenKey = String.format(BusinessConstant.LIDEE_SECURITY_LOGIN_TOKEN, loginName);
+        String token = "";
+        LideeUserDto lduser = new LideeUserDto();
+        if (cacheHelper.exist(tokenKey)) {
+            token = cacheHelper.stringGet(tokenKey);
+        } else {
+            // 生成用户token
+            String uuid = LideeUtils.UUID();
+            token = jwtBean.createToken(loginName, uuid, 0, LideeConstant.TENANT_CODE);
+            cacheHelper.stringSetExpire(tokenKey, token, 3600);
+        }
+
+        // 4.读取用户最新人权限主信息
+        String userKey = String.format(BusinessConstant.LIDEE_SECURITY_LOGIN_USER, loginName);
+
+        //为了兼容底层其他数据库，不再写自定义sql
+//        List<String> authorities = accessUserMapper.queryAuthoritiesByLoginName(loginName);
+
+        //当前用户的roleCode集合
+        LambdaQueryWrapper<AccessUserRole> accessUserWrapper = Wrappers.lambdaQuery();
+        accessUserWrapper.select(AccessUserRole::getRoleCode);
+        accessUserWrapper.eq(AccessUserRole::getLoginName, loginName);
+        List<AccessUserRole> accessUserRoles = accessUserRoleMapper.selectList(accessUserWrapper);
+        Set<String> roleCodeSet = accessUserRoles.stream().map(AccessUserRole::getRoleCode).collect(Collectors.toSet());
+        if (roleCodeSet.size() < 1) {
+            lduser.setAuthorities(new ArrayList<>());
+        }else {
+            LambdaQueryWrapper<AccessRoleAuthority> accessRoleAuthorityWrapper = Wrappers.lambdaQuery();
+            accessRoleAuthorityWrapper.select(AccessRoleAuthority::getTarget, AccessRoleAuthority::getAction);
+            accessRoleAuthorityWrapper.in(AccessRoleAuthority::getRoleCode, roleCodeSet);
+            List<AccessRoleAuthority> accessRoleAuthorities = accessRoleAuthorityMapper.selectList(accessRoleAuthorityWrapper);
+            List<String> authorities = accessRoleAuthorities.stream()
+                    .map(accessRoleAuthority -> accessRoleAuthority.getTarget().concat(":").concat(accessRoleAuthority.getAction())).distinct().collect(Collectors.toList());
+            lduser.setAuthorities(authorities);
+        }
+
+        lduser.setLoginName(loginName);
+        lduser.setRealName(accessUser.getRealName());
+        lduser.setToken(token);
+
+        String ldUserStr = JSONObject.toJSONString(lduser);
+        cacheHelper.stringSetExpire(userKey, ldUserStr, 3600);
+        cacheHelper.stringSetExpire(loginName+"_cas", lideeUserDto.getLoginName(), 360000);
+//      String ss=  cacheHelper.stringGet(loginName+"_cas");
+        return lduser;
+    }
+
+    @Override
+    public Boolean outlogincas(LideeUserDto lideeUserDto)  {
+
+        String token=  cacheHelper.stringGet(lideeUserDto.getLoginName()+"_cas");
+
+        String url = casoutlogouturl+"?refreshToken="+ token;
+
+        String response = HttpClientUtils.getPost(url, token);
+
+        return true;
+    }
+
+
+
+
     /**
      * 修改密码
      *
@@ -263,7 +365,7 @@ public class AccessUserServiceImpl implements AccessUserService {
         switch (operationEnum) {
             case INSERT:
                 //lidee是为了和前端加密保持一致
-                entity.setPassword(MD5Util.encrypt(MD5Util.encrypt(defaultPassword.concat("lidee"))));
+                entity.setPassword(MD5Util.encrypt(MD5Util.encrypt(defaultPassword.concat("Lidee@654!"))));
                 break;
             case UPDATE:
                 //更新用户不允许修改密码
@@ -275,4 +377,7 @@ public class AccessUserServiceImpl implements AccessUserService {
         }
 
     }
+
+
+
 }

lidee-server/src/main/resources/bootstrap.yml

@@ -34,8 +34,8 @@ spring:
   datasource:
     url: jdbc:mysql://127.0.0.1:3306/lidee_report?characterEncoding=UTF-8&serverTimezone=Asia/Shanghai&useSSL=false&allowPublicKeyRetrieval=true
     username: root
-    password: root
+#    password: root
-#    password: gryy@8888
+    password: gryy@8888
 #    url: jdbc:mysql://127.0.0.1:3306/lidee_report?characterEncoding=UTF-8&serverTimezone=Asia/Shanghai&useSSL=false&allowPublicKeyRetrieval=true
 #    username: root
 #    password: Lidee@654!
@@ -144,4 +144,9 @@ customer:
   user:
     ##新增用户默认密码
     default:
-      password: 123456
+      password: Lidee@654!
+cas:
+#  loginurl: http://127.0.0.1:48080/admin-api/system/auth/user-info
+#  outlogouturl: http://127.0.0.1:48080/admin-api/system/auth/logout-client
+  loginurl: http://192.168.1.241/admin-api/system/auth/user-info
+  outlogouturl: http://192.168.1.241/admin-api/system/auth/logout-client