Compare commits
6 Commits
d52a46109b
...
main
| Author | SHA1 | Date | |
|---|---|---|---|
| 94a7c9e000 | |||
| d7aa0de3be | |||
| db45bcd050 | |||
| 93fc161232 | |||
| 8fed216096 | |||
| a28814c3c3 |
63
lidee-common/lidee-boot-security/src/main/java/top/lidee/taie/security/cache/CacheKeyEnum.java
vendored
Normal file
63
lidee-common/lidee-boot-security/src/main/java/top/lidee/taie/security/cache/CacheKeyEnum.java
vendored
Normal file
@@ -0,0 +1,63 @@
|
||||
package top.lidee.taie.security.cache;
|
||||
|
||||
/**
|
||||
* 缓存对象key.
|
||||
*
|
||||
* @author lr
|
||||
* @since 2019-07-30 09:28
|
||||
*/
|
||||
public enum CacheKeyEnum {
|
||||
|
||||
/**
|
||||
* 保存5分钟签名,防止恶意重复请求
|
||||
*/
|
||||
REPEAT_REQUEST_SIGN("system:repeat:sign:","请求签名"),
|
||||
|
||||
|
||||
/**
|
||||
* 保存用户可权限路径
|
||||
*/
|
||||
USER_AUTH("system:user:auth:","用户权限"),
|
||||
|
||||
/**
|
||||
* 用户权限url
|
||||
*/
|
||||
USER_URL("system:user:url:","用户权限url"),
|
||||
|
||||
/**
|
||||
* 保存用户角色
|
||||
*/
|
||||
USER_ROLE("system:user:role:","用户角色"),
|
||||
|
||||
/**
|
||||
* 登录token
|
||||
*/
|
||||
TOKEN_JWT_USER("system:user:token:", "存放用户名及对应的token"),
|
||||
|
||||
/**
|
||||
* 密码错误次数
|
||||
*/
|
||||
USER_PASSWORD_ERROR_NUMBER("system:user:password:errorNumber:", "密码错误次数"),
|
||||
|
||||
/**
|
||||
* 保存用户对应的权限
|
||||
*/
|
||||
USER_AUTHORITIES("system:user:authorities:", "保存用户对应的权限");
|
||||
|
||||
|
||||
private String key;
|
||||
|
||||
private String value;
|
||||
|
||||
CacheKeyEnum(String key, String value) {
|
||||
this.key = key;
|
||||
this.value = value;
|
||||
}
|
||||
|
||||
public String getKey() {
|
||||
return key;
|
||||
}
|
||||
|
||||
public String getValue() {
|
||||
return value;
|
||||
}}
|
||||
@@ -178,7 +178,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
|
||||
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
|
||||
.and()
|
||||
.authorizeRequests()
|
||||
.antMatchers("/login/**","/logout", "/health", "/user/loginCode/**").permitAll()
|
||||
.antMatchers("/login/**","/logout","/outlogcas", "/health", "/user/loginCode/**").permitAll()
|
||||
.mvcMatchers(HttpMethod.GET,"/dict/item/**").permitAll()
|
||||
.anyRequest().authenticated()
|
||||
.and()
|
||||
|
||||
@@ -106,6 +106,14 @@
|
||||
<groupId>org.projectlombok</groupId>
|
||||
<artifactId>lombok</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.httpcomponents</groupId>
|
||||
<artifactId>httpcore</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.httpcomponents</groupId>
|
||||
<artifactId>httpclient</artifactId>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
<build>
|
||||
|
||||
@@ -1,6 +1,12 @@
|
||||
package top.lidee.taie.http;
|
||||
|
||||
import com.alibaba.fastjson.JSONObject;
|
||||
import org.apache.http.client.methods.CloseableHttpResponse;
|
||||
import org.apache.http.client.methods.HttpPost;
|
||||
import org.apache.http.entity.StringEntity;
|
||||
import org.apache.http.impl.client.CloseableHttpClient;
|
||||
import org.apache.http.impl.client.HttpClients;
|
||||
import org.apache.http.util.EntityUtils;
|
||||
import top.lidee.taie.http.ssl.SslSocketClient;
|
||||
import okhttp3.*;
|
||||
|
||||
@@ -135,4 +141,40 @@ public class HttpClientUtils {
|
||||
Request request = new Request.Builder().url(url).headers(headers).delete().build();
|
||||
httpClient.newCall(request).enqueue(callback);
|
||||
}
|
||||
|
||||
|
||||
public static String getPost(String url,String Token)
|
||||
{
|
||||
|
||||
try {
|
||||
// 创建HttpClient实例
|
||||
CloseableHttpClient httpClient = HttpClients.createDefault();
|
||||
// 创建POST请求
|
||||
HttpPost httpPost = new HttpPost(url);
|
||||
|
||||
// 设置请求体
|
||||
StringEntity params = new StringEntity("refreshToken="+Token);
|
||||
httpPost.setEntity(params);
|
||||
|
||||
httpPost.setHeader("Authorization",Token);
|
||||
|
||||
// 发送请求并获取响应
|
||||
CloseableHttpResponse response = httpClient.execute(httpPost);
|
||||
try {
|
||||
// 获取响应状态码
|
||||
System.out.println(response.getStatusLine().getStatusCode());
|
||||
// 获取响应体内容
|
||||
String result = EntityUtils.toString(response.getEntity());
|
||||
System.out.println(result);
|
||||
return result;
|
||||
} finally {
|
||||
response.close();
|
||||
}
|
||||
} catch (Exception e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
return "";
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
@@ -8,7 +8,7 @@
|
||||
<artifactId>spring-boot-starter-parent</artifactId>
|
||||
<version>2.7.14</version>
|
||||
<!--<version>2.3.5.RELEASE</version>-->
|
||||
<relativePath/> <!-- lookup parent from repository -->
|
||||
<relativePath/>
|
||||
</parent>
|
||||
<groupId>top.lidee.taie</groupId>
|
||||
<artifactId>lidee-common</artifactId>
|
||||
|
||||
@@ -21,6 +21,7 @@ import org.springframework.web.bind.annotation.RestController;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.PathVariable;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.Map;
|
||||
|
||||
/**
|
||||
@@ -98,6 +99,21 @@ public class AccessUserController extends LideeBaseController<AccessUserParam, A
|
||||
return responseSuccessWithData(accessUserService.login(dto));
|
||||
}
|
||||
|
||||
@PostMapping({"/logincas"})
|
||||
public ResponseBean logincas(@RequestBody @Validated LideeUserDto dto) throws IOException {
|
||||
return responseSuccessWithData(accessUserService.logincas(dto));
|
||||
}
|
||||
@PostMapping({"/outlogcas"})
|
||||
public ResponseBean outlogcas(@RequestBody @Validated LideeUserDto dto){
|
||||
|
||||
Boolean data =accessUserService.outlogincas(dto);
|
||||
return responseSuccessWithData(data);
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
/**
|
||||
* 修改自己的密码
|
||||
* @param dto
|
||||
|
||||
@@ -8,6 +8,7 @@ import top.lidee.taie.business.modules.accessuser.dao.entity.AccessUser;
|
||||
import top.lidee.taie.business.modules.accessuser.controller.param.AccessUserParam;
|
||||
import top.lidee.taie.curd.service.LideeBaseService;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.Map;
|
||||
|
||||
/**
|
||||
@@ -43,6 +44,11 @@ public interface AccessUserService extends LideeBaseService<AccessUserParam, Acc
|
||||
*/
|
||||
LideeUserDto login(LideeUserDto lideeUserDto);
|
||||
|
||||
LideeUserDto logincas(LideeUserDto lideeUserDto) throws IOException;
|
||||
Boolean outlogincas(LideeUserDto lideeUserDto);
|
||||
|
||||
|
||||
|
||||
/**
|
||||
* 修改密码
|
||||
* @param dto
|
||||
|
||||
@@ -10,6 +10,7 @@ import top.lidee.taie.exception.BusinessException;
|
||||
import top.lidee.taie.exception.BusinessExceptionBuilder;
|
||||
import top.lidee.taie.curd.mapper.LideeBaseMapper;
|
||||
import top.lidee.taie.holder.UserContentHolder;
|
||||
import top.lidee.taie.http.HttpClientUtils;
|
||||
import top.lidee.taie.utils.LideeUtils;
|
||||
import top.lidee.taie.utils.JwtBean;
|
||||
import top.lidee.taie.business.code.ResponseCode;
|
||||
@@ -34,6 +35,7 @@ import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.*;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
@@ -71,6 +73,14 @@ public class AccessUserServiceImpl implements AccessUserService {
|
||||
@Autowired
|
||||
private CacheHelper cacheHelper;
|
||||
|
||||
@Value("${cas.loginurl:}")
|
||||
private String casLoginUrl;
|
||||
|
||||
@Value("${cas.outlogouturl:}")
|
||||
private String casoutlogouturl;
|
||||
|
||||
|
||||
|
||||
@Override
|
||||
public Map getRoleTree(String loginName, String operator) {
|
||||
Map<String, Object> result = new HashMap<String, Object>();
|
||||
@@ -146,7 +156,7 @@ public class AccessUserServiceImpl implements AccessUserService {
|
||||
throw BusinessExceptionBuilder.build("用户不存在");
|
||||
}
|
||||
//默认密码
|
||||
accessUser.setPassword(MD5Util.encrypt(MD5Util.encrypt(defaultPassword.concat("lidee@123"))));
|
||||
accessUser.setPassword(MD5Util.encrypt(MD5Util.encrypt(defaultPassword.concat("Lidee@654!"))));
|
||||
accessUserMapper.updateById(accessUser);
|
||||
return true;
|
||||
}
|
||||
@@ -217,6 +227,98 @@ public class AccessUserServiceImpl implements AccessUserService {
|
||||
return lduser;
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
public LideeUserDto logincas(LideeUserDto lideeUserDto) {
|
||||
String loginName="";
|
||||
String url = casLoginUrl+"?refreshToken="+ lideeUserDto.getLoginName();
|
||||
|
||||
String response = HttpClientUtils.getPost(url, lideeUserDto.getLoginName());
|
||||
|
||||
JSONObject jsonObject = null;
|
||||
jsonObject= JSONObject.parseObject(response);
|
||||
if(Integer.parseInt(jsonObject.getString("code"))==0)
|
||||
{
|
||||
loginName=jsonObject.getJSONObject("data").getString("username");
|
||||
}
|
||||
|
||||
String password ="Lidee@654!";
|
||||
// 1.判断用户是否存在
|
||||
LambdaQueryWrapper<AccessUser> wrapper = Wrappers.lambdaQuery();
|
||||
wrapper.eq(AccessUser::getLoginName, loginName);
|
||||
AccessUser accessUser = accessUserMapper.selectOne(wrapper);
|
||||
if (null == accessUser) {
|
||||
throw BusinessExceptionBuilder.build(ResponseCode.LOGIN_ERROR);
|
||||
}
|
||||
// 2.密码错误
|
||||
String sss=MD5Util.encrypt(password);
|
||||
// if (!accessUser.getPassword().equals(MD5Util.encrypt(password))) {
|
||||
// throw BusinessExceptionBuilder.build(ResponseCode.USER_PASSWORD_ERROR);
|
||||
// }
|
||||
|
||||
// 3.如果该用户登录未过期,这里允许一个用户在多个终端登录
|
||||
String tokenKey = String.format(BusinessConstant.LIDEE_SECURITY_LOGIN_TOKEN, loginName);
|
||||
String token = "";
|
||||
LideeUserDto lduser = new LideeUserDto();
|
||||
if (cacheHelper.exist(tokenKey)) {
|
||||
token = cacheHelper.stringGet(tokenKey);
|
||||
} else {
|
||||
// 生成用户token
|
||||
String uuid = LideeUtils.UUID();
|
||||
token = jwtBean.createToken(loginName, uuid, 0, LideeConstant.TENANT_CODE);
|
||||
cacheHelper.stringSetExpire(tokenKey, token, 3600);
|
||||
}
|
||||
|
||||
// 4.读取用户最新人权限主信息
|
||||
String userKey = String.format(BusinessConstant.LIDEE_SECURITY_LOGIN_USER, loginName);
|
||||
|
||||
//为了兼容底层其他数据库,不再写自定义sql
|
||||
// List<String> authorities = accessUserMapper.queryAuthoritiesByLoginName(loginName);
|
||||
|
||||
//当前用户的roleCode集合
|
||||
LambdaQueryWrapper<AccessUserRole> accessUserWrapper = Wrappers.lambdaQuery();
|
||||
accessUserWrapper.select(AccessUserRole::getRoleCode);
|
||||
accessUserWrapper.eq(AccessUserRole::getLoginName, loginName);
|
||||
List<AccessUserRole> accessUserRoles = accessUserRoleMapper.selectList(accessUserWrapper);
|
||||
Set<String> roleCodeSet = accessUserRoles.stream().map(AccessUserRole::getRoleCode).collect(Collectors.toSet());
|
||||
if (roleCodeSet.size() < 1) {
|
||||
lduser.setAuthorities(new ArrayList<>());
|
||||
}else {
|
||||
LambdaQueryWrapper<AccessRoleAuthority> accessRoleAuthorityWrapper = Wrappers.lambdaQuery();
|
||||
accessRoleAuthorityWrapper.select(AccessRoleAuthority::getTarget, AccessRoleAuthority::getAction);
|
||||
accessRoleAuthorityWrapper.in(AccessRoleAuthority::getRoleCode, roleCodeSet);
|
||||
List<AccessRoleAuthority> accessRoleAuthorities = accessRoleAuthorityMapper.selectList(accessRoleAuthorityWrapper);
|
||||
List<String> authorities = accessRoleAuthorities.stream()
|
||||
.map(accessRoleAuthority -> accessRoleAuthority.getTarget().concat(":").concat(accessRoleAuthority.getAction())).distinct().collect(Collectors.toList());
|
||||
lduser.setAuthorities(authorities);
|
||||
}
|
||||
|
||||
lduser.setLoginName(loginName);
|
||||
lduser.setRealName(accessUser.getRealName());
|
||||
lduser.setToken(token);
|
||||
|
||||
String ldUserStr = JSONObject.toJSONString(lduser);
|
||||
cacheHelper.stringSetExpire(userKey, ldUserStr, 3600);
|
||||
cacheHelper.stringSetExpire(loginName+"_cas", lideeUserDto.getLoginName(), 360000);
|
||||
// String ss= cacheHelper.stringGet(loginName+"_cas");
|
||||
return lduser;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Boolean outlogincas(LideeUserDto lideeUserDto) {
|
||||
|
||||
String token= cacheHelper.stringGet(lideeUserDto.getLoginName()+"_cas");
|
||||
|
||||
String url = casoutlogouturl+"?refreshToken="+ token;
|
||||
|
||||
String response = HttpClientUtils.getPost(url, token);
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
/**
|
||||
* 修改密码
|
||||
*
|
||||
@@ -263,7 +365,7 @@ public class AccessUserServiceImpl implements AccessUserService {
|
||||
switch (operationEnum) {
|
||||
case INSERT:
|
||||
//lidee是为了和前端加密保持一致
|
||||
entity.setPassword(MD5Util.encrypt(MD5Util.encrypt(defaultPassword.concat("lidee"))));
|
||||
entity.setPassword(MD5Util.encrypt(MD5Util.encrypt(defaultPassword.concat("Lidee@654!"))));
|
||||
break;
|
||||
case UPDATE:
|
||||
//更新用户不允许修改密码
|
||||
@@ -275,4 +377,7 @@ public class AccessUserServiceImpl implements AccessUserService {
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
||||
@@ -34,8 +34,8 @@ spring:
|
||||
datasource:
|
||||
url: jdbc:mysql://127.0.0.1:3306/lidee_report?characterEncoding=UTF-8&serverTimezone=Asia/Shanghai&useSSL=false&allowPublicKeyRetrieval=true
|
||||
username: root
|
||||
password: root
|
||||
# password: gryy@8888
|
||||
# password: root
|
||||
password: gryy@8888
|
||||
# url: jdbc:mysql://127.0.0.1:3306/lidee_report?characterEncoding=UTF-8&serverTimezone=Asia/Shanghai&useSSL=false&allowPublicKeyRetrieval=true
|
||||
# username: root
|
||||
# password: Lidee@654!
|
||||
@@ -144,4 +144,9 @@ customer:
|
||||
user:
|
||||
##新增用户默认密码
|
||||
default:
|
||||
password: 123456
|
||||
password: Lidee@654!
|
||||
cas:
|
||||
# loginurl: http://127.0.0.1:48080/admin-api/system/auth/user-info
|
||||
# outlogouturl: http://127.0.0.1:48080/admin-api/system/auth/logout-client
|
||||
loginurl: http://192.168.1.241/admin-api/system/auth/user-info
|
||||
outlogouturl: http://192.168.1.241/admin-api/system/auth/logout-client
|
||||
|
||||
Reference in New Issue
Block a user