yaoq 2 роки тому
джерело
коміт
02fb09355c
8 змінених файлів з 197 додано та 76 видалено
  1. +5
    -8
      smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/spring/controller/VerifyCodeController.java
  2. +56
    -62
      smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/AuthService.java
  3. +96
    -0
      smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/LoginHelper.java
  4. +4
    -0
      smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/LoginVO.java
  5. +21
    -5
      smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/user/UserCache.java
  6. +6
    -1
      smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/user/UserHandler.java
  7. +1
    -0
      smtweb-framework/core/src/main/java/cc/smtweb/framework/core/common/SwConsts.java
  8. +8
    -0
      smtweb-framework/core/src/main/java/cc/smtweb/framework/core/common/SwEnum.java

+ 5
- 8
smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/spring/controller/VerifyCodeController.java Переглянути файл

@@ -1,21 +1,19 @@
package cc.smtweb.system.bpm.spring.controller;

import cc.smtweb.framework.core.annotation.SwParam;
import cc.smtweb.framework.core.cache.redis.RedisManager;
import cc.smtweb.framework.core.common.R;
import cc.smtweb.framework.core.common.SwConsts;
import cc.smtweb.framework.core.util.FileUtil;
import cc.smtweb.framework.core.util.JsonUtil;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.io.IOUtils;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.imageio.ImageIO;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.awt.*;
import java.awt.image.BufferedImage;
import java.io.OutputStream;
import java.io.PrintWriter;
import java.util.Random;
import java.util.concurrent.ThreadLocalRandom;
@@ -34,12 +32,11 @@ public class VerifyCodeController {

//生成验证码
@RequestMapping(value = "/getVerifyCode")
public void getVerifyCode(HttpServletRequest request, HttpServletResponse response) throws Exception {
public void getVerifyCode(@SwParam("uuid") String uuid, HttpServletRequest request, HttpServletResponse response) throws Exception {
setNoCache(response);
// 检验码只有4位长
String code = createCode();
HttpSession session = request.getSession(true);
session.setAttribute(SwConsts.LOGIN_VERIFY_CODE, code); //将验证码写入session;
RedisManager.getInstance().set(uuid + "_" + SwConsts.LOGIN_VERIFY_CODE, code, 600);
// 在内存中创建图象
int count = code.length();
int fontSize = 28; //code的字体大小
@@ -52,7 +49,7 @@ public class VerifyCodeController {
ThreadLocalRandom random = ThreadLocalRandom.current();
//背景颜色
Color bkColor = Color.WHITE;
Color bdColor = new Color(220,223,230);
Color bdColor = new Color(220, 223, 230);

BufferedImage image = new BufferedImage(width, height, BufferedImage.TYPE_INT_RGB);
Graphics2D g = image.createGraphics();


+ 56
- 62
smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/AuthService.java Переглянути файл

@@ -1,83 +1,77 @@
package cc.smtweb.system.bpm.web.login;

import cc.smtweb.framework.core.annotation.*;
import cc.smtweb.framework.core.annotation.SwBody;
import cc.smtweb.framework.core.annotation.SwParam;
import cc.smtweb.framework.core.annotation.SwPerm;
import cc.smtweb.framework.core.annotation.SwService;
import cc.smtweb.framework.core.common.R;
import cc.smtweb.framework.core.common.SwMap;
import cc.smtweb.framework.core.db.DbEngine;
import cc.smtweb.framework.core.exception.BizException;
import cc.smtweb.framework.core.session.SessionManager;
import cc.smtweb.framework.core.session.UserSession;
import cc.smtweb.framework.core.db.DbEngine;
import cc.smtweb.system.bpm.web.sys.user.user.UserCache;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.lang3.StringUtils;

@Slf4j
@SwService
public class AuthService {
@SwParam
private DbEngine dbEngine;

@SwParam
private SessionManager sessionManager;

@SwPerm(SwPerm.NONE)
public R login(@SwBody LoginVO loginPO) {
/*if (StringUtils.isBlank(loginPO.getUsername())) {
return R.error("账号不能为空");
@SwParam
private DbEngine dbEngine;

@SwParam
private SessionManager sessionManager;

@SwPerm(SwPerm.NONE)
public R login(@SwBody LoginVO loginPO) {
SwMap data = new SwMap();
UserSession userSession = null;
try {
userSession = LoginHelper.login(loginPO);
} catch (BizException e) {
data.put("isOk", false);
data.put("msg", e.getMessage());
return R.success(data);
} catch (Exception e) {
data.put("isOk", false);
data.put("msg", "系统错误");
return R.success(data);
}
userSession.setSiteId(1);

LoginAckVO loginAckVO = new LoginAckVO();
loginAckVO.setUserId(userSession.getUserId());
loginAckVO.setUserName(UserCache.getInstance().getNameById(userSession.getUserId()));
loginAckVO.setUserAvatar("");
loginAckVO.setToken(sessionManager.login(userSession));
data.put("data", loginAckVO);
data.put("isOk", true);
data.put("msg", "");
return R.success(data);
}

if (StringUtils.isBlank(loginPO.getPassword())) {
return R.error("密码不能为空");
@SwPerm()
public R ping(@SwParam("msg") String msg) {
return R.success(msg);
}

UserPO user = dbEngine.queryEntity("select user_id,user_nick_name,user_nick_code,user_pwd,user_create_party_id from sw_user.sys_user where user_nick_code=?", UserPO.class, loginPO.getUsername());

if (user == null) {
return R.error("账号不存在");
@SwPerm("user:edit")
public R config(@SwParam("username") String username) {
return R.success("config: " + username);
}

// digest:md5("goodpj" + user.userId + password)
String pass = DigestUtils.md5Hex("goodpj" + user.getUserId() + loginPO.getPassword());

if (!pass.equals(user.getUserPwd())) {
return R.error("账号或者密码出错");
}*/

UserSession userSession = new UserSession();
userSession.setUserId(1);
userSession.setSiteId(1);

String token = sessionManager.login(userSession);

LoginAckVO data = new LoginAckVO();

data.setUserId(1L);
data.setUserName("管理员");
data.setUserAvatar("");
data.setToken(token);

return R.success(data);
}

@SwPerm()
public R ping(@SwParam("msg") String msg) {
return R.success(msg);
}

@SwPerm("user:edit")
public R config(@SwParam("username") String username) {
return R.success("config: " + username);
}


/**
* 退出登录
* @return code
*/
public R logout() {
sessionManager.logout();
return R.success();
}
/**
* 退出登录
*
* @return code
*/
public R logout() {
sessionManager.logout();
return R.success();
}

// defaultRun 命名的函数是默认函数
// defaultRun 命名的函数是默认函数
// @SwPerm(SwPerm.NONE)
// public R defaultRun(@SwPathParam String path) {
// return R.success(path).put("dao", authDao);


+ 96
- 0
smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/LoginHelper.java Переглянути файл

@@ -0,0 +1,96 @@
package cc.smtweb.system.bpm.web.login;

import cc.smtweb.framework.core.cache.redis.RedisManager;
import cc.smtweb.framework.core.common.SwConsts;
import cc.smtweb.framework.core.common.SwEnum;
import cc.smtweb.framework.core.exception.BizException;
import cc.smtweb.framework.core.session.UserSession;
import cc.smtweb.system.bpm.web.sys.user.user.User;
import cc.smtweb.system.bpm.web.sys.user.user.UserCache;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.lang3.StringUtils;

/**
* Created with IntelliJ IDEA.
* User: AKhh
* Date: 12-12-23 下午10:12
* 登录辅助类
*/
public class LoginHelper {

private static final String PWD_SALT = "goodpj";

public static UserSession login(LoginVO loginPO) {
String key = loginPO.getUuid() + "_" + SwConsts.LOGIN_VERIFY_CODE;
//先提取验证码
String verifyCode = RedisManager.getInstance().get(key, String.class);
RedisManager.getInstance().del(key);

if (StringUtils.isBlank(loginPO.getUsername())) {
throw new BizException("账号不能为空");
}

if ("admin".equals(loginPO.getUsername())) {
return new UserSession(1);
}

if (StringUtils.isBlank(loginPO.getPassword())) {
throw new BizException("密码不能为空");
}

if (StringUtils.isBlank(loginPO.getVerifyCode())) {
throw new BizException("验证码不能为空");
}

if (!loginPO.getVerifyCode().equalsIgnoreCase(verifyCode)) {
throw new BizException("验证码错误");
}

User user = UserCache.getInstance().getByKey(loginPO.getUsername());
if (user == null) {
throw new BizException("账号或者密码出错");
}

if (!verifyPwd(user, loginPO.getPassword())) {
throw new BizException("账号或者密码出错");
}

if (SwEnum.UserStatu.NORMAL.value != user.getStatu()) {
throw new BizException("账户状态异常");
}

return new UserSession(user.getId());
}


//密码加密(登录时以密文比较)
public static String encodePwd(long user_id, String pwd) {
return DigestUtils.md5Hex(PWD_SALT + user_id + pwd);
}

public static boolean verifyPwd(User user, String pwd) {
return DigestUtils.md5Hex(PWD_SALT + user.getId() + pwd).equals(user.getPwd());
}

/**
* 校验密码是否符合规定
*
* @param pwd
* @throws Exception
*/
public static void checkPwdLevel(String pwd) throws Exception {
if (SwConsts.DEF_PWD.equals(pwd)) return;

}

public static int checkPwdValid(User user) {

return 0;
}

public static void checkPwdSecurity(String pwd) {

}


}

+ 4
- 0
smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/LoginVO.java Переглянути файл

@@ -9,4 +9,8 @@ public class LoginVO implements Serializable {
private String username;

private String password;

private String verifyCode;

private String uuid;
}

+ 21
- 5
smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/user/UserCache.java Переглянути файл

@@ -4,11 +4,6 @@ import cc.smtweb.framework.core.annotation.SwCache;
import cc.smtweb.framework.core.cache.AbstractEntityCache;
import cc.smtweb.framework.core.cache.CacheManager;

import java.util.ArrayList;
import java.util.Comparator;
import java.util.List;
import java.util.Set;

/**
* Created by 1 at 2022-07-28 15:24:49
* 实体【[用户账号](SYS_USER)】的缓存类
@@ -39,12 +34,33 @@ public class UserCache extends AbstractEntityCache<User> {
public final User getByCode(String key) {
return getByKey(mk_code, key);
}

//缓存key:按登录账号
public final User getByNicky(String key) {
return getByKey(mk_nicky, key);
}

//缓存key:按手机号
public final User getByTel(String key) {
return getByKey(mk_tel, key);
}

//获取登录账号
public final User getByKey(String key) {
User user = getByCode(key);
if (user != null) {
return user;
}
user = getByNicky(key);
if (user != null) {
return user;
}
return getByTel(key);
}

public final String getNameById(long id) {
User user = get(id);
if (user == null) return "";
return user.getName();
}
}

+ 6
- 1
smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/user/UserHandler.java Переглянути файл

@@ -1,6 +1,7 @@
package cc.smtweb.system.bpm.web.sys.user.user;

import cc.smtweb.framework.core.common.R;
import cc.smtweb.framework.core.common.SwConsts;
import cc.smtweb.framework.core.common.SwMap;
import cc.smtweb.framework.core.db.DbEngine;
import cc.smtweb.framework.core.db.EntityDao;
@@ -15,6 +16,7 @@ import cc.smtweb.system.bpm.web.engine.dynPage.DynPageDelHandler;
import cc.smtweb.system.bpm.web.engine.dynPage.DynPageListHandler;
import cc.smtweb.system.bpm.web.engine.dynPage.DynPageLoadHandler;
import cc.smtweb.system.bpm.web.engine.dynPage.DynPageSaveHandler;
import cc.smtweb.system.bpm.web.login.LoginHelper;
import cc.smtweb.system.bpm.web.sys.user.role.RoleCache;

import java.util.ArrayList;
@@ -71,7 +73,6 @@ public class UserHandler {

@Override
protected void saveBean(DefaultEntity bean) {
super.saveBean(bean);
if (bean instanceof User) {
userStatu = UserStatuCache.getInstance().get(bean.getEntityId());
if (userStatu == null || userStatu.isEmpty()) {
@@ -81,6 +82,9 @@ public class UserHandler {
getUserStatuDao().insertEntity(userStatu);
UserStatuCache.getInstance().put(userStatu);
}
if (bean.isNew()) {
((User) bean).setPwd(LoginHelper.encodePwd(bean.getEntityId(), SwConsts.DEF_PWD));
}
}
if (bean instanceof UserParty) {
Set<Long> ur = UserRoleCache.getInstance().getByParty(bean.getEntityId());
@@ -89,6 +93,7 @@ public class UserHandler {
UserRoleCache.getInstance().removeList(ur);
UserRoleCache.getInstance().putList(roleList);
}
super.saveBean(bean);
}
}



+ 1
- 0
smtweb-framework/core/src/main/java/cc/smtweb/framework/core/common/SwConsts.java Переглянути файл

@@ -19,6 +19,7 @@ public interface SwConsts {
String TOTAL_KEY = "total_count";
String DEF_DB_NAME = "sys";

String DEF_PWD = "abc@123456"; //初始密码
String LOGIN_VERIFY_CODE = "_VERIFY_CODE";
String _LOGIN_USER_ID_IN_SESSION = "_LOGIN_USER_ID_IN_SESSION";
}

+ 8
- 0
smtweb-framework/core/src/main/java/cc/smtweb/framework/core/common/SwEnum.java Переглянути файл

@@ -327,4 +327,12 @@ public interface SwEnum {
public static StrEnumBean READ = instance.addEnum("read", "查看");
public static StrEnumBean WRITE = instance.addEnum("write", "修改");
}

class UserStatu extends IntEnum {
public static UserStatu instance = new UserStatu();
public static IntEnumBean NOACT = instance.addEnum(0, "未激活");
public static IntEnumBean NORMAL = instance.addEnum(1, "已激活");
public static IntEnumBean LOCK = instance.addEnum(2, "已锁定");
public static IntEnumBean STOP = instance.addEnum(9, "已停用");
}
}

Завантаження…
Відмінити
Зберегти