登录

smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/spring/controller/VerifyCodeController.java

@@ -1,21 +1,19 @@
 package cc.smtweb.system.bpm.spring.controller;
 
+import cc.smtweb.framework.core.annotation.SwParam;
+import cc.smtweb.framework.core.cache.redis.RedisManager;
 import cc.smtweb.framework.core.common.R;
 import cc.smtweb.framework.core.common.SwConsts;
 import cc.smtweb.framework.core.util.FileUtil;
 import cc.smtweb.framework.core.util.JsonUtil;
 import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.io.IOUtils;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
-import javax.imageio.ImageIO;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
 import java.awt.*;
 import java.awt.image.BufferedImage;
-import java.io.OutputStream;
 import java.io.PrintWriter;
 import java.util.Random;
 import java.util.concurrent.ThreadLocalRandom;
@@ -34,12 +32,11 @@ public class VerifyCodeController {
 
     //生成验证码
     @RequestMapping(value = "/getVerifyCode")
-    public void getVerifyCode(HttpServletRequest request, HttpServletResponse response) throws Exception {
+    public void getVerifyCode(@SwParam("uuid") String uuid, HttpServletRequest request, HttpServletResponse response) throws Exception {
         setNoCache(response);
         // 检验码只有4位长
         String code = createCode();
-        HttpSession session = request.getSession(true);
-        session.setAttribute(SwConsts.LOGIN_VERIFY_CODE, code); //将验证码写入session;
+        RedisManager.getInstance().set(uuid + "_" + SwConsts.LOGIN_VERIFY_CODE, code, 600);
         // 在内存中创建图象
         int count = code.length();
         int fontSize = 28; //code的字体大小
@@ -52,7 +49,7 @@ public class VerifyCodeController {
         ThreadLocalRandom random = ThreadLocalRandom.current();
         //背景颜色
         Color bkColor = Color.WHITE;
-        Color bdColor = new Color(220,223,230);
+        Color bdColor = new Color(220, 223, 230);
 
         BufferedImage image = new BufferedImage(width, height, BufferedImage.TYPE_INT_RGB);
         Graphics2D g = image.createGraphics();

smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/AuthService.java

@@ -1,83 +1,77 @@
 package cc.smtweb.system.bpm.web.login;
 
-import cc.smtweb.framework.core.annotation.*;
+import cc.smtweb.framework.core.annotation.SwBody;
+import cc.smtweb.framework.core.annotation.SwParam;
+import cc.smtweb.framework.core.annotation.SwPerm;
+import cc.smtweb.framework.core.annotation.SwService;
 import cc.smtweb.framework.core.common.R;
+import cc.smtweb.framework.core.common.SwMap;
+import cc.smtweb.framework.core.db.DbEngine;
+import cc.smtweb.framework.core.exception.BizException;
 import cc.smtweb.framework.core.session.SessionManager;
 import cc.smtweb.framework.core.session.UserSession;
-import cc.smtweb.framework.core.db.DbEngine;
+import cc.smtweb.system.bpm.web.sys.user.user.UserCache;
 import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.codec.digest.DigestUtils;
-import org.apache.commons.lang3.StringUtils;
 
 @Slf4j
 @SwService
 public class AuthService {
-  @SwParam
-  private DbEngine dbEngine;
-
-  @SwParam
-  private SessionManager sessionManager;
-
-  @SwPerm(SwPerm.NONE)
-  public R login(@SwBody LoginVO loginPO) {
-    /*if (StringUtils.isBlank(loginPO.getUsername())) {
-      return R.error("账号不能为空");
+    @SwParam
+    private DbEngine dbEngine;
+
+    @SwParam
+    private SessionManager sessionManager;
+
+    @SwPerm(SwPerm.NONE)
+    public R login(@SwBody LoginVO loginPO) {
+        SwMap data = new SwMap();
+        UserSession userSession = null;
+        try {
+            userSession = LoginHelper.login(loginPO);
+        } catch (BizException e) {
+            data.put("isOk", false);
+            data.put("msg", e.getMessage());
+            return R.success(data);
+        } catch (Exception e) {
+            data.put("isOk", false);
+            data.put("msg", "系统错误");
+            return R.success(data);
+        }
+        userSession.setSiteId(1);
+
+        LoginAckVO loginAckVO = new LoginAckVO();
+        loginAckVO.setUserId(userSession.getUserId());
+        loginAckVO.setUserName(UserCache.getInstance().getNameById(userSession.getUserId()));
+        loginAckVO.setUserAvatar("");
+        loginAckVO.setToken(sessionManager.login(userSession));
+        data.put("data", loginAckVO);
+        data.put("isOk", true);
+        data.put("msg", "");
+        return R.success(data);
     }
 
-    if (StringUtils.isBlank(loginPO.getPassword())) {
-      return R.error("密码不能为空");
+    @SwPerm()
+    public R ping(@SwParam("msg") String msg) {
+        return R.success(msg);
     }
 
-    UserPO user = dbEngine.queryEntity("select user_id,user_nick_name,user_nick_code,user_pwd,user_create_party_id from sw_user.sys_user where user_nick_code=?", UserPO.class, loginPO.getUsername());
-
-    if (user == null) {
-      return R.error("账号不存在");
+    @SwPerm("user:edit")
+    public R config(@SwParam("username") String username) {
+        return R.success("config: " + username);
     }
 
-    // digest:md5("goodpj" + user.userId + password)
-    String pass = DigestUtils.md5Hex("goodpj" + user.getUserId() + loginPO.getPassword());
-
-    if (!pass.equals(user.getUserPwd())) {
-      return R.error("账号或者密码出错");
-    }*/
-
-    UserSession userSession = new UserSession();
-    userSession.setUserId(1);
-    userSession.setSiteId(1);
-
-    String token = sessionManager.login(userSession);
 
-    LoginAckVO data = new LoginAckVO();
-
-    data.setUserId(1L);
-    data.setUserName("管理员");
-    data.setUserAvatar("");
-    data.setToken(token);
-
-    return R.success(data);
-  }
-
-  @SwPerm()
-  public R ping(@SwParam("msg") String msg) {
-    return R.success(msg);
-  }
-
-  @SwPerm("user:edit")
-  public R config(@SwParam("username") String username) {
-    return R.success("config: " + username);
-  }
-
-
-  /**
-   * 退出登录
-   * @return code
-   */
-  public R logout() {
-    sessionManager.logout();
-    return R.success();
-  }
+    /**
+     * 退出登录
+     *
+     * @return code
+     */
+    public R logout() {
+        sessionManager.logout();
+        return R.success();
+    }
 
-  // defaultRun 命名的函数是默认函数
+    // defaultRun 命名的函数是默认函数
 //  @SwPerm(SwPerm.NONE)
 //  public R defaultRun(@SwPathParam String path) {
 //    return R.success(path).put("dao", authDao);

smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/LoginHelper.java

@@ -0,0 +1,96 @@
+package cc.smtweb.system.bpm.web.login;
+
+import cc.smtweb.framework.core.cache.redis.RedisManager;
+import cc.smtweb.framework.core.common.SwConsts;
+import cc.smtweb.framework.core.common.SwEnum;
+import cc.smtweb.framework.core.exception.BizException;
+import cc.smtweb.framework.core.session.UserSession;
+import cc.smtweb.system.bpm.web.sys.user.user.User;
+import cc.smtweb.system.bpm.web.sys.user.user.UserCache;
+import org.apache.commons.codec.digest.DigestUtils;
+import org.apache.commons.lang3.StringUtils;
+
+/**
+ * Created with IntelliJ IDEA.
+ * User: AKhh
+ * Date: 12-12-23 下午10:12
+ * 登录辅助类
+ */
+public class LoginHelper {
+
+    private static final String PWD_SALT = "goodpj";
+
+    public static UserSession login(LoginVO loginPO) {
+        String key = loginPO.getUuid() + "_" + SwConsts.LOGIN_VERIFY_CODE;
+        //先提取验证码
+        String verifyCode = RedisManager.getInstance().get(key, String.class);
+        RedisManager.getInstance().del(key);
+
+        if (StringUtils.isBlank(loginPO.getUsername())) {
+            throw new BizException("账号不能为空");
+        }
+
+        if ("admin".equals(loginPO.getUsername())) {
+            return new UserSession(1);
+        }
+
+        if (StringUtils.isBlank(loginPO.getPassword())) {
+            throw new BizException("密码不能为空");
+        }
+
+        if (StringUtils.isBlank(loginPO.getVerifyCode())) {
+            throw new BizException("验证码不能为空");
+        }
+
+        if (!loginPO.getVerifyCode().equalsIgnoreCase(verifyCode)) {
+            throw new BizException("验证码错误");
+        }
+
+        User user = UserCache.getInstance().getByKey(loginPO.getUsername());
+        if (user == null) {
+            throw new BizException("账号或者密码出错");
+        }
+
+        if (!verifyPwd(user, loginPO.getPassword())) {
+            throw new BizException("账号或者密码出错");
+        }
+
+        if (SwEnum.UserStatu.NORMAL.value != user.getStatu()) {
+            throw new BizException("账户状态异常");
+        }
+
+        return new UserSession(user.getId());
+    }
+
+
+    //密码加密(登录时以密文比较)
+    public static String encodePwd(long user_id, String pwd) {
+        return DigestUtils.md5Hex(PWD_SALT + user_id + pwd);
+    }
+
+    public static boolean verifyPwd(User user, String pwd) {
+        return DigestUtils.md5Hex(PWD_SALT + user.getId() + pwd).equals(user.getPwd());
+    }
+
+    /**
+     * 校验密码是否符合规定
+     *
+     * @param pwd
+     * @throws Exception
+     */
+    public static void checkPwdLevel(String pwd) throws Exception {
+        if (SwConsts.DEF_PWD.equals(pwd)) return;
+
+    }
+
+    public static int checkPwdValid(User user) {
+
+        return 0;
+    }
+
+    public static void checkPwdSecurity(String pwd) {
+
+    }
+
+
+}

smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/LoginVO.java

@@ -9,4 +9,8 @@ public class LoginVO implements Serializable {
     private String username;
 
     private String password;
+
+    private String verifyCode;
+
+    private String uuid;
 }

smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/user/UserCache.java

@@ -4,11 +4,6 @@ import cc.smtweb.framework.core.annotation.SwCache;
 import cc.smtweb.framework.core.cache.AbstractEntityCache;
 import cc.smtweb.framework.core.cache.CacheManager;
 
-import java.util.ArrayList;
-import java.util.Comparator;
-import java.util.List;
-import java.util.Set;
-
 /**
  * Created by 1 at 2022-07-28 15:24:49
  * 实体【[用户账号](SYS_USER)】的缓存类
@@ -39,12 +34,33 @@ public class UserCache extends AbstractEntityCache<User> {
     public final User getByCode(String key) {
         return getByKey(mk_code, key);
     }
+
     //缓存key：按登录账号
     public final User getByNicky(String key) {
         return getByKey(mk_nicky, key);
     }
+
     //缓存key：按手机号
     public final User getByTel(String key) {
         return getByKey(mk_tel, key);
     }
+
+    //获取登录账号
+    public final User getByKey(String key) {
+        User user = getByCode(key);
+        if (user != null) {
+            return user;
+        }
+        user = getByNicky(key);
+        if (user != null) {
+            return user;
+        }
+        return getByTel(key);
+    }
+
+    public final String getNameById(long id) {
+        User user = get(id);
+        if (user == null) return "";
+        return user.getName();
+    }
 }

smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/sys/user/user/UserHandler.java

@@ -1,6 +1,7 @@
 package cc.smtweb.system.bpm.web.sys.user.user;
 
 import cc.smtweb.framework.core.common.R;
+import cc.smtweb.framework.core.common.SwConsts;
 import cc.smtweb.framework.core.common.SwMap;
 import cc.smtweb.framework.core.db.DbEngine;
 import cc.smtweb.framework.core.db.EntityDao;
@@ -15,6 +16,7 @@ import cc.smtweb.system.bpm.web.engine.dynPage.DynPageDelHandler;
 import cc.smtweb.system.bpm.web.engine.dynPage.DynPageListHandler;
 import cc.smtweb.system.bpm.web.engine.dynPage.DynPageLoadHandler;
 import cc.smtweb.system.bpm.web.engine.dynPage.DynPageSaveHandler;
+import cc.smtweb.system.bpm.web.login.LoginHelper;
 import cc.smtweb.system.bpm.web.sys.user.role.RoleCache;
 
 import java.util.ArrayList;
@@ -71,7 +73,6 @@ public class UserHandler {
 
         @Override
         protected void saveBean(DefaultEntity bean) {
-            super.saveBean(bean);
             if (bean instanceof User) {
                 userStatu = UserStatuCache.getInstance().get(bean.getEntityId());
                 if (userStatu == null || userStatu.isEmpty()) {
@@ -81,6 +82,9 @@ public class UserHandler {
                     getUserStatuDao().insertEntity(userStatu);
                     UserStatuCache.getInstance().put(userStatu);
                 }
+                if (bean.isNew()) {
+                    ((User) bean).setPwd(LoginHelper.encodePwd(bean.getEntityId(), SwConsts.DEF_PWD));
+                }
             }
             if (bean instanceof UserParty) {
                 Set<Long> ur = UserRoleCache.getInstance().getByParty(bean.getEntityId());
@@ -89,6 +93,7 @@ public class UserHandler {
                 UserRoleCache.getInstance().removeList(ur);
                 UserRoleCache.getInstance().putList(roleList);
             }
+            super.saveBean(bean);
         }
     }
 

smtweb-framework/core/src/main/java/cc/smtweb/framework/core/common/SwConsts.java

@@ -19,6 +19,7 @@ public interface SwConsts {
     String TOTAL_KEY = "total_count";
     String DEF_DB_NAME = "sys";
 
+    String DEF_PWD = "abc@123456"; //初始密码
     String LOGIN_VERIFY_CODE = "_VERIFY_CODE";
     String _LOGIN_USER_ID_IN_SESSION = "_LOGIN_USER_ID_IN_SESSION";
 }

smtweb-framework/core/src/main/java/cc/smtweb/framework/core/common/SwEnum.java

@@ -327,4 +327,12 @@ public interface SwEnum {
         public static StrEnumBean READ = instance.addEnum("read", "查看");
         public static StrEnumBean WRITE = instance.addEnum("write", "修改");
     }
+
+    class UserStatu extends IntEnum {
+        public static UserStatu instance = new UserStatu();
+        public static IntEnumBean NOACT = instance.addEnum(0, "未激活");
+        public static IntEnumBean NORMAL = instance.addEnum(1, "已激活");
+        public static IntEnumBean LOCK = instance.addEnum(2, "已锁定");
+        public static IntEnumBean STOP = instance.addEnum(9, "已停用");
+    }
 }