lywsvip/likeadmin_java
1
0
Fork 0
mirror of https://gitee.com/likeadmin/likeadmin_java.git synced 2026-06-25 06:30:48 +08:00
Code Issues Packages Projects Releases Wiki Activity

优化: 移动端接入sa-token权限管理依赖

Browse Source
This commit is contained in:
TinyAnts
2023-03-13 18:59:28 +08:00
parent 546889cf6f
commit 3a6f6bef97
38 changed files with 435 additions and 319 deletions
Download Patch File Download Diff File Expand all files Collapse all files

183
server/like-front/src/main/java/com/mdd/front/LikeFrontInterceptor.java
View File

@@ -1,15 +1,16 @@
package com.mdd.front;
import cn.dev33.satoken.stp.StpUtil;
import com.alibaba.fastjson2.JSON;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.mdd.common.aop.NotLogin;
import com.mdd.common.core.AjaxResult;
import com.mdd.common.entity.user.User;
import com.mdd.common.enums.HttpEnum;
import com.mdd.common.exception.LoginException;
import com.mdd.common.mapper.user.UserMapper;
import com.mdd.common.util.RedisUtils;
import com.mdd.common.util.StringUtils;
import com.mdd.common.util.YmlUtils;
import com.mdd.front.config.FrontConfig;
import org.jetbrains.annotations.NotNull;
import org.springframework.lang.NonNull;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
@@ -18,8 +19,7 @@ import org.springframework.web.servlet.HandlerInterceptor;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Arrays;
import java.util.List;
import java.lang.reflect.Method;
/**
* 拦截器
@@ -30,85 +30,49 @@ public class LikeFrontInterceptor implements HandlerInterceptor {
@Resource
UserMapper userMapper;
/**
* 前置处理器
*
* @param request 请求
* @param response 响应
* @param handler 处理
* @return boolean
* @throws Exception 异常
*/
@Override
public boolean preHandle(@NonNull HttpServletRequest request,
@NonNull HttpServletResponse response,
@NonNull Object handler) throws Exception {
// 判断请求接口
response.setContentType("application/json;charset=utf-8");
if (!(handler instanceof HandlerMethod)) {
return HandlerInterceptor.super.preHandle(request, response, handler);
}
// 登录接口
String token = request.getHeader("token");
token = FrontConfig.frontendTokenKey + token;
List<String> notLoginUri = Arrays.asList(FrontConfig.notLoginUri);
if (notLoginUri.contains(request.getRequestURI())) {
if (StringUtils.isNotEmpty(token)) {
Object uid = RedisUtils.get(token);
if (uid != null) {
Integer userId = Integer.parseInt(uid.toString());
LikeFrontThreadLocal.put("userId", userId);
}
}
return HandlerInterceptor.super.preHandle(request, response, handler);
}
// Token是否为空
if (com.baomidou.mybatisplus.core.toolkit.StringUtils.isBlank(token)) {
AjaxResult<Object> result = AjaxResult.failed(HttpEnum.TOKEN_EMPTY.getCode(), HttpEnum.TOKEN_EMPTY.getMsg());
// 登录权限校验
try {
Method method = this.obtainAop(handler);
this.checkLogin(method);
} catch (LoginException e) {
AjaxResult<Object> result = AjaxResult.failed(e.getCode(), e.getMsg());
response.getWriter().print(JSON.toJSONString(result));
return false;
}
// Token是否过期
if (!RedisUtils.exists(token)) {
AjaxResult<Object> result = AjaxResult.failed(HttpEnum.TOKEN_INVALID.getCode(), HttpEnum.TOKEN_INVALID.getMsg());
response.getWriter().print(JSON.toJSONString(result));
return false;
}
// 用户信息缓存
Object uid = RedisUtils.get(token);
Integer userId = Integer.parseInt(uid.toString());
User user = userMapper.selectOne(new QueryWrapper<User>()
.select("id,sn,username,nickname,mobile,is_disable,is_delete")
.eq("id", userId)
.last("limit 1"));
// 校验用户被删除
if (user.getIsDelete().equals(1)) {
AjaxResult<Object> result = AjaxResult.failed(HttpEnum.TOKEN_INVALID.getCode(), HttpEnum.TOKEN_INVALID.getMsg());
response.getWriter().print(JSON.toJSONString(result));
return false;
}
// 校验用户被禁用
if (user.getIsDisable().equals(1)) {
AjaxResult<Object> result = AjaxResult.failed(HttpEnum.LOGIN_DISABLE_ERROR.getCode(), HttpEnum.LOGIN_DISABLE_ERROR.getMsg());
response.getWriter().print(JSON.toJSONString(result));
return false;
}
// 令牌自动续签
int tokenRenewTime = Integer.parseInt(YmlUtils.get("like.token-renew-time"));
if (RedisUtils.ttl(token) < tokenRenewTime) {
long tokenValidTime = Long.parseLong(YmlUtils.get("like.token-valid-time"));
RedisUtils.expire(token, tokenValidTime);
}
// 写入本地线程
LikeFrontThreadLocal.put("userId", user.getId());
LikeFrontThreadLocal.put("userSn", user.getSn());
LikeFrontThreadLocal.put("username", user.getUsername());
LikeFrontThreadLocal.put("nickname", user.getNickname());
LikeFrontThreadLocal.put("mobile", user.getMobile());
// 验证通过继续操作
return HandlerInterceptor.super.preHandle(request, response, handler);
}
/**
* 后置处理器
*
* @param request 请求
* @param response 响应
* @param handler 处理
* @param ex 异常
* @throws Exception 异常
*/
@Override
public void afterCompletion(@NonNull HttpServletRequest request,
@NonNull HttpServletResponse response,
@@ -117,4 +81,91 @@ public class LikeFrontInterceptor implements HandlerInterceptor {
HandlerInterceptor.super.afterCompletion(request, response, handler, ex);
}
/**
* 提取注解
*
* @param handler 处理器
* @return Method
* @throws Exception 异常
*/
private Method obtainAop(@NotNull Object handler) throws Exception {
String[] objArr = handler.toString().split("#");
String methodStr = objArr[1].split("\\(")[0];
String classStr = objArr[0];
Class<?> clazz = Class.forName(classStr);
Method[] methods = clazz.getDeclaredMethods();
for (Method method : methods) {
if (method.getName().equals(methodStr)) {
return method;
}
}
return null;
}
/**
* 登录验证
*
* @param method 方法类
* @author fzr
*/
private void checkLogin(Method method) {
for (int i=0; i<=0; i++) {
// 免登校验
Object id = StpUtil.getLoginId();
if (StringUtils.isNotNull(method) && method.isAnnotationPresent(NotLogin.class)) {
if (StringUtils.isNotNull(id)) {
Integer userId = Integer.parseInt(id.toString());
LikeFrontThreadLocal.put("userId", userId);
}
break;
}
// 令牌校验
String token = StpUtil.getTokenValue();
if (StringUtils.isNull(token) || StringUtils.isBlank(token)) {
Integer errCode = HttpEnum.TOKEN_EMPTY.getCode();
String errMsg = HttpEnum.TOKEN_EMPTY.getMsg();
throw new LoginException(errCode, errMsg);
}
// 登录校验
if (StringUtils.isNull(id)) {
Integer errCode = HttpEnum.TOKEN_INVALID.getCode();
String errMsg = HttpEnum.TOKEN_INVALID.getMsg();
throw new LoginException(errCode, errMsg);
}
// 用户信息缓存
Integer userId = Integer.parseInt(id.toString());
User user = userMapper.selectOne(new QueryWrapper<User>()
.select("id,sn,username,nickname,mobile,is_disable")
.eq("id", userId)
.eq("is_delete", 0)
.last("limit 1"));
// 删除校验
if (StringUtils.isNull(user)) {
Integer errCode = HttpEnum.TOKEN_INVALID.getCode();
String errMsg = HttpEnum.TOKEN_INVALID.getMsg();
throw new LoginException(errCode, errMsg);
}
// 禁用校验
if (user.getIsDisable().equals(1)) {
Integer errCode = HttpEnum.LOGIN_DISABLE_ERROR.getCode();
String errMsg = HttpEnum.LOGIN_DISABLE_ERROR.getMsg();
throw new LoginException(errCode, errMsg);
}
// 写入线程
LikeFrontThreadLocal.put("userId", user.getId());
LikeFrontThreadLocal.put("userSn", user.getSn());
LikeFrontThreadLocal.put("username", user.getUsername());
LikeFrontThreadLocal.put("nickname", user.getNickname());
LikeFrontThreadLocal.put("mobile", user.getMobile());
}
}
}

27
server/like-front/src/main/java/com/mdd/front/cache/ScanLoginCache.java vendored Normal file
View File

@@ -0,0 +1,27 @@
package com.mdd.front.cache;
import com.mdd.common.util.RedisUtils;
import com.mdd.common.util.StringUtils;
/**
* 微信扫码登录缓存
*/
public class ScanLoginCache {
private static final String KEY = "wechat:scan:login:";
public static String get(String sessionId) {
Object o = RedisUtils.get(KEY+sessionId);
if (StringUtils.isNull(o)) {
return "";
}
RedisUtils.del(KEY+sessionId);
return o.toString();
}
public static void set(String sessionId, String state) {
RedisUtils.set(KEY+sessionId, state, 600);
}
}

40
server/like-front/src/main/java/com/mdd/front/config/FrontConfig.java
View File

@@ -1,40 +0,0 @@
package com.mdd.front.config;
/**
* 前台公共配置
*/
public class FrontConfig {
// 登录缓存键
public static final String frontendTokenKey = "frontend:token:";
// 免登录验证
public static String[] notLoginUri = new String[]{
"/api/index",
"/api/config",
"/api/policy",
"/api/search",
"/api/hotSearch",
"/api/decorate",
"/api/sms/send",
"/api/upload/image",
"/api/login/check",
"/api/login/codeUrl",
"/api/login/oaLogin",
"/api/login/register",
"/api/login/forgotPassword",
"/api/article/category",
"/api/article/detail",
"/api/article/list",
"/api/pc/getConfig",
"/api/pc/index",
"/api/pc/articleCenter",
"/api/pc/articleDetail",
"/api/login/getScanCode",
"/api/login/scanLogin",
};
}

5
server/like-front/src/main/java/com/mdd/front/controller/ArticleController.java
View File

@@ -1,5 +1,6 @@
package com.mdd.front.controller;
import com.mdd.common.aop.NotLogin;
import com.mdd.common.core.AjaxResult;
import com.mdd.common.core.PageResult;
import com.mdd.common.validator.annotation.IDMust;
@@ -16,6 +17,7 @@ import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;
import javax.annotation.Resource;
import javax.validation.constraints.NotNull;
import java.util.List;
/**
@@ -34,6 +36,7 @@ public class ArticleController {
* @author fzr
* @return AjaxResult<List<ArticleCateVo>>
*/
@NotLogin
@GetMapping("/category")
public AjaxResult<List<ArticleCateVo>> category() {
List<ArticleCateVo> list = iArticleService.category();
@@ -46,6 +49,7 @@ public class ArticleController {
* @author fzr
* @return AjaxResult<PageResult<ArticleListVo>>
*/
@NotLogin
@GetMapping("/list")
public AjaxResult<PageResult<ArticleListedVo>> list(@Validated PageValidate pageValidate,
@Validated ArticleSearchValidate searchValidate) {
@@ -60,6 +64,7 @@ public class ArticleController {
* @author fzr
* @return AjaxResult<ArticleDetailVo>
*/
@NotLogin
@GetMapping("/detail")
public AjaxResult<ArticleDetailVo> detail(@Validated @IDMust() @RequestParam("id") Integer id) {
Integer userId = LikeFrontThreadLocal.getUserId();

7
server/like-front/src/main/java/com/mdd/front/controller/IndexController.java
View File

@@ -1,5 +1,6 @@
package com.mdd.front.controller;
import com.mdd.common.aop.NotLogin;
import com.mdd.common.core.AjaxResult;
import com.mdd.common.core.PageResult;
import com.mdd.common.validator.annotation.IDMust;
@@ -32,6 +33,7 @@ public class IndexController {
* @author fzr
* @return AjaxResult<Map<String, Object>>
*/
@NotLogin
@GetMapping("/index")
public AjaxResult<Map<String, Object>> index() {
Map<String, Object> detail = iIndexService.index();
@@ -45,6 +47,7 @@ public class IndexController {
* @param id 主键
* @return AjaxResult<Map<String, Object>>
*/
@NotLogin
@GetMapping("/decorate")
public AjaxResult<Map<String, Object>> decorate(@Validated @IDMust() @RequestParam("id") Integer id) {
Map<String, Object> detail = iIndexService.decorate(id);
@@ -57,6 +60,7 @@ public class IndexController {
* @author fzr
* @return AjaxResult<Map<String, Object>>
*/
@NotLogin
@GetMapping("/config")
public AjaxResult<Map<String, Object>> config() {
Map<String, Object> map = iIndexService.config();
@@ -70,6 +74,7 @@ public class IndexController {
* @param type 类型 service=服务协议,privacy=隐私协议
* @return AjaxResult<Map<String, String>>
*/
@NotLogin
@GetMapping("/policy")
public AjaxResult<Map<String, String>> policy(@RequestParam String type) {
Map<String, String> map = iIndexService.policy(type);
@@ -82,6 +87,7 @@ public class IndexController {
* @author fzr
* @return AjaxResult<List<String>>
*/
@NotLogin
@GetMapping("/hotSearch")
public AjaxResult<List<String>> hotSearch() {
List<String> list = iIndexService.hotSearch();
@@ -96,6 +102,7 @@ public class IndexController {
* @param params 搜素参数
* @return AjaxResult<PageResult<ArticleListVo>>
*/
@NotLogin
@GetMapping("/search")
public AjaxResult<PageResult<ArticleListedVo>> search(@Validated PageValidate pageValidate,
@RequestParam Map<String, String> params) {

8
server/like-front/src/main/java/com/mdd/front/controller/LoginController.java
View File

@@ -1,6 +1,7 @@
package com.mdd.front.controller;
import com.baomidou.mybatisplus.core.toolkit.Assert;
import com.mdd.common.aop.NotLogin;
import com.mdd.common.core.AjaxResult;
import com.mdd.common.enums.ClientEnum;
import com.mdd.common.util.StringUtils;
@@ -37,6 +38,7 @@ public class LoginController {
* @param registerValidate 参数
* @return AjaxResult<Object>
*/
@NotLogin
@PostMapping("/register")
public AjaxResult<Object> register(@Validated @RequestBody RegisterValidate registerValidate) {
iLoginService.register(registerValidate);
@@ -50,6 +52,7 @@ public class LoginController {
* @param params 参数
* @return AjaxResult<LoginTokenVo>
*/
@NotLogin
@PostMapping("/check")
public AjaxResult<LoginTokenVo> check(@RequestBody Map<String, String> params) {
Assert.notNull(params.get("scene"), "scene参数缺失!");
@@ -81,6 +84,7 @@ public class LoginController {
* @param oaLoginValidate 参数
* @return AjaxResult<LoginTokenVo>
*/
@NotLogin
@PostMapping("/oaLogin")
public AjaxResult<LoginTokenVo> oaLogin(@Validated @RequestBody OaLoginValidate oaLoginValidate) {
String code = oaLoginValidate.getCode();
@@ -98,6 +102,7 @@ public class LoginController {
* @param url 连接
* @return AjaxResult<LoginCodesVo>
*/
@NotLogin
@GetMapping("/codeUrl")
public AjaxResult<LoginUrlsVo> codeUrl(@RequestParam String url) {
Assert.notNull(url, "url参数不能为空");
@@ -114,6 +119,7 @@ public class LoginController {
* @param forgetPwdValidate 参数
* @return AjaxResult<Object>
*/
@NotLogin
@PostMapping("/forgotPassword")
public AjaxResult<Object> forgotPassword(@Validated @RequestBody ForgetPwdValidate forgetPwdValidate) {
iLoginService.forgotPassword(forgetPwdValidate);
@@ -127,6 +133,7 @@ public class LoginController {
* @param session session
* @return AjaxResult<LoginUrlsVo>
*/
@NotLogin
@GetMapping("/getScanCode")
public AjaxResult<LoginUrlsVo> getScanCode(@RequestParam String url, HttpSession session) {
String qrcodeUrl = iLoginService.getScanCode(url, session);
@@ -142,6 +149,7 @@ public class LoginController {
* @param scanLoginValidate 参数
* @return AjaxResult<Object>
*/
@NotLogin
@PostMapping("/scanLogin")
public AjaxResult<Object> scanLogin(@Validated @RequestBody ScanLoginValidate scanLoginValidate, HttpSession session) {
LoginTokenVo vo = iLoginService.scanLogin(scanLoginValidate, session);

5
server/like-front/src/main/java/com/mdd/front/controller/PcController.java
View File

@@ -1,5 +1,6 @@
package com.mdd.front.controller;
import com.mdd.common.aop.NotLogin;
import com.mdd.common.core.AjaxResult;
import com.mdd.common.validator.annotation.IDMust;
import com.mdd.front.LikeFrontThreadLocal;
@@ -32,6 +33,7 @@ public class PcController {
* @author cjh
* @return AjaxResult<Map<String, Object>>
*/
@NotLogin
@GetMapping("/index")
public AjaxResult<Map<String,Object>> index() {
Map<String, Object> index = iPcService.index();
@@ -43,6 +45,7 @@ public class PcController {
* @author cjh
* @return AjaxResult<Map<String, Object>>
*/
@NotLogin
@GetMapping("/getConfig")
public AjaxResult<Map<String, Object>> getConfig() {
Map<String, Object> config = iPcService.getConfig();
@@ -55,6 +58,7 @@ public class PcController {
* @author fzr
* @return AjaxResult<List<PcArticleCenterVo>>
*/
@NotLogin
@GetMapping("/articleCenter")
public AjaxResult<List<PcArticleCenterVo>> articleCenter() {
List<PcArticleCenterVo> list = iPcService.articleCenter();
@@ -68,6 +72,7 @@ public class PcController {
* @param id 文章主键
* @return AjaxResult<PcArticleDetailVo>
*/
@NotLogin
@GetMapping("/articleDetail")
public AjaxResult<PcArticleDetailVo> articleDetail(@Validated @IDMust() @RequestParam("id") Integer id) {
Integer userId = LikeFrontThreadLocal.getUserId();

4
server/like-front/src/main/java/com/mdd/front/controller/SmsController.java
View File

@@ -9,7 +9,7 @@ import com.mdd.common.mapper.notice.NoticeRecordMapper;
import com.mdd.common.plugin.notice.NoticeDriver;
import com.mdd.common.plugin.notice.vo.NoticeSmsVo;
import com.mdd.common.util.StringUtils;
import com.mdd.common.util.ToolsUtils;
import com.mdd.common.util.ToolUtils;
import com.mdd.front.validate.commons.SmsValidate;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.PostMapping;
@@ -57,7 +57,7 @@ public class SmsController {
.setMobile(smsValidate.getMobile())
.setExpire(900)
.setParams(new String[] {
"code:" + ToolsUtils.randomInt(4)
"code:" + ToolUtils.randomInt(4)
});
NoticeDriver.handle(params);

2
server/like-front/src/main/java/com/mdd/front/controller/UploadController.java
View File

@@ -1,5 +1,6 @@
package com.mdd.front.controller;
import com.mdd.common.aop.NotLogin;
import com.mdd.common.core.AjaxResult;
import com.mdd.common.enums.AlbumEnum;
import com.mdd.common.exception.OperateException;
@@ -28,6 +29,7 @@ public class UploadController {
* @param request 请求对象
* @return AjaxResult<UploadFilesVo>
*/
@NotLogin
@PostMapping("/image")
public AjaxResult<UploadFilesVo> image(HttpServletRequest request) {
MultipartFile multipartFile;

6
server/like-front/src/main/java/com/mdd/front/service/impl/IndexServiceImpl.java
View File

@@ -133,11 +133,11 @@ public class IndexServiceImpl implements IIndexService {
// 登录配置
Map<String, Object> loginMap = new LinkedHashMap<>();
Map<String, String> loginConfig = ConfigUtils.get("login");
loginMap.put("loginWay", ArrayUtils.stringToListAsInt(loginConfig.getOrDefault("loginWay", ""), ","));
loginMap.put("loginWay", ListUtils.stringToListAsInt(loginConfig.getOrDefault("loginWay", ""), ","));
loginMap.put("forceBindMobile", Integer.parseInt(loginConfig.getOrDefault("forceBindMobile", "0")));
loginMap.put("openAgreement", Integer.parseInt(loginConfig.getOrDefault("openAgreement", "0")));
loginMap.put("openOtherAuth", Integer.parseInt(loginConfig.getOrDefault("openOtherAuth", "0")));
loginMap.put("autoLoginAuth", ArrayUtils.stringToListAsInt(loginConfig.getOrDefault("autoLoginAuth", ""), ","));
loginMap.put("autoLoginAuth", ListUtils.stringToListAsInt(loginConfig.getOrDefault("autoLoginAuth", ""), ","));
// 网址信息
Map<String, Object> websiteMap = new LinkedHashMap<>();
@@ -156,7 +156,7 @@ public class IndexServiceImpl implements IIndexService {
// 响应数据
response.put("version", GlobalConfig.version);
response.put("domain", UrlUtils.domain());
response.put("style", ToolsUtils.jsonToMap(tabbarStyle));
response.put("style", MapUtils.jsonToMap(tabbarStyle));
response.put("tabbar", tabs);
response.put("login", loginMap);
response.put("website", websiteMap);

66
server/like-front/src/main/java/com/mdd/front/service/impl/LoginServiceImpl.java
View File

@@ -2,6 +2,7 @@ package com.mdd.front.service.impl;
import cn.binarywang.wx.miniapp.api.WxMaService;
import cn.binarywang.wx.miniapp.bean.WxMaJscode2SessionResult;
import cn.dev33.satoken.stp.StpUtil;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.core.toolkit.Assert;
import com.mdd.common.entity.user.User;
@@ -13,6 +14,7 @@ import com.mdd.common.mapper.user.UserAuthMapper;
import com.mdd.common.mapper.user.UserMapper;
import com.mdd.common.plugin.notice.NoticeCheck;
import com.mdd.common.util.*;
import com.mdd.front.cache.ScanLoginCache;
import com.mdd.front.config.FrontConfig;
import com.mdd.front.service.ILoginService;
import com.mdd.front.validate.login.RegisterValidate;
@@ -64,8 +66,8 @@ public class LoginServiceImpl implements ILoginService {
Assert.isNull(model, "账号已存在,换一个吧!");
Integer sn = this.randMakeSn();
String salt = ToolsUtils.randomString(5);
String pwd = ToolsUtils.makeMd5(registerValidate.getPassword()+salt);
String salt = ToolUtils.randomString(5);
String pwd = ToolUtils.makeMd5(registerValidate.getPassword()+salt);
User user = new User();
user.setSn(sn);
@@ -101,14 +103,9 @@ public class LoginServiceImpl implements ILoginService {
.last("limit 1"));
Assert.notNull(user, "账号不存在!");
String pwd = ToolsUtils.makeMd5(password+user.getSalt());
String pwd = ToolUtils.makeMd5(password+user.getSalt());
Assert.isFalse(!pwd.equals(user.getPassword()), "账号或密码错误!");
Assert.isFalse(user.getIsDisable() != 0, "账号已被禁用!");
// 更新登录信息
user.setLastLoginIp(IpUtils.getHostIp());
user.setLastLoginTime(System.currentTimeMillis() / 1000);
userMapper.updateById(user);
Assert.isFalse(!user.getIsDisable().equals(0), "账号已被禁用!");
return this.makeLoginToken(user.getId(), user.getMobile());
}
@@ -143,11 +140,6 @@ public class LoginServiceImpl implements ILoginService {
Assert.notNull(user, "账号不存在!");
Assert.isFalse(user.getIsDisable() != 0, "账号已禁用!");
// 更新登录信息
user.setLastLoginIp(IpUtils.getHostIp());
user.setLastLoginTime(System.currentTimeMillis() / 1000);
userMapper.updateById(user);
return this.makeLoginToken(user.getId(), user.getMobile());
}
@@ -237,8 +229,8 @@ public class LoginServiceImpl implements ILoginService {
// 验证账号
Assert.notNull(user, "账号不存在!");
String salt = ToolsUtils.randomString(5);
String pwd = ToolsUtils.makeMd5(password.trim()+salt);
String salt = ToolUtils.randomString(5);
String pwd = ToolUtils.makeMd5(password.trim()+salt);
// 更新密码
user.setPassword(pwd);
@@ -277,9 +269,10 @@ public class LoginServiceImpl implements ILoginService {
}
// 防止csrf攻击
String state = ToolsUtils.makeUUID().replaceAll("-", "");
RedisUtils.set("wechat-open-state-"+session.getId(), state, 600);
//生成qrcodeUrl
String state = ToolUtils.makeUUID().replaceAll("-", "");
ScanLoginCache.set(session.getId(), state);
//生成QrcodeUrl
return String.format(baseUrl, appId, redirectUrl, state);
}
@@ -288,11 +281,12 @@ public class LoginServiceImpl implements ILoginService {
*
* @author fzr
* @param scanLoginValidate 参数
* @param session 当前会话
*/
@Override
public LoginTokenVo scanLogin(ScanLoginValidate scanLoginValidate, HttpSession session) {
Object o = RedisUtils.get("wechat-open-state-"+session.getId());
if (StringUtils.isNull(o) || !o.toString().equals(scanLoginValidate.getState())) {
// 验证唯一标识是否过期
if (ScanLoginCache.get(session.getId()).equals(scanLoginValidate.getState())) {
throw new OperateException("二维码已失效或不存在,请重新操作");
}
@@ -312,7 +306,7 @@ public class LoginServiceImpl implements ILoginService {
try {
String accessTokenUrl = String.format(baseAccessTokenUrl, appId, appSecret, code);
String result = HttpUtils.sendGet(accessTokenUrl);
resultMap = ToolsUtils.jsonToMap(result);
resultMap = MapUtils.jsonToMap(result);
} catch (Exception e) {
throw new OperateException("获取access_token失败:"+e.getMessage());
}
@@ -325,7 +319,7 @@ public class LoginServiceImpl implements ILoginService {
Map<String, String> userinfoMap;
try {
String resultUserInfo = HttpUtils.sendGet(userInfoUrl);
userinfoMap = ToolsUtils.jsonToMap(resultUserInfo);
userinfoMap = MapUtils.jsonToMap(resultUserInfo);
} catch (Exception e) {
throw new OperateException("获取用户信息失败:"+e.getMessage());
}
@@ -333,7 +327,6 @@ public class LoginServiceImpl implements ILoginService {
String openId = userinfoMap.get("openid");
String uniId = userinfoMap.get("unionid");
String unionId = uniId == null ? "0" : uniId;
RedisUtils.del("wechat-open-state-"+session.getId());
return this.userService(openId, unionId, ClientEnum.PC.getCode());
}
@@ -346,16 +339,20 @@ public class LoginServiceImpl implements ILoginService {
* @return LoginTokenVo
*/
private LoginTokenVo makeLoginToken(Integer userId, String mobile) {
mobile = StringUtils.isNull(mobile) ? "" : mobile;
// 实现账号登录
StpUtil.login(userId);
String token = ToolsUtils.makeToken();
int tokenValidTime = Integer.parseInt(YmlUtils.get("like.token-valid-time"));
RedisUtils.set(FrontConfig.frontendTokenKey+token, userId, tokenValidTime);
// 更新登录信息
User user = new User();
user.setLastLoginIp(IpUtils.getHostIp());
user.setLastLoginTime(System.currentTimeMillis() / 1000);
userMapper.update(user, new QueryWrapper<User>().eq("id", userId));
// 返回登录信息
LoginTokenVo vo = new LoginTokenVo();
vo.setId(userId);
vo.setIsBindMobile(!mobile.equals(""));
vo.setToken(token);
vo.setIsBindMobile(!StringUtils.isEmpty(mobile));
vo.setToken(StpUtil.getTokenValue());
return vo;
}
@@ -433,11 +430,6 @@ public class LoginServiceImpl implements ILoginService {
auth.setUnionid(unionId);
userAuthMapper.updateById(userAuth);
}
// 更新登录信息
user.setLastLoginIp(IpUtils.getHostIp());
user.setLastLoginTime(System.currentTimeMillis() / 1000);
userMapper.updateById(user);
}
return this.makeLoginToken(userId, user.getMobile());
@@ -452,9 +444,9 @@ public class LoginServiceImpl implements ILoginService {
private Integer randMakeSn() {
Integer sn;
while (true) {
sn = Integer.parseInt(ToolsUtils.randomInt(8));
sn = Integer.parseInt(ToolUtils.randomInt(8));
User snModel = userMapper.selectOne(new QueryWrapper<User>()
.select("id,sn,username")
.select("id,sn")
.eq("sn", sn)
.last("limit 1"));
if (snModel == null) {

6
server/like-front/src/main/java/com/mdd/front/service/impl/PcServiceImpI.java
View File

@@ -133,17 +133,17 @@ public class PcServiceImpI implements IPcService {
// 登录配置
Map<String, Object> loginMap = new LinkedHashMap<>();
Map<String, String> loginConfig = ConfigUtils.get("login");
loginMap.put("loginWay", ArrayUtils.stringToListAsInt(loginConfig.getOrDefault("loginWay", ""), ","));
loginMap.put("loginWay", ListUtils.stringToListAsInt(loginConfig.getOrDefault("loginWay", ""), ","));
loginMap.put("forceBindMobile", Integer.parseInt(loginConfig.getOrDefault("forceBindMobile", "0")));
loginMap.put("openOtherAuth", Integer.parseInt(loginConfig.getOrDefault("openOtherAuth", "0")));
loginMap.put("openAgreement", Integer.parseInt(loginConfig.getOrDefault("openAgreement", "0")));
loginMap.put("autoLoginAuth", ArrayUtils.stringToListAsInt(loginConfig.getOrDefault("autoLoginAuth", ""), ","));
loginMap.put("autoLoginAuth", ListUtils.stringToListAsInt(loginConfig.getOrDefault("autoLoginAuth", ""), ","));
// 网址信息
Map<String, Object> websiteMap = new LinkedHashMap<>();
Map<String, String> websiteConfig = ConfigUtils.get("website");
String copyright = websiteConfig.getOrDefault("copyright", "[]");
List<Map<String, String>> copyrightMap = ArrayUtils.stringToListAsMapStr(copyright);
List<Map<String, String>> copyrightMap = ListUtils.stringToListAsMapStr(copyright);
websiteMap.put("shopName", websiteConfig.getOrDefault("shopName", "LikeAdmin"));
websiteMap.put("shopLogo", UrlUtils.toAbsoluteUrl(websiteConfig.getOrDefault("shopLogo", "")));

6
server/like-front/src/main/java/com/mdd/front/service/impl/UserServiceImpl.java
View File

@@ -184,14 +184,14 @@ public class UserServiceImpl implements IUserService {
if (!user.getPassword().equals("")) {
Assert.notNull(oldPassword, "oldPassword参数缺失");
String oldPwd = ToolsUtils.makeMd5(oldPassword.trim() + user.getSalt());
String oldPwd = ToolUtils.makeMd5(oldPassword.trim() + user.getSalt());
if (!oldPwd.equals(user.getPassword())) {
throw new OperateException("原密码不正确!");
}
}
String salt = ToolsUtils.randomString(5);
String pwd = ToolsUtils.makeMd5(password.trim()+salt);
String salt = ToolUtils.randomString(5);
String pwd = ToolUtils.makeMd5(password.trim()+salt);
User u = new User();
u.setId(userId);