master
Gitea 2 weeks ago
parent fb92f4def0
commit 3ceee882d7
  1. 90
      jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginController.java

@ -4,10 +4,12 @@ import cn.hutool.core.util.RandomUtil;
import com.alibaba.fastjson.JSONObject; import com.alibaba.fastjson.JSONObject;
import com.aliyuncs.exceptions.ClientException; import com.aliyuncs.exceptions.ClientException;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.core.toolkit.IdWorker; import com.baomidou.mybatisplus.core.toolkit.IdWorker;
import io.swagger.annotations.Api; import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiOperation;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.ObjectUtils;
import org.apache.shiro.SecurityUtils; import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authz.annotation.RequiresRoles; import org.apache.shiro.authz.annotation.RequiresRoles;
import org.jeecg.common.api.vo.Result; import org.jeecg.common.api.vo.Result;
@ -21,10 +23,7 @@ import org.jeecg.common.util.*;
import org.jeecg.common.util.encryption.EncryptedString; import org.jeecg.common.util.encryption.EncryptedString;
import org.jeecg.config.JeecgBaseConfig; import org.jeecg.config.JeecgBaseConfig;
import org.jeecg.modules.base.service.BaseCommonService; import org.jeecg.modules.base.service.BaseCommonService;
import org.jeecg.modules.system.entity.SysDepart; import org.jeecg.modules.system.entity.*;
import org.jeecg.modules.system.entity.SysRoleIndex;
import org.jeecg.modules.system.entity.SysTenant;
import org.jeecg.modules.system.entity.SysUser;
import org.jeecg.modules.system.model.SysLoginModel; import org.jeecg.modules.system.model.SysLoginModel;
import org.jeecg.modules.system.service.*; import org.jeecg.modules.system.service.*;
import org.jeecg.modules.system.service.impl.SysBaseApiImpl; import org.jeecg.modules.system.service.impl.SysBaseApiImpl;
@ -38,7 +37,6 @@ import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import java.util.*; import java.util.*;
import java.util.stream.Collectors;
/** /**
* @Author scott * @Author scott
@ -58,16 +56,22 @@ public class LoginController {
@Autowired @Autowired
private ISysLogService logService; private ISysLogService logService;
@Autowired @Autowired
private RedisUtil redisUtil; private RedisUtil redisUtil;
@Autowired @Autowired
private ISysDepartService sysDepartService; private ISysDepartService sysDepartService;
@Autowired @Autowired
private ISysDictService sysDictService; private ISysDictService sysDictService;
@Resource @Resource
private BaseCommonService baseCommonService; private BaseCommonService baseCommonService;
@Autowired @Autowired
private JeecgBaseConfig jeecgBaseConfig; private JeecgBaseConfig jeecgBaseConfig;
@Autowired
private ISysUserRoleService sysUserRoleService;
@Autowired
private ISysRoleService sysRoleService;
private final String BASE_CHECK_CODES = "qwertyuiplkjhgfdsazxcvbnmQWERTYUPLKJHGFDSAZXCVBNM1234567890"; private final String BASE_CHECK_CODES = "qwertyuiplkjhgfdsazxcvbnmQWERTYUPLKJHGFDSAZXCVBNM1234567890";
@ApiOperation("登录接口") @ApiOperation("登录接口")
@ -81,19 +85,19 @@ public class LoginController {
} }
// step.1 验证码check // step.1 验证码check
String captcha = sysLoginModel.getCaptcha(); String captcha = sysLoginModel.getCaptcha();
if(captcha==null){ if(captcha==null){
result.error500("验证码无效"); result.error500("验证码无效");
return result; return result;
} }
String lowerCaseCaptcha = captcha.toLowerCase(); String lowerCaseCaptcha = captcha.toLowerCase();
// 加入密钥作为混淆,避免简单的拼接,被外部利用,用户自定义该密钥即可 // 加入密钥作为混淆,避免简单的拼接,被外部利用,用户自定义该密钥即可
String origin = lowerCaseCaptcha+sysLoginModel.getCheckKey()+jeecgBaseConfig.getSignatureSecret(); String origin = lowerCaseCaptcha+sysLoginModel.getCheckKey()+jeecgBaseConfig.getSignatureSecret();
String realKey = Md5Util.md5Encode(origin, "utf-8"); String realKey = Md5Util.md5Encode(origin, "utf-8");
Object checkCode = redisUtil.get(realKey); Object checkCode = redisUtil.get(realKey);
//当进入登录页时,有一定几率出现验证码错误 #1714 //当进入登录页时,有一定几率出现验证码错误 #1714
if(checkCode==null || !checkCode.toString().equals(lowerCaseCaptcha)) { if(checkCode==null || !checkCode.toString().equals(lowerCaseCaptcha)) {
log.warn("验证码错误,key= {} , Ui checkCode= {}, Redis checkCode = {}", sysLoginModel.getCheckKey(), lowerCaseCaptcha, checkCode); log.warn("验证码错误,key= {} , Ui checkCode= {}, Redis checkCode = {}", sysLoginModel.getCheckKey(), lowerCaseCaptcha, checkCode);
result.error500("验证码错误"); result.error500("验证码错误");
// 改成特殊的code 便于前端判断 // 改成特殊的code 便于前端判断
result.setCode(HttpStatus.PRECONDITION_FAILED.value()); result.setCode(HttpStatus.PRECONDITION_FAILED.value());
@ -162,6 +166,14 @@ public class LoginController {
//update-end---author:scott ---date::2022-06-20 for:vue3前端,支持自定义首页-------------- //update-end---author:scott ---date::2022-06-20 for:vue3前端,支持自定义首页--------------
log.info("2 获取用户信息耗时 (首页面配置)" + (System.currentTimeMillis() - start) + "毫秒"); log.info("2 获取用户信息耗时 (首页面配置)" + (System.currentTimeMillis() - start) + "毫秒");
List<SysUserRole> userRole = sysUserRoleService.list(new QueryWrapper<SysUserRole>().lambda().eq(SysUserRole::getUserId, sysUser.getId()));
if(ObjectUtils.isNotEmpty(userRole)){
String rollId = userRole.get(0).getRoleId();
SysRole sysRole = sysRoleService.getById(rollId);
if(ObjectUtils.isNotEmpty(sysRole)){
sysUser.setRoleCode(sysRole.getRoleCode());
}
}
obj.put("userInfo",sysUser); obj.put("userInfo",sysUser);
obj.put("sysAllDictItems", sysDictService.queryAllDictItems()); obj.put("sysAllDictItems", sysDictService.queryAllDictItems());
log.info("3 获取用户信息耗时 (字典数据)" + (System.currentTimeMillis() - start) + "毫秒"); log.info("3 获取用户信息耗时 (字典数据)" + (System.currentTimeMillis() - start) + "毫秒");
@ -183,29 +195,29 @@ public class LoginController {
@RequestMapping(value = "/logout") @RequestMapping(value = "/logout")
public Result<Object> logout(HttpServletRequest request,HttpServletResponse response) { public Result<Object> logout(HttpServletRequest request,HttpServletResponse response) {
//用户退出逻辑 //用户退出逻辑
String token = request.getHeader(CommonConstant.X_ACCESS_TOKEN); String token = request.getHeader(CommonConstant.X_ACCESS_TOKEN);
if(oConvertUtils.isEmpty(token)) { if(oConvertUtils.isEmpty(token)) {
return Result.error("退出登录失败!"); return Result.error("退出登录失败!");
} }
String username = JwtUtil.getUsername(token); String username = JwtUtil.getUsername(token);
LoginUser sysUser = sysBaseApi.getUserByName(username); LoginUser sysUser = sysBaseApi.getUserByName(username);
if(sysUser!=null) { if(sysUser!=null) {
//update-begin--Author:wangshuai Date:20200714 for:登出日志没有记录人员 //update-begin--Author:wangshuai Date:20200714 for:登出日志没有记录人员
baseCommonService.addLog("用户名: "+sysUser.getRealname()+",退出成功!", CommonConstant.LOG_TYPE_1, null,sysUser); baseCommonService.addLog("用户名: "+sysUser.getRealname()+",退出成功!", CommonConstant.LOG_TYPE_1, null,sysUser);
//update-end--Author:wangshuai Date:20200714 for:登出日志没有记录人员 //update-end--Author:wangshuai Date:20200714 for:登出日志没有记录人员
log.info(" 用户名: "+sysUser.getRealname()+",退出成功! "); log.info(" 用户名: "+sysUser.getRealname()+",退出成功! ");
//清空用户登录Token缓存 //清空用户登录Token缓存
redisUtil.del(CommonConstant.PREFIX_USER_TOKEN + token); redisUtil.del(CommonConstant.PREFIX_USER_TOKEN + token);
//清空用户登录Shiro权限缓存 //清空用户登录Shiro权限缓存
redisUtil.del(CommonConstant.PREFIX_USER_SHIRO_CACHE + sysUser.getId()); redisUtil.del(CommonConstant.PREFIX_USER_SHIRO_CACHE + sysUser.getId());
//清空用户的缓存信息(包括部门信息),例如sys:cache:user::<username> //清空用户的缓存信息(包括部门信息),例如sys:cache:user::<username>
redisUtil.del(String.format("%s::%s", CacheConstant.SYS_USERS_CACHE, sysUser.getUsername())); redisUtil.del(String.format("%s::%s", CacheConstant.SYS_USERS_CACHE, sysUser.getUsername()));
//调用shiro的logout //调用shiro的logout
SecurityUtils.getSubject().logout(); SecurityUtils.getSubject().logout();
return Result.ok("退出登录成功!"); return Result.ok("退出登录成功!");
}else { }else {
return Result.error("Token无效!"); return Result.error("Token无效!");
} }
} }
/** /**
@ -248,14 +260,14 @@ public class LoginController {
Result<List<Map<String,Object>>> result = new Result<List<Map<String,Object>>>(); Result<List<Map<String,Object>>> result = new Result<List<Map<String,Object>>>();
Calendar calendar = new GregorianCalendar(); Calendar calendar = new GregorianCalendar();
calendar.set(Calendar.HOUR_OF_DAY,0); calendar.set(Calendar.HOUR_OF_DAY,0);
calendar.set(Calendar.MINUTE,0); calendar.set(Calendar.MINUTE,0);
calendar.set(Calendar.SECOND,0); calendar.set(Calendar.SECOND,0);
calendar.set(Calendar.MILLISECOND,0); calendar.set(Calendar.MILLISECOND,0);
calendar.add(Calendar.DAY_OF_MONTH, 1); calendar.add(Calendar.DAY_OF_MONTH, 1);
Date dayEnd = calendar.getTime(); Date dayEnd = calendar.getTime();
calendar.add(Calendar.DAY_OF_MONTH, -7); calendar.add(Calendar.DAY_OF_MONTH, -7);
Date dayStart = calendar.getTime(); Date dayStart = calendar.getTime();
List<Map<String,Object>> list = logService.findVisitCount(dayStart, dayEnd); List<Map<String,Object>> list = logService.findVisitCount(dayStart, dayEnd);
result.setResult(oConvertUtils.toLowerCasePageList(list)); result.setResult(oConvertUtils.toLowerCasePageList(list));
return result; return result;
} }
@ -334,7 +346,7 @@ public class LoginController {
//随机数 //随机数
String captcha = RandomUtil.randomNumbers(6); String captcha = RandomUtil.randomNumbers(6);
JSONObject obj = new JSONObject(); JSONObject obj = new JSONObject();
obj.put("code", captcha); obj.put("code", captcha);
try { try {
boolean b = false; boolean b = false;
//注册模板 //注册模板

Loading…
Cancel
Save