sync -- 同步 RuoYi-Vue-Plus 更新。
优化 logback 日志 异步输出 增加 短信登录 与 小程序登录 示例 修复 用户绑定角色 与 角色绑定用户 异常 编写错误 update springboot 2.6.4 => 2.6.5 update springboot-admin 2.6.2 => 2.6.3 update hutool 5.7.21 => 5.7.22 update springboot-admin 2.6.3 => 2.6.5 update dynamic-datasource 3.5.0 => 3.5.1 update redisson 3.16.8 => 3.17.0 update springboot 2.6.5 => 2.6.6 修复 CVE-2022-22965 漏洞 更名 SaInterfaceImpl 为 SaPermissionImpl 完善相关注释 增加 Mybatis 全局异常处理 开启多数据源切换 严格模式 找不到数据源报错
This commit is contained in:
konbai
@@ -68,6 +68,14 @@ public interface SysUserMapper extends BaseMapperPlus<SysUserMapper, SysUser, Sy
|
||||
*/
|
||||
SysUser selectUserByUserName(String userName);
|
||||
|
||||
/**
|
||||
* 通过手机号查询用户
|
||||
*
|
||||
* @param phonenumber 手机号
|
||||
* @return 用户对象信息
|
||||
*/
|
||||
SysUser selectUserByPhonenumber(String phonenumber);
|
||||
|
||||
/**
|
||||
* 通过用户ID查询用户
|
||||
*
|
||||
|
||||
@@ -3,6 +3,8 @@ package com.ruoyi.system.mapper;
|
||||
import com.ruoyi.common.core.mapper.BaseMapperPlus;
|
||||
import com.ruoyi.system.domain.SysUserRole;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* 用户与角色关联表 数据层
|
||||
*
|
||||
@@ -10,6 +12,6 @@ import com.ruoyi.system.domain.SysUserRole;
|
||||
*/
|
||||
public interface SysUserRoleMapper extends BaseMapperPlus<SysUserRoleMapper, SysUserRole, SysUserRole> {
|
||||
|
||||
Long selectUserIdByRoleId(Long roleId);
|
||||
List<Long> selectUserIdsByRoleId(Long roleId);
|
||||
|
||||
}
|
||||
|
||||
@@ -48,6 +48,14 @@ public interface ISysUserService {
|
||||
*/
|
||||
SysUser selectUserByUserName(String userName);
|
||||
|
||||
/**
|
||||
* 通过手机号查询用户
|
||||
*
|
||||
* @param phonenumber 手机号
|
||||
* @return 用户对象信息
|
||||
*/
|
||||
SysUser selectUserByPhonenumber(String phonenumber);
|
||||
|
||||
/**
|
||||
* 通过用户ID查询用户
|
||||
*
|
||||
|
||||
@@ -8,6 +8,7 @@ import com.ruoyi.common.constant.Constants;
|
||||
import com.ruoyi.common.core.domain.dto.RoleDTO;
|
||||
import com.ruoyi.common.core.domain.entity.SysUser;
|
||||
import com.ruoyi.common.core.domain.model.LoginUser;
|
||||
import com.ruoyi.common.core.domain.model.XcxLoginUser;
|
||||
import com.ruoyi.common.core.service.LogininforService;
|
||||
import com.ruoyi.common.enums.DeviceType;
|
||||
import com.ruoyi.common.enums.UserStatus;
|
||||
@@ -87,6 +88,8 @@ public class SysLoginService {
|
||||
|
||||
// 登录成功 清空错误次数
|
||||
RedisUtils.deleteObject(Constants.LOGIN_ERROR + username);
|
||||
|
||||
// 此处可根据登录用户的数据不同 自行创建 loginUser
|
||||
LoginUser loginUser = buildLoginUser(user);
|
||||
// 生成token
|
||||
LoginHelper.loginByDevice(loginUser, DeviceType.PC);
|
||||
@@ -96,10 +99,84 @@ public class SysLoginService {
|
||||
return StpUtil.getTokenValue();
|
||||
}
|
||||
|
||||
public String smsLogin(String phonenumber, String smsCode) {
|
||||
// 通过手机号查找用户
|
||||
SysUser user = loadUserByPhonenumber(phonenumber);
|
||||
|
||||
HttpServletRequest request = ServletUtils.getRequest();
|
||||
// 获取用户登录错误次数(可自定义限制策略 例如: key + username + ip)
|
||||
Integer errorNumber = RedisUtils.getCacheObject(Constants.LOGIN_ERROR + user.getUserName());
|
||||
// 锁定时间内登录 则踢出
|
||||
if (ObjectUtil.isNotNull(errorNumber) && errorNumber.equals(Constants.LOGIN_ERROR_NUMBER)) {
|
||||
asyncService.recordLogininfor(user.getUserName(), Constants.LOGIN_FAIL, MessageUtils.message("sms.code.retry.limit.exceed", Constants.LOGIN_ERROR_LIMIT_TIME), request);
|
||||
throw new UserException("sms.code.retry.limit.exceed", Constants.LOGIN_ERROR_LIMIT_TIME);
|
||||
}
|
||||
|
||||
if (!validateSmsCode(phonenumber, smsCode)) {
|
||||
// 是否第一次
|
||||
errorNumber = ObjectUtil.isNull(errorNumber) ? 1 : errorNumber + 1;
|
||||
// 达到规定错误次数 则锁定登录
|
||||
if (errorNumber.equals(Constants.LOGIN_ERROR_NUMBER)) {
|
||||
RedisUtils.setCacheObject(Constants.LOGIN_ERROR + user.getUserName(), errorNumber, Constants.LOGIN_ERROR_LIMIT_TIME, TimeUnit.MINUTES);
|
||||
asyncService.recordLogininfor(user.getUserName(), Constants.LOGIN_FAIL, MessageUtils.message("sms.code.retry.limit.exceed", Constants.LOGIN_ERROR_LIMIT_TIME), request);
|
||||
throw new UserException("sms.code.retry.limit.exceed", Constants.LOGIN_ERROR_LIMIT_TIME);
|
||||
} else {
|
||||
// 未达到规定错误次数 则递增
|
||||
RedisUtils.setCacheObject(Constants.LOGIN_ERROR + user.getUserName(), errorNumber);
|
||||
asyncService.recordLogininfor(user.getUserName(), Constants.LOGIN_FAIL, MessageUtils.message("sms.code.retry.limit.count", errorNumber), request);
|
||||
throw new UserException("sms.code.retry.limit.count", errorNumber);
|
||||
}
|
||||
}
|
||||
|
||||
// 登录成功 清空错误次数
|
||||
RedisUtils.deleteObject(Constants.LOGIN_ERROR + user.getUserName());
|
||||
|
||||
// 此处可根据登录用户的数据不同 自行创建 loginUser
|
||||
LoginUser loginUser = buildLoginUser(user);
|
||||
// 生成token
|
||||
LoginHelper.loginByDevice(loginUser, DeviceType.APP);
|
||||
|
||||
asyncService.recordLogininfor(user.getUserName(), Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success"), request);
|
||||
recordLoginInfo(user.getUserId(), user.getUserName());
|
||||
return StpUtil.getTokenValue();
|
||||
}
|
||||
|
||||
|
||||
public String xcxLogin(String xcxCode) {
|
||||
HttpServletRequest request = ServletUtils.getRequest();
|
||||
// xcxCode 为 小程序调用 wx.login 授权后获取
|
||||
// todo 以下自行实现
|
||||
// 校验 appid + appsrcret + xcxCode 调用登录凭证校验接口 获取 session_key 与 openid
|
||||
String openid = "";
|
||||
SysUser user = loadUserByOpenid(openid);
|
||||
|
||||
// 此处可根据登录用户的数据不同 自行创建 loginUser
|
||||
XcxLoginUser loginUser = new XcxLoginUser();
|
||||
loginUser.setUserId(user.getUserId());
|
||||
loginUser.setUsername(user.getUserName());
|
||||
loginUser.setUserType(user.getUserType());
|
||||
loginUser.setOpenid(openid);
|
||||
// 生成token
|
||||
LoginHelper.loginByDevice(loginUser, DeviceType.XCX);
|
||||
|
||||
asyncService.recordLogininfor(user.getUserName(), Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success"), request);
|
||||
recordLoginInfo(user.getUserId(), user.getUserName());
|
||||
return StpUtil.getTokenValue();
|
||||
}
|
||||
|
||||
|
||||
public void logout(String loginName) {
|
||||
asyncService.recordLogininfor(loginName, Constants.LOGOUT, MessageUtils.message("user.logout.success"), ServletUtils.getRequest());
|
||||
}
|
||||
|
||||
/**
|
||||
* 校验短信验证码
|
||||
*/
|
||||
private boolean validateSmsCode(String phonenumber, String smsCode) {
|
||||
// todo 此处使用手机号查询redis验证码与参数验证码是否一致 用户自行实现
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* 校验验证码
|
||||
*
|
||||
@@ -136,6 +213,38 @@ public class SysLoginService {
|
||||
return user;
|
||||
}
|
||||
|
||||
private SysUser loadUserByPhonenumber(String phonenumber) {
|
||||
SysUser user = userService.selectUserByPhonenumber(phonenumber);
|
||||
if (ObjectUtil.isNull(user)) {
|
||||
log.info("登录用户:{} 不存在.", phonenumber);
|
||||
throw new UserException("user.not.exists", phonenumber);
|
||||
} else if (UserStatus.DELETED.getCode().equals(user.getDelFlag())) {
|
||||
log.info("登录用户:{} 已被删除.", phonenumber);
|
||||
throw new UserException("user.password.delete", phonenumber);
|
||||
} else if (UserStatus.DISABLE.getCode().equals(user.getStatus())) {
|
||||
log.info("登录用户:{} 已被停用.", phonenumber);
|
||||
throw new UserException("user.blocked", phonenumber);
|
||||
}
|
||||
return user;
|
||||
}
|
||||
|
||||
private SysUser loadUserByOpenid(String openid) {
|
||||
// 使用 openid 查询绑定用户 如未绑定用户 则根据业务自行处理 例如 创建默认用户
|
||||
// todo 自行实现 userService.selectUserByOpenid(openid);
|
||||
SysUser user = new SysUser();
|
||||
if (ObjectUtil.isNull(user)) {
|
||||
log.info("登录用户:{} 不存在.", openid);
|
||||
// todo 用户不存在 业务逻辑自行实现
|
||||
} else if (UserStatus.DELETED.getCode().equals(user.getDelFlag())) {
|
||||
log.info("登录用户:{} 已被删除.", openid);
|
||||
// todo 用户已被删除 业务逻辑自行实现
|
||||
} else if (UserStatus.DISABLE.getCode().equals(user.getStatus())) {
|
||||
log.info("登录用户:{} 已被停用.", openid);
|
||||
// todo 用户已被停用 业务逻辑自行实现
|
||||
}
|
||||
return user;
|
||||
}
|
||||
|
||||
/**
|
||||
* 构建登录用户
|
||||
*/
|
||||
|
||||
@@ -85,7 +85,7 @@ public class SysDeptServiceImpl implements ISysDeptService {
|
||||
@Override
|
||||
public List<Long> selectDeptListByRoleId(Long roleId) {
|
||||
SysRole role = roleMapper.selectById(roleId);
|
||||
return baseMapper.selectDeptListByRoleId(roleId, role.getDeptCheckStrictly() == 1);
|
||||
return baseMapper.selectDeptListByRoleId(roleId, role.getDeptCheckStrictly());
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -123,7 +123,7 @@ public class SysMenuServiceImpl implements ISysMenuService {
|
||||
@Override
|
||||
public List<Long> selectMenuListByRoleId(Long roleId) {
|
||||
SysRole role = roleMapper.selectById(roleId);
|
||||
return baseMapper.selectMenuListByRoleId(roleId, role.getMenuCheckStrictly() == 1);
|
||||
return baseMapper.selectMenuListByRoleId(roleId, role.getMenuCheckStrictly());
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -115,7 +115,7 @@ public class SysUserServiceImpl implements ISysUserService {
|
||||
*/
|
||||
@Override
|
||||
public TableDataInfo<SysUser> selectUnallocatedList(SysUser user, PageQuery pageQuery) {
|
||||
Long userId = userRoleMapper.selectUserIdByRoleId(user.getRoleId());
|
||||
List<Long> userId = userRoleMapper.selectUserIdsByRoleId(user.getRoleId());
|
||||
QueryWrapper<SysUser> wrapper = Wrappers.query();
|
||||
wrapper.eq("u.del_flag", UserConstants.USER_NORMAL)
|
||||
.and(w -> w.ne("r.role_id", user.getRoleId()).or().isNull("r.role_id"))
|
||||
@@ -137,6 +137,17 @@ public class SysUserServiceImpl implements ISysUserService {
|
||||
return baseMapper.selectUserByUserName(userName);
|
||||
}
|
||||
|
||||
/**
|
||||
* 通过手机号查询用户
|
||||
*
|
||||
* @param phonenumber 手机号
|
||||
* @return 用户对象信息
|
||||
*/
|
||||
@Override
|
||||
public SysUser selectUserByPhonenumber(String phonenumber) {
|
||||
return baseMapper.selectUserByPhonenumber(phonenumber);
|
||||
}
|
||||
|
||||
/**
|
||||
* 通过用户ID查询用户
|
||||
*
|
||||
|
||||
Reference in New Issue
Block a user