I3_YF_SEAT
/
impp-core
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

E9单点登录1

Browse Source
yun-zuoyi
wynne1005 4 years ago
parent 4c50bc4687
commit 1f2b304968
9 changed files with 459 additions and 157 deletions
Show Stats Download Patch File Download Diff File

51
modules/i3plus-core-api/src/main/java/cn/estsh/i3plus/core/api/iservice/base/ISystemLoginService.java
Unescape Escape View File

@ -1,11 +1,14 @@
package cn.estsh.i3plus.core.api.iservice.base;
import cn.estsh.i3plus.pojo.base.enumutil.CommonEnumUtil;
import cn.estsh.i3plus.pojo.base.shirotoken.AdminToken;
import cn.estsh.i3plus.pojo.base.shirotoken.SaAdminToken;
import cn.estsh.i3plus.pojo.base.shirotoken.UserToken;
import cn.estsh.i3plus.pojo.platform.bean.SessionUser;
import io.swagger.annotations.ApiOperation;
import javax.servlet.http.HttpServletRequest;
/**
* @Description :
* @Reference :
@ -17,54 +20,68 @@ public interface ISystemLoginService {
/**
*
* @param loginName
* @param loginPwd
* @param languageCode
*
* @param loginName
* @param loginPwd
* @param languageCode
* @return
*/
@ApiOperation(value = "用户登录",notes = "普通用户登录")
@ApiOperation(value = "用户登录", notes = "普通用户登录")
SessionUser queryUserLogin(String loginName, String loginPwd, String languageCode);
/**
*
* @param loginName
* @param loginPwd
* @param languageCode
*
* @param loginName
* @param loginPwd
* @param languageCode
* @return
*/
@ApiOperation(value = "用户登录",notes = "管理用户登录")
@ApiOperation(value = "用户登录", notes = "管理用户登录")
SessionUser queryAdminLogin(String loginName, String loginPwd, String languageCode);
/**
*
*
* @param authenticationToken
* @return
* @return
*/
@ApiOperation(value = "封装用户",notes = "封装普通用户信息")
@ApiOperation(value = "封装用户", notes = "封装普通用户信息")
SessionUser queryCheckUserLogin(UserToken authenticationToken);
/**
*
* @param authenticationToken
*
* @param authenticationToken
* @return
*/
@ApiOperation(value = "封装用户",notes = "封装管理员信息")
@ApiOperation(value = "封装用户", notes = "封装管理员信息")
SessionUser queryCheckAdminLogin(AdminToken authenticationToken);
/**
*
* @param authenticationToken
*
*
* @param authenticationToken
* @return
*/
@ApiOperation(value = "封装用户",notes = "封装超级管理员信息")
@ApiOperation(value = "封装用户", notes = "封装超级管理员信息")
SessionUser queryCheckSaAdminLogin(SaAdminToken authenticationToken);
/**
*
*
* @param loginName
* @param sessionId Session ID
* @return
*/
@ApiOperation(value = "登录密码错误",notes = "登录密码错误记录错误次数功能")
Integer doLoginPasswordError(String loginName,String sessionId);
@ApiOperation(value = "登录密码错误", notes = "登录密码错误记录错误次数功能")
Integer doLoginPasswordError(String loginName, String sessionId);
/**
*
*
* @param request http
* @return
*/
CommonEnumUtil.LOG_LOGIN_PLATFORM getLoginPlatform(HttpServletRequest request);
}

21
modules/i3plus-core-api/src/main/java/cn/estsh/i3plus/core/api/iservice/base/ISystemLoginStrategyService.java
Unescape Escape View File

@ -0,0 +1,21 @@
package cn.estsh.i3plus.core.api.iservice.base;
import cn.estsh.i3plus.pojo.model.platform.SystemLoginModel;
import cn.estsh.impp.framework.boot.util.ResultBean;
import javax.servlet.http.HttpServletRequest;
import java.util.function.BiFunction;
/**
* @author Wynne.Lu
* @date 2021/1/18 10:50
* @desc
*/
public interface ISystemLoginStrategyService {
/**
* @param request
* @param loginModel
* @return
*/
BiFunction<HttpServletRequest, SystemLoginModel, ResultBean> login();
}

6
modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/ShiroAuthConfiguration.java
Unescape Escape View File

@ -12,10 +12,10 @@ import cn.estsh.impp.framework.boot.auth.filter.UserFilter;
import cn.estsh.impp.framework.boot.configuration.RedisConfig;
import org.apache.shiro.authc.pam.ModularRealmAuthenticator;
import org.apache.shiro.cache.CacheManager;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@ -85,7 +85,7 @@ public class ShiroAuthConfiguration {
public Map<String,Realm> supportRealmMap(){
//支持的授权规则
Map<String,Realm> realms = new HashMap();
Map<String,Realm> realms = new HashMap(8);
realms.put(CommonEnumUtil.USER_TYPE.USER.getCode(),userAuthRealm());
realms.put(CommonEnumUtil.USER_TYPE.ADMIN.getCode(),adminAuthRealm());
realms.put(CommonEnumUtil.USER_TYPE.SA.getCode(),saAuthRealm());
@ -115,7 +115,7 @@ public class ShiroAuthConfiguration {
ShiroFilterFactoryBean factoryBean = new ShiroFilterFactoryBean();
factoryBean.setSecurityManager(securityManager);
Map<String, Filter> filterMap = new HashMap();
Map<String, Filter> filterMap = new HashMap(8);
filterMap.put("user_filter", new UserFilter());
filterMap.put("admin_filter", new AdminFilter());
filterMap.put("saadmin_filter", new SaAdminFilter());

32
modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/realm/DefaultModularRealm.java
Unescape Escape View File

@ -1,6 +1,7 @@
package cn.estsh.i3plus.core.apiservice.auth.realm;
import cn.estsh.i3plus.core.apiservice.controller.DemoAuthController;
import cn.estsh.i3plus.platform.common.util.PlatformConstWords;
import cn.estsh.i3plus.pojo.base.bean.BaseThreadLocal;
import cn.estsh.i3plus.pojo.base.enumutil.CommonEnumUtil;
import cn.estsh.i3plus.pojo.base.shirotoken.AdminToken;
import cn.estsh.i3plus.pojo.base.shirotoken.SaAdminToken;
@ -47,18 +48,23 @@ public class DefaultModularRealm extends ModularRealmAuthenticator {
@Override
protected AuthenticationInfo doAuthenticate(AuthenticationToken token) throws AuthenticationException {
Realm realm;
if (token instanceof SaAdminToken) {
//超级管理员
realm = (Realm)this.definedRealms.get(CommonEnumUtil.USER_TYPE.SA.getCode());
} else if (token instanceof AdminToken) {
//管理员
realm = (Realm)this.definedRealms.get(CommonEnumUtil.USER_TYPE.ADMIN.getCode());
} else if (token instanceof UserToken) {
//用户
realm = (Realm)this.definedRealms.get(CommonEnumUtil.USER_TYPE.USER.getCode());
} else {
throw new AuthenticationException("不存在TOKEN请联系管理员"+token+"");
}
String realmStrategy = (String) BaseThreadLocal.getData(PlatformConstWords.AUTH_REALM_CHOOSE);
// if (!StringUtils.isEmpty(realmStrategy)) {
// realm = (Realm) SpringContextsUtil.getBean(realmStrategy);
// } else {
if (token instanceof SaAdminToken) {
//超级管理员
realm = (Realm) this.definedRealms.get(CommonEnumUtil.USER_TYPE.SA.getCode());
} else if (token instanceof AdminToken) {
//管理员
realm = (Realm) this.definedRealms.get(CommonEnumUtil.USER_TYPE.ADMIN.getCode());
} else if (token instanceof UserToken) {
//用户
realm = (Realm) this.definedRealms.get(CommonEnumUtil.USER_TYPE.USER.getCode());
} else {
throw new AuthenticationException("不存在TOKEN请联系管理员" + token + "");
}
// }
return this.doSingleRealmAuthentication(realm, token);
}

44
modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/realm/strategy/E9AuthRealm.java
Unescape Escape View File

@ -0,0 +1,44 @@
package cn.estsh.i3plus.core.apiservice.auth.realm.strategy;
import cn.estsh.i3plus.core.api.iservice.base.ISystemLoginService;
import cn.estsh.i3plus.pojo.base.shirotoken.AdminToken;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
/**
* @author Wynne.Lu
* @date 2021/1/18 2:32
* @desc
*/
@Component
public class E9AuthRealm extends AuthorizingRealm {
public static final Logger LOGGER = LoggerFactory.getLogger(E9AuthRealm.class);
@Autowired
private ISystemLoginService systemLoginService;
public E9AuthRealm(){
//添加支持的token
this.setAuthenticationTokenClass(AdminToken.class);
}
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
return new SimpleAuthorizationInfo();
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) {
return new SimpleAuthenticationInfo();
}
}

162
modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/controller/base/WhiteController.java
Unescape Escape View File

@ -2,13 +2,18 @@ package cn.estsh.i3plus.core.apiservice.controller.base;
import cn.estsh.i3plus.core.api.iservice.base.ISynchronizedService;
import cn.estsh.i3plus.core.api.iservice.base.ISystemInitService;
import cn.estsh.i3plus.core.api.iservice.base.ISystemLoginService;
import cn.estsh.i3plus.core.api.iservice.base.ISystemLoginStrategyService;
import cn.estsh.i3plus.core.api.iservice.busi.*;
import cn.estsh.i3plus.core.apiservice.controller.busi.PersonnelController;
import cn.estsh.i3plus.core.apiservice.controller.busi.SysUserInfoController;
import cn.estsh.i3plus.core.apiservice.util.SysUserPasswordUtil;
import cn.estsh.i3plus.platform.common.convert.ConvertBean;
import cn.estsh.i3plus.platform.common.exception.ImppExceptionEnum;
import cn.estsh.i3plus.platform.common.tool.*;
import cn.estsh.i3plus.platform.common.tool.JsonUtilTool;
import cn.estsh.i3plus.platform.common.tool.ServletRequestTool;
import cn.estsh.i3plus.platform.common.tool.StringTool;
import cn.estsh.i3plus.platform.common.tool.TimeTool;
import cn.estsh.i3plus.platform.common.util.CommonConstWords;
import cn.estsh.i3plus.platform.common.util.PlatformConstWords;
import cn.estsh.i3plus.pojo.base.annotation.AnnoIgnoreLog;
@ -16,36 +21,67 @@ import cn.estsh.i3plus.pojo.base.bean.BaseConstWords;
import cn.estsh.i3plus.pojo.base.bean.BaseThreadLocal;
import cn.estsh.i3plus.pojo.base.bean.ListPager;
import cn.estsh.i3plus.pojo.base.enumutil.CommonEnumUtil;
import cn.estsh.i3plus.pojo.base.enumutil.ImppEnumUtil;
import cn.estsh.i3plus.pojo.base.enumutil.ResourceEnumUtil;
import cn.estsh.i3plus.pojo.model.common.CloudPagerModel;
import cn.estsh.i3plus.pojo.model.license.ImppLicense;
import cn.estsh.i3plus.pojo.model.platform.SystemLoginModel;
import cn.estsh.i3plus.pojo.model.platform.UserDetailModel;
import cn.estsh.i3plus.pojo.model.platform.UserDetailPagerModel;
import cn.estsh.i3plus.pojo.platform.bean.*;
import cn.estsh.i3plus.pojo.platform.bean.SysDictionary;
import cn.estsh.i3plus.pojo.platform.bean.SysFile;
import cn.estsh.i3plus.pojo.platform.bean.SysLabelTemplate;
import cn.estsh.i3plus.pojo.platform.bean.SysLocaleResource;
import cn.estsh.i3plus.pojo.platform.bean.SysLogUserLogin;
import cn.estsh.i3plus.pojo.platform.bean.SysOrderNoRule;
import cn.estsh.i3plus.pojo.platform.bean.SysOrganize;
import cn.estsh.i3plus.pojo.platform.bean.SysUser;
import cn.estsh.i3plus.pojo.platform.bean.SysUserInfo;
import cn.estsh.impp.framework.base.controller.CoreBaseController;
import cn.estsh.impp.framework.boot.auth.AuthUtil;
import cn.estsh.impp.framework.boot.exception.ImppBusiException;
import cn.estsh.impp.framework.boot.exception.ImppExceptionBuilder;
import cn.estsh.impp.framework.boot.license.ImppLicenseTool;
import cn.estsh.impp.framework.boot.license.serviceimpl.ImppLicenseDecoder;
import cn.estsh.impp.framework.boot.util.*;
import cn.estsh.impp.framework.boot.util.ImppRedis;
import cn.estsh.impp.framework.boot.util.LocaleUtils;
import cn.estsh.impp.framework.boot.util.RedisCacheTool;
import cn.estsh.impp.framework.boot.util.ResultBean;
import cn.estsh.impp.framework.boot.util.SpringContextsUtil;
import cn.estsh.impp.framework.boot.util.ValidatorBean;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.CredentialsException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.amqp.rabbit.core.RabbitTemplate;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.util.*;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.function.BiFunction;
import java.util.stream.Collectors;
import static cn.estsh.i3plus.platform.common.util.CommonConstWords.DEFAULT_LANGUAGE;
/**
* @Description :
* @Reference :
@ -100,6 +136,9 @@ public class WhiteController extends CoreBaseController {
private ISysConfigService configService;
@Autowired
private ISystemLoginService loginService;
@Autowired
private SysUserPasswordUtil userPasswordUtil;
@Resource(name = CommonConstWords.IMPP_REDIS_RES)
@ -114,7 +153,6 @@ public class WhiteController extends CoreBaseController {
@Autowired
private RabbitTemplate rabbitTemplate;
@GetMapping(value = "/sys-locale-language/list")
@ApiOperation(value = "查询可用语言", notes = "查询可用语言")
public ResultBean listSysLocaleLanguage() {
@ -155,97 +193,79 @@ public class WhiteController extends CoreBaseController {
}
}
@GetMapping(value = "/auth/oss-login")
@ApiOperation(value = "登录", notes = "登录")
public ResultBean ossLogin(HttpServletRequest request, SystemLoginModel loginModel) throws NoSuchFieldException {
ValidatorBean.beginValid(loginModel)
.notNull("loginStrategy", loginModel.getLoginStrategy())
.notNull("loginName", loginModel.getLoginName());
String beanName = ImppEnumUtil.AUTH_LOGIN_STRATEGY.codeOfStrategyName(loginModel.getLoginStrategy());
ISystemLoginStrategyService loginStrategyService = (ISystemLoginStrategyService) SpringContextsUtil.getBean(beanName);
BaseThreadLocal.setData(PlatformConstWords.IS_OSS_LOGIN, true);
return loginByStrategy(request, loginModel, loginStrategyService.login());
}
@GetMapping(value = "/auth/login")
@ApiOperation(value = "登陆", notes = "登陆")
@ApiOperation(value = "登录", notes = "登录")
public ResultBean login(HttpServletRequest request, String loginName, String loginPwd,
@RequestParam(required = false) String languageCode,
@RequestParam(required = false) String deviceId) {
Long startTime = System.currentTimeMillis();
startMultiService();
licenseClickService.checkLicenseNumberLogin();
LOGGER.info("用户登陆 loginName:{} loginPwd:{} languageCode:{}", loginName, loginPwd, languageCode);
ResultBean result = null;
CommonEnumUtil.USER_LOGIN_STATUS userLoginStatus = CommonEnumUtil.USER_LOGIN_STATUS.LOGIN_SUCCESS;
SystemLoginModel loginModel = new SystemLoginModel(loginName, loginPwd, languageCode, deviceId, ImppEnumUtil.AUTH_LOGIN_STRATEGY.ACCOUNT.getCode());
try {
ValidatorBean.checkNotNull(languageCode, "语言不能为空");
// TODO 后期移除,暂时用于避免自动登录后前台没有正确的传输组织代码信息
if ("null".equals(languageCode)) {
languageCode = DEFAULT_LANGUAGE;
}
// 设置语言代码
BaseThreadLocal.setData(BaseThreadLocal.LANGUAGE_CODE, languageCode);
ValidatorBean.checkNotNull(loginName, "用户名不能为空");
ValidatorBean.checkNotNull(loginPwd, "密码不能为空");
int sessionMode = RedisCacheTool.getSysConfigIntVal(CommonConstWords.CONFIG_SESSION_MODE, CommonConstWords.CONFIG_SESSION_MODE_DEFAULT);
if (sessionMode != CommonEnumUtil.SESSION_MODE.SEIZE.getValue()) {
logout();
}
String beanName = ImppEnumUtil.AUTH_LOGIN_STRATEGY.codeOfStrategyName(loginModel.getLoginStrategy());
ISystemLoginStrategyService loginStrategyService = (ISystemLoginStrategyService) SpringContextsUtil.getBean(beanName);
SessionUser user = userService.queryUserLogin(loginName.trim(), loginPwd.trim(), languageCode, getLoginPlatform().getValue(), deviceId);
return loginByStrategy(request, loginModel, loginStrategyService.login());
}
String redisKey = CommonConstWords.USER_LOGIN_ERROR + "_" + user.getUser().getId();
redisCore.deleteKey(redisKey);
// LOGGER.info("会员登陆:{}",user);
private ResultBean loginByStrategy(HttpServletRequest request, SystemLoginModel loginModel, BiFunction<HttpServletRequest, SystemLoginModel, ResultBean> loginStrategy) {
long startTime = System.currentTimeMillis();
licenseClickService.checkLicenseNumberLogin();
result = new ResultBean(true, AuthUtil.getSession().getId().toString(), AuthUtil.getSessionUser());
result.setUrl("/");
LOGGER.info("用户登陆 loginName:{} loginPwd:{} languageCode:{}", loginModel.getLoginName(), loginModel.getLoginPwd(), loginModel.getLanguageCode());
ResultBean result = null;
CommonEnumUtil.USER_LOGIN_STATUS userLoginStatus = CommonEnumUtil.USER_LOGIN_STATUS.LOGIN_SUCCESS;
// 记录登录记录
recordSysUserLog(user.getUser().getUserInfoId(), loginName, CommonEnumUtil.USER_LOGIN_STATUS.LOGIN_SUCCESS.getValue());
AuthUtil.setOrganize(user.getUser().getOrganize());
try {
loginStrategy.apply(request, loginModel);
} catch (IncorrectCredentialsException e) {
result = ResultBean.fail(ImppExceptionEnum.LOGIN_EXCEPTION_USER_PASSWORD);
userPasswordUtil.checkLoginErrorNumber(loginName, result, e);
userPasswordUtil.checkLoginErrorNumber(loginModel.getLoginName(), result, e);
userLoginStatus = CommonEnumUtil.USER_LOGIN_STATUS.WRONG_PASSWORD;
} catch (CredentialsException e) {
// 用户名或密码错误
result = ResultBean.fail(ImppExceptionEnum.LOGIN_EXCEPTION_USER_NAME);
// 记录登录记录
userLoginStatus = CommonEnumUtil.USER_LOGIN_STATUS.WRONG_USERNAME_OR_PASSWORD;
} catch (LockedAccountException e) {
// 账号已锁定
result = ResultBean.fail(ImppExceptionEnum.LOGIN_EXCEPTION_USER_LOCKING);
// 记录登录记录
userLoginStatus = CommonEnumUtil.USER_LOGIN_STATUS.USER_LOGIN_LOCKING;
} catch (UnknownAccountException e) {
// 用户信息不存在
result = ResultBean.fail(ImppExceptionEnum.LOGIN_EXCEPTION_USER_INFO_NULL);
// 记录登录记录
userLoginStatus = CommonEnumUtil.USER_LOGIN_STATUS.USER_INFO_NULL;
} catch (AuthenticationException e) {
// 系统异常
result = ResultBean.fail(ImppExceptionEnum.LOGIN_EXCEPTION_USER_PASSWORD.getDescription()).setCode(ImppExceptionEnum.LOGIN_EXCEPTION_USER_PASSWORD.getCode());
result.setErrorMsg(e.getMessage());
// 记录登录记录
userLoginStatus = CommonEnumUtil.USER_LOGIN_STATUS.SYSTEM_ERROR;
} catch (ImppBusiException e) {
result = ResultBean.fail(e);
// 记录登录记录
userLoginStatus = CommonEnumUtil.USER_LOGIN_STATUS.SYSTEM_ERROR;
} catch (Exception e) {
result = ResultBean.fail(e.getMessage()).setCode(ImppExceptionEnum.SYSTEM_EXCEPTION.getCode())
.setErrorMsg(LocaleUtils.getEnumLocaleResDesc(ImppExceptionEnum.SYSTEM_EXCEPTION, ImppExceptionEnum.SYSTEM_EXCEPTION.getDescription()));
// 记录登录记录
userLoginStatus = CommonEnumUtil.USER_LOGIN_STATUS.SYSTEM_ERROR;
} finally {
// 记录登录记录
recordSysUserLog(null, loginName, userLoginStatus.getValue());
recordSysUserLog(null, loginModel.getLoginName(), userLoginStatus.getValue());
}
LOGGER.info("会员{}登陆登录完成 ,语言:{} , 登录耗时:{}", loginName, BaseThreadLocal.getThreadLanguageCode(), (System.currentTimeMillis() - startTime));
LOGGER.info("会员{}登陆登录完成 ,语言:{} , 登录耗时:{}", loginModel.getLoginName(), BaseThreadLocal.getThreadLanguageCode(), (System.currentTimeMillis() - startTime));
return result;
}
@ -493,30 +513,6 @@ public class WhiteController extends CoreBaseController {
Arrays.asList(CommonEnumUtil.LOG_LOGIN_PLATFORM.values()));
}
/**
*
*
* @return
*/
private CommonEnumUtil.LOG_LOGIN_PLATFORM getLoginPlatform() {
String value = CookieTool.getCookieValue(request, CommonConstWords.SESSION_LOGIN_PLATFORM);
if (StringUtils.isBlank(value)) {
value = CommonEnumUtil.LOG_LOGIN_PLATFORM.PC_IMPP_CORE.getValue() + "";
} else {
try {
Integer.parseInt(value);
} catch (Exception e) {
throw ImppExceptionBuilder.newInstance()
.setSystemID(CommonEnumUtil.SOFT_TYPE.CORE.getCode())
.setErrorCode(ImppExceptionEnum.VARIFY_EXCEPTION_FORMAT.getCode())
.setErrorDetail("平台登录标识转换错误")
.setErrorSolution("请重新操作")
.build();
}
}
CommonEnumUtil.LOG_LOGIN_PLATFORM platform = CommonEnumUtil.LOG_LOGIN_PLATFORM.valueOf(Integer.parseInt(value));
return platform == null ? CommonEnumUtil.LOG_LOGIN_PLATFORM.PC_IMPP_CORE : platform;
}
@GetMapping("/sys-organize/list")
@ApiOperation(value = "获取全部组织", notes = "获取全部组织")

109
modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/serviceimpl/base/SystemLoginService.java
Unescape Escape View File

@ -4,7 +4,8 @@ import cn.estsh.i3plus.core.api.iservice.base.ISystemLoginService;
import cn.estsh.i3plus.core.api.iservice.busi.ISysUserPasswordService;
import cn.estsh.i3plus.core.apiservice.util.SysUserPasswordUtil;
import cn.estsh.i3plus.platform.common.convert.ConvertBean;
import cn.estsh.i3plus.platform.common.tool.EncryptTool;
import cn.estsh.i3plus.platform.common.exception.ImppExceptionEnum;
import cn.estsh.i3plus.platform.common.tool.CookieTool;
import cn.estsh.i3plus.platform.common.util.CommonConstWords;
import cn.estsh.i3plus.pojo.base.enumutil.CommonEnumUtil;
import cn.estsh.i3plus.pojo.base.shirotoken.AdminToken;
@ -16,13 +17,11 @@ import cn.estsh.i3plus.pojo.platform.bean.SysUserPassword;
import cn.estsh.i3plus.pojo.platform.repository.SysUserRepository;
import cn.estsh.impp.framework.boot.auth.AuthUtil;
import cn.estsh.impp.framework.boot.exception.ImppBusiException;
import cn.estsh.impp.framework.boot.util.ImppLdapUtils;
import cn.estsh.impp.framework.boot.exception.ImppExceptionBuilder;
import cn.estsh.impp.framework.boot.util.ImppRedis;
import cn.estsh.impp.framework.boot.util.ImppSwitchUtil;
import cn.estsh.impp.framework.boot.util.ValidatorBean;
import io.swagger.annotations.ApiOperation;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.math.NumberUtils;
import org.apache.shiro.authc.CredentialsException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
@ -33,8 +32,7 @@ import org.springframework.context.annotation.Lazy;
import org.springframework.stereotype.Service;
import javax.annotation.Resource;
import java.io.UnsupportedEncodingException;
import java.security.NoSuchAlgorithmException;
import javax.servlet.http.HttpServletRequest;
import java.util.Objects;
/**
@ -66,65 +64,65 @@ public class SystemLoginService implements ISystemLoginService {
protected ImppRedis redisCore;
@Override
@ApiOperation(value = "用户登录",notes = "普通用户登录")
@ApiOperation(value = "用户登录", notes = "普通用户登录")
public SessionUser queryUserLogin(String loginName, String loginPwd, String languageCode) {
//生成令牌
UserToken ut = new UserToken(loginName,loginPwd,languageCode);
UserToken ut = new UserToken(loginName, loginPwd, languageCode);
//token验证
return AuthUtil.login(ut);
}
@Override
@ApiOperation(value = "用户登录",notes = "管理用户登录")
@ApiOperation(value = "用户登录", notes = "管理用户登录")
public SessionUser queryAdminLogin(String loginName, String loginPwd, String languageCode) {
//生成令牌
AdminToken adminToken = new AdminToken(loginName,loginPwd,languageCode);
AdminToken adminToken = new AdminToken(loginName, loginPwd, languageCode);
//token验证
return AuthUtil.login(adminToken);
}
@Override
@ApiOperation(value = "封装用户",notes = "封装普通用户信息")
@ApiOperation(value = "封装用户", notes = "封装普通用户信息")
public SessionUser queryCheckUserLogin(UserToken userToken) {
//验证用户
SysUser user = getUserLoginInfo(userToken.getLoginName(),userToken.getLoginPwd());
LOGGER.info("【验证用户checkUserLogin】{}",user);
SysUser user = getUserLoginInfo(userToken.getLoginName(), userToken.getLoginPwd());
LOGGER.info("【验证用户checkUserLogin】{}", user);
//用户单地登录
return packSessionUser(user,CommonEnumUtil.USER_TYPE.USER.getCode(),userToken.getLanguageCode());
return packSessionUser(user, CommonEnumUtil.USER_TYPE.USER.getCode(), userToken.getLanguageCode());
}
@Override
@ApiOperation(value = "封装用户",notes = "封装管理员信息")
@ApiOperation(value = "封装用户", notes = "封装管理员信息")
public SessionUser queryCheckAdminLogin(AdminToken adminToken) {
//验证用户
SysUser user = getUserLoginInfo(adminToken.getLoginName(),adminToken.getLoginPwd());
SysUser user = getUserLoginInfo(adminToken.getLoginName(), adminToken.getLoginPwd());
//未抛异常,封装用户
return packSessionUser(user,CommonEnumUtil.USER_TYPE.ADMIN.getCode(),adminToken.getLanguageCode());
return packSessionUser(user, CommonEnumUtil.USER_TYPE.ADMIN.getCode(), adminToken.getLanguageCode());
}
@Override
@ApiOperation(value = "封装用户",notes = "封装超级管理员信息")
@ApiOperation(value = "封装用户", notes = "封装超级管理员信息")
public SessionUser queryCheckSaAdminLogin(SaAdminToken saAdminToken) {
SysUser user = getUserLoginInfo(saAdminToken.getLoginName(),saAdminToken.getLoginPwd());
return packSessionUser(user,CommonEnumUtil.USER_TYPE.SA.getCode(),saAdminToken.getLanguageCode());
SysUser user = getUserLoginInfo(saAdminToken.getLoginName(), saAdminToken.getLoginPwd());
return packSessionUser(user, CommonEnumUtil.USER_TYPE.SA.getCode(), saAdminToken.getLanguageCode());
}
@Override
@ApiOperation(value = "登录密码错误",notes = "登录密码错误记录错误次数功能")
public Integer doLoginPasswordError(String loginName,String sessionId) {
@ApiOperation(value = "登录密码错误", notes = "登录密码错误记录错误次数功能")
public Integer doLoginPasswordError(String loginName, String sessionId) {
SysUser user = sysUserRDao.getByProperty(new String[]{"userLoginName", "isValid"},
new Object[]{loginName, CommonEnumUtil.TRUE_OR_FALSE.TRUE.getValue()});
if(user != null){
if (user != null) {
String redisKey = CommonConstWords.USER_LOGIN_ERROR + "_" + sessionId + "_" + user.getId();
Object redisValue = redisCore.getObject(redisKey);
Integer num = redisValue == null ? 1 : Integer.parseInt(redisValue.toString()) + 1;
if(num >= CommonConstWords.USER_LOGIN_ERROR_MAX_NUM){
if (num >= CommonConstWords.USER_LOGIN_ERROR_MAX_NUM) {
user.setUserStatus(CommonEnumUtil.USER_STATUS.LOCKING.getValue());
redisCore.deleteKey(redisKey);
sysUserRDao.update(user);
}else{
redisCore.putObject(redisKey,num,CommonConstWords.REDIS_TIME_DAY_ONE);
} else {
redisCore.putObject(redisKey, num, CommonConstWords.REDIS_TIME_DAY_ONE);
}
return num;
}
@ -132,39 +130,67 @@ public class SystemLoginService implements ISystemLoginService {
}
/**
*
*
* @return
*/
@Override
public CommonEnumUtil.LOG_LOGIN_PLATFORM getLoginPlatform(HttpServletRequest request) {
String value = CookieTool.getCookieValue(request, CommonConstWords.SESSION_LOGIN_PLATFORM);
if (StringUtils.isBlank(value)) {
value = CommonEnumUtil.LOG_LOGIN_PLATFORM.PC_IMPP_CORE.getValue() + "";
} else {
try {
Integer.parseInt(value);
} catch (Exception e) {
throw ImppExceptionBuilder.newInstance()
.setSystemID(CommonEnumUtil.SOFT_TYPE.CORE.getCode())
.setErrorCode(ImppExceptionEnum.VARIFY_EXCEPTION_FORMAT.getCode())
.setErrorDetail("平台登录标识转换错误")
.setErrorSolution("请重新操作")
.build();
}
}
CommonEnumUtil.LOG_LOGIN_PLATFORM platform = CommonEnumUtil.LOG_LOGIN_PLATFORM.valueOf(Integer.parseInt(value));
return platform == null ? CommonEnumUtil.LOG_LOGIN_PLATFORM.PC_IMPP_CORE : platform;
}
/**
*
*
* @param loginName
* @param pwd
* @return
*/
public SysUser getUserLoginInfo(String loginName,String pwd) {
public SysUser getUserLoginInfo(String loginName, String pwd) {
SysUser user = sysUserRDao.getByProperty(
new String[]{"userLoginName","isValid"},
new Object[]{loginName,CommonEnumUtil.IS_VAILD.VAILD.getValue()});
new String[]{"userLoginName", "isValid"},
new Object[]{loginName, CommonEnumUtil.IS_VAILD.VAILD.getValue()});
if(user == null){ //用户不存在
if (user == null) { //用户不存在
throw new CredentialsException("用户不存在");
}
if(user.getUserStatus() != CommonEnumUtil.USER_STATUS.ENABLE.getValue()){
if (user.getUserStatus() != CommonEnumUtil.USER_STATUS.ENABLE.getValue()) {
throw new LockedAccountException("账号已被锁定");
}
// 登录AD 域检查
if(ImppSwitchUtil.isLoginActiveDirectory()){
if (ImppSwitchUtil.isLoginActiveDirectory()) {
userPasswordUtil.checkActiveDirectory(user);
return user;
}
SysUserPassword password = null;
String passwordStr = user.getUserLoginPassword();
String passwordStr = user.getUserLoginPassword();
try {
if(Objects.nonNull(user.getUserLoginPasswordId()) && user.getUserLoginPasswordId() > 0){
if (Objects.nonNull(user.getUserLoginPasswordId()) && user.getUserLoginPasswordId() > 0) {
password = passwordService.get(user.getUserLoginPasswordId());
}else{
if(StringUtils.equals(user.getUserLoginPassword(),SysUserPasswordUtil.encoder(pwd))){
} else {
if (StringUtils.equals(user.getUserLoginPassword(), SysUserPasswordUtil.encoder(pwd))) {
SysUserPassword userPassword = new SysUserPassword(user.getId(), SysUserPasswordUtil.encoder(pwd));
ConvertBean.serviceModelInitialize(userPassword,user.getUserName());
ConvertBean.serviceModelInitialize(userPassword, user.getUserName());
password = passwordService.insert(userPassword);
user.setUserLoginPassword(null);
@ -173,12 +199,12 @@ public class SystemLoginService implements ISystemLoginService {
sysUserRDao.save(user);
}
}
if(Objects.nonNull(password)){
if (Objects.nonNull(password)) {
passwordStr = password.getUserPassword();
}
if (StringUtils.equals(passwordStr,SysUserPasswordUtil.encoder(pwd))){
if (StringUtils.equals(passwordStr, SysUserPasswordUtil.encoder(pwd))) {
userPasswordUtil.checkSysUserLogin(user);
return user;
}
@ -194,12 +220,13 @@ public class SystemLoginService implements ISystemLoginService {
/**
*
*
* @param user
* @param userType
* @param languageCode
* @return
*/
private SessionUser packSessionUser(SysUser user,String userType, String languageCode) {
private SessionUser packSessionUser(SysUser user, String userType, String languageCode) {
SessionUser sessionUser = new SessionUser();
sessionUser.setLanguageCode(languageCode);
sessionUser.setUserName(user.getUserName());

87
modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/serviceimpl/base/login/strategy/DefaultLoginStrategy.java
Unescape Escape View File

@ -0,0 +1,87 @@
package cn.estsh.i3plus.core.apiservice.serviceimpl.base.login.strategy;
import cn.estsh.i3plus.core.api.iservice.base.ISystemLoginService;
import cn.estsh.i3plus.core.api.iservice.base.ISystemLoginStrategyService;
import cn.estsh.i3plus.core.api.iservice.busi.ILicenseClickService;
import cn.estsh.i3plus.core.api.iservice.busi.ISysUserService;
import cn.estsh.i3plus.platform.common.util.CommonConstWords;
import cn.estsh.i3plus.pojo.base.bean.BaseThreadLocal;
import cn.estsh.i3plus.pojo.base.enumutil.CommonEnumUtil;
import cn.estsh.i3plus.pojo.model.platform.SystemLoginModel;
import cn.estsh.i3plus.pojo.platform.bean.SessionUser;
import cn.estsh.impp.framework.boot.auth.AuthUtil;
import cn.estsh.impp.framework.boot.util.ImppRedis;
import cn.estsh.impp.framework.boot.util.RedisCacheTool;
import cn.estsh.impp.framework.boot.util.ResultBean;
import cn.estsh.impp.framework.boot.util.ValidatorBean;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.util.function.BiFunction;
import static cn.estsh.i3plus.platform.common.util.CommonConstWords.DEFAULT_LANGUAGE;
/**
* @author Wynne.Lu
* @date 2021/1/18 4:39
* @desc
*/
@Slf4j
@Service
public class DefaultLoginStrategy implements ISystemLoginStrategyService {
@Resource(name = "redisCore")
protected ImppRedis redisCore;
@Autowired
private ILicenseClickService licenseClickService;
@Autowired
private ISysUserService userService;
@Autowired
private ISystemLoginService loginService;
@Override
public BiFunction<HttpServletRequest, SystemLoginModel, ResultBean> login() {
return (request, loginModel) -> {
ResultBean result;
ValidatorBean.checkNotNull(loginModel.getLanguageCode(), "语言不能为空");
// TODO 后期移除,暂时用于避免自动登录后前台没有正确的传输组织代码信息
if ("null".equals(loginModel.getLanguageCode())) {
loginModel.setLanguageCode(DEFAULT_LANGUAGE);
}
// 设置语言代码
BaseThreadLocal.setData(BaseThreadLocal.LANGUAGE_CODE, loginModel.getLanguageCode());
ValidatorBean.checkNotNull(loginModel.getLoginName(), "用户名不能为空");
ValidatorBean.checkNotNull(loginModel.getLoginPwd(), "密码不能为空");
int sessionMode = RedisCacheTool.getSysConfigIntVal(CommonConstWords.CONFIG_SESSION_MODE, CommonConstWords.CONFIG_SESSION_MODE_DEFAULT);
if (sessionMode != CommonEnumUtil.SESSION_MODE.SEIZE.getValue()) {
AuthUtil.logout();
}
SessionUser user = userService.queryUserLogin(
loginModel.getLoginName().trim(),
loginModel.getLoginPwd().trim(),
loginModel.getLanguageCode(),
loginService.getLoginPlatform(request).getValue(),
loginModel.getDeviceId()
);
String redisKey = CommonConstWords.USER_LOGIN_ERROR + "_" + user.getUser().getId();
redisCore.deleteKey(redisKey);
result = new ResultBean(true, AuthUtil.getSession().getId().toString(), AuthUtil.getSessionUser());
result.setUrl("/");
AuthUtil.setOrganize(user.getUser().getOrganize());
return result;
};
}
}

104
modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/serviceimpl/base/login/strategy/E9LoginStrategy.java
Unescape Escape View File

@ -0,0 +1,104 @@
package cn.estsh.i3plus.core.apiservice.serviceimpl.base.login.strategy;
import cn.estsh.i3plus.core.api.iservice.base.ISystemLoginService;
import cn.estsh.i3plus.core.api.iservice.base.ISystemLoginStrategyService;
import cn.estsh.i3plus.core.api.iservice.busi.ILicenseClickService;
import cn.estsh.i3plus.core.api.iservice.busi.ISysUserService;
import cn.estsh.i3plus.platform.common.tool.ServletRequestTool;
import cn.estsh.i3plus.platform.common.util.CommonConstWords;
import cn.estsh.i3plus.platform.common.util.PlatformConstWords;
import cn.estsh.i3plus.pojo.base.bean.BaseThreadLocal;
import cn.estsh.i3plus.pojo.base.enumutil.CommonEnumUtil;
import cn.estsh.i3plus.pojo.base.enumutil.ImppEnumUtil;
import cn.estsh.i3plus.pojo.model.platform.SystemLoginModel;
import cn.estsh.i3plus.pojo.platform.bean.SessionUser;
import cn.estsh.impp.framework.boot.auth.AuthUtil;
import cn.estsh.impp.framework.boot.util.ImppRedis;
import cn.estsh.impp.framework.boot.util.RedisCacheTool;
import cn.estsh.impp.framework.boot.util.ResultBean;
import cn.estsh.impp.framework.boot.util.ValidatorBean;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Lazy;
import org.springframework.stereotype.Service;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.util.Arrays;
import java.util.function.BiFunction;
import static cn.estsh.i3plus.platform.common.util.CommonConstWords.DEFAULT_LANGUAGE;
/**
* @author Wynne.Lu
* @date 2021/1/18 10:53
* @desc
*/
@Lazy
@Slf4j
@Service
public class E9LoginStrategy implements ISystemLoginStrategyService {
@Resource(name = "redisCore")
protected ImppRedis redisCore;
@Autowired
private ILicenseClickService licenseClickService;
@Autowired
private ISysUserService userService;
@Autowired
private ISystemLoginService loginService;
@Override
public BiFunction<HttpServletRequest, SystemLoginModel, ResultBean> login() {
return (request, loginModel) -> {
boolean isRequestFromSpecificIp = validateHost(request);
if (!isRequestFromSpecificIp) {
return ResultBean.fail("单点登录请求未从指定授权服务器发送,校验失败。");
}
licenseClickService.checkLicenseNumberLogin();
ValidatorBean.checkNotNull(loginModel.getLanguageCode(), "语言不能为空");
// TODO 后期移除,暂时用于避免自动登录后前台没有正确的传输组织代码信息
if ("null".equals(loginModel.getLanguageCode())) {
loginModel.setLanguageCode(DEFAULT_LANGUAGE);
}
// 设置语言代码
BaseThreadLocal.setData(BaseThreadLocal.LANGUAGE_CODE, loginModel.getLanguageCode());
BaseThreadLocal.setData(PlatformConstWords.AUTH_REALM_CHOOSE, ImppEnumUtil.AUTH_REALM_STRATEGY.PANASONIC.getStrategyName());
int sessionMode = RedisCacheTool.getSysConfigIntVal(CommonConstWords.CONFIG_SESSION_MODE, CommonConstWords.CONFIG_SESSION_MODE_DEFAULT);
if (sessionMode != CommonEnumUtil.SESSION_MODE.SEIZE.getValue()) {
AuthUtil.logout();
}
SessionUser user = userService.queryUserLogin(
loginModel.getLoginName().trim(),
loginModel.getLoginPwd() == null ? null : loginModel.getLoginPwd().trim(),
loginModel.getLanguageCode(),
loginService.getLoginPlatform(request).getValue(),
loginModel.getDeviceId()
);
String redisKey = CommonConstWords.USER_LOGIN_ERROR + "_" + user.getUser().getId();
redisCore.deleteKey(redisKey);
ResultBean result = new ResultBean(true, AuthUtil.getSession().getId().toString(), AuthUtil.getSessionUser());
result.setUrl("/");
AuthUtil.setOrganize(user.getUser().getOrganize());
return null;
};
}
private boolean validateHost(HttpServletRequest request) {
final String delimiter = ",";
String hostsConfig = RedisCacheTool.getSysConfigStrVal(PlatformConstWords.OSS_REQUEST_HOST);
String[] hosts = hostsConfig.split(delimiter);
String requestHost = ServletRequestTool.getRequestHost(request);
return Arrays.stream(hosts).anyMatch(d -> requestHost.equals(d));
}
}
Write Preview
Loading…
Cancel
Save