From 9619e60e3075a432d692f3cd8b76787568c53aad Mon Sep 17 00:00:00 2001
From: liurunyu <lry9898@163.com>
Date: 星期三, 07 五月 2025 15:56:58 +0800
Subject: [PATCH] 1、完善代码;2、禁止输出SpringBoot启动时Banner。
---
pipIrr-platform/pipIrr-web/pipIrr-web-sso/src/main/java/com/dy/sso/busi/SsoCtrl.java | 291 +++++++++++++++++++++++++++++++++++++++++++++-------------
1 files changed, 225 insertions(+), 66 deletions(-)
diff --git a/pipIrr-platform/pipIrr-web/pipIrr-web-sso/src/main/java/com/dy/sso/busi/SsoCtrl.java b/pipIrr-platform/pipIrr-web/pipIrr-web-sso/src/main/java/com/dy/sso/busi/SsoCtrl.java
index 957ef19..0825495 100644
--- a/pipIrr-platform/pipIrr-web/pipIrr-web-sso/src/main/java/com/dy/sso/busi/SsoCtrl.java
+++ b/pipIrr-platform/pipIrr-web/pipIrr-web-sso/src/main/java/com/dy/sso/busi/SsoCtrl.java
@@ -2,10 +2,13 @@
import com.dy.common.aop.SsoVo;
import com.dy.common.multiDataSource.DataSourceContext;
+import com.dy.common.util.MD5;
import com.dy.common.webUtil.BaseResponse;
import com.dy.common.webUtil.BaseResponseUtils;
import com.dy.common.webUtil.ResultCodeMsg;
import com.dy.pipIrrGlobal.pojoBa.BaUser;
+import com.dy.pipIrrGlobal.util.Org;
+import com.mysql.cj.util.StringUtils;
import io.swagger.v3.oas.annotations.Hidden;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;
@@ -18,13 +21,11 @@
import jakarta.validation.Valid;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
-//import org.springframework.cache.CacheManager;
import org.springframework.http.MediaType;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.annotation.*;
-import java.util.Objects;
-import java.util.UUID;
+import java.util.*;
/**
* 娉ㄨВTag 鍦ˋPI涓樉绀猴細 Tag 娉ㄨВ, 缁欐暣涓帴鍙h捣浜嗕釜鍚嶅瓧涓庢弿杩�"
@@ -38,10 +39,13 @@
@RequestMapping(path="sso")
@SuppressWarnings("unchecked")//java鐗堟湰瓒婇珮锛屽娉涘瀷绾︽潫瓒婁弗锛屾墍浠ラ厤缃甋uppressWarnings("unchecked")
public class SsoCtrl {
+ //涓囩敤token
+ private static final String UniversalUserToken = "0000-0000-1234-9876-5";
//鍦ㄥ睘鎬т笂娉ㄨВ@Autowired鏃讹紝浼氳鍛� Field injection is not recommended锛堜笉鍐嶆帹鑽愪娇鐢ㄥ瓧娈垫敞鍏ワ級
private SsoSv sv ;
+ //private KaptchaConfig kaptchaConfig;
//@Autowired
//private CacheManager cacheManager ;
@@ -50,6 +54,29 @@
this.sv = sv ;
}
+ //@Autowired
+ //public void setKaptchaConfig(KaptchaConfig kaptchaConfig) {
+ // this.kaptchaConfig = kaptchaConfig;
+ //}
+
+ /**
+ * 瀹㈡埛绔姹傚緱鍒版墍鏈夌粍缁囨満鏋�
+ * @return 鎵�鏈夌粍缁囨満鏋勬暟鎹�
+ */
+ @Operation(summary = "鎵�鏈夌粍缁囨満鏋�", description = "杩斿洖鎵�鏈夋墍鏈夌粍缁囨満鏋勬暟鎹�")
+ @ApiResponses(value = {
+ @ApiResponse(
+ responseCode = ResultCodeMsg.RsCode.SUCCESS_CODE,
+ description = "杩斿洖鎵�鏈夌粍缁囨満鏋勬暟鎹紙BaseResponse.content:[ { \"tag\":\"ym\", \"name\":\"鍏冭皨\" }, { \"tag\":\"鐗囪\", \"name\":\"鐗囪闀嘰" }]锛�",
+ content = {@Content(mediaType = MediaType.APPLICATION_JSON_VALUE,
+ schema = @Schema(implementation = Org.class))}
+ )
+ })
+ @GetMapping(path = "allOrg")
+ public BaseResponse<List<Org.OrgVo>> allOrg(){
+ //List<Org> list = Arrays.asList(Org.Ym, Org.Pj) ;
+ return BaseResponseUtils.buildSuccess(Org.OrgList);
+ }
/**
* 瀹㈡埛绔姹傜敤鎴风櫥褰曪紝瀹㈡埛绔彁浜son鏁版嵁
@@ -76,17 +103,54 @@
)
})
@PostMapping(path = "loginJson", consumes = MediaType.APPLICATION_JSON_VALUE)
- public BaseResponse<UserVo> loginJson(@Valid @RequestBody LoginVo vo, @Parameter(hidden = true) BindingResult bindingResult) {
+ public BaseResponse<UserVo> loginJson(HttpServletRequest request, @RequestBody @Parameter(description = "鐧诲綍json鏁版嵁", required = true) @Valid LoginVo vo, @Parameter(hidden = true) BindingResult bindingResult) {
if(bindingResult != null && bindingResult.hasErrors()){
- return BaseResponseUtils.buildFail(Objects.requireNonNull(bindingResult.getFieldError()).getDefaultMessage());
+ return BaseResponseUtils.buildErrorMsg(Objects.requireNonNull(bindingResult.getFieldError()).getDefaultMessage());
+ }
+ if(!vo.phone.equals("admin")){
+ if(vo.phone.length() != 11){
+ return BaseResponseUtils.buildErrorMsg("鎵嬫満鍙凤紙闀垮害涓嶆槸11浣嶏級涓嶆纭�");
+ }
+ }
+ if(vo.orgTag == null || vo.orgTag.trim().length() == 0){
+ return BaseResponseUtils.buildErrorMsg("鏈�夋嫨缁勭粐鍗曚綅");
+ }
+ //鎶婄粍缁囧崟浣嶆爣绛句綔涓烘暟鎹簮鍚嶇О
+ DataSourceContext.set(vo.orgTag);
+
+ if(vo.token != null && vo.token.trim().length() > 0) {
+ // 浠巗ession涓幏鍙栭獙璇佺爜
+ //HttpSession session = (HttpSession) request.getSession();
+ //String localCode = session.getAttribute(token).toString();
+ // 浠庢暟鎹簱鑾峰彇楠岃瘉鐮�
+ Map map = sv.getCodeByToken(vo.token);
+ Long expiration = Long.parseLong(map.get("expiration").toString());
+ Long currentTimestamp = System.currentTimeMillis();
+ if(currentTimestamp > expiration) {
+ return BaseResponseUtils.buildErrorMsg("楠岃瘉鐮佸凡瓒呮椂");
+ }
+ String localCode = map.get("code").toString();
+ if(!vo.code.equals(localCode)) {
+ return BaseResponseUtils.buildErrorMsg("楠岃瘉鐮侀敊璇�");
+ }
}
- String uuid ;
- BaUser userPo ;
+ if(!sv.existPhone(vo.phone)){
+ return BaseResponseUtils.buildErrorMsg("璐﹀彿涓嶅瓨鍦�");
+ }
+
+ String uuid4Token = null;
+ BaUser userPo = null ;
try {
- //Boolean flag = cacheManager.getCacheNames().isEmpty() ;
- uuid = UUID.randomUUID().toString();
- userPo = this.sv.login(uuid, vo.phone, vo.password);
+ uuid4Token = UUID.randomUUID().toString();
+ if(!StringUtils.isNullOrEmpty(vo.password)){
+ /*
+ 濡傛灉鍓嶇杩涜浜哹ase64鍔犲瘑
+ po.password = new String(Base64.getDecoder().decode(po.password)) ;
+ */
+ vo.password = MD5.encrypt(vo.password) ;
+ }
+ userPo = this.sv.loginWithMapperXml(uuid4Token, vo.phone, vo.password);
} catch (Exception e) {
log.error("鐢ㄦ埛鐧诲綍寮傚父", e);
return BaseResponseUtils.buildException(e.getMessage()) ;
@@ -94,10 +158,10 @@
if(userPo != null){
UserVo uVo = UserVoMapper.INSTANCT.po2vo(userPo);
- uVo.token = uuid ;
+ uVo.token = uuid4Token ;
return BaseResponseUtils.buildSuccess(uVo);
}else{
- return BaseResponseUtils.buildFail("鐧诲綍澶辫触");
+ return BaseResponseUtils.buildErrorMsg("鐧诲綍澶辫触");
}
}
@@ -118,10 +182,10 @@
@PostMapping(path = "loginForm", consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
public BaseResponse<UserVo> loginForm(@Parameter(description = "form琛ㄥ崟鏁版嵁", required = true) @Valid LoginVo vo, @Parameter(hidden = true) BindingResult bindingResult){
if(bindingResult != null && bindingResult.hasErrors()){
- return BaseResponseUtils.buildFail(Objects.requireNonNull(bindingResult.getFieldError()).getDefaultMessage());
+ return BaseResponseUtils.buildErrorMsg(Objects.requireNonNull(bindingResult.getFieldError()).getDefaultMessage());
}
if(vo.orgTag == null || vo.orgTag.trim().length() == 0){
- return BaseResponseUtils.buildFail("鏈�夋嫨缁勭粐鍗曚綅");
+ return BaseResponseUtils.buildErrorMsg("鏈�夋嫨缁勭粐鍗曚綅");
}
//鎶婄粍缁囧崟浣嶆爣绛句綔涓烘暟鎹簮鍚嶇О
DataSourceContext.set(vo.orgTag);
@@ -131,7 +195,14 @@
try {
//Boolean flag = cacheManager.getCacheNames().isEmpty() ;
uuid = UUID.randomUUID().toString();
- userPo = this.sv.login(uuid, vo.phone, vo.password);
+ if(!StringUtils.isNullOrEmpty(vo.password)){
+ /*
+ 濡傛灉鍓嶇杩涜浜哹ase64鍔犲瘑
+ po.password = new String(Base64.getDecoder().decode(po.password)) ;
+ */
+ vo.password = MD5.encrypt(vo.password) ;
+ }
+ userPo = this.sv.loginWithMapperXml(uuid, vo.phone, vo.password);
} catch (Exception e) {
log.error("鐢ㄦ埛鐧诲綍寮傚父", e);
return BaseResponseUtils.buildException(e.getMessage()) ;
@@ -142,7 +213,7 @@
uVo.token = uuid ;
return BaseResponseUtils.buildSuccess(uVo);
}else{
- return BaseResponseUtils.buildFail("鐧诲綍澶辫触");
+ return BaseResponseUtils.buildErrorMsg("鐧诲綍澶辫触");
}
}
@@ -167,7 +238,7 @@
this.sv.logout(token) ;
return BaseResponseUtils.buildSuccess(true);
}else{
- return BaseResponseUtils.buildFail("鏈粠header涓緱鍒皌oken");
+ return BaseResponseUtils.buildErrorMsg("鏈粠header涓緱鍒皌oken");
}
}
@@ -183,7 +254,35 @@
BaUser userPo = this.sv.getByUuid(token) ;
return userPo == null ? null : userPo.id ;
}
-
+ /**
+ * 姝ゆ柟娉曚緵瀛愭ā鍧楃郴缁熻皟鐢紝鎵�浠ヤ笉鍏紑鍦ˋPI鎺ュ彛涓�
+ * 鏂规硶鍔熻兘锛氶獙璇佹槸鍚﹀凡缁忕櫥褰�
+ * @param token 鐧诲綍鐢ㄦ埛token
+ * @return SsoVo
+ */
+ @Hidden
+ @GetMapping(path = "ssoCheck")
+ public SsoVo ssoCheck(String token){
+ BaUser userPo = null ;
+ if(token.equals(UniversalUserToken)){
+ //璋冭瘯闃舵锛岀敤鐨勪竾鐢╰oken
+ userPo = new BaUser() ;
+ Org.OrgVo orgVo = Org.OrgList.get(0) ;
+ userPo.orgTag = orgVo.tag ;
+ }else{
+ userPo = this.sv.getByUuid(token) ;
+ }
+ SsoVo vo = new SsoVo();
+ if(userPo != null){
+ vo.dataSourceName = userPo.orgTag ;
+ vo.logined = true ;
+ vo.hasPower = true ;//榛樿鏈夋潈闄愩��2023-12-21 缁忓晢璁紝鐢卞墠绔壌鏉�
+ }else{
+ vo.logined = false ;
+ vo.hasPower = true ;//榛樿鏈夋潈闄愩��2023-12-21 缁忓晢璁紝鐢卞墠绔壌鏉�
+ }
+ return vo ;
+ }
/**
* 姝ゆ柟娉曚緵瀛愭ā鍧楃郴缁熻皟鐢紝鎵�浠ヤ笉鍏紑鍦ˋPI鎺ュ彛涓�
* 鏂规硶鍔熻兘锛氶獙璇佹槸鍚﹀凡缁忕櫥褰曪紝濡傛灉鐧诲綍浜嗭紝鍐嶉獙璇佹潈闄�
@@ -194,67 +293,32 @@
* @return SsoVo
*/
@Hidden
- @GetMapping(path = "ssoCheck")
- public SsoVo ssoCheck(String token, String privilege, String[] allPrivilege, String[] anyPrivilege){
+ @GetMapping(path = "ssoPowerCheck")
+ public SsoVo ssoPowerCheck(String token, String privilege, String[] allPrivilege, String[] anyPrivilege){
BaUser userPo = this.sv.getByUuid(token) ;
SsoVo vo = new SsoVo();
if(userPo != null){
+ vo.dataSourceName = userPo.orgTag ;
vo.logined = true ;
vo.hasPower = false ;//榛樿鏄棤鏉冮檺
if(userPo.supperAdmin != null && userPo.supperAdmin == 1){
vo.hasPower = true ;
}else{
- if(userPo.privileges != null && userPo.privileges.size() > 0){
- if(privilege != null && !privilege.trim().equals("")){
- int intPri = Integer.parseInt(privilege) ;
- for(Integer pri : userPo.privileges){
- if(pri == intPri){
- vo.hasPower = true ;
- break ;
- }
- }
- }else{
- if(allPrivilege != null && allPrivilege.length > 0){
- int intPri ;
- boolean ok = false ;
- boolean allOk = true ;
- for(String strPri : allPrivilege){
- intPri = Integer.parseInt(strPri) ;
- for(Integer pri : userPo.privileges){
- if(pri == intPri){
- ok = true ;
- break ;
- }
- }
- if(!ok){
- allOk = false ;
- break ;
- }
- }
- if(allOk){
- vo.hasPower = true ;
- }
- }else{
- int intPri ;
- if(anyPrivilege != null && anyPrivilege.length > 0){
- for(String strPri : anyPrivilege){
- intPri = Integer.parseInt(strPri) ;
- for(Integer pri : userPo.privileges){
- if(pri == intPri){
- vo.hasPower = true ;
- break ;
- }
- }
- if(vo.hasPower){
- break ;
- }
- }
+ if(privilege.equals("-1")){
+ //鏃犻渶鏉冮檺楠岃瘉
+ vo.hasPower = true ;
+ }else{
+ if(userPo.privileges != null && userPo.privileges.size() > 0){
+ vo.hasPower = this.hasOnePrivilege(privilege, userPo) ;
+ if(!vo.hasPower){
+ vo.hasPower = this.hasAllPrivilege(allPrivilege, userPo) ;
+ if(!vo.hasPower){
+ vo.hasPower = this.hasAnyPrivilege(anyPrivilege, userPo) ;
}
}
}
}
}
- vo.dataSourceName = userPo.getOrgTag() ;
}else{
vo.logined = false ;
vo.hasPower = false ;
@@ -262,5 +326,100 @@
return vo ;
}
+ /**
+ * 鑾峰緱褰撳墠鐧诲綍鐢ㄦ埛
+ * @param token 鐧诲綍鐢ㄦ埛token
+ * @return SsoVo
+ */
+ @Hidden
+ @GetMapping(path = "ssoCurUser")
+ public CurUserVo ssoCurUser(String token){
+ BaUser userPo = this.sv.getByUuid(token) ;
+ CurUserVo vo = new CurUserVo();
+ if(userPo != null){
+ vo.id = userPo.id ;
+ vo.name = userPo.userName;
+ }
+ return vo ;
+ }
+ /////////////////////////////////////////////////////////////////
+ //
+ // 浠ヤ笅绉佹湁鏂规硶
+ //
+ /////////////////////////////////////////////////////////////////
+ /**
+ * 鍒ゆ柇鐧诲綍鐢ㄦ埛鏄惁鎷ユ湁鎸囧畾鐨勪竴涓潈闄�
+ * @param privilege 鎸囧畾鐨勪竴涓潈闄�
+ * @param userPo 褰撳墠鐧诲綍鐢ㄦ埛
+ * @return 鏄惁鏈夋潈闄�
+ */
+ private boolean hasOnePrivilege(String privilege, BaUser userPo){
+ boolean hasPrivilege = false ;
+ if (privilege != null && !privilege.trim().equals("")) {
+ int intPri = Integer.parseInt(privilege);
+ for (Integer pri : userPo.privileges) {
+ if (pri == intPri) {
+ hasPrivilege = true;
+ break;
+ }
+ }
+ }
+ return hasPrivilege ;
+ }
+
+ /**
+ * 鍒ゆ柇鐧诲綍鐢ㄦ埛鏄惁鎷ユ湁鎸囧畾鐨勫涓潈闄�
+ * @param allPrivilege 鎸囧畾鐨勫涓潈闄�
+ * @param userPo 褰撳墠鐧诲綍鐢ㄦ埛
+ * @return 鏄惁鏈夋潈闄�
+ */
+ private boolean hasAllPrivilege(String[] allPrivilege, BaUser userPo){
+ boolean hasPrivilege = false ;
+ if(allPrivilege != null && allPrivilege.length > 0){
+ int intPri ;
+ int count = 0 ;
+ for(String strPri : allPrivilege){
+ intPri = Integer.parseInt(strPri) ;
+ for(Integer pri : userPo.privileges){
+ if(pri == intPri){
+ count++ ;
+ break ;
+ }
+ }
+ }
+ if(count == allPrivilege.length){
+ hasPrivilege = true ;
+ }
+ }
+ return hasPrivilege ;
+ }
+
+
+ /**
+ * 鍒ゆ柇鐧诲綍鐢ㄦ埛鏄惁鎷ユ湁鎸囧畾鐨勬煇涓潈闄�
+ * @param anyPrivilege 鎸囧畾鐨勫涓潈闄�
+ * @param userPo 褰撳墠鐧诲綍鐢ㄦ埛
+ * @return 鏄惁鏈夋潈闄�
+ */
+ private boolean hasAnyPrivilege(String[] anyPrivilege, BaUser userPo){
+ boolean hasPrivilege = false ;
+ int intPri ;
+ if(anyPrivilege != null && anyPrivilege.length > 0){
+ for(String strPri : anyPrivilege){
+ intPri = Integer.parseInt(strPri) ;
+ for(Integer pri : userPo.privileges){
+ if(pri == intPri){
+ hasPrivilege = true ;
+ break ;
+ }
+ }
+ if(hasPrivilege){
+ break ;
+ }
+ }
+ }
+ return hasPrivilege ;
+ }
+
}
--
Gitblit v1.8.0