From ff970e47665f3b7b209e814d86419f23b0a8885b Mon Sep 17 00:00:00 2001 From: lmc Date: Mon, 2 Dec 2024 14:28:46 +0800 Subject: [PATCH] =?UTF-8?q?=E6=B8=AF=E5=8F=A3=E5=8D=95=E7=82=B9=E7=99=BB?= =?UTF-8?q?=E5=BD=95=E6=8F=90=E4=BA=A4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../com/ruoyi/common/OAuth/OauthDemo.java | 19 +++- .../java/com/ruoyi/common/task/EquTask.java | 2 +- .../framework/aspectj/DataScopeAspect.java | 12 +-- .../framework/config/SecurityConfig.java | 2 +- .../manager/factory/AsyncFactory.java | 2 +- .../security/service/SysLoginService.java | 95 ++++++++++++++++++- .../service/UserDetailsServiceImpl.java | 6 +- .../system/controller/BbcController.java | 5 +- .../system/controller/SysDeptController.java | 2 - .../system/controller/SysLoginController.java | 17 ++++ .../com/business/message/forest/MyClient.java | 6 +- 11 files changed, 144 insertions(+), 24 deletions(-) diff --git a/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/common/OAuth/OauthDemo.java b/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/common/OAuth/OauthDemo.java index 407ad9a..e4f662b 100644 --- a/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/common/OAuth/OauthDemo.java +++ b/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/common/OAuth/OauthDemo.java @@ -5,6 +5,9 @@ import com.fasterxml.jackson.databind.ObjectMapper; import com.ruoyi.common.constant.Constants; import com.ruoyi.framework.security.service.SysLoginService; import com.ruoyi.framework.web.domain.AjaxResult; +import com.ruoyi.project.system.domain.SysUser; +import com.ruoyi.project.system.service.ISysUserService; +import com.ruoyi.project.system.utils.AESUtil; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; @@ -32,11 +35,11 @@ public class OauthDemo { * 认证地址、应用注册id、应用注册key 三个参数因环境不同而不同,建议改为从配置文件中读取 */ //认证地址 - public static final String BASE_URL = "http://utuum.sd-gold.com:7021/idp/oauth2"; + public static final String BASE_URL = "https://iam.sd-port.com:18010/idp/oauth2"; //应用注册id public static final String CLIENT_ID = "hfxyjwzxjc"; //应用注册key - public static final String CLIENT_SECRET = "2c9ecb1b6b1f47d297abb6ffa7ede060"; + public static final String CLIENT_SECRET = "f1a1aebeaf24419591d895768fe72328"; //获取access_token的url public static final String GET_ACCESS_TOKEN_URL = BASE_URL + "/getToken"; @@ -51,7 +54,9 @@ public class OauthDemo { */ @RequestMapping("/redirectToAuth") public void reToAuth(HttpServletRequest request, HttpServletResponse response) { - String url = request.getRequestURL().toString().replaceAll("/prod-api/redirectToAuth", "/prod-api/getAccountName"); + System.out.println("redirectToAuth------------------->"+ request.getRequestURL().toString()); + String url = request.getRequestURL().toString().replaceAll("/redirectToAuth", "/LoginSso"); + System.out.println("redirectToAuth------------------->"+url); String re_url = BASE_URL + "/authorize?redirect_uri=" + url + "&state=sso&client_id=" + CLIENT_ID + "&response_type=code"; try { response.sendRedirect(re_url); @@ -60,6 +65,8 @@ public class OauthDemo { } } + @Autowired + private ISysUserService sysUserService; /** * 此方法最后取到账号acc的值后,需要各系统进行登录逻辑处理 * @param code 用户名和密码认证通过后返回的code,access_token,从而获取到用户或账号信息 @@ -101,9 +108,11 @@ public class OauthDemo { return null; } System.out.println("the acc is :" + acc); - String s = loginService.loginNoCaptcha(userName, passWord, null); + + + String tokenNew = loginService.loginNoCode(acc,"123456",null,null); AjaxResult success = AjaxResult.success(); - success.put(Constants.TOKEN,s); + success.put(Constants.TOKEN,tokenNew); success.put("mgs","登录成功"); return success; } diff --git a/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/common/task/EquTask.java b/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/common/task/EquTask.java index 055cce0..8ae2a85 100644 --- a/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/common/task/EquTask.java +++ b/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/common/task/EquTask.java @@ -36,7 +36,7 @@ public class EquTask { /** * 港口原有设备对接 */ -// @Scheduled(fixedRate = 10000) + @Scheduled(fixedRate = 100000) public void equ(){ String hash = "16EA8A305FB58BE0730DD67F04F022F4"; diff --git a/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java b/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java index c3c70df..8138fea 100644 --- a/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java +++ b/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java @@ -107,10 +107,10 @@ public class DataScopeAspect { continue; } - if (!StringUtils.containsAny(role.getPermissions(), Convert.toStrArray(permission))) - { - continue; - } +// if (!StringUtils.containsAny(role.getPermissions(), Convert.toStrArray(permission))) +// { +// continue; +// } if (DATA_SCOPE_ALL.equals(dataScope)) { sqlString = new StringBuilder(); @@ -135,7 +135,7 @@ public class DataScopeAspect } else if (DATA_SCOPE_DEPT_AND_CHILD.equals(dataScope)) { - sqlString.append(StringUtils.format(" OR {}.dept_id IN ( SELECT dept_id FROM sys_dept WHERE dept_id = {} or FIND_IN_SET ( {} ,ancestors ) <> 0 )", deptAlias, user.getDeptId(), user.getDeptId())); + sqlString.append(StringUtils.format(" {}.dept_id IN ( SELECT dept_id FROM sys_dept WHERE dept_id = {} or FIND_IN_SET ( {} ,ancestors ) <> 0 )", deptAlias, user.getDeptId(), user.getDeptId())); } else if (DATA_SCOPE_SELF.equals(dataScope)) { @@ -164,7 +164,7 @@ public class DataScopeAspect if (StringUtils.isNotNull(params) && params instanceof BaseEntity) { BaseEntity baseEntity = (BaseEntity) params; - baseEntity.getParams().put(DATA_SCOPE, " AND (" + sqlString.substring(4) + ")"); + baseEntity.getParams().put(DATA_SCOPE, " AND (" + sqlString + ")"); } } } diff --git a/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/framework/config/SecurityConfig.java b/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/framework/config/SecurityConfig.java index bda1c17..b5dccc0 100644 --- a/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/framework/config/SecurityConfig.java +++ b/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/framework/config/SecurityConfig.java @@ -111,7 +111,7 @@ public class SecurityConfig .authorizeHttpRequests((requests) -> { permitAllUrl.getUrls().forEach(url -> requests.antMatchers(url).permitAll()); // 对于登录login 注册register 验证码captchaImage 允许匿名访问 - requests.antMatchers("/login","/bbc/**", + requests.antMatchers("/singleSign","/login","/bbc/**", "/register", "/captchaImage","/outside/*","/redirectToAuth","/getAccountName").permitAll() // 静态资源,可匿名访问 .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll() diff --git a/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/framework/manager/factory/AsyncFactory.java b/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/framework/manager/factory/AsyncFactory.java index 1360b40..f643ca0 100644 --- a/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/framework/manager/factory/AsyncFactory.java +++ b/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/framework/manager/factory/AsyncFactory.java @@ -75,7 +75,7 @@ public class AsyncFactory logininfor.setStatus(Constants.FAIL); } // 插入数据 - SpringUtils.getBean(ISysLogininforService.class).insertLogininfor(logininfor); +// SpringUtils.getBean(ISysLogininforService.class).insertLogininfor(logininfor); } }; } diff --git a/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/framework/security/service/SysLoginService.java b/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/framework/security/service/SysLoginService.java index 0410ac2..349a840 100644 --- a/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/framework/security/service/SysLoginService.java +++ b/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/framework/security/service/SysLoginService.java @@ -6,6 +6,8 @@ import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; +import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.stereotype.Component; import com.ruoyi.common.constant.CacheConstants; import com.ruoyi.common.constant.Constants; @@ -101,6 +103,55 @@ public class SysLoginService } + /** + * 登录验证 + * + * @param username 用户名 + * @param password 密码 + * @param code 验证码 + * @param uuid 唯一标识 + * @return 结果 + */ + public String loginNoCode(String username, String password, String code, String uuid) + { + // 验证码校验 +// validateCaptcha(username, code, uuid); + // 登录前置校验 +// loginPreCheck(username, password); + // 用户验证 + Authentication authentication = null; + try + { + UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username, password); + AuthenticationContextHolder.setContext(authenticationToken); + // 该方法会去调用UserDetailsServiceImpl.loadUserByUsername + authentication = authenticationManager.authenticate(authenticationToken); + } + catch (Exception e) + { + + if (e instanceof BadCredentialsException) + { +// AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.password.not.match"))); + throw new UserPasswordNotMatchException(); + } + else + { +// AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, e.getMessage())); + throw new ServiceException(e.getMessage()); + } + } + finally + { + AuthenticationContextHolder.clearContext(); + } + AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success"))); + LoginUser loginUser = (LoginUser) authentication.getPrincipal(); + recordLoginInfo(loginUser.getUserId()); + // 生成token + return tokenService.createToken(loginUser); + } + /** * 无需验证码登录 * 重写login方法将验证码模块去掉 @@ -115,7 +166,9 @@ public class SysLoginService Authentication authentication = null; try { - UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username, password); +// UserDetails userDetails = userDetailsService.loadUserByUsername(username); + + UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username, null); AuthenticationContextHolder.setContext(authenticationToken); // 该方法会去调用UserDetailsServiceImpl.loadUserByUsername authentication = authenticationManager.authenticate(authenticationToken); @@ -133,14 +186,52 @@ public class SysLoginService throw new ServiceException(e.getMessage()); } } - AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success"))); +// AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success"))); LoginUser loginUser = (LoginUser) authentication.getPrincipal(); + System.out.println(loginUser); recordLoginInfo(loginUser.getUserId()); // 生成token return tokenService.createToken(loginUser); } + /** + * 不加验证码登录 + * + * @param username 用户名 + * @param password 密码 + * @param uuid 唯一标识 + * @return 结果 + */ + public String loginNoCode(String username, String password, String uuid) + { + // 用户验证 + Authentication authentication = null; + try + { + // 该方法会去调用UserDetailsServiceImpl.loadUserByUsername + authentication = authenticationManager + .authenticate(new UsernamePasswordAuthenticationToken(username, password)); + } + catch (Exception e) + { + if (e instanceof BadCredentialsException) + { + AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.password.not.match"))); + throw new UserPasswordNotMatchException(); + } + else + { +// AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, e.getMessage())); + throw new ServiceException(e.getMessage()); + } + } + AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success"))); + LoginUser loginUser = (LoginUser) authentication.getPrincipal(); + recordLoginInfo(loginUser.getUserId()); + // 生成token + return tokenService.createToken(loginUser); + } /** * 校验验证码 diff --git a/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/framework/security/service/UserDetailsServiceImpl.java b/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/framework/security/service/UserDetailsServiceImpl.java index 82960c6..f1c2cee 100644 --- a/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/framework/security/service/UserDetailsServiceImpl.java +++ b/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/framework/security/service/UserDetailsServiceImpl.java @@ -53,13 +53,15 @@ public class UserDetailsServiceImpl implements UserDetailsService throw new ServiceException(MessageUtils.message("user.blocked")); } - passwordService.validate(user); +// passwordService.validate(user); return createLoginUser(user); } public UserDetails createLoginUser(SysUser user) { - return new LoginUser(user.getUserId(), user.getDeptId(), user, permissionService.getMenuPermission(user)); + LoginUser loginUser = new LoginUser(user.getUserId(), user.getDeptId(), user, permissionService.getMenuPermission(user)); + System.out.println(loginUser.toString()); + return loginUser; } } diff --git a/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/project/system/controller/BbcController.java b/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/project/system/controller/BbcController.java index d034cdc..751570f 100644 --- a/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/project/system/controller/BbcController.java +++ b/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/project/system/controller/BbcController.java @@ -4,6 +4,7 @@ package com.ruoyi.project.system.controller; import com.alibaba.fastjson2.JSON; import com.alibaba.fastjson2.JSONObject; import com.banboocloud.Codec.BamboocloudFacade; +import com.ruoyi.common.utils.SecurityUtils; import com.ruoyi.common.utils.reflect.ReflectUtils; import com.ruoyi.framework.web.controller.BaseController; import com.ruoyi.project.system.domain.SysUser; @@ -192,7 +193,7 @@ public class BbcController extends BaseController { logger.info("reqmap---------->"+reqmap); SysUser user = new SysUser(); user.setUserName(userName); - user.setPassword(pass); + user.setPassword(SecurityUtils.encryptPassword(("123456"))); user.setPhonenumber(mobile); user.setStatus(status); user.setNickName(nickName); @@ -271,7 +272,7 @@ public class BbcController extends BaseController { logger.info("reqmap---------->"+reqmap); SysUser user = new SysUser(); user.setUserName(userName); - user.setPassword(pass); + user.setPassword(SecurityUtils.encryptPassword(("123456"))); user.setPhonenumber(mobile); user.setStatus(status); user.setNickName(nickName); diff --git a/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/project/system/controller/SysDeptController.java b/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/project/system/controller/SysDeptController.java index 93ef6fe..4a566cd 100644 --- a/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/project/system/controller/SysDeptController.java +++ b/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/project/system/controller/SysDeptController.java @@ -39,9 +39,7 @@ public class SysDeptController extends BaseController /** * 获取部门列表 */ - @PreAuthorize("@ss.hasPermi('system:dept:list')") @GetMapping("/list") - @DataScope(deptAlias="d", permission="4") public AjaxResult list(SysDept dept) { List depts = deptService.selectDeptList(dept); diff --git a/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/project/system/controller/SysLoginController.java b/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/project/system/controller/SysLoginController.java index 783e461..0a58c0d 100644 --- a/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/project/system/controller/SysLoginController.java +++ b/RuoYi-Vue-Oracle/src/main/java/com/ruoyi/project/system/controller/SysLoginController.java @@ -1,6 +1,7 @@ package com.ruoyi.project.system.controller; import java.util.List; +import java.util.Locale; import java.util.Set; import com.ruoyi.project.system.utils.AESUtil; @@ -52,6 +53,22 @@ public class SysLoginController ajax.put(Constants.TOKEN, token); return ajax; } + /** + * 登录方法 + * + * @param loginBody 登录信息 + * @return 结果 + */ + @PostMapping("/singleSign") + public AjaxResult singleSign(@RequestBody LoginBody loginBody) throws Exception { + AjaxResult ajax = AjaxResult.success(); + // 生成令牌 + String password= AESUtil.decrypt(loginBody.getPassword()); + String token = loginService.loginNoCode(loginBody.getUsername().toLowerCase(Locale.ROOT),password, loginBody.getCode(), + loginBody.getUuid()); + ajax.put(Constants.TOKEN, token); + return ajax; + } /** * 获取用户信息 diff --git a/message/message/src/main/java/com/business/message/forest/MyClient.java b/message/message/src/main/java/com/business/message/forest/MyClient.java index 3f79253..396b004 100644 --- a/message/message/src/main/java/com/business/message/forest/MyClient.java +++ b/message/message/src/main/java/com/business/message/forest/MyClient.java @@ -1,13 +1,15 @@ package com.business.message.forest; import com.dtflys.forest.annotation.Body; +import com.dtflys.forest.annotation.JSONBody; import com.dtflys.forest.annotation.Post; import org.springframework.stereotype.Component; @Component public interface MyClient { - @Post("http://218.58.79.146:13080/prod-api/outside/sensorData") - String receiveSensorData(@Body("data") String data); + @Post("http://10.167.96.13/prod-api/outside/sensorData") +// @Post("http://127.0.0.1:8080/outside/sensorData") + String receiveSensorData(@JSONBody String data); }