bonus
/
Bonus-Cloud
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Merge remote-tracking branch 'origin/main'

This commit is contained in:
jiang 2025-01-06 16:53:26 +08:00
parent 8fde2d2cde 7f4cb6d520
commit 2b117c00a4
47 changed files with 405 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
bonus-api/bonus-api-system/pom.xml
View File

@ -5,7 +5,7 @@
<parent>
<groupId>com.bonus</groupId>
<artifactId>bonus-api</artifactId>
<version>24.11.0-SNAPSHOT</version>
<version>24.12.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>

9
bonus-api/bonus-api-system/src/main/java/com/bonus/system/api/domain/SysUser.java
View File

@ -11,6 +11,7 @@ import org.apache.commons.lang3.builder.ToStringStyle;
import javax.validation.constraints.Email;
import javax.validation.constraints.NotBlank;
import javax.validation.constraints.Pattern;
import javax.validation.constraints.Size;
import java.util.Date;
import java.util.List;
@ -194,7 +195,7 @@ public class SysUser extends BaseEntity {
}
@Xss(message = "用户昵称不能包含脚本字符")
@Size(min = 0, max = 30, message = "用户昵称长度不能超过30个字符")
@Size(min = 0, max = 20, message = "用户昵称长度不能超过20个字符")
public String getNickName() {
return nickName;
}
@ -205,7 +206,7 @@ public class SysUser extends BaseEntity {
@Xss(message = "用户账号不能包含脚本字符")
@NotBlank(message = "用户账号不能为空")
@Size(min = 0, max = 30, message = "用户账号长度不能超过30个字符")
@Size(min = 0, max = 20, message = "用户账号长度不能超过20个字符")
public String getUserName() {
return userName;
}
@ -215,7 +216,7 @@ public class SysUser extends BaseEntity {
}
@Email(message = "邮箱格式不正确")
// @Size(min = 0, max = 50, message = "邮箱长度不能超过50个字符")
@Size(min = 0, max = 50, message = "邮箱长度不能超过50个字符")
public String getEmail() {
return email;
}
@ -224,7 +225,7 @@ public class SysUser extends BaseEntity {
this.email = email;
}
// @Size(min = 0, max = 11, message = "手机号码长度不能超过11个字符")
@Pattern(regexp = "^\\d{11}$", message = "手机号码只能包含11位数字")
public String getPhonenumber() {
return phonenumber;
}

2
bonus-api/pom.xml
View File

@ -4,7 +4,7 @@
<parent>
<groupId>com.bonus</groupId>
<artifactId>bonus</artifactId>
<version>24.11.0-SNAPSHOT</version>
<version>24.12.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>

4
bonus-auth/pom.xml
View File

@ -4,7 +4,7 @@
<parent>
<groupId>com.bonus</groupId>
<artifactId>bonus</artifactId>
<version>24.11.0-SNAPSHOT</version>
<version>24.12.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
@ -87,7 +87,7 @@
<dependency>
<groupId>com.bonus</groupId>
<artifactId>bonus-common-config</artifactId>
<version>24.11.0-SNAPSHOT</version>
<version>24.12.0-SNAPSHOT</version>
<scope>compile</scope>
</dependency>
<dependency>

46
bonus-auth/src/main/java/com/bonus/auth/controller/TokenController.java
View File

@ -1,5 +1,6 @@
package com.bonus.auth.controller;
import com.alibaba.fastjson.JSONObject;
import com.bonus.auth.config.LoginType;
import com.bonus.auth.factory.LoginStrategyFactory;
import com.bonus.auth.form.LoginBody;
@ -8,6 +9,7 @@ import com.bonus.auth.service.*;
import com.bonus.common.core.constant.CacheConstants;
import com.bonus.common.core.constant.SecurityConstants;
import com.bonus.common.core.domain.R;
import com.bonus.common.core.exception.ServiceException;
import com.bonus.common.core.utils.JwtUtils;
import com.bonus.common.core.utils.StringUtils;
import com.bonus.common.core.web.domain.AjaxResult;
@ -23,14 +25,19 @@ import com.bonus.system.api.domain.SysUser;
import com.bonus.system.api.model.LoginUser;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.client.RestTemplate;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.util.Collection;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
/**
@ -71,6 +78,18 @@ public class TokenController {
@Resource
private RemoteConfigService configService;
@Value("${third-party-login.iws.webAppId}")
private String iwsWebAppId;
@Value("${third-party-login.iws.webUrl}")
private String iwsWebUrl;
@Value("${third-party-login.iws.h5AppId}")
private String iwsH5AppId;
@Value("${third-party-login.iws.h5Url}")
private String iwsH5Url;
@PostMapping("isAdmin")
public R<?> isAdmin(@RequestBody LoginBody form) {
if (!config.isAdmin()) {
@ -139,6 +158,33 @@ public class TokenController {
}
/**
* i皖送登录
* @return
*/
@PostMapping("iwsLogin")
public R<?> iwsLogin(@RequestBody LoginBody form) {
//获取i皖送传过来的票据
String ticket = form.getTicket();
log.info("ticket=" + ticket);
if (StringUtils.isNotEmpty(ticket)) {
LoginUser loginUser = new LoginUser();
SysUser sysUser = new SysUser();
if (form.getSysType()!=null && "1".equals(form.getSysType())){
sysLoginService.iwsH5Login(ticket,iwsH5AppId,iwsH5Url,loginUser,sysUser);
} else if (form.getSysType()!=null && "0".equals(form.getSysType())) {
sysLoginService.iwsWebLogin(ticket,iwsWebAppId,iwsWebUrl,loginUser,sysUser);
}else {
throw new ServiceException("登录失败,请稍后重试");
}
logService.saveLogin(sysUser.getUserName(), "登录", "登录成功", null, "成功");
//生成系统token
return R.ok(tokenService.createToken(loginUser));
}
return R.fail("登录失败!");
}
/**
* 获取手机验证码
*

9
bonus-auth/src/main/java/com/bonus/auth/form/LoginBody.java
View File

@ -38,4 +38,13 @@ public class LoginBody {
private String mobileCodeType;
/**
* i皖送使用的ticket
*/
private String ticket;
/**
* i皖送登录方式 0web端登录 1H5登录
*/
private String sysType;
}

2
bonus-auth/src/main/java/com/bonus/auth/service/EmailOtpLoginStrategy.java
View File

@ -31,7 +31,7 @@ public class EmailOtpLoginStrategy implements LoginStrategy {
throw new ServiceException("用户不存在/密码错误");
}
passwordValidatorService.checkPhoneCaptcha(email, otp);
R<LoginUser> userResult = remoteUserService.getUserInfoByEmail(Sm4Utils.encrypt(email), SecurityConstants.INNER);
R<LoginUser> userResult = remoteUserService.getUserInfoByEmail(email, SecurityConstants.INNER);
//验证用户是否存在
passwordValidatorService.validateUserResult(email, userResult);
LoginUser userInfo = userResult.getData();

2
bonus-auth/src/main/java/com/bonus/auth/service/EmailPasswordLoginStrategy.java
View File

@ -34,7 +34,7 @@ public class EmailPasswordLoginStrategy implements LoginStrategy {
throw new ServiceException("用户不存在/密码错误");
}
//通过手机号获取用户信息
R<LoginUser> userResult = remoteUserService.getUserInfoByEmail(Sm4Utils.encrypt(email), SecurityConstants.INNER);
R<LoginUser> userResult = remoteUserService.getUserInfoByEmail(email, SecurityConstants.INNER);
//验证用户是否存在
passwordValidatorService.validateUserResult(email, userResult);
//获取用户信息

2
bonus-auth/src/main/java/com/bonus/auth/service/PhoneOtpLoginStrategy.java
View File

@ -33,7 +33,7 @@ public class PhoneOtpLoginStrategy implements LoginStrategy {
throw new ServiceException("用户不存在/验证码错误");
}
passwordValidatorService.checkPhoneCaptcha(phone, otp);
R<LoginUser> userResult = remoteUserService.getUserInfoByPhone(Sm4Utils.encrypt(phone), SecurityConstants.INNER);
R<LoginUser> userResult = remoteUserService.getUserInfoByPhone(phone, SecurityConstants.INNER);
//验证用户是否存在
passwordValidatorService.validateUserResult(phone, userResult);
LoginUser userInfo = userResult.getData();

2
bonus-auth/src/main/java/com/bonus/auth/service/PhonePasswordLoginStrategy.java
View File

@ -36,7 +36,7 @@ public class PhonePasswordLoginStrategy implements LoginStrategy {
throw new ServiceException("用户不存在/密码错误");
}
//通过手机号获取用户信息
R<LoginUser> userResult = remoteUserService.getUserInfoByPhone(Sm4Utils.encrypt(phone), SecurityConstants.INNER);
R<LoginUser> userResult = remoteUserService.getUserInfoByPhone(phone, SecurityConstants.INNER);
//验证用户是否存在
passwordValidatorService.validateUserResult(phone, userResult);
//获取用户信息

4
bonus-auth/src/main/java/com/bonus/auth/service/RegisterVerificationCodeSender.java
View File

@ -44,7 +44,7 @@ public class RegisterVerificationCodeSender implements VerificationCodeStrategy
if (!systemConfig.getRegistersConfig().isEmailRegisters()) {
throw new ServiceException("请输入正确的联系方式");
}
R<LoginUser> userResult = remoteUserService.getUserInfoByEmail(Sm4Utils.encrypt(contactInfo) , SecurityConstants.INNER);
R<LoginUser> userResult = remoteUserService.getUserInfoByEmail(contactInfo , SecurityConstants.INNER);
if (userResult.getData() != null) {
throw new ServiceException("联系方式已经注册账号");
}
@ -53,7 +53,7 @@ public class RegisterVerificationCodeSender implements VerificationCodeStrategy
if (!systemConfig.getRegistersConfig().isPhoneRegisters()) {
throw new ServiceException("请输入正确的联系方式");
}
R<LoginUser> userResult = remoteUserService.getUserInfoByPhone(Sm4Utils.encrypt(contactInfo), SecurityConstants.INNER);
R<LoginUser> userResult = remoteUserService.getUserInfoByPhone(contactInfo, SecurityConstants.INNER);
if (userResult.getData() != null) {
throw new ServiceException("联系方式已经注册账号");
}

117
bonus-auth/src/main/java/com/bonus/auth/service/SysLoginService.java
View File

@ -1,5 +1,6 @@
package com.bonus.auth.service;
import com.alibaba.fastjson.JSONObject;
import com.bonus.auth.config.VerificationCodeType;
import com.bonus.auth.factory.VerificationCodeStrategyFactory;
import com.bonus.auth.form.RegisterBody;
@ -13,22 +14,29 @@ import com.bonus.common.core.utils.encryption.Sm4Utils;
import com.bonus.common.core.web.domain.AjaxResult;
import com.bonus.common.security.utils.SecurityUtils;
import com.bonus.config.SystemConfig;
import com.bonus.system.api.RemoteConfigService;
import com.bonus.system.api.RemoteUserService;
import com.bonus.system.api.domain.SysUser;
import com.bonus.system.api.model.LoginUser;
import com.hankcs.hanlp.HanLP;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Component;
import org.springframework.web.client.RestTemplate;
import javax.annotation.Resource;
import java.util.HashMap;
import java.util.Map;
/**
* 登录校验方法
* 提供登录注册验证码获取等服务
*/
@Component
@Slf4j
public class SysLoginService {
@Autowired
@Resource
private RemoteUserService remoteUserService;
@ -44,6 +52,9 @@ public class SysLoginService {
@Autowired
private SystemConfig systemConfig;
@Resource
private RemoteConfigService configService;
/**
* 获取验证码
*
@ -87,12 +98,12 @@ public class SysLoginService {
int contactType = getContactType(registerBody.getMobile());
if (contactType == 0) {
R<LoginUser> userResult = remoteUserService.getUserInfoByEmail(Sm4Utils.encrypt(registerBody.getMobile()) , SecurityConstants.INNER);
R<LoginUser> userResult = remoteUserService.getUserInfoByEmail(registerBody.getMobile() , SecurityConstants.INNER);
if (userResult.getData() != null) {
throw new ServiceException("联系方式已经注册账号");
}
} else if (contactType == 1) {
R<LoginUser> userResult = remoteUserService.getUserInfoByPhone(Sm4Utils.encrypt(registerBody.getMobile()) , SecurityConstants.INNER);
R<LoginUser> userResult = remoteUserService.getUserInfoByPhone(registerBody.getMobile() , SecurityConstants.INNER);
if (userResult.getData() != null) {
throw new ServiceException("联系方式已经注册账号");
}
@ -184,4 +195,104 @@ public class SysLoginService {
return pinyin;
}
}
/**
* i皖送Web端登录
* @param ticket
* @param iwsWebAppId
* @param iwsWebUrl
* @return
*/
public void iwsWebLogin(String ticket, String iwsWebAppId, String iwsWebUrl,LoginUser loginUser,SysUser sysUser) {
Map<String, Object> paramMap = new HashMap<>();
paramMap.put("ticket", ticket);
paramMap.put("appId", iwsWebAppId);
RestTemplate restTemplate = new RestTemplate();
ResponseEntity<String> authResponse = restTemplate.getForEntity(iwsWebUrl, String.class, paramMap);
log.info("authResponse:" + authResponse.toString());
if ("200".equals(authResponse.getStatusCode())){
// 根据ResponseEntity<String> responseEntity对象获取body部分body为json格式字符串
String content = authResponse.getBody();
// 将json字符串转化为json对象
JSONObject json = JSONObject.parseObject(content);
// 取出data部分对象
JSONObject data = json.getJSONObject("data");
sysUser.setUserName(data.get("userName").toString());
sysUser.setNickName(data.get("name").toString());
sysUser.setPhonenumber(data.get("mobile").toString());
loginUser.setSysUser(sysUser);
createUser(sysUser,loginUser);
}
}
/**
* 先查如果没有进行创建
* @param sysUser
* @param loginUser
*/
private void createUser(SysUser sysUser, LoginUser loginUser) {
//通过用户名获取人员信息
R<LoginUser> userResult = remoteUserService.getUserInfo(sysUser.getUserName(), SecurityConstants.INNER);
if (userResult.getData() == null || R.FAIL == userResult.getCode()) {
log.info("登录用户不存在,进行创建----");
RegisterBody registerBody = new RegisterBody();
registerBody.setUsername(sysUser.getUserName());
registerBody.setNickName(sysUser.getNickName());
registerBody.setMobile(sysUser.getPhonenumber());
//获取配置中的初始密码
AjaxResult result = configService.getConfigKey("sys.user.initPassword");
if (result.isSuccess())
{
sysUser.setPassword(result.get("msg").toString());
}
//新用户注册
try {
register(registerBody);
//查询用户信息
userResult = remoteUserService.getUserInfo(sysUser.getUserName(), SecurityConstants.INNER);
loginUser = userResult.getData();
sysUser = loginUser.getSysUser();
//初始化一个角色
Long[] roleIds = new Long[5];
// 将数组的第一个元素赋值为 2
roleIds[0] = 2L;
remoteUserService.insertAuthRole(sysUser.getUserId(),roleIds,SecurityConstants.INNER);
}catch (Exception e){
throw new ServiceException("登录失败,请稍后重试");
}
}else {
loginUser = userResult.getData();
sysUser = loginUser.getSysUser();
}
}
/**
* i皖送H5端登录
* @param ticket
* @param iwsH5AppId
* @param iwsH5Url
* @return
*/
public void iwsH5Login(String ticket, String iwsH5AppId, String iwsH5Url,LoginUser loginUser,SysUser sysUser) {
Map<String, Object> paramMap = new HashMap<>();
paramMap.put("ticket", ticket);
paramMap.put("appId", iwsH5AppId);
RestTemplate restTemplate = new RestTemplate();
ResponseEntity<String> authResponse = restTemplate.getForEntity(iwsH5Url, String.class, paramMap);
log.info("authResponse:" + authResponse.toString());
if ("200".equals(authResponse.getStatusCode())){
// 根据ResponseEntity<String> responseEntity对象获取body部分body为json格式字符串
String content = authResponse.getBody();
// 将json字符串转化为json对象
JSONObject json = JSONObject.parseObject(content);
// 取出data部分对象
JSONObject data = json.getJSONObject("data");
JSONObject userInfo = data.getJSONObject("userInfo");
sysUser.setUserName(userInfo.get("userName").toString());
sysUser.setNickName(userInfo.get("name").toString());
sysUser.setPhonenumber(userInfo.get("mobile").toString());
loginUser.setSysUser(sysUser);
createUser(sysUser,loginUser);
}
}
}

27
bonus-auth/src/main/resources/bootstrap-smart_site_local.yml Normal file
View File

@ -0,0 +1,27 @@
# Tomcat
server:
port: 38081
# Spring
spring:
cloud:
nacos:
discovery:
# 服务注册地址
server-addr: 127.0.0.1:8848
namespace: smart_site
config:
# 配置中心地址
server-addr: 127.0.0.1:8848
namespace: smart_site
# 配置文件格式
file-extension: yml
# 共享配置
shared-configs:
- application-${spring.profiles.active}.${spring.cloud.nacos.config.file-extension}
#加密组件
jasypt:
encryptor:
password: Encrypt

2
bonus-common/bonus-common-config/pom.xml
View File

@ -4,7 +4,7 @@
<parent>
<groupId>com.bonus</groupId>
<artifactId>bonus-common</artifactId>
<version>24.11.0-SNAPSHOT</version>
<version>24.12.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>

2
bonus-common/bonus-common-core/pom.xml
View File

@ -5,7 +5,7 @@
<parent>
<groupId>com.bonus</groupId>
<artifactId>bonus-common</artifactId>
<version>24.11.0-SNAPSHOT</version>
<version>24.12.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>

1
bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/constant/SecurityConstants.java
View File

@ -46,4 +46,5 @@ public class SecurityConstants
* 角色权限
*/
public static final String ROLE_PERMISSION = "role_permission";
}

12
bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/utils/encryption/Sm4Utils.java
View File

@ -19,7 +19,7 @@ public class Sm4Utils {
* 加密数据使用固定盐
*
* @param plainText 明文待加密的字符串
* @return 加密后的密文包含盐Hex 编码格式
* @return 加密后的密文包含盐Hex 编码格式如果加密异常就返回传入的字符串
*/
public static String encrypt(String plainText) {
try {
@ -29,8 +29,7 @@ public class Sm4Utils {
// 返回带盐的加密结果Hex编码
return HexUtil.encodeHexStr(encryptedData);
} catch (Exception e) {
// e.printStackTrace();
return null; // 发生异常时返回null
return plainText; // 发生异常时返回传入字符串
}
}
@ -38,7 +37,7 @@ public class Sm4Utils {
* 解密数据使用固定盐
*
* @param cipherText 密文包含盐Hex 编码格式的字符串
* @return 解密后的明文字符串
* @return 解密后的明文字符串如果解密异常就返回传入的字符串
*/
public static String decrypt(String cipherText) {
try {
@ -48,8 +47,7 @@ public class Sm4Utils {
byte[] decryptedData = sm4.decrypt(cipherText);
return new String(decryptedData);
} catch (Exception e) {
// e.printStackTrace();
return null; // 发生异常时返回null
return cipherText; // 发生异常时返回传入字符串
}
}
@ -63,7 +61,7 @@ public class Sm4Utils {
System.out.println("加密后: " + encryptedText);
// 解密密文
String decryptedText = Sm4Utils.decrypt(encryptedText);
String decryptedText = Sm4Utils.decrypt(plainText);
System.out.println("解密后: " + decryptedText);
}
}

2
bonus-common/bonus-common-datascope/pom.xml
View File

@ -5,7 +5,7 @@
<parent>
<groupId>com.bonus</groupId>
<artifactId>bonus-common</artifactId>
<version>24.11.0-SNAPSHOT</version>
<version>24.12.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>

2
bonus-common/bonus-common-datasource/pom.xml
View File

@ -5,7 +5,7 @@
<parent>
<groupId>com.bonus</groupId>
<artifactId>bonus-common</artifactId>
<version>24.11.0-SNAPSHOT</version>
<version>24.12.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>

2
bonus-common/bonus-common-log/pom.xml
View File

@ -5,7 +5,7 @@
<parent>
<groupId>com.bonus</groupId>
<artifactId>bonus-common</artifactId>
<version>24.11.0-SNAPSHOT</version>
<version>24.12.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>

2
bonus-common/bonus-common-redis/pom.xml
View File

@ -5,7 +5,7 @@
<parent>
<groupId>com.bonus</groupId>
<artifactId>bonus-common</artifactId>
<version>24.11.0-SNAPSHOT</version>
<version>24.12.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>

2
bonus-common/bonus-common-seata/pom.xml
View File

@ -5,7 +5,7 @@
<parent>
<groupId>com.bonus</groupId>
<artifactId>bonus-common</artifactId>
<version>24.11.0-SNAPSHOT</version>
<version>24.12.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>

2
bonus-common/bonus-common-security/pom.xml
View File

@ -4,7 +4,7 @@
<parent>
<groupId>com.bonus</groupId>
<artifactId>bonus-common</artifactId>
<version>24.11.0-SNAPSHOT</version>
<version>24.12.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>

12
bonus-common/bonus-common-security/src/main/java/com/bonus/common/security/annotation/RequiresPermissionsOrInnerAuth.java
View File

@ -1,17 +1,15 @@
package com.bonus.common.security.annotation;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
import java.lang.annotation.*;
/**
* @author wangvivi
*/
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
@Target({ ElementType.METHOD, ElementType.TYPE })
@Documented
public @interface RequiresPermissionsOrInnerAuth {
InnerAuth innerAuth() default @InnerAuth();
RequiresPermissions requiresPermissions() default @RequiresPermissions();
InnerAuth innerAuth() default @InnerAuth(isUser = false);
RequiresPermissions requiresPermissions() default @RequiresPermissions(value = {});
}

23
bonus-common/bonus-common-security/src/main/java/com/bonus/common/security/aspect/PermisssionOrInnerAuthAspect.java → bonus-common/bonus-common-security/src/main/java/com/bonus/common/security/aspect/PermissionOrInnerAuthAspect.java
View File

@ -11,6 +11,7 @@ import lombok.extern.slf4j.Slf4j;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Pointcut;
import org.aspectj.lang.reflect.MethodSignature;
import org.springframework.core.Ordered;
import org.springframework.stereotype.Component;
@ -24,13 +25,14 @@ import java.lang.reflect.Method;
*/
@Aspect
@Component
@Slf4j
public class PermisssionOrInnerAuthAspect
public class PermissionOrInnerAuthAspect
{
@Around("@annotation(RequiresPermissionsOrInnerAuth)")
public Object innerAround(ProceedingJoinPoint point, RequiresPermissionsOrInnerAuth permissionsOrInnerAuth) throws Throwable
@Pointcut("@annotation(com.bonus.common.security.annotation.RequiresPermissionsOrInnerAuth)")
public void permissionOrInnerAuthAspect() {}
@Around("permissionOrInnerAuthAspect()")
public Object innerAround(ProceedingJoinPoint point) throws Throwable
{
log.info("******************RequiresPermissionsOrInnerAuth**********");
MethodSignature signature = (MethodSignature) point.getSignature();
RequiresPermissionsOrInnerAuth auth = signature.getMethod().getAnnotation(RequiresPermissionsOrInnerAuth.class);
@ -56,7 +58,7 @@ public class PermisssionOrInnerAuthAspect
try {
AuthUtil.checkInnerAuth(innerAuth);
} catch (InnerAuthException e){
log.error("内部认证失败:{}",e.getMessage());
// log.error("内部认证失败:{}",e.getMessage());
return false;
}
return true;
@ -66,4 +68,13 @@ public class PermisssionOrInnerAuthAspect
AuthUtil.checkPermi(requiresPermissions,point);
return true;
}
// /**
// * 确保在权限认证aop执行前执行
// */
// @Override
// public int getOrder()
// {
// return Ordered.HIGHEST_PRECEDENCE + 2;
// }
}

16
bonus-common/bonus-common-security/src/main/java/com/bonus/common/security/utils/SecurityUtils.java
View File

@ -7,6 +7,7 @@ import com.bonus.common.core.utils.ServletUtils;
import com.bonus.common.core.utils.StringUtils;
import com.bonus.common.core.utils.encryption.Sm4Utils;
import com.bonus.system.api.model.LoginUser;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import javax.servlet.http.HttpServletRequest;
@ -116,14 +117,25 @@ public class SecurityUtils
}
public static void main(String[] args) {
//老的加密方式要保留偶尔调试要用
// BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
// String encodePass = passwordEncoder.encode("Bonus$2026");
// System.out.println(encodePass);
// boolean result = passwordEncoder.matches("Bonus$2026", "$2a$10$0TaYZgPNd7eqpvsKx4KZnu0nPiSQlVn5SZZaJa2q6tLPuI9bWD0lW");
// System.out.println("result: " + result);
//$2a$10$7JB720yubVSZvUI0rEqK/.VqGOZTH.ulu33dHOiBE8ByOhJIrdAu2
//$2a$10$zvlw3Mu8M.j.MhAChrYwluj88ziX6lVD3AoRrBQpwKMcdIZvKMoR2
// String msg= encryptPassword("Admin@1234");
// String msg= encryptPassword("15888888888");
// boolean rest = matchesPassword("Bonus$2024","$2a$10$8JaKSUAU.K.mceU1.YQbd.wP4EJzbrsIscjAwPlfDR7wAWV6s/BGa");
String msg = Sm4Utils.encrypt("Bonus$2026");
// String msg = Sm4Utils.decrypt("4eb762402e0ce5ef9d0028e2d622c53bc8ea1d7680ea4416975e4cc23b4ef7f0");
String msg = Sm4Utils.encrypt("18956025265");
System.err.println(msg);
String msg1 = Sm4Utils.encrypt("1895");
System.err.println(msg1);
// String msg = Sm4Utils.decrypt("4eb762402e0ce5ef9d0028e2d622c53bc8ea1d7680ea4416975e4cc23b4ef7f0");
// System.err.println(rest);
}
}

2
bonus-common/bonus-common-security/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports
View File

@ -4,6 +4,8 @@ com.bonus.common.security.config.VerificationCodeConfig
com.bonus.common.security.service.TokenService
com.bonus.common.security.service.SmsService
com.bonus.common.security.service.EmailService
com.bonus.common.security.aspect.PermissionOrInnerAuthAspect
com.bonus.common.security.aspect.PreAuthorizeAspect
com.bonus.common.security.aspect.InnerAuthAspect
com.bonus.common.security.aspect.PreventRepeatSubmitAspect
com.bonus.common.security.handler.GlobalExceptionHandler

2
bonus-common/bonus-common-sensitive/pom.xml
View File

@ -5,7 +5,7 @@
<parent>
<groupId>com.bonus</groupId>
<artifactId>bonus-common</artifactId>
<version>24.11.0-SNAPSHOT</version>
<version>24.12.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>

2
bonus-common/bonus-common-swagger/pom.xml
View File

@ -5,7 +5,7 @@
<parent>
<groupId>com.bonus</groupId>
<artifactId>bonus-common</artifactId>
<version>24.11.0-SNAPSHOT</version>
<version>24.12.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>

2
bonus-common/pom.xml
View File

@ -4,7 +4,7 @@
<parent>
<groupId>com.bonus</groupId>
<artifactId>bonus</artifactId>
<version>24.11.0-SNAPSHOT</version>
<version>24.12.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>

2
bonus-gateway/pom.xml
View File

@ -4,7 +4,7 @@
<parent>
<groupId>com.bonus</groupId>
<artifactId>bonus</artifactId>
<version>24.11.0-SNAPSHOT</version>
<version>24.12.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>

43
bonus-gateway/src/main/resources/bootstrap-smart_site_local.yml Normal file
View File

@ -0,0 +1,43 @@
# Tomcat
server:
port: 38080
# Spring
spring:
cloud:
nacos:
discovery:
# 服务注册地址
server-addr: 127.0.0.1:8848
namespace: smart_site
config:
# 配置中心地址
server-addr: 127.0.0.1:8848
namespace: smart_site
# 配置文件格式
file-extension: yml
# 共享配置
shared-configs:
- application-${spring.profiles.active}.${spring.cloud.nacos.config.file-extension}
sentinel:
# 取消控制台懒加载
eager: true
transport:
# 控制台地址
dashboard: 127.0.0.1:18858
# nacos配置持久化
datasource:
ds1:
nacos:
server-addr: 127.0.0.1:8848
namespace: sgzb_bns
dataId: sentinel-bonus-gateway
groupId: DEFAULT_GROUP
data-type: json
rule-type: gw-flow
#加密组件
jasypt:
encryptor:
password: Encrypt

2
bonus-modules/bonus-face/pom.xml
View File

@ -5,7 +5,7 @@
<parent>
<groupId>com.bonus</groupId>
<artifactId>bonus-modules</artifactId>
<version>24.11.0-SNAPSHOT</version>
<version>24.12.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>

2
bonus-modules/bonus-file/pom.xml
View File

@ -5,7 +5,7 @@
<parent>
<groupId>com.bonus</groupId>
<artifactId>bonus-modules</artifactId>
<version>24.11.0-SNAPSHOT</version>
<version>24.12.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>

21
bonus-modules/bonus-file/src/main/resources/bootstrap-smart_site_local.yml Normal file
View File

@ -0,0 +1,21 @@
# Tomcat
server:
port: 39300
# Spring
spring:
cloud:
nacos:
discovery:
# 服务注册地址
server-addr: 127.0.0.1:8848
namespace: smart_site
config:
# 配置中心地址
server-addr: 127.0.0.1:8848
namespace: smart_site
# 配置文件格式
file-extension: yml
# 共享配置
shared-configs:
- application-${spring.profiles.active}.${spring.cloud.nacos.config.file-extension}

2
bonus-modules/bonus-gen/pom.xml
View File

@ -5,7 +5,7 @@
<parent>
<groupId>com.bonus</groupId>
<artifactId>bonus-modules</artifactId>
<version>24.11.0-SNAPSHOT</version>
<version>24.12.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>

2
bonus-modules/bonus-job/pom.xml
View File

@ -5,7 +5,7 @@
<parent>
<groupId>com.bonus</groupId>
<artifactId>bonus-modules</artifactId>
<version>24.11.0-SNAPSHOT</version>
<version>24.12.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>

2
bonus-modules/bonus-system/pom.xml
View File

@ -5,7 +5,7 @@
<parent>
<groupId>com.bonus</groupId>
<artifactId>bonus-modules</artifactId>
<version>24.11.0-SNAPSHOT</version>
<version>24.12.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>

5
bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysUserController.java
View File

@ -24,7 +24,6 @@ import com.bonus.system.service.*;
import com.bonus.system.warning.WebSocketHandler;
import org.apache.commons.lang3.ArrayUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.scheduling.annotation.Async;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.multipart.MultipartFile;
@ -77,15 +76,13 @@ public class SysUserController extends BaseController {
/**
* 获取用户列表
*/
@RequiresPermissionsOrInnerAuth(innerAuth = @InnerAuth, requiresPermissions = @RequiresPermissions("system:user:list"))
@RequiresPermissionsOrInnerAuth(innerAuth = @InnerAuth(isUser = false), requiresPermissions = @RequiresPermissions("system:user:list"))
@GetMapping("/list")
@PreventRepeatSubmit
@SysLog(title = "用户管理", businessType = OperaType.QUERY, logType = 0, module = "系统管理->用户管理", details = "查询用户列表")
public TableDataInfo list(SysUser user) {
try {
startPage();
List<SysUser> list = userService.selectUserList(user);
webSocketHandler.sendMessageToAll("213123");
return getDataTable(list);
} catch (Exception e) {
logger.error(e.toString(), e);

15
bonus-modules/bonus-system/src/main/java/com/bonus/system/service/impl/SysUserServiceImpl.java
View File

@ -90,10 +90,16 @@ public class SysUserServiceImpl implements ISysUserService {
@DataScope(deptAlias = "d", userAlias = "u")
public List<SysUser> selectUserList(SysUser user) {
try {
//临时获取开始时间和结束时间
String beginTime = (String) user.getParams().get("beginTime");
String endTime = (String) user.getParams().get("endTime");
BaseEntity entity = CommonDataPermissionInfo.backMissionInfo(user.getParams().get("dataScope").toString());
BeanUtils.copyProperties(entity, user);
user.getParams().put("beginTime", beginTime);
user.getParams().put("endTime", endTime);
} catch (Exception e) {
e.printStackTrace();
}
if (user.getUserName() != null) {
String userName =user.getUserName().replace("\\", "\\\\").replace("%", "\\%").replace("_", "\\_");
@ -562,7 +568,14 @@ public class SysUserServiceImpl implements ISysUserService {
} catch (Exception e) {
failureNum++;
String msg = "<br/>" + failureNum + "、账号 " + user.getUserName() + " 导入失败:";
failureMsg.append(msg + e.getMessage());
//修复禅道bug 4076wangweiwei 2024/12/16
String message = e.getMessage();
if (message != null && message.contains(":")) {
// 去掉冒号及其前面的字段名部分
failureMsg.append(msg + message.substring(message.indexOf(":") + 2).trim());
}else {
failureMsg.append(msg + e.getMessage());
}
log.error(msg, e);
}
}

26
bonus-modules/bonus-system/src/main/resources/bootstrap-smart_site_local.yml Normal file
View File

@ -0,0 +1,26 @@
# Tomcat
server:
port: 38082
# Spring
spring:
cloud:
nacos:
discovery:
# 服务注册地址
server-addr: 127.0.0.1:8848
namespace: smart_site
config:
# 配置中心地址
server-addr: 127.0.0.1:8848
namespace: smart_site
# 配置文件格式
file-extension: yml
# 共享配置
shared-configs:
- application-${spring.profiles.active}.${spring.cloud.nacos.config.file-extension}
#加密组件
jasypt:
encryptor:
password: Encrypt

2
bonus-modules/pom.xml
View File

@ -4,7 +4,7 @@
<parent>
<groupId>com.bonus</groupId>
<artifactId>bonus</artifactId>
<version>24.11.0-SNAPSHOT</version>
<version>24.12.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>

2
bonus-visual/bonus-monitor/pom.xml
View File

@ -4,7 +4,7 @@
<parent>
<groupId>com.bonus</groupId>
<artifactId>bonus-visual</artifactId>
<version>24.11.0-SNAPSHOT</version>
<version>24.12.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>

2
bonus-visual/pom.xml
View File

@ -4,7 +4,7 @@
<parent>
<groupId>com.bonus</groupId>
<artifactId>bonus</artifactId>
<version>24.11.0-SNAPSHOT</version>
<version>24.12.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>

4
pom.xml
View File

@ -6,14 +6,14 @@
<groupId>com.bonus</groupId>
<artifactId>bonus</artifactId>
<version>24.11.0-SNAPSHOT</version>
<version>24.12.0-SNAPSHOT</version>
<name>bonus</name>
<url>http://www.ahbonus.cn</url>
<description>博诺思微服务系统</description>
<properties>
<bonus.version>24.11.0-SNAPSHOT</bonus.version>
<bonus.version>24.12.0-SNAPSHOT</bonus.version>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<java.version>1.8</java.version>

7
sql/bns_202411_patch.sql
View File

@ -55,3 +55,10 @@ INSERT INTO `sys_menu` VALUES (2023, '修改', 2020, 3, '#', '', NULL, 1, 0, 'F'
INSERT INTO `sys_menu` VALUES (2024, '删除', 2020, 4, '#', '', NULL, 1, 0, 'F', '0', '0', 'system:whitelist:remove', '#', 'admin', '2024-11-06 06:23:22', 'bonus_admin', '2024-11-06 06:25:20', '', '0');
INSERT INTO `sys_menu` VALUES (2025, '导出', 2020, 5, '#', '', NULL, 1, 0, 'F', '0', '0', 'system:whitelist:export', '#', 'admin', '2024-11-06 06:23:22', 'bonus_admin', '2024-11-06 06:25:28', '', '0');
INSERT INTO `sys_menu` VALUES (2026, '用户锁定', 1, 7, 'lockUser', 'system/lockUser/index', NULL, 1, 0, 'C', '0', '0', NULL, 'radio', 'bonus_admin', '2024-11-07 03:10:44', '', NULL, '', '0');
INSERT INTO sys_config (config_name,config_key,config_value,config_type,create_by,create_time,update_by,update_time,remark) VALUES
('登录失败锁定-次数','sys.login.failed.times','5','Y','admin','2024-11-05 01:22:10','',NULL,NULL),
('登录失败锁定-时间','sys.login.failed.locktime','20','Y','admin','2024-11-05 01:24:37','',NULL,NULL),
('系统并发访问限制','sys.backend.concurrency','100','Y','admin','2024-11-05 03:23:01','admin','2024-11-06 01:22:16',NULL),
('系统会话时长','sys.visit.tokentime','29','Y','admin','2024-11-06 01:23:35','admin','2024-11-06 01:23:49',NULL);

16
sql/bns_202412_patch.sql Normal file
View File

@ -0,0 +1,16 @@
SET NAMES utf8mb4;
-- 省
alter table sys_dept add province varchar(50) null comment '';
-- 市
alter table sys_dept add city varchar(50) null comment '';
-- 县
alter table sys_dept add district varchar(50) null comment '';
-- 详细地址
alter table sys_dept add address varchar(255) null comment '详细地址';
-- 公司简称
alter table sys_dept add dept_abbreviation varchar(255) null comment '公司简称';
-- 公司概述
alter table sys_dept add remark varchar(255) null comment '公司概述';
-- 公司logo
alter table sys_dept add logo varchar(255) null comment '公司logo';