From 8a123a25491bc25c19db8d4c03ab4d25114bb168 Mon Sep 17 00:00:00 2001 From: weiweiw <14335254+weiweiw22@user.noreply.gitee.com> Date: Thu, 7 Nov 2024 09:01:17 +0800 Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=8A=A0=E7=99=BB=E5=BD=95=E6=88=90?= =?UTF-8?q?=E5=8A=9F=E5=92=8C=E6=B3=A8=E5=86=8C=E6=88=90=E5=8A=9F=E5=8F=8A?= =?UTF-8?q?=E7=99=BB=E5=87=BA=E6=88=90=E5=8A=9F=E7=9A=84=E6=97=A5=E5=BF=97?= =?UTF-8?q?=EF=BC=8C=E4=BF=AE=E5=A4=8D?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../bonus/system/api/RemoteLogService.java | 4 +- .../auth/controller/TokenController.java | 16 ++-- .../auth/service/SysRecordLogService.java | 85 +++++++++++++++++-- .../common/core/utils/StringUtilsTest.java | 1 + .../com/bonus/common/log/enums/OperaType.java | 7 ++ .../interceptor/ParamSecureHandler.java | 2 +- .../com/bonus/job/util/ScheduleUtils.java | 2 +- .../system/controller/SysLogController.java | 17 +++- .../controller/SysProfileController.java | 4 +- 9 files changed, 117 insertions(+), 21 deletions(-) diff --git a/bonus-api/bonus-api-system/src/main/java/com/bonus/system/api/RemoteLogService.java b/bonus-api/bonus-api-system/src/main/java/com/bonus/system/api/RemoteLogService.java index 7404aa1..fba4c3a 100644 --- a/bonus-api/bonus-api-system/src/main/java/com/bonus/system/api/RemoteLogService.java +++ b/bonus-api/bonus-api-system/src/main/java/com/bonus/system/api/RemoteLogService.java @@ -36,7 +36,7 @@ public interface RemoteLogService // /** - * 保存系统日志 + * 保存日志 * * @param sysLogsVo 日志实体 * @param source 请求来源 @@ -56,7 +56,7 @@ public interface RemoteLogService @PostMapping("/operlog/getLogsModule") public Map getLogsModule(@RequestBody SysLogsVo sysLogsVo, @RequestHeader(SecurityConstants.FROM_SOURCE) String source) throws Exception; /** - * 保存访问记录 + * 保存登录日志 * * @param sysLogininfor 访问实体 * @param source 请求来源 diff --git a/bonus-auth/src/main/java/com/bonus/auth/controller/TokenController.java b/bonus-auth/src/main/java/com/bonus/auth/controller/TokenController.java index 39c7541..8a72e85 100644 --- a/bonus-auth/src/main/java/com/bonus/auth/controller/TokenController.java +++ b/bonus-auth/src/main/java/com/bonus/auth/controller/TokenController.java @@ -4,10 +4,7 @@ import com.bonus.auth.config.LoginType; import com.bonus.auth.factory.LoginStrategyFactory; import com.bonus.auth.form.LoginBody; import com.bonus.auth.form.RegisterBody; -import com.bonus.auth.service.LoginStrategy; -import com.bonus.auth.service.PasswordValidatorService; -import com.bonus.auth.service.SysLoginService; -import com.bonus.auth.service.SysPasswordService; +import com.bonus.auth.service.*; import com.bonus.common.core.constant.SecurityConstants; import com.bonus.common.core.domain.R; import com.bonus.common.core.utils.JwtUtils; @@ -16,6 +13,7 @@ import com.bonus.common.security.auth.AuthUtil; import com.bonus.common.security.service.TokenService; import com.bonus.common.security.utils.SecurityUtils; import com.bonus.config.SystemConfig; +import com.bonus.system.api.RemoteLogService; import com.bonus.system.api.RemoteUserService; import com.bonus.system.api.domain.SysUser; import com.bonus.system.api.model.LoginUser; @@ -59,6 +57,9 @@ public class TokenController { @Autowired private PasswordValidatorService passwordValidatorService; + @Autowired + private SysRecordLogService logService; + @PostMapping("isAdmin") public R isAdmin(@RequestBody LoginBody form) { if (!config.isAdmin()) { @@ -109,6 +110,7 @@ public class TokenController { form.setPassword(form.getVerificationCode()); } LoginUser login = strategy.login(form.getUsername(), form.getPassword()); + logService.saveLogin(form.getUsername(), "登录", "登录成功", null, "成功"); return R.ok(tokenService.createToken(login)); } @@ -143,6 +145,7 @@ public class TokenController { AuthUtil.logoutByToken(token); tokenService.delExistingToken(Long.valueOf(userId)); sysLoginService.logout(username, userId); + logService.saveLogout(username, "退出登录", "退出成功", userId, "成功"); } return R.ok(); } @@ -181,7 +184,8 @@ public class TokenController { */ @PostMapping("register") public R register(@RequestBody RegisterBody registerBody) { - sysLoginService.register(registerBody); - return R.ok(); + sysLoginService.register(registerBody); + logService.saveRegister(registerBody.getUsername(), "注册", "注册成功", null, "成功"); + return R.ok(); } } diff --git a/bonus-auth/src/main/java/com/bonus/auth/service/SysRecordLogService.java b/bonus-auth/src/main/java/com/bonus/auth/service/SysRecordLogService.java index b2b39d1..8c20df2 100644 --- a/bonus-auth/src/main/java/com/bonus/auth/service/SysRecordLogService.java +++ b/bonus-auth/src/main/java/com/bonus/auth/service/SysRecordLogService.java @@ -4,6 +4,7 @@ import com.alibaba.nacos.common.utils.UuidUtils; import com.bonus.common.core.utils.DateUtils; import com.bonus.common.core.utils.global.SystemGlobal; import com.bonus.common.log.enums.OperaResult; +import com.bonus.common.log.enums.OperaType; import com.bonus.system.api.domain.SysLogsVo; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; @@ -70,13 +71,13 @@ public class SysRecordLogService sysLogsVo.setLogId(uuid); sysLogsVo.setOperaUserName(username); sysLogsVo.setIp(IpUtils.getIpAddr()); - sysLogsVo.setModel("系统登录"); + sysLogsVo.setModel("系统认证模块"); sysLogsVo.setOperTime(DateUtils.getTime()); sysLogsVo.setMethodType(SystemGlobal.POST); sysLogsVo.setMethod("login()"); sysLogsVo.setParams("{\"username\":\""+username+"\"}"); sysLogsVo.setOperateDetail("用户登录系统"); - sysLogsVo.setOperType("登录"); + sysLogsVo.setOperType(OperaType.LOGIN); sysLogsVo.setOperUri("/login"); sysLogsVo.setLogType(0); if (StringUtils.isNotEmpty(result)){ @@ -120,7 +121,7 @@ public class SysRecordLogService } sysLogsVo.setResultData("用户登录成功"); sysLogsVo.setTitle("系统登录"); - sysLogsVo.setModel("系统登录"); + sysLogsVo.setModel("系统认证模块"); sysLogsVo.setOperTime(DateUtils.getTime()); sysLogsVo.setMethodType(SystemGlobal.POST); sysLogsVo.setMethod("login()"); @@ -139,7 +140,7 @@ public class SysRecordLogService } } /** - * 记录登录信息 + * 记录登出信息 * * @param username 用户名 * @param @@ -152,7 +153,7 @@ public class SysRecordLogService sysLogsVo.setLogId(uuid); sysLogsVo.setOperaUserName(username); sysLogsVo.setIp(IpUtils.getIpAddr()); - sysLogsVo.setModel("退出登录"); + sysLogsVo.setModel("系统认证模块"); sysLogsVo.setLogType(0); if (StringUtils.isNotEmpty(userId)){ sysLogsVo.setUserId(userId); @@ -178,4 +179,78 @@ public class SysRecordLogService log.error(e.toString(),e); } } + + /** + * 记录登录信息 + * + * @param username 用户名 + * @param + * @param message 消息内容 + * @return + */ + public void saveLogin(String username, String message,String resultData,String userId,String result) { + SysLogsVo sysLogsVo = new SysLogsVo(); + String uuid= UUID.randomUUID().toString().replace("-","").toUpperCase(); + sysLogsVo.setLogId(uuid); + sysLogsVo.setOperaUserName(username); + sysLogsVo.setIp(IpUtils.getIpAddr()); + sysLogsVo.setModel("系统认证模块"); + sysLogsVo.setLogType(0); + if (StringUtils.isNotEmpty(userId)){ + sysLogsVo.setUserId(userId); + } + sysLogsVo.setOperTime(DateUtils.getTime()); + sysLogsVo.setMethodType(SystemGlobal.POST); + sysLogsVo.setMethod("login()"); + sysLogsVo.setParams("{\"username\":\""+username+"\"}"); + sysLogsVo.setOperateDetail("用户登录"); + sysLogsVo.setOperType(OperaType.LOGIN); + sysLogsVo.setOperUri("/login"); + if (StringUtils.isNotEmpty(result)){ + sysLogsVo.setResult(result); + }else{ + sysLogsVo.setResult(OperaResult.SUCCESS); + } + sysLogsVo.setFailureReason(message); + sysLogsVo.setTitle("登录"); + sysLogsVo.setResultData(resultData); + try{ + remoteLogService.addLogs(sysLogsVo, SecurityConstants.INNER); + }catch (Exception e){ + log.error(e.toString(),e); + } + } + + public void saveRegister(String username, String message,String resultData,String userId,String result) { + SysLogsVo sysLogsVo = new SysLogsVo(); + String uuid= UUID.randomUUID().toString().replace("-","").toUpperCase(); + sysLogsVo.setLogId(uuid); + sysLogsVo.setOperaUserName(username); + sysLogsVo.setIp(IpUtils.getIpAddr()); + sysLogsVo.setModel("系统认证模块"); + sysLogsVo.setLogType(0); + if (StringUtils.isNotEmpty(userId)){ + sysLogsVo.setUserId(userId); + } + sysLogsVo.setOperTime(DateUtils.getTime()); + sysLogsVo.setMethodType(SystemGlobal.POST); + sysLogsVo.setMethod("register()"); + sysLogsVo.setParams("{\"username\":\""+username+"\"}"); + sysLogsVo.setOperateDetail("用户注册"); + sysLogsVo.setOperType(OperaType.REGISTER); + sysLogsVo.setOperUri("/register"); + if (StringUtils.isNotEmpty(result)){ + sysLogsVo.setResult(result); + }else{ + sysLogsVo.setResult(OperaResult.SUCCESS); + } + sysLogsVo.setFailureReason(message); + sysLogsVo.setTitle("注册"); + sysLogsVo.setResultData(resultData); + try{ + remoteLogService.addLogs(sysLogsVo, SecurityConstants.INNER); + }catch (Exception e){ + log.error(e.toString(),e); + } + } } diff --git a/bonus-common/bonus-common-core/src/test/java/com/bonus/common/core/utils/StringUtilsTest.java b/bonus-common/bonus-common-core/src/test/java/com/bonus/common/core/utils/StringUtilsTest.java index 5176a86..9911bc0 100644 --- a/bonus-common/bonus-common-core/src/test/java/com/bonus/common/core/utils/StringUtilsTest.java +++ b/bonus-common/bonus-common-core/src/test/java/com/bonus/common/core/utils/StringUtilsTest.java @@ -101,6 +101,7 @@ public class StringUtilsTest { public void testSplit() { assertArrayEquals(new String[0], StringUtils.split(null, ",")); assertArrayEquals(new String[]{"a", "b", "c"}, StringUtils.split("a,b,c", ",")); + assertArrayEquals(new String[]{"a", "b", "c"}, StringUtils.split("a.b.c", "\\.")); } @Test diff --git a/bonus-common/bonus-common-log/src/main/java/com/bonus/common/log/enums/OperaType.java b/bonus-common/bonus-common-log/src/main/java/com/bonus/common/log/enums/OperaType.java index d93cc5c..7fb0726 100644 --- a/bonus-common/bonus-common-log/src/main/java/com/bonus/common/log/enums/OperaType.java +++ b/bonus-common/bonus-common-log/src/main/java/com/bonus/common/log/enums/OperaType.java @@ -52,4 +52,11 @@ public class OperaType { * 其他 */ public final static String FLASH="刷新"; + + public final static String LOGIN="登录"; + + public final static String LOGOUT="登出"; + + public final static String REGISTER="注册"; + } diff --git a/bonus-common/bonus-common-security/src/main/java/com/bonus/common/security/interceptor/ParamSecureHandler.java b/bonus-common/bonus-common-security/src/main/java/com/bonus/common/security/interceptor/ParamSecureHandler.java index 5c62a76..e8be59c 100644 --- a/bonus-common/bonus-common-security/src/main/java/com/bonus/common/security/interceptor/ParamSecureHandler.java +++ b/bonus-common/bonus-common-security/src/main/java/com/bonus/common/security/interceptor/ParamSecureHandler.java @@ -25,7 +25,7 @@ import static org.springframework.http.MediaType.MULTIPART_FORM_DATA_VALUE; public class ParamSecureHandler implements AsyncHandlerInterceptor { private static final String [] WHITE_URL = { - "/login", "/isAdmin", "/isLogin", "/register","/operlog/addLogs","/job"}; + "/login", "/isAdmin", "/isLogin" ,"/register","/user/register","/operlog/addLogs","/job/edit","/user/resetPwd","/user/profile/updatePwd'"}; private String rnd = null; public static String ur = "/"; diff --git a/bonus-modules/bonus-job/src/main/java/com/bonus/job/util/ScheduleUtils.java b/bonus-modules/bonus-job/src/main/java/com/bonus/job/util/ScheduleUtils.java index 7d5b58a..50b8e7e 100644 --- a/bonus-modules/bonus-job/src/main/java/com/bonus/job/util/ScheduleUtils.java +++ b/bonus-modules/bonus-job/src/main/java/com/bonus/job/util/ScheduleUtils.java @@ -133,7 +133,7 @@ public class ScheduleUtils { return StringUtils.containsAnyIgnoreCase(invokeTarget, Constants.JOB_WHITELIST_STR); } - Object obj = SpringUtils.getBean(StringUtils.split(invokeTarget, ".")[0]); + Object obj = SpringUtils.getBean(StringUtils.split(invokeTarget, "\\.")[0]); String beanPackageName = obj.getClass().getPackage().getName(); return StringUtils.containsAnyIgnoreCase(beanPackageName, Constants.JOB_WHITELIST_STR) && !StringUtils.containsAnyIgnoreCase(beanPackageName, Constants.JOB_ERROR_STR); diff --git a/bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysLogController.java b/bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysLogController.java index e6f81e0..c1bfee7 100644 --- a/bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysLogController.java +++ b/bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysLogController.java @@ -53,12 +53,21 @@ public class SysLogController extends BaseController { // @Value("${sql.filePath}") // private String filePath; + /** + * 保存系统日志,业务日志和其他日常日志 + * @param sysLog 日志对象 + */ @ApiOperation(value = "保存系统日志") @PostMapping("saveLogs") public AjaxResult saveLogs(@RequestBody SysLogsVo sysLog) { return service.saveLogs(sysLog); } + /** + * 保存越权日志 + * @param sysLog + * @param request + */ @PostMapping("addLogs") public void addLogs(@RequestBody SysLogsVo sysLog,HttpServletRequest request) { service.saveLogs(sysLog,request); @@ -84,7 +93,7 @@ public class SysLogController extends BaseController { @ApiOperation(value = "查询业务日志") @GetMapping("getYwLogs") - @SysLog(title = "审计日志", module = "审计日志->业务日志", businessType = OperaType.QUERY, details = "查询业务日志列表", type = "系统日志") + @SysLog(title = "审计日志", module = "审计日志->业务日志", businessType = OperaType.QUERY, details = "查询业务日志列表", type = "系统日志",logType = 0) public TableDataInfo getYwLogs(SysLogsVo dto) { try{ dto.setLogType(1); @@ -99,7 +108,7 @@ public class SysLogController extends BaseController { @ApiOperation(value = "查询异常日志") @GetMapping("getErrLogs") - @SysLog(title = "审计日志", module = "审计日志->异常日志", businessType = OperaType.QUERY, details = "查询系统异常日志", type = "系统日志") + @SysLog(title = "审计日志", module = "审计日志->异常日志", businessType = OperaType.QUERY ,logType = 0,details = "查询系统异常日志", type = "系统日志") public TableDataInfo getErrLogs(SysLogsVo dto) { try{ dto.setLogType(2); @@ -113,7 +122,7 @@ public class SysLogController extends BaseController { } @ApiOperation(value = "日志备份") @GetMapping("downloadErrLogs") - @SysLog(title = "审计日志", module = "审计日志->异常日志", businessType = OperaType.COPY_LOG, details = "异常日志备份", type = "系统日志") + @SysLog(title = "审计日志", module = "审计日志->异常日志", businessType = OperaType.COPY_LOG, logType = 0, details = "异常日志备份", type = "系统日志") public void downloadErrLogs(HttpServletRequest request, HttpServletResponse response) { // try { // String dateTimeNow=exportSqlService.export("2"); @@ -126,7 +135,7 @@ public class SysLogController extends BaseController { @ApiOperation(value = "日志备份") @GetMapping("downloadYwLogs") - @SysLog(title = "审计日志", module = "审计日志-->业务日志", businessType = OperaType.COPY_LOG, details = "业务日志备份", type = "系统日志") + @SysLog(title = "审计日志", module = "审计日志-->业务日志", businessType = OperaType.COPY_LOG,logType = 0, details = "业务日志备份", type = "系统日志") public void downloadYwLogs(HttpServletRequest request, HttpServletResponse response) { // try { // String dateTimeNow=exportSqlService.export("1"); diff --git a/bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysProfileController.java b/bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysProfileController.java index d569fd1..540d8bf 100644 --- a/bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysProfileController.java +++ b/bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysProfileController.java @@ -67,8 +67,8 @@ public class SysProfileController extends BaseController { * 修改当前登录用户的个人信息 */ @PostMapping("/edit") - @SysLog(title = "个人中心", businessType = OperaType.UPDATE, logType = 0, module = "首页->个人中心") - public AjaxResult updateProfile(@RequestBody SysUser user) { + @SysLog(title = "个人中心", businessType = OperaType.UPDATE, logType = 0, module = "首页->个人中心") + public AjaxResult updateProfile(@RequestBody SysUser user) { try { LoginUser loginUser = SecurityUtils.getLoginUser(); SysUser currentUser = loginUser.getSysUser();