diff --git a/bonus-auth/src/main/java/com/bonus/auth/controller/TokenController.java b/bonus-auth/src/main/java/com/bonus/auth/controller/TokenController.java index e5c7e61..bf4b6d5 100644 --- a/bonus-auth/src/main/java/com/bonus/auth/controller/TokenController.java +++ b/bonus-auth/src/main/java/com/bonus/auth/controller/TokenController.java @@ -1,6 +1,8 @@ package com.bonus.auth.controller; import javax.servlet.http.HttpServletRequest; + +import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.DeleteMapping; import org.springframework.web.bind.annotation.PostMapping; @@ -23,6 +25,7 @@ import com.bonus.system.api.model.LoginUser; * @author bonus */ @RestController +@Slf4j public class TokenController { @Autowired @@ -41,16 +44,21 @@ public class TokenController } @DeleteMapping("logout") - public R logout(HttpServletRequest request) - { - String token = SecurityUtils.getToken(request); - if (StringUtils.isNotEmpty(token)) - { - String username = JwtUtils.getUserName(token); - // 删除用户缓存记录 - AuthUtil.logoutByToken(token); - // 记录用户退出日志 - sysLoginService.logout(username); + public R logout(HttpServletRequest request) { + try{ + String token = SecurityUtils.getToken(request); + if (StringUtils.isNotEmpty(token)) + { + String username = JwtUtils.getUserName(token); + String userId= JwtUtils.getUserId(token); + // 删除用户缓存记录 + AuthUtil.logoutByToken(token); + // 记录用户退出日志 + sysLoginService.logout(username,userId); + } + }catch (Exception e){ + sysLoginService.logout("",""); + log.error(e.toString(),e); } return R.ok(); } diff --git a/bonus-auth/src/main/java/com/bonus/auth/service/SysLoginService.java b/bonus-auth/src/main/java/com/bonus/auth/service/SysLoginService.java index d87887d..be525c1 100644 --- a/bonus-auth/src/main/java/com/bonus/auth/service/SysLoginService.java +++ b/bonus-auth/src/main/java/com/bonus/auth/service/SysLoginService.java @@ -1,11 +1,8 @@ package com.bonus.auth.service; +import com.bonus.common.core.constant.*; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; -import com.bonus.common.core.constant.CacheConstants; -import com.bonus.common.core.constant.Constants; -import com.bonus.common.core.constant.SecurityConstants; -import com.bonus.common.core.constant.UserConstants; import com.bonus.common.core.domain.R; import com.bonus.common.core.enums.UserStatus; import com.bonus.common.core.exception.ServiceException; @@ -41,70 +38,60 @@ public class SysLoginService /** * 登录 */ - public LoginUser login(String username, String password) - { + public LoginUser login(String username, String password) { // 用户名或密码为空 错误 - if (StringUtils.isAnyBlank(username, password)) - { - recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户/密码必须填写"); - throw new ServiceException("用户/密码必须填写"); + if (StringUtils.isAnyBlank(username, password)) { + recordLogService.saveLogs(username, Constants.LOGIN_FAIL, "用户名/密码为空","用户名/密码必须填写",null,null); + throw new ServiceException("用户名/密码必须填写"); } // 密码如果不在指定范围内 错误 - if (password.length() < UserConstants.PASSWORD_MIN_LENGTH - || password.length() > UserConstants.PASSWORD_MAX_LENGTH) - { - recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户密码不在指定范围"); - throw new ServiceException("用户密码不在指定范围"); + if (password.length() < ValidateUtils.MIN_LENGTH + || password.length() > ValidateUtils.MAX_LENGTH) { + recordLogService.saveLogs(username, Constants.LOGIN_FAIL, "密码格式不正确","用户名/密码格式不正确",null,null); + throw new ServiceException("用户名/密码格式不正确"); } // 用户名不在指定范围内 错误 if (username.length() < UserConstants.USERNAME_MIN_LENGTH - || username.length() > UserConstants.USERNAME_MAX_LENGTH) - { - recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户名不在指定范围"); - throw new ServiceException("用户名不在指定范围"); + || username.length() > UserConstants.USERNAME_MAX_LENGTH) { + recordLogService.saveLogs(username, Constants.LOGIN_FAIL, "用户名格式不正确","用户名/密码格式不正确",null,null); + throw new ServiceException("用户名/密码格式不正确"); } // IP黑名单校验 String blackStr = Convert.toStr(redisService.getCacheObject(CacheConstants.SYS_LOGIN_BLACKIPLIST)); - if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr())) - { - recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "很遗憾,访问IP已被列入系统黑名单"); + if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr())) { + recordLogService.saveLogs(username, Constants.LOGIN_FAIL, "访问IP已被列入系统黑名单","很遗憾,访问IP已被列入系统黑名单",null,null); throw new ServiceException("很遗憾,访问IP已被列入系统黑名单"); } // 查询用户信息 R userResult = remoteUserService.getUserInfo(username, SecurityConstants.INNER); - if (StringUtils.isNull(userResult) || StringUtils.isNull(userResult.getData())) - { - recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "登录用户不存在"); - throw new ServiceException("登录用户:" + username + " 不存在"); + if (StringUtils.isNull(userResult) || StringUtils.isNull(userResult.getData())) { + recordLogService.saveLogs(username, Constants.LOGIN_FAIL, "登录用户不存在","用户名/密码错误",null,null); + throw new ServiceException("用户名/密码错误"); } - - if (R.FAIL == userResult.getCode()) - { + if (R.FAIL == userResult.getCode()) { + recordLogService.saveLogs(username, Constants.LOGIN_FAIL, "系统错误",userResult.getMsg(),null,null); throw new ServiceException(userResult.getMsg()); } LoginUser userInfo = userResult.getData(); SysUser user = userResult.getData().getSysUser(); - if (UserStatus.DELETED.getCode().equals(user.getDelFlag())) - { - recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "对不起,您的账号已被删除"); - throw new ServiceException("对不起,您的账号:" + username + " 已被删除"); + if (UserStatus.DELETED.getCode().equals(user.getDelFlag())) { + recordLogService.saveLogs(username, Constants.LOGIN_FAIL, "账号已被删除","用户不存在",null,null); + throw new ServiceException("用户不存在"); } - if (UserStatus.DISABLE.getCode().equals(user.getStatus())) - { - recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户已停用,请联系管理员"); - throw new ServiceException("对不起,您的账号:" + username + " 已停用"); + if (UserStatus.DISABLE.getCode().equals(user.getStatus())) { + recordLogService.saveLogs(username, Constants.LOGIN_FAIL, "用户已停用","用户不存在",null,null); + throw new ServiceException("用户不存在"); } passwordService.validate(user, password); - recordLogService.recordLogininfor(username, Constants.LOGIN_SUCCESS, "登录成功"); + recordLogService.saveLogs(username, Constants.LOGIN_FAIL, "登陆成功","登陆成功",user.getUserId().toString(),"登陆成功"); return userInfo; } - public void logout(String loginName) - { - recordLogService.recordLogininfor(loginName, Constants.LOGOUT, "退出成功"); - } + public void logout(String loginName,String userId) { + recordLogService.saveLogout(loginName,"退出成功","退出成功",userId,"退出成功"); + } /** * 注册 diff --git a/bonus-auth/src/main/java/com/bonus/auth/service/SysPasswordService.java b/bonus-auth/src/main/java/com/bonus/auth/service/SysPasswordService.java index 3411f7a..0968d21 100644 --- a/bonus-auth/src/main/java/com/bonus/auth/service/SysPasswordService.java +++ b/bonus-auth/src/main/java/com/bonus/auth/service/SysPasswordService.java @@ -39,28 +39,23 @@ public class SysPasswordService return CacheConstants.PWD_ERR_CNT_KEY + username; } - public void validate(SysUser user, String password) - { + public void validate(SysUser user, String password) { String username = user.getUserName(); - Integer retryCount = redisService.getCacheObject(getCacheKey(username)); - - if (retryCount == null) - { + if (retryCount == null) { retryCount = 0; } - if (retryCount >= Integer.valueOf(maxRetryCount).intValue()) - { - String errMsg = String.format("密码输入错误%s次,帐户锁定%s分钟", maxRetryCount, lockTime); - recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL,errMsg); + if (retryCount >= Integer.valueOf(maxRetryCount).intValue()) { + long time=redisService.getExpire(getCacheKey(username)); + long times=time/60 +1; + String errMsg = String.format("密码输入错误%s次,帐户锁定,请%s分钟后重试", maxRetryCount, times); + recordLogService.saveLogs(username, Constants.LOGIN_FAIL, "用户账号锁定","用户账号已锁定,请"+times+"后重试",null,null); throw new ServiceException(errMsg); } - - if (!matches(user, password)) - { + if (!matches(user, password)) { retryCount = retryCount + 1; - recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, String.format("密码输入错误%s次", retryCount)); + recordLogService.saveLogs(username, Constants.LOGIN_FAIL, "密码输入错误","用户不存在/密码错误",null,null); redisService.setCacheObject(getCacheKey(username), retryCount, lockTime, TimeUnit.MINUTES); throw new ServiceException("用户不存在/密码错误"); } diff --git a/bonus-auth/src/main/java/com/bonus/auth/service/SysRecordLogService.java b/bonus-auth/src/main/java/com/bonus/auth/service/SysRecordLogService.java index 7d8542f..1937fe2 100644 --- a/bonus-auth/src/main/java/com/bonus/auth/service/SysRecordLogService.java +++ b/bonus-auth/src/main/java/com/bonus/auth/service/SysRecordLogService.java @@ -1,5 +1,10 @@ package com.bonus.auth.service; +import com.alibaba.nacos.common.utils.UuidUtils; +import com.bonus.common.core.utils.DateUtils; +import com.bonus.common.core.utils.global.SystemGlobal; +import com.bonus.system.api.domain.SysLogsVo; +import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; import com.bonus.common.core.constant.Constants; @@ -9,12 +14,15 @@ import com.bonus.common.core.utils.ip.IpUtils; import com.bonus.system.api.RemoteLogService; import com.bonus.system.api.domain.SysLogininfor; +import java.util.UUID; + /** * 记录日志方法 * * @author bonus */ @Component +@Slf4j public class SysRecordLogService { @Autowired @@ -45,4 +53,86 @@ public class SysRecordLogService } remoteLogService.saveLogininfor(logininfor, SecurityConstants.INNER); } + + /** + * 记录登录信息 + * + * @param username 用户名 + * @param status 状态 + * @param message 消息内容 + * @return + */ + public void saveLogs(String username, String status, String message,String resultData,String userId,String result) { + SysLogsVo sysLogsVo = new SysLogsVo(); + String uuid= UUID.randomUUID().toString().replace("-","").toUpperCase(); + sysLogsVo.setLogId(uuid); + sysLogsVo.setOperaUserName(username); + sysLogsVo.setIp(IpUtils.getIpAddr()); + sysLogsVo.setModel("系统登陆"); + sysLogsVo.setOperaTime(DateUtils.getTime()); + sysLogsVo.setMethodType(SystemGlobal.POST); + sysLogsVo.setMethod("login()"); + sysLogsVo.setParams("{\"username\":\""+username+"\"}"); + sysLogsVo.setOperateDetail("用户登陆系统"); + sysLogsVo.setOperaType("登陆"); + sysLogsVo.setOperaUri("/login"); + sysLogsVo.setLogType(0); + if (StringUtils.isNotEmpty(result)){ + sysLogsVo.setResult(result); + }else{ + sysLogsVo.setResult("失败"); + } + if (StringUtils.isNotEmpty(userId)){ + sysLogsVo.setUserId(result); + } + sysLogsVo.setFailureReason(message); + sysLogsVo.setTitle("系统登陆"); + sysLogsVo.setResultData(resultData); + try{ + remoteLogService.addLogs(sysLogsVo, SecurityConstants.INNER); + }catch (Exception e){ + log.error(e.toString(),e); + } + } + + /** + * 记录登录信息 + * + * @param username 用户名 + * @param status 状态 + * @param message 消息内容 + * @return + */ + public void saveLogout(String username, String message,String resultData,String userId,String result) { + SysLogsVo sysLogsVo = new SysLogsVo(); + String uuid= UUID.randomUUID().toString().replace("-","").toUpperCase(); + sysLogsVo.setLogId(uuid); + sysLogsVo.setOperaUserName(username); + sysLogsVo.setIp(IpUtils.getIpAddr()); + sysLogsVo.setModel("退出登录"); + sysLogsVo.setLogType(0); + if (StringUtils.isNotEmpty(userId)){ + sysLogsVo.setUserId(result); + } + sysLogsVo.setOperaTime(DateUtils.getTime()); + sysLogsVo.setMethodType(SystemGlobal.POST); + sysLogsVo.setMethod("logout()"); + sysLogsVo.setParams("{\"username\":\""+username+"\"}"); + sysLogsVo.setOperateDetail("用户退出登录"); + sysLogsVo.setOperaType("登出"); + sysLogsVo.setOperaUri("/logout"); + if (StringUtils.isNotEmpty(result)){ + sysLogsVo.setResult(result); + }else{ + sysLogsVo.setResult("成功"); + } + sysLogsVo.setFailureReason(message); + sysLogsVo.setTitle("退出登录"); + sysLogsVo.setResultData(resultData); + try{ + remoteLogService.addLogs(sysLogsVo, SecurityConstants.INNER); + }catch (Exception e){ + log.error(e.toString(),e); + } + } } diff --git a/bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/constant/UserConstants.java b/bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/constant/UserConstants.java index feabbee..281b14c 100644 --- a/bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/constant/UserConstants.java +++ b/bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/constant/UserConstants.java @@ -5,8 +5,7 @@ package com.bonus.common.core.constant; * * @author bonus */ -public class UserConstants -{ +public class UserConstants { /** * 平台内系统用户的唯一标志 */ diff --git a/bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/constant/ValidateUtils.java b/bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/constant/ValidateUtils.java index 3192c0f..1b684a9 100644 --- a/bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/constant/ValidateUtils.java +++ b/bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/constant/ValidateUtils.java @@ -1,6 +1,6 @@ package com.bonus.common.core.constant; -import com.bonus.common.core.utils.StringUtils; + /** * @className:ValidateUtils @@ -14,17 +14,51 @@ public class ValidateUtils { /** * 密码校验规则 */ - public static final String PWD_REGEX = "^(?=.*[A-Za-z])(?=.*\\d)(?=.*[@$!%*#?&])[A-Za-z\\d@$!%*#?&]{8,20}$"; + public static int MAX_LENGTH=26; + + public static int MIN_LENGTH=8; + + public static void main(String[] args) { + System.err.println(("Admin@1234567")); + System.err.println(isPwd("admin@123456")); + } + /** * 密码校验 * - * @param pwd + * @param password * @return String * @author cwchen * @date 2024/6/28 15:01 */ - public static String isPwd(String pwd) { - return StringUtils.isEmpty(pwd) ? "密码不能为空" : pwd.matches(PWD_REGEX) ? null : "密码必须包含字母、数字、特殊字符,且长度在8-20位之间"; + public static String isPwd(String password) { + + if (password.length() < MIN_LENGTH) { + return "密码必须包含大小写字母、数字、特殊字符,且长度在"+MIN_LENGTH+"-"+MAX_LENGTH+"位之间"; + } + if (password.length() > MAX_LENGTH) { + return "密码必须包含大小写字母、数字、特殊字符,且长度在"+MIN_LENGTH+"-"+MAX_LENGTH+"位之间"; + } + boolean hasUpperCase = false; + boolean hasLowerCase = false; + boolean hasDigit = false; + boolean hasSpecialChar = false; + + for (char c : password.toCharArray()) { + if (Character.isUpperCase(c)) { + hasUpperCase = true; + } else if (Character.isLowerCase(c)) { + hasLowerCase = true; + } else if (Character.isDigit(c)) { + hasDigit = true; + } else { + hasSpecialChar = true; + } + } + if(hasUpperCase && hasLowerCase && hasDigit && hasSpecialChar){ + return null; + } + return "密码必须包含大小写字母、数字、特殊字符,且长度在"+MIN_LENGTH+"-"+MAX_LENGTH+"位之间"; } } diff --git a/bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/utils/global/SystemGlobal.java b/bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/utils/global/SystemGlobal.java index d32e776..93c3bf7 100644 --- a/bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/utils/global/SystemGlobal.java +++ b/bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/utils/global/SystemGlobal.java @@ -27,4 +27,10 @@ public class SystemGlobal { * 成功的200 字符串 */ public final static String SUCCESS_CODE_STR="200"; + + /** + * POST 请求 + */ + public final static String POST="POST"; + } diff --git a/bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/utils/poi/ExcelUtil.java b/bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/utils/poi/ExcelUtil.java index 2e34b5f..a51a5fd 100644 --- a/bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/utils/poi/ExcelUtil.java +++ b/bonus-common/bonus-common-core/src/main/java/com/bonus/common/core/utils/poi/ExcelUtil.java @@ -452,8 +452,7 @@ public class ExcelUtil * @param list 导出数据集合 * @param sheetName 工作表的名称 */ - public void exportExcel(HttpServletResponse response, List list, String sheetName) - { + public void exportExcel(HttpServletResponse response, List list, String sheetName) { exportExcel(response, list, sheetName, StringUtils.EMPTY); } diff --git a/bonus-common/bonus-common-log/src/main/java/com/bonus/common/log/enums/OperaType.java b/bonus-common/bonus-common-log/src/main/java/com/bonus/common/log/enums/OperaType.java index ff063a2..00247e2 100644 --- a/bonus-common/bonus-common-log/src/main/java/com/bonus/common/log/enums/OperaType.java +++ b/bonus-common/bonus-common-log/src/main/java/com/bonus/common/log/enums/OperaType.java @@ -40,4 +40,9 @@ public class OperaType { * 其他 */ public final static String OTHER="其他"; + + /** + * 其他 + */ + public final static String FLASH="刷新"; } diff --git a/bonus-common/bonus-common-security/src/main/java/com/bonus/common/security/config/MyFilter.java b/bonus-common/bonus-common-security/src/main/java/com/bonus/common/security/config/MyFilter.java index 59cdf27..41c1b87 100644 --- a/bonus-common/bonus-common-security/src/main/java/com/bonus/common/security/config/MyFilter.java +++ b/bonus-common/bonus-common-security/src/main/java/com/bonus/common/security/config/MyFilter.java @@ -1,7 +1,9 @@ package com.bonus.common.security.config; +import com.bonus.common.core.utils.global.SystemGlobal; import com.bonus.common.security.interceptor.ReadHttpRequestWrapper; +import jdk.nashorn.internal.runtime.PropertyDescriptor; import org.springframework.stereotype.Component; import org.springframework.web.filter.OncePerRequestFilter; @@ -11,13 +13,22 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; +import static cn.hutool.http.Method.POST; +import static jdk.nashorn.internal.runtime.PropertyDescriptor.GET; + @Component @WebFilter("/*") public class MyFilter extends OncePerRequestFilter { @Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { - ReadHttpRequestWrapper requestWrapper = new ReadHttpRequestWrapper(request); - filterChain.doFilter(requestWrapper, response); - } + if (SystemGlobal.POST.equals(request.getMethod())){ + //解决 无法重复读取的我呢提 + ReadHttpRequestWrapper requestWrapper = new ReadHttpRequestWrapper(request); + filterChain.doFilter(requestWrapper, response); + }else{ + filterChain.doFilter(request, response); + } + } + } \ No newline at end of file diff --git a/bonus-common/bonus-common-security/src/main/java/com/bonus/common/security/service/TokenService.java b/bonus-common/bonus-common-security/src/main/java/com/bonus/common/security/service/TokenService.java index adb5b50..3e77baa 100644 --- a/bonus-common/bonus-common-security/src/main/java/com/bonus/common/security/service/TokenService.java +++ b/bonus-common/bonus-common-security/src/main/java/com/bonus/common/security/service/TokenService.java @@ -61,11 +61,13 @@ public class TokenService claimsMap.put(SecurityConstants.USER_KEY, token); claimsMap.put(SecurityConstants.DETAILS_USER_ID, userId); claimsMap.put(SecurityConstants.DETAILS_USERNAME, userName); - - // 接口返回信息 + String accessToken= JwtUtils.createToken(claimsMap); Map rspMap = new HashMap(); - rspMap.put("access_token", JwtUtils.createToken(claimsMap)); + rspMap.put("access_token", accessToken); rspMap.put("expires_in", expireTime); + //对token和 进行混粗糙你存储 + redisService.setCacheObject(userName+":"+accessToken,userName, 120l, TimeUnit.MINUTES); + redisService.setCacheObject(userId+":"+accessToken,userId.toString(), 120l, TimeUnit.MINUTES); return rspMap; } diff --git a/bonus-gateway/src/main/java/com/bonus/gateway/filter/AuthFilter.java b/bonus-gateway/src/main/java/com/bonus/gateway/filter/AuthFilter.java index f877542..dfd00d5 100644 --- a/bonus-gateway/src/main/java/com/bonus/gateway/filter/AuthFilter.java +++ b/bonus-gateway/src/main/java/com/bonus/gateway/filter/AuthFilter.java @@ -22,6 +22,8 @@ import com.bonus.gateway.config.properties.IgnoreWhiteProperties; import io.jsonwebtoken.Claims; import reactor.core.publisher.Mono; +import java.util.concurrent.TimeUnit; + /** * 网关鉴权 * @@ -56,19 +58,19 @@ public class AuthFilter implements GlobalFilter, Ordered return chain.filter(exchange); } String token = getToken(request); - if (StringUtils.isEmpty(token)) - { + if (StringUtils.isEmpty(token)) { return unauthorizedResponse(exchange, "令牌不能为空"); } Claims claims = JwtUtils.parseToken(token); - if (claims == null) - { + if (claims == null) { return unauthorizedResponse(exchange, "令牌已过期或验证不正确!"); } + + + String userkey = JwtUtils.getUserKey(claims); boolean islogin = redisService.hasKey(getTokenKey(userkey)); - if (!islogin) - { + if (!islogin) { return unauthorizedResponse(exchange, "登录状态已过期"); } String userid = JwtUtils.getUserId(claims); @@ -77,7 +79,22 @@ public class AuthFilter implements GlobalFilter, Ordered { return unauthorizedResponse(exchange, "令牌验证失败"); } - + try{ + String userName = JwtUtils.getUserName(claims); + String userId = JwtUtils.getUserId(claims); + String name=redisService.getCacheObject(userName+":"+token); + if (StringUtils.isEmpty(name) || !name.equals(userName)) { + return unauthorizedResponse(exchange, "令牌已过期或验证不正确!"); + } + String id=redisService.getCacheObject(userId+":"+token); + if (StringUtils.isEmpty(id) || !id.equals(userId)) { + return unauthorizedResponse(exchange, "令牌已过期或验证不正确!"); + } + redisService.setCacheObject(userName+":"+token,userName, 120l, TimeUnit.MINUTES); + redisService.setCacheObject(userId+":"+token,userId+"", 120l, TimeUnit.MINUTES); + }catch (Exception e){ + return unauthorizedResponse(exchange, "令牌已过期或验证不正确!"); + } // 设置用户信息到请求 addHeader(mutate, SecurityConstants.USER_KEY, userkey); addHeader(mutate, SecurityConstants.DETAILS_USER_ID, userid); diff --git a/bonus-gateway/src/main/java/com/bonus/gateway/filter/ValidateCodeFilter.java b/bonus-gateway/src/main/java/com/bonus/gateway/filter/ValidateCodeFilter.java index f88fe56..7241581 100644 --- a/bonus-gateway/src/main/java/com/bonus/gateway/filter/ValidateCodeFilter.java +++ b/bonus-gateway/src/main/java/com/bonus/gateway/filter/ValidateCodeFilter.java @@ -33,7 +33,7 @@ import reactor.core.publisher.Mono; @Component public class ValidateCodeFilter extends AbstractGatewayFilterFactory { - private final static String[] VALIDATE_URL = new String[] { "/auth/login2", "/auth/register" }; + private final static String[] VALIDATE_URL = new String[] { "/auth/login", "/auth/register" }; @Value("${system.jie-enable}") public boolean jaData; diff --git a/bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysConfigController.java b/bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysConfigController.java index a887f53..72a5f62 100644 --- a/bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysConfigController.java +++ b/bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysConfigController.java @@ -36,8 +36,8 @@ import com.bonus.system.service.ISysConfigService; @RestController @RequestMapping("/config") @Slf4j -public class SysConfigController extends BaseController -{ +public class SysConfigController extends BaseController { + @Autowired private ISysConfigService configService; @@ -63,71 +63,95 @@ public class SysConfigController extends BaseController @PostMapping("/export") @SysLog(title = "参数配置", businessType = OperaType.EXPORT,logType = 0,module = "系统管理->参数配置") public void export(HttpServletResponse response, SysConfig config) { - List list = configService.selectConfigList(config); - ExcelUtil util = new ExcelUtil(SysConfig.class); - util.exportExcel(response, list, "参数数据"); + try{ + List list = configService.selectConfigList(config); + ExcelUtil util = new ExcelUtil(SysConfig.class); + util.exportExcel(response, list, "参数数据"); + }catch (Exception e){ + ExcelUtil util = new ExcelUtil(SysConfig.class); + util.exportExcel(response, new ArrayList(), "参数数据"); + log.error(e.toString(),e); + } } /** * 根据参数编号获取详细信息 */ @GetMapping(value = "/{configId}") - public AjaxResult getInfo(@PathVariable Long configId) - { - return success(configService.selectConfigById(configId)); + public AjaxResult getInfo(@PathVariable Long configId) { + try{ + return success(configService.selectConfigById(configId)); + }catch (Exception e){ + log.error(e.toString(),e); + return error("系统异常"); + } } /** * 根据参数键名查询参数值 */ @GetMapping(value = "/configKey/{configKey}") - public AjaxResult getConfigKey(@PathVariable String configKey) - { - return success(configService.selectConfigByKey(configKey)); + public AjaxResult getConfigKey(@PathVariable String configKey) { + try{ + return success(configService.selectConfigByKey(configKey)); + }catch (Exception e){ + log.error(e.toString(),e); + return error("系统异常"); + } } /** * 新增参数配置 */ @RequiresPermissions("system:config:add") - @Log(title = "参数管理", businessType = BusinessType.INSERT) + @SysLog(title = "参数配置", businessType = OperaType.INSERT,logType = 0,module = "系统管理->参数配置") @PostMapping - public AjaxResult add(@Validated @RequestBody SysConfig config) - { - if (!configService.checkConfigKeyUnique(config)) - { - return error("新增参数'" + config.getConfigName() + "'失败,参数键名已存在"); + public AjaxResult add(@Validated @RequestBody SysConfig config) { + try{ + if (!configService.checkConfigKeyUnique(config)) { + return error("新增参数'" + config.getConfigName() + "'失败,参数键名已存在"); + } + config.setCreateBy(SecurityUtils.getUsername()); + return toAjax(configService.insertConfig(config)); + }catch (Exception e){ + log.error(e.toString(),e); + return error("系统异常"); } - config.setCreateBy(SecurityUtils.getUsername()); - return toAjax(configService.insertConfig(config)); } /** * 修改参数配置 */ @RequiresPermissions("system:config:edit") - @Log(title = "参数管理", businessType = BusinessType.UPDATE) @PutMapping - public AjaxResult edit(@Validated @RequestBody SysConfig config) - { - if (!configService.checkConfigKeyUnique(config)) - { - return error("修改参数'" + config.getConfigName() + "'失败,参数键名已存在"); + @SysLog(title = "参数配置", businessType = OperaType.UPDATE,logType = 0,module = "系统管理->参数配置") + public AjaxResult edit(@Validated @RequestBody SysConfig config) { + try{ + if (!configService.checkConfigKeyUnique(config)) { + return error("修改参数'" + config.getConfigName() + "'失败,参数键名已存在"); + } + config.setUpdateBy(SecurityUtils.getUsername()); + return toAjax(configService.updateConfig(config)); + }catch (Exception e){ + log.error(e.toString(),e); + return error("系统异常"); } - config.setUpdateBy(SecurityUtils.getUsername()); - return toAjax(configService.updateConfig(config)); } /** * 删除参数配置 */ @RequiresPermissions("system:config:remove") - @Log(title = "参数管理", businessType = BusinessType.DELETE) + @SysLog(title = "参数配置", businessType = OperaType.DELETE,logType = 0,module = "系统管理->参数配置") @DeleteMapping("/{configIds}") - public AjaxResult remove(@PathVariable Long[] configIds) - { - configService.deleteConfigByIds(configIds); - return success(); + public AjaxResult remove(@PathVariable Long[] configIds) { + try{ + configService.deleteConfigByIds(configIds); + return success(); + }catch (Exception e){ + log.error(e.toString(),e); + return error("系统异常"); + } } /** @@ -136,9 +160,14 @@ public class SysConfigController extends BaseController @RequiresPermissions("system:config:remove") @Log(title = "参数管理", businessType = BusinessType.CLEAN) @DeleteMapping("/refreshCache") - public AjaxResult refreshCache() - { - configService.resetConfigCache(); - return success(); + @SysLog(title = "参数配置", businessType = OperaType.FLASH,logType = 0,module = "系统管理->参数配置") + public AjaxResult refreshCache() { + try{ + configService.resetConfigCache(); + return success(); + }catch (Exception e){ + log.error(e.toString(),e); + return error("系统异常"); + } } } diff --git a/bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysDeptController.java b/bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysDeptController.java index 3e5785b..b55cde3 100644 --- a/bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysDeptController.java +++ b/bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysDeptController.java @@ -67,8 +67,7 @@ public class SysDeptController extends BaseController */ @RequiresPermissions("system:dept:query") @GetMapping(value = "/{deptId}") - public AjaxResult getInfo(@PathVariable Long deptId) - { + public AjaxResult getInfo(@PathVariable Long deptId) { deptService.checkDeptDataScope(deptId); return success(deptService.selectDeptById(deptId)); } diff --git a/bonus-modules/bonus-system/src/main/java/com/bonus/system/service/impl/SysOperLogServiceImpl.java b/bonus-modules/bonus-system/src/main/java/com/bonus/system/service/impl/SysOperLogServiceImpl.java index 00063b7..cc9e79a 100644 --- a/bonus-modules/bonus-system/src/main/java/com/bonus/system/service/impl/SysOperLogServiceImpl.java +++ b/bonus-modules/bonus-system/src/main/java/com/bonus/system/service/impl/SysOperLogServiceImpl.java @@ -141,7 +141,9 @@ public class SysOperLogServiceImpl implements ISysOperLogService maps.put("bussType",OperaType.DOWNLOAD); }else if(vo.getMenuName().contains(OperaType.EXPORT)){ maps.put("bussType",OperaType.EXPORT); - }else { + }else if(vo.getMenuName().contains(OperaType.FLASH)){ + maps.put("bussType",OperaType.FLASH); + } else { maps.put("bussType",OperaType.OTHER); } maps.put("title",vo.getMenuName2());