Commit d0c2615b authored by 施翔轲's avatar 施翔轲

Bi大屏相关改造:登录存入IP、getInfo接口校验IP

parent 93d01015
......@@ -12,8 +12,11 @@ import cn.hutool.core.util.ReUtil;
import com.dsk.common.constant.Constants;
import com.dsk.common.constant.GlobalConstants;
import com.dsk.common.core.domain.R;
import com.dsk.common.exception.ServiceException;
import com.dsk.common.tenant.helper.TenantHelper;
import com.dsk.common.utils.StringUtils;
import com.dsk.common.utils.redis.RedisUtils;
import com.dsk.jsk.util.IpUtil;
import com.dsk.system.domain.SysMenu;
import com.dsk.system.domain.SysUser;
import com.dsk.common.core.domain.model.EmailLoginBody;
......@@ -74,13 +77,12 @@ public class SysLoginController {
// return R.ok(ajax);
LoginVo loginVo=loginService.passwordLogin(loginBody);
String ipAddr = IpUtil.getIpAddr(request);
LoginVo loginVo = loginService.passwordLogin(loginBody, ipAddr);
return R.ok(loginVo);
}
// /**
// * 发送短信验证码
// *
......@@ -107,20 +109,18 @@ public class SysLoginController {
@PostMapping("/smsLogin")
public R<LoginVo> smsLogin(@Validated @RequestBody SmsLoginBody smsLoginBody) {
// 生成令牌
LoginVo loginVo=loginService.smsLogin(smsLoginBody.getPhonenumber(), smsLoginBody.getSmsCode());
LoginVo loginVo = loginService.smsLogin(smsLoginBody.getPhonenumber(), smsLoginBody.getSmsCode());
return R.ok(loginVo);
}
/**
* 动态切换租户
*
*/
@SaCheckLogin
@PostMapping("/switch/tenant")
public R<LoginVo> switchTenant(String tenantId) {
LoginVo loginVo=loginService.switchTenant(tenantId);
LoginVo loginVo = loginService.switchTenant(tenantId);
return R.ok(loginVo);
}
......@@ -134,7 +134,7 @@ public class SysLoginController {
@PostMapping("/user/tenants")
public R<List<SysTenantVo>> userTenants() {
LoginUser loginUser = LoginHelper.getLoginUser();
List<SysTenantVo> tenantList=loginService.tenantListByAccount(loginUser.getUserPhone());
List<SysTenantVo> tenantList = loginService.tenantListByAccount(loginUser.getUserPhone());
return R.ok(tenantList);
}
......@@ -146,12 +146,12 @@ public class SysLoginController {
*/
@SaIgnore
@PostMapping("/user/tenant/list")
public R<List<SysTenantVo>> userTenantList (String phone) {
if(!ReUtil.isMatch(RegexPool.MOBILE, phone)) {
public R<List<SysTenantVo>> userTenantList(String phone) {
if (!ReUtil.isMatch(RegexPool.MOBILE, phone)) {
return R.ok(new ArrayList<>());
}
List<SysTenantVo> tenantList=loginService.tenantListByAccount(phone);
if(CollectionUtil.isNotEmpty(tenantList)){
List<SysTenantVo> tenantList = loginService.tenantListByAccount(phone);
if (CollectionUtil.isNotEmpty(tenantList)) {
for (SysTenantVo sysTenantVo : tenantList) {
sysTenantVo.setCompanyName("");
}
......@@ -161,21 +161,23 @@ public class SysLoginController {
/**
* 获取当前用户默认租户
*
* @return
*/
@SaCheckLogin
@PostMapping("/user/default/tenant")
public R<Map> userDefaultTenant() {
LoginUser loginUser = LoginHelper.getLoginUser();
Assert.notNull(loginUser,"用户信息不存在!");
Assert.notNull(loginUser, "用户信息不存在!");
String defaultTenantKey = GlobalConstants.PHONE_DEFAULT_TENANT + loginUser.getUserPhone();
String defaultTenant = RedisUtils.getCacheObject(defaultTenantKey);
return R.ok(MapUtil.of("tenantId",defaultTenant));
return R.ok(MapUtil.of("tenantId", defaultTenant));
}
/**
* 获取当前用户默认租户
*
* @return
*/
@SaIgnore
......@@ -185,7 +187,7 @@ public class SysLoginController {
// Assert.notNull(loginUser,"用户信息不存在!");
String defaultTenantKey = GlobalConstants.PHONE_DEFAULT_TENANT + phone;
String defaultTenant = RedisUtils.getCacheObject(defaultTenantKey);
return R.ok(MapUtil.of("tenantId",defaultTenant));
return R.ok(MapUtil.of("tenantId", defaultTenant));
}
/**
......@@ -235,8 +237,13 @@ public class SysLoginController {
* @return 用户信息
*/
@GetMapping("getInfo")
public R<Map<String, Object>> getInfo() {
public R<Map<String, Object>> getInfo(HttpServletRequest request) {
LoginUser loginUser = LoginHelper.getLoginUser();
//校验当前发请求的IP与登录账号的IP是否相同
String loginUserIpaddr = loginUser.getIpaddr();
if (StringUtils.isNotBlank(loginUserIpaddr) && !Objects.equals(IpUtil.getIpAddr(request), loginUserIpaddr)) {
throw new ServiceException("该账号已在其他地方登录,请求失败!", 401);
}
SysUser user = userService.selectUserById(loginUser.getUserId());
Map<String, Object> ajax = new HashMap<>();
ajax.put("user", user);
......
......@@ -83,9 +83,10 @@ public class SysLoginService {
* 登录验证
*
* @param loginBody 唯一标识
* @param ipAddr IP地址
* @return 结果
*/
public LoginVo passwordLogin(LoginBody loginBody) {
public LoginVo passwordLogin(LoginBody loginBody, String ipAddr) {
String tenantId = loginBody.getTenantId();
String username = loginBody.getUsername();
String password = SaBase64Util.decode(loginBody.getPassword());
......@@ -96,12 +97,12 @@ public class SysLoginService {
validateCaptcha(username, code, uuid);
}
if(ReUtil.isMatch(RegexPool.MOBILE, username)) {
String defaultTenantId = RedisUtils.getCacheObject(GlobalConstants.PHONE_DEFAULT_TENANT + username);
log.info("登录用户:{} 获取缓存默认租户:"+tenantId, username);
if(StrUtil.isEmpty(tenantId)&&StrUtil.isNotBlank(defaultTenantId)){
defaultTenantId= checkDefaultTenant(defaultTenantId,username);
tenantId=defaultTenantId;
if (ReUtil.isMatch(RegexPool.MOBILE, username)) {
String defaultTenantId = RedisUtils.getCacheObject(GlobalConstants.PHONE_DEFAULT_TENANT + username);
log.info("登录用户:{} 获取缓存默认租户:" + tenantId, username);
if (StrUtil.isEmpty(tenantId) && StrUtil.isNotBlank(defaultTenantId)) {
defaultTenantId = checkDefaultTenant(defaultTenantId, username);
tenantId = defaultTenantId;
}
}
......@@ -119,7 +120,7 @@ public class SysLoginService {
throw new UserException("user.not.exists", username);
}
tenantId = sysUser.getTenantId();
}else {
} else {
SysUser sysUser = sysUsers.get(0);
tenantId = sysUser.getTenantId();
}
......@@ -143,6 +144,7 @@ public class SysLoginService {
// 此处可根据登录用户的数据不同 自行创建 loginUser 属性不够用继承扩展就行了
LoginUser loginUser = buildLoginUser(user);
// 生成token
loginUser.setIpaddr(ipAddr);
LoginHelper.loginByDevice(loginUser, DeviceType.PC);
recordLogininfor(username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success"));
......@@ -189,13 +191,13 @@ public class SysLoginService {
}
public LoginVo smsLogin(String username, String smsCode) {
String tenantId=null;
if(ReUtil.isMatch(RegexPool.MOBILE, username)) {
String defaultTenantId = RedisUtils.getCacheObject(GlobalConstants.PHONE_DEFAULT_TENANT + username);
log.info("登录用户:{} 获取缓存默认租户:"+tenantId, username);
if(StrUtil.isNotBlank(defaultTenantId)){
defaultTenantId= checkDefaultTenant(defaultTenantId,username);
tenantId=defaultTenantId;
String tenantId = null;
if (ReUtil.isMatch(RegexPool.MOBILE, username)) {
String defaultTenantId = RedisUtils.getCacheObject(GlobalConstants.PHONE_DEFAULT_TENANT + username);
log.info("登录用户:{} 获取缓存默认租户:" + tenantId, username);
if (StrUtil.isNotBlank(defaultTenantId)) {
defaultTenantId = checkDefaultTenant(defaultTenantId, username);
tenantId = defaultTenantId;
}
}
......@@ -213,7 +215,7 @@ public class SysLoginService {
throw new UserException("user.not.exists", username);
}
tenantId = sysUser.getTenantId();
}else {
} else {
SysUser sysUser = sysUsers.get(0);
tenantId = sysUser.getTenantId();
}
......@@ -370,9 +372,9 @@ public class SysLoginService {
private SysUser loadUserByUsername(String username) {
SysUser user = userMapper.selectOne(new LambdaQueryWrapper<SysUser>()
.select(SysUser::getUserName, SysUser::getStatus)
.eq(SysUser::getUserName, username)
.or().eq(SysUser::getPhonenumber, username));
.select(SysUser::getUserName, SysUser::getStatus)
.eq(SysUser::getUserName, username)
.or().eq(SysUser::getPhonenumber, username));
if (ObjectUtil.isNull(user)) {
log.info("登录用户:{} 不存在.", username);
throw new UserException("user.not.exists", username);
......@@ -385,8 +387,8 @@ public class SysLoginService {
private SysUser loadUserByPhonenumber(String phonenumber) {
SysUser user = userMapper.selectOne(new LambdaQueryWrapper<SysUser>()
.select(SysUser::getPhonenumber, SysUser::getStatus)
.eq(SysUser::getPhonenumber, phonenumber));
.select(SysUser::getPhonenumber, SysUser::getStatus)
.eq(SysUser::getPhonenumber, phonenumber));
if (ObjectUtil.isNull(user)) {
log.info("登录用户:{} 不存在.", phonenumber);
throw new UserException("user.not.exists", phonenumber);
......@@ -399,8 +401,8 @@ public class SysLoginService {
private SysUser loadUserByEmail(String email) {
SysUser user = userMapper.selectOne(new LambdaQueryWrapper<SysUser>()
.select(SysUser::getPhonenumber, SysUser::getStatus)
.eq(SysUser::getEmail, email));
.select(SysUser::getPhonenumber, SysUser::getStatus)
.eq(SysUser::getEmail, email));
if (ObjectUtil.isNull(user)) {
log.info("登录用户:{} 不存在.", email);
throw new UserException("user.not.exists", email);
......@@ -509,14 +511,14 @@ public class SysLoginService {
log.info("登录企业:{} 已被停用.", tenant.getCompanyName());
throw new TenantException("company.blocked");
} else if (ObjectUtil.isNotNull(tenant.getExpireTime())
&& new Date().after(tenant.getExpireTime())) {
&& new Date().after(tenant.getExpireTime())) {
log.info("登录企业:{} 已超过有效期.", tenant.getCompanyName());
throw new TenantException("company.expired");
}
}
public String checkDefaultTenant(String tenantId,String phoneNumber) {
public String checkDefaultTenant(String tenantId, String phoneNumber) {
if (!TenantHelper.isEnable()) {
return null;
}
......@@ -557,16 +559,16 @@ public class SysLoginService {
if (ReUtil.isMatch(RegexPool.MOBILE, username)) {
LambdaQueryWrapper<SysUser> lqw = new LambdaQueryWrapper<SysUser>()
.select(SysUser::getUserName, SysUser::getStatus, SysUser::getTenantId,SysUser::getDelFlag)
.eq(SysUser::getPhonenumber, username)
.orderByDesc(SysUser::getUserId);
.select(SysUser::getUserName, SysUser::getStatus, SysUser::getTenantId, SysUser::getDelFlag)
.eq(SysUser::getPhonenumber, username)
.orderByDesc(SysUser::getUserId);
// sysUsers = userMapper.selectUserByTenantPhone(username);
sysUsers = userMapper.selectList(lqw);
} else {
LambdaQueryWrapper<SysUser> lqw = new LambdaQueryWrapper<SysUser>()
.select(SysUser::getUserName, SysUser::getStatus, SysUser::getTenantId)
.eq(SysUser::getUserName, username)
.orderByDesc(SysUser::getUserId);
.select(SysUser::getUserName, SysUser::getStatus, SysUser::getTenantId)
.eq(SysUser::getUserName, username)
.orderByDesc(SysUser::getUserId);
// sysUsers = userMapper.selectUserByTenantUsername(username);
sysUsers = userMapper.selectList(lqw);
}
......@@ -582,10 +584,10 @@ public class SysLoginService {
Assert.notNull(userId, "企业切换失败!");
// 如果 切换租户和当前登录租户一致,仅保存默认租户
LoginUser loginUserVo = LoginHelper.getLoginUser();
if(tenantId.equals(loginUserVo.getTenantId())){
if (tenantId.equals(loginUserVo.getTenantId())) {
//保存当前账号的默认租户
String defaultTenantKey = GlobalConstants.PHONE_DEFAULT_TENANT + loginUserVo.getUserPhone();
RedisUtils.setCacheObject(defaultTenantKey,tenantId, Duration.ofDays(90));
RedisUtils.setCacheObject(defaultTenantKey, tenantId, Duration.ofDays(90));
LoginVo loginVo = new LoginVo();
loginVo.setTenantId(TenantHelper.getTenantId());
loginVo.setAccessToken(StpUtil.getTokenValue());
......@@ -618,10 +620,10 @@ public class SysLoginService {
LoginHelper.loginByDevice(loginUser, DeviceType.PC);
log.info("当前租户由"+sysUser.getTenantId()+"切换为"+tenantId);
log.info("当前租户由" + sysUser.getTenantId() + "切换为" + tenantId);
//保存当前账号的默认租户
String defaultTenantKey = GlobalConstants.PHONE_DEFAULT_TENANT + loginUser.getUserPhone();
RedisUtils.setCacheObject(defaultTenantKey,tenantId, Duration.ofDays(90));
RedisUtils.setCacheObject(defaultTenantKey, tenantId, Duration.ofDays(90));
recordLogininfor(username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success"));
recordLoginInfo(user.getUserId(), username);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment