Commit a5361384 authored by 陈勇's avatar 陈勇

Merge branch 'saveUserToRedis' into 'master'

添加Redis 配置 See merge request common/aserver!10
parents 70921a95 a68ed777
...@@ -27,7 +27,7 @@ ...@@ -27,7 +27,7 @@
</properties> </properties>
<!-- 使用阿里 maven 库 --> <!-- 使用阿里 maven 库 -->
<repositories> <repositories>
<repository> <repository>
<id>nexus</id> <id>nexus</id>
<url>http://nexus.archser.com:8081/repository/maven-public/</url> <url>http://nexus.archser.com:8081/repository/maven-public/</url>
...@@ -88,7 +88,17 @@ ...@@ -88,7 +88,17 @@
</dependency> </dependency>
<dependency>
<groupId>redis.clients</groupId>
<artifactId>jedis</artifactId>
<version>2.9.0</version>
</dependency>
<dependency>
<groupId>de.ruedigermoeller</groupId>
<artifactId>fst</artifactId>
<version>2.50</version>
</dependency>
<dependency> <dependency>
<groupId>com.alibaba</groupId> <groupId>com.alibaba</groupId>
...@@ -123,7 +133,7 @@ ...@@ -123,7 +133,7 @@
</dependency> </dependency>
<!-- webSocket 开始--> <!-- webSocket 开始 -->
<dependency> <dependency>
<groupId>javax.websocket</groupId> <groupId>javax.websocket</groupId>
...@@ -144,7 +154,7 @@ ...@@ -144,7 +154,7 @@
<scope>provided</scope> <scope>provided</scope>
</dependency> </dependency>
<!-- webSocket 结束--> <!-- webSocket 结束 -->
<dependency> <dependency>
<groupId>org.apache.dubbo</groupId> <groupId>org.apache.dubbo</groupId>
......
...@@ -29,6 +29,7 @@ import com.jfinal.plugin.activerecord.ActiveRecordPlugin; ...@@ -29,6 +29,7 @@ import com.jfinal.plugin.activerecord.ActiveRecordPlugin;
import com.jfinal.plugin.activerecord.CaseInsensitiveContainerFactory; import com.jfinal.plugin.activerecord.CaseInsensitiveContainerFactory;
import com.jfinal.plugin.activerecord.dialect.OracleDialect; import com.jfinal.plugin.activerecord.dialect.OracleDialect;
import com.jfinal.plugin.druid.DruidPlugin; import com.jfinal.plugin.druid.DruidPlugin;
import com.jfinal.plugin.redis.RedisPlugin;
import com.jfinal.render.ViewType; import com.jfinal.render.ViewType;
import com.jfinal.server.undertow.UndertowServer; import com.jfinal.server.undertow.UndertowServer;
import com.jfinal.server.undertow.WebBuilder; import com.jfinal.server.undertow.WebBuilder;
...@@ -130,6 +131,10 @@ public class MainConfig extends JFinalConfig { ...@@ -130,6 +131,10 @@ public class MainConfig extends JFinalConfig {
me.add(dbPlugin); me.add(dbPlugin);
me.add(arp); me.add(arp);
// 添加Redis 配置
RedisPlugin redis = new RedisPlugin("redis", PropKit.get("redis.url"), PropKit.get("redis.password"));
me.add(redis);
} }
......
...@@ -2,24 +2,22 @@ package com.archser.aserver.controller; ...@@ -2,24 +2,22 @@ package com.archser.aserver.controller;
import java.math.BigInteger; import java.math.BigInteger;
import java.util.Date; import java.util.Date;
import java.util.HashMap;
import java.util.Iterator; import java.util.Iterator;
import java.util.LinkedHashMap; import java.util.LinkedHashMap;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.Map.Entry; import java.util.Map.Entry;
import java.util.Optional; import java.util.Optional;
import org.bouncycastle.crypto.InvalidCipherTextException; import org.bouncycastle.crypto.InvalidCipherTextException;
import org.bouncycastle.crypto.params.ECPrivateKeyParameters; import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
import org.bouncycastle.pqc.math.linearalgebra.ByteUtils; import org.bouncycastle.pqc.math.linearalgebra.ByteUtils;
import com.alibaba.fastjson.JSON; import com.alibaba.fastjson.JSON;
import com.archser.aserver.interceptor.JwtInterceptor; import com.archser.aserver.interceptor.JwtInterceptor;
import com.archser.aserver.model.System; import com.archser.aserver.model.System;
import com.archser.aserver.model.User; import com.archser.aserver.model.User;
import com.archser.aserver.service.LogService; import com.archser.aserver.service.LogService;
import com.archser.aserver.service.UserService; import com.archser.aserver.service.UserService;
import com.archser.aserver.util.CollectionUtil;
import com.archser.aserver.util.HttpRequestUtil; import com.archser.aserver.util.HttpRequestUtil;
import com.archser.aserver.util.KeysUtil; import com.archser.aserver.util.KeysUtil;
import com.archser.aserver.util.gm.BCECUtil; import com.archser.aserver.util.gm.BCECUtil;
...@@ -35,6 +33,7 @@ import com.jfinal.kit.StrKit; ...@@ -35,6 +33,7 @@ import com.jfinal.kit.StrKit;
import com.jfinal.log.Log; import com.jfinal.log.Log;
import com.jfinal.plugin.activerecord.Db; import com.jfinal.plugin.activerecord.Db;
import com.jfinal.plugin.activerecord.Record; import com.jfinal.plugin.activerecord.Record;
import com.jfinal.plugin.redis.Redis;
import com.spbportal.sso.SsoToken; import com.spbportal.sso.SsoToken;
import io.jsonwebtoken.JwsHeader; import io.jsonwebtoken.JwsHeader;
...@@ -68,7 +67,6 @@ public class IndexController extends Controller { ...@@ -68,7 +67,6 @@ public class IndexController extends Controller {
@Inject @Inject
private UserService userService; private UserService userService;
/** /**
* 首页Action * 首页Action
*/ */
...@@ -103,13 +101,12 @@ public class IndexController extends Controller { ...@@ -103,13 +101,12 @@ public class IndexController extends Controller {
* 登录验证 * 登录验证
*/ */
@Clear(JwtInterceptor.class) @Clear(JwtInterceptor.class)
// @Before(LoginValidator.class) // @Before(LoginValidator.class)
public void login() { public void login() {
String app = this.getPara("app"); String app = this.getPara("app");
String username = this.getPara("username"); String username = this.getPara("username");
String password = this.getPara("password"); String password = this.getPara("password");
String callback = this.getPara("callback"); String callback = this.getPara("callback");
// 解密用户名和密码 // 解密用户名和密码
try { try {
username = decrypt(username); username = decrypt(username);
...@@ -119,10 +116,7 @@ public class IndexController extends Controller { ...@@ -119,10 +116,7 @@ public class IndexController extends Controller {
username = this.getPara("username"); username = this.getPara("username");
password = this.getPara("password"); password = this.getPara("password");
} }
password = HashKit.sha256(password); password = HashKit.sha256(password);
java.lang.System.out.println("Login: " + username);
User user = User.dao.template("getUser", username).findFirst(); User user = User.dao.template("getUser", username).findFirst();
if (user == null) { if (user == null) {
this.renderJson(Ret.fail("msg", "用户名或密码不存在: " + username)); this.renderJson(Ret.fail("msg", "用户名或密码不存在: " + username));
...@@ -205,21 +199,21 @@ public class IndexController extends Controller { ...@@ -205,21 +199,21 @@ public class IndexController extends Controller {
} }
//查询用户是否有该系统的权限 //查询用户是否有该系统的权限
// boolean homeAuth = userService.checkUserSystemPermission(user.getId(), app); // boolean homeAuth = userService.checkUserSystemPermission(user.getId(), app);
// if (!homeAuth) { // if (!homeAuth) {
// this.renderJson(Ret.fail("msg", "您没有权限登录" + system.getTitle() + "系统")); // this.renderJson(Ret.fail("msg", "您没有权限登录" + system.getTitle() + "系统"));
// logService.saveAsLog("login", username, JwtInterceptor.getIpAddr(getRequest()), "登录失败,原因:您没有权限登录此系统" + app, // logService.saveAsLog("login", username, JwtInterceptor.getIpAddr(getRequest()), "登录失败,原因:您没有权限登录此系统" + app,
// app); // app);
// return; // return;
// } // }
List<System> systemList = userService.findSystemWithUserPermission(user.getId()); List<System> systemList = userService.findSystemWithUserPermission(user.getId());
/** 修改如果登陆用户为admin用户则直接登陆 huwenbin 2020/5/20 start*/ /** 修改如果登陆用户为admin用户则直接登陆 huwenbin 2020/5/20 start */
if (!"admin".equals(user.getUsername())) { if (!"admin".equals(user.getUsername())) {
if ((systemList == null || systemList.isEmpty())) { if ((systemList == null || systemList.isEmpty())) {
this.renderJson(Ret.fail("msg", "您没有权限登录" + system.getTitle() + "系统")); this.renderJson(Ret.fail("msg", "您没有权限登录" + system.getTitle() + "系统"));
logService.saveAsLog("login", username, JwtInterceptor.getIpAddr(getRequest()), "登录失败,原因:您没有权限登录此系统" + app, logService.saveAsLog("login", username, JwtInterceptor.getIpAddr(getRequest()),
app); "登录失败,原因:您没有权限登录此系统" + app, app);
return; return;
} }
...@@ -249,6 +243,18 @@ public class IndexController extends Controller { ...@@ -249,6 +243,18 @@ public class IndexController extends Controller {
if (errorcount != null && errorcount != 0) { if (errorcount != null && errorcount != 0) {
this.setErrZero(user); this.setErrZero(user);
} }
/**
* 20200706 lidecai 将用户信息保存到Redis start
*/
Map<String, Object> columns = Db.findById("AS_USER", "USERNAME", username).getColumns();
Map<Object, Object> userInfo = new HashMap<>();
userInfo.putAll(columns);
Redis.use().hmset(username + "_INFO", userInfo);
// 设置过期时间
Redis.use().expire(username, 60 * 60 * 24);
/**
* 20200706 lidecai 将用户信息保存到Redis end
*/
this.renderJson(Ret.ok("token", jws).set("callback", callback)); this.renderJson(Ret.ok("token", jws).set("callback", callback));
logService.saveAsLog("login", username, JwtInterceptor.getIpAddr(getRequest()), logService.saveAsLog("login", username, JwtInterceptor.getIpAddr(getRequest()),
username + "登录" + app + "成功", app); username + "登录" + app + "成功", app);
...@@ -266,23 +272,25 @@ public class IndexController extends Controller { ...@@ -266,23 +272,25 @@ public class IndexController extends Controller {
//密码错误时判断错误次数是否为5次 //密码错误时判断错误次数是否为5次
private boolean checkErrorCount(User user) { private boolean checkErrorCount(User user) {
Kv cond= Kv.by("id", user.getId()).set("hour",hour).set("permitLoginTimes",permitLoginTimes); Kv cond = Kv.by("id", user.getId()).set("hour", hour).set("permitLoginTimes", permitLoginTimes);
List<Record> currentList =Db.find(Db.getSqlPara("getErrorCount",cond)); List<Record> currentList = Db.find(Db.getSqlPara("getErrorCount", cond));
int currentNum = 0; int currentNum = 0;
for (Record record : currentList) { for (Record record : currentList) {
currentNum = Integer.parseInt(record.get("flag").toString()); currentNum = Integer.parseInt(record.get("flag").toString());
} }
if (currentNum >= permitLoginTimes) { if (currentNum >= permitLoginTimes) {
return true; return true;
}else { } else {
//执行+1或=1的操作 //执行+1或=1的操作
Db.update(Db.getSqlPara("updateForErr",cond)); Db.update(Db.getSqlPara("updateForErr", cond));
return false; return false;
} }
} }
//密码正确时判断次数和锁定时间是否在指定范围内 //密码正确时判断次数和锁定时间是否在指定范围内
private boolean checkWhenPwdOk(User user) { private boolean checkWhenPwdOk(User user) {
List<Record> currentList =Db.find(Db.getSqlPara("checkWhenPwdOk", Kv.by("id", user.getId()).set("hour",hour).set("permitLoginTimes",permitLoginTimes))); List<Record> currentList = Db.find(Db.getSqlPara("checkWhenPwdOk",
Kv.by("id", user.getId()).set("hour", hour).set("permitLoginTimes", permitLoginTimes)));
int currentNum = 0; int currentNum = 0;
if (currentList == null || currentList.size() == 0) { if (currentList == null || currentList.size() == 0) {
return true; return true;
...@@ -290,9 +298,9 @@ public class IndexController extends Controller { ...@@ -290,9 +298,9 @@ public class IndexController extends Controller {
for (Record record : currentList) { for (Record record : currentList) {
currentNum = Integer.parseInt(record.get("flag").toString()); currentNum = Integer.parseInt(record.get("flag").toString());
} }
if(currentNum >= permitLoginTimes) { if (currentNum >= permitLoginTimes) {
return false; return false;
}else { } else {
return true; return true;
} }
} }
...@@ -306,10 +314,10 @@ public class IndexController extends Controller { ...@@ -306,10 +314,10 @@ public class IndexController extends Controller {
public void ssoByPortalSystem() { public void ssoByPortalSystem() {
try { try {
//获取app //获取app
String app = getPara("app",null); String app = getPara("app", null);
if(app == null) { if (app == null) {
renderJson(Ret.fail("msg","获取服务信息失败")); renderJson(Ret.fail("msg", "获取服务信息失败"));
return ; return;
} }
//获取到门户系统的Token //获取到门户系统的Token
String ssotoken = getPara("ssotoken"); String ssotoken = getPara("ssotoken");
...@@ -320,12 +328,12 @@ public class IndexController extends Controller { ...@@ -320,12 +328,12 @@ public class IndexController extends Controller {
//获取用户 //获取用户
Record user = userService.getUserInfoByPersonCode(personCode); Record user = userService.getUserInfoByPersonCode(personCode);
System system = System.dao.template("getSystemPrivatekey", app).findFirst(); System system = System.dao.template("getSystemPrivatekey", app).findFirst();
if(system == null) { if (system == null) {
renderJson(Ret.fail("msg","获取服务信息失败")); renderJson(Ret.fail("msg", "获取服务信息失败"));
return ; return;
} }
//判断用户是否存在 //判断用户是否存在
if(user != null && user.getStr("username") != null) { if (user != null && user.getStr("username") != null) {
String jws = Jwts.builder() String jws = Jwts.builder()
// 设置密匙ID // 设置密匙ID
.setHeaderParam(JwsHeader.KEY_ID, system.getKeyid()) .setHeaderParam(JwsHeader.KEY_ID, system.getKeyid())
...@@ -341,14 +349,14 @@ public class IndexController extends Controller { ...@@ -341,14 +349,14 @@ public class IndexController extends Controller {
.signWith(KeysUtil.privatekey(system.getPrivatekey()), SignatureAlgorithm.RS256).compact(); .signWith(KeysUtil.privatekey(system.getPrivatekey()), SignatureAlgorithm.RS256).compact();
this.renderJson(Ret.ok("token", jws)); this.renderJson(Ret.ok("token", jws));
return; return;
}else { } else {
this.renderJson(Ret.fail("msg","没有找到当前用户")); this.renderJson(Ret.fail("msg", "没有找到当前用户"));
return; return;
} }
} catch (Exception e) { } catch (Exception e) {
// TODO: handle exception // TODO: handle exception
e.printStackTrace(); e.printStackTrace();
this.renderJson(Ret.fail("msg","登录出错!")); this.renderJson(Ret.fail("msg", "登录出错!"));
} }
} }
...@@ -442,6 +450,19 @@ public class IndexController extends Controller { ...@@ -442,6 +450,19 @@ public class IndexController extends Controller {
this.renderJson(Ret.fail("msg", "生成登录票据失败")); this.renderJson(Ret.fail("msg", "生成登录票据失败"));
logService.saveAsLog("login", userName, JwtInterceptor.getIpAddr(getRequest()), "生成登录票据失败", app); logService.saveAsLog("login", userName, JwtInterceptor.getIpAddr(getRequest()), "生成登录票据失败", app);
} }
}
/**
* 退出系统,清空Redis 中的用户信息
* @Time:2020年7月6日 - 下午5:19:58
* @author:李德才
* @param:
* @return: void
* @throws
*/
public void loginOut() {
String userName = getAttrForStr("username");
Redis.use().del(userName + "_INFO");
renderJson(Ret.ok());
} }
} }
dbType=DM dbType=DM
jdbcUrl=jdbc:dm://39.104.28.145:5236 jdbcUrl=jdbc:dm://192.168.31.18:5236
jdbc.driver=dm.jdbc.driver.DmDriver jdbc.driver=dm.jdbc.driver.DmDriver
user=archser_yz user=archser
password=archser_yz password=archser_123
basic.url=http://39.104.28.145:11028 basic.url=http://192.168.31.18:11028
devMode =true devMode =true
engineDevMode=true engineDevMode=true
authUrl=http://125.77.26.133:7001/auth/token
userInfoUrl=http://125.77.26.133:7001/api/info/user_info redis.url=192.168.31.18
redirect_uri=http://192.168.31.17:8080/ redis.password=archser_redis
# --- 消息中心websocket配置 --- # --- 消息中心websocket配置 ---
## 定时发送消息的周期 单位毫秒 ## 定时发送消息的周期 单位毫秒
messageWsDelay=5000 messageWsDelay=50000
## 延期,第二次发送消息的延期时间,第一次发送在开始连接时就会发送 单位毫秒 ## 延期,第二次发送消息的延期时间,第一次发送在开始连接时就会发送 单位毫秒
messageWsPeriod=5000 messageWsPeriod=50000
## 消息发送成功后,等待客户端反馈时间,超出此时间表示连接已经断开,会关闭连接 单位毫秒 ## 消息发送成功后,等待客户端反馈时间,超出此时间表示连接已经断开,会关闭连接 单位毫秒
messageWsTimeout=30000 messageWsTimeout=30000
## 是否开启消息中心的websocket ## 是否开启消息中心的websocket
openMessageWebSocket=true openMessageWebSocket=true
MyIpAddress=127.0.0.1,39.104.28.145 MyIpAddress=127.0.0.1,192.168.31.18
...@@ -9,23 +9,21 @@ dbType=DM ...@@ -9,23 +9,21 @@ dbType=DM
jdbcUrl=jdbc:dm://192.168.31.119:5236 jdbcUrl=jdbc:dm://192.168.31.119:5236
jdbc.driver=dm.jdbc.driver.DmDriver jdbc.driver=dm.jdbc.driver.DmDriver
user=archser_yz user=archser
password=archser_yz password=archser_123
basic.url=http://192.168.31.119:11028 basic.url=http://192.168.31.119:11028
devMode =true devMode =true
engineDevMode=true engineDevMode=true
redis.url=192.168.31.18
authUrl=http://125.77.26.133:7001/auth/token redis.password=archser_redis
userInfoUrl=http://125.77.26.133:7001/api/info/user_info
redirect_uri=http://192.168.31.17:8080/
# --- \u6D88\u606F\u4E2D\u5FC3websocket\u914D\u7F6E --- # --- \u6D88\u606F\u4E2D\u5FC3websocket\u914D\u7F6E ---
## \u5B9A\u65F6\u53D1\u9001\u6D88\u606F\u7684\u5468\u671F \u5355\u4F4D\u6BEB\u79D2 ## \u5B9A\u65F6\u53D1\u9001\u6D88\u606F\u7684\u5468\u671F \u5355\u4F4D\u6BEB\u79D2
messageWsDelay=5000 messageWsDelay=50000
## \u5EF6\u671F\uFF0C\u7B2C\u4E8C\u6B21\u53D1\u9001\u6D88\u606F\u7684\u5EF6\u671F\u65F6\u95F4\uFF0C\u7B2C\u4E00\u6B21\u53D1\u9001\u5728\u5F00\u59CB\u8FDE\u63A5\u65F6\u5C31\u4F1A\u53D1\u9001 \u5355\u4F4D\u6BEB\u79D2 ## \u5EF6\u671F\uFF0C\u7B2C\u4E8C\u6B21\u53D1\u9001\u6D88\u606F\u7684\u5EF6\u671F\u65F6\u95F4\uFF0C\u7B2C\u4E00\u6B21\u53D1\u9001\u5728\u5F00\u59CB\u8FDE\u63A5\u65F6\u5C31\u4F1A\u53D1\u9001 \u5355\u4F4D\u6BEB\u79D2
messageWsPeriod=5000 messageWsPeriod=50000
## \u6D88\u606F\u53D1\u9001\u6210\u529F\u540E\uFF0C\u7B49\u5F85\u5BA2\u6237\u7AEF\u53CD\u9988\u65F6\u95F4\uFF0C\u8D85\u51FA\u6B64\u65F6\u95F4\u8868\u793A\u8FDE\u63A5\u5DF2\u7ECF\u65AD\u5F00\uFF0C\u4F1A\u5173\u95ED\u8FDE\u63A5 \u5355\u4F4D\u6BEB\u79D2 ## \u6D88\u606F\u53D1\u9001\u6210\u529F\u540E\uFF0C\u7B49\u5F85\u5BA2\u6237\u7AEF\u53CD\u9988\u65F6\u95F4\uFF0C\u8D85\u51FA\u6B64\u65F6\u95F4\u8868\u793A\u8FDE\u63A5\u5DF2\u7ECF\u65AD\u5F00\uFF0C\u4F1A\u5173\u95ED\u8FDE\u63A5 \u5355\u4F4D\u6BEB\u79D2
messageWsTimeout=30000 messageWsTimeout=30000
## \u662F\u5426\u5F00\u542F\u6D88\u606F\u4E2D\u5FC3\u7684websocket ## \u662F\u5426\u5F00\u542F\u6D88\u606F\u4E2D\u5FC3\u7684websocket
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment