Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
A
aserver
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
15所TongWeb
aserver
Commits
cc0c82c6
Commit
cc0c82c6
authored
Nov 08, 2020
by
胡文斌
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
修改消息跳转
parent
94e0a86f
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
591 additions
and
512 deletions
+591
-512
IndexController.java
.../java/com/archser/aserver/controller/IndexController.java
+510
-510
SystemController.java
...java/com/archser/aserver/controller/SystemController.java
+14
-2
JwtUtils.java
src/main/java/com/archser/aserver/util/JwtUtils.java
+67
-0
No files found.
src/main/java/com/archser/aserver/controller/IndexController.java
View file @
cc0c82c6
package
com
.
archser
.
aserver
.
controller
;
package
com
.
archser
.
aserver
.
controller
;
import
java.math.BigInteger
;
import
java.math.BigInteger
;
import
java.util.Date
;
import
java.util.Date
;
import
java.util.HashMap
;
import
java.util.HashMap
;
import
java.util.Iterator
;
import
java.util.Iterator
;
import
java.util.LinkedHashMap
;
import
java.util.LinkedHashMap
;
import
java.util.List
;
import
java.util.List
;
import
java.util.Map
;
import
java.util.Map
;
import
java.util.Map.Entry
;
import
java.util.Map.Entry
;
import
java.util.Optional
;
import
java.util.Optional
;
import
org.bouncycastle.crypto.InvalidCipherTextException
;
import
org.bouncycastle.crypto.InvalidCipherTextException
;
import
org.bouncycastle.crypto.params.ECPrivateKeyParameters
;
import
org.bouncycastle.crypto.params.ECPrivateKeyParameters
;
import
org.bouncycastle.pqc.math.linearalgebra.ByteUtils
;
import
org.bouncycastle.pqc.math.linearalgebra.ByteUtils
;
import
com.alibaba.fastjson.JSON
;
import
com.alibaba.fastjson.JSON
;
import
com.archser.aserver.interceptor.JwtInterceptor
;
import
com.archser.aserver.interceptor.JwtInterceptor
;
import
com.archser.aserver.model.System
;
import
com.archser.aserver.model.System
;
import
com.archser.aserver.model.User
;
import
com.archser.aserver.model.User
;
import
com.archser.aserver.service.LogService
;
import
com.archser.aserver.service.LogService
;
import
com.archser.aserver.service.UserService
;
import
com.archser.aserver.service.UserService
;
import
com.archser.aserver.util.HttpRequestUtil
;
import
com.archser.aserver.util.HttpRequestUtil
;
import
com.archser.aserver.util.KeysUtil
;
import
com.archser.aserver.util.KeysUtil
;
import
com.archser.aserver.util.gm.BCECUtil
;
import
com.archser.aserver.util.gm.BCECUtil
;
import
com.archser.aserver.util.gm.SM2Util
;
import
com.archser.aserver.util.gm.SM2Util
;
import
com.jfinal.aop.Clear
;
import
com.jfinal.aop.Clear
;
import
com.jfinal.aop.Inject
;
import
com.jfinal.aop.Inject
;
import
com.jfinal.core.Controller
;
import
com.jfinal.core.Controller
;
import
com.jfinal.kit.HashKit
;
import
com.jfinal.kit.HashKit
;
import
com.jfinal.kit.Kv
;
import
com.jfinal.kit.Kv
;
import
com.jfinal.kit.PropKit
;
import
com.jfinal.kit.PropKit
;
import
com.jfinal.kit.Ret
;
import
com.jfinal.kit.Ret
;
import
com.jfinal.kit.StrKit
;
import
com.jfinal.kit.StrKit
;
import
com.jfinal.log.Log
;
import
com.jfinal.log.Log
;
import
com.jfinal.plugin.activerecord.Db
;
import
com.jfinal.plugin.activerecord.Db
;
import
com.jfinal.plugin.activerecord.Record
;
import
com.jfinal.plugin.activerecord.Record
;
import
com.jfinal.plugin.redis.Redis
;
import
com.jfinal.plugin.redis.Redis
;
import
com.spbportal.sso.SsoToken
;
import
com.spbportal.sso.SsoToken
;
import
io.jsonwebtoken.JwsHeader
;
import
io.jsonwebtoken.JwsHeader
;
import
io.jsonwebtoken.Jwts
;
import
io.jsonwebtoken.Jwts
;
import
io.jsonwebtoken.SignatureAlgorithm
;
import
io.jsonwebtoken.SignatureAlgorithm
;
/**
/**
* IndexController 指向系统访问首页
* IndexController 指向系统访问首页
*
*
* @author jbolt.cn
* @author jbolt.cn
* @email 909854136@qq.com
* @email 909854136@qq.com
* @date 2018年11月4日 下午9:02:52
* @date 2018年11月4日 下午9:02:52
*/
*/
public
class
IndexController
extends
Controller
{
public
class
IndexController
extends
Controller
{
/**
/**
* 登陆用户名,密码解密
* 登陆用户名,密码解密
*/
*/
public
static
final
String
PRIVATE_KEY_D
=
"38627fffe8003e6d2faa76d4eae2f74fd9cd7be257ab36c356c4f01bbc17e41d"
;
public
static
final
String
PRIVATE_KEY_D
=
"38627fffe8003e6d2faa76d4eae2f74fd9cd7be257ab36c356c4f01bbc17e41d"
;
public
static
final
ECPrivateKeyParameters
USER_PRIVATE_KEY
=
BCECUtil
.
createECPrivateKeyParameters
(
public
static
final
ECPrivateKeyParameters
USER_PRIVATE_KEY
=
BCECUtil
.
createECPrivateKeyParameters
(
new
BigInteger
(
ByteUtils
.
fromHexString
(
PRIVATE_KEY_D
)),
SM2Util
.
DOMAIN_PARAMS
);
new
BigInteger
(
ByteUtils
.
fromHexString
(
PRIVATE_KEY_D
)),
SM2Util
.
DOMAIN_PARAMS
);
private
static
Log
log
=
Log
.
getLog
(
IndexController
.
class
);
private
static
Log
log
=
Log
.
getLog
(
IndexController
.
class
);
/**
/**
* 超期时间:24小时,即:24 * 60 * 60 * 1000
* 超期时间:24小时,即:24 * 60 * 60 * 1000
*/
*/
p
rivate
static
int
EXPIRATION
=
24
*
60
*
60
*
1000
;
p
ublic
static
final
int
EXPIRATION
=
24
*
60
*
60
*
1000
;
private
static
int
permitLoginTimes
=
5
;
// 允许登陆次数
private
static
int
permitLoginTimes
=
5
;
// 允许登陆次数
private
static
int
hour
=
2
;
// 两小时内不可登录
private
static
int
hour
=
2
;
// 两小时内不可登录
@Inject
@Inject
private
LogService
logService
;
private
LogService
logService
;
@Inject
@Inject
private
UserService
userService
;
private
UserService
userService
;
/**
/**
* 首页Action
* 首页Action
*/
*/
public
void
index
()
{
public
void
index
()
{
render
(
"index.html"
);
render
(
"index.html"
);
}
}
/**
/**
* 修改密码
* 修改密码
*/
*/
public
void
updatePassword
()
{
public
void
updatePassword
()
{
String
username
=
this
.
getPara
(
"username"
);
String
username
=
this
.
getPara
(
"username"
);
String
password
=
this
.
getPara
(
"newPwd"
);
String
password
=
this
.
getPara
(
"newPwd"
);
password
=
HashKit
.
sha256
(
password
);
password
=
HashKit
.
sha256
(
password
);
int
a
=
userService
.
updatePwd
(
password
,
username
);
int
a
=
userService
.
updatePwd
(
password
,
username
);
if
(
a
==
0
)
{
if
(
a
==
0
)
{
this
.
renderJson
(
Ret
.
fail
(
"msg"
,
"修改失败"
));
this
.
renderJson
(
Ret
.
fail
(
"msg"
,
"修改失败"
));
logService
.
saveAsLog
(
"operate"
,
username
,
JwtInterceptor
.
getIpAddr
(
getRequest
()),
logService
.
saveAsLog
(
"operate"
,
username
,
JwtInterceptor
.
getIpAddr
(
getRequest
()),
username
+
"修改密码操作:修改密码失败"
,
"aserver"
);
username
+
"修改密码操作:修改密码失败"
,
"aserver"
);
return
;
return
;
}
}
this
.
renderJson
(
Ret
.
ok
(
"msg"
,
"修改成功"
));
this
.
renderJson
(
Ret
.
ok
(
"msg"
,
"修改成功"
));
logService
.
saveAsLog
(
"operate"
,
username
,
JwtInterceptor
.
getIpAddr
(
getRequest
()),
username
+
"修改密码操作:修改密码成功"
,
logService
.
saveAsLog
(
"operate"
,
username
,
JwtInterceptor
.
getIpAddr
(
getRequest
()),
username
+
"修改密码操作:修改密码成功"
,
"aserver"
);
"aserver"
);
}
}
private
String
decrypt
(
String
sm2Cipher
)
throws
InvalidCipherTextException
{
private
String
decrypt
(
String
sm2Cipher
)
throws
InvalidCipherTextException
{
return
new
String
(
SM2Util
.
decrypt
(
USER_PRIVATE_KEY
,
ByteUtils
.
fromHexString
(
"04"
+
sm2Cipher
)));
return
new
String
(
SM2Util
.
decrypt
(
USER_PRIVATE_KEY
,
ByteUtils
.
fromHexString
(
"04"
+
sm2Cipher
)));
}
}
/**
/**
* 登录验证
* 登录验证
*/
*/
@Clear
(
JwtInterceptor
.
class
)
@Clear
(
JwtInterceptor
.
class
)
// @Before(LoginValidator.class)
// @Before(LoginValidator.class)
public
void
login
()
{
public
void
login
()
{
String
app
=
this
.
getPara
(
"app"
);
String
app
=
this
.
getPara
(
"app"
);
String
username
=
this
.
getPara
(
"username"
);
String
username
=
this
.
getPara
(
"username"
);
String
password
=
this
.
getPara
(
"password"
);
String
password
=
this
.
getPara
(
"password"
);
String
callback
=
this
.
getPara
(
"callback"
);
String
callback
=
this
.
getPara
(
"callback"
);
// 解密用户名和密码
// 解密用户名和密码
try
{
try
{
username
=
decrypt
(
username
);
username
=
decrypt
(
username
);
password
=
decrypt
(
password
);
password
=
decrypt
(
password
);
}
catch
(
Exception
e1
)
{
}
catch
(
Exception
e1
)
{
e1
.
printStackTrace
();
e1
.
printStackTrace
();
username
=
this
.
getPara
(
"username"
);
username
=
this
.
getPara
(
"username"
);
password
=
this
.
getPara
(
"password"
);
password
=
this
.
getPara
(
"password"
);
}
}
//校验密码是否符合强度设置
//校验密码是否符合强度设置
String
verify
=
password
;
String
verify
=
password
;
password
=
HashKit
.
sha256
(
password
);
password
=
HashKit
.
sha256
(
password
);
User
user
=
User
.
dao
.
template
(
"getUser"
,
username
).
findFirst
();
User
user
=
User
.
dao
.
template
(
"getUser"
,
username
).
findFirst
();
if
(
user
==
null
)
{
if
(
user
==
null
)
{
this
.
renderJson
(
Ret
.
fail
(
"msg"
,
"用户名或密码不存在: "
+
username
));
this
.
renderJson
(
Ret
.
fail
(
"msg"
,
"用户名或密码不存在: "
+
username
));
logService
.
saveAsLog
(
"login"
,
username
,
JwtInterceptor
.
getIpAddr
(
getRequest
()),
"该用户非本系统用户正在非法登录"
,
app
);
logService
.
saveAsLog
(
"login"
,
username
,
JwtInterceptor
.
getIpAddr
(
getRequest
()),
"该用户非本系统用户正在非法登录"
,
app
);
return
;
return
;
}
}
// 一旦开启三员 admin用户不能使用
// 一旦开启三员 admin用户不能使用
if
(
"admin"
.
equals
(
user
.
getUsername
()))
{
if
(
"admin"
.
equals
(
user
.
getUsername
()))
{
Integer
userCount
=
Db
.
queryInt
(
Db
.
getSql
(
"hasThreeMemberUsersCount"
));
Integer
userCount
=
Db
.
queryInt
(
Db
.
getSql
(
"hasThreeMemberUsersCount"
));
boolean
isExistThreeMemberUsers
=
userCount
==
null
?
false
:
(
userCount
.
intValue
()
>
0
?
true
:
false
);
boolean
isExistThreeMemberUsers
=
userCount
==
null
?
false
:
(
userCount
.
intValue
()
>
0
?
true
:
false
);
if
(
isExistThreeMemberUsers
)
{
if
(
isExistThreeMemberUsers
)
{
this
.
renderJson
(
Ret
.
fail
(
"msg"
,
"已开启三员管理,admin失效了。"
));
this
.
renderJson
(
Ret
.
fail
(
"msg"
,
"已开启三员管理,admin失效了。"
));
logService
.
saveAsLog
(
"login"
,
username
,
JwtInterceptor
.
getIpAddr
(
getRequest
()),
"登录失败,原因:已开启三员管理"
,
app
);
logService
.
saveAsLog
(
"login"
,
username
,
JwtInterceptor
.
getIpAddr
(
getRequest
()),
"登录失败,原因:已开启三员管理"
,
app
);
return
;
return
;
}
}
}
}
if
(
Integer
.
valueOf
(
user
.
getLocked
())
==
1
)
{
if
(
Integer
.
valueOf
(
user
.
getLocked
())
==
1
)
{
this
.
renderJson
(
Ret
.
fail
(
"msg"
,
"当前账户已被锁定"
));
this
.
renderJson
(
Ret
.
fail
(
"msg"
,
"当前账户已被锁定"
));
logService
.
saveAsLog
(
"login"
,
username
,
JwtInterceptor
.
getIpAddr
(
getRequest
()),
"登录失败,原因:该用户已被锁定"
,
app
);
logService
.
saveAsLog
(
"login"
,
username
,
JwtInterceptor
.
getIpAddr
(
getRequest
()),
"登录失败,原因:该用户已被锁定"
,
app
);
return
;
return
;
}
}
if
(!
password
.
equals
(
user
.
getPassword
()))
{
if
(!
password
.
equals
(
user
.
getPassword
()))
{
if
(
this
.
checkErrorCount
(
user
))
{
if
(
this
.
checkErrorCount
(
user
))
{
this
.
renderJson
(
Ret
.
fail
(
"msg"
,
"您的错误次数已达5次以上,请稍后再试!"
));
this
.
renderJson
(
Ret
.
fail
(
"msg"
,
"您的错误次数已达5次以上,请稍后再试!"
));
return
;
return
;
}
else
{
}
else
{
int
errorCount
=
permitLoginTimes
-
(
user
.
getErrorcount
()
==
null
?
0
:
user
.
getErrorcount
())
-
1
;
int
errorCount
=
permitLoginTimes
-
(
user
.
getErrorcount
()
==
null
?
0
:
user
.
getErrorcount
())
-
1
;
if
(
user
.
getErrorcount
()
==
4
)
{
if
(
user
.
getErrorcount
()
==
4
)
{
this
.
renderJson
(
Ret
.
fail
(
"msg"
,
"用户名或密码验证失败,您的账户于两小时后才可登录!"
));
this
.
renderJson
(
Ret
.
fail
(
"msg"
,
"用户名或密码验证失败,您的账户于两小时后才可登录!"
));
return
;
return
;
}
else
{
}
else
{
this
.
renderJson
(
Ret
.
fail
(
"msg"
,
"用户名或密码验证失败,您还有"
+
errorCount
+
"次机会!"
));
this
.
renderJson
(
Ret
.
fail
(
"msg"
,
"用户名或密码验证失败,您还有"
+
errorCount
+
"次机会!"
));
logService
.
saveAsLog
(
"login"
,
username
,
JwtInterceptor
.
getIpAddr
(
getRequest
()),
"登录失败,原因:密码验证错误"
,
logService
.
saveAsLog
(
"login"
,
username
,
JwtInterceptor
.
getIpAddr
(
getRequest
()),
"登录失败,原因:密码验证错误"
,
app
);
app
);
return
;
return
;
}
}
}
}
}
}
Integer
errorcount
=
user
.
getErrorcount
();
Integer
errorcount
=
user
.
getErrorcount
();
if
(
errorcount
!=
null
&&
errorcount
!=
0
)
{
if
(
errorcount
!=
null
&&
errorcount
!=
0
)
{
if
(!
this
.
checkWhenPwdOk
(
user
))
{
if
(!
this
.
checkWhenPwdOk
(
user
))
{
Date
date
=
new
Date
();
Date
date
=
new
Date
();
long
hour1
=
2
*
60
*
60
;
long
hour1
=
2
*
60
*
60
;
long
begin
=
date
.
getTime
();
long
begin
=
date
.
getTime
();
long
end
=
user
.
getLastLoginTime
().
getTime
();
long
end
=
user
.
getLastLoginTime
().
getTime
();
long
between
=
(
begin
-
end
)
/
1000
;
long
between
=
(
begin
-
end
)
/
1000
;
long
hour2
=
(
hour1
-
between
)
%
(
24
*
3600
)
/
3600
;
long
hour2
=
(
hour1
-
between
)
%
(
24
*
3600
)
/
3600
;
long
minute
=
(
hour1
-
between
)
%
3600
/
60
;
long
minute
=
(
hour1
-
between
)
%
3600
/
60
;
long
second
=
(
hour1
-
between
)
%
60
;
long
second
=
(
hour1
-
between
)
%
60
;
if
(
between
<
hour1
)
{
if
(
between
<
hour1
)
{
this
.
renderJson
(
Ret
.
fail
(
"msg"
,
"您的账户还剩"
+
hour2
+
"小时"
+
minute
+
"分"
+
second
+
"秒才可登录!"
));
this
.
renderJson
(
Ret
.
fail
(
"msg"
,
"您的账户还剩"
+
hour2
+
"小时"
+
minute
+
"分"
+
second
+
"秒才可登录!"
));
return
;
return
;
}
}
}
}
}
}
if
(!
"admin"
.
equals
(
user
.
getUsername
()))
{
if
(!
"admin"
.
equals
(
user
.
getUsername
()))
{
Integer
noLockedRolesCount
=
Db
.
queryInt
(
Db
.
getSql
(
"hasNoLockedRolesCount"
),
user
.
getUsername
());
Integer
noLockedRolesCount
=
Db
.
queryInt
(
Db
.
getSql
(
"hasNoLockedRolesCount"
),
user
.
getUsername
());
boolean
noLockedRolesFlag
=
noLockedRolesCount
==
null
?
false
boolean
noLockedRolesFlag
=
noLockedRolesCount
==
null
?
false
:
(
noLockedRolesCount
.
intValue
()
>
0
?
true
:
false
);
:
(
noLockedRolesCount
.
intValue
()
>
0
?
true
:
false
);
if
(!
noLockedRolesFlag
)
{
if
(!
noLockedRolesFlag
)
{
this
.
renderJson
(
Ret
.
fail
(
"msg"
,
"拥有的角色全部被锁定,不能登录系统了。"
));
this
.
renderJson
(
Ret
.
fail
(
"msg"
,
"拥有的角色全部被锁定,不能登录系统了。"
));
logService
.
saveAsLog
(
"login"
,
username
,
JwtInterceptor
.
getIpAddr
(
getRequest
()),
"登录失败,原因:该用户拥有的角色全部被锁定"
,
logService
.
saveAsLog
(
"login"
,
username
,
JwtInterceptor
.
getIpAddr
(
getRequest
()),
"登录失败,原因:该用户拥有的角色全部被锁定"
,
app
);
app
);
return
;
return
;
}
}
}
}
System
system
=
System
.
dao
.
template
(
"getSystemPrivatekey"
,
app
).
findFirst
();
System
system
=
System
.
dao
.
template
(
"getSystemPrivatekey"
,
app
).
findFirst
();
if
(
system
==
null
)
{
if
(
system
==
null
)
{
this
.
renderJson
(
Ret
.
fail
(
"msg"
,
"没有找到应用:"
+
app
));
this
.
renderJson
(
Ret
.
fail
(
"msg"
,
"没有找到应用:"
+
app
));
logService
.
saveAsLog
(
"login"
,
username
,
JwtInterceptor
.
getIpAddr
(
getRequest
()),
"登录失败,原因:没有找到应用"
+
app
,
logService
.
saveAsLog
(
"login"
,
username
,
JwtInterceptor
.
getIpAddr
(
getRequest
()),
"登录失败,原因:没有找到应用"
+
app
,
app
);
app
);
return
;
return
;
}
}
if
(
StrKit
.
isBlank
(
system
.
getPrivatekey
())
||
StrKit
.
isBlank
(
system
.
getKeyid
()))
{
if
(
StrKit
.
isBlank
(
system
.
getPrivatekey
())
||
StrKit
.
isBlank
(
system
.
getKeyid
()))
{
this
.
renderJson
(
Ret
.
fail
(
"msg"
,
"没有找到应用的密钥:"
+
app
));
this
.
renderJson
(
Ret
.
fail
(
"msg"
,
"没有找到应用的密钥:"
+
app
));
logService
.
saveAsLog
(
"login"
,
username
,
JwtInterceptor
.
getIpAddr
(
getRequest
()),
"登录失败,原因:没有找到应用的密钥"
+
app
,
logService
.
saveAsLog
(
"login"
,
username
,
JwtInterceptor
.
getIpAddr
(
getRequest
()),
"登录失败,原因:没有找到应用的密钥"
+
app
,
app
);
app
);
return
;
return
;
}
}
//查询用户是否有该系统的权限
//查询用户是否有该系统的权限
// boolean homeAuth = userService.checkUserSystemPermission(user.getId(), app);
// boolean homeAuth = userService.checkUserSystemPermission(user.getId(), app);
// if (!homeAuth) {
// if (!homeAuth) {
// this.renderJson(Ret.fail("msg", "您没有权限登录" + system.getTitle() + "系统"));
// this.renderJson(Ret.fail("msg", "您没有权限登录" + system.getTitle() + "系统"));
// logService.saveAsLog("login", username, JwtInterceptor.getIpAddr(getRequest()), "登录失败,原因:您没有权限登录此系统" + app,
// logService.saveAsLog("login", username, JwtInterceptor.getIpAddr(getRequest()), "登录失败,原因:您没有权限登录此系统" + app,
// app);
// app);
// return;
// return;
// }
// }
List
<
System
>
systemList
=
userService
.
findSystemWithUserPermission
(
user
.
getId
());
List
<
System
>
systemList
=
userService
.
findSystemWithUserPermission
(
user
.
getId
());
/** 修改如果登陆用户为admin用户则直接登陆 huwenbin 2020/5/20 start */
/** 修改如果登陆用户为admin用户则直接登陆 huwenbin 2020/5/20 start */
if
(!
"admin"
.
equals
(
user
.
getUsername
()))
{
if
(!
"admin"
.
equals
(
user
.
getUsername
()))
{
if
((
systemList
==
null
||
systemList
.
isEmpty
()))
{
if
((
systemList
==
null
||
systemList
.
isEmpty
()))
{
this
.
renderJson
(
Ret
.
fail
(
"msg"
,
"您没有权限登录"
+
system
.
getTitle
()
+
"系统"
));
this
.
renderJson
(
Ret
.
fail
(
"msg"
,
"您没有权限登录"
+
system
.
getTitle
()
+
"系统"
));
logService
.
saveAsLog
(
"login"
,
username
,
JwtInterceptor
.
getIpAddr
(
getRequest
()),
logService
.
saveAsLog
(
"login"
,
username
,
JwtInterceptor
.
getIpAddr
(
getRequest
()),
"登录失败,原因:您没有权限登录此系统"
+
app
,
app
);
"登录失败,原因:您没有权限登录此系统"
+
app
,
app
);
return
;
return
;
}
}
Optional
<
System
>
systemOptional
=
userService
.
getSystemByName
(
app
,
systemList
);
Optional
<
System
>
systemOptional
=
userService
.
getSystemByName
(
app
,
systemList
);
if
(!
systemOptional
.
isPresent
())
{
// 没有当前系统的权限
if
(!
systemOptional
.
isPresent
())
{
// 没有当前系统的权限
system
=
systemList
.
get
(
0
);
system
=
systemList
.
get
(
0
);
app
=
system
.
getName
();
app
=
system
.
getName
();
callback
=
system
.
getUrl
();
callback
=
system
.
getUrl
();
}
}
}
}
/** 修改如果登陆用户为admin用户则直接登陆 huwenbin 2020/5/20 end */
/** 修改如果登陆用户为admin用户则直接登陆 huwenbin 2020/5/20 end */
try
{
try
{
String
jws
=
Jwts
.
builder
()
String
jws
=
Jwts
.
builder
()
// 设置密匙ID
// 设置密匙ID
.
setHeaderParam
(
JwsHeader
.
KEY_ID
,
system
.
getKeyid
())
.
setHeaderParam
(
JwsHeader
.
KEY_ID
,
system
.
getKeyid
())
// 赋予应用
// 赋予应用
.
setSubject
(
app
)
.
setSubject
(
app
)
// 签发时间
// 签发时间
.
setIssuedAt
(
new
Date
())
.
setIssuedAt
(
new
Date
())
// 超期时间
// 超期时间
.
setExpiration
(
new
Date
(
java
.
lang
.
System
.
currentTimeMillis
()
+
EXPIRATION
))
.
setExpiration
(
new
Date
(
java
.
lang
.
System
.
currentTimeMillis
()
+
EXPIRATION
))
// 用户名
// 用户名
.
claim
(
"name"
,
username
).
claim
(
"ip"
,
JwtInterceptor
.
getIpAddr
(
getRequest
()))
.
claim
(
"name"
,
username
).
claim
(
"ip"
,
JwtInterceptor
.
getIpAddr
(
getRequest
()))
// 签名
// 签名
.
signWith
(
KeysUtil
.
privatekey
(
system
.
getPrivatekey
()),
SignatureAlgorithm
.
RS256
).
compact
();
.
signWith
(
KeysUtil
.
privatekey
(
system
.
getPrivatekey
()),
SignatureAlgorithm
.
RS256
).
compact
();
if
(
errorcount
!=
null
&&
errorcount
!=
0
)
{
if
(
errorcount
!=
null
&&
errorcount
!=
0
)
{
this
.
setErrZero
(
user
);
this
.
setErrZero
(
user
);
}
}
/**
/**
* 20200706 lidecai 将用户信息保存到Redis start
* 20200706 lidecai 将用户信息保存到Redis start
*/
*/
Map
<
Object
,
Object
>
userInfo
=
new
HashMap
<>();
Map
<
Object
,
Object
>
userInfo
=
new
HashMap
<>();
Iterator
<
Entry
<
String
,
Object
>>
userIterator
=
user
.
_getAttrsEntrySet
().
iterator
();
Iterator
<
Entry
<
String
,
Object
>>
userIterator
=
user
.
_getAttrsEntrySet
().
iterator
();
Entry
<
String
,
Object
>
nextAttr
=
null
;
Entry
<
String
,
Object
>
nextAttr
=
null
;
while
(
userIterator
.
hasNext
())
{
while
(
userIterator
.
hasNext
())
{
nextAttr
=
userIterator
.
next
();
nextAttr
=
userIterator
.
next
();
userInfo
.
put
(
nextAttr
.
getKey
().
trim
().
toLowerCase
(),
nextAttr
.
getValue
());
userInfo
.
put
(
nextAttr
.
getKey
().
trim
().
toLowerCase
(),
nextAttr
.
getValue
());
}
}
try
{
try
{
Redis
.
use
().
hmset
(
username
+
"_INFO"
,
userInfo
);
Redis
.
use
().
hmset
(
username
+
"_INFO"
,
userInfo
);
// 设置过期时间
// 设置过期时间
Redis
.
use
().
expire
(
username
,
60
*
60
*
24
);
Redis
.
use
().
expire
(
username
,
60
*
60
*
24
);
}
catch
(
Exception
e
)
{
}
catch
(
Exception
e
)
{
e
.
printStackTrace
();
e
.
printStackTrace
();
}
}
Boolean
aBoolean
=
userService
.
verifyPassword
(
verify
);
Boolean
aBoolean
=
userService
.
verifyPassword
(
verify
);
this
.
renderJson
(
Ret
.
ok
(
"token"
,
jws
).
set
(
"callback"
,
callback
).
set
(
"verify"
,
aBoolean
));
this
.
renderJson
(
Ret
.
ok
(
"token"
,
jws
).
set
(
"callback"
,
callback
).
set
(
"verify"
,
aBoolean
));
logService
.
saveAsLog
(
"login"
,
username
,
JwtInterceptor
.
getIpAddr
(
getRequest
()),
username
+
"登录"
+
app
+
"成功"
,
app
);
logService
.
saveAsLog
(
"login"
,
username
,
JwtInterceptor
.
getIpAddr
(
getRequest
()),
username
+
"登录"
+
app
+
"成功"
,
app
);
/**
/**
* 20200706 lidecai 将用户信息保存到Redis end
* 20200706 lidecai 将用户信息保存到Redis end
*/
*/
}
catch
(
Exception
e
)
{
}
catch
(
Exception
e
)
{
log
.
error
(
"生成登录票据失败"
,
e
);
log
.
error
(
"生成登录票据失败"
,
e
);
this
.
renderJson
(
Ret
.
fail
(
"msg"
,
"生成登录票据失败"
));
this
.
renderJson
(
Ret
.
fail
(
"msg"
,
"生成登录票据失败"
));
logService
.
saveAsLog
(
"login"
,
username
,
JwtInterceptor
.
getIpAddr
(
getRequest
()),
"生成登录票据失败"
,
app
);
logService
.
saveAsLog
(
"login"
,
username
,
JwtInterceptor
.
getIpAddr
(
getRequest
()),
"生成登录票据失败"
,
app
);
}
}
}
}
/**
/**
* @Description: 验证密码强度
* @Description: 验证密码强度
* @authorAndDate: ChengYaqing create on 2020/10/30 10:38
* @authorAndDate: ChengYaqing create on 2020/10/30 10:38
* @return void
* @return void
*/
*/
public
void
verifyPassword
()
{
public
void
verifyPassword
()
{
String
password
=
getPara
(
"password"
);
String
password
=
getPara
(
"password"
);
if
(
password
==
null
||
""
.
equals
(
password
)||
"null"
.
equals
(
password
))
{
if
(
password
==
null
||
""
.
equals
(
password
)||
"null"
.
equals
(
password
))
{
renderJson
(
Ret
.
fail
(
"msg"
,
"密码不能为空"
));
renderJson
(
Ret
.
fail
(
"msg"
,
"密码不能为空"
));
return
;
return
;
}
}
try
{
try
{
password
=
decrypt
(
password
);
password
=
decrypt
(
password
);
}
catch
(
Exception
e1
)
{
}
catch
(
Exception
e1
)
{
e1
.
printStackTrace
();
e1
.
printStackTrace
();
password
=
this
.
getPara
(
"password"
);
password
=
this
.
getPara
(
"password"
);
}
}
try
{
try
{
String
verify
=
userService
.
verifyPasswordInfo
(
password
);
String
verify
=
userService
.
verifyPasswordInfo
(
password
);
if
(
""
.
equals
(
verify
))
{
if
(
""
.
equals
(
verify
))
{
renderJson
(
Ret
.
ok
());
renderJson
(
Ret
.
ok
());
}
else
{
}
else
{
renderJson
(
Ret
.
fail
(
"msg"
,
verify
));
renderJson
(
Ret
.
fail
(
"msg"
,
verify
));
}
}
}
catch
(
Exception
e
)
{
}
catch
(
Exception
e
)
{
renderJson
(
Ret
.
fail
(
"error"
,
e
.
getMessage
()));
renderJson
(
Ret
.
fail
(
"error"
,
e
.
getMessage
()));
}
}
}
}
// 密码正确时错误次数清零
// 密码正确时错误次数清零
private
void
setErrZero
(
User
user
)
{
private
void
setErrZero
(
User
user
)
{
Db
.
update
(
Db
.
getSqlPara
(
"updateForOk"
,
Kv
.
by
(
"id"
,
user
.
getId
())));
Db
.
update
(
Db
.
getSqlPara
(
"updateForOk"
,
Kv
.
by
(
"id"
,
user
.
getId
())));
}
}
//密码错误时判断错误次数是否为5次
//密码错误时判断错误次数是否为5次
private
boolean
checkErrorCount
(
User
user
)
{
private
boolean
checkErrorCount
(
User
user
)
{
Kv
cond
=
Kv
.
by
(
"id"
,
user
.
getId
()).
set
(
"hour"
,
hour
).
set
(
"permitLoginTimes"
,
permitLoginTimes
);
Kv
cond
=
Kv
.
by
(
"id"
,
user
.
getId
()).
set
(
"hour"
,
hour
).
set
(
"permitLoginTimes"
,
permitLoginTimes
);
List
<
Record
>
currentList
=
Db
.
find
(
Db
.
getSqlPara
(
"getErrorCount"
,
cond
));
List
<
Record
>
currentList
=
Db
.
find
(
Db
.
getSqlPara
(
"getErrorCount"
,
cond
));
int
currentNum
=
0
;
int
currentNum
=
0
;
for
(
Record
record
:
currentList
)
{
for
(
Record
record
:
currentList
)
{
currentNum
=
Integer
.
parseInt
(
record
.
get
(
"flag"
).
toString
());
currentNum
=
Integer
.
parseInt
(
record
.
get
(
"flag"
).
toString
());
}
}
if
(
currentNum
>=
permitLoginTimes
)
{
if
(
currentNum
>=
permitLoginTimes
)
{
return
true
;
return
true
;
}
else
{
}
else
{
//执行+1或=1的操作
//执行+1或=1的操作
Db
.
update
(
Db
.
getSqlPara
(
"updateForErr"
,
cond
));
Db
.
update
(
Db
.
getSqlPara
(
"updateForErr"
,
cond
));
return
false
;
return
false
;
}
}
}
}
//密码正确时判断次数和锁定时间是否在指定范围内
//密码正确时判断次数和锁定时间是否在指定范围内
private
boolean
checkWhenPwdOk
(
User
user
)
{
private
boolean
checkWhenPwdOk
(
User
user
)
{
List
<
Record
>
currentList
=
Db
.
find
(
Db
.
getSqlPara
(
"checkWhenPwdOk"
,
List
<
Record
>
currentList
=
Db
.
find
(
Db
.
getSqlPara
(
"checkWhenPwdOk"
,
Kv
.
by
(
"id"
,
user
.
getId
()).
set
(
"hour"
,
hour
).
set
(
"permitLoginTimes"
,
permitLoginTimes
)));
Kv
.
by
(
"id"
,
user
.
getId
()).
set
(
"hour"
,
hour
).
set
(
"permitLoginTimes"
,
permitLoginTimes
)));
int
currentNum
=
0
;
int
currentNum
=
0
;
if
(
currentList
==
null
||
currentList
.
size
()
==
0
)
{
if
(
currentList
==
null
||
currentList
.
size
()
==
0
)
{
return
true
;
return
true
;
}
}
for
(
Record
record
:
currentList
)
{
for
(
Record
record
:
currentList
)
{
currentNum
=
Integer
.
parseInt
(
record
.
get
(
"flag"
).
toString
());
currentNum
=
Integer
.
parseInt
(
record
.
get
(
"flag"
).
toString
());
}
}
if
(
currentNum
>=
permitLoginTimes
)
{
if
(
currentNum
>=
permitLoginTimes
)
{
return
false
;
return
false
;
}
else
{
}
else
{
return
true
;
return
true
;
}
}
}
}
/**
/**
* 通过门户系统单点登录
* 通过门户系统单点登录
*
*
* @author Guo XJ
* @author Guo XJ
* @date 2019-12-13 15:08:00
* @date 2019-12-13 15:08:00
*/
*/
public
void
ssoByPortalSystem
()
{
public
void
ssoByPortalSystem
()
{
try
{
try
{
//获取app
//获取app
String
app
=
getPara
(
"app"
,
null
);
String
app
=
getPara
(
"app"
,
null
);
if
(
app
==
null
)
{
if
(
app
==
null
)
{
renderJson
(
Ret
.
fail
(
"msg"
,
"获取服务信息失败"
));
renderJson
(
Ret
.
fail
(
"msg"
,
"获取服务信息失败"
));
return
;
return
;
}
}
//获取到门户系统的Token
//获取到门户系统的Token
String
ssotoken
=
getPara
(
"ssotoken"
);
String
ssotoken
=
getPara
(
"ssotoken"
);
//获取到personCode(用户唯一标识)
//获取到personCode(用户唯一标识)
SsoToken
st
=
new
SsoToken
();
SsoToken
st
=
new
SsoToken
();
st
.
initialise
(
ssotoken
);
st
.
initialise
(
ssotoken
);
String
personCode
=
st
.
getTokenId
();
String
personCode
=
st
.
getTokenId
();
//获取用户
//获取用户
Record
user
=
userService
.
getUserInfoByPersonCode
(
personCode
);
Record
user
=
userService
.
getUserInfoByPersonCode
(
personCode
);
System
system
=
System
.
dao
.
template
(
"getSystemPrivatekey"
,
app
).
findFirst
();
System
system
=
System
.
dao
.
template
(
"getSystemPrivatekey"
,
app
).
findFirst
();
if
(
system
==
null
)
{
if
(
system
==
null
)
{
renderJson
(
Ret
.
fail
(
"msg"
,
"获取服务信息失败"
));
renderJson
(
Ret
.
fail
(
"msg"
,
"获取服务信息失败"
));
return
;
return
;
}
}
//判断用户是否存在
//判断用户是否存在
if
(
user
!=
null
&&
user
.
getStr
(
"username"
)
!=
null
)
{
if
(
user
!=
null
&&
user
.
getStr
(
"username"
)
!=
null
)
{
String
jws
=
Jwts
.
builder
()
String
jws
=
Jwts
.
builder
()
// 设置密匙ID
// 设置密匙ID
.
setHeaderParam
(
JwsHeader
.
KEY_ID
,
system
.
getKeyid
())
.
setHeaderParam
(
JwsHeader
.
KEY_ID
,
system
.
getKeyid
())
// 赋予应用
// 赋予应用
.
setSubject
(
app
)
.
setSubject
(
app
)
// 签发时间
// 签发时间
.
setIssuedAt
(
new
Date
())
.
setIssuedAt
(
new
Date
())
// 超期时间
// 超期时间
.
setExpiration
(
new
Date
(
java
.
lang
.
System
.
currentTimeMillis
()
+
EXPIRATION
))
.
setExpiration
(
new
Date
(
java
.
lang
.
System
.
currentTimeMillis
()
+
EXPIRATION
))
// 用户名
// 用户名
.
claim
(
"name"
,
user
.
getStr
(
"username"
)).
claim
(
"ip"
,
JwtInterceptor
.
getIpAddr
(
getRequest
()))
.
claim
(
"name"
,
user
.
getStr
(
"username"
)).
claim
(
"ip"
,
JwtInterceptor
.
getIpAddr
(
getRequest
()))
// 签名
// 签名
.
signWith
(
KeysUtil
.
privatekey
(
system
.
getPrivatekey
()),
SignatureAlgorithm
.
RS256
).
compact
();
.
signWith
(
KeysUtil
.
privatekey
(
system
.
getPrivatekey
()),
SignatureAlgorithm
.
RS256
).
compact
();
this
.
renderJson
(
Ret
.
ok
(
"token"
,
jws
));
this
.
renderJson
(
Ret
.
ok
(
"token"
,
jws
));
return
;
return
;
}
else
{
}
else
{
this
.
renderJson
(
Ret
.
fail
(
"msg"
,
"没有找到当前用户"
));
this
.
renderJson
(
Ret
.
fail
(
"msg"
,
"没有找到当前用户"
));
return
;
return
;
}
}
}
catch
(
Exception
e
)
{
}
catch
(
Exception
e
)
{
// TODO: handle exception
// TODO: handle exception
e
.
printStackTrace
();
e
.
printStackTrace
();
this
.
renderJson
(
Ret
.
fail
(
"msg"
,
"登录出错!"
));
this
.
renderJson
(
Ret
.
fail
(
"msg"
,
"登录出错!"
));
}
}
}
}
/**
/**
* 根据邮政门户传回的code 获取用户信息
* 根据邮政门户传回的code 获取用户信息
*
*
* @Title: getUserInfoForH5
* @Title: getUserInfoForH5
* @author LDC
* @author LDC
* @date 2019-11-19 03:22:34
* @date 2019-11-19 03:22:34
*/
*/
@Clear
@Clear
public
void
getUserInfoForH5
()
{
public
void
getUserInfoForH5
()
{
String
code
=
getPara
(
"code"
,
null
);
String
code
=
getPara
(
"code"
,
null
);
if
(
code
==
null
)
{
if
(
code
==
null
)
{
renderJson
(
Ret
.
fail
(
"msg"
,
"获取用户信息失败"
));
renderJson
(
Ret
.
fail
(
"msg"
,
"获取用户信息失败"
));
return
;
return
;
}
}
String
app
=
getPara
(
"app"
,
null
);
String
app
=
getPara
(
"app"
,
null
);
if
(
app
==
null
)
{
if
(
app
==
null
)
{
renderJson
(
Ret
.
fail
(
"msg"
,
"获取服务信息失败"
));
renderJson
(
Ret
.
fail
(
"msg"
,
"获取服务信息失败"
));
return
;
return
;
}
}
Map
<
String
,
String
>
paramMap
=
new
LinkedHashMap
<
String
,
String
>();
Map
<
String
,
String
>
paramMap
=
new
LinkedHashMap
<
String
,
String
>();
paramMap
.
put
(
"client_id"
,
"MmEepJkH7Hiz7EtS"
);
paramMap
.
put
(
"client_id"
,
"MmEepJkH7Hiz7EtS"
);
paramMap
.
put
(
"code"
,
code
);
paramMap
.
put
(
"code"
,
code
);
paramMap
.
put
(
"state"
,
"1"
);
paramMap
.
put
(
"state"
,
"1"
);
paramMap
.
put
(
"grant_type"
,
"authorization_code"
);
paramMap
.
put
(
"grant_type"
,
"authorization_code"
);
paramMap
.
put
(
"scope"
,
"scope"
);
paramMap
.
put
(
"scope"
,
"scope"
);
paramMap
.
put
(
"redirect_uri"
,
PropKit
.
get
(
"redirect_uri"
));
paramMap
.
put
(
"redirect_uri"
,
PropKit
.
get
(
"redirect_uri"
));
Iterator
<
Entry
<
String
,
String
>>
entrySet
=
paramMap
.
entrySet
().
iterator
();
Iterator
<
Entry
<
String
,
String
>>
entrySet
=
paramMap
.
entrySet
().
iterator
();
StringBuilder
builder
=
new
StringBuilder
();
StringBuilder
builder
=
new
StringBuilder
();
while
(
entrySet
.
hasNext
())
{
while
(
entrySet
.
hasNext
())
{
Entry
<
String
,
String
>
next
=
entrySet
.
next
();
Entry
<
String
,
String
>
next
=
entrySet
.
next
();
builder
.
append
(
next
.
getKey
()).
append
(
"="
).
append
(
next
.
getValue
()).
append
(
"&"
);
builder
.
append
(
next
.
getKey
()).
append
(
"="
).
append
(
next
.
getValue
()).
append
(
"&"
);
}
}
String
param
=
builder
.
deleteCharAt
(
builder
.
length
()
-
1
).
toString
();
String
param
=
builder
.
deleteCharAt
(
builder
.
length
()
-
1
).
toString
();
Kv
header
=
Kv
.
by
(
"Content-type"
,
"application/x-www-form-urlencoded"
);
Kv
header
=
Kv
.
by
(
"Content-type"
,
"application/x-www-form-urlencoded"
);
String
result
=
HttpRequestUtil
.
sendPost
(
PropKit
.
get
(
"authUrl"
),
param
,
header
);
String
result
=
HttpRequestUtil
.
sendPost
(
PropKit
.
get
(
"authUrl"
),
param
,
header
);
Kv
parseObject
=
JSON
.
parseObject
(
result
,
Kv
.
class
);
Kv
parseObject
=
JSON
.
parseObject
(
result
,
Kv
.
class
);
Object
access_token
=
parseObject
.
get
(
"access_token"
);
Object
access_token
=
parseObject
.
get
(
"access_token"
);
if
(
access_token
==
null
)
{
if
(
access_token
==
null
)
{
renderJson
(
Ret
.
fail
(
"msg"
,
"获取授权失败,请重新登录"
));
renderJson
(
Ret
.
fail
(
"msg"
,
"获取授权失败,请重新登录"
));
return
;
return
;
}
}
String
sendPost
=
HttpRequestUtil
.
sendPost
(
PropKit
.
get
(
"userInfoUrl"
),
String
sendPost
=
HttpRequestUtil
.
sendPost
(
PropKit
.
get
(
"userInfoUrl"
),
"access_token="
+
access_token
.
toString
(),
header
);
"access_token="
+
access_token
.
toString
(),
header
);
Kv
userObj
=
JSON
.
parseObject
(
sendPost
,
Kv
.
class
);
Kv
userObj
=
JSON
.
parseObject
(
sendPost
,
Kv
.
class
);
Object
uuid
=
userObj
.
get
(
"uuid"
);
Object
uuid
=
userObj
.
get
(
"uuid"
);
if
(
uuid
==
null
)
{
if
(
uuid
==
null
)
{
renderJson
(
Ret
.
fail
(
"msg"
,
"获取用户信息失败"
));
renderJson
(
Ret
.
fail
(
"msg"
,
"获取用户信息失败"
));
return
;
return
;
}
}
System
system
=
System
.
dao
.
template
(
"getSystemPrivatekey"
,
app
).
findFirst
();
System
system
=
System
.
dao
.
template
(
"getSystemPrivatekey"
,
app
).
findFirst
();
if
(
system
==
null
)
{
if
(
system
==
null
)
{
renderJson
(
Ret
.
fail
(
"msg"
,
"获取服务信息失败"
));
renderJson
(
Ret
.
fail
(
"msg"
,
"获取服务信息失败"
));
return
;
return
;
}
}
Record
userInfo
=
Db
.
findById
(
"AS_USER"
,
"UUID"
,
uuid
.
toString
());
Record
userInfo
=
Db
.
findById
(
"AS_USER"
,
"UUID"
,
uuid
.
toString
());
if
(
userInfo
==
null
)
{
if
(
userInfo
==
null
)
{
renderJson
(
Ret
.
fail
(
"msg"
,
"没有找到当前用户"
));
renderJson
(
Ret
.
fail
(
"msg"
,
"没有找到当前用户"
));
return
;
return
;
}
}
String
userName
=
userInfo
.
getStr
(
"USERNAME"
);
String
userName
=
userInfo
.
getStr
(
"USERNAME"
);
if
(
userName
==
null
)
{
if
(
userName
==
null
)
{
renderJson
(
Ret
.
fail
(
"msg"
,
"获取用户名失败"
));
renderJson
(
Ret
.
fail
(
"msg"
,
"获取用户名失败"
));
return
;
return
;
}
}
try
{
try
{
String
jws
=
Jwts
.
builder
()
String
jws
=
Jwts
.
builder
()
// 设置密匙ID
// 设置密匙ID
.
setHeaderParam
(
JwsHeader
.
KEY_ID
,
system
.
getKeyid
())
.
setHeaderParam
(
JwsHeader
.
KEY_ID
,
system
.
getKeyid
())
// 赋予应用
// 赋予应用
.
setSubject
(
app
)
.
setSubject
(
app
)
// 签发时间
// 签发时间
.
setIssuedAt
(
new
Date
())
.
setIssuedAt
(
new
Date
())
// 超期时间
// 超期时间
.
setExpiration
(
new
Date
(
java
.
lang
.
System
.
currentTimeMillis
()
+
EXPIRATION
))
.
setExpiration
(
new
Date
(
java
.
lang
.
System
.
currentTimeMillis
()
+
EXPIRATION
))
// 用户名
// 用户名
.
claim
(
"name"
,
userName
).
claim
(
"ip"
,
JwtInterceptor
.
getIpAddr
(
getRequest
()))
.
claim
(
"name"
,
userName
).
claim
(
"ip"
,
JwtInterceptor
.
getIpAddr
(
getRequest
()))
// 签名
// 签名
.
signWith
(
KeysUtil
.
privatekey
(
system
.
getPrivatekey
()),
SignatureAlgorithm
.
RS256
).
compact
();
.
signWith
(
KeysUtil
.
privatekey
(
system
.
getPrivatekey
()),
SignatureAlgorithm
.
RS256
).
compact
();
this
.
renderJson
(
Ret
.
ok
(
"token"
,
jws
));
this
.
renderJson
(
Ret
.
ok
(
"token"
,
jws
));
logService
.
saveAsLog
(
"login"
,
userName
,
JwtInterceptor
.
getIpAddr
(
getRequest
()),
logService
.
saveAsLog
(
"login"
,
userName
,
JwtInterceptor
.
getIpAddr
(
getRequest
()),
userName
+
"登录"
+
app
+
"成功"
,
app
);
userName
+
"登录"
+
app
+
"成功"
,
app
);
}
catch
(
Exception
e
)
{
}
catch
(
Exception
e
)
{
log
.
error
(
"生成登录票据失败"
,
e
);
log
.
error
(
"生成登录票据失败"
,
e
);
this
.
renderJson
(
Ret
.
fail
(
"msg"
,
"生成登录票据失败"
));
this
.
renderJson
(
Ret
.
fail
(
"msg"
,
"生成登录票据失败"
));
logService
.
saveAsLog
(
"login"
,
userName
,
JwtInterceptor
.
getIpAddr
(
getRequest
()),
"生成登录票据失败"
,
app
);
logService
.
saveAsLog
(
"login"
,
userName
,
JwtInterceptor
.
getIpAddr
(
getRequest
()),
"生成登录票据失败"
,
app
);
}
}
}
}
/**
/**
* 退出系统,清空Redis 中的用户信息
* 退出系统,清空Redis 中的用户信息
* @Time:2020年7月6日 - 下午5:19:58
* @Time:2020年7月6日 - 下午5:19:58
* @author:李德才
* @author:李德才
* @param:
* @param:
* @return: void
* @return: void
* @throws
* @throws
*/
*/
public
void
loginOut
()
{
public
void
loginOut
()
{
String
userName
=
getAttrForStr
(
"username"
);
String
userName
=
getAttrForStr
(
"username"
);
Redis
.
use
().
del
(
userName
+
"_INFO"
);
Redis
.
use
().
del
(
userName
+
"_INFO"
);
renderJson
(
Ret
.
ok
());
renderJson
(
Ret
.
ok
());
}
}
}
}
src/main/java/com/archser/aserver/controller/SystemController.java
View file @
cc0c82c6
package
com
.
archser
.
aserver
.
controller
;
package
com
.
archser
.
aserver
.
controller
;
import
java.util.List
;
import
com.archser.aserver.interceptor.JwtInterceptor
;
import
com.archser.aserver.interceptor.JwtInterceptor
;
import
com.archser.aserver.model.System
;
import
com.archser.aserver.model.System
;
import
com.archser.aserver.service.LogService
;
import
com.archser.aserver.service.LogService
;
import
com.archser.aserver.service.SystemService
;
import
com.archser.aserver.service.SystemService
;
import
com.archser.aserver.util.JwtUtils
;
import
com.jfinal.aop.Before
;
import
com.jfinal.aop.Before
;
import
com.jfinal.aop.Clear
;
import
com.jfinal.aop.Clear
;
import
com.jfinal.aop.Inject
;
import
com.jfinal.aop.Inject
;
...
@@ -14,6 +13,8 @@ import com.jfinal.kit.Ret;
...
@@ -14,6 +13,8 @@ import com.jfinal.kit.Ret;
import
com.jfinal.kit.StrKit
;
import
com.jfinal.kit.StrKit
;
import
com.jfinal.plugin.activerecord.tx.Tx
;
import
com.jfinal.plugin.activerecord.tx.Tx
;
import
java.util.List
;
/**
/**
* 应用相关
* 应用相关
*
*
...
@@ -150,4 +151,15 @@ public class SystemController extends Controller {
...
@@ -150,4 +151,15 @@ public class SystemController extends Controller {
this
.
renderJson
(
Ret
.
ok
(
"system"
,
system
));
this
.
renderJson
(
Ret
.
ok
(
"system"
,
system
));
}
}
/**
* 获取系统url和生成用户token
*/
public
void
getTokenAndUrl
()
{
Integer
systemId
=
this
.
getParaToInt
(
"systemId"
);
String
username
=
this
.
getAttrForStr
(
"username"
);
System
system
=
System
.
dao
.
findById
(
systemId
);
String
token
=
JwtUtils
.
generateToken
(
system
,
username
);
this
.
renderJson
(
Ret
.
ok
(
"token"
,
token
).
set
(
"url"
,
system
.
getUrl
()));
}
}
}
src/main/java/com/archser/aserver/util/JwtUtils.java
0 → 100644
View file @
cc0c82c6
package
com
.
archser
.
aserver
.
util
;
import
com.archser.aserver.controller.IndexController
;
import
com.archser.aserver.interceptor.JwtInterceptor
;
import
com.archser.aserver.model.System
;
import
com.sun.deploy.util.URLUtil
;
import
io.jsonwebtoken.JwsHeader
;
import
io.jsonwebtoken.Jwts
;
import
io.jsonwebtoken.SignatureAlgorithm
;
import
io.undertow.util.URLUtils
;
import
java.net.MalformedURLException
;
import
java.net.URL
;
import
java.util.Date
;
import
java.util.regex.Matcher
;
import
java.util.regex.Pattern
;
/**
* @Auther: huwenbin
* @Date: 2020/11/6 18:16
*/
public
class
JwtUtils
{
public
static
String
generateToken
(
System
system
,
String
username
)
{
URL
url
=
null
;
try
{
url
=
new
URL
(
system
.
getUrl
());
String
host
=
url
.
getHost
();
return
generateToken
(
system
.
getKeyid
(),
system
.
getPrivatekey
(),
system
.
getName
(),
username
,
host
);
}
catch
(
MalformedURLException
ignored
)
{
}
return
null
;
}
public
static
void
main
(
String
[]
args
)
throws
MalformedURLException
{
URL
url
=
new
URL
(
"http://39.104.28.145:11028"
);
String
host
=
url
.
getHost
();
java
.
lang
.
System
.
out
.
println
(
host
);
}
/**
* 生成Token
* @param keyId 系统keyid
* @param privateKey 系统私钥
* @param app 系统名称
* @param username 用户名
* @param ip ip地址
* @return token
*/
public
static
String
generateToken
(
String
keyId
,
String
privateKey
,
String
app
,
String
username
,
String
ip
)
{
return
Jwts
.
builder
()
// 设置密匙ID
.
setHeaderParam
(
JwsHeader
.
KEY_ID
,
keyId
)
// 赋予应用
.
setSubject
(
app
)
// 签发时间
.
setIssuedAt
(
new
Date
())
// 超期时间
.
setExpiration
(
new
Date
(
java
.
lang
.
System
.
currentTimeMillis
()
+
IndexController
.
EXPIRATION
))
// 用户名
.
claim
(
"name"
,
username
).
claim
(
"ip"
,
ip
)
// 签名
.
signWith
(
KeysUtil
.
privatekey
(
privateKey
),
SignatureAlgorithm
.
RS256
).
compact
();
}
}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment