Merge remote-tracking branch 'origin/develop' into develop
This commit is contained in:
Zhaoyang
commit
cae0ba8c7b
|
|
@ -45,7 +45,7 @@ public class DefaultExceptionHandler {
|
|||
}
|
||||
if(isJsonRequest(request)) {
|
||||
log.warn("JSON请求异常", e);
|
||||
return new ResponseEntity<>(map, status);
|
||||
return new ResponseEntity<>(map, HttpStatus.OK);
|
||||
}
|
||||
else {
|
||||
//获取错误页面
|
||||
|
|
|
|||
|
|
@ -0,0 +1,51 @@
|
|||
package com.diboot.shiro.dto;
|
||||
|
||||
import com.diboot.shiro.entity.SysUser;
|
||||
import com.diboot.shiro.enums.IUserType;
|
||||
import lombok.Getter;
|
||||
import lombok.Setter;
|
||||
|
||||
/**
|
||||
* 账号修改类
|
||||
* @author : wee
|
||||
* @version : v2.0
|
||||
* @Date 2019-10-23 13:57
|
||||
*/
|
||||
@Getter
|
||||
@Setter
|
||||
public class AccountDTO {
|
||||
|
||||
/**
|
||||
* 账号id
|
||||
* {@link SysUser#getId()}
|
||||
*/
|
||||
private Long accountId;
|
||||
|
||||
/**
|
||||
* 账号
|
||||
*/
|
||||
private String username;
|
||||
|
||||
/**
|
||||
* 旧密码
|
||||
*/
|
||||
private String oldPassword;
|
||||
|
||||
|
||||
/**
|
||||
* 新密码
|
||||
*/
|
||||
private String password;
|
||||
|
||||
/**
|
||||
* 新重复密码
|
||||
*/
|
||||
private String rePassword;
|
||||
|
||||
/**
|
||||
* 用户类型
|
||||
*/
|
||||
private String userType;
|
||||
|
||||
|
||||
}
|
||||
|
|
@ -84,4 +84,10 @@ public class SysUser extends BaseEntity {
|
|||
|
||||
@TableField(exist = false)
|
||||
private Boolean admin;
|
||||
|
||||
/**
|
||||
* 默认需要创建角色,如果不需要设置为false即可
|
||||
*/
|
||||
@TableField(exist = false)
|
||||
private Boolean createRole = true;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,12 +2,14 @@ package com.diboot.shiro.jwt;
|
|||
|
||||
import com.diboot.core.entity.BaseEntity;
|
||||
import com.diboot.core.util.V;
|
||||
import com.diboot.core.vo.Status;
|
||||
import com.diboot.shiro.entity.Permission;
|
||||
import com.diboot.shiro.entity.SysUser;
|
||||
import com.diboot.shiro.service.AuthWayService;
|
||||
import com.diboot.shiro.service.RoleService;
|
||||
import com.diboot.shiro.service.UserRoleService;
|
||||
import com.diboot.shiro.vo.RoleVO;
|
||||
import org.apache.shiro.ShiroException;
|
||||
import org.apache.shiro.authc.AuthenticationException;
|
||||
import org.apache.shiro.authc.AuthenticationInfo;
|
||||
import org.apache.shiro.authc.AuthenticationToken;
|
||||
|
|
@ -55,7 +57,6 @@ public class BaseJwtRealm extends AuthorizingRealm {
|
|||
BaseJwtAuthenticationToken jwtToken = (BaseJwtAuthenticationToken) token;
|
||||
|
||||
String account = (String) jwtToken.getPrincipal();
|
||||
|
||||
if (V.isEmpty(account)){
|
||||
throw new AuthenticationException("无效的token");
|
||||
}
|
||||
|
|
@ -63,12 +64,15 @@ public class BaseJwtRealm extends AuthorizingRealm {
|
|||
// 获取认证方式
|
||||
AuthWayService authWayService = jwtToken.getAuthWayService();
|
||||
|
||||
BaseEntity user = authWayService.getUser();
|
||||
SysUser user = authWayService.getUser();
|
||||
|
||||
// 登录失败则抛出相关异常
|
||||
if (user == null){
|
||||
throw new AuthenticationException("用户不存在");
|
||||
}
|
||||
if (!jwtToken.getStatusList().contains(user.getStatus())) {
|
||||
throw new AuthenticationException("用户暂时不可用!");
|
||||
}
|
||||
|
||||
if (authWayService.requirePassword() && !authWayService.isPasswordMatch()){
|
||||
throw new AuthenticationException("用户名或密码错误");
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
package com.diboot.shiro.service;
|
||||
|
||||
import com.diboot.core.service.BaseService;
|
||||
import com.diboot.shiro.dto.AccountDTO;
|
||||
import com.diboot.shiro.entity.SysUser;
|
||||
import com.diboot.shiro.entity.TokenAccountInfo;
|
||||
import com.diboot.shiro.enums.IUserType;
|
||||
|
|
@ -59,6 +60,13 @@ public interface SysUserService extends BaseService<SysUser> {
|
|||
* @throws Exception
|
||||
*/
|
||||
SysUser getLoginAccountInfo(TokenAccountInfo account) throws Exception;
|
||||
/**
|
||||
* 通过账户和类别获取用户
|
||||
* @param account
|
||||
* @return
|
||||
* @throws Exception
|
||||
*/
|
||||
SysUser getByAccountInfo(TokenAccountInfo account) throws Exception;
|
||||
|
||||
/**
|
||||
* 根据用户信息的id 和 用户类型,获取对应的账户 和 账户关联的信息
|
||||
|
|
@ -76,4 +84,18 @@ public interface SysUserService extends BaseService<SysUser> {
|
|||
*/
|
||||
SysUser getSysUser(Long userId, IUserType iUserType);
|
||||
|
||||
/**
|
||||
* 修改密码
|
||||
* @param accountDTO
|
||||
* @return
|
||||
*/
|
||||
boolean changePassword(AccountDTO accountDTO);
|
||||
|
||||
/**
|
||||
* 修改账号
|
||||
* @param accountDTO
|
||||
* @return
|
||||
*/
|
||||
boolean changeAccount(AccountDTO accountDTO);
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,13 +1,17 @@
|
|||
package com.diboot.shiro.service.impl;
|
||||
|
||||
import com.baomidou.mybatisplus.core.conditions.Wrapper;
|
||||
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
|
||||
import com.baomidou.mybatisplus.core.conditions.update.LambdaUpdateWrapper;
|
||||
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
|
||||
import com.baomidou.mybatisplus.extension.service.additional.update.impl.UpdateChainWrapper;
|
||||
import com.diboot.core.service.impl.BaseServiceImpl;
|
||||
import com.diboot.core.util.BeanUtils;
|
||||
import com.diboot.core.util.S;
|
||||
import com.diboot.core.util.V;
|
||||
import com.diboot.core.vo.Status;
|
||||
import com.diboot.shiro.authz.config.SystemParamConfig;
|
||||
import com.diboot.shiro.dto.AccountDTO;
|
||||
import com.diboot.shiro.entity.*;
|
||||
import com.diboot.shiro.enums.IUserType;
|
||||
import com.diboot.shiro.exception.ShiroCustomException;
|
||||
|
|
@ -17,6 +21,7 @@ import com.diboot.shiro.service.RoleService;
|
|||
import com.diboot.shiro.service.SysUserService;
|
||||
import com.diboot.shiro.service.UserRoleService;
|
||||
import com.diboot.shiro.util.AuthHelper;
|
||||
import com.diboot.shiro.util.JwtHelper;
|
||||
import com.diboot.shiro.vo.RoleVO;
|
||||
import com.diboot.shiro.vo.SysUserVO;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
|
|
@ -83,10 +88,13 @@ public class SysUserServiceImpl extends BaseServiceImpl<SysUserMapper, SysUser>
|
|||
if(!success){
|
||||
throw new ShiroCustomException(Status.FAIL_VALIDATION, "创建用户失败!");
|
||||
}
|
||||
//构建 + 创建(账户-角色)关系
|
||||
success = this.createUserRole(sysUser);
|
||||
if (!success) {
|
||||
throw new ShiroCustomException(Status.FAIL_VALIDATION, "创建用户失败!");
|
||||
//设置是否创建角色
|
||||
if (sysUser.getCreateRole()) {
|
||||
//构建 + 创建(账户-角色)关系
|
||||
success = this.createUserRole(sysUser);
|
||||
if (!success) {
|
||||
throw new ShiroCustomException(Status.FAIL_VALIDATION, "创建用户失败!");
|
||||
}
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
|
@ -163,12 +171,20 @@ public class SysUserServiceImpl extends BaseServiceImpl<SysUserMapper, SysUser>
|
|||
//构建关系
|
||||
Map<Long, SysUser> sysUserMap = buildSysUserAndRoleAndPermissionRelation(sysUserList);
|
||||
SysUser sysUser = sysUserMap.get(sysUserList.get(0).getUserId());
|
||||
if (V.isEmpty(sysUser.getRoleVOList())) {
|
||||
throw new ShiroCustomException(Status.FAIL_OPERATION, "未配置角色,获取数据失败");
|
||||
}
|
||||
// if (V.isEmpty(sysUser.getRoleVOList())) {
|
||||
// throw new ShiroCustomException(Status.FAIL_OPERATION, "未配置角色,获取数据失败");
|
||||
// }
|
||||
return sysUser;
|
||||
}
|
||||
|
||||
@Override
|
||||
public SysUser getByAccountInfo(TokenAccountInfo account) throws Exception {
|
||||
LambdaQueryWrapper<SysUser> sysUserLambdaQueryWrapper = Wrappers.<SysUser>lambdaQuery()
|
||||
.eq(SysUser::getUsername, account.getAccount())
|
||||
.eq(SysUser::getUserType, account.getUserType());
|
||||
return getOne(sysUserLambdaQueryWrapper);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Map<Long, SysUser> getSysUserListWithRolesAndPermissionsByUserIdList(List<Long> userIdList, IUserType iUserType) {
|
||||
//1、获取账户信息
|
||||
|
|
@ -201,6 +217,39 @@ public class SysUserServiceImpl extends BaseServiceImpl<SysUserMapper, SysUser>
|
|||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean changePassword(AccountDTO accountDTO) {
|
||||
SysUser dbSysUser = getById(accountDTO.getAccountId());
|
||||
if (V.isEmpty(dbSysUser)) {
|
||||
throw new ShiroCustomException(Status.FAIL_OPERATION, "用户不存在,修改密码失败");
|
||||
}
|
||||
if (V.isEmpty(accountDTO.getPassword()) || V.isEmpty(accountDTO.getRePassword()) || V.isEmpty(accountDTO.getOldPassword())) {
|
||||
throw new ShiroCustomException(Status.FAIL_OPERATION, "新旧密码不能为空");
|
||||
}
|
||||
if (!accountDTO.getPassword().equals(accountDTO.getRePassword())) {
|
||||
throw new ShiroCustomException(Status.FAIL_OPERATION, "两次密码不一致");
|
||||
}
|
||||
|
||||
if (!S.equals(AuthHelper.encryptMD5(accountDTO.getOldPassword(), dbSysUser.getSalt(), true), dbSysUser.getPassword())){
|
||||
throw new ShiroCustomException(Status.FAIL_OPERATION, "原密码错误");
|
||||
}
|
||||
//生成新的加密盐
|
||||
String newSalt = AuthHelper.createSalt();
|
||||
LambdaUpdateWrapper<SysUser> updateWrapper = Wrappers.<SysUser>lambdaUpdate()
|
||||
.set(true, SysUser::getPassword, AuthHelper.encryptMD5(accountDTO.getPassword(), newSalt, true))
|
||||
.set(true, SysUser::getSalt, newSalt)
|
||||
.eq(SysUser::getId, accountDTO.getAccountId());
|
||||
return update(updateWrapper);
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean changeAccount(AccountDTO accountDTO) {
|
||||
LambdaUpdateWrapper<SysUser> updateWrapper = Wrappers.<SysUser>lambdaUpdate()
|
||||
.set(true, SysUser::getUsername, accountDTO.getUsername())
|
||||
.eq(SysUser::getId, accountDTO.getAccountId());
|
||||
return update(updateWrapper);
|
||||
}
|
||||
|
||||
/**
|
||||
* 组装账户 1-n 角色 1-n 权限关系
|
||||
* @param sysUserList
|
||||
|
|
|
|||
|
|
@ -50,8 +50,7 @@ public class UsernamePasswordAuthWayServiceImpl implements AuthWayService {
|
|||
logger.debug("【获取用户】==>当前登陆用户类型 - {},- 账号{}", token.getIUserType().getType(), token.getAccount());
|
||||
LambdaQueryWrapper<SysUser> query = Wrappers.<SysUser>lambdaQuery()
|
||||
.eq(SysUser::getUsername, token.getAccount())
|
||||
.eq(SysUser::getUserType, token.getIUserType().getType())
|
||||
.in(SysUser::getStatus, token.getStatusList());
|
||||
.eq(SysUser::getUserType, token.getIUserType().getType());
|
||||
List<SysUser> userList = sysUserService.getEntityList(query);
|
||||
if (V.isEmpty(userList)){
|
||||
return null;
|
||||
|
|
@ -66,12 +65,17 @@ public class UsernamePasswordAuthWayServiceImpl implements AuthWayService {
|
|||
|
||||
@Override
|
||||
public boolean isPasswordMatch() {
|
||||
if (V.isEmpty(token.getIUserType())) {
|
||||
logger.debug("用户名密码登陆,用户类型不能为空");
|
||||
return false;
|
||||
}
|
||||
String password = token.getPassword();
|
||||
|
||||
// 构建查询条件
|
||||
QueryWrapper<SysUser> queryWrapper = new QueryWrapper<>();
|
||||
queryWrapper.lambda()
|
||||
.eq(SysUser::getUsername, token.getAccount());
|
||||
.eq(SysUser::getUsername, token.getAccount())
|
||||
.eq(SysUser::getUserType, token.getIUserType().getType());
|
||||
|
||||
// 获取单条用户记录
|
||||
List<SysUser> userList = sysUserService.getEntityList(queryWrapper);
|
||||
|
|
|
|||
Loading…
Reference in New Issue