From 05a7b85b78eb154bdef86134ee9c5630956f8943 Mon Sep 17 00:00:00 2001
From: ludc
Date: 星期四, 23 三月 2023 11:41:08 +0800
Subject: [PATCH] 修改ip访问白名单配置开启
---
Source/BladeX/blade-common/src/main/java/org/springblade/common/constant/LauncherConstant.java | 6 +-
Source/BladeX/blade-service/blade-user/src/main/java/org/springblade/system/user/mapper/UserMapper.xml | 27 +++++++++----
Source/BladeX/blade-service-api/blade-user-api/src/main/java/org/springblade/system/user/entity/User.java | 6 +++
Source/BladeX/blade-auth/src/main/java/org/springblade/auth/service/BladeUserDetailsServiceImpl.java | 33 +++++++---------
Source/BladeX/service-stop.sh | 30 +++++++-------
5 files changed, 56 insertions(+), 46 deletions(-)
diff --git a/Source/BladeX/blade-auth/src/main/java/org/springblade/auth/service/BladeUserDetailsServiceImpl.java b/Source/BladeX/blade-auth/src/main/java/org/springblade/auth/service/BladeUserDetailsServiceImpl.java
index f1d2fdf..d5c89f4 100644
--- a/Source/BladeX/blade-auth/src/main/java/org/springblade/auth/service/BladeUserDetailsServiceImpl.java
+++ b/Source/BladeX/blade-auth/src/main/java/org/springblade/auth/service/BladeUserDetailsServiceImpl.java
@@ -18,7 +18,8 @@
import com.alibaba.nacos.common.utils.StringUtils;
import io.jsonwebtoken.Claims;
-import lombok.*;
+import lombok.RequiredArgsConstructor;
+import lombok.SneakyThrows;
import me.zhyd.oauth.log.Log;
import org.springblade.auth.constant.AuthConstant;
import org.springblade.auth.utils.TokenUtil;
@@ -36,11 +37,9 @@
import org.springblade.system.user.entity.UserInfo;
import org.springblade.system.user.enums.UserEnum;
import org.springblade.system.user.feign.IUserClient;
-import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
-import org.springframework.security.core.authority.GrantedAuthoritiesContainer;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
@@ -50,11 +49,7 @@
import javax.servlet.http.HttpServletRequest;
import java.time.Duration;
import java.util.ArrayList;
-import java.util.LinkedHashMap;
import java.util.List;
-import java.util.NoSuchElementException;
-import java.util.function.Predicate;
-import java.util.stream.Stream;
/**
* 鐢ㄦ埛淇℃伅
@@ -91,10 +86,12 @@
private String userName;
@Value("${user-info.passwrod}")
private String password;
- @Value("#{'${user-info.ip}'.split(',')}")
- private List<String> ips;
@Value("${user-info.id}")
private String id;
+ @Value("${ip-whitelist.ip-enable}")
+ private Boolean ipEnable;
+ @Value("#{'${ip-whitelist.ip}'.split(',')}")
+ private List<String> ips;
@Override
@SneakyThrows
@@ -131,12 +128,14 @@
setFailCount(tenantId, username, count);
throw new UsernameNotFoundException(TokenUtil.USER_NOT_FOUND);
}
- Log.debug(getIpAddress(request));
//濡傛灉ip姣斿鍚巊et鎶涘嚭寮傚父No value present灏辩洿鎺ユ姏寮傚父缁撴潫鐧诲綍
- try {
- ips.stream().filter(s -> s.equals(getIpAddress(request))).findFirst().get();
- } catch (Exception e){
- throw new UserDeniedAuthorizationException(TokenUtil.IP_NOT_FOND);
+ if(ipEnable){
+ Log.debug("褰撳墠璁块棶IP锛�"+getIpAddress(request));
+ try {
+ ips.stream().filter(s -> s.equals(getIpAddress(request))).findFirst().get();
+ } catch (Exception e){
+ throw new UserDeniedAuthorizationException(TokenUtil.IP_NOT_FOND);
+ }
}
ArrayList<GrantedAuthority> authorities = new ArrayList<>();
@@ -229,11 +228,7 @@
String ip = request.getHeader("x-forwarded-for");
if (ip != null && ip.length() != 0 && !"unknown".equalsIgnoreCase(ip)) {
// 澶氭鍙嶅悜浠g悊鍚庝細鏈夊涓猧p鍊硷紝绗竴涓猧p鎵嶆槸鐪熷疄ip
- if( ip.indexOf(",")!=-1 && !ip.split(",")[0].equals("127.0.0.1")){
- ip = ip.split(",")[0];
- }else {
- ip = ip.split(",")[1];
- }
+ ip = ip.split(",")[0];
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("Proxy-Client-IP");
diff --git a/Source/BladeX/blade-common/src/main/java/org/springblade/common/constant/LauncherConstant.java b/Source/BladeX/blade-common/src/main/java/org/springblade/common/constant/LauncherConstant.java
index c680869..f6f3d28 100644
--- a/Source/BladeX/blade-common/src/main/java/org/springblade/common/constant/LauncherConstant.java
+++ b/Source/BladeX/blade-common/src/main/java/org/springblade/common/constant/LauncherConstant.java
@@ -40,8 +40,8 @@
/**
* nacos dev 鍦板潃
*/
- //String NACOS_DEV_ADDR = "dev.vci-tech.com:38848";
- String NACOS_DEV_ADDR = "192.168.93.133:38848";
+ String NACOS_DEV_ADDR = "dev.vci-tech.com:38848";
+ //String NACOS_DEV_ADDR = "192.168.93.133:38848";
/**
* nacos prod 鍦板潃
@@ -88,7 +88,7 @@
/**
* zipkin dev 鍦板潃
*/
- String ZIPKIN_DEV_ADDR = "http://127.0.0.1:9411";
+ String ZIPKIN_DEV_ADDR = "http://dev.vci-tech.com:38006";
/**
* zipkin prod 鍦板潃
diff --git a/Source/BladeX/blade-service-api/blade-user-api/src/main/java/org/springblade/system/user/entity/User.java b/Source/BladeX/blade-service-api/blade-user-api/src/main/java/org/springblade/system/user/entity/User.java
index b51a3e8..4d39097 100644
--- a/Source/BladeX/blade-service-api/blade-user-api/src/main/java/org/springblade/system/user/entity/User.java
+++ b/Source/BladeX/blade-service-api/blade-user-api/src/main/java/org/springblade/system/user/entity/User.java
@@ -16,6 +16,7 @@
*/
package org.springblade.system.user.entity;
+import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.annotation.TableName;
import lombok.Data;
import lombok.EqualsAndHashCode;
@@ -51,6 +52,11 @@
* 瀵嗙爜
*/
private String password;
+ @TableField(exist = false)
+ /**
+ * 瀵嗙爜绛栫暐
+ */
+ private String pwdStrategy;
/**
* 鏄电О
*/
diff --git a/Source/BladeX/blade-service/blade-user/src/main/java/org/springblade/system/user/mapper/UserMapper.xml b/Source/BladeX/blade-service/blade-user/src/main/java/org/springblade/system/user/mapper/UserMapper.xml
index 86c72ef..3ac3d12 100644
--- a/Source/BladeX/blade-service/blade-user/src/main/java/org/springblade/system/user/mapper/UserMapper.xml
+++ b/Source/BladeX/blade-service/blade-user/src/main/java/org/springblade/system/user/mapper/UserMapper.xml
@@ -16,6 +16,7 @@
<result column="user_type" property="userType"/>
<result column="account" property="account"/>
<result column="password" property="password"/>
+ <result column="strategy_name" property="pwdStrategy"/>
<result column="name" property="name"/>
<result column="real_name" property="realName"/>
<result column="email" property="email"/>
@@ -28,7 +29,11 @@
</resultMap>
<select id="selectUserPage" resultMap="userResultMap">
- select * from pl_org_user where is_deleted = 0
+ SELECT pou.id, pou.tenant_id, user_type, account, name, real_name, email, phone, birthday,role_id, dept_id, post_id,nvl(pss.STRATEGY_NAME,(SELECT STRATEGY_NAME FROM PL_SYS_STRATEGY WHERE IS_DEFAULT=1)) strategy_name
+ FROM pl_org_user pou
+ LEFT JOIN PL_SYS_USER_PWDSTRATEGY plup on plup.USER_ID=pou.ID
+ LEFT JOIN PL_SYS_STRATEGY pss on pss.ID=plup.PWDSTRATEGY_ID
+ WHERE is_deleted = 0
<if test="tenantId!=null and tenantId != ''">
and tenant_id = #{tenantId}
</if>
@@ -45,11 +50,11 @@
and user_type = #{user.userType}
</if>
<if test="deptIdList!=null and deptIdList.size>0">
- and id in (
+ and pou.id in (
SELECT
user_id
FROM
- pl_org_user_dept
+ pl_org_user_dept poud
WHERE
dept_id IN
<foreach collection="deptIdList" index="index" item="item" open="(" separator="," close=")">
@@ -57,20 +62,24 @@
</foreach>
)
</if>
- ORDER BY id
+ ORDER BY pou.id
</select>
<select id="getUser" resultMap="userResultMap">
- SELECT
- *
- FROM
- pl_org_user
+ SELECT pou.id, tenant_id, user_type, account, name, real_name, email, phone, birthday,role_id, dept_id, post_id,nvl(pss.STRATEGY_NAME,(SELECT STRATEGY_NAME FROM PL_SYS_STRATEGY WHERE IS_DEFAULT=1)) strategy_name
+ FROM pl_org_user pou
+ LEFT JOIN PL_SYS_USER_PWDSTRATEGY plup on plup.USER_ID=pou.ID
+ LEFT JOIN PL_SYS_STRATEGY pss on pss.ID=plup.PWDSTRATEGY_ID
WHERE
tenant_id = #{param1} and account = #{param2} and is_deleted = 0
</select>
<select id="exportUser" resultType="org.springblade.system.user.excel.UserExcel">
- SELECT id, tenant_id, user_type, account, name, real_name, email, phone, birthday, role_id, dept_id, post_id FROM pl_org_user ${ew.customSqlSegment}
+ SELECT pou.id, tenant_id, user_type, account, name, real_name, email, phone, birthday,role_id, dept_id, post_id,nvl(pss.STRATEGY_NAME,(SELECT STRATEGY_NAME FROM PL_SYS_STRATEGY WHERE IS_DEFAULT=1)) strategy_name
+ FROM pl_org_user pou
+ LEFT JOIN PL_SYS_USER_PWDSTRATEGY plup on plup.USER_ID=pou.ID
+ LEFT JOIN PL_SYS_STRATEGY pss on pss.ID=plup.PWDSTRATEGY_ID
+ ${ew.customSqlSegment}
</select>
</mapper>
diff --git a/Source/BladeX/service-stop.sh b/Source/BladeX/service-stop.sh
index 738a334..37c1076 100644
--- a/Source/BladeX/service-stop.sh
+++ b/Source/BladeX/service-stop.sh
@@ -2,7 +2,7 @@
stop(){
#瀹氫箟瀹瑰櫒鍜岄暅鍍忕殑鍚嶇О
imagesName=bladex/blade-auth
- containerName=blade-auth:latest
+ containerName=blade-auth
#濡傛灉瀛樺湪锛屽氨鍏抽棴骞朵笖鍒犻櫎璇ュ鍣�
if [[ -n $(docker ps -q -f "name=$containerName") ]];then
echo $containerName"is up,we will stop and remove it !!!"
@@ -14,7 +14,7 @@
fi
imagesName=bladex/blade-admin
- containerName=blade-admin:latest
+ containerName=blade-admin
if [[ -n $(docker ps -q -f "name=$containerName") ]];then
echo $containerName"is up,we will stop and remove it !!!"
docker stop $containerName
@@ -25,7 +25,7 @@
fi
imagesName=bladex/blade-auth
- containerName=blade-auth:latest
+ containerName=blade-auth
if [[ -n $(docker ps -q -f "name=$containerName") ]];then
echo $containerName"is up,we will stop and remove it !!!"
docker stop $containerName
@@ -36,7 +36,7 @@
fi
imagesName=bladex/blade-log
- containerName=blade-log:latest
+ containerName=blade-log
if [[ -n $(docker ps -q -f "name=$containerName") ]];then
echo $containerName"is up,we will stop and remove it !!!"
docker stop $containerName
@@ -47,7 +47,7 @@
fi
imagesName=bladex/blade-desk
- containerName=blade-desk:latest
+ containerName=blade-desk
if [[ -n $(docker ps -q -f "name=$containerName") ]];then
echo $containerName"is up,we will stop and remove it !!!"
docker stop $containerName
@@ -58,7 +58,7 @@
fi
imagesName=bladex/blade-flow
- containerName=blade-flow:latest
+ containerName=blade-flow
if [[ -n $(docker ps -q -f "name=$containerName") ]];then
echo $containerName"is up,we will stop and remove it !!!"
docker stop $containerName
@@ -69,7 +69,7 @@
fi
imagesName=bladex/blade-develop
- containerName=blade-develop:latest
+ containerName=blade-develop
if [[ -n $(docker ps -q -f "name=$containerName") ]];then
echo $containerName"is up,we will stop and remove it !!!"
docker stop $containerName
@@ -80,7 +80,7 @@
fi
imagesName=bladex/blade-jobadmin
- containerName=blade-jobadmin:latest
+ containerName=blade-jobadmin
if [[ -n $(docker ps -q -f "name=$containerName") ]];then
echo $containerName"is up,we will stop and remove it !!!"
docker stop $containerName
@@ -91,7 +91,7 @@
fi
imagesName=bladex/blade-job
- containerName=blade-job:latest
+ containerName=blade-job
if [[ -n $(docker ps -q -f "name=$containerName") ]];then
echo $containerName"is up,we will stop and remove it !!!"
docker stop $containerName
@@ -102,7 +102,7 @@
fi
imagesName=bladex/blade-report
- containerName=blade-report:latest
+ containerName=blade-report
if [[ -n $(docker ps -q -f "name=$containerName") ]];then
echo $containerName"is up,we will stop and remove it !!!"
docker stop $containerName
@@ -113,7 +113,7 @@
fi
imagesName=bladex/blade-resource
- containerName=blade-resource:latest
+ containerName=blade-resource
if [[ -n $(docker ps -q -f "name=$containerName") ]];then
echo $containerName"is up,we will stop and remove it !!!"
docker stop $containerName
@@ -124,7 +124,7 @@
fi
imagesName=bladex/blade-swagger
- containerName=blade-swagger:latest
+ containerName=blade-swagger
if [[ -n $(docker ps -q -f "name=$containerName") ]];then
echo $containerName"is up,we will stop and remove it !!!"
docker stop $containerName
@@ -135,7 +135,7 @@
fi
imagesName=bladex/blade-system
- containerName=blade-system:latest
+ containerName=blade-system
if [[ -n $(docker ps -q -f "name=$containerName") ]];then
echo $containerName"is up,we will stop and remove it !!!"
docker stop $containerName
@@ -146,7 +146,7 @@
fi
imagesName=bladex/blade-user
- containerName=blade-user:latest
+ containerName=blade-user
if [[ -n $(docker ps -q -f "name=$containerName") ]];then
echo $containerName"is up,we will stop and remove it !!!"
docker stop $containerName
@@ -157,7 +157,7 @@
fi
imagesName=bladex/blade-gateway
- containerName=blade-gateway:latest
+ containerName=blade-gateway
if [[ -n $(docker ps -q -f "name=$containerName") ]];then
echo $containerName"is up,we will stop and remove it !!!"
docker stop $containerName
--
Gitblit v1.9.3