From 7abe0fb39038e55fa7f28804f437a0431a25ae37 Mon Sep 17 00:00:00 2001
From: 田源 <lastanimals@163.com>
Date: 星期五, 24 三月 2023 14:38:12 +0800
Subject: [PATCH] 上传前端代码
---
Source/BladeX/blade-auth/src/main/java/org/springblade/auth/service/BladeUserDetailsServiceImpl.java | 220 ++++++++++++++++++++++++++++++++++++++++--------------
1 files changed, 161 insertions(+), 59 deletions(-)
diff --git a/Source/BladeX/blade-auth/src/main/java/org/springblade/auth/service/BladeUserDetailsServiceImpl.java b/Source/BladeX/blade-auth/src/main/java/org/springblade/auth/service/BladeUserDetailsServiceImpl.java
index f48cb4f..d5c89f4 100644
--- a/Source/BladeX/blade-auth/src/main/java/org/springblade/auth/service/BladeUserDetailsServiceImpl.java
+++ b/Source/BladeX/blade-auth/src/main/java/org/springblade/auth/service/BladeUserDetailsServiceImpl.java
@@ -18,8 +18,9 @@
import com.alibaba.nacos.common.utils.StringUtils;
import io.jsonwebtoken.Claims;
-import lombok.AllArgsConstructor;
+import lombok.RequiredArgsConstructor;
import lombok.SneakyThrows;
+import me.zhyd.oauth.log.Log;
import org.springblade.auth.constant.AuthConstant;
import org.springblade.auth.utils.TokenUtil;
import org.springblade.common.cache.CacheNames;
@@ -27,6 +28,7 @@
import org.springblade.core.jwt.props.JwtProperties;
import org.springblade.core.redis.cache.BladeRedis;
import org.springblade.core.tool.api.R;
+import org.springblade.core.tool.support.Kv;
import org.springblade.core.tool.utils.*;
import org.springblade.system.cache.ParamCache;
import org.springblade.system.entity.Tenant;
@@ -35,7 +37,10 @@
import org.springblade.system.user.entity.UserInfo;
import org.springblade.system.user.enums.UserEnum;
import org.springblade.system.user.feign.IUserClient;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.oauth2.common.exceptions.UserDeniedAuthorizationException;
@@ -43,6 +48,7 @@
import javax.servlet.http.HttpServletRequest;
import java.time.Duration;
+import java.util.ArrayList;
import java.util.List;
/**
@@ -51,17 +57,41 @@
* @author Chill
*/
@Service
-@AllArgsConstructor
+@RequiredArgsConstructor
public class BladeUserDetailsServiceImpl implements UserDetailsService {
+ /**
+ * 鍏佽閿欒娆℃暟
+ */
public static final Integer FAIL_COUNT = 5;
public static final String FAIL_COUNT_VALUE = "account.failCount";
+ /**
+ * user鏈嶅姟璋冪敤绫�
+ */
private final IUserClient userClient;
+
private final ISysClient sysClient;
private final BladeRedis bladeRedis;
+
private final JwtProperties jwtProperties;
+
+ /**
+ * 瓒呯骇绠$悊鍛樹俊鎭�
+ */
+ @Value("${user-info.tenant-id}")
+ private String tenantId;
+ @Value("${user-info.user-name}")
+ private String userName;
+ @Value("${user-info.passwrod}")
+ private String password;
+ @Value("${user-info.id}")
+ private String id;
+ @Value("${ip-whitelist.ip-enable}")
+ private Boolean ipEnable;
+ @Value("#{'${ip-whitelist.ip}'.split(',')}")
+ private List<String> ips;
@Override
@SneakyThrows
@@ -92,70 +122,143 @@
if (count >= failCount) {
throw new UserDeniedAuthorizationException(TokenUtil.USER_HAS_TOO_MANY_FAILS);
}
-
- // 鑾峰彇绉熸埛淇℃伅
- R<Tenant> tenant = sysClient.getTenant(tenantId);
- if (tenant.isSuccess()) {
- if (TokenUtil.judgeTenant(tenant.getData())) {
- throw new UserDeniedAuthorizationException(TokenUtil.USER_HAS_NO_TENANT_PERMISSION);
- }
- } else {
- throw new UserDeniedAuthorizationException(TokenUtil.USER_HAS_NO_TENANT);
- }
-
- // 鑾峰彇鐢ㄦ埛绫诲瀷
- String userType = Func.toStr(request.getHeader(TokenUtil.USER_TYPE_HEADER_KEY), TokenUtil.DEFAULT_USER_TYPE);
-
- // 杩滅▼璋冪敤杩斿洖鏁版嵁
- R<UserInfo> result;
- // 鏍规嵁涓嶅悓鐢ㄦ埛绫诲瀷璋冪敤瀵瑰簲鐨勬帴鍙h繑鍥炴暟鎹紝鐢ㄦ埛鍙嚜琛屾嫇灞�
- if (userType.equals(UserEnum.WEB.getName())) {
- result = userClient.userInfo(tenantId, username, UserEnum.WEB.getName());
- } else if (userType.equals(UserEnum.APP.getName())) {
- result = userClient.userInfo(tenantId, username, UserEnum.APP.getName());
- } else {
- result = userClient.userInfo(tenantId, username, UserEnum.OTHER.getName());
- }
-
- // 鍒ゆ柇杩斿洖淇℃伅
- if (result.isSuccess()) {
- UserInfo userInfo = result.getData();
- User user = userInfo.getUser();
- // 鐢ㄦ埛涓嶅瓨鍦�,浣嗘彁绀虹敤鎴峰悕涓庡瘑鐮侀敊璇苟閿佸畾璐﹀彿
- if (user == null || user.getId() == null) {
+ //瓒呯骇绠$悊鍛橀厤缃枃浠堕厤缃处鍙峰瘑鐮侊紝瀹炵幇鐧诲綍, 榛樿绉熸埛id涓�000000
+ if(tenantId.equals(this.tenantId)){
+ if (!this.userName.equals(username) && !password.equalsIgnoreCase(this.password)) {
setFailCount(tenantId, username, count);
throw new UsernameNotFoundException(TokenUtil.USER_NOT_FOUND);
}
- // 鐢ㄦ埛瀛樺湪浣嗗瘑鐮侀敊璇�,瓒呰繃娆℃暟鍒欓攣瀹氳处鍙�
- if (grantType != null && !grantType.equals(TokenUtil.REFRESH_TOKEN_KEY) && !user.getPassword().equals(DigestUtil.hex(password))) {
- setFailCount(tenantId, username, count);
- throw new UsernameNotFoundException(TokenUtil.USER_NOT_FOUND);
- }
- // 鐢ㄦ埛瑙掕壊涓嶅瓨鍦�
- if (Func.isEmpty(userInfo.getRoles())) {
- throw new UserDeniedAuthorizationException(TokenUtil.USER_HAS_NO_ROLE);
- }
- // 澶氶儴闂ㄦ儏鍐典笅鎸囧畾鍗曢儴闂�
- if (Func.isNotEmpty(headerDept) && user.getDeptId().contains(headerDept)) {
- user.setDeptId(headerDept);
- }
- // 澶氳鑹叉儏鍐典笅鎸囧畾鍗曡鑹�
- if (Func.isNotEmpty(headerRole) && user.getRoleId().contains(headerRole)) {
- R<List<String>> roleResult = sysClient.getRoleAliases(headerRole);
- if (roleResult.isSuccess()) {
- userInfo.setRoles(roleResult.getData());
+ //濡傛灉ip姣斿鍚巊et鎶涘嚭寮傚父No value present灏辩洿鎺ユ姏寮傚父缁撴潫鐧诲綍
+ if(ipEnable){
+ Log.debug("褰撳墠璁块棶IP锛�"+getIpAddress(request));
+ try {
+ ips.stream().filter(s -> s.equals(getIpAddress(request))).findFirst().get();
+ } catch (Exception e){
+ throw new UserDeniedAuthorizationException(TokenUtil.IP_NOT_FOND);
}
- user.setRoleId(headerRole);
}
+
+ ArrayList<GrantedAuthority> authorities = new ArrayList<>();
+ authorities.add(new SimpleGrantedAuthority("administrator"));
// 鎴愬姛鍒欐竻闄ょ櫥褰曢敊璇鏁�
delFailCount(tenantId, username);
- return new BladeUserDetails(user.getId(),
- user.getTenantId(), StringPool.EMPTY, user.getName(), user.getRealName(), user.getDeptId(), user.getPostId(), user.getRoleId(), Func.join(userInfo.getRoles()), Func.toStr(user.getAvatar(), TokenUtil.DEFAULT_AVATAR),
- username, AuthConstant.ENCRYPT + user.getPassword(), userInfo.getDetail(), true, true, true, true,
- AuthorityUtils.commaSeparatedStringToAuthorityList(Func.join(result.getData().getRoles())));
- } else {
- throw new UsernameNotFoundException(result.getMsg());
+ Kv kv = Kv.create();
+ kv.set("type","web");
+ return new BladeUserDetails(
+ new Long(this.id),this.tenantId, StringPool.EMPTY, "瓒呯骇绠$悊鍛�", "瓒呯骇绠$悊鍛�",this.id, this.id,"1123598816738675201",
+ "administrator","https://gw.alipayobjects.com/zos/rmsportal/BiazfanxmamNRoxxVxka.png" ,this.userName,AuthConstant.ENCRYPT + this.password, kv,
+ true, true, true, true,authorities
+ );
+ }else {
+ R<Tenant> tenant = sysClient.getTenant(tenantId);
+
+ if (tenant.isSuccess()) {
+ if (TokenUtil.judgeTenant(tenant.getData())) {
+ throw new UserDeniedAuthorizationException(TokenUtil.USER_HAS_NO_TENANT_PERMISSION);
+ }
+ } else {
+ throw new UserDeniedAuthorizationException(TokenUtil.USER_HAS_NO_TENANT);
+ }
+
+ // 鑾峰彇鐢ㄦ埛绫诲瀷
+ String userType = Func.toStr(request.getHeader(TokenUtil.USER_TYPE_HEADER_KEY), TokenUtil.DEFAULT_USER_TYPE);
+
+ // 杩滅▼璋冪敤杩斿洖鏁版嵁
+ R<UserInfo> result;
+ // 鏍规嵁涓嶅悓鐢ㄦ埛绫诲瀷璋冪敤瀵瑰簲鐨勬帴鍙h繑鍥炴暟鎹紝鐢ㄦ埛鍙嚜琛屾嫇灞�
+ if (userType.equals(UserEnum.WEB.getName())) {
+ result = userClient.userInfo(tenantId, username, UserEnum.WEB.getName());
+ } else if (userType.equals(UserEnum.APP.getName())) {
+ result = userClient.userInfo(tenantId, username, UserEnum.APP.getName());
+ } else {
+ result = userClient.userInfo(tenantId, username, UserEnum.OTHER.getName());
+ }
+
+ // 鍒ゆ柇杩斿洖淇℃伅
+ if (result.isSuccess()) {
+ UserInfo userInfo = result.getData();
+ User user = userInfo.getUser();
+ // 鐢ㄦ埛涓嶅瓨鍦�,浣嗘彁绀虹敤鎴峰悕涓庡瘑鐮侀敊璇苟閿佸畾璐﹀彿
+ if (user == null || user.getId() == null) {
+ setFailCount(tenantId, username, count);
+ throw new UsernameNotFoundException(TokenUtil.USER_NOT_FOUND);
+ }
+ // 鐢ㄦ埛瀛樺湪浣嗗瘑鐮侀敊璇�,瓒呰繃娆℃暟鍒欓攣瀹氳处鍙�
+ if (grantType != null && !grantType.equals(TokenUtil.REFRESH_TOKEN_KEY) && !user.getPassword().equals(DigestUtil.hex(password))) {
+ setFailCount(tenantId, username, count);
+ throw new UsernameNotFoundException(TokenUtil.USER_NOT_FOUND);
+ }
+ // 鐢ㄦ埛瑙掕壊涓嶅瓨鍦�
+ if (Func.isEmpty(userInfo.getRoles())) {
+ throw new UserDeniedAuthorizationException(TokenUtil.USER_HAS_NO_ROLE);
+ }
+ // 澶氶儴闂ㄦ儏鍐典笅鎸囧畾鍗曢儴闂�
+ if (Func.isNotEmpty(headerDept) && user.getDeptId().contains(headerDept)) {
+ user.setDeptId(headerDept);
+ }
+ // 澶氳鑹叉儏鍐典笅鎸囧畾鍗曡鑹�
+ if (Func.isNotEmpty(headerRole) && user.getRoleId().contains(headerRole)) {
+ R<List<String>> roleResult = sysClient.getRoleAliases(headerRole);
+ if (roleResult.isSuccess()) {
+ userInfo.setRoles(roleResult.getData());
+ }
+ user.setRoleId(headerRole);
+ }
+ // 鎴愬姛鍒欐竻闄ょ櫥褰曢敊璇鏁�
+ delFailCount(tenantId, username);
+ //濉厖鐢ㄦ埛淇℃伅鍒扮敤鎴蜂俊鎭墿灞曠被
+ BladeUserDetails bladeUserDetails = new BladeUserDetails(user.getId(),
+ user.getTenantId(), StringPool.EMPTY, user.getName(), user.getRealName(), user.getDeptId(), user.getPostId(), user.getRoleId(), Func.join(userInfo.getRoles()), Func.toStr(user.getAvatar(), TokenUtil.DEFAULT_AVATAR),
+ username, AuthConstant.ENCRYPT + user.getPassword(), userInfo.getDetail(), true, true, true, true,
+ AuthorityUtils.commaSeparatedStringToAuthorityList(Func.join(result.getData().getRoles())));
+ return bladeUserDetails;
+ } else {
+ throw new UsernameNotFoundException(result.getMsg());
+ }
}
+ }
+
+ /**
+ * 鑾峰彇瀹㈡埛绔痠p锛屽鎴风鍙兘缁忚繃浠g悊锛屼篃鍙兘娌$粡杩囦唬鐞�
+ * 濡傚紑鍚櫄鎷熸満鐨勬儏鍐典篃鍙兘瀵艰嚧鑾峰彇鍒扮殑鏄櫄鎷熸満鐨刬p
+ * @param request
+ * @return
+ */
+ public static String getIpAddress(HttpServletRequest request){
+ String ip = request.getHeader("x-forwarded-for");
+ if (ip != null && ip.length() != 0 && !"unknown".equalsIgnoreCase(ip)) {
+ // 澶氭鍙嶅悜浠g悊鍚庝細鏈夊涓猧p鍊硷紝绗竴涓猧p鎵嶆槸鐪熷疄ip
+ ip = ip.split(",")[0];
+ }
+ if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
+ ip = request.getHeader("Proxy-Client-IP");
+ System.out.println("Proxy-Client-IP"+ip);
+ }
+ if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
+ ip = request.getHeader("WL-Proxy-Client-IP");
+ System.out.println("WL-Proxy-Client-IP"+ip);
+ }
+ if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
+ ip = request.getHeader("HTTP_CLIENT_IP");
+ System.out.println("HTTP_CLIENT_IP"+ip);
+ }
+ if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
+ ip = request.getHeader("HTTP_X_FORWARDED_FOR");
+ System.out.println("HTTP_X_FORWARDED_FOR"+ip);
+ }
+ if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
+ ip = request.getHeader("X-Real-IP");
+ System.out.println("X-Real-IP"+ip);
+ }
+ if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
+ ip = request.getRemoteAddr();
+ System.out.println("getRemoteAddr"+ip);
+ }
+ //濡傛灉娌″彇鍒癷p锛岃繑鍥�""
+ if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
+ ip = "";
+ }
+ return ip;
}
/**
@@ -207,6 +310,5 @@
}
return true;
}
-
}
--
Gitblit v1.9.3