lbqms.git - Gitblit

			@@ -4,10 +4,12 @@
			import cn.dev33.satoken.secure.BCrypt;
			import cn.dev33.satoken.stp.StpUtil;
			import cn.hutool.core.bean.BeanUtil;
			import cn.hutool.core.convert.Convert;
			import cn.hutool.core.util.ObjectUtil;
			import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
			import com.ruoyi.common.core.constant.Constants;
			import com.ruoyi.common.core.constant.GlobalConstants;
			import com.ruoyi.common.core.constant.TenantConstants;
			import com.ruoyi.common.core.domain.dto.RoleDTO;
			import com.ruoyi.common.core.domain.model.LoginUser;
			import com.ruoyi.common.core.domain.model.XcxLoginUser;
			@@ -29,12 +31,11 @@
			import com.ruoyi.system.domain.vo.SysTenantVo;
			import com.ruoyi.system.domain.vo.SysUserVo;
			import com.ruoyi.system.mapper.SysUserMapper;
			import com.ruoyi.system.service.ISysConfigService;
			import com.ruoyi.system.service.ISysPermissionService;
			import com.ruoyi.system.service.ISysTenantService;
			import jakarta.servlet.http.HttpServletRequest;
			import lombok.RequiredArgsConstructor;
			import lombok.extern.slf4j.Slf4j;
			import org.springframework.beans.factory.annotation.Value;
			import org.springframework.stereotype.Service;

			import java.time.Duration;
			@@ -57,11 +58,7 @@
			private final ISysPermissionService permissionService;
			private final ISysTenantService tenantService;

			@Value("${user.password.maxRetryCount}")
			private Integer maxRetryCount;

			@Value("${user.password.lockTime}")
			private Integer lockTime;
			private final ISysConfigService configService;

			/**
			* 登录验证
			@@ -73,11 +70,10 @@
			* @return 结果
			*/
			public String login(String tenantId, String username, String password, String code, String uuid) {
			HttpServletRequest request = ServletUtils.getRequest();
			boolean captchaEnabled = captchaProperties.getEnable();
			// 验证码开关
			if (captchaEnabled) {
			validateCaptcha(tenantId, username, code, uuid, request);
			validateCaptcha(tenantId, username, code, uuid);
			}
			// 校验租户
			checkTenant(tenantId);
			@@ -101,6 +97,23 @@
			SysUserVo user = loadUserByPhonenumber(tenantId, phonenumber);

			checkLogin(LoginType.SMS, tenantId, user.getUserName(), () -> !validateSmsCode(tenantId, phonenumber, smsCode));
			// 此处可根据登录用户的数据不同自行创建 loginUser
			LoginUser loginUser = buildLoginUser(user);
			// 生成token
			LoginHelper.loginByDevice(loginUser, DeviceType.APP);

			recordLogininfor(loginUser.getTenantId(), user.getUserName(), Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success"));
			recordLoginInfo(user.getUserId());
			return StpUtil.getTokenValue();
			}

			public String emailLogin(String tenantId, String email, String emailCode) {
			// 校验租户
			checkTenant(tenantId);
			// 通过手机号查找用户
			SysUserVo user = loadUserByEmail(tenantId, email);

			checkLogin(LoginType.EMAIL, tenantId, user.getUserName(), () -> !validateEmailCode(tenantId, email, emailCode));
			// 此处可根据登录用户的数据不同自行创建 loginUser
			LoginUser loginUser = buildLoginUser(user);
			// 生成token
			@@ -159,7 +172,6 @@
			* @param username 用户名
			* @param status 状态
			* @param message 消息内容
			* @return
			*/
			private void recordLogininfor(String tenantId, String username, String status, String message) {
			LogininforEvent logininforEvent = new LogininforEvent();
			@@ -184,13 +196,25 @@
			}

			/**
			* 校验邮箱验证码
			*/
			private boolean validateEmailCode(String tenantId, String email, String emailCode) {
			String code = RedisUtils.getCacheObject(GlobalConstants.CAPTCHA_CODE_KEY + email);
			if (StringUtils.isBlank(code)) {
			recordLogininfor(tenantId, email, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.expire"));
			throw new CaptchaExpireException();
			}
			return code.equals(emailCode);
			}

			/**
			* 校验验证码
			*
			* @param username 用户名
			* @param code 验证码
			* @param uuid 唯一标识
			*/
			public void validateCaptcha(String tenantId, String username, String code, String uuid, HttpServletRequest request) {
			public void validateCaptcha(String tenantId, String username, String code, String uuid) {
			String verifyKey = GlobalConstants.CAPTCHA_CODE_KEY + StringUtils.defaultString(uuid, "");
			String captcha = RedisUtils.getCacheObject(verifyKey);
			RedisUtils.deleteObject(verifyKey);
			@@ -238,6 +262,24 @@
			return userMapper.selectTenantUserByPhonenumber(phonenumber, tenantId);
			}
			return userMapper.selectUserByPhonenumber(phonenumber);
			}

			private SysUserVo loadUserByEmail(String tenantId, String email) {
			SysUser user = userMapper.selectOne(new LambdaQueryWrapper<SysUser>()
			.select(SysUser::getPhonenumber, SysUser::getStatus)
			.eq(TenantHelper.isEnable(), SysUser::getTenantId, tenantId)
			.eq(SysUser::getEmail, email));
			if (ObjectUtil.isNull(user)) {
			log.info("登录用户：{} 不存在.", email);
			throw new UserException("user.not.exists", email);
			} else if (UserStatus.DISABLE.getCode().equals(user.getStatus())) {
			log.info("登录用户：{} 已被停用.", email);
			throw new UserException("user.blocked", email);
			}
			if (TenantHelper.isEnable()) {
			return userMapper.selectTenantUserByEmail(email, tenantId);
			}
			return userMapper.selectUserByEmail(email);
			}

			private SysUserVo loadUserByOpenid(String openid) {
			@@ -295,6 +337,10 @@

			// 获取用户登录错误次数(可自定义限制策略例如: key + username + ip)
			Integer errorNumber = RedisUtils.getCacheObject(errorKey);
			//密码最大错误次数
			Integer maxRetryCount = Convert.toInt(configService.selectConfigByKey("sys.user.maxRetryCount"));
			//密码锁定时间
			Integer lockTime = Convert.toInt(configService.selectConfigByKey("sys.user.lockTime"));
			// 锁定时间内登录则踢出
			if (ObjectUtil.isNotNull(errorNumber) && errorNumber.equals(maxRetryCount)) {
			recordLogininfor(tenantId, username, loginFail, MessageUtils.message(loginType.getRetryLimitExceed(), maxRetryCount, lockTime));
			@@ -325,6 +371,9 @@
			if (!TenantHelper.isEnable()) {
			return;
			}
			if (TenantConstants.DEFAULT_TENANT_ID.equals(tenantId)) {
			return;
			}
			SysTenantVo tenant = tenantService.queryByTenantId(tenantId);
			if (ObjectUtil.isNull(tenant)) {
			log.info("登录租户：{} 不存在.", tenantId);