From f89b4e933601a9e2df164802155659b62581d745 Mon Sep 17 00:00:00 2001
From: 疯狂的狮子Li <15040126243@163.com>
Date: 星期二, 25 一月 2022 17:54:37 +0800
Subject: [PATCH] !134 优化登录、注册校验方式 Merge pull request !134 from KonBAI/fix_auth_valid
---
ruoyi-system/src/main/java/com/ruoyi/system/service/SysRegisterService.java | 52 +++++++----------
ruoyi-admin/src/main/resources/i18n/messages_en_US.properties | 6 ++
ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java | 2
ruoyi-admin/src/main/resources/i18n/messages.properties | 7 ++
ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRegisterController.java | 7 +-
ruoyi-admin/src/main/resources/i18n/messages_zh_CN.properties | 6 ++
ruoyi-common/src/main/java/com/ruoyi/common/core/domain/model/LoginBody.java | 95 +++++++++++++++++--------------
7 files changed, 96 insertions(+), 79 deletions(-)
diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java
index 40c315c..3c51e09 100644
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java
@@ -51,7 +51,7 @@
*/
@ApiOperation("鐧诲綍鏂规硶")
@PostMapping("/login")
- public AjaxResult<Map<String, Object>> login(@RequestBody LoginBody loginBody) {
+ public AjaxResult<Map<String, Object>> login(@Validated @RequestBody LoginBody loginBody) {
Map<String, Object> ajax = new HashMap<>();
// 鐢熸垚浠ょ墝
String token = loginService.login(loginBody.getUsername(), loginBody.getPassword(), loginBody.getCode(),
diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRegisterController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRegisterController.java
index 4d7801b..52d6a70 100644
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRegisterController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRegisterController.java
@@ -3,7 +3,6 @@
import com.ruoyi.common.core.controller.BaseController;
import com.ruoyi.common.core.domain.AjaxResult;
import com.ruoyi.common.core.domain.model.RegisterBody;
-import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.system.service.ISysConfigService;
import com.ruoyi.system.service.SysRegisterService;
import io.swagger.annotations.Api;
@@ -30,11 +29,11 @@
@ApiOperation("鐢ㄦ埛娉ㄥ唽")
@PostMapping("/register")
- public AjaxResult<Void> register(@RequestBody RegisterBody user) {
+ public AjaxResult<Void> register(@Validated @RequestBody RegisterBody user) {
if (!("true".equals(configService.selectConfigByKey("sys.account.registerUser")))) {
return error("褰撳墠绯荤粺娌℃湁寮�鍚敞鍐屽姛鑳斤紒");
}
- String msg = registerService.register(user);
- return StringUtils.isEmpty(msg) ? success() : error(msg);
+ registerService.register(user);
+ return success();
}
}
diff --git a/ruoyi-admin/src/main/resources/i18n/messages.properties b/ruoyi-admin/src/main/resources/i18n/messages.properties
index 6db4b42..06e85c1 100644
--- a/ruoyi-admin/src/main/resources/i18n/messages.properties
+++ b/ruoyi-admin/src/main/resources/i18n/messages.properties
@@ -1,5 +1,6 @@
#閿欒娑堟伅
not.null=* 蹇呴』濉啓
+user.jcaptcha.blank=楠岃瘉鐮佷笉鑳戒负绌�
user.jcaptcha.error=楠岃瘉鐮侀敊璇�
user.jcaptcha.expire=楠岃瘉鐮佸凡澶辨晥
user.not.exists=瀵逛笉璧�, 鎮ㄧ殑璐﹀彿锛歿0} 涓嶅瓨鍦�.
@@ -11,12 +12,18 @@
role.blocked=瑙掕壊宸插皝绂侊紝璇疯仈绯荤鐞嗗憳
user.logout.success=閫�鍑烘垚鍔�
length.not.valid=闀垮害蹇呴』鍦▄min}鍒皗max}涓瓧绗︿箣闂�
+user.username.not.blank=鐢ㄦ埛鍚嶄笉鑳戒负绌�
user.username.not.valid=* 2鍒�20涓眽瀛椼�佸瓧姣嶃�佹暟瀛楁垨涓嬪垝绾跨粍鎴愶紝涓斿繀椤讳互闈炴暟瀛楀紑澶�
+user.username.length.valid=璐︽埛闀垮害蹇呴』鍦▄min}鍒皗max}涓瓧绗︿箣闂�
+user.password.not.blank=鐢ㄦ埛瀵嗙爜涓嶈兘涓虹┖
+user.password.length.valid=鐢ㄦ埛瀵嗙爜闀垮害蹇呴』鍦▄min}鍒皗max}涓瓧绗︿箣闂�
user.password.not.valid=* 5-50涓瓧绗�
user.email.not.valid=閭鏍煎紡閿欒
user.mobile.phone.number.not.valid=鎵嬫満鍙锋牸寮忛敊璇�
user.login.success=鐧诲綍鎴愬姛
user.register.success=娉ㄥ唽鎴愬姛
+user.register.save.error=淇濆瓨鐢ㄦ埛 {0} 澶辫触锛屾敞鍐岃处鍙峰凡瀛樺湪
+user.register.error=娉ㄥ唽澶辫触锛岃鑱旂郴绯荤粺绠$悊浜哄憳
user.notfound=璇烽噸鏂扮櫥褰�
user.forcelogout=绠$悊鍛樺己鍒堕��鍑猴紝璇烽噸鏂扮櫥褰�
user.unknown.error=鏈煡閿欒锛岃閲嶆柊鐧诲綍
diff --git a/ruoyi-admin/src/main/resources/i18n/messages_en_US.properties b/ruoyi-admin/src/main/resources/i18n/messages_en_US.properties
index c67beab..960538a 100644
--- a/ruoyi-admin/src/main/resources/i18n/messages_en_US.properties
+++ b/ruoyi-admin/src/main/resources/i18n/messages_en_US.properties
@@ -11,12 +11,18 @@
role.blocked=Role disabled锛宲lease contact administrators
user.logout.success=Exit successful
length.not.valid=The length must be between {min} and {max} characters
+user.username.not.blank=Username cannot be blank
user.username.not.valid=* 2 to 20 chinese characters, letters, numbers or underscores, and must start with a non number
+user.username.length.valid=Account length must be between {min} and {max} characters
+user.password.not.blank=Password cannot be empty
+user.password.length.valid=Password length must be between {min} and {max} characters
user.password.not.valid=* 5-50 characters
user.email.not.valid=Mailbox format error
user.mobile.phone.number.not.valid=Phone number format error
user.login.success=Login successful
user.register.success=Register successful
+user.register.save.error=Failed to save user {0}, The registered account already exists
+user.register.error=Register failed, please contact system administrator
user.notfound=Please login again
user.forcelogout=The administrator is forced to exit锛宲lease login again
user.unknown.error=Unknown error, please login again
diff --git a/ruoyi-admin/src/main/resources/i18n/messages_zh_CN.properties b/ruoyi-admin/src/main/resources/i18n/messages_zh_CN.properties
index 6db4b42..ee68c98 100644
--- a/ruoyi-admin/src/main/resources/i18n/messages_zh_CN.properties
+++ b/ruoyi-admin/src/main/resources/i18n/messages_zh_CN.properties
@@ -11,12 +11,18 @@
role.blocked=瑙掕壊宸插皝绂侊紝璇疯仈绯荤鐞嗗憳
user.logout.success=閫�鍑烘垚鍔�
length.not.valid=闀垮害蹇呴』鍦▄min}鍒皗max}涓瓧绗︿箣闂�
+user.username.not.blank=鐢ㄦ埛鍚嶄笉鑳戒负绌�
user.username.not.valid=* 2鍒�20涓眽瀛椼�佸瓧姣嶃�佹暟瀛楁垨涓嬪垝绾跨粍鎴愶紝涓斿繀椤讳互闈炴暟瀛楀紑澶�
+user.username.length.valid=璐︽埛闀垮害蹇呴』鍦▄min}鍒皗max}涓瓧绗︿箣闂�
+user.password.not.blank=鐢ㄦ埛瀵嗙爜涓嶈兘涓虹┖
+user.password.length.valid=鐢ㄦ埛瀵嗙爜闀垮害蹇呴』鍦▄min}鍒皗max}涓瓧绗︿箣闂�
user.password.not.valid=* 5-50涓瓧绗�
user.email.not.valid=閭鏍煎紡閿欒
user.mobile.phone.number.not.valid=鎵嬫満鍙锋牸寮忛敊璇�
user.login.success=鐧诲綍鎴愬姛
user.register.success=娉ㄥ唽鎴愬姛
+user.register.save.error=淇濆瓨鐢ㄦ埛 {0} 澶辫触锛屾敞鍐岃处鍙峰凡瀛樺湪
+user.register.error=娉ㄥ唽澶辫触锛岃鑱旂郴绯荤粺绠$悊浜哄憳
user.notfound=璇烽噸鏂扮櫥褰�
user.forcelogout=绠$悊鍛樺己鍒堕��鍑猴紝璇烽噸鏂扮櫥褰�
user.unknown.error=鏈煡閿欒锛岃閲嶆柊鐧诲綍
diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/model/LoginBody.java b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/model/LoginBody.java
index d470536..94ebebd 100644
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/model/LoginBody.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/model/LoginBody.java
@@ -1,43 +1,52 @@
-package com.ruoyi.common.core.domain.model;
-
-import io.swagger.annotations.ApiModel;
-import io.swagger.annotations.ApiModelProperty;
-import lombok.Data;
-import lombok.experimental.Accessors;
-
-/**
- * 鐢ㄦ埛鐧诲綍瀵硅薄
- *
- * @author Lion Li
- */
-
-@Data
-@Accessors(chain = true)
-@ApiModel("鐢ㄦ埛鐧诲綍瀵硅薄")
-public class LoginBody {
-
- /**
- * 鐢ㄦ埛鍚�
- */
- @ApiModelProperty(value = "鐢ㄦ埛鍚�")
- private String username;
-
- /**
- * 鐢ㄦ埛瀵嗙爜
- */
- @ApiModelProperty(value = "鐢ㄦ埛瀵嗙爜")
- private String password;
-
- /**
- * 楠岃瘉鐮�
- */
- @ApiModelProperty(value = "楠岃瘉鐮�")
- private String code;
-
- /**
- * 鍞竴鏍囪瘑
- */
- @ApiModelProperty(value = "鍞竴鏍囪瘑")
- private String uuid = "";
-
-}
+package com.ruoyi.common.core.domain.model;
+
+import com.ruoyi.common.constant.UserConstants;
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+import lombok.experimental.Accessors;
+import org.hibernate.validator.constraints.Length;
+
+import javax.validation.constraints.NotBlank;
+
+/**
+ * 鐢ㄦ埛鐧诲綍瀵硅薄
+ *
+ * @author Lion Li
+ */
+
+@Data
+@Accessors(chain = true)
+@ApiModel("鐢ㄦ埛鐧诲綍瀵硅薄")
+public class LoginBody {
+
+ /**
+ * 鐢ㄦ埛鍚�
+ */
+ @NotBlank(message = "{user.username.not.blank}")
+ @Length(min = UserConstants.USERNAME_MIN_LENGTH, max = UserConstants.USERNAME_MAX_LENGTH, message = "{user.username.length.valid}")
+ @ApiModelProperty(value = "鐢ㄦ埛鍚�")
+ private String username;
+
+ /**
+ * 鐢ㄦ埛瀵嗙爜
+ */
+ @NotBlank(message = "{user.password.not.blank}")
+ @Length(min = UserConstants.PASSWORD_MIN_LENGTH, max = UserConstants.PASSWORD_MAX_LENGTH, message = "{user.password.length.valid}")
+ @ApiModelProperty(value = "鐢ㄦ埛瀵嗙爜")
+ private String password;
+
+ /**
+ * 楠岃瘉鐮�
+ */
+ @NotBlank(message = "{user.jcaptcha.blank}")
+ @ApiModelProperty(value = "楠岃瘉鐮�")
+ private String code;
+
+ /**
+ * 鍞竴鏍囪瘑
+ */
+ @ApiModelProperty(value = "鍞竴鏍囪瘑")
+ private String uuid = "";
+
+}
diff --git a/ruoyi-system/src/main/java/com/ruoyi/system/service/SysRegisterService.java b/ruoyi-system/src/main/java/com/ruoyi/system/service/SysRegisterService.java
index 8c5cfff..5f44991 100644
--- a/ruoyi-system/src/main/java/com/ruoyi/system/service/SysRegisterService.java
+++ b/ruoyi-system/src/main/java/com/ruoyi/system/service/SysRegisterService.java
@@ -8,13 +8,15 @@
import com.ruoyi.common.enums.UserType;
import com.ruoyi.common.exception.user.CaptchaException;
import com.ruoyi.common.exception.user.CaptchaExpireException;
+import com.ruoyi.common.exception.user.UserException;
import com.ruoyi.common.utils.MessageUtils;
import com.ruoyi.common.utils.SecurityUtils;
import com.ruoyi.common.utils.ServletUtils;
-import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.common.utils.redis.RedisUtils;
import lombok.RequiredArgsConstructor;
import org.springframework.stereotype.Service;
+
+import javax.servlet.http.HttpServletRequest;
/**
* 娉ㄥ唽鏍¢獙鏂规硶
@@ -32,8 +34,8 @@
/**
* 娉ㄥ唽
*/
- public String register(RegisterBody registerBody) {
- String msg = "";
+ public void register(RegisterBody registerBody) {
+ HttpServletRequest request = ServletUtils.getRequest();
String username = registerBody.getUsername();
String password = registerBody.getPassword();
// 鏍¢獙鐢ㄦ埛绫诲瀷鏄惁瀛樺湪
@@ -42,36 +44,22 @@
boolean captchaOnOff = configService.selectCaptchaOnOff();
// 楠岃瘉鐮佸紑鍏�
if (captchaOnOff) {
- validateCaptcha(username, registerBody.getCode(), registerBody.getUuid());
+ validateCaptcha(username, registerBody.getCode(), registerBody.getUuid(), request);
}
- if (StringUtils.isEmpty(username)) {
- msg = "鐢ㄦ埛鍚嶄笉鑳戒负绌�";
- } else if (StringUtils.isEmpty(password)) {
- msg = "鐢ㄦ埛瀵嗙爜涓嶈兘涓虹┖";
- } else if (username.length() < UserConstants.USERNAME_MIN_LENGTH
- || username.length() > UserConstants.USERNAME_MAX_LENGTH) {
- msg = "璐︽埛闀垮害蹇呴』鍦�2鍒�20涓瓧绗︿箣闂�";
- } else if (password.length() < UserConstants.PASSWORD_MIN_LENGTH
- || password.length() > UserConstants.PASSWORD_MAX_LENGTH) {
- msg = "瀵嗙爜闀垮害蹇呴』鍦�5鍒�20涓瓧绗︿箣闂�";
- } else if (UserConstants.NOT_UNIQUE.equals(userService.checkUserNameUnique(username))) {
- msg = "淇濆瓨鐢ㄦ埛'" + username + "'澶辫触锛屾敞鍐岃处鍙峰凡瀛樺湪";
- } else {
- SysUser sysUser = new SysUser();
- sysUser.setUserName(username);
- sysUser.setNickName(username);
- sysUser.setPassword(SecurityUtils.encryptPassword(registerBody.getPassword()));
- sysUser.setUserType(userType);
- boolean regFlag = userService.registerUser(sysUser);
- if (!regFlag) {
- msg = "娉ㄥ唽澶辫触,璇疯仈绯荤郴缁熺鐞嗕汉鍛�";
- } else {
- asyncService.recordLogininfor(username, Constants.REGISTER,
- MessageUtils.message("user.register.success"), ServletUtils.getRequest());
- }
+ if (UserConstants.NOT_UNIQUE.equals(userService.checkUserNameUnique(username))) {
+ throw new UserException("user.register.save.error", username);
}
- return msg;
+ SysUser sysUser = new SysUser();
+ sysUser.setUserName(username);
+ sysUser.setNickName(username);
+ sysUser.setPassword(SecurityUtils.encryptPassword(password));
+ sysUser.setUserType(userType);
+ boolean regFlag = userService.registerUser(sysUser);
+ if (!regFlag) {
+ throw new UserException("user.register.error");
+ }
+ asyncService.recordLogininfor(username, Constants.REGISTER, MessageUtils.message("user.register.success"), request);
}
/**
@@ -82,14 +70,16 @@
* @param uuid 鍞竴鏍囪瘑
* @return 缁撴灉
*/
- public void validateCaptcha(String username, String code, String uuid) {
+ public void validateCaptcha(String username, String code, String uuid, HttpServletRequest request) {
String verifyKey = Constants.CAPTCHA_CODE_KEY + uuid;
String captcha = RedisUtils.getCacheObject(verifyKey);
RedisUtils.deleteObject(verifyKey);
if (captcha == null) {
+ asyncService.recordLogininfor(username, Constants.REGISTER, MessageUtils.message("user.jcaptcha.expire"), request);
throw new CaptchaExpireException();
}
if (!code.equalsIgnoreCase(captcha)) {
+ asyncService.recordLogininfor(username, Constants.REGISTER, MessageUtils.message("user.jcaptcha.error"), request);
throw new CaptchaException();
}
}
--
Gitblit v1.9.3