mirror of
https://github.com/dromara/RuoYi-Vue-Plus.git
synced 2025-11-04 16:23:42 +08:00
fix 优化登录、注册校验方式,在接口通过@Validated进行数据基础校验,以及服务执行到异常后,抛出异常结束方法执行(减少if-else嵌套)。
This commit is contained in:
hewenqiang
@@ -51,7 +51,7 @@ public class SysLoginController {
|
||||
*/
|
||||
@ApiOperation("登录方法")
|
||||
@PostMapping("/login")
|
||||
public AjaxResult<Map<String, Object>> login(@RequestBody LoginBody loginBody) {
|
||||
public AjaxResult<Map<String, Object>> login(@Validated @RequestBody LoginBody loginBody) {
|
||||
Map<String, Object> ajax = new HashMap<>();
|
||||
// 生成令牌
|
||||
String token = loginService.login(loginBody.getUsername(), loginBody.getPassword(), loginBody.getCode(),
|
||||
|
||||
@@ -3,7 +3,6 @@ package com.ruoyi.web.controller.system;
|
||||
import com.ruoyi.common.core.controller.BaseController;
|
||||
import com.ruoyi.common.core.domain.AjaxResult;
|
||||
import com.ruoyi.common.core.domain.model.RegisterBody;
|
||||
import com.ruoyi.common.utils.StringUtils;
|
||||
import com.ruoyi.system.service.ISysConfigService;
|
||||
import com.ruoyi.system.service.SysRegisterService;
|
||||
import io.swagger.annotations.Api;
|
||||
@@ -30,11 +29,11 @@ public class SysRegisterController extends BaseController {
|
||||
|
||||
@ApiOperation("用户注册")
|
||||
@PostMapping("/register")
|
||||
public AjaxResult<Void> register(@RequestBody RegisterBody user) {
|
||||
public AjaxResult<Void> register(@Validated @RequestBody RegisterBody user) {
|
||||
if (!("true".equals(configService.selectConfigByKey("sys.account.registerUser")))) {
|
||||
return error("当前系统没有开启注册功能!");
|
||||
}
|
||||
String msg = registerService.register(user);
|
||||
return StringUtils.isEmpty(msg) ? success() : error(msg);
|
||||
registerService.register(user);
|
||||
return success();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
#错误消息
|
||||
not.null=* 必须填写
|
||||
user.jcaptcha.blank=验证码不能为空
|
||||
user.jcaptcha.error=验证码错误
|
||||
user.jcaptcha.expire=验证码已失效
|
||||
user.not.exists=对不起, 您的账号:{0} 不存在.
|
||||
@@ -11,12 +12,18 @@ user.blocked=对不起,您的账号:{0} 已禁用,请联系管理员
|
||||
role.blocked=角色已封禁,请联系管理员
|
||||
user.logout.success=退出成功
|
||||
length.not.valid=长度必须在{min}到{max}个字符之间
|
||||
user.username.not.blank=用户名不能为空
|
||||
user.username.not.valid=* 2到20个汉字、字母、数字或下划线组成,且必须以非数字开头
|
||||
user.username.length.valid=账户长度必须在{min}到{max}个字符之间
|
||||
user.password.not.blank=用户密码不能为空
|
||||
user.password.length.valid=用户密码长度必须在{min}到{max}个字符之间
|
||||
user.password.not.valid=* 5-50个字符
|
||||
user.email.not.valid=邮箱格式错误
|
||||
user.mobile.phone.number.not.valid=手机号格式错误
|
||||
user.login.success=登录成功
|
||||
user.register.success=注册成功
|
||||
user.register.save.error=保存用户 {0} 失败,注册账号已存在
|
||||
user.register.error=注册失败,请联系系统管理人员
|
||||
user.notfound=请重新登录
|
||||
user.forcelogout=管理员强制退出,请重新登录
|
||||
user.unknown.error=未知错误,请重新登录
|
||||
|
||||
@@ -11,12 +11,18 @@ user.blocked=Sorry, your account: {0} has been disabled. Please contact the admi
|
||||
role.blocked=Role disabled,please contact administrators
|
||||
user.logout.success=Exit successful
|
||||
length.not.valid=The length must be between {min} and {max} characters
|
||||
user.username.not.blank=Username cannot be blank
|
||||
user.username.not.valid=* 2 to 20 chinese characters, letters, numbers or underscores, and must start with a non number
|
||||
user.username.length.valid=Account length must be between {min} and {max} characters
|
||||
user.password.not.blank=Password cannot be empty
|
||||
user.password.length.valid=Password length must be between {min} and {max} characters
|
||||
user.password.not.valid=* 5-50 characters
|
||||
user.email.not.valid=Mailbox format error
|
||||
user.mobile.phone.number.not.valid=Phone number format error
|
||||
user.login.success=Login successful
|
||||
user.register.success=Register successful
|
||||
user.register.save.error=Failed to save user {0}, The registered account already exists
|
||||
user.register.error=Register failed, please contact system administrator
|
||||
user.notfound=Please login again
|
||||
user.forcelogout=The administrator is forced to exit,please login again
|
||||
user.unknown.error=Unknown error, please login again
|
||||
|
||||
@@ -11,12 +11,18 @@ user.blocked=对不起,您的账号:{0} 已禁用,请联系管理员
|
||||
role.blocked=角色已封禁,请联系管理员
|
||||
user.logout.success=退出成功
|
||||
length.not.valid=长度必须在{min}到{max}个字符之间
|
||||
user.username.not.blank=用户名不能为空
|
||||
user.username.not.valid=* 2到20个汉字、字母、数字或下划线组成,且必须以非数字开头
|
||||
user.username.length.valid=账户长度必须在{min}到{max}个字符之间
|
||||
user.password.not.blank=用户密码不能为空
|
||||
user.password.length.valid=用户密码长度必须在{min}到{max}个字符之间
|
||||
user.password.not.valid=* 5-50个字符
|
||||
user.email.not.valid=邮箱格式错误
|
||||
user.mobile.phone.number.not.valid=手机号格式错误
|
||||
user.login.success=登录成功
|
||||
user.register.success=注册成功
|
||||
user.register.save.error=保存用户 {0} 失败,注册账号已存在
|
||||
user.register.error=注册失败,请联系系统管理人员
|
||||
user.notfound=请重新登录
|
||||
user.forcelogout=管理员强制退出,请重新登录
|
||||
user.unknown.error=未知错误,请重新登录
|
||||
|
||||
@@ -1,43 +1,52 @@
|
||||
package com.ruoyi.common.core.domain.model;
|
||||
|
||||
import io.swagger.annotations.ApiModel;
|
||||
import io.swagger.annotations.ApiModelProperty;
|
||||
import lombok.Data;
|
||||
import lombok.experimental.Accessors;
|
||||
|
||||
/**
|
||||
* 用户登录对象
|
||||
*
|
||||
* @author Lion Li
|
||||
*/
|
||||
|
||||
@Data
|
||||
@Accessors(chain = true)
|
||||
@ApiModel("用户登录对象")
|
||||
public class LoginBody {
|
||||
|
||||
/**
|
||||
* 用户名
|
||||
*/
|
||||
@ApiModelProperty(value = "用户名")
|
||||
private String username;
|
||||
|
||||
/**
|
||||
* 用户密码
|
||||
*/
|
||||
@ApiModelProperty(value = "用户密码")
|
||||
private String password;
|
||||
|
||||
/**
|
||||
* 验证码
|
||||
*/
|
||||
@ApiModelProperty(value = "验证码")
|
||||
private String code;
|
||||
|
||||
/**
|
||||
* 唯一标识
|
||||
*/
|
||||
@ApiModelProperty(value = "唯一标识")
|
||||
private String uuid = "";
|
||||
|
||||
}
|
||||
package com.ruoyi.common.core.domain.model;
|
||||
|
||||
import com.ruoyi.common.constant.UserConstants;
|
||||
import io.swagger.annotations.ApiModel;
|
||||
import io.swagger.annotations.ApiModelProperty;
|
||||
import lombok.Data;
|
||||
import lombok.experimental.Accessors;
|
||||
import org.hibernate.validator.constraints.Length;
|
||||
|
||||
import javax.validation.constraints.NotBlank;
|
||||
|
||||
/**
|
||||
* 用户登录对象
|
||||
*
|
||||
* @author Lion Li
|
||||
*/
|
||||
|
||||
@Data
|
||||
@Accessors(chain = true)
|
||||
@ApiModel("用户登录对象")
|
||||
public class LoginBody {
|
||||
|
||||
/**
|
||||
* 用户名
|
||||
*/
|
||||
@NotBlank(message = "{user.username.not.blank}")
|
||||
@Length(min = UserConstants.USERNAME_MIN_LENGTH, max = UserConstants.USERNAME_MAX_LENGTH, message = "{user.username.length.valid}")
|
||||
@ApiModelProperty(value = "用户名")
|
||||
private String username;
|
||||
|
||||
/**
|
||||
* 用户密码
|
||||
*/
|
||||
@NotBlank(message = "{user.password.not.blank}")
|
||||
@Length(min = UserConstants.PASSWORD_MIN_LENGTH, max = UserConstants.PASSWORD_MAX_LENGTH, message = "{user.password.length.valid}")
|
||||
@ApiModelProperty(value = "用户密码")
|
||||
private String password;
|
||||
|
||||
/**
|
||||
* 验证码
|
||||
*/
|
||||
@NotBlank(message = "{user.jcaptcha.blank}")
|
||||
@ApiModelProperty(value = "验证码")
|
||||
private String code;
|
||||
|
||||
/**
|
||||
* 唯一标识
|
||||
*/
|
||||
@ApiModelProperty(value = "唯一标识")
|
||||
private String uuid = "";
|
||||
|
||||
}
|
||||
|
||||
@@ -8,14 +8,16 @@ import com.ruoyi.common.core.service.LogininforService;
|
||||
import com.ruoyi.common.enums.UserType;
|
||||
import com.ruoyi.common.exception.user.CaptchaException;
|
||||
import com.ruoyi.common.exception.user.CaptchaExpireException;
|
||||
import com.ruoyi.common.exception.user.UserException;
|
||||
import com.ruoyi.common.utils.MessageUtils;
|
||||
import com.ruoyi.common.utils.SecurityUtils;
|
||||
import com.ruoyi.common.utils.ServletUtils;
|
||||
import com.ruoyi.common.utils.StringUtils;
|
||||
import com.ruoyi.common.utils.redis.RedisUtils;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
/**
|
||||
* 注册校验方法
|
||||
*
|
||||
@@ -32,8 +34,8 @@ public class SysRegisterService {
|
||||
/**
|
||||
* 注册
|
||||
*/
|
||||
public String register(RegisterBody registerBody) {
|
||||
String msg = "";
|
||||
public void register(RegisterBody registerBody) {
|
||||
HttpServletRequest request = ServletUtils.getRequest();
|
||||
String username = registerBody.getUsername();
|
||||
String password = registerBody.getPassword();
|
||||
// 校验用户类型是否存在
|
||||
@@ -42,36 +44,22 @@ public class SysRegisterService {
|
||||
boolean captchaOnOff = configService.selectCaptchaOnOff();
|
||||
// 验证码开关
|
||||
if (captchaOnOff) {
|
||||
validateCaptcha(username, registerBody.getCode(), registerBody.getUuid());
|
||||
validateCaptcha(username, registerBody.getCode(), registerBody.getUuid(), request);
|
||||
}
|
||||
|
||||
if (StringUtils.isEmpty(username)) {
|
||||
msg = "用户名不能为空";
|
||||
} else if (StringUtils.isEmpty(password)) {
|
||||
msg = "用户密码不能为空";
|
||||
} else if (username.length() < UserConstants.USERNAME_MIN_LENGTH
|
||||
|| username.length() > UserConstants.USERNAME_MAX_LENGTH) {
|
||||
msg = "账户长度必须在2到20个字符之间";
|
||||
} else if (password.length() < UserConstants.PASSWORD_MIN_LENGTH
|
||||
|| password.length() > UserConstants.PASSWORD_MAX_LENGTH) {
|
||||
msg = "密码长度必须在5到20个字符之间";
|
||||
} else if (UserConstants.NOT_UNIQUE.equals(userService.checkUserNameUnique(username))) {
|
||||
msg = "保存用户'" + username + "'失败,注册账号已存在";
|
||||
} else {
|
||||
SysUser sysUser = new SysUser();
|
||||
sysUser.setUserName(username);
|
||||
sysUser.setNickName(username);
|
||||
sysUser.setPassword(SecurityUtils.encryptPassword(registerBody.getPassword()));
|
||||
sysUser.setUserType(userType);
|
||||
boolean regFlag = userService.registerUser(sysUser);
|
||||
if (!regFlag) {
|
||||
msg = "注册失败,请联系系统管理人员";
|
||||
} else {
|
||||
asyncService.recordLogininfor(username, Constants.REGISTER,
|
||||
MessageUtils.message("user.register.success"), ServletUtils.getRequest());
|
||||
}
|
||||
if (UserConstants.NOT_UNIQUE.equals(userService.checkUserNameUnique(username))) {
|
||||
throw new UserException("user.register.save.error", username);
|
||||
}
|
||||
return msg;
|
||||
SysUser sysUser = new SysUser();
|
||||
sysUser.setUserName(username);
|
||||
sysUser.setNickName(username);
|
||||
sysUser.setPassword(SecurityUtils.encryptPassword(password));
|
||||
sysUser.setUserType(userType);
|
||||
boolean regFlag = userService.registerUser(sysUser);
|
||||
if (!regFlag) {
|
||||
throw new UserException("user.register.error");
|
||||
}
|
||||
asyncService.recordLogininfor(username, Constants.REGISTER, MessageUtils.message("user.register.success"), request);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -82,14 +70,16 @@ public class SysRegisterService {
|
||||
* @param uuid 唯一标识
|
||||
* @return 结果
|
||||
*/
|
||||
public void validateCaptcha(String username, String code, String uuid) {
|
||||
public void validateCaptcha(String username, String code, String uuid, HttpServletRequest request) {
|
||||
String verifyKey = Constants.CAPTCHA_CODE_KEY + uuid;
|
||||
String captcha = RedisUtils.getCacheObject(verifyKey);
|
||||
RedisUtils.deleteObject(verifyKey);
|
||||
if (captcha == null) {
|
||||
asyncService.recordLogininfor(username, Constants.REGISTER, MessageUtils.message("user.jcaptcha.expire"), request);
|
||||
throw new CaptchaExpireException();
|
||||
}
|
||||
if (!code.equalsIgnoreCase(captcha)) {
|
||||
asyncService.recordLogininfor(username, Constants.REGISTER, MessageUtils.message("user.jcaptcha.error"), request);
|
||||
throw new CaptchaException();
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user