mirror of
https://gitee.com/lab1024/smart-admin.git
synced 2025-11-10 04:33:47 +08:00
v3.25.0【优化】密码加密随机盐;【优化】java依赖版本;【优化】后端依赖库;【优化】单号生成器;【优化】防重复提交;【优化】sa-base.yaml健康检查邮箱;【新增】前端夜间模式;【优化】标签页issue;【优化】字典int回显bug
This commit is contained in:
zhuoda
@@ -4,7 +4,6 @@ import cn.dev33.satoken.annotation.SaIgnore;
|
||||
import cn.dev33.satoken.exception.SaTokenException;
|
||||
import cn.dev33.satoken.stp.StpUtil;
|
||||
import cn.dev33.satoken.strategy.SaAnnotationStrategy;
|
||||
import cn.dev33.satoken.strategy.SaStrategy;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import net.lab1024.sa.admin.module.system.login.domain.RequestEmployee;
|
||||
import net.lab1024.sa.admin.module.system.login.service.LoginService;
|
||||
@@ -69,6 +68,7 @@ public class AdminInterceptor implements HandlerInterceptor {
|
||||
NoNeedLogin noNeedLogin = ((HandlerMethod) handler).getMethodAnnotation(NoNeedLogin.class);
|
||||
if (noNeedLogin != null) {
|
||||
checkActiveTimeout(requestEmployee);
|
||||
SmartRequestUtil.setRequestUser(requestEmployee);
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
@@ -36,7 +36,7 @@ public class DepartmentEntity {
|
||||
/**
|
||||
* 负责人员工 id
|
||||
*/
|
||||
@TableField(updateStrategy = FieldStrategy.IGNORED)
|
||||
@TableField(updateStrategy = FieldStrategy.NEVER)
|
||||
private Long managerId;
|
||||
|
||||
/**
|
||||
|
||||
@@ -23,6 +23,12 @@ public class EmployeeEntity {
|
||||
@TableId(type = IdType.AUTO)
|
||||
private Long employeeId;
|
||||
|
||||
/**
|
||||
* 唯一id
|
||||
*/
|
||||
private String employeeUid;
|
||||
|
||||
|
||||
/**
|
||||
* 登录账号
|
||||
*/
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
package net.lab1024.sa.admin.module.system.employee.service;
|
||||
|
||||
import cn.dev33.satoken.stp.StpUtil;
|
||||
import cn.hutool.core.lang.UUID;
|
||||
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
|
||||
import com.google.common.collect.Lists;
|
||||
import net.lab1024.sa.admin.module.system.department.dao.DepartmentDao;
|
||||
@@ -138,16 +139,20 @@ public class EmployeeService {
|
||||
}
|
||||
|
||||
EmployeeEntity entity = SmartBeanUtil.copy(employeeAddForm, EmployeeEntity.class);
|
||||
// 员工uid
|
||||
String employeeUid = UUID.randomUUID(true).toString(true);
|
||||
entity.setEmployeeUid(employeeUid);
|
||||
|
||||
// 设置密码 默认密码
|
||||
String password = securityPasswordService.randomPassword();
|
||||
entity.setLoginPwd(SecurityPasswordService.getEncryptPwd(password));
|
||||
// 设置密码 随机密码
|
||||
String randomPassword = securityPasswordService.randomPassword();
|
||||
String generateSaltPassword = this.generateSaltPassword(randomPassword, employeeUid);
|
||||
entity.setLoginPwd(SecurityPasswordService.getEncryptPwd(generateSaltPassword));
|
||||
|
||||
// 保存数据
|
||||
entity.setDeletedFlag(Boolean.FALSE);
|
||||
employeeManager.saveEmployee(entity, employeeAddForm.getRoleIdList());
|
||||
|
||||
return ResponseDTO.ok(password);
|
||||
return ResponseDTO.ok(randomPassword);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -241,7 +246,6 @@ public class EmployeeService {
|
||||
|
||||
/**
|
||||
* 更新登录人头像
|
||||
*
|
||||
*/
|
||||
public ResponseDTO<String> updateAvatar(EmployeeUpdateAvatarForm employeeUpdateAvatarForm) {
|
||||
Long employeeId = employeeUpdateAvatarForm.getEmployeeId();
|
||||
@@ -343,12 +347,12 @@ public class EmployeeService {
|
||||
}
|
||||
|
||||
// 校验原始密码
|
||||
if (!SecurityPasswordService.matchesPwd(updatePasswordForm.getOldPassword(),employeeEntity.getLoginPwd()) ) {
|
||||
if (!SecurityPasswordService.matchesPwd(this.generateSaltPassword(updatePasswordForm.getOldPassword(), employeeEntity.getEmployeeUid()), employeeEntity.getLoginPwd())) {
|
||||
return ResponseDTO.userErrorParam("原密码有误,请重新输入");
|
||||
}
|
||||
|
||||
// 新旧密码相同
|
||||
if (Objects.equals(updatePasswordForm.getOldPassword(), updatePasswordForm.getNewPassword()) ){
|
||||
if (Objects.equals(updatePasswordForm.getOldPassword(), updatePasswordForm.getNewPassword())) {
|
||||
return ResponseDTO.userErrorParam("新密码与原始密码相同,请重新输入");
|
||||
}
|
||||
|
||||
@@ -359,14 +363,13 @@ public class EmployeeService {
|
||||
}
|
||||
|
||||
// 根据三级等保规则,校验密码是否重复
|
||||
ResponseDTO<String> passwordRepeatTimes = securityPasswordService.validatePasswordRepeatTimes(requestUser, updatePasswordForm.getNewPassword());
|
||||
ResponseDTO<String> passwordRepeatTimes = securityPasswordService.validatePasswordRepeatTimes(requestUser, this.generateSaltPassword(updatePasswordForm.getNewPassword(), employeeEntity.getEmployeeUid()));
|
||||
if (!passwordRepeatTimes.getOk()) {
|
||||
return ResponseDTO.error(passwordRepeatTimes);
|
||||
}
|
||||
|
||||
|
||||
// 更新密码
|
||||
String newEncryptPassword = SecurityPasswordService.getEncryptPwd(updatePasswordForm.getNewPassword());
|
||||
String newEncryptPassword = SecurityPasswordService.getEncryptPwd(this.generateSaltPassword(updatePasswordForm.getNewPassword(), employeeEntity.getEmployeeUid()));
|
||||
EmployeeEntity updateEntity = new EmployeeEntity();
|
||||
updateEntity.setEmployeeId(employeeId);
|
||||
updateEntity.setLoginPwd(newEncryptPassword);
|
||||
@@ -405,8 +408,14 @@ public class EmployeeService {
|
||||
* 重置密码
|
||||
*/
|
||||
public ResponseDTO<String> resetPassword(Long employeeId) {
|
||||
EmployeeEntity employeeEntity = employeeDao.selectById(employeeId);
|
||||
if (employeeEntity == null) {
|
||||
return ResponseDTO.error(UserErrorCode.DATA_NOT_EXIST);
|
||||
}
|
||||
|
||||
String password = securityPasswordService.randomPassword();
|
||||
employeeDao.updatePassword(employeeId, SecurityPasswordService.getEncryptPwd(password));
|
||||
String saltPassword = this.generateSaltPassword(password, employeeEntity.getEmployeeUid());
|
||||
employeeDao.updatePassword(employeeId, SecurityPasswordService.getEncryptPwd(saltPassword));
|
||||
return ResponseDTO.ok(password);
|
||||
}
|
||||
|
||||
@@ -426,4 +435,14 @@ public class EmployeeService {
|
||||
return employeeDao.getByLoginName(loginName, false);
|
||||
}
|
||||
|
||||
/**
|
||||
* 生成加盐密码
|
||||
* 格式为:[password]_[uid大写]_[uid小写]
|
||||
*/
|
||||
public String generateSaltPassword(String password, String employeeUid) {
|
||||
return password + StringConst.UNDERLINE +
|
||||
employeeUid.toUpperCase() +
|
||||
StringConst.UNDERLINE +
|
||||
employeeUid.toLowerCase();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -58,7 +58,7 @@ public class LoginController {
|
||||
return ResponseDTO.ok(loginResult);
|
||||
}
|
||||
|
||||
@Operation(summary = "退出登陆 @author 卓大")
|
||||
@Operation(summary = "退出登录 @author 卓大")
|
||||
@GetMapping("/login/logout")
|
||||
public ResponseDTO<String> logout() {
|
||||
return loginService.logout(SmartRequestUtil.getRequestUser());
|
||||
|
||||
@@ -7,7 +7,6 @@ import cn.hutool.core.util.NumberUtil;
|
||||
import cn.hutool.core.util.RandomUtil;
|
||||
import cn.hutool.extra.servlet.ServletUtil;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import net.lab1024.sa.admin.module.system.department.domain.vo.DepartmentVO;
|
||||
import net.lab1024.sa.admin.module.system.department.service.DepartmentService;
|
||||
import net.lab1024.sa.admin.module.system.employee.domain.entity.EmployeeEntity;
|
||||
import net.lab1024.sa.admin.module.system.employee.service.EmployeeService;
|
||||
@@ -49,8 +48,6 @@ import net.lab1024.sa.base.module.support.securityprotect.domain.LoginFailEntity
|
||||
import net.lab1024.sa.base.module.support.securityprotect.service.Level3ProtectConfigService;
|
||||
import net.lab1024.sa.base.module.support.securityprotect.service.SecurityLoginService;
|
||||
import net.lab1024.sa.base.module.support.securityprotect.service.SecurityPasswordService;
|
||||
import org.apache.commons.lang3.BooleanUtils;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
@@ -82,9 +79,6 @@ public class LoginService implements StpInterface {
|
||||
@Resource
|
||||
private EmployeeService employeeService;
|
||||
|
||||
@Resource
|
||||
private DepartmentService departmentService;
|
||||
|
||||
@Resource
|
||||
private CaptchaService captchaService;
|
||||
|
||||
@@ -106,9 +100,6 @@ public class LoginService implements StpInterface {
|
||||
@Resource
|
||||
private SecurityPasswordService protectPasswordService;
|
||||
|
||||
@Resource
|
||||
private IFileStorageService fileStorageService;
|
||||
|
||||
@Resource
|
||||
private ApiEncryptService apiEncryptService;
|
||||
|
||||
@@ -132,7 +123,7 @@ public class LoginService implements StpInterface {
|
||||
}
|
||||
|
||||
/**
|
||||
* 员工登陆
|
||||
* 员工登录
|
||||
*
|
||||
* @return 返回用户登录信息
|
||||
*/
|
||||
@@ -196,7 +187,7 @@ public class LoginService implements StpInterface {
|
||||
}
|
||||
|
||||
// 密码错误
|
||||
if (!SecurityPasswordService.matchesPwd(requestPassword, employeeEntity.getLoginPwd())) {
|
||||
if (!SecurityPasswordService.matchesPwd(employeeService.generateSaltPassword(requestPassword, employeeEntity.getEmployeeUid()), employeeEntity.getLoginPwd())) {
|
||||
// 记录登录失败
|
||||
saveLoginLog(employeeEntity, ip, userAgent, "密码错误", LoginLogResultEnum.LOGIN_FAIL, loginDeviceEnum);
|
||||
// 记录等级保护次数
|
||||
@@ -273,7 +264,7 @@ public class LoginService implements StpInterface {
|
||||
|
||||
|
||||
/**
|
||||
* 根据登陆token 获取员请求工信息
|
||||
* 根据登录token 获取员请求工信息
|
||||
*/
|
||||
public RequestEmployee getLoginEmployee(String loginId, HttpServletRequest request) {
|
||||
if (loginId == null) {
|
||||
|
||||
@@ -2,9 +2,6 @@ package net.lab1024.sa.admin.module.system.role.domain.vo;
|
||||
|
||||
import io.swagger.v3.oas.annotations.media.Schema;
|
||||
import lombok.Data;
|
||||
import org.hibernate.validator.constraints.Length;
|
||||
|
||||
import javax.validation.constraints.NotNull;
|
||||
|
||||
/**
|
||||
* 角色
|
||||
|
||||
@@ -3,7 +3,6 @@ package net.lab1024.sa.admin.module.system.role.manager;
|
||||
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
|
||||
import net.lab1024.sa.admin.module.system.role.dao.RoleMenuDao;
|
||||
import net.lab1024.sa.admin.module.system.role.domain.entity.RoleMenuEntity;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
|
||||
@@ -1,14 +1,13 @@
|
||||
package net.lab1024.sa.admin.module.system.role.service;
|
||||
|
||||
import com.google.common.collect.Lists;
|
||||
import net.lab1024.sa.admin.module.system.role.domain.entity.RoleDataScopeEntity;
|
||||
import net.lab1024.sa.admin.module.system.role.domain.form.RoleDataScopeUpdateForm;
|
||||
import net.lab1024.sa.admin.module.system.role.domain.vo.RoleDataScopeVO;
|
||||
import net.lab1024.sa.admin.module.system.role.manager.RoleDataScopeManager;
|
||||
import net.lab1024.sa.base.common.code.UserErrorCode;
|
||||
import net.lab1024.sa.base.common.domain.ResponseDTO;
|
||||
import net.lab1024.sa.base.common.util.SmartBeanUtil;
|
||||
import net.lab1024.sa.admin.module.system.role.domain.entity.RoleDataScopeEntity;
|
||||
import net.lab1024.sa.admin.module.system.role.manager.RoleDataScopeManager;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
import org.springframework.util.CollectionUtils;
|
||||
|
||||
Reference in New Issue
Block a user