手持提交

12 months ago · 21a54cf05a
11 changed files with 285 additions and 86 deletions
--- a/acs/nladmin-system/nlsso-server/src/main/resources/config/application.yml
+++ b/acs/nladmin-system/nlsso-server/src/main/resources/config/application.yml
@ -2,7 +2,7 @@ spring:
  freemarker:
    check-template-location: false
  profiles:
-    active: dev
+    active: prod
  jackson:
    time-zone: GMT+8
  data:
--- a/lms/nladmin-system/nlsso-server/src/main/java/org/nl/config/ConfigurerAdapter.java
+++ b/lms/nladmin-system/nlsso-server/src/main/java/org/nl/config/ConfigurerAdapter.java
@ -0,0 +1,63 @@
 /*
 *  Copyright 2019-2020 Zheng Jie
 *
 *  Licensed under the Apache License, Version 2.0 (the "License");
 *  you may not use this file except in compliance with the License.
 *  You may obtain a copy of the License at
 *
 *  http://www.apache.org/licenses/LICENSE-2.0
 *
 *  Unless required by applicable law or agreed to in writing, software
 *  distributed under the License is distributed on an "AS IS" BASIS,
 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *  See the License for the specific language governing permissions and
 *  limitations under the License.
 */
 package org.nl.config;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.web.cors.CorsConfiguration;
 import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
 import org.springframework.web.filter.CorsFilter;
 import org.springframework.web.servlet.config.annotation.EnableWebMvc;
 import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 /**
 * WebMvcConfigurer
 *
 * @author Zheng Jie
 * @date 2018-11-30
 */
@Configuration
@EnableWebMvc
 public class ConfigurerAdapter implements WebMvcConfigurer {
    /** 文件配置 */
    private final FileProperties properties;
    public ConfigurerAdapter(FileProperties properties) {
        this.properties = properties;
    }
    @Bean
    public CorsFilter corsFilter() {
        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
        CorsConfiguration config = new CorsConfiguration();
        config.setAllowCredentials(true);
        config.addAllowedOrigin("*");
        config.addAllowedHeader("*");
        config.addAllowedMethod("*");
        source.registerCorsConfiguration("/**", config);
        return new CorsFilter(source);
    }
    @Override
    public void addResourceHandlers(ResourceHandlerRegistry registry) {
        FileProperties.ElPath path = properties.getPath();
        String avatarUtl = "file:" + path.getAvatar().replace("\\","/");
        String pathUtl = "file:" + path.getPath().replace("\\","/");
        registry.addResourceHandler("/avatar/**").addResourceLocations(avatarUtl).setCachePeriod(0);
        registry.addResourceHandler("/file/**").addResourceLocations(pathUtl).setCachePeriod(0);
        registry.addResourceHandler("/**").addResourceLocations("classpath:/META-INF/resources/").setCachePeriod(0);
    }
 }
--- a/lms/nladmin-system/nlsso-server/src/main/java/org/nl/config/saconfig/CorsFilter.java
+++ b/lms/nladmin-system/nlsso-server/src/main/java/org/nl/config/saconfig/CorsFilter.java
@ -1,56 +1,56 @@
-package org.nl.config.saconfig;
+//package org.nl.config.saconfig;
-
+//
-import org.springframework.core.annotation.Order;
+//import org.springframework.core.annotation.Order;
-import org.springframework.stereotype.Component;
+//import org.springframework.stereotype.Component;
-import org.springframework.web.cors.CorsConfiguration;
+//import org.springframework.web.cors.CorsConfiguration;
-
+//
-import javax.servlet.*;
+//import javax.servlet.*;
-import javax.servlet.http.HttpServletRequest;
+//import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+//import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
+//import java.io.IOException;
-
+//
-/**
+///**
- * 跨域过滤器
+// * 跨域过滤器
- * @author kong
+// * @author kong
- */
+// */
-@Component
+//@Component
-@Order(-200)
+//@Order(-200)
-public class CorsFilter implements Filter {
+//public class CorsFilter implements Filter {
-
+//
-	static final String OPTIONS = "OPTIONS";
+//	static final String OPTIONS = "OPTIONS";
-
+//
-	@Override
+//	@Override
-	public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
+//	public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
-			throws IOException, ServletException {
+//			throws IOException, ServletException {
-		HttpServletRequest request = (HttpServletRequest) req;
+//		HttpServletRequest request = (HttpServletRequest) req;
-		HttpServletResponse response = (HttpServletResponse) res;
+//		HttpServletResponse response = (HttpServletResponse) res;
-		// 允许指定域访问跨域资源
+//		// 允许指定域访问跨域资源
-		response.setHeader("Access-Control-Allow-Origin", "*");
+//		response.setHeader("Access-Control-Allow-Origin", "*");
-		// 允许所有请求方式
+//		// 允许所有请求方式
-		response.setHeader("Access-Control-Allow-Methods", "*");
+//		response.setHeader("Access-Control-Allow-Methods", "*");
-		// 有效时间
+//		// 有效时间
-		response.setHeader("Access-Control-Max-Age", "3600");
+//		response.setHeader("Access-Control-Max-Age", "3600");
-		// 允许的header参数
+//		// 允许的header参数
-		response.setHeader("Access-Control-Allow-Headers", "*");
+//		response.setHeader("Access-Control-Allow-Headers", "*");
-		response.setHeader("Access-Control-Allow-Credentials", "true");
+//		response.setHeader("Access-Control-Allow-Credentials", "true");
-
+//
-		// 如果是预检请求，直接返回
+//		// 如果是预检请求，直接返回
-		if (OPTIONS.equals(request.getMethod())) {
+//		if (OPTIONS.equals(request.getMethod())) {
-			System.out.println("=======================浏览器发来了OPTIONS预检请求==========");
+//			System.out.println("=======================浏览器发来了OPTIONS预检请求==========");
-			response.getWriter().print("");
+//			response.getWriter().print("");
-			return;
+//			return;
-		}
+//		}
-
+//
-		// System.out.println("*********************************过滤器被使用**************************");
+//		// System.out.println("*********************************过滤器被使用**************************");
-		chain.doFilter(req, res);
+//		chain.doFilter(req, res);
-	}
+//	}
-
+//
-	@Override
+//	@Override
-	public void init(FilterConfig filterConfig) {
+//	public void init(FilterConfig filterConfig) {
-	}
+//	}
-
+//
-	@Override
+//	@Override
-	public void destroy() {
+//	public void destroy() {
-	}
+//	}
-
+//
-}
+//}
--- a/lms/nladmin-system/nlsso-server/src/main/java/org/nl/system/controller/secutiry/AuthorizationController.java
+++ b/lms/nladmin-system/nlsso-server/src/main/java/org/nl/system/controller/secutiry/AuthorizationController.java
@ -49,11 +49,11 @@ public class AuthorizationController {
    @ApiOperation("登录授权")
    @PostMapping(value = "/login")
-    public ResponseEntity<Object> login(@RequestBody Map authMap) throws Exception {
+    public ResponseEntity<Object> login(@RequestBody Map authMap, HttpServletRequest request) throws Exception {
        if (ObjectUtil.isEmpty(authMap)){
            return ResponseEntity.noContent().build();
        }
-        return ResponseEntity.ok(onlineUserService.login(authMap));
+        return ResponseEntity.ok(onlineUserService.login(authMap, request));
    }
--- a/lms/nladmin-system/nlsso-server/src/main/java/org/nl/system/controller/secutiry/MobileAuthorizationController.java
+++ b/lms/nladmin-system/nlsso-server/src/main/java/org/nl/system/controller/secutiry/MobileAuthorizationController.java
@ -0,0 +1,92 @@
 package org.nl.system.controller.secutiry;
 import cn.dev33.satoken.annotation.SaIgnore;
 import cn.dev33.satoken.secure.SaSecureUtil;
 import cn.dev33.satoken.stp.SaLoginModel;
 import cn.dev33.satoken.stp.StpUtil;
 import cn.hutool.core.util.ObjectUtil;
 import com.alibaba.fastjson.JSON;
 import com.alibaba.fastjson.JSONObject;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.nl.common.exception.BadRequestException;
 import org.nl.common.utils.RsaUtils;
 import org.nl.common.utils.dto.CurrentUser;
 import org.nl.config.RsaProperties;
 import org.nl.system.service.role.ISysRoleService;
 import org.nl.system.service.secutiry.dto.AuthUserDto;
 import org.nl.system.service.user.ISysUserService;
 import org.nl.system.service.user.dao.SysUser;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.ResponseEntity;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 import javax.servlet.http.HttpServletRequest;
 import java.util.List;
 /**
 * @Author: lyd
 * @Description: 手持登录鉴权
 * @Date: 2023/7/31
 */
@Slf4j
@RestController
@RequestMapping("/mobile/auth")
@Api(tags = "手持：系统授权接口")
 public class MobileAuthorizationController {
    @Autowired
    private ISysUserService userService;
    @Autowired
    private ISysRoleService roleService;
    @ApiOperation("登录授权")
    @PostMapping(value = "/login")
    @SaIgnore
    public ResponseEntity<Object> login(@Validated @RequestBody AuthUserDto authUser, HttpServletRequest request) throws Exception {
        // 密码解密 - 前端的加密规则: encrypt（根据实际更改）
        String password = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey, authUser.getPassword());
        // 校验数据库
        // 根据用户名查询，在比对密码
        SysUser userInfo = userService.getOne(new LambdaQueryWrapper<SysUser>()
                .eq(SysUser::getUsername, authUser.getUsername())); // 拿到多个已经抛出异常
        if (ObjectUtil.isEmpty(userInfo) || !userInfo.getPassword().equals(SaSecureUtil.md5BySalt(password, "salt"))) { // 这里需要密码加密
            throw new BadRequestException("账号或密码错误！");
        }
        // 获取权限列表 - 登录查找权限
        List<String> permissionList = roleService.getPermissionList((JSONObject) JSON.toJSON(userInfo));
        if (!userInfo.getIs_used()) {
            throw new BadRequestException("账号未激活");
        }
        // 登录输入，登出删除
        CurrentUser user = new CurrentUser();
        user.setId(userInfo.getUser_id());
        user.setUsername(userInfo.getUsername());
        user.setPresonName(userInfo.getPerson_name());
        user.setUser(userInfo);
        user.setPermissions(permissionList);
        // SaLoginModel 配置登录相关参数
        StpUtil.login(userInfo.getUser_id(), new SaLoginModel()
                .setDevice("PE")                // 此次登录的客户端设备类型, 用于[同端互斥登录]时指定此次登录的设备类型
                .setExtra("loginInfo", user)    // Token挂载的扩展参数 （此方法只有在集成jwt插件时才会生效）
        );
        // 返回 token 与 用户信息
        JSONObject jsonObject = new JSONObject();
 //        jsonObject.put("roles", permissionList);
        jsonObject.put("user", userInfo);
        JSONObject authInfo = new JSONObject(2) {{
            put("token", "Bearer " + StpUtil.getTokenValue());
            put("user", jsonObject);
        }};
        return ResponseEntity.ok(authInfo);
    }
 }
--- a/lms/nladmin-system/nlsso-server/src/main/java/org/nl/system/service/dept/ISysDeptService.java
+++ b/lms/nladmin-system/nlsso-server/src/main/java/org/nl/system/service/dept/ISysDeptService.java
@ -65,4 +65,6 @@ public interface ISysDeptService extends IService<SysDept> {
    void createDept(SysDept dept);
    List<SysDept> getUserDeptByUserId(String userId);
 }
--- a/lms/nladmin-system/nlsso-server/src/main/java/org/nl/system/service/dept/dao/mapper/SysDeptMapper.java
+++ b/lms/nladmin-system/nlsso-server/src/main/java/org/nl/system/service/dept/dao/mapper/SysDeptMapper.java
@ -41,4 +41,6 @@ public interface SysDeptMapper extends BaseMapper<SysDept> {
     * @return
     */
    String findAllChild(String pid);
    List<SysDept> getUserDeptByUserId(String userId);
 }
--- a/lms/nladmin-system/nlsso-server/src/main/java/org/nl/system/service/dept/dao/mapper/SysDeptMapper.xml
+++ b/lms/nladmin-system/nlsso-server/src/main/java/org/nl/system/service/dept/dao/mapper/SysDeptMapper.xml
@ -37,4 +37,17 @@
        </foreach>
        )
    </select>
    <select id="getUserDeptByUserId" resultType="org.nl.system.service.dept.dao.SysDept">
        SELECT
            sd.*
        FROM
            sys_dept sd
        WHERE sd.dept_id IN (
            SELECT
                d.dept_id
            FROM
                `sys_user_dept` d
            WHERE d.user_id = #{userId}
        ) AND sd.is_used = TRUE
    </select>
 </mapper>
--- a/lms/nladmin-system/nlsso-server/src/main/java/org/nl/system/service/dept/impl/SysDeptServiceImpl.java
+++ b/lms/nladmin-system/nlsso-server/src/main/java/org/nl/system/service/dept/impl/SysDeptServiceImpl.java
@ -176,4 +176,9 @@ public class SysDeptServiceImpl extends ServiceImpl<SysDeptMapper, SysDept> impl
            sysDeptMapper.updateSubCount(dept.getPid());
        }
    }
    @Override
    public List<SysDept> getUserDeptByUserId(String userId) {
        return sysDeptMapper.getUserDeptByUserId(userId);
    }
 }
--- a/lms/nladmin-system/nlsso-server/src/main/java/org/nl/system/service/secutiry/impl/OnlineUserService.java
+++ b/lms/nladmin-system/nlsso-server/src/main/java/org/nl/system/service/secutiry/impl/OnlineUserService.java
@ -18,9 +18,11 @@ package org.nl.system.service.secutiry.impl;
 import cn.dev33.satoken.secure.SaSecureUtil;
 import cn.dev33.satoken.stp.SaLoginModel;
 import cn.dev33.satoken.stp.StpUtil;
 import cn.hutool.core.util.ObjectUtil;
 import cn.hutool.core.util.StrUtil;
 import com.alibaba.fastjson.JSON;
 import com.alibaba.fastjson.JSONObject;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import lombok.SneakyThrows;
 import lombok.extern.slf4j.Slf4j;
@ -28,6 +30,8 @@ import org.nl.common.utils.*;
 import org.nl.config.RsaProperties;
 import org.nl.common.exception.BadRequestException;
 import org.nl.common.utils.dto.CurrentUser;
 import org.nl.system.service.dept.ISysDeptService;
 import org.nl.system.service.dept.dao.SysDept;
 import org.nl.system.service.secutiry.dto.UserDto;
 import org.nl.system.service.role.ISysRoleService;
 import org.nl.system.service.secutiry.dto.AuthUserDto;
@ -55,6 +59,8 @@ public class OnlineUserService {
    @Autowired
    private ISysUserService sysUserService;
    @Autowired
    private ISysDeptService deptService;
    @Autowired
    private ISysRoleService roleService;
    @Autowired
    private RedisUtils redisUtils;
@ -69,20 +75,27 @@ public class OnlineUserService {
     * @param token /
     * @param request /
     */
-    public void save(UserDto userDto, String token, HttpServletRequest request){
+    public void save(SysUser userDto, String token, HttpServletRequest request){
-//        String dept = userDto.getDept().getName();
+        // 获取用户部门
-        String dept = "";
+        List<SysDept> userDeptByUserId = deptService.getUserDeptByUserId(userDto.getUser_id());
        StringBuilder sb = new StringBuilder();
        for (SysDept dept : userDeptByUserId) {
            sb.append(dept.getName()).append("、");
        }
        if (sb.length() > 0) {
            sb.setLength(sb.length() - 1);
        }
        String dept = sb.toString();
        String ip = StringUtils.getIp(request);
        String browser = StringUtils.getBrowser(request);
-        // String address = StringUtils.getCityInfo(ip);
+        String address = StringUtils.getCityInfo(ip);
        String address = "局域网";
        OnlineUserDto onlineUserDto = null;
        try {
-//            onlineUserDto = new OnlineUserDto(userDto.getUsername(), userDto.getNickName(), dept, browser , ip, address, EncryptUtils.desEncrypt(token), new Date());
+            onlineUserDto = new OnlineUserDto(userDto.getUsername(), userDto.getPerson_name(), dept, browser , ip, address, EncryptUtils.desEncrypt(token), new Date());
        } catch (Exception e) {
            log.error(e.getMessage(),e);
        }
-        redisUtils.set(token, onlineUserDto, StpUtil.getTokenTimeout());
+        redisUtils.set("oline-" + userDto.getUsername(), onlineUserDto, StpUtil.getTokenTimeout());
    }
    /**
@ -105,32 +118,39 @@ public class OnlineUserService {
     * @return /
     */
    public List<OnlineUserDto> getAll(String filter){
-        List<String> keys = redisUtils.scan("*");
+        List<String> keys = redisUtils.scan("oline-*");
        Collections.reverse(keys);
        List<OnlineUserDto> onlineUserDtos = new ArrayList<>();
        for (String key : keys) {
            if (key.length() == 1511) {
            OnlineUserDto onlineUserDto = (OnlineUserDto) redisUtils.get(key);
                if(StrUtil.isNotEmpty(filter)){
                    if(onlineUserDto.toString().contains(filter)){
                        onlineUserDtos.add(onlineUserDto);
                    }
                } else {
            onlineUserDtos.add(onlineUserDto);
        }
        onlineUserDtos.sort((o1, o2) -> o2.getLoginTime().compareTo(o1.getLoginTime()));
        return onlineUserDtos;
    }
    /**
     * 踢出用户
     * @param key: OnlineUserDto /
     */
    public void kickOut(OnlineUserDto key) {
        // 获取用户
        SysUser one = sysUserService.getOne(new LambdaQueryWrapper<SysUser>().eq(SysUser::getUsername, key.getUserName()));
        if (ObjectUtil.isNotEmpty(one)) {
            redisUtils.del("oline-" + one.getUsername());
        }
-        onlineUserDtos.sort((o1, o2) -> o2.getLoginTime().compareTo(o1.getLoginTime()));
+        // 下线
-        return onlineUserDtos;
+        StpUtil.logoutByTokenValue(key.getKey()); // 通过token强退
    }
    /**
     * 踢出用户
-     * @param key /
+     * @param key：token /
     */
-    public void kickOut(String key){
+    public void kickOut(String key) {
        redisUtils.del(key);
        // 下线
        StpUtil.logoutByTokenValue(key); // 通过token强退
    }
    /**
@ -211,7 +231,7 @@ public class OnlineUserService {
        }
    }
    @SneakyThrows
-    public Map<String, Object>  login(Map paramMap){
+    public Map<String, Object>  login(Map paramMap, HttpServletRequest request){
        // 密码解密 - 前端的加密规则: encrypt
        AuthUserDto authUser = JSON.toJavaObject((JSON) JSON.toJSON(paramMap), AuthUserDto.class);
        String password = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey, authUser.getPassword());
@ -263,7 +283,7 @@ public class OnlineUserService {
            put("user", user);
        }};
        // 保存在线信息
-//        onlineUserService.save(userDto, StpUtil.getTokenValue(), request);
+        this.save(userInfo, StpUtil.getTokenValue(), request);
        return authInfo;
    }
 }
--- a/lms/nladmin-system/nlsso-server/src/main/java/org/nl/wms/sch/task_manage/task/TaskFactory.java
+++ b/lms/nladmin-system/nlsso-server/src/main/java/org/nl/wms/sch/task_manage/task/TaskFactory.java
@ -3,6 +3,7 @@ package org.nl.wms.sch.task_manage.task;
 import org.nl.wms.sch.task_manage.AbstractTask;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.ApplicationContext;
 import org.springframework.context.annotation.Lazy;
 import org.springframework.stereotype.Component;
 import java.util.HashMap;
@ -15,6 +16,7 @@ import java.util.Map;
 * @desc 采用获取注解来标识任务类型，并通过扫描和反射的方式来获取任务实例
 */
@Component
@Lazy
 public class TaskFactory {
    private final Map<String, AbstractTask> taskMap;