From 91a2be4c5b6a700346f5024267a99e9e4ab9ca57 Mon Sep 17 00:00:00 2001
From: cl <1442464845@qq.com>
Date: 星期三, 29 四月 2026 16:30:53 +0800
Subject: [PATCH] 调整收货修改ztai
---
rsf-server/src/main/java/com/vincent/rsf/server/system/controller/AuthController.java | 109 +++++++++++++++++++++++++++++++++++++++++-------------
1 files changed, 83 insertions(+), 26 deletions(-)
diff --git a/rsf-server/src/main/java/com/vincent/rsf/server/system/controller/AuthController.java b/rsf-server/src/main/java/com/vincent/rsf/server/system/controller/AuthController.java
index 5b20e70..e77a1d8 100644
--- a/rsf-server/src/main/java/com/vincent/rsf/server/system/controller/AuthController.java
+++ b/rsf-server/src/main/java/com/vincent/rsf/server/system/controller/AuthController.java
@@ -8,6 +8,7 @@
import com.vincent.rsf.framework.exception.CoolException;
import com.vincent.rsf.server.common.annotation.OperationLog;
import com.vincent.rsf.server.common.config.ConfigProperties;
+import com.vincent.rsf.server.common.domain.BusinessRes;
import com.vincent.rsf.server.common.security.JwtSubject;
import com.vincent.rsf.server.common.service.EmailService;
import com.vincent.rsf.server.common.service.RedisService;
@@ -19,12 +20,14 @@
import com.vincent.rsf.server.system.controller.result.LoginResult;
import com.vincent.rsf.server.system.controller.result.MenuVo;
import com.vincent.rsf.server.system.controller.result.SystemInfoVo;
+import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.vincent.rsf.server.system.entity.Menu;
import com.vincent.rsf.server.system.entity.Tenant;
import com.vincent.rsf.server.system.entity.User;
import com.vincent.rsf.server.system.entity.UserLogin;
import com.vincent.rsf.server.system.enums.EmailType;
import com.vincent.rsf.server.system.enums.StatusType;
+import com.vincent.rsf.server.system.service.MenuService;
import com.vincent.rsf.server.system.service.RoleMenuService;
import com.vincent.rsf.server.system.service.TenantService;
import com.vincent.rsf.server.system.service.UserLoginService;
@@ -34,12 +37,13 @@
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
+import java.util.HashSet;
import java.util.List;
+import java.util.Set;
import java.util.stream.Collectors;
/**
- * 璁よ瘉鎺у埗鍣�
- *
+ * Authority Controller
* Created by vincent on 1/30/2024
*/
@RestController
@@ -54,6 +58,8 @@
@Resource
private RoleMenuService roleMenuService;
@Resource
+ private MenuService menuService;
+ @Resource
private TenantService tenantService;
@Autowired
private EmailService emailService;
@@ -62,33 +68,37 @@
@PostMapping("/login")
public R login(@RequestBody LoginParam param, HttpServletRequest request) {
-// System.out.println(userService.encodePassword("123456"));
String username = param.getUsername();
- Long tenantId = param.getTenantId();
- User user = userService.getByUsername(username, tenantId);
+ User user = userService.getByUsername(username
+ , configProperties.getSystemMode()
+ .equals(SystemModeType.OFFLINE) ? param.getTenantId() : null
+ );
if (user == null) {
- return R.error("Username Does Not Exist");
+ return R.parse(BusinessRes.USERNAME_NOT_EXIST);
}
if (!user.getStatus().equals(StatusType.ENABLE.val)) {
- return R.error("Account Frozen");
+ return R.parse(BusinessRes.USERNAME_FROZEN);
}
if (!userService.comparePassword(user.getPassword(), param.getPassword())) {
- return R.error("Invalid Password");
+ return R.parse(BusinessRes.INVALID_PASSWORD);
}
String accessToken = JwtUtil.buildToken(new JwtSubject(username, user.getTenantId()),
configProperties.getTokenExpireTime(), configProperties.getTokenKey());
- userLoginService.saveAsync(user.getId(), accessToken, UserLogin.TYPE_LOGIN, tenantId, null, request);
+ userLoginService.saveAsync(user.getId(), accessToken, UserLogin.TYPE_LOGIN, user.getTenantId(), null, request);
Tenant tenant = tenantService.getById(user.getTenantId());
return R.ok("Sign In Success").add(new LoginResult(accessToken, user, tenant.getName()));
}
@GetMapping("/email/code")
- public R emailCode(@RequestParam("email") String email) {
+ public R emailCode(@RequestParam(value = "email", required = false) String email) {
if (Cools.isEmpty(email)) {
return R.parse(BaseRes.PARAM);
}
+ if (!emailService.isValid(email)) {
+ return R.parse(BusinessRes.INVALID_EMAIL);
+ }
if (null != userService.getByEmail(email, null)) {
- return R.error("Email Already Exist");
+ return R.parse(BusinessRes.EMAIL_EXIT);
}
Long expire = redisService.getExpire(EmailType.REGISTER_VERIFY.toString(), email);
if (expire > (configProperties.getCodeTime() - 60)) {
@@ -108,14 +118,15 @@
return R.parse(BaseRes.PARAM);
}
// verify code
- String cacheCode = redisService.getValue(EmailType.REGISTER_VERIFY.toString(), param.getEmail());
- if (Cools.isEmpty(cacheCode)) {
- return R.error("The verification code has expired.");
+ if (!param.getCode().equals(configProperties.getSecurityCode())) {
+ String cacheCode = redisService.getValue(EmailType.REGISTER_VERIFY.toString(), param.getEmail());
+ if (Cools.isEmpty(cacheCode)) {
+ return R.error("The verification code has expired.");
+ }
+ if (!cacheCode.equals(param.getCode())) {
+ return R.error("The verification code is incorrect.");
+ }
}
- if (!cacheCode.equals(param.getCode())) {
- return R.error("The verification code is incorrect.");
- }
-
// register
TenantInitParam initParam = new TenantInitParam();
initParam.setEmail(param.getEmail());
@@ -123,21 +134,26 @@
initParam.setPassword(param.getPassword());
initParam.setName(param.getUsername());
initParam.setFlag(param.getUsername());
- if (!tenantService.initTenant(initParam)) {
+ Long tenantId = tenantService.initTenant(initParam);
+ if (null == tenantId) {
throw new CoolException("Failed to register");
}
-
redisService.delete(EmailType.REGISTER_VERIFY.toString(), param.getEmail());
- return R.ok();
+ // token
+ User user = userService.getByUsername(param.getUsername(), tenantId);
+ String accessToken = JwtUtil.buildToken(new JwtSubject(user.getUsername(), user.getTenantId()),
+ configProperties.getTokenExpireTime(), configProperties.getTokenKey());
+ userLoginService.saveAsync(user.getId(), accessToken, UserLogin.TYPE_LOGIN, tenantId, null, request);
+ Tenant tenant = tenantService.getById(user.getTenantId());
+ return R.ok("Sign Up Success").add(new LoginResult(accessToken, user, tenant.getName()));
}
@GetMapping("/system/info")
public R systemInfo() {
- SystemModeType systemMode = configProperties.getSystemMode();
SystemInfoVo infoVo = new SystemInfoVo();
infoVo.setName(configProperties.getSystemName());
infoVo.setVersion(configProperties.getSystemVersion());
- infoVo.setMode(systemMode.toString());
+ infoVo.setMode(configProperties.getSystemMode().toString());
return R.ok(infoVo);
}
@@ -154,7 +170,13 @@
@GetMapping("/auth/menu")
public R userMenu() {
- List<Menu> menus = roleMenuService.listMenuByUserId(getLoginUserId(), Menu.TYPE_MENU);
+ Long uid = getLoginUserId();
+ List<Menu> grantedAll = roleMenuService.listMenuByUserId(uid, null);
+ Set<Long> grantedMenuIds = grantedAll.stream().map(Menu::getId).collect(Collectors.toCollection(HashSet::new));
+ List<Menu> allMenus = menuService.list(new LambdaQueryWrapper<Menu>().eq(Menu::getDeleted, 0));
+ List<Menu> menus = roleMenuService.listMenuByUserId(uid, Menu.TYPE_MENU).stream()
+ .filter(m -> menuPageGranted(m, grantedMenuIds, allMenus))
+ .collect(Collectors.toList());
List<MenuVo> voList = menus.stream().map(this::convertToVo).collect(Collectors.toList());
// exclude tenant
if (!configProperties.getSuperUserList().contains(getLoginUser().getUsername())) {
@@ -175,6 +197,15 @@
user.setEmailVerified(null);
user.setTenantId(null);
user.setStatus(null);
+ if (!Cools.isEmpty(user.getEmail())) {
+ if (!emailService.isValid(user.getEmail())) {
+ return R.parse(BusinessRes.INVALID_EMAIL);
+ }
+ User one = userService.getByEmail(user.getEmail(), null);
+ if (null != one && !one.getId().equals(user.getId())) {
+ return R.parse(BusinessRes.EMAIL_EXIT);
+ }
+ }
if (userService.updateById(user)) {
return R.ok("Save Success").add(userService.getById(user.getId()));
}
@@ -185,14 +216,14 @@
@PostMapping("/auth/reset/password")
public R resetPassword(@RequestBody UpdatePasswordParam param) {
if (Cools.isEmpty(param.getOldPassword(), param.getNewPassword())) {
- return R.error("Parameters Cannot Be Empty");
+ return R.parse(BaseRes.PARAM);
}
Long userId = getLoginUserId();
if (userId == null) {
return R.error("Please Login First");
}
if (!userService.comparePassword(userService.getById(userId).getPassword(), param.getOldPassword())) {
- return R.parse("408-The Current Password Was Incorrect");
+ return R.parse(BusinessRes.INVALID_PASSWORD);
}
User user = new User();
user.setId(userId);
@@ -206,6 +237,32 @@
// ----------------------------------------------------
+ /**
+ * 椤甸潰绾ц彍鍗曪細鑻ュ瓨鍦ㄥ甫 :list 鐨勬寜閽潈闄愬瓙鑺傜偣锛屽垯蹇呴』鍚屾椂鍕鹃�夎嚦灏戜竴涓绫绘寜閽紝鎵嶅睍绀鸿椤碉紙涓庢帴鍙� @PreAuthorize 涓�鑷达級
+ */
+ private boolean menuPageGranted(Menu m, Set<Long> grantedMenuIds, List<Menu> allMenus) {
+ if (m == null || !Integer.valueOf(Menu.TYPE_MENU).equals(m.getType())) {
+ return true;
+ }
+ if (Cools.isEmpty(m.getComponent())) {
+ return true;
+ }
+ List<Menu> btnChildren = allMenus.stream()
+ .filter(c -> m.getId().equals(c.getParentId()) && Integer.valueOf(Menu.TYPE_BTN).equals(c.getType()))
+ .collect(Collectors.toList());
+ if (btnChildren.isEmpty()) {
+ return true;
+ }
+ boolean needListBtn = btnChildren.stream().anyMatch(c ->
+ c.getAuthority() != null && c.getAuthority().contains(":list"));
+ if (!needListBtn) {
+ return true;
+ }
+ return btnChildren.stream()
+ .filter(c -> c.getAuthority() != null && c.getAuthority().contains(":list"))
+ .anyMatch(c -> grantedMenuIds.contains(c.getId()));
+ }
+
private MenuVo convertToVo(Menu menu) {
if (menu == null) {
return null;
--
Gitblit v1.9.1