huanghai
/
QingLong
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'main' of http://10.10.14.176:3000/huanghai/QingLong

Browse Source
main
kgdxpr 2 years ago
parent 1ea100db82 c86dc5c0e2
commit b2bc43ab64
6 changed files with 125 additions and 119 deletions
Show Stats Download Patch File Download Diff File

0
Doc/Linux安全扫描工具ClamAV安装及使用(1).txt → Doc/Linux安全扫描工具ClamAV安装及使用.txt
Unescape View File

131
src/main/java/com/dsideal/QingLong/Collect/Controller/CollectController.java
Unescape View File

@ -43,7 +43,6 @@ public class CollectController extends Controller {
BaseModel bm = new BaseModel(); BaseModel bm = new BaseModel();
String basePath = CommonUtil.WebRoot + File.separator + "Excel"; String basePath = CommonUtil.WebRoot + File.separator + "Excel";
/********EXCEL****************************************************** /********EXCEL******************************************************
/** /**
* EXCEL * EXCEL
@ -132,7 +131,7 @@ public class CollectController extends Controller {
* *
* @param job_id * @param job_id
*/ */
@Before({GET.class, RepeatIntercetpor.class}) @Before({GET.class})
@IsLoginInterface({}) @IsLoginInterface({})
@IsNumericInterface({"job_id"}) @IsNumericInterface({"job_id"})
public void getSheets(int job_id) { public void getSheets(int job_id) {
@ -147,7 +146,7 @@ public class CollectController extends Controller {
* @param sheet_index * @param sheet_index
* @return * @return
*/ */
@Before({GET.class, RepeatIntercetpor.class}) @Before({GET.class})
@IsLoginInterface({}) @IsLoginInterface({})
@IsNumericInterface({"job_id", "sheet_index"}) @IsNumericInterface({"job_id", "sheet_index"})
public void getSheetStruct(int job_id, int sheet_index) { public void getSheetStruct(int job_id, int sheet_index) {
@ -162,7 +161,7 @@ public class CollectController extends Controller {
/** /**
* *
*/ */
@Before({GET.class, RepeatIntercetpor.class}) @Before({GET.class})
@IsLoginInterface({}) @IsLoginInterface({})
public void getDataTypeDict() { public void getDataTypeDict() {
List<Record> list = cm.getDataTypeDict(); List<Record> list = cm.getDataTypeDict();
@ -666,7 +665,7 @@ public class CollectController extends Controller {
/** /**
* *
*/ */
@Before({GET.class, RepeatIntercetpor.class}) @Before({GET.class})
@IsLoginInterface({}) @IsLoginInterface({})
public void getJobList(String job_name, int page, int limit) throws ParseException { public void getJobList(String job_name, int page, int limit) throws ParseException {
//操作人员 //操作人员
@ -688,7 +687,7 @@ public class CollectController extends Controller {
* *
* @return * @return
*/ */
@Before({GET.class, RepeatIntercetpor.class}) @Before({GET.class})
@IsLoginInterface({}) @IsLoginInterface({})
public void getBureauType() { public void getBureauType() {
List<Record> list = cm.getBureauType(); List<Record> list = cm.getBureauType();
@ -711,7 +710,7 @@ public class CollectController extends Controller {
* *
* @return * @return
*/ */
@Before({GET.class, RepeatIntercetpor.class}) @Before({GET.class})
@IsLoginInterface({}) @IsLoginInterface({})
@LayUiPageInfoInterface({"page", "limit"}) @LayUiPageInfoInterface({"page", "limit"})
@EmptyInterface({"bureau_type_ids"}) @EmptyInterface({"bureau_type_ids"})
@ -738,7 +737,7 @@ public class CollectController extends Controller {
* @param bureauIds * @param bureauIds
* @param groupIds * @param groupIds
*/ */
@Before({GET.class, RepeatIntercetpor.class}) @Before({GET.class})
@IsLoginInterface({}) @IsLoginInterface({})
public void isExistXianQuJiaoYuJu(String bureauIds, String groupIds) { public void isExistXianQuJiaoYuJu(String bureauIds, String groupIds) {
if (StrKit.isBlank(bureauIds) && StrKit.isBlank(groupIds)) { if (StrKit.isBlank(bureauIds) && StrKit.isBlank(groupIds)) {
@ -825,7 +824,7 @@ public class CollectController extends Controller {
* *
* @param job_id * @param job_id
*/ */
@Before({GET.class, RepeatIntercetpor.class}) @Before({GET.class})
@IsLoginInterface({}) @IsLoginInterface({})
@IsNumericInterface({"job_id"}) @IsNumericInterface({"job_id"})
public void getJob(int job_id) { public void getJob(int job_id) {
@ -874,7 +873,7 @@ public class CollectController extends Controller {
* @param bureau_id * @param bureau_id
* @param type_id 1:EXCEL 2PDF线 * @param type_id 1:EXCEL 2PDF线
*/ */
@Before({GET.class, RepeatIntercetpor.class}) @Before({GET.class})
@IsLoginInterface({}) @IsLoginInterface({})
@IsNumericInterface({"job_id", "type_id"}) @IsNumericInterface({"job_id", "type_id"})
public void getJobBureauFillInfo(int job_id, String bureau_id, int type_id) throws Exception { public void getJobBureauFillInfo(int job_id, String bureau_id, int type_id) throws Exception {
@ -951,7 +950,7 @@ public class CollectController extends Controller {
* @param limit * @param limit
* @param fill_type_id 123 * @param fill_type_id 123
*/ */
@Before({GET.class, RepeatIntercetpor.class}) @Before({GET.class})
@IsLoginInterface({}) @IsLoginInterface({})
@IsNumericInterface({"job_id", "is_finish"}) @IsNumericInterface({"job_id", "is_finish"})
@LayUiPageInfoInterface({"page", "limit"}) @LayUiPageInfoInterface({"page", "limit"})
@ -972,7 +971,7 @@ public class CollectController extends Controller {
* @param limit * @param limit
* @param forward_progress 012 * @param forward_progress 012
*/ */
@Before({GET.class, RepeatIntercetpor.class}) @Before({GET.class})
@IsLoginInterface({}) @IsLoginInterface({})
@IsNumericInterface({"is_finish"}) @IsNumericInterface({"is_finish"})
@LayUiPageInfoInterface({"page", "limit"}) @LayUiPageInfoInterface({"page", "limit"})
@ -996,7 +995,7 @@ public class CollectController extends Controller {
* *
* @param job_id ID * @param job_id ID
*/ */
@Before({GET.class, RepeatIntercetpor.class}) @Before({GET.class})
@IsLoginInterface({}) @IsLoginInterface({})
@IsNumericInterface({"job_id"}) @IsNumericInterface({"job_id"})
public void viewJobPerson(int job_id) { public void viewJobPerson(int job_id) {
@ -1014,7 +1013,7 @@ public class CollectController extends Controller {
* @param page * @param page
* @param limit * @param limit
*/ */
@Before({GET.class, RepeatIntercetpor.class}) @Before({GET.class})
@IsLoginInterface({}) @IsLoginInterface({})
@IsNumericInterface({"is_finish"}) @IsNumericInterface({"is_finish"})
@LayUiPageInfoInterface({"page", "limit"}) @LayUiPageInfoInterface({"page", "limit"})
@ -1100,7 +1099,7 @@ public class CollectController extends Controller {
* @param job_id * @param job_id
* @param target_id http://10.10.21.20:9000/QingLong/collect/getJobUploadList?job_id=42 * @param target_id http://10.10.21.20:9000/QingLong/collect/getJobUploadList?job_id=42
*/ */
@Before({GET.class, RepeatIntercetpor.class}) @Before({GET.class})
@IsLoginInterface({}) @IsLoginInterface({})
@IsNumericInterface({"job_id"}) @IsNumericInterface({"job_id"})
public void getJobUploadList(int job_id, String target_id) { public void getJobUploadList(int job_id, String target_id) {
@ -1262,7 +1261,7 @@ public class CollectController extends Controller {
* @param job_id * @param job_id
* @param target_id * @param target_id
*/ */
@Before({GET.class, RepeatIntercetpor.class}) @Before({GET.class})
@IsLoginInterface({}) @IsLoginInterface({})
@IsNumericInterface({"job_id"}) @IsNumericInterface({"job_id"})
public void getFormFillJob(int job_id, String target_id) { public void getFormFillJob(int job_id, String target_id) {
@ -1333,7 +1332,7 @@ public class CollectController extends Controller {
/** /**
* *
*/ */
@Before({GET.class, RepeatIntercetpor.class}) @Before({GET.class})
@IsLoginInterface({}) @IsLoginInterface({})
public void listGroup() { public void listGroup() {
//操作人员 //操作人员
@ -1372,7 +1371,7 @@ public class CollectController extends Controller {
* *
* @param group_id * @param group_id
*/ */
@Before({GET.class, RepeatIntercetpor.class}) @Before({GET.class})
@IsLoginInterface({}) @IsLoginInterface({})
@IsNumericInterface({"group_id"}) @IsNumericInterface({"group_id"})
public void getGroup(int group_id) { public void getGroup(int group_id) {
@ -1385,7 +1384,7 @@ public class CollectController extends Controller {
* *
* @param job_id http://10.10.21.20:9000/QingLong/collect/exportTableStructExcel?job_id=1 * @param job_id http://10.10.21.20:9000/QingLong/collect/exportTableStructExcel?job_id=1
*/ */
@Before({GET.class, RepeatIntercetpor.class}) @Before({GET.class})
@IsLoginInterface({}) @IsLoginInterface({})
@IsNumericInterface({"job_id"}) @IsNumericInterface({"job_id"})
public void exportTableStructExcel(int job_id) { public void exportTableStructExcel(int job_id) {
@ -1546,7 +1545,7 @@ public class CollectController extends Controller {
* *
* @param file_id * @param file_id
*/ */
@Before({GET.class, RepeatIntercetpor.class}) @Before({GET.class})
@IsLoginInterface({}) @IsLoginInterface({})
public void getFormJobFile(String file_id) { public void getFormJobFile(String file_id) {
Record record = cm.getFormJobFile(file_id); Record record = cm.getFormJobFile(file_id);
@ -1654,7 +1653,7 @@ public class CollectController extends Controller {
* *
* @param job_id * @param job_id
*/ */
@Before({GET.class, RepeatIntercetpor.class}) @Before({GET.class})
@IsLoginInterface({}) @IsLoginInterface({})
@IsNumericInterface({"job_id"}) @IsNumericInterface({"job_id"})
public void viewForwardJobList(int job_id, int page, int limit) { public void viewForwardJobList(int job_id, int page, int limit) {
@ -1674,7 +1673,7 @@ public class CollectController extends Controller {
* *
* @param job_id * @param job_id
*/ */
@Before({GET.class, RepeatIntercetpor.class}) @Before({GET.class})
@IsLoginInterface({}) @IsLoginInterface({})
@IsNumericInterface({"job_id"}) @IsNumericInterface({"job_id"})
public void getSummaryExcel(int job_id) throws IOException { public void getSummaryExcel(int job_id) throws IOException {
@ -1713,7 +1712,7 @@ public class CollectController extends Controller {
/** /**
* *
*/ */
@Before({GET.class, RepeatIntercetpor.class}) @Before({GET.class})
@IsLoginInterface({}) @IsLoginInterface({})
public void getCurrentPersonPublishRole() { public void getCurrentPersonPublishRole() {
//操作人员 //操作人员
@ -1729,7 +1728,7 @@ public class CollectController extends Controller {
* @param school_id * @param school_id
* @return * @return
*/ */
@Before({GET.class, RepeatIntercetpor.class}) @Before({GET.class})
@IsLoginInterface({}) @IsLoginInterface({})
public void getSchoolNjList(String school_id) { public void getSchoolNjList(String school_id) {
//操作人员 //操作人员
@ -1741,4 +1740,88 @@ public class CollectController extends Controller {
List<Record> list = cm.getSchoolNjList(bureau_id); List<Record> list = cm.getSchoolNjList(bureau_id);
renderJson(CommonUtil.renderJsonForLayUI(list)); renderJson(CommonUtil.renderJsonForLayUI(list));
} }
/**
*
* @param username
* @param password
*/
@Before({POST.class})
public void doFillLogin(String username, String password) {
JSONObject resultJson = new JSONObject();
String checkCodeKey = "";
if (StrKit.isBlank(username)) {
resultJson.put("success", false);
resultJson.put("msg", "用户名不允许为空!");
renderJson(resultJson);
return;
}
if (StrKit.isBlank(password)) {
resultJson.put("success", false);
resultJson.put("msg", "密码不允许为空!");
renderJson(resultJson);
return;
}
//检查缓存中此账号错误了几次
String PassWordKey = "WrongPassWord_" + username;
int ErrCnt = 4; //最多允许错几次 4+1
int cntNum = 0; //错几次了
if (RedisKit.Exists(PassWordKey))
cntNum = Integer.parseInt(RedisKit.Get(PassWordKey));
if (cntNum > ErrCnt) {
resultJson.put("success", false);
resultJson.put("msg", "账号被停用5分钟请稍后再试");
renderJson(resultJson);
return;
}
//与前端配合RSA通用加密解密
try {
password = RsaUtils.decryptDataOnJava(password, RsaUtils.PRIVATEKEY);
} catch (Exception err) {
password = "!@#$%^&&*^*&(*)(*_)^%^$%$^%$^%";
}
String passwordEncode = CommonUtil.getLdapPassword(password);
BaseModel bm = new BaseModel();
Map loginMap = bm.getLoginInfoByUserName(username);
if (loginMap == null || !passwordEncode.equals(loginMap.get("password").toString())) {
//扩展支持连续输入用户名密码错误停用账号5分钟功能 2022.06.07
cntNum = 1;
if (RedisKit.Exists(PassWordKey))
cntNum = Integer.parseInt(RedisKit.Get(PassWordKey)) + cntNum;
int finalCntNum = cntNum;
RedisKit.incrBy(PassWordKey, finalCntNum);
RedisKit.Expire(PassWordKey, 60 * 5);
if (cntNum > ErrCnt) {
resultJson.put("success", false);
resultJson.put("msg", "密码连续输入" + (ErrCnt + 1) + "次全部错误账号将被停用5分钟");
renderJson(resultJson);
return;
}
if (cntNum == ErrCnt) {
resultJson.put("success", false);
resultJson.put("msg", "用户名或密码连续错误你还有1次机会再次错误后账号将被封掉5分钟");
renderJson(resultJson);
return;
}
resultJson.put("success", false);
resultJson.put("msg", "用户名或密码错误!");
renderJson(resultJson);
return;
}
//去掉限制
RedisKit.Del(PassWordKey);
RedisKit.Del(checkCodeKey);
//防止用户攻击修改Cookie
Map<String, Object> _map = new HashMap<>();
_map.put("person_id", loginMap.get("person_id"));
SessionKit.set(getRequest(), getResponse(), "person_id", loginMap.get("person_id").toString());
resultJson.put("success", true);
resultJson.put("person_id", loginMap.get("person_id").toString());
renderJson(resultJson);
}
} }

1
src/main/java/com/dsideal/QingLong/Collect/Model/CollectModel.java
Unescape View File

@ -2260,4 +2260,5 @@ public class CollectModel {
String sql = "select * from t_collect_job_target where job_id=? and target_id=?"; String sql = "select * from t_collect_job_target where job_id=? and target_id=?";
return Db.findFirst(sql, job_id, person_id); return Db.findFirst(sql, job_id, person_id);
} }
} }

11
src/main/java/com/dsideal/QingLong/Handler/RepeatIntercetpor.java
Unescape View File

@ -3,15 +3,20 @@ package com.dsideal.QingLong.Handler;
import com.dsideal.QingLong.Util.RedisKit; import com.dsideal.QingLong.Util.RedisKit;
import com.jfinal.aop.Interceptor; import com.jfinal.aop.Interceptor;
import com.jfinal.aop.Invocation; import com.jfinal.aop.Invocation;
import com.jfinal.core.Controller;
import com.jfinal.plugin.activerecord.Record; import com.jfinal.plugin.activerecord.Record;
public class RepeatIntercetpor implements Interceptor { public class RepeatIntercetpor implements Interceptor {
private final static long timeOut = 500;//0.5秒之内,同一个用户,同一个接口,只能调用一次 private final static long timeOut = 1;//1秒之内同一个用户同一个接口只能调用一次
//https://www.cnblogs.com/chenjy1225/p/14919428.html
@Override @Override
public void intercept(Invocation inv) { public void intercept(Invocation inv) {
Controller controller = inv.getController();
// GET方式时此配置无效
if ("GET".equalsIgnoreCase(controller.getRequest().getMethod().toUpperCase())) {
inv.invoke();
return;
}
// 从session中获取user信息 // 从session中获取user信息
String user = inv.getController().getSessionAttr("person_id"); String user = inv.getController().getSessionAttr("person_id");
if (user == null) inv.invoke();//未登录,放行,让检查登录的口处理这个问题 if (user == null) inv.invoke();//未登录,放行,让检查登录的口处理这个问题

83
src/main/java/com/dsideal/QingLong/LoginPerson/Controller/LoginPersonController.java
Unescape View File

@ -30,89 +30,6 @@ public class LoginPersonController extends Controller {
//实例化model //实例化model
LoginPersonModel model = new LoginPersonModel(); LoginPersonModel model = new LoginPersonModel();
/**
*
* @param username
* @param password
*/
@Before({POST.class})
public void doFillLogin(String username, String password) {
JSONObject resultJson = new JSONObject();
String checkCodeKey = "";
if (StrKit.isBlank(username)) {
resultJson.put("success", false);
resultJson.put("msg", "用户名不允许为空!");
renderJson(resultJson);
return;
}
if (StrKit.isBlank(password)) {
resultJson.put("success", false);
resultJson.put("msg", "密码不允许为空!");
renderJson(resultJson);
return;
}
//检查缓存中此账号错误了几次
String PassWordKey = "WrongPassWord_" + username;
int ErrCnt = 4; //最多允许错几次 4+1
int cntNum = 0; //错几次了
if (RedisKit.Exists(PassWordKey))
cntNum = Integer.parseInt(RedisKit.Get(PassWordKey));
if (cntNum > ErrCnt) {
resultJson.put("success", false);
resultJson.put("msg", "账号被停用5分钟请稍后再试");
renderJson(resultJson);
return;
}
//与前端配合RSA通用加密解密
try {
password = RsaUtils.decryptDataOnJava(password, RsaUtils.PRIVATEKEY);
} catch (Exception err) {
password = "!@#$%^&&*^*&(*)(*_)^%^$%$^%$^%";
}
String passwordEncode = CommonUtil.getLdapPassword(password);
BaseModel bm = new BaseModel();
Map loginMap = bm.getLoginInfoByUserName(username);
if (loginMap == null || !passwordEncode.equals(loginMap.get("password").toString())) {
//扩展支持连续输入用户名密码错误停用账号5分钟功能 2022.06.07
cntNum = 1;
if (RedisKit.Exists(PassWordKey))
cntNum = Integer.parseInt(RedisKit.Get(PassWordKey)) + cntNum;
int finalCntNum = cntNum;
RedisKit.incrBy(PassWordKey, finalCntNum);
RedisKit.Expire(PassWordKey, 60 * 5);
if (cntNum > ErrCnt) {
resultJson.put("success", false);
resultJson.put("msg", "密码连续输入" + (ErrCnt + 1) + "次全部错误账号将被停用5分钟");
renderJson(resultJson);
return;
}
if (cntNum == ErrCnt) {
resultJson.put("success", false);
resultJson.put("msg", "用户名或密码连续错误你还有1次机会再次错误后账号将被封掉5分钟");
renderJson(resultJson);
return;
}
resultJson.put("success", false);
resultJson.put("msg", "用户名或密码错误!");
renderJson(resultJson);
return;
}
//去掉限制
RedisKit.Del(PassWordKey);
RedisKit.Del(checkCodeKey);
//防止用户攻击修改Cookie
Map<String, Object> _map = new HashMap<>();
_map.put("person_id", loginMap.get("person_id"));
SessionKit.set(getRequest(), getResponse(), "person_id", loginMap.get("person_id").toString());
resultJson.put("success", true);
resultJson.put("person_id", loginMap.get("person_id").toString());
renderJson(resultJson);
}
/** /**

18
src/main/java/com/dsideal/QingLong/Organization/Controller/OrganizationController.java
Unescape View File

@ -24,7 +24,7 @@ public class OrganizationController extends Controller {
/** /**
* *
*/ */
@Before({GET.class, RepeatIntercetpor.class}) @Before({GET.class})
@IsLoginInterface({}) @IsLoginInterface({})
@IsSysAdminInterface({"4"}) //是不是123号管理员 @IsSysAdminInterface({"4"}) //是不是123号管理员
public void isSchool() { public void isSchool() {
@ -228,7 +228,7 @@ public class OrganizationController extends Controller {
/** /**
* *
*/ */
@Before({GET.class, RepeatIntercetpor.class}) @Before({GET.class})
@IsLoginInterface({}) @IsLoginInterface({})
@IsSysAdminInterface({"1", "2", "3"}) //是不是123号管理员 @IsSysAdminInterface({"1", "2", "3"}) //是不是123号管理员
public void getSchoolType() { public void getSchoolType() {
@ -245,7 +245,7 @@ public class OrganizationController extends Controller {
* @param page * @param page
* @param limit * @param limit
*/ */
@Before({GET.class, RepeatIntercetpor.class}) @Before({GET.class})
@IsLoginInterface({}) @IsLoginInterface({})
@EmptyInterface({"parent_org_id"}) @EmptyInterface({"parent_org_id"})
@IsNumericInterface({"page", "limit", "org_type_id"}) @IsNumericInterface({"page", "limit", "org_type_id"})
@ -261,7 +261,7 @@ public class OrganizationController extends Controller {
* *
* @param org_id * @param org_id
*/ */
@Before({GET.class, RepeatIntercetpor.class}) @Before({GET.class})
@IsLoginInterface({}) @IsLoginInterface({})
@IsGuidInterface({"org_id"}) @IsGuidInterface({"org_id"})
@IsSysAdminInterface({"1", "2", "3", "4"}) //是不是123,4号管理员 @IsSysAdminInterface({"1", "2", "3", "4"}) //是不是123,4号管理员
@ -279,7 +279,7 @@ public class OrganizationController extends Controller {
* @param page * @param page
* @param limit * @param limit
*/ */
@Before({GET.class, RepeatIntercetpor.class}) @Before({GET.class})
@IsLoginInterface({}) @IsLoginInterface({})
@EmptyInterface({"parent_org_id"}) @EmptyInterface({"parent_org_id"})
@IsNumericInterface({"page", "limit", "school_type_id"}) @IsNumericInterface({"page", "limit", "school_type_id"})
@ -330,7 +330,7 @@ public class OrganizationController extends Controller {
* *
* @param id * @param id
*/ */
@Before({GET.class, RepeatIntercetpor.class}) @Before({GET.class})
@IsLoginInterface({}) @IsLoginInterface({})
@EmptyInterface({"id"}) @EmptyInterface({"id"})
@IsSysAdminInterface({"1", "2", "3", "4"}) @IsSysAdminInterface({"1", "2", "3", "4"})
@ -404,7 +404,7 @@ public class OrganizationController extends Controller {
* @param page * @param page
* @param limit * @param limit
*/ */
@Before({GET.class, RepeatIntercetpor.class}) @Before({GET.class})
@IsLoginInterface({}) @IsLoginInterface({})
@EmptyInterface({"parent_org_id"}) @EmptyInterface({"parent_org_id"})
@IsNumericInterface({"page", "limit"}) @IsNumericInterface({"page", "limit"})
@ -420,7 +420,7 @@ public class OrganizationController extends Controller {
* *
* @param bureau_id * @param bureau_id
*/ */
@Before({GET.class, RepeatIntercetpor.class}) @Before({GET.class})
@IsLoginInterface({}) @IsLoginInterface({})
@IsSysAdminInterface({"1", "2", "3", "4"}) @IsSysAdminInterface({"1", "2", "3", "4"})
@EmptyInterface({"bureau_id"}) @EmptyInterface({"bureau_id"})
@ -439,7 +439,7 @@ public class OrganizationController extends Controller {
* @param page * @param page
* @param limit * @param limit
*/ */
@Before({GET.class, RepeatIntercetpor.class}) @Before({GET.class})
@IsLoginInterface({}) @IsLoginInterface({})
@IsSysAdminInterface({"1", "2", "3", "4"}) @IsSysAdminInterface({"1", "2", "3", "4"})
@IsNumericInterface({"type_id", "page", "limit"}) @IsNumericInterface({"type_id", "page", "limit"})

Write Preview
Loading…
Cancel
Save