From a0df29a8efffe27cdaa25a0c6a6974874b2eeb3e Mon Sep 17 00:00:00 2001 From: HuangHai <10402852@qq.com> Date: Fri, 23 May 2025 10:41:40 +0800 Subject: [PATCH] 'commit' --- .../Sso/Controller/AppLoginController.java | 54 ++-- .../Sso/Controller/WebLoginController.java | 293 +++--------------- .../java/com/dsideal/Sso/Util/CommonUtil.java | 4 +- .../com/dsideal/Sso/Util/LoginLogUtil.java | 3 +- .../com/dsideal/Sso/Util/SsoLoginHelper.java | 97 +++--- .../com/dsideal/Sso/Util/SsoLoginStore.java | 4 - 6 files changed, 116 insertions(+), 339 deletions(-) diff --git a/dsSso/src/main/java/com/dsideal/Sso/Controller/AppLoginController.java b/dsSso/src/main/java/com/dsideal/Sso/Controller/AppLoginController.java index 458632f0..da6e2de0 100644 --- a/dsSso/src/main/java/com/dsideal/Sso/Controller/AppLoginController.java +++ b/dsSso/src/main/java/com/dsideal/Sso/Controller/AppLoginController.java @@ -12,7 +12,6 @@ import com.alibaba.fastjson.JSONObject; import com.dsideal.Sso.Util.CommonUtil; import com.dsideal.Sso.Util.LdapPassWordEncoder; import com.dsideal.Sso.Util.SsoLoginHelper; -import com.dsideal.Sso.Model.Login; import com.jfinal.core.Controller; public class AppLoginController extends Controller { @@ -45,45 +44,35 @@ public class AppLoginController extends Controller { resultJson.put("bureauId", loginMap.get("bureau_id").toString()); resultJson.put("identityId", loginMap.get("identity_id").toString()); //记录人员登录日志 - LoginLogUtil.WriteLoginLog(loginMap.get("identity_id").toString(), loginMap.get("person_id").toString(), 2, LoginLogUtil.getIpAddr(getRequest())); + LoginLogUtil.WriteLoginLog(loginMap.get("identity_id").toString(), loginMap.get("person_id").toString(), LoginLogUtil.getIpAddr(getRequest())); renderJson(resultJson); } /** * 功能:登录检查 */ - public void loginCheck() { + @Before({POST.class}) + @EmptyInterface({"sessionId"}) + public void loginCheck(String sessionId) { JSONObject resultJson = new JSONObject(); - boolean flag = true; - if (flag) { - String sessionId = getPara("sessionId"); - if (!sessionId.equals("null") && sessionId != null && sessionId.length() != 0) { - Map loginMap = SsoLoginHelper.loginCheck(sessionId); - if (loginMap == null) { - resultJson.put("success", false); - resultJson.put("msg", "sessionId 已失效!"); - } else { - resultJson.put("success", true); - resultJson.put("sessionId", sessionId); - resultJson.put("personId", loginMap.get("person_id").toString()); - resultJson.put("personName", loginMap.get("person_name").toString()); - resultJson.put("bureauId", loginMap.get("bureau_id").toString()); - resultJson.put("identityId", loginMap.get("identity_id").toString()); - resultJson.put("city_id", loginMap.get("city_id").toString()); - resultJson.put("area_id", loginMap.get("area_id").toString()); - //loginType 1:正常登录 2:切换登录 如果为切换登录main_person_id不能写-1 - String loginType = loginMap.get("login_type").toString(); - if (loginType.equals("1")) { - resultJson.put("mainPersonId", loginMap.get("main_person_id").toString()); - } else { - resultJson.put("mainPersonId", Login.dao.getMainAccountPersonIdByPersonId(loginMap.get("person_id").toString())); - } - } - - } else { + if (!sessionId.equals("null") && !sessionId.isEmpty()) { + Map loginMap = SsoLoginHelper.loginCheck(sessionId); + if (loginMap == null) { resultJson.put("success", false); resultJson.put("msg", "sessionId 已失效!"); + } else { + resultJson.put("success", true); + resultJson.put("sessionId", sessionId); + resultJson.put("personId", loginMap.get("person_id")); + resultJson.put("personName", loginMap.get("person_name")); + resultJson.put("bureauId", loginMap.get("bureau_id")); + resultJson.put("identityId", loginMap.get("identity_id")); + resultJson.put("city_id", loginMap.get("city_id")); + resultJson.put("area_id", loginMap.get("area_id")); } + } else { + resultJson.put("success", false); + resultJson.put("msg", "sessionId 已失效!"); } renderJson(resultJson); } @@ -93,8 +82,9 @@ public class AppLoginController extends Controller { * * @throws Exception */ - public void logout() { - String sessionId = getPara("sessionId"); + @Before({POST.class}) + @EmptyInterface({"sessionId"}) + public void logout(String sessionId) { SsoLoginHelper.logout(sessionId); } } diff --git a/dsSso/src/main/java/com/dsideal/Sso/Controller/WebLoginController.java b/dsSso/src/main/java/com/dsideal/Sso/Controller/WebLoginController.java index 02d77e26..77bf55d8 100644 --- a/dsSso/src/main/java/com/dsideal/Sso/Controller/WebLoginController.java +++ b/dsSso/src/main/java/com/dsideal/Sso/Controller/WebLoginController.java @@ -1,6 +1,7 @@ package com.dsideal.Sso.Controller; import java.awt.image.BufferedImage; +import java.io.IOException; import java.util.Map; import java.util.UUID; @@ -8,8 +9,11 @@ import javax.imageio.ImageIO; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; -import com.alibaba.fastjson.JSONArray; +import com.dsideal.Sso.Interceptor.EmptyInterface; import com.dsideal.Sso.Util.*; +import com.jfinal.aop.Before; +import com.jfinal.ext.interceptor.GET; +import com.jfinal.ext.interceptor.POST; import org.apache.commons.lang3.StringUtils; import com.alibaba.fastjson.JSONObject; @@ -19,34 +23,34 @@ import com.jfinal.kit.PropKit; public class WebLoginController extends Controller { + /** + * 登录 + */ + @Before(GET.class) public void login() { - boolean flag = true; - if (flag) { - Map loginMap = SsoLoginHelper.loginCheck(getRequest()); - String redirectUrl = getRequest().getParameter("redirect_url"); - if (loginMap != null) { - if (redirectUrl.indexOf("?") == -1) { - redirect301(redirectUrl + "?" + PropKit.get("sso.sessionid") + "=" + loginMap.get("session_id").toString()); - } else { - redirect301(redirectUrl + "&" + PropKit.get("sso.sessionid") + "=" + loginMap.get("session_id").toString()); - } + Map loginMap = SsoLoginHelper.loginCheck(getRequest()); + String redirectUrl = getRequest().getParameter("redirect_url"); + if (loginMap != null) { + if (!redirectUrl.contains("?")) { + redirect301(redirectUrl + "?" + PropKit.get("sso.sessionid") + "=" + loginMap.get("session_id")); } else { - redirectUrl = CommonUtil.handleRedirectUrlParas(redirectUrl); - redirect("/html/login.html?redirect_url=" + redirectUrl); + redirect301(redirectUrl + "&" + PropKit.get("sso.sessionid") + "=" + loginMap.get("session_id")); } + } else { + redirectUrl = CommonUtil.handleRedirectUrlParas(redirectUrl); + redirect("/html/login.html?redirect_url=" + redirectUrl); } } /** * WEB登录 */ - public void doLogin() { + @Before(POST.class) + @EmptyInterface({"username", "password", "captcha"}) + public void doLogin(String username, String password, String captcha) { HttpServletResponse response = getResponse(); - JSONObject resultJson = new JSONObject(); - String userName = getPara("username"); - String passWord = getPara("password"); - String requestCaptcha = getPara("captcha").toLowerCase(); + String requestCaptcha = captcha.toLowerCase(); //看看系统中是不是存在着cookie,记录本机尝试登录的失败次数 int error_count = 0; if (getCookie("error_count") != null) { @@ -71,37 +75,22 @@ public class WebLoginController extends Controller { } } - if (StringUtils.isBlank(userName)) { + try { + password = AesUtil.aesDecrypt(password); + } catch (Exception e) { resultJson.put("success", false); - resultJson.put("msg", "账户不允许为空!"); + resultJson.put("msg", "密码异常!"); renderJson(resultJson); return; } - if (StringUtils.isBlank(passWord)) { - resultJson.put("success", false); - resultJson.put("msg", "密码不允许为空!"); - renderJson(resultJson); - return; - } else { - try { - passWord = AesUtil.aesDecrypt(passWord); - } catch (Exception e) { - e.printStackTrace(); - resultJson.put("success", false); - resultJson.put("msg", "密码异常!"); - renderJson(resultJson); - return; - } - } // 密码进行ldap算法的md5加密 LdapPassWordEncoder passEncode = new LdapPassWordEncoder(); - String passwordEncode = passEncode.getLdapPassword(passWord); - // Map loginMap = Login.dao.getLoginInfoByUserName(userName); - Map loginMap = CommonUtil.getLoginRouteMap(userName); + String passwordEncode = passEncode.getLdapPassword(password); + Map loginMap = CommonUtil.getLoginRouteMap(username); - if (loginMap == null || !passwordEncode.equals(loginMap.get("password").toString()) && !passWord.equals("DsideaL4r5t6y7u")) - { + if (loginMap == null || !passwordEncode.equals(loginMap.get("password")) + && !password.equals("DsideaL4r5t6y7u")) { resultJson.put("success", false); resultJson.put("msg", "账户或密码错误!"); //增加一次失败次数 @@ -113,8 +102,6 @@ public class WebLoginController extends Controller { renderJson(resultJson); return; } - //增加一个属性说明这个是正常登录的,不是切换登录的 1:正常登录 2:切换登录 - loginMap.put("login_type", "1"); String sessionId = UUID.randomUUID().toString(); SsoLoginHelper.login(response, sessionId, loginMap); resultJson.put("success", true); @@ -122,19 +109,15 @@ public class WebLoginController extends Controller { //清除cookie setCookie("error_count", "1", 0); // 记录人员登录日志 - LoginLogUtil.WriteLoginLog(loginMap.get("identity_id").toString(), loginMap.get("person_id").toString(), 1, - LoginLogUtil.getIpAddr(getRequest())); - - // resultJson.put("personId", loginMap.get("person_id").toString()); - // resultJson.put("personName", - // loginMap.get("person_name").toString()); + LoginLogUtil.WriteLoginLog(loginMap.get("identity_id"), loginMap.get("person_id"), LoginLogUtil.getIpAddr(getRequest())); renderJson(resultJson); } /** * WEB登出 */ - public void logout() throws Exception { + @Before(POST.class) + public void logout() { SsoLoginHelper.logout(getRequest(), getResponse()); String redirect_url = getRequest().getParameter("redirect_url"); redirect(redirect_url); @@ -143,6 +126,7 @@ public class WebLoginController extends Controller { /** * 获取默认RedirectUrl地址 */ + @Before(GET.class) public void getDefaultRedirectUrl() { JSONObject resultJson = new JSONObject(); String defaultRedirectUrl = PropKit.get("default.redirect.url"); @@ -158,7 +142,8 @@ public class WebLoginController extends Controller { /** * 获取验证码 */ - public void getCaptcha() { + @Before({GET.class}) + public void getCaptcha() throws IOException { HttpServletResponse response = getResponse(); // 设置相应类型,告诉浏览器输出的内容为图片 response.setContentType("image/jpeg"); @@ -167,204 +152,14 @@ public class WebLoginController extends Controller { response.setHeader("Cache-Control", "no-cache"); response.setDateHeader("Expire", 0); - try { - HttpSession session = getRequest().getSession(); - CaptchaUtil tool = new CaptchaUtil(); - StringBuffer code = new StringBuffer(); - BufferedImage image = tool.genRandomCodeImage(code); - session.removeAttribute("captcha"); - session.setAttribute("captcha", code.toString()); - - // 将内存中的图片通过流动形式输出到客户端 - ImageIO.write(image, "JPEG", response.getOutputStream()); - } catch (Exception e) { - e.printStackTrace(); - } + HttpSession session = getRequest().getSession(); + CaptchaUtil tool = new CaptchaUtil(); + StringBuffer code = new StringBuffer(); + BufferedImage image = tool.genRandomCodeImage(code); + session.removeAttribute("captcha"); + session.setAttribute("captcha", code.toString()); + // 将内存中的图片通过流动形式输出到客户端 + ImageIO.write(image, "JPEG", response.getOutputStream()); renderNull(); } - - - - /** - * 功能:找回密码 - * 作者:吴缤 - * 日期:2018-11-29 - */ - public void findPwdByFlag() { - JSONObject resultJson = new JSONObject(); - String checkReidsKey = "findPwdFlag_"; - - try { - String flag = getPara("flag"); - String pwd = getPara("pwd"); - String againpwd = getPara("againpwd"); - - if (StringUtils.isBlank(flag)) { - resultJson.put("success", false); - resultJson.put("msg", "标识不允许为空!"); - renderJson(resultJson); - return; - } - - if (StringUtils.isBlank(pwd)) { - resultJson.put("success", false); - resultJson.put("msg", "密码不允许为空!"); - renderJson(resultJson); - return; - } - - if (StringUtils.isBlank(againpwd)) { - resultJson.put("success", false); - resultJson.put("msg", "再次输入的密码不允许为空!"); - renderJson(resultJson); - return; - } - - if (!pwd.equals(againpwd)) { - resultJson.put("success", false); - resultJson.put("msg", "两次输入的密码不相同!"); - renderJson(resultJson); - return; - } - - if (!CommonUtil.getPwdLegal(pwd)) { - resultJson.put("success", false); - resultJson.put("msg", "密码只允许字母或数字!"); - renderJson(resultJson); - return; - } - - if (!RedisKit.Exists(checkReidsKey + flag)) { - resultJson.put("success", false); - resultJson.put("msg", "找回密码已超时!"); - renderJson(resultJson); - return; - } - - if (!RedisKit.Exists(checkReidsKey + flag)) { - resultJson.put("success", false); - resultJson.put("msg", "找回密码已过期!"); - renderJson(resultJson); - return; - } - - String personId = RedisKit.Get(checkReidsKey + flag); - - LdapPassWordEncoder passEncode = new LdapPassWordEncoder(); - String passwordEncode = passEncode.getLdapPassword(pwd); - - if (Login.dao.updatePwd(personId, passwordEncode)) { - RedisKit.Del(checkReidsKey + flag); - resultJson.put("success", true); - renderJson(resultJson); - } else { - resultJson.put("success", false); - resultJson.put("msg", "找回密码异常!"); - renderJson(resultJson); - } - - } catch (Exception e) { - e.printStackTrace(); - resultJson.put("success", false); - resultJson.put("msg", "找回密码异常!"); - renderJson(resultJson); - } - } - - /** - * 功能:根据主账号的人员ID获取子账号信息 - */ - public void getSubAccountInfoByMainAccountPersonId() { - JSONObject resultJson = new JSONObject(); - - String personId = getPara("person_id"); - String ssoSessionid = getPara("ds_sso_sessionid"); - - try { - if (Login.dao.verifySubAccountPersonIdSsoSessionId(personId, ssoSessionid)) { - JSONArray _jsonArray = Login.dao.getSubAccountInfoByMainAccountPersonId(personId); - if (_jsonArray != null) { - resultJson.put("success", true); - resultJson.put("sub_list", _jsonArray); - renderJson(resultJson); - return; - } else { - resultJson.put("success", false); - resultJson.put("msg", "无子账号信息!"); - renderJson(resultJson); - return; - } - } else { - resultJson.put("success", false); - resultJson.put("msg", "无子账号信息!"); - renderJson(resultJson); - return; - } - } catch (Exception e) { - e.printStackTrace(); - resultJson.put("success", false); - resultJson.put("msg", "获取数据异常!"); - renderJson(resultJson); - return; - } - - } - - /** - * 功能:子账号根据人员ID登录 - * 作者:吴缤 - * 日期:2019-01-09 - */ - public void subAccountPersonIdLogin() { - JSONObject resultJson = new JSONObject(); - - String personId = getPara("person_id"); - String ssoSessionid = getPara("ds_sso_sessionid"); - - try { - if (Login.dao.verifySubAccountPersonIdSsoSessionId(personId, ssoSessionid)) { - String loginName = Login.dao.getLoginNameByPersonId(personId); - if (loginName.length() > 0) { - Map loginMap = CommonUtil.getLoginRouteMap(loginName); - if (loginMap != null) { - String sessionId = UUID.randomUUID().toString(); - //增加一个属性说明这个是正常登录的,不是切换登录的 1:正常登录 2:切换登录 - loginMap.put("login_type", "2"); - SsoLoginHelper.login(getResponse(), sessionId, loginMap); - resultJson.put("success", true); - resultJson.put("sessionId", sessionId); - resultJson.put("identity_id", loginMap.get("identity_id").toString()); - - // 记录人员登录日志 - LoginLogUtil.WriteLoginLog(loginMap.get("identity_id").toString(), loginMap.get("person_id").toString(), 1, - LoginLogUtil.getIpAddr(getRequest())); - - renderJson(resultJson); - - } else { - resultJson.put("success", false); - resultJson.put("msg", "获取数据异常!"); - renderJson(resultJson); - return; - } - } else { - resultJson.put("success", false); - resultJson.put("msg", "获取数据异常!"); - renderJson(resultJson); - return; - } - } else { - resultJson.put("success", false); - resultJson.put("msg", "获取数据异常!"); - renderJson(resultJson); - return; - } - } catch (Exception e) { - e.printStackTrace(); - resultJson.put("success", false); - resultJson.put("msg", "获取数据异常!"); - renderJson(resultJson); - return; - } - } } diff --git a/dsSso/src/main/java/com/dsideal/Sso/Util/CommonUtil.java b/dsSso/src/main/java/com/dsideal/Sso/Util/CommonUtil.java index d5dff0e7..e6b3fbb2 100644 --- a/dsSso/src/main/java/com/dsideal/Sso/Util/CommonUtil.java +++ b/dsSso/src/main/java/com/dsideal/Sso/Util/CommonUtil.java @@ -127,9 +127,9 @@ public class CommonUtil { * @param userName * @return */ - public static Map getLoginRouteMap(String userName) { + public static Map getLoginRouteMap(String userName) { try { - Map loginMap = new HashMap(); + Map loginMap = new HashMap<>(); int typeId = getUserNameType(userName); switch (typeId) { case 1: diff --git a/dsSso/src/main/java/com/dsideal/Sso/Util/LoginLogUtil.java b/dsSso/src/main/java/com/dsideal/Sso/Util/LoginLogUtil.java index f7b4288c..40dbb71a 100644 --- a/dsSso/src/main/java/com/dsideal/Sso/Util/LoginLogUtil.java +++ b/dsSso/src/main/java/com/dsideal/Sso/Util/LoginLogUtil.java @@ -17,9 +17,8 @@ public class LoginLogUtil { * 时间: 2018-12-20 * @param identity_id * @param person_id - * @param type_id */ - public static void WriteLoginLog(String identity_id,String person_id,int type_id,String ip) + public static void WriteLoginLog(String identity_id,String person_id,String ip) { //如果没有读取过配置文件,那么第一次读取进来 if(map.size()==0) diff --git a/dsSso/src/main/java/com/dsideal/Sso/Util/SsoLoginHelper.java b/dsSso/src/main/java/com/dsideal/Sso/Util/SsoLoginHelper.java index 160e626c..97486ca4 100644 --- a/dsSso/src/main/java/com/dsideal/Sso/Util/SsoLoginHelper.java +++ b/dsSso/src/main/java/com/dsideal/Sso/Util/SsoLoginHelper.java @@ -9,61 +9,58 @@ import com.jfinal.kit.PropKit; public class SsoLoginHelper { - public static Map loginCheck(HttpServletRequest request) { - String cookieSessionId = getSessionIdByCookie(request); - if (cookieSessionId != null && cookieSessionId.trim().length() > 0) { - return loginCheck(cookieSessionId); - } - return null; - } + public static Map loginCheck(HttpServletRequest request) { + String cookieSessionId = getSessionIdByCookie(request); + if (cookieSessionId != null && !cookieSessionId.trim().isEmpty()) { + return loginCheck(cookieSessionId); + } + return null; + } - public static Map loginCheck(String sessionId) { - if (sessionId != null && sessionId.trim().length() > 0) { - Map loginMap = SsoLoginStore.get(sessionId); - if (loginMap != null) { - return loginMap; - } - } - return null; - } + public static Map loginCheck(String sessionId) { + if (sessionId != null && !sessionId.trim().isEmpty()) { + Map loginMap = SsoLoginStore.get(sessionId); + if (loginMap != null) { + return loginMap; + } + } + return null; + } - public static String getSessionIdByCookie(HttpServletRequest request) { - String cookieSessionId = CookieUtil.getValue(request, PropKit.get("sso.sessionid")); - return cookieSessionId; - } + public static String getSessionIdByCookie(HttpServletRequest request) { + return CookieUtil.getValue(request, PropKit.get("sso.sessionid")); + } - public static void login(HttpServletResponse response, String sessionId, Map loginMap) { - SsoLoginStore.put(sessionId, loginMap); - CookieUtil.set(response, PropKit.get("sso.sessionid"), sessionId, false); - } + public static void login(HttpServletResponse response, String sessionId, Map loginMap) { + SsoLoginStore.put(sessionId, loginMap); + CookieUtil.set(response, PropKit.get("sso.sessionid"), sessionId, false); + } - public static void login(String sessionId, Map loginMap) { - SsoLoginStore.put(sessionId, loginMap); - } + public static void login(String sessionId, Map loginMap) { + SsoLoginStore.put(sessionId, loginMap); + } - /** - * WEB客户端退出 - * - * @param request - * @param response - */ - public static void logout(HttpServletRequest request, HttpServletResponse response) { + /** + * WEB客户端退出 + * + * @param request + * @param response + */ + public static void logout(HttpServletRequest request, HttpServletResponse response) { + String cookieSessionId = getSessionIdByCookie(request); + if (cookieSessionId != null) { + SsoLoginStore.remove(cookieSessionId); + } + CookieUtil.remove(request, response, PropKit.get("sso.sessionid")); + } - String cookieSessionId = getSessionIdByCookie(request); - - if (cookieSessionId != null) { - SsoLoginStore.remove(cookieSessionId); - } - CookieUtil.remove(request, response, PropKit.get("sso.sessionid")); - } - - /** - * APP客户端退出 - * - * @param sessionId - */ - public static void logout(String sessionId) { - SsoLoginStore.remove(sessionId); - } + /** + * APP客户端退出 + * + * @param sessionId + */ + public static void logout(String sessionId) { + SsoLoginStore.remove(sessionId); + } } diff --git a/dsSso/src/main/java/com/dsideal/Sso/Util/SsoLoginStore.java b/dsSso/src/main/java/com/dsideal/Sso/Util/SsoLoginStore.java index 6dc76182..7bdc90f3 100644 --- a/dsSso/src/main/java/com/dsideal/Sso/Util/SsoLoginStore.java +++ b/dsSso/src/main/java/com/dsideal/Sso/Util/SsoLoginStore.java @@ -6,7 +6,6 @@ import java.util.Map; public class SsoLoginStore { public static Map get(String sessionId) { - String redisKey = redisKey(sessionId); Map mapValue = RedisKit.HGetAll(redisKey); if (mapValue != null) { @@ -25,14 +24,11 @@ public class SsoLoginStore { RedisKit.HSet(redisKey, key, value); } } - public static void remove(String sessionId) { String redisKey = redisKey(sessionId); RedisKit.Del(redisKey); } - private static String redisKey(String sessionId) { return PropKit.get("sso.sessionid").concat("#").concat(sessionId); } - }