huanghai
/
dsProject
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

'commit'

Browse Source
main
黄海 10 months ago
parent 869356229b
commit a4e63f7809
10 changed files with 196 additions and 75 deletions
Show Stats Download Patch File Download Diff File

4
.idea/compiler.xml
Unescape View File

@ -34,6 +34,9 @@
<module name="ms-wallet" />
</profile>
</annotationProcessing>
<bytecodeTargetLevel>
<module name="dsCommon" target="21" />
</bytecodeTargetLevel>
</component>
<component name="EclipseCompilerSettings">
<option name="ADDITIONAL_OPTIONS_OVERRIDE">
@ -46,6 +49,7 @@
<module name="ds-exam" options="" />
<module name="dsBase" options="-parameters" />
<module name="dsBuild" options="-parameters" />
<module name="dsCommon" options="" />
<module name="dsGw" options="" />
<module name="dsProject" options="" />
</option>

2
.idea/encodings.xml
Unescape View File

@ -9,6 +9,8 @@
<file url="file://$PROJECT_DIR$/dsBase/src/main/resources" charset="UTF-8" />
<file url="file://$PROJECT_DIR$/dsBuild/src/main/java" charset="UTF-8" />
<file url="file://$PROJECT_DIR$/dsBuild/src/main/resources" charset="UTF-8" />
<file url="file://$PROJECT_DIR$/dsCommon/src/main/java" charset="UTF-8" />
<file url="file://$PROJECT_DIR$/dsCommon/src/main/resources" charset="UTF-8" />
<file url="file://$PROJECT_DIR$/dsGw/src/main/java" charset="UTF-8" />
<file url="file://$PROJECT_DIR$/dsGw/src/main/resources" charset="UTF-8" />
<file url="file://$PROJECT_DIR$/gw-openapi/src/main/java" charset="UTF-8" />

2
.idea/misc.xml
Unescape View File

@ -13,10 +13,12 @@
<option value="$PROJECT_DIR$/ds-gw/pom.xml" />
<option value="$PROJECT_DIR$/ds-build/pom.xml" />
<option value="$PROJECT_DIR$/rough-dependencies/pom.xml" />
<option value="$PROJECT_DIR$/dsCommon/pom.xml" />
</list>
</option>
<option name="ignoredFiles">
<set>
<option value="$PROJECT_DIR$/dsCommon/pom.xml" />
<option value="$PROJECT_DIR$/rough-dependencies/pom.xml" />
</set>
</option>

28
dsBase/pom.xml
Unescape View File

@ -247,6 +247,34 @@
<artifactId>snakeyaml</artifactId>
<version>${snakeyaml.version}</version>
</dependency>
<!--https://blog.csdn.net/AdminGuan/article/details/100147488-->
<!--JWT,用于鉴权-->
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<version>0.7.0</version>
</dependency>
<dependency>
<groupId>javax.xml.bind</groupId>
<artifactId>jaxb-api</artifactId>
<version>2.3.0</version>
</dependency>
<dependency>
<groupId>com.sun.xml.bind</groupId>
<artifactId>jaxb-impl</artifactId>
<version>2.3.0</version>
</dependency>
<dependency>
<groupId>com.sun.xml.bind</groupId>
<artifactId>jaxb-core</artifactId>
<version>2.3.0</version>
</dependency>
<dependency>
<groupId>javax.activation</groupId>
<artifactId>activation</artifactId>
<version>1.1.1</version>
</dependency>
</dependencies>
<build>
<plugins>

154
dsBase/src/main/java/com/dsideal/base/LoginPerson/Controller/LoginPersonController.java
Unescape View File

@ -27,94 +27,98 @@ public class LoginPersonController extends Controller {
LoginPersonModel model = new LoginPersonModel();
@Before({POST.class})
public void doLogin(String username, String password) {
public void doLogin(String username, String password, String platform) {
if (StrKit.isBlank(platform)) {
platform = "WEB";
}
JSONObject resultJson = new JSONObject();
try {
if (StrKit.isBlank(username)) {
resultJson.put("success", false);
resultJson.put("msg", "用户名不允许为空!");
renderJson(resultJson);
return;
}
if (StrKit.isBlank(password)) {
resultJson.put("success", false);
resultJson.put("msg", "密码不允许为空!");
renderJson(resultJson);
return;
}
if (StrKit.isBlank(username)) {
resultJson.put("success", false);
resultJson.put("msg", "用户名不允许为空!");
renderJson(resultJson);
return;
}
if (StrKit.isBlank(password)) {
resultJson.put("success", false);
resultJson.put("msg", "密码不允许为空!");
renderJson(resultJson);
return;
}
//检查缓存中此账号错误了几次
String PassWordKey = "WrongPassWord_" + username;
int ErrCnt = 4; //最多允许错几次 4+1
int cntNum = 0; //错几次了
if (RedisKit.exists(PassWordKey)) cntNum = Integer.parseInt(RedisKit.get(PassWordKey).toString());
//检查缓存中此账号错误了几次
String PassWordKey = "WrongPassWord_" + username;
int ErrCnt = 4; //最多允许错几次 4+1
int cntNum = 0; //错几次了
if (RedisKit.exists(PassWordKey)) cntNum = Integer.parseInt(RedisKit.get(PassWordKey).toString());
if (cntNum > ErrCnt) {
resultJson.put("success", false);
resultJson.put("msg", "账号被停用5分钟请稍后再试");
renderJson(resultJson);
return;
}
//与前端配合RSA通用加密解密
try {
password = RsaUtils.decryptDataOnJava(password, RsaUtils.PRIVATEKEY);
} catch (Exception err) {
password = "!@#$%^&&*^*&(*)(*_)^%^$%$^%$^%";
}
String passwordEncode = CommonUtil.getLdapPassword(password);
BaseModel bm = new BaseModel();
Map loginMap = bm.getLoginInfoByUserName(username);
if (loginMap == null || !passwordEncode.equals(loginMap.get("password").toString())) {
//扩展支持连续输入用户名密码错误停用账号5分钟功能 2022.06.07
cntNum = 1;
if (RedisKit.exists(PassWordKey))
cntNum = Integer.parseInt(RedisKit.get(PassWordKey).toString()) + cntNum;
RedisKit.set(PassWordKey, String.valueOf(cntNum));
RedisKit.expire(PassWordKey, 60 * 5);
if (cntNum > ErrCnt) {
resultJson.put("success", false);
resultJson.put("msg", "账号被停用5分钟请稍后再试");
resultJson.put("msg", "密码连续输入" + (ErrCnt + 1) + "次全部错误,账号被停用5分钟");
renderJson(resultJson);
return;
}
//与前端配合RSA通用加密解密
try {
password = RsaUtils.decryptDataOnJava(password, RsaUtils.PRIVATEKEY);
} catch (Exception err) {
password = "!@#$%^&&*^*&(*)(*_)^%^$%$^%$^%";
}
String passwordEncode = CommonUtil.getLdapPassword(password);
BaseModel bm = new BaseModel();
Map loginMap = bm.getLoginInfoByUserName(username);
if (loginMap == null || !passwordEncode.equals(loginMap.get("password").toString())) {
//扩展支持连续输入用户名密码错误停用账号5分钟功能 2022.06.07
cntNum = 1;
if (RedisKit.exists(PassWordKey))
cntNum = Integer.parseInt(RedisKit.get(PassWordKey).toString()) + cntNum;
RedisKit.set(PassWordKey, String.valueOf(cntNum));
RedisKit.expire(PassWordKey, 60 * 5);
if (cntNum > ErrCnt) {
resultJson.put("success", false);
resultJson.put("msg", "密码连续输入" + (ErrCnt + 1) + "次全部错误账号将被停用5分钟");
renderJson(resultJson);
return;
}
if (cntNum == ErrCnt) {
resultJson.put("success", false);
resultJson.put("msg", "用户名或密码连续错误你还有1次机会再次错误后账号将被封掉5分钟");
renderJson(resultJson);
return;
}
if (cntNum == ErrCnt) {
resultJson.put("success", false);
resultJson.put("msg", "用户名或密码错误!");
resultJson.put("msg", "用户名或密码连续错误你还有1次机会再次错误后账号将被封掉5分钟");
renderJson(resultJson);
return;
}
//去掉限制
RedisKit.del(PassWordKey);
//防止用户攻击修改Cookie
Map _map = new HashMap<String, String>();
_map.put("identity_id", loginMap.get("identity_id"));
_map.put("person_id", loginMap.get("person_id"));
_map.put("bureau_id", loginMap.get("bureau_id"));
String token = CommonUtil.Sign(_map, BaseApplication.PropKit.get("jwt.CookieMd5SingPwd"));
CookieUtil.set(getResponse(), "identity_id", loginMap.get("identity_id").toString(), false, true);
CookieUtil.set(getResponse(), "person_id", loginMap.get("person_id").toString(), false, true);
CookieUtil.set(getResponse(), "bureau_id", loginMap.get("bureau_id").toString(), false, true);
CookieUtil.set(getResponse(), "token", token, false, true);
resultJson.put("success", true);
resultJson.put("identity_id", loginMap.get("identity_id").toString());
resultJson.put("person_id", loginMap.get("person_id").toString());
resultJson.put("bureau_id", loginMap.get("bureau_id").toString());
resultJson.put("person_name", loginMap.get("person_name").toString());
//根据人员id,获取所有单位信息
Record r = bm.getBureauInfoByPersonId(loginMap.get("person_id").toString());
if (r != null) resultJson.put("bureau_name", r.getStr("bureau_name"));
renderJson(resultJson);
} catch (Exception e) {
resultJson.put("success", false);
resultJson.put("msg", "登录异常");
resultJson.put("msg", "用户名或密码错误!");
renderJson(resultJson);
return;
}
//去掉限制
RedisKit.del(PassWordKey);
//防止用户攻击修改Cookie
Map _map = new HashMap<String, String>();
_map.put("identity_id", loginMap.get("identity_id"));
_map.put("person_id", loginMap.get("person_id"));
_map.put("bureau_id", loginMap.get("bureau_id"));
String token = CommonUtil.Sign(_map, BaseApplication.PropKit.get("jwt.CookieMd5SingPwd"));
CookieUtil.set(getResponse(), "identity_id", loginMap.get("identity_id").toString(), false, true);
CookieUtil.set(getResponse(), "person_id", loginMap.get("person_id").toString(), false, true);
CookieUtil.set(getResponse(), "bureau_id", loginMap.get("bureau_id").toString(), false, true);
CookieUtil.set(getResponse(), "token", token, false, true);
//添加返回的Token JWT
String jwtToken = JwtUtil.generateToken(Integer.parseInt(loginMap.get("identity_id").toString()), loginMap.get("person_id").toString(), loginMap.get("bureau_id").toString());
resultJson.put("success", true);
resultJson.put("identity_id", loginMap.get("identity_id").toString());
resultJson.put("person_id", loginMap.get("person_id").toString());
resultJson.put("bureau_id", loginMap.get("bureau_id").toString());
resultJson.put("person_name", loginMap.get("person_name").toString());
resultJson.put("jwt", jwtToken);
//将此人员的权限信息写入Pika,如果后面的要求登录互踢,可以用来处理互踢
//处理逻辑就是检查此jwt是不是在Pika中存在存在就是系统派发出去并且是最后一次用户在此平台登录的TOKEN
//如果不存在就表示此token已过期踢出即可。
RedisKit.set("jwt_" + platform + "_" + loginMap.get("person_id").toString(), jwtToken);
//根据人员id,获取所有单位信息
Record r = bm.getBureauInfoByPersonId(loginMap.get("person_id").toString());
if (r != null) resultJson.put("bureau_name", r.getStr("bureau_name"));
renderJson(resultJson);
}
@ -356,7 +360,7 @@ public class LoginPersonController extends Controller {
renderFile(new File(excelFile), filename);
}
static{
static {
System.setProperty("java.awt.headless", "true");
}
/*****打印帐号和输出EXCEL的功能结束*********************************************************/

73
dsBase/src/main/java/com/dsideal/base/Util/JwtUtil.java
Unescape View File

@ -0,0 +1,73 @@
package com.dsideal.base.Util;
import cn.hutool.core.date.DateTime;
import com.dsideal.base.BaseApplication;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import java.nio.charset.StandardCharsets;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
public class JwtUtil {
public static final String AUTHORIZATION_STARTER = "Bearer ";
public static final String SECRET = BaseApplication.PropKit.get("SECRET");
/**
* JWT
*
* @param identity_id ID
* @param person_id ID
* @param bureau_id ID
* @return JWT
*/
public static String generateToken(int identity_id, String person_id, String bureau_id) {
// 获取当前日期和时间
Date now = new Date();
// 格式化日期
Map<String, Object> claims = new HashMap<>();
claims.put("create_time", now.toString());
claims.put("identity_id", identity_id);
claims.put("person_id", person_id);
claims.put("bureau_id", bureau_id);
return AUTHORIZATION_STARTER + Jwts.builder().setClaims(claims).signWith(SignatureAlgorithm.HS256, SECRET).compact();
}
public static Claims getClaims(String token) {
if (token.contains(AUTHORIZATION_STARTER)) {
token = token.replace(AUTHORIZATION_STARTER, "");
}
Claims claims;
try {
claims = Jwts.parser()
.setSigningKey(SECRET)
.parseClaimsJws(token)
.getBody();
} catch (Exception e) {
try {
claims = Jwts.parser()
.setSigningKey(SECRET.getBytes(StandardCharsets.UTF_8))
.parseClaimsJws(token)
.getBody();
} catch (Exception err) {
claims = null;
}
}
return claims;
}
public static void main(String[] args) {
//GwApplication gw = new GwApplication();
String token = generateToken(4, "0b64e31e-a85e-43eb-ba5f-3088d986a8da", "3f7f4c90-645a-4fb9-9902-447846cf1dcc");
/**
1JWTidentity_id,person_idbureau_id
*/
Claims claims = getClaims(token);
System.out.println(claims.get("identity_id"));
System.out.println(claims.get("person_id"));
System.out.println(claims.get("bureau_id"));
}
}

2
dsBase/src/main/resource/application_dev.yaml
Unescape View File

@ -1,5 +1,7 @@
# 上传文件的临时路径
uploadTempPath: c:/Windows/Temp
# JWT
SECRET: ZXZnZWVr5b+r5LmQ5L2g55qE5Ye66KGM
mysql:
# 数据库信息

2
dsBase/src/main/resource/application_pro.yaml
Unescape View File

@ -1,5 +1,7 @@
# 上传文件的临时路径
uploadTempPath: /tmp
# JWT
SECRET: ZXZnZWVr5b+r5LmQ5L2g55qE5Ye66KGM
mysql:
# 数据库信息

2
dsBase/target/classes/application_dev.yaml
Unescape View File

@ -1,5 +1,7 @@
# 上传文件的临时路径
uploadTempPath: c:/Windows/Temp
# JWT
SECRET: ZXZnZWVr5b+r5LmQ5L2g55qE5Ye66KGM
mysql:
# 数据库信息

2
dsBase/target/classes/application_pro.yaml
Unescape View File

@ -1,5 +1,7 @@
# 上传文件的临时路径
uploadTempPath: /tmp
# JWT
SECRET: ZXZnZWVr5b+r5LmQ5L2g55qE5Ye66KGM
mysql:
# 数据库信息

Write Preview
Loading…
Cancel
Save