hhyykk/ipms-sjy
1
1
Fork 0
mirror of https://gitee.com/hhyykk/ipms-sjy.git synced 2025-07-25 00:15:06 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

更新登录模板

Browse Source 
支持短信验证码登录
This commit is contained in:
酱包
2022-04-27 11:31:18 +08:00
parent 878445a238
commit 5139117b13
20 changed files with 838 additions and 141 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/controller/admin/auth/AuthController.java
View File

@ -61,6 +61,26 @@ public class AuthController {
return success(AuthLoginRespVO.builder().token(token).build());
}
@PostMapping("/sms-login")
@ApiOperation("使用短信验证码登录")
@OperateLog(enable = false) // 避免 Post 请求被记录操作日志
public CommonResult<AuthLoginRespVO> smsLogin(@RequestBody @Valid AuthSmsLoginReqVO reqVO) {
String token = authService.smsLogin(reqVO, getClientIP(), getUserAgent());
// 返回结果
return success(AuthLoginRespVO.builder().token(token).build());
}
@PostMapping("/send-login-sms-code")
@ApiOperation(value = "发送手机验证码")
@OperateLog(enable = false) // 避免 Post 请求被记录操作日志
public CommonResult<Boolean> sendLoginSmsCode(@RequestBody @Valid AuthSmsSendReqVO reqVO) {
authService.sendSmsCode(getLoginUserId(), reqVO);
return success(true);
}
@GetMapping("/get-permission-info")
@ApiOperation("获取登录用户的权限信息")
public CommonResult<AuthPermissionInfoRespVO> getPermissionInfo() {

38
yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/controller/admin/auth/vo/auth/AuthSmsLoginReqVO.java Normal file
View File

@ -0,0 +1,38 @@
package cn.iocoder.yudao.module.system.controller.admin.auth.vo.auth;
import io.swagger.annotations.ApiModel;
import io.swagger.annotations.ApiModelProperty;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Data;
import lombok.NoArgsConstructor;
import org.hibernate.validator.constraints.Length;
import javax.validation.constraints.NotEmpty;
import javax.validation.constraints.Pattern;
@ApiModel("管理后台 - 短信验证码的呢老姑 Request VO")
@Data
@NoArgsConstructor
@AllArgsConstructor
@Builder
public class AuthSmsLoginReqVO {
@ApiModelProperty(value = "手机号", required = true, example = "yudaoyuanma")
@NotEmpty(message = "手机号不能为空")
@Length(min = 11, max = 11, message = "手机号格式错误,仅支持大陆手机号")
@Pattern(regexp = "^[1](([3][0-9])|([4][5-9])|([5][0-3,5-9])|([6][5,6])|([7][0-8])|([8][0-9])|([9][1,8,9]))[0-9]{8}$", message = "账号格式为数字以及字母")
private String mobile;
@ApiModelProperty(value = "短信验证码", required = true, example = "1024", notes = "验证码开启时,需要传递")
@NotEmpty(message = "验证码不能为空", groups = CodeEnableGroup.class)
private String code;
/**
* 开启验证码的 Group
*/
public interface CodeEnableGroup {}
}

46
yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/controller/admin/auth/vo/auth/AuthSmsSendReqVO.java Normal file
View File

@ -0,0 +1,46 @@
package cn.iocoder.yudao.module.system.controller.admin.auth.vo.auth;
import io.swagger.annotations.ApiModel;
import io.swagger.annotations.ApiModelProperty;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Data;
import lombok.NoArgsConstructor;
import org.hibernate.validator.constraints.Length;
import javax.validation.constraints.NotEmpty;
import javax.validation.constraints.Pattern;
@ApiModel("管理后台 - 短信验证码的呢老姑 Request VO")
@Data
@NoArgsConstructor
@AllArgsConstructor
@Builder
public class AuthSmsSendReqVO {
@ApiModelProperty(value = "手机号", required = true, example = "yudaoyuanma")
@NotEmpty(message = "手机号不能为空")
@Length(min = 11, max = 11, message = "手机号格式错误,仅支持大陆手机号")
@Pattern(regexp = "^[1](([3][0-9])|([4][5-9])|([5][0-3,5-9])|([6][5,6])|([7][0-8])|([8][0-9])|([9][1,8,9]))[0-9]{8}$", message = "账号格式为数字以及字母")
private String mobile;
@ApiModelProperty(value = "短信验证码", required = true, example = "1024", notes = "验证码开启时,需要传递")
@NotEmpty(message = "验证码不能为空", groups = CodeEnableGroup.class)
private String code;
@ApiModelProperty(value = "短信场景", required = true, example = "1")
@NotEmpty(message = "短信场景", groups = CodeEnableGroup.class)
private Integer scene;
@ApiModelProperty(value = "验证码的唯一标识", required = true, example = "9b2ffbc1-7425-4155-9894-9d5c08541d62", notes = "验证码开启时,需要传递")
@NotEmpty(message = "唯一标识不能为空", groups = AuthLoginReqVO.CodeEnableGroup.class)
private String uuid;
/**
* 开启验证码的 Group
*/
public interface CodeEnableGroup {}
}

3
yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/convert/auth/AuthConvert.java
View File

@ -3,6 +3,7 @@ package cn.iocoder.yudao.module.system.convert.auth;
import cn.iocoder.yudao.framework.common.enums.UserTypeEnum;
import cn.iocoder.yudao.framework.common.util.collection.CollectionUtils;
import cn.iocoder.yudao.framework.security.core.LoginUser;
import cn.iocoder.yudao.module.system.api.sms.dto.code.SmsCodeSendReqDTO;
import cn.iocoder.yudao.module.system.api.social.dto.SocialUserBindReqDTO;
import cn.iocoder.yudao.module.system.api.social.dto.SocialUserUnbindReqDTO;
import cn.iocoder.yudao.module.system.controller.admin.auth.vo.auth.*;
@ -76,5 +77,5 @@ public interface AuthConvert {
SocialUserBindReqDTO convert(Long userId, Integer userType, AuthSocialLogin2ReqVO reqVO);
SocialUserBindReqDTO convert(Long userId, Integer userType, AuthSocialLoginReqVO reqVO);
SocialUserUnbindReqDTO convert(Long userId, Integer userType, AuthSocialUnbindReqVO reqVO);
SmsCodeSendReqDTO convert(AuthSmsSendReqVO reqVO);
}

4
yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/framework/security/config/SecurityConfiguration.java
View File

@ -20,6 +20,10 @@ public class SecurityConfiguration {
public void customize(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry) {
// 登录的接口,可匿名访问
registry.antMatchers(buildAdminApi("/system/login")).anonymous();
//手机短信验证码登录
registry.antMatchers(buildAdminApi("/system/sms-login")).anonymous();
//短信登录验证码接口
registry.antMatchers(buildAdminApi("/system/send-login-sms-code")).anonymous();
// 验证码的接口
registry.antMatchers(buildAdminApi("/system/captcha/**")).anonymous();
// 获得租户编号的接口

17
yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/service/auth/AdminAuthService.java
View File

@ -24,6 +24,23 @@ public interface AdminAuthService extends SecurityAuthFrameworkService {
*/
String login(@Valid AuthLoginReqVO reqVO, String userIp, String userAgent);
/**
* 短信验证码发送
* @param userId
* @param reqVO
*/
public void sendSmsCode(Long userId, AuthSmsSendReqVO reqVO);
/**
* 短信登录
*
* @param reqVO 登录信息
* @param userIp 用户 IP
* @param userAgent 用户 UA
* @return 身份令牌,使用 JWT 方式
*/
String smsLogin(AuthSmsLoginReqVO reqVO, String userIp, String userAgent) ;
/**
* 社交登录,使用 code 授权码
*

92
yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/service/auth/AdminAuthServiceImpl.java
View File

@ -8,14 +8,14 @@ import cn.iocoder.yudao.framework.common.util.validation.ValidationUtils;
import cn.iocoder.yudao.framework.security.core.LoginUser;
import cn.iocoder.yudao.framework.security.core.authentication.MultiUsernamePasswordAuthenticationToken;
import cn.iocoder.yudao.module.system.api.logger.dto.LoginLogCreateReqDTO;
import cn.iocoder.yudao.module.system.controller.admin.auth.vo.auth.AuthLoginReqVO;
import cn.iocoder.yudao.module.system.controller.admin.auth.vo.auth.AuthSocialBindReqVO;
import cn.iocoder.yudao.module.system.controller.admin.auth.vo.auth.AuthSocialLogin2ReqVO;
import cn.iocoder.yudao.module.system.controller.admin.auth.vo.auth.AuthSocialLoginReqVO;
import cn.iocoder.yudao.module.system.api.sms.SmsCodeApi;
import cn.iocoder.yudao.module.system.api.sms.dto.code.SmsCodeUseReqDTO;
import cn.iocoder.yudao.module.system.controller.admin.auth.vo.auth.*;
import cn.iocoder.yudao.module.system.convert.auth.AuthConvert;
import cn.iocoder.yudao.module.system.dal.dataobject.user.AdminUserDO;
import cn.iocoder.yudao.module.system.enums.logger.LoginLogTypeEnum;
import cn.iocoder.yudao.module.system.enums.logger.LoginResultEnum;
import cn.iocoder.yudao.module.system.enums.sms.SmsSceneEnum;
import cn.iocoder.yudao.module.system.service.common.CaptchaService;
import cn.iocoder.yudao.module.system.service.logger.LoginLogService;
import cn.iocoder.yudao.module.system.service.permission.PermissionService;
@ -41,6 +41,7 @@ import java.util.Objects;
import java.util.Set;
import static cn.iocoder.yudao.framework.common.exception.util.ServiceExceptionUtil.exception;
import static cn.iocoder.yudao.framework.common.util.servlet.ServletUtils.getClientIP;
import static cn.iocoder.yudao.module.system.enums.ErrorCodeConstants.*;
import static java.util.Collections.singleton;
@ -74,6 +75,10 @@ public class AdminAuthServiceImpl implements AdminAuthService {
@Resource
private Validator validator;
@Resource
private SmsCodeApi smsCodeApi;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
// 获取 username 对应的 AdminUserDO
@ -110,6 +115,58 @@ public class AdminAuthServiceImpl implements AdminAuthService {
return createUserSessionAfterLoginSuccess(loginUser, LoginLogTypeEnum.LOGIN_USERNAME, userIp, userAgent);
}
@Override
public void sendSmsCode(Long userId, AuthSmsSendReqVO reqVO) {
this.verifyCaptchaSmsSend(reqVO);
//登录场景,验证是否存在
if(reqVO.getScene().compareTo(SmsSceneEnum.ADMIN_MEMBER_LOGIN.getScene())==0) {
if (userService.getUserByMobile(reqVO.getMobile()) == null) {
throw exception(USER_NOT_EXISTS);
}
}
// TODO 要根据不同的场景,校验是否有用户
smsCodeApi.sendSmsCode(AuthConvert.INSTANCE.convert(reqVO).setCreateIp(getClientIP()));
}
/**
* 短信登录
*/
@Override
public String smsLogin(AuthSmsLoginReqVO reqVO, String userIp, String userAgent) {
/* 从 Member的AuhtConvert中拷贝出来的没单独写类 */
if ( reqVO == null) {
return null;
}
SmsCodeUseReqDTO smsCodeUseReqDTO = new SmsCodeUseReqDTO();
smsCodeUseReqDTO.setMobile( reqVO.getMobile() );
smsCodeUseReqDTO.setCode( reqVO.getCode() );
smsCodeUseReqDTO.setScene( SmsSceneEnum.ADMIN_MEMBER_LOGIN.getScene() );
smsCodeUseReqDTO.setUsedIp(userIp);
smsCodeApi.useSmsCode(smsCodeUseReqDTO);
// 获得用户信息
AdminUserDO user = userService.getUserByMobile(reqVO.getMobile());
if(user==null)
{
throw exception(USER_NOT_EXISTS);
}
cn.hutool.core.lang.Assert.notNull(user, "获取用户失败,结果为空");
// 执行登陆
this.createLoginLog(user.getMobile(),LoginLogTypeEnum.LOGIN_MOBILE, LoginResultEnum.SUCCESS);
LoginUser loginUser = buildLoginUser(user);
// 缓存登陆用户到 Redis 中,返回 sessionId 编号
return createUserSessionAfterLoginSuccess(loginUser, LoginLogTypeEnum.LOGIN_MOBILE, userIp, userAgent);
}
private void verifyCaptcha(AuthLoginReqVO reqVO) {
// 如果验证码关闭,则不进行校验
if (!captchaService.isCaptchaEnable()) {
@ -159,6 +216,33 @@ public class AdminAuthServiceImpl implements AdminAuthService {
return (LoginUser) authentication.getPrincipal();
}
/**
* 验证验证码并发送短信
* @param reqVO
*/
private void verifyCaptchaSmsSend(AuthSmsSendReqVO reqVO) {
// 如果验证码关闭,则不进行校验
if (!captchaService.isCaptchaEnable()) {
return;
}
// 校验验证码
ValidationUtils.validate(validator, reqVO, AuthLoginReqVO.CodeEnableGroup.class);
// 验证码不存在
final LoginLogTypeEnum logTypeEnum = LoginLogTypeEnum.LOGIN_USERNAME;
String code = captchaService.getCaptchaCode(reqVO.getUuid());
if (code == null) {
throw exception(AUTH_LOGIN_CAPTCHA_NOT_FOUND);
}
// 验证码不正确
if (!code.equals(reqVO.getCode())) {
// 创建登录失败日志(验证码不正确)
throw exception(AUTH_LOGIN_CAPTCHA_CODE_ERROR);
}
// 正确,所以要删除下验证码
captchaService.deleteCaptchaCode(reqVO.getUuid());
}
private void createLoginLog(String username, LoginLogTypeEnum logTypeEnum, LoginResultEnum loginResult) {
// 获得用户
AdminUserDO user = userService.getUserByUsername(username);

9
yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/service/user/AdminUserService.java
View File

@ -97,6 +97,15 @@ public interface AdminUserService {
*/
AdminUserDO getUserByUsername(String username);
/**
* 通过手机号获取用户
*
* @param mobile 手机号
* @return 用户对象信息
*/
AdminUserDO getUserByMobile(String mobile);
/**
* 获得用户分页列表
*

10
yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/service/user/AdminUserServiceImpl.java
View File

@ -168,6 +168,16 @@ public class AdminUserServiceImpl implements AdminUserService {
return userMapper.selectByUsername(username);
}
/**
* 通过手机号获取用户
* @param mobile
* @return
*/
@Override
public AdminUserDO getUserByMobile(String mobile) {
return userMapper.selectByMobile(mobile);
}
@Override
public PageResult<AdminUserDO> getUserPage(UserPageReqVO reqVO) {
return userMapper.selectPage(reqVO, this.getDeptCondition(reqVO.getDeptId()));