mirror of
https://github.com/dromara/RuoYi-Vue-Plus.git
synced 2025-09-24 07:19:46 +08:00
update 优化 重构登录策略增加扩展性降低复杂度
This commit is contained in:
疯狂的狮子Li
@ -14,10 +14,9 @@ import org.dromara.common.core.constant.UserConstants;
|
||||
import org.dromara.common.core.domain.R;
|
||||
import org.dromara.common.core.domain.model.LoginBody;
|
||||
import org.dromara.common.core.domain.model.RegisterBody;
|
||||
import org.dromara.common.core.utils.MapstructUtils;
|
||||
import org.dromara.common.core.utils.MessageUtils;
|
||||
import org.dromara.common.core.utils.StreamUtils;
|
||||
import org.dromara.common.core.utils.StringUtils;
|
||||
import org.dromara.common.core.domain.model.SocialLoginBody;
|
||||
import org.dromara.common.core.utils.*;
|
||||
import org.dromara.common.json.utils.JsonUtils;
|
||||
import org.dromara.common.social.config.properties.SocialLoginConfigProperties;
|
||||
import org.dromara.common.social.config.properties.SocialProperties;
|
||||
import org.dromara.common.social.utils.SocialUtils;
|
||||
@ -66,11 +65,13 @@ public class AuthController {
|
||||
/**
|
||||
* 登录方法
|
||||
*
|
||||
* @param loginBody 登录信息
|
||||
* @param body 登录信息
|
||||
* @return 结果
|
||||
*/
|
||||
@PostMapping("/login")
|
||||
public R<LoginVo> login(@Validated @RequestBody LoginBody loginBody) {
|
||||
public R<LoginVo> login(@Validated @RequestBody String body) {
|
||||
LoginBody loginBody = JsonUtils.parseObject(body, LoginBody.class);
|
||||
ValidatorUtils.validate(loginBody);
|
||||
// 授权类型和客户端id
|
||||
String clientId = loginBody.getClientId();
|
||||
String grantType = loginBody.getGrantType();
|
||||
@ -85,7 +86,7 @@ public class AuthController {
|
||||
// 校验租户
|
||||
loginService.checkTenant(loginBody.getTenantId());
|
||||
// 登录
|
||||
return R.ok(IAuthStrategy.login(loginBody, client));
|
||||
return R.ok(IAuthStrategy.login(body, client, grantType));
|
||||
}
|
||||
|
||||
/**
|
||||
@ -112,9 +113,11 @@ public class AuthController {
|
||||
* @return 结果
|
||||
*/
|
||||
@PostMapping("/social/callback")
|
||||
public R<Void> socialCallback(@RequestBody LoginBody loginBody) {
|
||||
public R<Void> socialCallback(@RequestBody SocialLoginBody loginBody) {
|
||||
// 获取第三方登录信息
|
||||
AuthResponse<AuthUser> response = SocialUtils.loginAuth(loginBody, socialProperties);
|
||||
AuthResponse<AuthUser> response = SocialUtils.loginAuth(
|
||||
loginBody.getSource(), loginBody.getSocialCode(),
|
||||
loginBody.getSocialState(), socialProperties);
|
||||
AuthUser authUserData = response.getData();
|
||||
// 判断授权响应是否成功
|
||||
if (!response.ok()) {
|
||||
|
||||
@ -1,7 +1,6 @@
|
||||
package org.dromara.web.service;
|
||||
|
||||
|
||||
import org.dromara.common.core.domain.model.LoginBody;
|
||||
import org.dromara.common.core.exception.ServiceException;
|
||||
import org.dromara.common.core.utils.SpringUtils;
|
||||
import org.dromara.system.domain.SysClient;
|
||||
@ -19,27 +18,20 @@ public interface IAuthStrategy {
|
||||
/**
|
||||
* 登录
|
||||
*/
|
||||
static LoginVo login(LoginBody loginBody, SysClient client) {
|
||||
static LoginVo login(String body, SysClient client, String grantType) {
|
||||
// 授权类型和客户端id
|
||||
String clientId = loginBody.getClientId();
|
||||
String grantType = loginBody.getGrantType();
|
||||
String clientId = client.getClientId();
|
||||
String beanName = grantType + BASE_NAME;
|
||||
if (!SpringUtils.containsBean(beanName)) {
|
||||
throw new ServiceException("授权类型不正确!");
|
||||
}
|
||||
IAuthStrategy instance = SpringUtils.getBean(beanName);
|
||||
instance.validate(loginBody);
|
||||
return instance.login(clientId, loginBody, client);
|
||||
return instance.login(clientId, body, client);
|
||||
}
|
||||
|
||||
/**
|
||||
* 参数校验
|
||||
*/
|
||||
void validate(LoginBody loginBody);
|
||||
|
||||
/**
|
||||
* 登录
|
||||
*/
|
||||
LoginVo login(String clientId, LoginBody loginBody, SysClient client);
|
||||
LoginVo login(String clientId, String body, SysClient client);
|
||||
|
||||
}
|
||||
|
||||
@ -8,7 +8,7 @@ import lombok.RequiredArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.dromara.common.core.constant.Constants;
|
||||
import org.dromara.common.core.constant.GlobalConstants;
|
||||
import org.dromara.common.core.domain.model.LoginBody;
|
||||
import org.dromara.common.core.domain.model.EmailLoginBody;
|
||||
import org.dromara.common.core.domain.model.LoginUser;
|
||||
import org.dromara.common.core.enums.LoginType;
|
||||
import org.dromara.common.core.enums.UserStatus;
|
||||
@ -17,7 +17,7 @@ import org.dromara.common.core.exception.user.UserException;
|
||||
import org.dromara.common.core.utils.MessageUtils;
|
||||
import org.dromara.common.core.utils.StringUtils;
|
||||
import org.dromara.common.core.utils.ValidatorUtils;
|
||||
import org.dromara.common.core.validate.auth.EmailGroup;
|
||||
import org.dromara.common.json.utils.JsonUtils;
|
||||
import org.dromara.common.redis.utils.RedisUtils;
|
||||
import org.dromara.common.satoken.utils.LoginHelper;
|
||||
import org.dromara.common.tenant.helper.TenantHelper;
|
||||
@ -44,12 +44,9 @@ public class EmailAuthStrategy implements IAuthStrategy {
|
||||
private final SysUserMapper userMapper;
|
||||
|
||||
@Override
|
||||
public void validate(LoginBody loginBody) {
|
||||
ValidatorUtils.validate(loginBody, EmailGroup.class);
|
||||
}
|
||||
|
||||
@Override
|
||||
public LoginVo login(String clientId, LoginBody loginBody, SysClient client) {
|
||||
public LoginVo login(String clientId, String body, SysClient client) {
|
||||
EmailLoginBody loginBody = JsonUtils.parseObject(body, EmailLoginBody.class);
|
||||
ValidatorUtils.validate(loginBody);
|
||||
String tenantId = loginBody.getTenantId();
|
||||
String email = loginBody.getEmail();
|
||||
String emailCode = loginBody.getEmailCode();
|
||||
|
||||
@ -9,8 +9,8 @@ import lombok.RequiredArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.dromara.common.core.constant.Constants;
|
||||
import org.dromara.common.core.constant.GlobalConstants;
|
||||
import org.dromara.common.core.domain.model.LoginBody;
|
||||
import org.dromara.common.core.domain.model.LoginUser;
|
||||
import org.dromara.common.core.domain.model.PasswordLoginBody;
|
||||
import org.dromara.common.core.enums.LoginType;
|
||||
import org.dromara.common.core.enums.UserStatus;
|
||||
import org.dromara.common.core.exception.user.CaptchaException;
|
||||
@ -19,7 +19,7 @@ import org.dromara.common.core.exception.user.UserException;
|
||||
import org.dromara.common.core.utils.MessageUtils;
|
||||
import org.dromara.common.core.utils.StringUtils;
|
||||
import org.dromara.common.core.utils.ValidatorUtils;
|
||||
import org.dromara.common.core.validate.auth.PasswordGroup;
|
||||
import org.dromara.common.json.utils.JsonUtils;
|
||||
import org.dromara.common.redis.utils.RedisUtils;
|
||||
import org.dromara.common.satoken.utils.LoginHelper;
|
||||
import org.dromara.common.tenant.helper.TenantHelper;
|
||||
@ -48,12 +48,9 @@ public class PasswordAuthStrategy implements IAuthStrategy {
|
||||
private final SysUserMapper userMapper;
|
||||
|
||||
@Override
|
||||
public void validate(LoginBody loginBody) {
|
||||
ValidatorUtils.validate(loginBody, PasswordGroup.class);
|
||||
}
|
||||
|
||||
@Override
|
||||
public LoginVo login(String clientId, LoginBody loginBody, SysClient client) {
|
||||
public LoginVo login(String clientId, String body, SysClient client) {
|
||||
PasswordLoginBody loginBody = JsonUtils.parseObject(body, PasswordLoginBody.class);
|
||||
ValidatorUtils.validate(loginBody);
|
||||
String tenantId = loginBody.getTenantId();
|
||||
String username = loginBody.getUsername();
|
||||
String password = loginBody.getPassword();
|
||||
|
||||
@ -8,8 +8,8 @@ import lombok.RequiredArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.dromara.common.core.constant.Constants;
|
||||
import org.dromara.common.core.constant.GlobalConstants;
|
||||
import org.dromara.common.core.domain.model.LoginBody;
|
||||
import org.dromara.common.core.domain.model.LoginUser;
|
||||
import org.dromara.common.core.domain.model.SmsLoginBody;
|
||||
import org.dromara.common.core.enums.LoginType;
|
||||
import org.dromara.common.core.enums.UserStatus;
|
||||
import org.dromara.common.core.exception.user.CaptchaExpireException;
|
||||
@ -17,7 +17,7 @@ import org.dromara.common.core.exception.user.UserException;
|
||||
import org.dromara.common.core.utils.MessageUtils;
|
||||
import org.dromara.common.core.utils.StringUtils;
|
||||
import org.dromara.common.core.utils.ValidatorUtils;
|
||||
import org.dromara.common.core.validate.auth.SmsGroup;
|
||||
import org.dromara.common.json.utils.JsonUtils;
|
||||
import org.dromara.common.redis.utils.RedisUtils;
|
||||
import org.dromara.common.satoken.utils.LoginHelper;
|
||||
import org.dromara.common.tenant.helper.TenantHelper;
|
||||
@ -44,12 +44,9 @@ public class SmsAuthStrategy implements IAuthStrategy {
|
||||
private final SysUserMapper userMapper;
|
||||
|
||||
@Override
|
||||
public void validate(LoginBody loginBody) {
|
||||
ValidatorUtils.validate(loginBody, SmsGroup.class);
|
||||
}
|
||||
|
||||
@Override
|
||||
public LoginVo login(String clientId, LoginBody loginBody, SysClient client) {
|
||||
public LoginVo login(String clientId, String body, SysClient client) {
|
||||
SmsLoginBody loginBody = JsonUtils.parseObject(body, SmsLoginBody.class);
|
||||
ValidatorUtils.validate(loginBody);
|
||||
String tenantId = loginBody.getTenantId();
|
||||
String phonenumber = loginBody.getPhonenumber();
|
||||
String smsCode = loginBody.getSmsCode();
|
||||
|
||||
@ -13,14 +13,14 @@ import lombok.extern.slf4j.Slf4j;
|
||||
import me.zhyd.oauth.model.AuthResponse;
|
||||
import me.zhyd.oauth.model.AuthUser;
|
||||
import org.dromara.common.core.constant.Constants;
|
||||
import org.dromara.common.core.domain.model.LoginBody;
|
||||
import org.dromara.common.core.domain.model.LoginUser;
|
||||
import org.dromara.common.core.domain.model.SocialLoginBody;
|
||||
import org.dromara.common.core.enums.UserStatus;
|
||||
import org.dromara.common.core.exception.ServiceException;
|
||||
import org.dromara.common.core.exception.user.UserException;
|
||||
import org.dromara.common.core.utils.MessageUtils;
|
||||
import org.dromara.common.core.utils.ValidatorUtils;
|
||||
import org.dromara.common.core.validate.auth.SocialGroup;
|
||||
import org.dromara.common.json.utils.JsonUtils;
|
||||
import org.dromara.common.satoken.utils.LoginHelper;
|
||||
import org.dromara.common.social.config.properties.SocialProperties;
|
||||
import org.dromara.common.social.utils.SocialUtils;
|
||||
@ -51,22 +51,20 @@ public class SocialAuthStrategy implements IAuthStrategy {
|
||||
private final SysUserMapper userMapper;
|
||||
private final SysLoginService loginService;
|
||||
|
||||
|
||||
@Override
|
||||
public void validate(LoginBody loginBody) {
|
||||
ValidatorUtils.validate(loginBody, SocialGroup.class);
|
||||
}
|
||||
|
||||
/**
|
||||
* 登录-第三方授权登录
|
||||
*
|
||||
* @param clientId 客户端id
|
||||
* @param loginBody 登录信息
|
||||
* @param client 客户端信息
|
||||
* @param clientId 客户端id
|
||||
* @param body 登录信息
|
||||
* @param client 客户端信息
|
||||
*/
|
||||
@Override
|
||||
public LoginVo login(String clientId, LoginBody loginBody, SysClient client) {
|
||||
AuthResponse<AuthUser> response = SocialUtils.loginAuth(loginBody, socialProperties);
|
||||
public LoginVo login(String clientId, String body, SysClient client) {
|
||||
SocialLoginBody loginBody = JsonUtils.parseObject(body, SocialLoginBody.class);
|
||||
ValidatorUtils.validate(loginBody);
|
||||
AuthResponse<AuthUser> response = SocialUtils.loginAuth(
|
||||
loginBody.getSource(), loginBody.getSocialCode(),
|
||||
loginBody.getSocialState(), socialProperties);
|
||||
if (!response.ok()) {
|
||||
throw new ServiceException(response.getMsg());
|
||||
}
|
||||
@ -74,11 +72,11 @@ public class SocialAuthStrategy implements IAuthStrategy {
|
||||
if ("GITEE".equals(authUserData.getSource())) {
|
||||
// 如用户使用 gitee 登录顺手 star 给作者一点支持 拒绝白嫖
|
||||
HttpUtil.createRequest(Method.PUT, "https://gitee.com/api/v5/user/starred/dromara/RuoYi-Vue-Plus")
|
||||
.formStr(MapUtil.of("access_token", authUserData.getToken().getAccessToken()))
|
||||
.executeAsync();
|
||||
.formStr(MapUtil.of("access_token", authUserData.getToken().getAccessToken()))
|
||||
.executeAsync();
|
||||
HttpUtil.createRequest(Method.PUT, "https://gitee.com/api/v5/user/starred/dromara/RuoYi-Cloud-Plus")
|
||||
.formStr(MapUtil.of("access_token", authUserData.getToken().getAccessToken()))
|
||||
.executeAsync();
|
||||
.formStr(MapUtil.of("access_token", authUserData.getToken().getAccessToken()))
|
||||
.executeAsync();
|
||||
}
|
||||
|
||||
SysSocialVo social = sysSocialService.selectByAuthId(authUserData.getSource() + authUserData.getUuid());
|
||||
@ -88,7 +86,7 @@ public class SocialAuthStrategy implements IAuthStrategy {
|
||||
// 验证授权表里面的租户id是否包含当前租户id
|
||||
String tenantId = social.getTenantId();
|
||||
if (ObjectUtil.isNotNull(social) && StrUtil.isNotBlank(tenantId)
|
||||
&& !tenantId.contains(loginBody.getTenantId())) {
|
||||
&& !tenantId.contains(loginBody.getTenantId())) {
|
||||
throw new ServiceException("对不起,你没有权限登录当前租户!");
|
||||
}
|
||||
|
||||
@ -121,9 +119,9 @@ public class SocialAuthStrategy implements IAuthStrategy {
|
||||
|
||||
private SysUserVo loadUser(String tenantId, Long userId) {
|
||||
SysUser user = userMapper.selectOne(new LambdaQueryWrapper<SysUser>()
|
||||
.select(SysUser::getUserName, SysUser::getStatus)
|
||||
.eq(TenantHelper.isEnable(), SysUser::getTenantId, tenantId)
|
||||
.eq(SysUser::getUserId, userId));
|
||||
.select(SysUser::getUserName, SysUser::getStatus)
|
||||
.eq(TenantHelper.isEnable(), SysUser::getTenantId, tenantId)
|
||||
.eq(SysUser::getUserId, userId));
|
||||
if (ObjectUtil.isNull(user)) {
|
||||
log.info("登录用户:{} 不存在.", "");
|
||||
throw new UserException("user.not.exists", "");
|
||||
|
||||
@ -6,12 +6,12 @@ import cn.hutool.core.util.ObjectUtil;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.dromara.common.core.constant.Constants;
|
||||
import org.dromara.common.core.domain.model.LoginBody;
|
||||
import org.dromara.common.core.domain.model.XcxLoginBody;
|
||||
import org.dromara.common.core.domain.model.XcxLoginUser;
|
||||
import org.dromara.common.core.enums.UserStatus;
|
||||
import org.dromara.common.core.utils.MessageUtils;
|
||||
import org.dromara.common.core.utils.ValidatorUtils;
|
||||
import org.dromara.common.core.validate.auth.WechatGroup;
|
||||
import org.dromara.common.json.utils.JsonUtils;
|
||||
import org.dromara.common.satoken.utils.LoginHelper;
|
||||
import org.dromara.system.domain.SysClient;
|
||||
import org.dromara.system.domain.vo.SysUserVo;
|
||||
@ -33,14 +33,14 @@ public class XcxAuthStrategy implements IAuthStrategy {
|
||||
private final SysLoginService loginService;
|
||||
|
||||
@Override
|
||||
public void validate(LoginBody loginBody) {
|
||||
ValidatorUtils.validate(loginBody, WechatGroup.class);
|
||||
}
|
||||
|
||||
@Override
|
||||
public LoginVo login(String clientId, LoginBody loginBody, SysClient client) {
|
||||
public LoginVo login(String clientId, String body, SysClient client) {
|
||||
XcxLoginBody loginBody = JsonUtils.parseObject(body, XcxLoginBody.class);
|
||||
ValidatorUtils.validate(loginBody);
|
||||
// xcxCode 为 小程序调用 wx.login 授权后获取
|
||||
String xcxCode = loginBody.getXcxCode();
|
||||
// 多个小程序识别使用
|
||||
String appid = loginBody.getAppid();
|
||||
|
||||
// todo 以下自行实现
|
||||
// 校验 appid + appsrcret + xcxCode 调用登录凭证校验接口 获取 session_key 与 openid
|
||||
String openid = "";
|
||||
|
||||
Reference in New Issue
Block a user