src/main/java/com/xcong/farmer/cms/configurations/properties/ApplicationProperties.java
@@ -14,5 +14,7 @@ @Configuration @ConfigurationProperties(prefix = "app") public class ApplicationProperties { private boolean debug; } src/main/java/com/xcong/farmer/cms/configurations/properties/SecurityProperties.java
@@ -14,4 +14,6 @@ public class SecurityProperties { private String privateKey; private String publicKey; } src/main/java/com/xcong/farmer/cms/configurations/security/WebSecurityConfig.java
@@ -42,6 +42,7 @@ .antMatchers("/swagger**/**").permitAll() .antMatchers("/webjars/**").permitAll() .antMatchers("/v2/**").permitAll() .antMatchers("/api/common/**").permitAll() .anyRequest().authenticated() .and().apply(securityConfiguereAdapter()); } src/main/java/com/xcong/farmer/cms/modules/system/Controller/AdminCommonController.java
New file @@ -0,0 +1,55 @@ package com.xcong.farmer.cms.modules.system.Controller; import cn.hutool.core.util.IdUtil; import cn.hutool.core.util.StrUtil; import cn.hutool.crypto.SecureUtil; import com.alibaba.fastjson.JSONObject; import com.xcong.farmer.cms.common.contants.AppContants; import com.xcong.farmer.cms.common.response.Result; import com.xcong.farmer.cms.common.system.bean.LoginUserBean; import com.xcong.farmer.cms.common.system.dto.LoginDto; import com.xcong.farmer.cms.modules.system.dto.AdminLoginDto; import com.xcong.farmer.cms.modules.system.service.ICommonService; import com.xcong.farmer.cms.modules.system.service.IUserService; import com.xcong.farmer.cms.utils.RedisUtils; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import lombok.extern.slf4j.Slf4j; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; import javax.annotation.Resource; import javax.servlet.http.HttpServletRequest; import java.util.HashMap; import java.util.Map; @RestController @RequestMapping(value = "/api/common") @Slf4j @Api(value = "登录", tags = "登录") public class AdminCommonController { @Resource private ICommonService iCommonService; @ApiOperation(value = "登陆接口", notes = "登陆接口") @PostMapping("/login") public Result login(@RequestBody AdminLoginDto adminLoginDto) { String username = adminLoginDto.getUsername(); if(StrUtil.isEmpty(username)){ return Result.fail("请输入用户名"); } String password = adminLoginDto.getPassword(); if(StrUtil.isEmpty(password)){ return Result.fail("请输入密码"); } return iCommonService.login(adminLoginDto); } } src/main/java/com/xcong/farmer/cms/modules/system/Controller/AdminMenuController.java
@@ -18,7 +18,7 @@ import javax.validation.Valid; @RestController @RequestMapping(value = "/menu") @RequestMapping(value = "/api/menu") @Slf4j @Api(value = "系统菜单", tags = "系统菜单") public class AdminMenuController { src/main/java/com/xcong/farmer/cms/modules/system/Controller/AdminRoleController.java
@@ -18,7 +18,7 @@ import javax.validation.Valid; @RestController @RequestMapping(value = "/role") @RequestMapping(value = "/api/role") @Slf4j @Api(value = "系统角色", tags = "系统角色") public class AdminRoleController { src/main/java/com/xcong/farmer/cms/modules/system/Controller/AdminUserController.java
@@ -21,7 +21,7 @@ import javax.validation.Valid; @RestController @RequestMapping(value = "/user") @RequestMapping(value = "/api/user") @Slf4j @Api(value = "系统用户", tags = "系统用户") public class AdminUserController { src/main/java/com/xcong/farmer/cms/modules/system/dto/AdminLoginDto.java
New file @@ -0,0 +1,14 @@ package com.xcong.farmer.cms.modules.system.dto; import io.swagger.annotations.ApiModel; import lombok.Data; @Data @ApiModel(value = "AdminLoginDto", description = "参数接收类") public class AdminLoginDto { private String username; private String password; } src/main/java/com/xcong/farmer/cms/modules/system/entity/UserEntity.java
@@ -11,6 +11,10 @@ @TableName("t_user") public class UserEntity extends BaseEntity { /** * 默认账户 */ public static final String USERNAME_DEFAULT = "system"; /** * 默认密码 */ public static final String PASSWORD_DEFAULT = "123456"; src/main/java/com/xcong/farmer/cms/modules/system/mapper/UserMapper.java
@@ -11,4 +11,5 @@ IPage<AdminUserVo> selectAdminUserVoInPage(Page<AdminUserVo> page, @Param("record") UserEntity userEntity); UserEntity selectByUserNameAndPassword(@Param("username")String username, @Param("password")String md5Password); } src/main/java/com/xcong/farmer/cms/modules/system/service/ICommonService.java
New file @@ -0,0 +1,12 @@ package com.xcong.farmer.cms.modules.system.service; import com.baomidou.mybatisplus.extension.service.IService; import com.xcong.farmer.cms.common.response.Result; import com.xcong.farmer.cms.modules.system.dto.AdminLoginDto; import com.xcong.farmer.cms.modules.system.entity.UserEntity; public interface ICommonService extends IService<UserEntity> { Result login(AdminLoginDto adminLoginDto); } src/main/java/com/xcong/farmer/cms/modules/system/service/Impl/CommonServiceImpl.java
New file @@ -0,0 +1,76 @@ package com.xcong.farmer.cms.modules.system.service.Impl; import cn.hutool.crypto.SecureUtil; import cn.hutool.crypto.asymmetric.KeyType; import com.alibaba.fastjson.JSONObject; import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; import com.xcong.farmer.cms.common.contants.AppContants; import com.xcong.farmer.cms.common.response.Result; import com.xcong.farmer.cms.configurations.properties.ApplicationProperties; import com.xcong.farmer.cms.configurations.properties.SecurityProperties; import com.xcong.farmer.cms.modules.system.dto.AdminLoginDto; import com.xcong.farmer.cms.modules.system.entity.UserEntity; import com.xcong.farmer.cms.modules.system.mapper.UserMapper; import com.xcong.farmer.cms.modules.system.service.ICommonService; import com.xcong.farmer.cms.utils.RedisUtils; import lombok.extern.slf4j.Slf4j; import org.springframework.stereotype.Service; import java.util.HashMap; import java.util.Map; import javax.annotation.Resource; import cn.hutool.core.util.StrUtil; import cn.hutool.core.util.IdUtil; import cn.hutool.core.util.ObjectUtil; import cn.hutool.crypto.asymmetric.RSA; @Service @Slf4j public class CommonServiceImpl extends ServiceImpl<UserMapper, UserEntity> implements ICommonService { @Resource private UserMapper userMapper; @Resource private RedisUtils redisUtils; @Resource private ApplicationProperties applicationProperties; @Resource private SecurityProperties securityProperties; @Override public Result login(AdminLoginDto adminLoginDto) { String username = adminLoginDto.getUsername(); String password = adminLoginDto.getPassword(); UserEntity userEntity = userMapper.selectByUserNameAndPassword(username, SecureUtil.md5(password)); if(ObjectUtil.isEmpty(userEntity)){ return Result.fail("请输入正确的账号和密码"); } //生成UUID作为token String token = IdUtil.simpleUUID(); String redisToken = AppContants.APP_LOGIN_PREFIX + token; String redisMember = AppContants.APP_LOGIN_PREFIX + userEntity.getId(); if (StrUtil.isNotBlank(redisUtils.getString(redisMember))) { redisUtils.del(AppContants.APP_LOGIN_PREFIX + redisUtils.getString(redisMember)); } redisUtils.set(redisToken, JSONObject.toJSONString(userEntity), 3000L); redisUtils.set(redisMember, token); Map<String, Object> authInfo = new HashMap<>(); // 开启debug模式,则将加密后的token返回 if (applicationProperties.isDebug()) { authInfo.put("token", token); authInfo.put("rsaToken", AppContants.TOKEN_START_WITH + generateAsaToken(token)); authInfo.put("user", userEntity); } else { authInfo.put("token", token); authInfo.put("user", userEntity); } return Result.ok("登录成功", authInfo); } public String generateAsaToken(String token) { RSA rsa = new RSA(null, securityProperties.getPublicKey()); return rsa.encryptBase64(token + "_" + System.currentTimeMillis(), KeyType.PublicKey); } } src/main/java/com/xcong/farmer/cms/modules/system/service/Impl/UserServiceImpl.java
@@ -1,5 +1,6 @@ package com.xcong.farmer.cms.modules.system.service.Impl; import cn.hutool.crypto.SecureUtil; import com.baomidou.mybatisplus.core.metadata.IPage; import com.baomidou.mybatisplus.extension.plugins.pagination.Page; import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; @@ -18,7 +19,6 @@ import org.springframework.stereotype.Service; import cn.hutool.core.util.StrUtil; import cn.hutool.core.util.ObjectUtil; import cn.hutool.core.codec.Rot; import org.springframework.transaction.annotation.Transactional; import javax.annotation.Resource; @@ -71,8 +71,8 @@ if(StrUtil.isNotEmpty(adminAddUserDto.getEmail())){ userEntity.setEmail(adminAddUserDto.getEmail()); } ; userEntity.setPassword(Rot.encode13(UserEntity.PASSWORD_DEFAULT)); userEntity.setPassword(SecureUtil.md5(UserEntity.PASSWORD_DEFAULT)); userEntity.setStatus(UserEntity.STATUS_ENABLE); int insert = this.baseMapper.insert(userEntity); if(insert > 0){ @@ -180,7 +180,7 @@ if(ObjectUtil.isEmpty(userEntity)){ return Result.fail("用户不存在"); } userEntity.setPassword(Rot.encode13(UserEntity.PASSWORD_DEFAULT)); userEntity.setPassword(SecureUtil.md5(UserEntity.PASSWORD_DEFAULT)); this.baseMapper.updateById(userEntity); return Result.ok("重置成功"); } src/main/resources/application.yml
@@ -77,4 +77,5 @@ debug: true rsa: public_key: MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCCf8UFZK54AiK4PRu7tNd+Z8qZ77o/QXCnk25DRmygVpOEu5mGNSAvfnWmKp2pEV2RljeXq3Rid/+LQkonaebMJeXKSF0yxL/VgyeT8JaQ5gNbOrdfdlc+mFkXJyzyJt8YkvApEdPRNSU2ENBn7mgRfD0BYPM4vZ6/rv+de38FJwIDAQAB private_key: MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAIJ/xQVkrngCIrg9G7u0135nypnvuj9BcKeTbkNGbKBWk4S7mYY1IC9+daYqnakRXZGWN5erdGJ3/4tCSidp5swl5cpIXTLEv9WDJ5PwlpDmA1s6t192Vz6YWRcnLPIm3xiS8CkR09E1JTYQ0GfuaBF8PQFg8zi9nr+u/517fwUnAgMBAAECgYBhPt9NvpI4wbanvnndLczr2GJkxfzvSE+vwLCJF4C5FusFHVsxZINggQcg1V75bwRgCiXRMyYefreCSdrCditS43PzTOmE4RRrpxLlm8oubJc0C98LQ2qlN9AsUqL5IHpVGgbHDyWAwjc1GBID6nwXKpxq1/VodFqhahG9D5EZsQJBALnkb+5VTxQbiyQI4Uc9NIvAyVcNY1OisbvY6tvNgdBbJkADgAb78M1HWxxYjUqsvzggNHc7cWqWBHMgpnJaqm8CQQCztze4D7uAk7OC9MJHY5eE980J8Kk+GEZKxz4LahzU6V6dcb9GFac3wEtgilj/tOAn9y0/Q8sm9vvCIbMDzgzJAkEAqRYcqhF26LdVDOX25DHMBgLKISDQZFbsjA13M4/usHL4i+mjHrc0BcUOHu59NpuDI65HitzLAUSLr5zXSdUmiQJAW77wOg4GCejdXsB3IhzMsHwU97sdm26nC+vVV9xvJZ6Rx8zW+f9543NOx9U5BCmhuaVtOvvwDU9PTVcI3atmSQJAXAIJ5gGdtXx0DXiX4VvzNFHqgaqHMGvXyjNVkU2FYQbSAd2A6app4uRO+BkZu9dSjh14m+oXMnV2HzAN2rRnjA== src/main/resources/mapper/UserMapper.xml
@@ -17,4 +17,8 @@ order by a.create_time desc </select> <select id="selectByUserNameAndPassword" resultType="com.xcong.farmer.cms.modules.system.entity.UserEntity"> SELECT a.* FROM t_user a where a.username = #{username} and a.password = #{password} </select> </mapper> src/test/java/com/xcong/farmer/cms/RSATest.java
@@ -7,6 +7,7 @@ import cn.hutool.crypto.SecureUtil; import cn.hutool.crypto.asymmetric.KeyType; import cn.hutool.crypto.asymmetric.RSA; import com.xcong.farmer.cms.modules.system.entity.UserEntity; import lombok.extern.slf4j.Slf4j; import org.junit.jupiter.api.Test; import org.springframework.boot.test.context.SpringBootTest; @@ -28,9 +29,8 @@ @Test public void rsaTest() { KeyPair keyPair = SecureUtil.generateKeyPair("RSA"); log.info("{}", Base64.encode(keyPair.getPublic().getEncoded())); log.info("{}", Base64.encode(keyPair.getPrivate().getEncoded())); String s = SecureUtil.md5(UserEntity.PASSWORD_DEFAULT); System.out.println(s); }
