perf:请求时将通过getCurrentUserName()方法返回的对象检验用户是否非法

This commit is contained in:
曾文豪
2024-08-07 14:09:28 +08:00
parent bb38428708
commit 1ee4b4af30
27 changed files with 295 additions and 314 deletions

View File

@@ -1,16 +0,0 @@
package com.tiesheng.login;
import com.tiesheng.platform.PlatformAutoConfigurer;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Import;
/**
* @author hao
*/
@ComponentScan({
"com.tiesheng.login.**.*",
})
@Import(PlatformAutoConfigurer.class)
public class LoginAutoConfigurer {
}

View File

@@ -3,7 +3,10 @@ package com.tiesheng.login.config;
import cn.hutool.core.util.ObjUtil;
import cn.hutool.core.util.StrUtil;
import com.tiesheng.annotation.token.TokenIgnore;
import com.tiesheng.login.pojos.RequestUserInfo;
import com.tiesheng.login.service.TsLoginConfigurer;
import com.tiesheng.util.config.TsTokenConfig;
import com.tiesheng.util.exception.ApiException;
import com.tiesheng.util.pojos.TokenBean;
import org.springframework.boot.autoconfigure.web.servlet.error.BasicErrorController;
import org.springframework.context.annotation.Configuration;
@@ -29,6 +32,8 @@ public class TokenWebMvcConfigurer implements WebMvcConfigurer {
@Resource
TsTokenConfig tsTokenConfig;
@Resource
TsLoginConfigurer tsLoginConfigurer;
@Override
public void addArgumentResolvers(List<HandlerMethodArgumentResolver> resolvers) {
@@ -96,8 +101,14 @@ public class TokenWebMvcConfigurer implements WebMvcConfigurer {
return true;
}
// token验证
tsTokenConfig.validToken(request, true);
// 验证TOKEN是否存在
TokenBean tokenBean = tsTokenConfig.validToken(request, true);
// 验证用户是否存在
RequestUserInfo cachedUserInfo = tsLoginConfigurer.getCachedUserInfo(tokenBean);
if (cachedUserInfo == null) {
throw new ApiException("非法TOKEN请重新登录");
}
return true;
}

View File

@@ -6,13 +6,11 @@ import cn.hutool.core.util.URLUtil;
import com.alibaba.fastjson.JSON;
import com.tiesheng.annotation.operation.OperationIgnore;
import com.tiesheng.annotation.token.TokenIgnore;
import com.tiesheng.util.config.TsTokenConfig;
import com.tiesheng.util.pojos.TokenBean;
import com.tiesheng.login.pojos.CodeExtraDTO;
import com.tiesheng.login.pojos.DoLoginInfo;
import com.tiesheng.login.pojos.UniqueIndexDTO;
import com.tiesheng.login.pojos.WxminiLoginVo;
import com.tiesheng.login.service.TieshengLoginConfigurer;
import com.tiesheng.login.service.CorePlatformUniqueService;
import com.tiesheng.platform.config.ding.PlatformDingConfig;
import com.tiesheng.platform.config.ding.bean.DingJsapiSignature;
import com.tiesheng.platform.config.ding.bean.DingUserInfo;
@@ -23,8 +21,10 @@ import com.tiesheng.platform.config.wxmp.bean.WxConfigBean;
import com.tiesheng.platform.config.wxmp.bean.WxJsapiSignature;
import com.tiesheng.platform.config.wxmp.bean.WxUserInfo;
import com.tiesheng.util.config.GlobalConfig;
import com.tiesheng.util.config.TsTokenConfig;
import com.tiesheng.util.exception.ApiException;
import com.tiesheng.util.pojos.ApiResp;
import com.tiesheng.util.pojos.TokenBean;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
@@ -49,7 +49,7 @@ public class LoginController {
@Autowired
PlatformWxminiConfig platformWxminiConfig;
@Autowired
TieshengLoginConfigurer tieshengLoginConfigurer;
CorePlatformUniqueService corePlatformUniqueService;
@Autowired
GlobalConfig globalConfig;
@Autowired
@@ -65,13 +65,13 @@ public class LoginController {
@OperationIgnore
public void uniqueIndex(UniqueIndexDTO dto, HttpServletResponse response) {
if (tsTokenConfig.isValidLoginSign() && !dto.validSign()) {
tieshengLoginConfigurer.onSignError(response);
corePlatformUniqueService.onSignError(response);
return;
}
TokenBean tokenBean = tieshengLoginConfigurer.doLogin(new DoLoginInfo("web_unique_redirect",
TokenBean tokenBean = corePlatformUniqueService.login(new DoLoginInfo("web_unique_redirect",
dto.getNo(), dto.getPlatform(), dto.getInfo()));
tieshengLoginConfigurer.onLoginRedirect(tokenBean, dto.getTo(), dto.getExtra(), response);
corePlatformUniqueService.redirect(tokenBean, dto.getTo(), dto.getExtra(), response);
}
@@ -84,7 +84,7 @@ public class LoginController {
@PostMapping("/unique/index")
@OperationIgnore
public ApiResp<String> uniqueIndex(@RequestBody UniqueIndexDTO dto) {
TokenBean tokenBean = tieshengLoginConfigurer.doLogin(new DoLoginInfo("web_unique_index",
TokenBean tokenBean = corePlatformUniqueService.login(new DoLoginInfo("web_unique_index",
dto.getNo(), dto.getPlatform(), dto.getInfo()));
if (tokenBean == null || StrUtil.isEmpty(tokenBean.getId())) {
throw new ApiException("登录失败");
@@ -134,9 +134,9 @@ public class LoginController {
public void dingOauth2(@PathVariable String service, CodeExtraDTO dto, HttpServletResponse response) {
DingUserSimple userSimple = platformDingConfig.getUserIdByCode(service, dto.getCode());
DingUserInfo dingUserInfo = platformDingConfig.topapiV2UserGet(service, userSimple.getUserid());
TokenBean tokenBean = tieshengLoginConfigurer.doLogin(new DoLoginInfo(dingUserInfo.getAppId(),
TokenBean tokenBean = corePlatformUniqueService.login(new DoLoginInfo(dingUserInfo.getAppId(),
dingUserInfo.getUserid(), "ding", JSON.toJSONString(dingUserInfo)));
tieshengLoginConfigurer.onLoginRedirect(tokenBean, dto.getTo(), dto.getExtra(), response);
corePlatformUniqueService.redirect(tokenBean, dto.getTo(), dto.getExtra(), response);
}
@@ -182,9 +182,9 @@ public class LoginController {
@OperationIgnore
public void wxmpOauth2(@PathVariable String service, CodeExtraDTO dto, HttpServletResponse response) {
WxUserInfo wxUserInfo = platformWxmpConfig.getOAuth2AccessToken(service, dto.getCode());
TokenBean tokenBean = tieshengLoginConfigurer.doLogin(new DoLoginInfo(wxUserInfo.getAppId(),
TokenBean tokenBean = corePlatformUniqueService.login(new DoLoginInfo(wxUserInfo.getAppId(),
wxUserInfo.getOpenid(), "wxmp", JSON.toJSONString(wxUserInfo)));
tieshengLoginConfigurer.onLoginRedirect(tokenBean, dto.getTo(), dto.getExtra(), response);
corePlatformUniqueService.redirect(tokenBean, dto.getTo(), dto.getExtra(), response);
}
@@ -214,7 +214,7 @@ public class LoginController {
public ApiResp<WxminiLoginVo> wxminiIndex(@PathVariable String service, String code) {
String openid = platformWxminiConfig.jscode2session(service, code);
WxConfigBean configBean = platformWxminiConfig.getConfigBean(service);
TokenBean tokenBean = tieshengLoginConfigurer.doLogin(new DoLoginInfo(configBean.getAppId(),
TokenBean tokenBean = corePlatformUniqueService.login(new DoLoginInfo(configBean.getAppId(),
openid, "wxmini", "{}"));
WxminiLoginVo loginVo = new WxminiLoginVo();

View File

@@ -0,0 +1,7 @@
package com.tiesheng.login.mapper;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import com.tiesheng.login.pojos.dao.CoreLogLogin;
public interface CoreLogLoginMapper extends BaseMapper<CoreLogLogin> {
}

View File

@@ -0,0 +1,7 @@
package com.tiesheng.login.mapper;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import com.tiesheng.login.pojos.dao.CorePlatformUnique;
public interface CorePlatformUniqueMapper extends BaseMapper<CorePlatformUnique> {
}

View File

@@ -0,0 +1,41 @@
package com.tiesheng.login.pojos;
/**
* 当前token的数据
*
* @author hao
*/
public class RequestUserInfo {
private String id;
private String name;
private Object data;
///////////////////////////////////////////////////////////////////////////
// setter\getter
///////////////////////////////////////////////////////////////////////////
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public Object getData() {
return data;
}
public void setData(Object data) {
this.data = data;
}
}

View File

@@ -0,0 +1,111 @@
package com.tiesheng.login.pojos.dao;
import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.annotation.TableName;
import com.tiesheng.util.pojos.DaoBase;
/**
* 日志-登录
*/
@TableName(value = "core_log_login")
public class CoreLogLogin extends DaoBase {
/**
* 用户id
*/
@TableField(value = "user_id")
private String userId;
/**
* 用户id
*/
@TableField(value = "user_name")
private String userName;
/**
* ip
*/
@TableField(value = "platform")
private String platform;
/**
* ip
*/
@TableField(value = "ip")
private String ip;
/**
* ip地址
*/
@TableField(value = "address")
private String address;
/**
* 获取用户id
*
* @return user_id - 用户id
*/
public String getUserId() {
return userId;
}
/**
* 设置用户id
*
* @param userId 用户id
*/
public void setUserId(String userId) {
this.userId = userId;
}
public String getUserName() {
return userName;
}
public void setUserName(String userName) {
this.userName = userName;
}
public String getPlatform() {
return platform;
}
public void setPlatform(String platform) {
this.platform = platform;
}
/**
* 获取ip
*
* @return ip - ip
*/
public String getIp() {
return ip;
}
/**
* 设置ip
*
* @param ip ip
*/
public void setIp(String ip) {
this.ip = ip;
}
/**
* 获取ip地址
*
* @return address - ip地址
*/
public String getAddress() {
return address;
}
/**
* 设置ip地址
*
* @param address ip地址
*/
public void setAddress(String address) {
this.address = address;
}
}

View File

@@ -0,0 +1,131 @@
package com.tiesheng.login.pojos.dao;
import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.annotation.TableName;
import com.tiesheng.util.pojos.DaoBase;
/**
* 平台-唯一值
*/
@TableName(value = "core_platform_unique")
public class CorePlatformUnique extends DaoBase {
/**
* 用户id
*/
@TableField(value = "user_id")
private String userId;
/**
* appId
*/
@TableField(value = "app_id")
private String appId;
/**
* 唯一值
*/
@TableField(value = "unique_id")
private String uniqueId;
/**
* 平台
*/
@TableField(value = "platform")
private String platform;
/**
* 其他参数
*/
@TableField(value = "info")
private String info;
/**
* 获取用户id
*
* @return user_id - 用户id
*/
public String getUserId() {
return userId;
}
/**
* 设置用户id
*
* @param userId 用户id
*/
public void setUserId(String userId) {
this.userId = userId;
}
/**
* 获取appId
*
* @return app_id - appId
*/
public String getAppId() {
return appId;
}
/**
* 设置appId
*
* @param appId appId
*/
public void setAppId(String appId) {
this.appId = appId;
}
/**
* 获取唯一值
*
* @return unique_id - 唯一值
*/
public String getUniqueId() {
return uniqueId;
}
/**
* 设置唯一值
*
* @param uniqueId 唯一值
*/
public void setUniqueId(String uniqueId) {
this.uniqueId = uniqueId;
}
/**
* 获取平台
*
* @return platform - 平台
*/
public String getPlatform() {
return platform;
}
/**
* 设置平台
*
* @param platform 平台
*/
public void setPlatform(String platform) {
this.platform = platform;
}
/**
* 获取其他参数
*
* @return info - 其他参数
*/
public String getInfo() {
return info;
}
/**
* 设置其他参数
*
* @param info 其他参数
*/
public void setInfo(String info) {
this.info = info;
}
}

View File

@@ -0,0 +1,113 @@
package com.tiesheng.login.service;
import cn.hutool.core.util.StrUtil;
import cn.hutool.extra.servlet.ServletUtil;
import com.tiesheng.login.mapper.CoreLogLoginMapper;
import com.tiesheng.login.mapper.CorePlatformUniqueMapper;
import com.tiesheng.login.pojos.DoLoginInfo;
import com.tiesheng.login.pojos.RequestUserInfo;
import com.tiesheng.login.pojos.dao.CoreLogLogin;
import com.tiesheng.login.pojos.dao.CorePlatformUnique;
import com.tiesheng.util.ServletKit;
import com.tiesheng.util.config.Ip2regionConfig;
import com.tiesheng.util.pojos.TokenBean;
import com.tiesheng.util.service.TsServiceBase;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Objects;
/**
* @author hao
*/
@Service
public class CorePlatformUniqueService extends TsServiceBase<CorePlatformUniqueMapper, CorePlatformUnique> {
@Resource
CoreLogLoginMapper coreLogLoginMapper;
@Resource
Ip2regionConfig ip2regionConfig;
@Resource
TsLoginConfigurer tsLoginConfigurer;
@Transactional(rollbackFor = Exception.class)
public TokenBean login(DoLoginInfo loginInfo) {
CorePlatformUnique platformUnique = getOneByColumn("unique_id", loginInfo.getUnique());
if (platformUnique == null) {
platformUnique = new CorePlatformUnique();
platformUnique.setAppId(loginInfo.getAppId());
platformUnique.setUniqueId(loginInfo.getUnique());
}
platformUnique.setPlatform(loginInfo.getPlatform());
platformUnique.setInfo(loginInfo.getInfo());
saveOrUpdate(platformUnique);
String oldUserId = platformUnique.getUserId();
TokenBean tokenBean = tsLoginConfigurer.login(platformUnique);
if (tokenBean != null) {
// 添加登录日志
addLoginLog(platformUnique, tokenBean);
// 更新唯一值
if (!StrUtil.isEmpty(tokenBean.getId()) &&
!Objects.equals(oldUserId, tokenBean.getId())) {
platformUnique.setUserId(tokenBean.getId());
saveOrUpdate(platformUnique);
}
}
return tokenBean;
}
/**
* 授权登录回调
*
* @param bean
*/
public void redirect(TokenBean bean, String to, String extra, HttpServletResponse response) {
tsLoginConfigurer.redirect(bean, to, extra, response);
}
/**
* 签名错误的时候
*/
public void onSignError(HttpServletResponse response) {
tsLoginConfigurer.onSignError(response);
}
///////////////////////////////////////////////////////////////////////////
// 登录日志
///////////////////////////////////////////////////////////////////////////
/**
* 添加登录日志
*
* @param platformUnique
* @param tokenBean
*/
public void addLoginLog(CorePlatformUnique platformUnique, TokenBean tokenBean) {
HttpServletRequest request = ServletKit.getRequest();
String ip = ServletUtil.getClientIP(request);
CoreLogLogin login = new CoreLogLogin();
login.setUserId(tokenBean.getId());
login.setPlatform(platformUnique.getPlatform());
RequestUserInfo requestUserInfo = tsLoginConfigurer.getCachedUserInfo(tokenBean);
login.setUserName(requestUserInfo.getName());
login.setIp(ip);
login.setAddress(ip2regionConfig.search(login.getIp()));
coreLogLoginMapper.insert(login);
}
}

View File

@@ -1,36 +0,0 @@
package com.tiesheng.login.service;
import com.tiesheng.util.pojos.TokenBean;
import com.tiesheng.login.pojos.DoLoginInfo;
import org.springframework.context.annotation.Configuration;
import javax.servlet.http.HttpServletResponse;
/**
* @author hao
*/
@Configuration
public interface TieshengLoginConfigurer {
/**
* 执行登录
*
* @return
*/
TokenBean doLogin(DoLoginInfo loginInfo);
/**
* 授权登录回调
*
* @param bean
*/
void onLoginRedirect(TokenBean bean, String to, String extra, HttpServletResponse response);
/**
* 签名错误的时候
*/
void onSignError(HttpServletResponse response);
}

View File

@@ -0,0 +1,69 @@
package com.tiesheng.login.service;
import cn.hutool.core.util.StrUtil;
import cn.hutool.extra.servlet.ServletUtil;
import com.tiesheng.login.pojos.RequestUserInfo;
import com.tiesheng.login.pojos.dao.CorePlatformUnique;
import com.tiesheng.util.config.TsTokenConfig;
import com.tiesheng.util.pojos.TokenBean;
import com.tiesheng.util.service.TsCacheService;
import org.springframework.context.annotation.Configuration;
import javax.servlet.http.HttpServletResponse;
/**
* @author hao
*/
@Configuration
public interface TsLoginConfigurer {
/**
* 执行登录
*
* @return
*/
TokenBean login(CorePlatformUnique platformUnique);
/**
* 授权登录回调
*
* @param bean
*/
void redirect(TokenBean bean, String to, String extra, HttpServletResponse response);
/**
* 签名错误的时候
*/
default void onSignError(HttpServletResponse response) {
ServletUtil.write(response, "404", "text");
}
/**
* 获取当前用户的信息
*
* @param tokenBean
* @return
*/
default RequestUserInfo getCachedUserInfo(TokenBean tokenBean) {
String key = StrUtil.format(TsTokenConfig.CACHE_REQUEST_LOGIN_KEY, tokenBean.getId());
RequestUserInfo obj = TsCacheService.of().getObj(key, RequestUserInfo.class, -1);
if (obj == null) {
obj = getCurrentUserName(tokenBean);
}
if (obj != null) {
TsCacheService.of().putObj(key, obj, 30 * 60);
}
return obj;
}
/**
* 获取当前用户的姓名
*
* @return
*/
RequestUserInfo getCurrentUserName(TokenBean userId);
}

View File

@@ -1,32 +0,0 @@
package com.tiesheng.login.service.impl;
import com.tiesheng.util.pojos.TokenBean;
import com.tiesheng.login.pojos.DoLoginInfo;
import com.tiesheng.login.service.TieshengLoginConfigurer;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.context.annotation.Configuration;
import javax.servlet.http.HttpServletResponse;
/**
* @author hao
*/
@Configuration
@ConditionalOnMissingBean(value = TieshengLoginConfigurer.class, ignored = DefaultLoginConfigurer.class)
public class DefaultLoginConfigurer implements TieshengLoginConfigurer {
@Override
public TokenBean doLogin(DoLoginInfo loginInfo) {
return null;
}
@Override
public void onLoginRedirect(TokenBean bean, String to, String extra, HttpServletResponse response) {
}
@Override
public void onSignError(HttpServletResponse response) {
}
}