perf；区分token过期

publish 0.7.3
perf；PasswordUtils校验调整
2023-02-27 09:54:27 +08:00 · 2023-02-26 18:57:10 +08:00 · 2023-02-26 12:12:42 +08:00 · 2023-02-26 11:10:51 +08:00 · 2023-02-26 11:10:33 +08:00 · 2023-02-26 11:09:05 +08:00
22 changed files with 99 additions and 47 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -0,0 +1,12 @@
 ## 0.7.3
 ### 增加
 > 1，TsTokenConfig增加新的属性**ignorePaths**，用于通过路径忽略token；  
 > 2，PasswordUtils增加密码复杂度校验方法；  
 > 3，PasswordUtils.verifyPassword增加登录次数限制：10分钟内不能错误6次；
 > 
 ### 调整
 > 1，TsTokenConfig中的**ignores**属性调整为**testMap**；  
--- a/README.md
+++ b/README.md
@@ -0,0 +1,4 @@
 ## 杭州铁晟科技有限公司基础项目
 更新日志可点击查看[changelog](./CHANGELOG.md ':include')
--- a/pom.xml
+++ b/pom.xml
@@ -6,7 +6,7 @@
    <groupId>com.tiesheng.springboot-parent</groupId>
    <artifactId>springboot-parent</artifactId>
-    <version>0.7.0</version>
+    <version>0.7.3</version>
    <packaging>pom</packaging>
    <name>springboot-parent</name>
    <description>杭州铁晟科技有限公司基础依赖</description>
@@ -57,55 +57,55 @@
            <dependency>
                <groupId>com.tiesheng.springboot-parent</groupId>
                <artifactId>springboot-database</artifactId>
-                <version>0.7.0</version>
+                <version>0.7.3</version>
            </dependency>
            <dependency>
                <groupId>com.tiesheng.springboot-parent</groupId>
                <artifactId>springboot-login</artifactId>
-                <version>0.7.0</version>
+                <version>0.7.3</version>
            </dependency>
            <dependency>
                <groupId>com.tiesheng.springboot-parent</groupId>
                <artifactId>springboot-web</artifactId>
-                <version>0.7.0</version>
+                <version>0.7.3</version>
            </dependency>
            <dependency>
                <groupId>com.tiesheng.springboot-parent</groupId>
                <artifactId>springboot-util</artifactId>
-                <version>0.7.0</version>
+                <version>0.7.3</version>
            </dependency>
            <dependency>
                <groupId>com.tiesheng.springboot-parent</groupId>
                <artifactId>springboot-platform</artifactId>
-                <version>0.7.0</version>
+                <version>0.7.3</version>
            </dependency>
            <dependency>
                <groupId>com.tiesheng.springboot-parent</groupId>
                <artifactId>springboot-message</artifactId>
-                <version>0.7.0</version>
+                <version>0.7.3</version>
            </dependency>
            <dependency>
                <groupId>com.tiesheng.springboot-parent</groupId>
                <artifactId>springboot-encrypt</artifactId>
-                <version>0.7.0</version>
+                <version>0.7.3</version>
            </dependency>
            <dependency>
                <groupId>com.tiesheng.springboot-parent</groupId>
                <artifactId>springboot-annotation</artifactId>
-                <version>0.7.0</version>
+                <version>0.7.3</version>
            </dependency>
            <dependency>
                <groupId>com.tiesheng.springboot-parent</groupId>
                <artifactId>springboot-poi</artifactId>
-                <version>0.7.0</version>
+                <version>0.7.3</version>
            </dependency>
            <dependency>
--- a/springboot-ademo/pom.xml
+++ b/springboot-ademo/pom.xml
@@ -6,7 +6,7 @@
    <parent>
        <groupId>com.tiesheng.springboot-parent</groupId>
        <artifactId>springboot-parent</artifactId>
-        <version>0.7.0</version>
+        <version>0.7.3</version>
    </parent>
    <artifactId>springboot-ademo</artifactId>
--- a/springboot-ademo/src/main/java/com/tiesheng/demo/controller/TestController.java
+++ b/springboot-ademo/src/main/java/com/tiesheng/demo/controller/TestController.java
@@ -48,15 +48,13 @@ public class TestController {
    }
    @RequestMapping("/redirect")
    @TokenIgnore
    public void redirect(HttpServletResponse response) {
-        tsTokenConfig.validToken("eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE2NzYwMDY4NzUsImlkIjoiMSIsImVudmlyb25tZW50VHlwZSI6Im1vYmlsZSIsInNlcnZpY2UiOiJjb250ZXN0LXJlc2VydmUiLCJleHRyYSI6IiJ9.nsfxEFpCNHC7eNCS5DJXdu1VDdnHrTjSfgrozND70Lc", true);
+//        tsTokenConfig.validToken("eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE2NzYwMDY4NzUsImlkIjoiMSIsImVudmlyb25tZW50VHlwZSI6Im1vYmlsZSIsInNlcnZpY2UiOiJjb250ZXN0LXJlc2VydmUiLCJleHRyYSI6IiJ9.nsfxEFpCNHC7eNCS5DJXdu1VDdnHrTjSfgrozND70Lc", true);
 //        globalConfig.redirect("mobile", "/test", response);
    }
    @RequestMapping("/send")
    @TokenIgnore
    public ApiResp<MessageReqResp> sendMessage() {
        MessageReqResp reqResp = aliyunSmsConfig.sendSms("13567116463", "SMS_154950909",
                JSONUtil.createObj().putOpt("code", "123456"));
--- a/springboot-ademo/src/main/resources/application-test.yml
+++ b/springboot-ademo/src/main/resources/application-test.yml
@@ -16,7 +16,7 @@ platform:
 tiesheng:
  token:
-    ignores:
+    test-map:
      "1111":
        id: "1111"
  global:
--- a/springboot-annotation/pom.xml
+++ b/springboot-annotation/pom.xml
@@ -6,7 +6,7 @@
    <parent>
        <groupId>com.tiesheng.springboot-parent</groupId>
        <artifactId>springboot-parent</artifactId>
-        <version>0.7.0</version>
+        <version>0.7.3</version>
    </parent>
    <artifactId>springboot-annotation</artifactId>
--- a/springboot-database/pom.xml
+++ b/springboot-database/pom.xml
@@ -6,7 +6,7 @@
    <parent>
        <groupId>com.tiesheng.springboot-parent</groupId>
        <artifactId>springboot-parent</artifactId>
-        <version>0.7.0</version>
+        <version>0.7.3</version>
    </parent>
    <artifactId>springboot-database</artifactId>
--- a/springboot-encrypt/pom.xml
+++ b/springboot-encrypt/pom.xml
@@ -6,7 +6,7 @@
    <parent>
        <groupId>com.tiesheng.springboot-parent</groupId>
        <artifactId>springboot-parent</artifactId>
-        <version>0.7.0</version>
+        <version>0.7.3</version>
    </parent>
    <artifactId>springboot-encrypt</artifactId>
--- a/springboot-login/pom.xml
+++ b/springboot-login/pom.xml
@@ -6,7 +6,7 @@
    <parent>
        <groupId>com.tiesheng.springboot-parent</groupId>
        <artifactId>springboot-parent</artifactId>
-        <version>0.7.0</version>
+        <version>0.7.3</version>
    </parent>
    <artifactId>springboot-login</artifactId>
--- a/springboot-login/src/main/java/com/tiesheng/login/config/token/TsTokenAspect.java
+++ b/springboot-login/src/main/java/com/tiesheng/login/config/token/TsTokenAspect.java
@@ -1,6 +1,8 @@
 package com.tiesheng.login.config.token;
 import cn.hutool.core.util.StrUtil;
 import com.tiesheng.annotation.token.TokenIgnore;
 import com.tiesheng.util.ServletKit;
 import org.aspectj.lang.JoinPoint;
 import org.aspectj.lang.annotation.Aspect;
 import org.aspectj.lang.annotation.Before;
@@ -46,13 +48,18 @@ public class TsTokenAspect {
    @Before("methodArgs()")
    public void before(JoinPoint joinPoint) {
        // 过滤不要需要验证的接口（path）
        String requestURI = ServletKit.getRequest().getRequestURI();
        if (StrUtil.startWithAnyIgnoreCase(requestURI, tsTokenConfig.getIgnorePaths())) {
            return;
        }
        // 过滤不要需要验证的接口（注解）
        Object aThis = joinPoint.getTarget();
        TokenIgnore annotation = aThis.getClass().getAnnotation(TokenIgnore.class);
        if (annotation != null) {
            return;
        }
        // 过滤不要需要验证的接口
        MethodSignature signature = (MethodSignature) joinPoint.getSignature();
        Method method = signature.getMethod();
        TokenIgnore apiTokenIgnore = method.getAnnotation(TokenIgnore.class);
--- a/springboot-login/src/main/java/com/tiesheng/login/config/token/TsTokenConfig.java
+++ b/springboot-login/src/main/java/com/tiesheng/login/config/token/TsTokenConfig.java
@@ -1,7 +1,6 @@
 package com.tiesheng.login.config.token;
 import cn.hutool.core.date.DateUtil;
 import cn.hutool.core.map.MapUtil;
 import cn.hutool.core.util.StrUtil;
 import cn.hutool.extra.servlet.ServletUtil;
@@ -24,9 +23,10 @@ import java.util.Map;
@ConfigurationProperties("tiesheng.token")
 public class TsTokenConfig {
-    private Map<String, TokenBean> ignores = MapUtil.newHashMap();
+    private Map<String, TokenBean> testMap = MapUtil.newHashMap();
    private String encryptKey = "%kIp9frQCu";
    private Integer expireHours = 48;
    private String[] ignorePaths;
    /**
@@ -57,11 +57,11 @@ public class TsTokenConfig {
     * @param token
     * @return
     */
-    public TokenBean isIgnored(String token) {
+    public TokenBean isTestToken(String token) {
-        if (ignores == null) {
+        if (testMap == null) {
            return null;
        }
-        return ignores.get(token);
+        return testMap.get(token);
    }
@@ -83,7 +83,7 @@ public class TsTokenConfig {
     * @return
     */
    public TokenBean validToken(String token, boolean thrExp) {
-        TokenBean tokenBean = isIgnored(token);
+        TokenBean tokenBean = isTestToken(token);
        if (tokenBean != null) {
            return tokenBean;
        }
@@ -101,7 +101,8 @@ public class TsTokenConfig {
        }
        if (tokenBean == null && thrExp) {
-            throw new ApiException(StrUtil.isEmpty(token) ? "请先登录" : "登录过期，请重新登陆");
+            throw new ApiException(StrUtil.isEmpty(token) ? 110 : 112,
                    StrUtil.isEmpty(token) ? "请先登录" : "登录过期，请重新登陆");
        }
        if (tokenBean == null) {
@@ -116,12 +117,12 @@ public class TsTokenConfig {
    // setter\getter
    ///////////////////////////////////////////////////////////////////////////
-    public Map<String, TokenBean> getIgnores() {
+    public Map<String, TokenBean> getTestMap() {
-        return ignores;
+        return testMap;
    }
-    public void setIgnores(Map<String, TokenBean> ignores) {
+    public void setTestMap(Map<String, TokenBean> testMap) {
-        this.ignores = ignores;
+        this.testMap = testMap;
    }
    public String getEncryptKey() {
@@ -139,4 +140,12 @@ public class TsTokenConfig {
    public void setExpireHours(Integer expireHours) {
        this.expireHours = expireHours;
    }
    public String[] getIgnorePaths() {
        return ignorePaths;
    }
    public void setIgnorePaths(String[] ignorePaths) {
        this.ignorePaths = ignorePaths;
    }
 }
--- a/springboot-login/src/main/java/com/tiesheng/login/controller/LoginController.java
+++ b/springboot-login/src/main/java/com/tiesheng/login/controller/LoginController.java
@@ -35,6 +35,7 @@ import java.util.Map;
 */
@RestController
@RequestMapping("/login")
@TokenIgnore
 public class LoginController {
@@ -56,7 +57,6 @@ public class LoginController {
     * @return
     */
    @GetMapping("/unique/redirect")
    @TokenIgnore
    public void uniqueIndex(UniqueIndexDTO dto, HttpServletResponse response) {
        TokenBean tokenBean = tieshengLoginConfigurer.doLogin(new DoLoginInfo("unique_index_web",
                dto.getNo(), "web", dto.getTo(), dto.getInfo()));
@@ -71,7 +71,6 @@ public class LoginController {
     * @return
     */
    @PostMapping("/unique/index")
    @TokenIgnore
    public ApiResp<String> uniqueIndex(@RequestBody UniqueIndexDTO dto) {
        TokenBean tokenBean = tieshengLoginConfigurer.doLogin(new DoLoginInfo("unique_index_web",
                dto.getNo(), "web", dto.getTo(), dto.getInfo()));
@@ -94,7 +93,6 @@ public class LoginController {
     * @param response
     */
    @GetMapping("/ding/index/{service}")
    @TokenIgnore
    public void dingIndex(@PathVariable String service, String extra, HttpServletResponse response) {
        if (StrUtil.isEmpty(extra)) {
            extra = "";
@@ -118,7 +116,6 @@ public class LoginController {
     * @param service
     */
    @RequestMapping("/ding/oauth2/{service}")
    @TokenIgnore
    public void dingOauth2(@PathVariable String service, CodeExtraDTO dto, HttpServletResponse response) {
        String ddUserId = platformDingConfig.getUserIdByCode(service, dto.getCode());
        DingUserInfo dingUserInfo = platformDingConfig.topapiV2UserGet(service, ddUserId);
@@ -136,7 +133,6 @@ public class LoginController {
     * @return
     */
    @GetMapping("/ding/jssdk/{service}")
    @TokenIgnore
    public ApiResp<DingJsapiSignature> dingJssdk(@PathVariable String service, String url) {
        DingJsapiSignature jsapiSignature = platformDingConfig.createJsapiSignature(service, url);
        return ApiResp.respOK(jsapiSignature);
@@ -154,7 +150,6 @@ public class LoginController {
     * @return
     */
    @RequestMapping("/wxmp/index/{service}")
    @TokenIgnore
    public void wxmpIndex(@PathVariable String service, String extra, HttpServletResponse response) throws IOException {
        if (StrUtil.isEmpty(extra)) {
            extra = "";
@@ -169,7 +164,6 @@ public class LoginController {
     * 微信授权回调
     */
    @RequestMapping("/wxmp/oauth2/{service}")
    @TokenIgnore
    public void wxmpOauth2(@PathVariable String service, CodeExtraDTO dto, HttpServletResponse response) {
        WxUserInfo wxUserInfo = platformWxmpConfig.getOAuth2AccessToken(service, dto.getCode());
        TokenBean tokenBean = tieshengLoginConfigurer.doLogin(new DoLoginInfo(wxUserInfo.getAppId(),
@@ -185,7 +179,6 @@ public class LoginController {
     * @return
     */
    @GetMapping("/wxmp/jssdk/{service}")
    @TokenIgnore
    public ApiResp<WxJsapiSignature> wxmpJssdk(@PathVariable String service, String url) {
        WxJsapiSignature jsapiSignature = platformWxmpConfig.createJsapiSignature(service, url);
        return ApiResp.respOK(jsapiSignature);
@@ -201,7 +194,6 @@ public class LoginController {
     * @return
     */
    @RequestMapping("/wxmini/index/{service}")
    @TokenIgnore
    public ApiResp<WxminiLoginVo> wxminiIndex(@PathVariable String service, String code) {
        String openid = platformWxminiConfig.jscode2session(service, code);
        WxConfigBean configBean = platformWxminiConfig.getConfigBean(service);
--- a/springboot-message/pom.xml
+++ b/springboot-message/pom.xml
@@ -6,7 +6,7 @@
    <parent>
        <groupId>com.tiesheng.springboot-parent</groupId>
        <artifactId>springboot-parent</artifactId>
-        <version>0.7.0</version>
+        <version>0.7.3</version>
    </parent>
    <artifactId>springboot-message</artifactId>
--- a/springboot-platform/pom.xml
+++ b/springboot-platform/pom.xml
@@ -6,7 +6,7 @@
    <parent>
        <groupId>com.tiesheng.springboot-parent</groupId>
        <artifactId>springboot-parent</artifactId>
-        <version>0.7.0</version>
+        <version>0.7.3</version>
    </parent>
    <artifactId>springboot-platform</artifactId>
--- a/springboot-poi/pom.xml
+++ b/springboot-poi/pom.xml
@@ -6,7 +6,7 @@
    <parent>
        <groupId>com.tiesheng.springboot-parent</groupId>
        <artifactId>springboot-parent</artifactId>
-        <version>0.7.0</version>
+        <version>0.7.3</version>
    </parent>
    <artifactId>springboot-poi</artifactId>
--- a/springboot-util/pom.xml
+++ b/springboot-util/pom.xml
@@ -6,7 +6,7 @@
    <parent>
        <groupId>com.tiesheng.springboot-parent</groupId>
        <artifactId>springboot-parent</artifactId>
-        <version>0.7.0</version>
+        <version>0.7.3</version>
    </parent>
    <artifactId>springboot-util</artifactId>
--- a/springboot-util/src/main/java/com/tiesheng/util/PasswordUtils.java
+++ b/springboot-util/src/main/java/com/tiesheng/util/PasswordUtils.java
@@ -1,5 +1,6 @@
 package com.tiesheng.util;
 import cn.hutool.core.util.NumberUtil;
 import cn.hutool.core.util.RandomUtil;
 import cn.hutool.core.util.StrUtil;
 import cn.hutool.crypto.SecureUtil;
@@ -21,6 +22,17 @@ public class PasswordUtils {
        return prefix + SecureUtil.sha1(password);
    }
    /**
     * 密码复杂度校验
     *
     * @param userPassword
     * @return
     */
    public static boolean verifyComplexity(String userPassword) {
        String password = "^(?![A-Za-z0-9]+$)(?![a-z0-9\\W]+$)(?![A-Za-z\\W]+$)(?![A-Z0-9\\W]+$)[a-zA-Z0-9\\W]{8,}$";
        return userPassword.matches(password);
    }
    /**
     * 验证密码
@@ -30,12 +42,18 @@ public class PasswordUtils {
     * @return
     */
    public static void verifyPassword(String userInput, String encrypted) {
        String clientIp = ServletKit.getClientIP();
        String userEncrypted = buildPassword(userInput);
        userEncrypted = StrUtil.subSuf(userEncrypted, PREFIX_SIZE);
        encrypted = StrUtil.subSuf(encrypted, PREFIX_SIZE);
        if (!StrUtil.equals(userEncrypted, encrypted)) {
            int num = NumberUtil.parseInt(TimedCacheHelper.getTimedCache().get(clientIp, false));
            if (num > 5) {
                throw new ApiException("登录失败已达6次，请10分钟后再试");
            }
            TimedCacheHelper.getTimedCache().put(clientIp, String.valueOf(num + 1), 10 * 60 * 1000);
            throw new ApiException("账号或密码错误");
        }
    }
--- a/springboot-util/src/main/java/com/tiesheng/util/ServletKit.java
+++ b/springboot-util/src/main/java/com/tiesheng/util/ServletKit.java
@@ -20,5 +20,14 @@ public class ServletKit extends ServletUtil {
        return attributes.getRequest();
    }
    /**
     * 获取客户端IP
     *
     * @return
     */
    public static String getClientIP() {
        return getClientIP(getRequest());
    }
 }
--- a/springboot-web/pom.xml
+++ b/springboot-web/pom.xml
@@ -6,7 +6,7 @@
    <parent>
        <groupId>com.tiesheng.springboot-parent</groupId>
        <artifactId>springboot-parent</artifactId>
-        <version>0.7.0</version>
+        <version>0.7.3</version>
    </parent>
    <artifactId>springboot-web</artifactId>
--- a/springboot-web/src/main/java/com/tiesheng/core/config/desensitize/DesensitizeValueFilter.java
+++ b/springboot-web/src/main/java/com/tiesheng/core/config/desensitize/DesensitizeValueFilter.java
@@ -22,6 +22,9 @@ public class DesensitizeValueFilter implements ValueFilter {
        }
        Field field = ClassUtil.getDeclaredField(object.getClass(), name);
        if (ObjectUtil.isEmpty(field)) {
            return value;
        }
        Desensitize desensitize = field.getAnnotation(Desensitize.class);
        if (String.class != field.getType() || ObjectUtil.isEmpty(desensitize)) {
            return value;
--- a/springboot-web/src/main/java/com/tiesheng/core/service/CoreLogService.java
+++ b/springboot-web/src/main/java/com/tiesheng/core/service/CoreLogService.java
@@ -82,7 +82,7 @@ public class CoreLogService extends TsServiceBase<CoreLogOperationMapper, CoreLo
        String ip = ServletUtil.getClientIP(request);
        CoreLogLogin login = new CoreLogLogin();
-        login.setUserId(platformUnique.getUserId());
+        login.setUserId(tokenBean.getId());
        login.setPlatform(platformUnique.getPlatform());
        RequestUserInfo requestUserInfo = tieshengWebConfigurer.getCurrentUserName(tokenBean);
Author	SHA1	Message	Date
曾文豪	c3edb50e80	perf；区分token过期	2023-02-27 09:54:27 +08:00
曾文豪	aee1861630	publish 0.7.3	2023-02-26 18:57:10 +08:00
曾文豪	4196b2531d	perf；PasswordUtils校验调整	2023-02-26 12:12:42 +08:00
曾文豪	dfaeacae92	perf；调整TsTokenConfig中的ignores	2023-02-26 11:10:51 +08:00
曾文豪	b304c48dd1	perf；调整TsTokenConfig中的ignores	2023-02-26 11:10:33 +08:00
曾文豪	d045534be6	perf；调整TsTokenConfig中的ignores	2023-02-26 11:09:05 +08:00
曾文豪	56b923f5db	publish 0.7.2	2023-02-24 18:42:42 +08:00
曾文豪	f3e8231814	fixed：修复登录日志中未正确保存userId的bug	2023-02-24 12:02:32 +08:00
曾文豪	2ca04e654f	perf：tokenignore提到类上面	2023-02-23 14:03:26 +08:00
曾文豪	149f4ab061	publish 0.7.1	2023-02-23 12:13:55 +08:00
		`@@ -0,0 +1,4 @@`
							`## 杭州铁晟科技有限公司基础项目`

							`更新日志可点击查看[changelog](./CHANGELOG.md ':include')`