Compare commits
2 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
a649bdae7c | ||
|
|
7b6eccb0d5 |
12
CHANGELOG.md
12
CHANGELOG.md
@@ -1,9 +1,19 @@
|
||||
## 1.0.9
|
||||
|
||||
## 新增
|
||||
|
||||
> 登录接口,增加验签步骤,可通过**validLoginSign**属性开启或关闭(默认)。
|
||||
|
||||
## 修复
|
||||
|
||||
> 修复微信、钉钉授权跳转地址错误的bug
|
||||
|
||||
## 1.0.7
|
||||
|
||||
## 新增
|
||||
|
||||
> feat(web): 增加uploadFileCustomize方法,允许自定义文件存放情况
|
||||
> feat(database): 增加db/data目录,存放初始化数据的sql
|
||||
> feat(database): 增加db/data目录,存放初始化数据的sql
|
||||
|
||||
## 优化
|
||||
|
||||
|
||||
20
pom.xml
20
pom.xml
@@ -6,7 +6,7 @@
|
||||
|
||||
<groupId>com.tiesheng.springboot-parent</groupId>
|
||||
<artifactId>springboot-parent</artifactId>
|
||||
<version>1.0.8</version>
|
||||
<version>1.0.9</version>
|
||||
<packaging>pom</packaging>
|
||||
<name>springboot-parent</name>
|
||||
<description>杭州铁晟科技有限公司基础依赖</description>
|
||||
@@ -57,55 +57,55 @@
|
||||
<dependency>
|
||||
<groupId>com.tiesheng.springboot-parent</groupId>
|
||||
<artifactId>springboot-database</artifactId>
|
||||
<version>1.0.8</version>
|
||||
<version>1.0.9</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>com.tiesheng.springboot-parent</groupId>
|
||||
<artifactId>springboot-login</artifactId>
|
||||
<version>1.0.8</version>
|
||||
<version>1.0.9</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>com.tiesheng.springboot-parent</groupId>
|
||||
<artifactId>springboot-web</artifactId>
|
||||
<version>1.0.8</version>
|
||||
<version>1.0.9</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>com.tiesheng.springboot-parent</groupId>
|
||||
<artifactId>springboot-util</artifactId>
|
||||
<version>1.0.8</version>
|
||||
<version>1.0.9</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>com.tiesheng.springboot-parent</groupId>
|
||||
<artifactId>springboot-platform</artifactId>
|
||||
<version>1.0.8</version>
|
||||
<version>1.0.9</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>com.tiesheng.springboot-parent</groupId>
|
||||
<artifactId>springboot-message</artifactId>
|
||||
<version>1.0.8</version>
|
||||
<version>1.0.9</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>com.tiesheng.springboot-parent</groupId>
|
||||
<artifactId>springboot-encrypt</artifactId>
|
||||
<version>1.0.8</version>
|
||||
<version>1.0.9</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>com.tiesheng.springboot-parent</groupId>
|
||||
<artifactId>springboot-annotation</artifactId>
|
||||
<version>1.0.8</version>
|
||||
<version>1.0.9</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>com.tiesheng.springboot-parent</groupId>
|
||||
<artifactId>springboot-poi</artifactId>
|
||||
<version>1.0.8</version>
|
||||
<version>1.0.9</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
|
||||
@@ -6,7 +6,7 @@
|
||||
<parent>
|
||||
<groupId>com.tiesheng.springboot-parent</groupId>
|
||||
<artifactId>springboot-parent</artifactId>
|
||||
<version>1.0.8</version>
|
||||
<version>1.0.9</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>springboot-ademo</artifactId>
|
||||
|
||||
@@ -6,7 +6,7 @@
|
||||
<parent>
|
||||
<groupId>com.tiesheng.springboot-parent</groupId>
|
||||
<artifactId>springboot-parent</artifactId>
|
||||
<version>1.0.8</version>
|
||||
<version>1.0.9</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>springboot-annotation</artifactId>
|
||||
|
||||
@@ -6,7 +6,7 @@
|
||||
<parent>
|
||||
<groupId>com.tiesheng.springboot-parent</groupId>
|
||||
<artifactId>springboot-parent</artifactId>
|
||||
<version>1.0.8</version>
|
||||
<version>1.0.9</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>springboot-database</artifactId>
|
||||
|
||||
@@ -6,7 +6,7 @@
|
||||
<parent>
|
||||
<groupId>com.tiesheng.springboot-parent</groupId>
|
||||
<artifactId>springboot-parent</artifactId>
|
||||
<version>1.0.8</version>
|
||||
<version>1.0.9</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>springboot-encrypt</artifactId>
|
||||
|
||||
@@ -6,7 +6,7 @@
|
||||
<parent>
|
||||
<groupId>com.tiesheng.springboot-parent</groupId>
|
||||
<artifactId>springboot-parent</artifactId>
|
||||
<version>1.0.8</version>
|
||||
<version>1.0.9</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>springboot-login</artifactId>
|
||||
|
||||
@@ -27,6 +27,7 @@ public class TsTokenConfig {
|
||||
private String encryptKey = "%kIp9frQCu";
|
||||
private Integer expireHours = 48;
|
||||
private String[] ignorePaths;
|
||||
private boolean validLoginSign = false;
|
||||
|
||||
|
||||
/**
|
||||
@@ -148,4 +149,12 @@ public class TsTokenConfig {
|
||||
public void setIgnorePaths(String[] ignorePaths) {
|
||||
this.ignorePaths = ignorePaths;
|
||||
}
|
||||
|
||||
public boolean isValidLoginSign() {
|
||||
return validLoginSign;
|
||||
}
|
||||
|
||||
public void setValidLoginSign(boolean validLoginSign) {
|
||||
this.validLoginSign = validLoginSign;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -6,6 +6,7 @@ import cn.hutool.core.util.URLUtil;
|
||||
import com.alibaba.fastjson.JSON;
|
||||
import com.tiesheng.annotation.operation.OperationIgnore;
|
||||
import com.tiesheng.annotation.token.TokenIgnore;
|
||||
import com.tiesheng.login.config.token.TsTokenConfig;
|
||||
import com.tiesheng.login.config.token.bean.TokenBean;
|
||||
import com.tiesheng.login.pojos.CodeExtraDTO;
|
||||
import com.tiesheng.login.pojos.DoLoginInfo;
|
||||
@@ -20,6 +21,7 @@ import com.tiesheng.platform.config.wxmp.PlatformWxmpConfig;
|
||||
import com.tiesheng.platform.config.wxmp.bean.WxConfigBean;
|
||||
import com.tiesheng.platform.config.wxmp.bean.WxJsapiSignature;
|
||||
import com.tiesheng.platform.config.wxmp.bean.WxUserInfo;
|
||||
import com.tiesheng.util.ServletKit;
|
||||
import com.tiesheng.util.config.GlobalConfig;
|
||||
import com.tiesheng.util.exception.ApiException;
|
||||
import com.tiesheng.util.pojos.ApiResp;
|
||||
@@ -50,6 +52,8 @@ public class LoginController {
|
||||
TieshengLoginConfigurer tieshengLoginConfigurer;
|
||||
@Autowired
|
||||
GlobalConfig globalConfig;
|
||||
@Autowired
|
||||
TsTokenConfig tsTokenConfig;
|
||||
|
||||
|
||||
/**
|
||||
@@ -60,6 +64,11 @@ public class LoginController {
|
||||
@GetMapping("/unique/redirect")
|
||||
@OperationIgnore
|
||||
public void uniqueIndex(UniqueIndexDTO dto, HttpServletResponse response) {
|
||||
if (tsTokenConfig.isValidLoginSign() && !dto.validSign()) {
|
||||
ServletKit.write(response, "404", "text");
|
||||
return;
|
||||
}
|
||||
|
||||
TokenBean tokenBean = tieshengLoginConfigurer.doLogin(new DoLoginInfo("web_unique_redirect",
|
||||
dto.getNo(), dto.getPlatform(), dto.getInfo()));
|
||||
tieshengLoginConfigurer.onLoginRedirect(tokenBean, dto.getTo(), dto.getExtra(), response);
|
||||
|
||||
@@ -1,6 +1,10 @@
|
||||
package com.tiesheng.login.pojos;
|
||||
|
||||
import cn.hutool.core.date.DateUtil;
|
||||
import cn.hutool.core.util.StrUtil;
|
||||
import cn.hutool.crypto.SecureUtil;
|
||||
|
||||
import java.util.Objects;
|
||||
|
||||
public class UniqueIndexDTO extends LoginToInfo {
|
||||
|
||||
@@ -8,6 +12,26 @@ public class UniqueIndexDTO extends LoginToInfo {
|
||||
private String extra;
|
||||
private String info;
|
||||
private String platform = "web";
|
||||
private Long timestamp;
|
||||
private String sign;
|
||||
|
||||
|
||||
/**
|
||||
* 验证签名是否正确
|
||||
*/
|
||||
public boolean validSign() {
|
||||
if (StrUtil.isEmpty(getNo()) || getTimestamp() == null) {
|
||||
return false;
|
||||
}
|
||||
if ((DateUtil.currentSeconds() - getTimestamp()) > 60) {
|
||||
return false;
|
||||
}
|
||||
String mySign = getNo() + getTimestamp();
|
||||
for (int i = 0; i < 11; i++) {
|
||||
mySign = SecureUtil.md5(mySign);
|
||||
}
|
||||
return Objects.equals(sign, mySign);
|
||||
}
|
||||
|
||||
///////////////////////////////////////////////////////////////////////////
|
||||
// setter\getter
|
||||
@@ -47,4 +71,20 @@ public class UniqueIndexDTO extends LoginToInfo {
|
||||
public void setPlatform(String platform) {
|
||||
this.platform = platform;
|
||||
}
|
||||
|
||||
public Long getTimestamp() {
|
||||
return timestamp;
|
||||
}
|
||||
|
||||
public void setTimestamp(Long timestamp) {
|
||||
this.timestamp = timestamp;
|
||||
}
|
||||
|
||||
public String getSign() {
|
||||
return sign;
|
||||
}
|
||||
|
||||
public void setSign(String sign) {
|
||||
this.sign = sign;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -6,7 +6,7 @@
|
||||
<parent>
|
||||
<groupId>com.tiesheng.springboot-parent</groupId>
|
||||
<artifactId>springboot-parent</artifactId>
|
||||
<version>1.0.8</version>
|
||||
<version>1.0.9</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>springboot-message</artifactId>
|
||||
|
||||
@@ -6,7 +6,7 @@
|
||||
<parent>
|
||||
<groupId>com.tiesheng.springboot-parent</groupId>
|
||||
<artifactId>springboot-parent</artifactId>
|
||||
<version>1.0.8</version>
|
||||
<version>1.0.9</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>springboot-platform</artifactId>
|
||||
|
||||
@@ -6,7 +6,7 @@
|
||||
<parent>
|
||||
<groupId>com.tiesheng.springboot-parent</groupId>
|
||||
<artifactId>springboot-parent</artifactId>
|
||||
<version>1.0.8</version>
|
||||
<version>1.0.9</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>springboot-poi</artifactId>
|
||||
|
||||
@@ -6,7 +6,7 @@
|
||||
<parent>
|
||||
<groupId>com.tiesheng.springboot-parent</groupId>
|
||||
<artifactId>springboot-parent</artifactId>
|
||||
<version>1.0.8</version>
|
||||
<version>1.0.9</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>springboot-util</artifactId>
|
||||
|
||||
@@ -6,7 +6,7 @@
|
||||
<parent>
|
||||
<groupId>com.tiesheng.springboot-parent</groupId>
|
||||
<artifactId>springboot-parent</artifactId>
|
||||
<version>1.0.8</version>
|
||||
<version>1.0.9</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>springboot-web</artifactId>
|
||||
|
||||
Reference in New Issue
Block a user