update 使用 satoken 自带的 BCrypt 工具 替换 Security 加密工具 减少依赖
This commit is contained in:
疯狂的狮子li
parent
04c36018d6
commit
61e2a07ee2
@ -1,5 +1,6 @@
|
|||||||
package com.ruoyi.web.controller.system;
|
package com.ruoyi.web.controller.system;
|
||||||
|
|
||||||
|
import cn.dev33.satoken.secure.BCrypt;
|
||||||
import com.ruoyi.common.annotation.Log;
|
import com.ruoyi.common.annotation.Log;
|
||||||
import com.ruoyi.common.constant.UserConstants;
|
import com.ruoyi.common.constant.UserConstants;
|
||||||
import com.ruoyi.common.core.controller.BaseController;
|
import com.ruoyi.common.core.controller.BaseController;
|
||||||
@ -7,7 +8,6 @@ import com.ruoyi.common.core.domain.R;
|
|||||||
import com.ruoyi.common.core.domain.entity.SysUser;
|
import com.ruoyi.common.core.domain.entity.SysUser;
|
||||||
import com.ruoyi.common.enums.BusinessType;
|
import com.ruoyi.common.enums.BusinessType;
|
||||||
import com.ruoyi.common.helper.LoginHelper;
|
import com.ruoyi.common.helper.LoginHelper;
|
||||||
import com.ruoyi.common.utils.SecurityUtils;
|
|
||||||
import com.ruoyi.common.utils.StringUtils;
|
import com.ruoyi.common.utils.StringUtils;
|
||||||
import com.ruoyi.system.domain.SysOss;
|
import com.ruoyi.system.domain.SysOss;
|
||||||
import com.ruoyi.system.service.ISysOssService;
|
import com.ruoyi.system.service.ISysOssService;
|
||||||
@ -92,13 +92,14 @@ public class SysProfileController extends BaseController {
|
|||||||
SysUser user = userService.selectUserById(LoginHelper.getUserId());
|
SysUser user = userService.selectUserById(LoginHelper.getUserId());
|
||||||
String userName = user.getUserName();
|
String userName = user.getUserName();
|
||||||
String password = user.getPassword();
|
String password = user.getPassword();
|
||||||
if (!SecurityUtils.matchesPassword(oldPassword, password)) {
|
if (!BCrypt.checkpw(oldPassword, password)) {
|
||||||
return R.fail("修改密码失败,旧密码错误");
|
return R.fail("修改密码失败,旧密码错误");
|
||||||
}
|
}
|
||||||
if (SecurityUtils.matchesPassword(newPassword, password)) {
|
if (BCrypt.checkpw(newPassword, password)) {
|
||||||
return R.fail("新密码不能与旧密码相同");
|
return R.fail("新密码不能与旧密码相同");
|
||||||
}
|
}
|
||||||
if (userService.resetUserPwd(userName, SecurityUtils.encryptPassword(newPassword)) > 0) {
|
|
||||||
|
if (userService.resetUserPwd(userName, BCrypt.hashpw(newPassword)) > 0) {
|
||||||
return R.ok();
|
return R.ok();
|
||||||
}
|
}
|
||||||
return R.fail("修改密码异常,请联系管理员");
|
return R.fail("修改密码异常,请联系管理员");
|
||||||
|
|||||||
@ -1,21 +1,21 @@
|
|||||||
package com.ruoyi.web.controller.system;
|
package com.ruoyi.web.controller.system;
|
||||||
|
|
||||||
import cn.dev33.satoken.annotation.SaCheckPermission;
|
import cn.dev33.satoken.annotation.SaCheckPermission;
|
||||||
|
import cn.dev33.satoken.secure.BCrypt;
|
||||||
import cn.hutool.core.bean.BeanUtil;
|
import cn.hutool.core.bean.BeanUtil;
|
||||||
import cn.hutool.core.util.ArrayUtil;
|
import cn.hutool.core.util.ArrayUtil;
|
||||||
import cn.hutool.core.util.ObjectUtil;
|
import cn.hutool.core.util.ObjectUtil;
|
||||||
import com.ruoyi.common.annotation.Log;
|
import com.ruoyi.common.annotation.Log;
|
||||||
import com.ruoyi.common.constant.UserConstants;
|
import com.ruoyi.common.constant.UserConstants;
|
||||||
import com.ruoyi.common.core.controller.BaseController;
|
import com.ruoyi.common.core.controller.BaseController;
|
||||||
import com.ruoyi.common.core.domain.R;
|
|
||||||
import com.ruoyi.common.core.domain.PageQuery;
|
import com.ruoyi.common.core.domain.PageQuery;
|
||||||
|
import com.ruoyi.common.core.domain.R;
|
||||||
import com.ruoyi.common.core.domain.entity.SysDept;
|
import com.ruoyi.common.core.domain.entity.SysDept;
|
||||||
import com.ruoyi.common.core.domain.entity.SysRole;
|
import com.ruoyi.common.core.domain.entity.SysRole;
|
||||||
import com.ruoyi.common.core.domain.entity.SysUser;
|
import com.ruoyi.common.core.domain.entity.SysUser;
|
||||||
import com.ruoyi.common.core.page.TableDataInfo;
|
import com.ruoyi.common.core.page.TableDataInfo;
|
||||||
import com.ruoyi.common.enums.BusinessType;
|
import com.ruoyi.common.enums.BusinessType;
|
||||||
import com.ruoyi.common.excel.ExcelResult;
|
import com.ruoyi.common.excel.ExcelResult;
|
||||||
import com.ruoyi.common.utils.SecurityUtils;
|
|
||||||
import com.ruoyi.common.utils.StringUtils;
|
import com.ruoyi.common.utils.StringUtils;
|
||||||
import com.ruoyi.common.utils.poi.ExcelUtil;
|
import com.ruoyi.common.utils.poi.ExcelUtil;
|
||||||
import com.ruoyi.system.domain.vo.SysUserExportVo;
|
import com.ruoyi.system.domain.vo.SysUserExportVo;
|
||||||
@ -137,7 +137,7 @@ public class SysUserController extends BaseController {
|
|||||||
&& UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user))) {
|
&& UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user))) {
|
||||||
return R.fail("新增用户'" + user.getUserName() + "'失败,邮箱账号已存在");
|
return R.fail("新增用户'" + user.getUserName() + "'失败,邮箱账号已存在");
|
||||||
}
|
}
|
||||||
user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
|
user.setPassword(BCrypt.hashpw(user.getPassword()));
|
||||||
return toAjax(userService.insertUser(user));
|
return toAjax(userService.insertUser(user));
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -185,7 +185,7 @@ public class SysUserController extends BaseController {
|
|||||||
public R<Void> resetPwd(@RequestBody SysUser user) {
|
public R<Void> resetPwd(@RequestBody SysUser user) {
|
||||||
userService.checkUserAllowed(user);
|
userService.checkUserAllowed(user);
|
||||||
userService.checkUserDataScope(user.getUserId());
|
userService.checkUserDataScope(user.getUserId());
|
||||||
user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
|
user.setPassword(BCrypt.hashpw(user.getPassword()));
|
||||||
return toAjax(userService.resetPwd(user));
|
return toAjax(userService.resetPwd(user));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -40,11 +40,6 @@
|
|||||||
<artifactId>sa-token-jwt</artifactId>
|
<artifactId>sa-token-jwt</artifactId>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.springframework.security</groupId>
|
|
||||||
<artifactId>spring-security-crypto</artifactId>
|
|
||||||
</dependency>
|
|
||||||
|
|
||||||
<!-- 自定义验证注解 -->
|
<!-- 自定义验证注解 -->
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.springframework.boot</groupId>
|
<groupId>org.springframework.boot</groupId>
|
||||||
|
|||||||
@ -118,4 +118,19 @@ public class LoginHelper {
|
|||||||
return UserType.getUserType(loginId);
|
return UserType.getUserType(loginId);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 是否为管理员
|
||||||
|
*
|
||||||
|
* @param userId 用户ID
|
||||||
|
* @return 结果
|
||||||
|
*/
|
||||||
|
public static boolean isAdmin(Long userId) {
|
||||||
|
return userId != null && 1L == userId;
|
||||||
|
}
|
||||||
|
|
||||||
|
public static boolean isAdmin() {
|
||||||
|
Long userId = getUserId();
|
||||||
|
return userId != null && 1L == userId;
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,47 +0,0 @@
|
|||||||
package com.ruoyi.common.utils;
|
|
||||||
|
|
||||||
import lombok.AccessLevel;
|
|
||||||
import lombok.NoArgsConstructor;
|
|
||||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* 安全服务工具类
|
|
||||||
*
|
|
||||||
* @author Long Li
|
|
||||||
*/
|
|
||||||
@NoArgsConstructor(access = AccessLevel.PRIVATE)
|
|
||||||
public class SecurityUtils {
|
|
||||||
|
|
||||||
/**
|
|
||||||
* 生成BCryptPasswordEncoder密码
|
|
||||||
*
|
|
||||||
* @param password 密码
|
|
||||||
* @return 加密字符串
|
|
||||||
*/
|
|
||||||
public static String encryptPassword(String password) {
|
|
||||||
BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
|
|
||||||
return passwordEncoder.encode(password);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* 判断密码是否相同
|
|
||||||
*
|
|
||||||
* @param rawPassword 真实密码
|
|
||||||
* @param encodedPassword 加密后字符
|
|
||||||
* @return 结果
|
|
||||||
*/
|
|
||||||
public static boolean matchesPassword(String rawPassword, String encodedPassword) {
|
|
||||||
BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
|
|
||||||
return passwordEncoder.matches(rawPassword, encodedPassword);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* 是否为管理员
|
|
||||||
*
|
|
||||||
* @param userId 用户ID
|
|
||||||
* @return 结果
|
|
||||||
*/
|
|
||||||
public static boolean isAdmin(Long userId) {
|
|
||||||
return userId != null && 1L == userId;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@ -13,7 +13,6 @@ import com.ruoyi.common.enums.DataScopeType;
|
|||||||
import com.ruoyi.common.exception.ServiceException;
|
import com.ruoyi.common.exception.ServiceException;
|
||||||
import com.ruoyi.common.helper.DataPermissionHelper;
|
import com.ruoyi.common.helper.DataPermissionHelper;
|
||||||
import com.ruoyi.common.helper.LoginHelper;
|
import com.ruoyi.common.helper.LoginHelper;
|
||||||
import com.ruoyi.common.utils.SecurityUtils;
|
|
||||||
import com.ruoyi.common.utils.StringUtils;
|
import com.ruoyi.common.utils.StringUtils;
|
||||||
import com.ruoyi.common.utils.spring.SpringUtils;
|
import com.ruoyi.common.utils.spring.SpringUtils;
|
||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
@ -80,7 +79,7 @@ public class PlusDataPermissionHandler {
|
|||||||
DataPermissionHelper.setVariable("user", currentUser);
|
DataPermissionHelper.setVariable("user", currentUser);
|
||||||
}
|
}
|
||||||
// 如果是超级管理员,则不过滤数据
|
// 如果是超级管理员,则不过滤数据
|
||||||
if (ObjectUtil.isNull(currentUser) || SecurityUtils.isAdmin(currentUser.getUserId())) {
|
if (ObjectUtil.isNull(currentUser) || LoginHelper.isAdmin(currentUser.getUserId())) {
|
||||||
return where;
|
return where;
|
||||||
}
|
}
|
||||||
String dataFilterSql = buildDataFilter(dataColumns, isSelect);
|
String dataFilterSql = buildDataFilter(dataColumns, isSelect);
|
||||||
|
|||||||
@ -1,5 +1,6 @@
|
|||||||
package com.ruoyi.system.listener;
|
package com.ruoyi.system.listener;
|
||||||
|
|
||||||
|
import cn.dev33.satoken.secure.BCrypt;
|
||||||
import cn.hutool.core.bean.BeanUtil;
|
import cn.hutool.core.bean.BeanUtil;
|
||||||
import cn.hutool.core.util.ObjectUtil;
|
import cn.hutool.core.util.ObjectUtil;
|
||||||
import com.alibaba.excel.context.AnalysisContext;
|
import com.alibaba.excel.context.AnalysisContext;
|
||||||
@ -9,7 +10,6 @@ import com.ruoyi.common.excel.ExcelListener;
|
|||||||
import com.ruoyi.common.excel.ExcelResult;
|
import com.ruoyi.common.excel.ExcelResult;
|
||||||
import com.ruoyi.common.exception.ServiceException;
|
import com.ruoyi.common.exception.ServiceException;
|
||||||
import com.ruoyi.common.helper.LoginHelper;
|
import com.ruoyi.common.helper.LoginHelper;
|
||||||
import com.ruoyi.common.utils.SecurityUtils;
|
|
||||||
import com.ruoyi.common.utils.ValidatorUtils;
|
import com.ruoyi.common.utils.ValidatorUtils;
|
||||||
import com.ruoyi.common.utils.spring.SpringUtils;
|
import com.ruoyi.common.utils.spring.SpringUtils;
|
||||||
import com.ruoyi.system.domain.vo.SysUserImportVo;
|
import com.ruoyi.system.domain.vo.SysUserImportVo;
|
||||||
@ -43,7 +43,7 @@ public class SysUserImportListener extends AnalysisEventListener<SysUserImportVo
|
|||||||
public SysUserImportListener(Boolean isUpdateSupport) {
|
public SysUserImportListener(Boolean isUpdateSupport) {
|
||||||
String initPassword = SpringUtils.getBean(ISysConfigService.class).selectConfigByKey("sys.user.initPassword");
|
String initPassword = SpringUtils.getBean(ISysConfigService.class).selectConfigByKey("sys.user.initPassword");
|
||||||
this.userService = SpringUtils.getBean(ISysUserService.class);
|
this.userService = SpringUtils.getBean(ISysUserService.class);
|
||||||
this.password = SecurityUtils.encryptPassword(initPassword);
|
this.password = BCrypt.hashpw(initPassword);
|
||||||
this.isUpdateSupport = isUpdateSupport;
|
this.isUpdateSupport = isUpdateSupport;
|
||||||
this.operName = LoginHelper.getUsername();
|
this.operName = LoginHelper.getUsername();
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,5 +1,6 @@
|
|||||||
package com.ruoyi.system.service;
|
package com.ruoyi.system.service;
|
||||||
|
|
||||||
|
import cn.dev33.satoken.secure.BCrypt;
|
||||||
import cn.dev33.satoken.stp.StpUtil;
|
import cn.dev33.satoken.stp.StpUtil;
|
||||||
import cn.hutool.core.bean.BeanUtil;
|
import cn.hutool.core.bean.BeanUtil;
|
||||||
import cn.hutool.core.util.ObjectUtil;
|
import cn.hutool.core.util.ObjectUtil;
|
||||||
@ -16,7 +17,6 @@ import com.ruoyi.common.exception.user.UserException;
|
|||||||
import com.ruoyi.common.helper.LoginHelper;
|
import com.ruoyi.common.helper.LoginHelper;
|
||||||
import com.ruoyi.common.utils.DateUtils;
|
import com.ruoyi.common.utils.DateUtils;
|
||||||
import com.ruoyi.common.utils.MessageUtils;
|
import com.ruoyi.common.utils.MessageUtils;
|
||||||
import com.ruoyi.common.utils.SecurityUtils;
|
|
||||||
import com.ruoyi.common.utils.ServletUtils;
|
import com.ruoyi.common.utils.ServletUtils;
|
||||||
import com.ruoyi.common.utils.redis.RedisUtils;
|
import com.ruoyi.common.utils.redis.RedisUtils;
|
||||||
import lombok.RequiredArgsConstructor;
|
import lombok.RequiredArgsConstructor;
|
||||||
@ -68,7 +68,7 @@ public class SysLoginService {
|
|||||||
|
|
||||||
SysUser user = loadUserByUsername(username);
|
SysUser user = loadUserByUsername(username);
|
||||||
|
|
||||||
if (!SecurityUtils.matchesPassword(password, user.getPassword())) {
|
if (!BCrypt.checkpw(password, user.getPassword())) {
|
||||||
// 是否第一次
|
// 是否第一次
|
||||||
errorNumber = ObjectUtil.isNull(errorNumber) ? 1 : errorNumber + 1;
|
errorNumber = ObjectUtil.isNull(errorNumber) ? 1 : errorNumber + 1;
|
||||||
// 达到规定错误次数 则锁定登录
|
// 达到规定错误次数 则锁定登录
|
||||||
|
|||||||
@ -1,5 +1,6 @@
|
|||||||
package com.ruoyi.system.service;
|
package com.ruoyi.system.service;
|
||||||
|
|
||||||
|
import cn.dev33.satoken.secure.BCrypt;
|
||||||
import com.ruoyi.common.constant.Constants;
|
import com.ruoyi.common.constant.Constants;
|
||||||
import com.ruoyi.common.constant.UserConstants;
|
import com.ruoyi.common.constant.UserConstants;
|
||||||
import com.ruoyi.common.core.domain.entity.SysUser;
|
import com.ruoyi.common.core.domain.entity.SysUser;
|
||||||
@ -10,7 +11,6 @@ import com.ruoyi.common.exception.user.CaptchaException;
|
|||||||
import com.ruoyi.common.exception.user.CaptchaExpireException;
|
import com.ruoyi.common.exception.user.CaptchaExpireException;
|
||||||
import com.ruoyi.common.exception.user.UserException;
|
import com.ruoyi.common.exception.user.UserException;
|
||||||
import com.ruoyi.common.utils.MessageUtils;
|
import com.ruoyi.common.utils.MessageUtils;
|
||||||
import com.ruoyi.common.utils.SecurityUtils;
|
|
||||||
import com.ruoyi.common.utils.ServletUtils;
|
import com.ruoyi.common.utils.ServletUtils;
|
||||||
import com.ruoyi.common.utils.redis.RedisUtils;
|
import com.ruoyi.common.utils.redis.RedisUtils;
|
||||||
import lombok.RequiredArgsConstructor;
|
import lombok.RequiredArgsConstructor;
|
||||||
@ -53,7 +53,7 @@ public class SysRegisterService {
|
|||||||
SysUser sysUser = new SysUser();
|
SysUser sysUser = new SysUser();
|
||||||
sysUser.setUserName(username);
|
sysUser.setUserName(username);
|
||||||
sysUser.setNickName(username);
|
sysUser.setNickName(username);
|
||||||
sysUser.setPassword(SecurityUtils.encryptPassword(password));
|
sysUser.setPassword(BCrypt.hashpw(password));
|
||||||
sysUser.setUserType(userType);
|
sysUser.setUserType(userType);
|
||||||
boolean regFlag = userService.registerUser(sysUser);
|
boolean regFlag = userService.registerUser(sysUser);
|
||||||
if (!regFlag) {
|
if (!regFlag) {
|
||||||
|
|||||||
@ -9,7 +9,7 @@ import com.ruoyi.common.constant.UserConstants;
|
|||||||
import com.ruoyi.common.core.domain.entity.SysMenu;
|
import com.ruoyi.common.core.domain.entity.SysMenu;
|
||||||
import com.ruoyi.common.core.domain.entity.SysRole;
|
import com.ruoyi.common.core.domain.entity.SysRole;
|
||||||
import com.ruoyi.common.core.domain.entity.SysUser;
|
import com.ruoyi.common.core.domain.entity.SysUser;
|
||||||
import com.ruoyi.common.utils.SecurityUtils;
|
import com.ruoyi.common.helper.LoginHelper;
|
||||||
import com.ruoyi.common.utils.StringUtils;
|
import com.ruoyi.common.utils.StringUtils;
|
||||||
import com.ruoyi.common.utils.TreeBuildUtils;
|
import com.ruoyi.common.utils.TreeBuildUtils;
|
||||||
import com.ruoyi.system.domain.SysRoleMenu;
|
import com.ruoyi.system.domain.SysRoleMenu;
|
||||||
@ -99,7 +99,7 @@ public class SysMenuServiceImpl implements ISysMenuService {
|
|||||||
@Override
|
@Override
|
||||||
public List<SysMenu> selectMenuTreeByUserId(Long userId) {
|
public List<SysMenu> selectMenuTreeByUserId(Long userId) {
|
||||||
List<SysMenu> menus = null;
|
List<SysMenu> menus = null;
|
||||||
if (SecurityUtils.isAdmin(userId)) {
|
if (LoginHelper.isAdmin(userId)) {
|
||||||
menus = baseMapper.selectMenuTreeAll();
|
menus = baseMapper.selectMenuTreeAll();
|
||||||
} else {
|
} else {
|
||||||
menus = baseMapper.selectMenuTreeByUserId(userId);
|
menus = baseMapper.selectMenuTreeByUserId(userId);
|
||||||
|
|||||||
@ -2,7 +2,6 @@ package com.ruoyi.system.service.impl;
|
|||||||
|
|
||||||
import com.ruoyi.common.core.service.SensitiveService;
|
import com.ruoyi.common.core.service.SensitiveService;
|
||||||
import com.ruoyi.common.helper.LoginHelper;
|
import com.ruoyi.common.helper.LoginHelper;
|
||||||
import com.ruoyi.common.utils.SecurityUtils;
|
|
||||||
import org.springframework.stereotype.Service;
|
import org.springframework.stereotype.Service;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -21,7 +20,7 @@ public class SysSensitiveServiceImpl implements SensitiveService {
|
|||||||
*/
|
*/
|
||||||
@Override
|
@Override
|
||||||
public boolean isSensitive() {
|
public boolean isSensitive() {
|
||||||
return SecurityUtils.isAdmin(LoginHelper.getUserId());
|
return LoginHelper.isAdmin();
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user