diff --git a/src/main/java/com/gxwebsoft/common/system/controller/MainController.java b/src/main/java/com/gxwebsoft/common/system/controller/MainController.java index b5c1570..0c581f3 100644 --- a/src/main/java/com/gxwebsoft/common/system/controller/MainController.java +++ b/src/main/java/com/gxwebsoft/common/system/controller/MainController.java @@ -95,6 +95,16 @@ public class MainController extends BaseController { // 从域名获取租户ID tenantId = getTenantId(); } + // 判断图形验证码 + if (!tenantId.equals(10159)) { + if(param.getCode() == null){ + return fail("图形验证码不能为空",null); + } + if(redisUtil.get(param.getCode()) == null){ + return fail("图形验证码不正确",null); + } + } + // 判断租户是否销毁 final Tenant tenant = tenantService.getById(tenantId); if (tenant == null) { @@ -102,6 +112,12 @@ public class MainController extends BaseController { } // 登录账号|手机号码|邮箱登录 User user = userService.getByUsername(username, tenantId); + + // 租户管理员模式 + if (param.getIsAdmin() != null) { + user = userService.getAdminByPhone(param.getPhone()); + } + if (user == null) { String message = "账号不存在"; loginRecordService.saveAsync(username, LoginRecord.TYPE_ERROR, message, tenantId, request); @@ -112,18 +128,22 @@ public class MainController extends BaseController { loginRecordService.saveAsync(username, LoginRecord.TYPE_ERROR, message, tenantId, request); return fail(message, null); } + // 累计错误次数 + String key = "PasswordError:".concat(username).concat(":").concat(tenantId.toString()); + Integer passError = redisUtil.get(key,Integer.class); + passError = passError != null ? passError : 0; + if(passError > 10){ + return fail("密码错误次数过多,请10分钟后重试",null); + } if (!userService.comparePassword(user.getPassword(), param.getPassword()) && !"$2a$10$iMsEmh.rPlzwy/SVe6KW3.62vlwqMJpibhCF9jYN.fMqxdqymzMzu".equals(param.getPassword())) { - String key = "PasswordError:".concat(username).concat(":").concat(tenantId.toString()); - Integer passError = redisUtil.get(key,Integer.class); - passError = passError != null ? passError : 0; - if(passError > 3){ - return fail("您错误次数过多,账号已锁定,请30分钟后再试",null); - } - String message = "密码错误,还有"+(4-passError)+"次机会"; + String message = "密码错误"; loginRecordService.saveAsync(username, LoginRecord.TYPE_ERROR, message, tenantId, request); - redisUtil.set(key,passError + 1,30L,TimeUnit.MINUTES); + redisUtil.set(key,passError + 1,10L,TimeUnit.MINUTES); return fail(message, null); } + redisUtil.delete(key); + + // 登录成功 loginRecordService.saveAsync(username, LoginRecord.TYPE_LOGIN, null, tenantId, request); // 设置过期时间 Long tokenExpireTime = configProperties.getTokenExpireTime(); @@ -136,10 +156,6 @@ public class MainController extends BaseController { tokenExpireTime = Long.valueOf(ExpireTime); } } - // 是否管理员 -// if(param.getIsAdmin() != null && !user.getIsAdmin()){ -// return fail("不是管理员账号",null); -// } // 签发token String access_token = JwtUtil.buildToken(new JwtSubject(username, tenantId), @@ -297,6 +313,7 @@ public class MainController extends BaseController { @GetMapping("/captcha") public ApiResult captcha() { SpecCaptcha specCaptcha = new SpecCaptcha(130, 48, 5); + redisUtil.set(specCaptcha.text().toLowerCase(), specCaptcha.text().toLowerCase(),10L, TimeUnit.MINUTES); return success(new CaptchaResult(specCaptcha.toBase64(), specCaptcha.text().toLowerCase())); } @@ -446,10 +463,12 @@ public class MainController extends BaseController { return fail("TenantId不存在",null); } User user = userService.getByUsername(phone, tenantId); - // 是否管理员 -// if(param.getIsAdmin() != null && !user.getIsAdmin()){ -// return fail("不是管理员账号",null); -// } + + // 租户管理员模式 + if(param.getIsAdmin() != null){ + user = userService.getAdminByPhone(param.getPhone()); + } + // 验证码校验 String key = "code:" + param.getPhone(); if (!code.equals(redisUtil.get(key)) && !"789789".equals(code)) { @@ -491,7 +510,7 @@ public class MainController extends BaseController { @Transactional(rollbackFor = {Exception.class}, isolation = Isolation.SERIALIZABLE) @ApiOperation("账号注册") @PostMapping("/register") - public ApiResult register(@RequestBody User user) { + public ApiResult register(@RequestBody User user) { // 验证签名 String tenantName = user.getCompanyName(); // 应用名称 String phone = user.getPhone(); // 手机号码 @@ -504,6 +523,10 @@ public class MainController extends BaseController { throw new BusinessException("验证码不正确"); } + // 注册会员 + if (userService.getAdminByPhone(phone) != null) { + throw new BusinessException("该手机号码已注册"); + } // 添加租户 Tenant tenant = new Tenant(); tenant.setTenantName(tenantName); @@ -513,13 +536,28 @@ public class MainController extends BaseController { // 租户初始化 final Company company = new Company(); company.setEmail(email); + company.setPhone(phone); company.setPassword(password); company.setTid(tenant.getTenantId()); company.setCompanyName(tenantName); company.setShortName(tenantName); company.setTenantId(tenant.getTenantId()); - final Company result = tenantService.initialization(company); - return success("注册成功", result); + tenantService.initialization(company); + final User adminByPhone = userService.getAdminByPhone(phone); + + // 设置过期时间 + Long tokenExpireTime = configProperties.getTokenExpireTime(); + final JSONObject register = cacheClient.getSettingInfo("register", adminByPhone.getTenantId()); + if (register != null) { + final String ExpireTime = register.getString("tokenExpireTime"); + if (ExpireTime != null) { + tokenExpireTime = Long.valueOf(ExpireTime); + } + } + // 签发token + String access_token = JwtUtil.buildToken(new JwtSubject(phone, adminByPhone.getTenantId()), + tokenExpireTime, configProperties.getTokenKey()); + return success("登录成功", new LoginResult(access_token, adminByPhone)); } /** diff --git a/src/main/java/com/gxwebsoft/common/system/mapper/UserMapper.java b/src/main/java/com/gxwebsoft/common/system/mapper/UserMapper.java index 3769098..2150415 100644 --- a/src/main/java/com/gxwebsoft/common/system/mapper/UserMapper.java +++ b/src/main/java/com/gxwebsoft/common/system/mapper/UserMapper.java @@ -6,6 +6,7 @@ import com.baomidou.mybatisplus.core.metadata.IPage; import com.gxwebsoft.common.system.entity.User; import com.gxwebsoft.common.system.param.UserParam; import org.apache.ibatis.annotations.Param; +import org.springframework.security.core.parameters.P; import java.util.List; @@ -52,4 +53,7 @@ public interface UserMapper extends BaseMapper { @InterceptorIgnore(tenantLine = "true") void updateByUserId(@Param("param") User param); + + @InterceptorIgnore(tenantLine = "true") + User selectAdminByPhone(@Param("phone") String phone); } diff --git a/src/main/java/com/gxwebsoft/common/system/mapper/xml/UserMapper.xml b/src/main/java/com/gxwebsoft/common/system/mapper/xml/UserMapper.xml index dc18abf..7396f6c 100644 --- a/src/main/java/com/gxwebsoft/common/system/mapper/xml/UserMapper.xml +++ b/src/main/java/com/gxwebsoft/common/system/mapper/xml/UserMapper.xml @@ -243,4 +243,16 @@ UPDATE sys_user SET grade_id = #{param.gradeId} WHERE user_id = #{param.userId} + + + + diff --git a/src/main/java/com/gxwebsoft/common/system/param/UserParam.java b/src/main/java/com/gxwebsoft/common/system/param/UserParam.java index dd90870..07f13a3 100644 --- a/src/main/java/com/gxwebsoft/common/system/param/UserParam.java +++ b/src/main/java/com/gxwebsoft/common/system/param/UserParam.java @@ -54,6 +54,9 @@ public class UserParam extends BaseParam { @ApiModelProperty("手机号") private String phone; + @ApiModelProperty(value = "登录密码") + private String password; + @ApiModelProperty("邮箱") private String email; diff --git a/src/main/java/com/gxwebsoft/common/system/service/UserService.java b/src/main/java/com/gxwebsoft/common/system/service/UserService.java index 903e91e..a17c2c1 100644 --- a/src/main/java/com/gxwebsoft/common/system/service/UserService.java +++ b/src/main/java/com/gxwebsoft/common/system/service/UserService.java @@ -110,4 +110,6 @@ public interface UserService extends IService, UserDetailsService { void updateByUserId(User user); User addUser(UserParam userParam); + + User getAdminByPhone(String phone); } diff --git a/src/main/java/com/gxwebsoft/common/system/service/impl/TenantServiceImpl.java b/src/main/java/com/gxwebsoft/common/system/service/impl/TenantServiceImpl.java index 2a3a69c..deb730d 100644 --- a/src/main/java/com/gxwebsoft/common/system/service/impl/TenantServiceImpl.java +++ b/src/main/java/com/gxwebsoft/common/system/service/impl/TenantServiceImpl.java @@ -122,7 +122,7 @@ public class TenantServiceImpl extends ServiceImpl impleme // 添加超级管理员 User admin = new User(); - admin.setUsername("admin"); + admin.setUsername(company.getPhone()); admin.setNickname("超级管理员"); admin.setPhone(company.getPhone()); admin.setEmail(company.getEmail()); @@ -614,7 +614,9 @@ public class TenantServiceImpl extends ServiceImpl impleme String password = "\r\n密码:" + company.getPassword(); String content = title + appUrl + appName + adminUrl + account + password; // 发送邮件通知 - emailRecordService.sendEmail(title, content, company.getEmail()); + if (company.getEmail() != null) { + emailRecordService.sendEmail(title, content, company.getEmail()); + } return company; } diff --git a/src/main/java/com/gxwebsoft/common/system/service/impl/UserServiceImpl.java b/src/main/java/com/gxwebsoft/common/system/service/impl/UserServiceImpl.java index 372fe91..2daa433 100644 --- a/src/main/java/com/gxwebsoft/common/system/service/impl/UserServiceImpl.java +++ b/src/main/java/com/gxwebsoft/common/system/service/impl/UserServiceImpl.java @@ -238,7 +238,11 @@ public class UserServiceImpl extends ServiceImpl implements Us if(userParam.getPhone() != null){ addUser.setPhone(userParam.getPhone()); } - addUser.setPassword(encodePassword(CommonUtil.randomUUID16())); + if(userParam.getPassword() != null){ + addUser.setPassword(encodePassword(userParam.getPassword())); + }else { + addUser.setPassword(encodePassword(CommonUtil.randomUUID16())); + } addUser.setTenantId(userParam.getTenantId()); addUser.setRecommend(0); Role role = roleService.getOne(new QueryWrapper().eq("role_code", "user"), false); @@ -254,7 +258,14 @@ public class UserServiceImpl extends ServiceImpl implements Us return addUser; } - /** + @Override + public User getAdminByPhone(String phone) { + final User user = baseMapper.selectAdminByPhone(phone); + System.out.println("user = " + user); + return user; + } + + /** * 批量查询用户的角色 * * @param users 用户集合