sandu-common/src/main/java/com/sandu/common/enums/ResponseStatusEnums.java
@@ -16,6 +16,7 @@ BAD_CREDENTIALS(40001, "ç¨æ·åæå¯ç ä¸æ£ç¡®"), DISABLE_ACCOUNT(40002, "该账å·å·²è¢«ç¦æ¢ä½¿ç¨"), BAD_AUTHENTICATION(40003,"éªè¯ç ä¸æ£ç¡®"), /** * token ç¸å ³ */ ximon-admin/src/main/java/com/sandu/ximon/admin/controller/AdminController.java
@@ -3,6 +3,7 @@ import cn.hutool.core.collection.CollectionUtil; import cn.hutool.core.map.MapBuilder; import cn.hutool.core.map.MapUtil; import cn.hutool.core.util.StrUtil; import com.baomidou.mybatisplus.core.toolkit.Wrappers; import com.sandu.common.domain.ResponseVO; import com.sandu.common.enums.AdminStatusStatus; @@ -12,7 +13,6 @@ import com.sandu.common.log.Log; import com.sandu.common.object.BaseConditionVO; import com.sandu.common.redis.RedisService; import com.sandu.common.redis.UserModel; import com.sandu.common.security.LoginUserInfo; import com.sandu.common.security.annotation.AnonymousAccess; import com.sandu.common.security.config.SecurityProperties; @@ -23,7 +23,6 @@ import com.sandu.ximon.admin.security.PermissionConfig; import com.sandu.ximon.admin.security.SecurityUtils; import com.sandu.ximon.admin.service.*; import com.sandu.ximon.admin.utils.RedisUtils; import com.sandu.ximon.dao.bo.MenuNode; import com.sandu.ximon.dao.domain.*; import com.sandu.ximon.dao.enums.AdministratorEnums; @@ -36,8 +35,12 @@ import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; import javax.servlet.http.HttpServletRequest; import java.time.LocalDateTime; import java.util.*; import java.util.Collection; import java.util.HashMap; import java.util.List; import java.util.Map; import java.util.stream.Collectors; /** @@ -65,11 +68,15 @@ @Log("åå°ç¨æ·ç»å½") @AnonymousAccess @PostMapping(value = "/login") public ResponseVO<Object> login(@RequestBody AdminLoginParam loginParam) { public ResponseVO<Object> login(HttpServletRequest request, @RequestBody AdminLoginParam loginParam) { Admin admin = adminService.getOne(Wrappers.lambdaQuery(Admin.class).eq(Admin::getUsername, loginParam.getUsername()).last("limit 1")); if (admin == null) { return ResponseUtil.error(ResponseStatusEnums.BAD_CREDENTIALS.getCode(), ResponseStatusEnums.BAD_CREDENTIALS.getMessage()); } String session_vcode = (String) request.getSession().getAttribute(loginParam.getKey()); if (!StrUtil.equalsIgnoreCase(session_vcode, loginParam.getVlue())) { return ResponseUtil.error(ResponseStatusEnums.BAD_AUTHENTICATION.getCode(), ResponseStatusEnums.BAD_AUTHENTICATION.getMessage()); } if (!passwordEncoder.matches(loginParam.getPassword(), admin.getPassword())) { return ResponseUtil.error(ResponseStatusEnums.BAD_CREDENTIALS.getCode(), ResponseStatusEnums.BAD_CREDENTIALS.getMessage()); } ximon-admin/src/main/java/com/sandu/ximon/admin/controller/ClientController.java
@@ -1,6 +1,7 @@ package com.sandu.ximon.admin.controller; import cn.hutool.core.bean.BeanUtil; import cn.hutool.core.util.StrUtil; import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; import com.baomidou.mybatisplus.core.toolkit.Wrappers; import com.github.pagehelper.PageHelper; @@ -32,6 +33,7 @@ import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; import javax.servlet.http.HttpServletRequest; import java.time.LocalDateTime; import java.util.*; import java.util.stream.Collectors; @@ -153,11 +155,15 @@ @AnonymousAccess @PostMapping(value = "/login") public ResponseVO<Object> longin(@RequestBody @Validated AdminLoginParam loginParam) { public ResponseVO<Object> longin(HttpServletRequest request, @RequestBody @Validated AdminLoginParam loginParam) { Client client = clientService.getOne(Wrappers.lambdaQuery(Client.class).eq(Client::getClientName, loginParam.getUsername()).last("limit 1")); if (client == null) { return ResponseUtil.error(ResponseStatusEnums.BAD_CREDENTIALS.getCode(), ResponseStatusEnums.BAD_CREDENTIALS.getMessage()); } String session_vcode = (String) request.getSession().getAttribute(loginParam.getKey()); if (!StrUtil.equalsIgnoreCase(session_vcode, loginParam.getVlue())) { return ResponseUtil.error(ResponseStatusEnums.BAD_AUTHENTICATION.getCode(), ResponseStatusEnums.BAD_AUTHENTICATION.getMessage()); } if (!passwordEncoder.matches(loginParam.getPassword(), client.getPassword())) { return ResponseUtil.error(ResponseStatusEnums.BAD_CREDENTIALS.getCode(), ResponseStatusEnums.BAD_CREDENTIALS.getMessage()); } ximon-admin/src/main/java/com/sandu/ximon/admin/param/AdminLoginParam.java
@@ -17,4 +17,8 @@ private String username; @NotEmpty private String password; @NotEmpty private String key; @NotEmpty private String vlue; } ximon-admin/src/main/java/com/sandu/ximon/admin/security/authcode/MD5Util.java
¶Ô±ÈÐÂÎļþ @@ -0,0 +1,28 @@ package com.sandu.ximon.admin.security.authcode; import java.math.BigInteger; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; public class MD5Util { public static String md5(String plainText) { byte[] secretBytes = null; try { //è·åææåèæ°ç» secretBytes = MessageDigest.getInstance("md5").digest(plainText.getBytes()); } catch(NoSuchAlgorithmException e) { throw new RuntimeException("No Such Algorithm."); } String md5code = new BigInteger(1,secretBytes).toString(16); for(int i=0;i < 32 - md5code.length();i ++) { md5code = "0" + md5code; } return md5code; } public static void main(String[] args) { String password = "123456"; String code = MD5Util.md5(password); System.out.println(code); } } ximon-admin/src/main/java/com/sandu/ximon/admin/security/authcode/VerifyCodeController.java
@@ -3,6 +3,7 @@ import cn.hutool.core.lang.Snowflake; import cn.hutool.core.util.StrUtil; import com.baomidou.mybatisplus.core.toolkit.StringUtils; import com.sandu.common.security.annotation.AnonymousAccess; import lombok.AllArgsConstructor; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.RequestMapping; @@ -33,6 +34,8 @@ private final Snowflake snowflake; @AnonymousAccess @RequestMapping("/getImg") @ResponseBody public Map getVerifiCode(HttpServletRequest request, HttpServletResponse response) throws IOException { @@ -44,20 +47,11 @@ long key = snowflake.nextId(); ImageVerificationCode ivc = new ImageVerificationCode(); //ç¨æ们çéªè¯ç ç±»ï¼çæéªè¯ç 类对象 BufferedImage image = ivc.getImage(); //è·åéªè¯ç // ByteArrayOutputStream baos = new ByteArrayOutputStream();//ioæµ // ImageIO.write(image, "JPEG", baos);//åå ¥æµä¸ // byte[] bytes = baos.toByteArray();//转æ¢æåè // BASE64Encoder encoder = new BASE64Encoder(); // String png_base64 = encoder.encodeBuffer(bytes).trim();//转æ¢æbase64串 // png_base64 = png_base64.replaceAll("\n", "").replaceAll("\r", "");//å é¤ \r\n // ImageIO.write(bufferedImage, "png", new File("D:/qrcode1.png")); // System.out.println("å¼ä¸ºï¼"+"data:image/jpg;base64,"+png_base64); request.getSession().setAttribute(key+"", ivc.getText()); //å°éªè¯ç çææ¬åå¨sessionä¸ request.getSession().setAttribute(key+"", MD5Util.md5(ivc.getText().toUpperCase())); //å°éªè¯ç çææ¬åå¨sessionä¸ // ImageVerificationCode.output(image, response.getOutputStream());//å°éªè¯ç å¾çååºç»å®¢æ·ç«¯ String img = getBufferedImageToBase64(image, "JPEG"); String session_vcode = (String) request.getSession().getAttribute(key+""); Map map = new HashMap(); // map.put("img", "data:image/jpg;base64,"+png_base64); map.put("img", img); @@ -66,11 +60,12 @@ return map; } @AnonymousAccess @RequestMapping("/Login_authentication/{key}") @ResponseBody public String Login_authentication(HttpServletRequest request, HttpServletResponse response,@PathVariable String key) throws IOException, ServletException { request.setCharacterEncoding("utf-8"); // String vcode = (String)map.get("session_vcode"); // String vcode = (String)map.get("session_vcode"); r6mt // if(vcode.isEmpty()||vcode==null){ // return "éªè¯ç ä¸è½ä¸ºç©º"; // }
