perf(登录): 移动端不受多端登录限制

backend/src/main/java/io/dataease/auth/api/AuthApi.java

@@ -22,6 +22,10 @@ public interface AuthApi {
     @PostMapping("/login")
     Object login(LoginDto loginDto) throws Exception;
 
+    @ApiOperation("移动端登录")
+    @PostMapping("/mobileLogin")
+    Object mobileLogin(LoginDto loginDto) throws Exception;
+
     @PostMapping("/seizeLogin")
     Object seizeLogin(SeizeLoginDto loginDto) throws Exception;
 

backend/src/main/java/io/dataease/auth/server/AuthServer.java

@@ -67,6 +67,46 @@ public class AuthServer implements AuthApi {
     @Autowired
     private WsService wsService;
 
+    @Override
+    public Object mobileLogin(@RequestBody LoginDto loginDto) throws Exception {
+        String username = RsaUtil.decryptByPrivateKey(RsaProperties.privateKey, loginDto.getUsername());
+        String pwd = RsaUtil.decryptByPrivateKey(RsaProperties.privateKey, loginDto.getPassword());
+        AccountLockStatus accountLockStatus = authUserService.lockStatus(username, 0);
+        if (accountLockStatus.getLocked()) {
+            String msg = Translator.get("I18N_ACCOUNT_LOCKED");
+            msg = String.format(msg, username, accountLockStatus.getRelieveTimes().toString());
+            DataEaseException.throwException(msg);
+        }
+
+        SysUserEntity user = authUserService.getUserByName(username);
+
+        if (ObjectUtils.isEmpty(user)) {
+            AccountLockStatus lockStatus = authUserService.recordLoginFail(username, 0);
+            DataEaseException.throwException(appendLoginErrorMsg(Translator.get("i18n_id_or_pwd_error"), lockStatus));
+        }
+        if (user.getEnabled() == 0) {
+            AccountLockStatus lockStatus = authUserService.recordLoginFail(username, 0);
+            DataEaseException.throwException(appendLoginErrorMsg(Translator.get("i18n_user_is_disable"), lockStatus));
+        }
+        String realPwd = user.getPassword();
+        pwd = CodingUtil.md5(pwd);
+
+        if (!StringUtils.equals(pwd, realPwd)) {
+            AccountLockStatus lockStatus = authUserService.recordLoginFail(username, 0);
+            DataEaseException.throwException(appendLoginErrorMsg(Translator.get("i18n_id_or_pwd_error"), lockStatus));
+        }
+        TokenInfo tokenInfo = TokenInfo.builder().userId(user.getUserId()).username(username).build();
+        String token = JWTUtils.sign(tokenInfo, realPwd, false);
+        // 记录token操作时间
+        Map<String, Object> result = new HashMap<>();
+        result.put("token", token);
+        ServletUtils.setToken(token);
+        DeLogUtils.save(SysLogConstants.OPERATE_TYPE.LOGIN, SysLogConstants.SOURCE_TYPE.USER, user.getUserId(), null, null, null);
+        authUserService.unlockAccount(username, 0);
+        authUserService.clearCache(user.getUserId());
+        return result;
+    }
+
     @Override
     public Object login(@RequestBody LoginDto loginDto) throws Exception {
         Map<String, Object> result = new HashMap<>();

backend/src/main/java/io/dataease/auth/service/impl/ShiroServiceImpl.java

@@ -83,6 +83,7 @@ public class ShiroServiceImpl implements ShiroService {
         filterChainDefinitionMap.put("/api/auth/login", ANON);
         filterChainDefinitionMap.put("/api/auth/seizeLogin", ANON);
         filterChainDefinitionMap.put("/api/auth/logout", ANON);
+        filterChainDefinitionMap.put("/api/auth/mobileLogin", ANON);
         filterChainDefinitionMap.put("/api/auth/isPluginLoaded", ANON);
         filterChainDefinitionMap.put("/system/requestTimeOut", ANON);
         filterChainDefinitionMap.put("/api/auth/validateName", ANON);

backend/src/main/java/io/dataease/plugins/server/XDingtalkServer.java

@@ -80,7 +80,7 @@ public class XDingtalkServer {
         return dingtalkXpackService.getQrParam();
     }
 
-    private ModelAndView privateCallBack(String code, Boolean withoutLogin) {
+    private ModelAndView privateCallBack(String code, Boolean withoutLogin, Boolean isMobile) {
         ModelAndView modelAndView = new ModelAndView("redirect:/");
         HttpServletResponse response = ServletUtils.response();
         DingtalkXpackService dingtalkXpackService = null;
@@ -109,7 +109,7 @@ public class XDingtalkServer {
             }
             TokenInfo tokenInfo = TokenInfo.builder().userId(sysUserEntity.getUserId()).username(sysUserEntity.getUsername()).build();
             String realPwd = sysUserEntity.getPassword();
-            String token = JWTUtils.sign(tokenInfo, realPwd);
+            String token = JWTUtils.sign(tokenInfo, realPwd, !isMobile);
             ServletUtils.setToken(token);
 
             DeLogUtils.save(SysLogConstants.OPERATE_TYPE.LOGIN, SysLogConstants.SOURCE_TYPE.USER, sysUserEntity.getUserId(), null, null, null);
@@ -144,13 +144,14 @@ public class XDingtalkServer {
     }
 
     @GetMapping("/callBackWithoutLogin")
-    public ModelAndView callBackWithoutLogin(@RequestParam("code") String code) {
-        return privateCallBack(code, true);
+    public ModelAndView callBackWithoutLogin(@RequestParam("code") String code, @RequestParam("mobile") String mobile) {
+        boolean isMobile = StringUtils.equals("1", mobile);
+        return privateCallBack(code, true, isMobile);
     }
 
     @GetMapping("/callBack")
     public ModelAndView callBack(@RequestParam("code") String code, @RequestParam("state") String state) {
-        return privateCallBack(code, false);
+        return privateCallBack(code, false, false);
     }
 
     private void bindError(HttpServletResponse response, String url, String errorMsg) {

backend/src/main/java/io/dataease/plugins/server/XLarkServer.java

@@ -92,11 +92,12 @@ public class XLarkServer {
     }
 
     @GetMapping("/callBackWithoutLogin")
-    public ModelAndView callBackWithoutLogin(@RequestParam("code") String code) {
-        return privateCallBack(code, null, true);
+    public ModelAndView callBackWithoutLogin(@RequestParam("code") String code, @RequestParam("mobile") String mobile) {
+        boolean isMobile = StringUtils.equals("1", mobile);
+        return privateCallBack(code, null, true, isMobile);
     }
 
-    private ModelAndView privateCallBack(String code, String state, Boolean withoutLogin) {
+    private ModelAndView privateCallBack(String code, String state, Boolean withoutLogin, Boolean isMobile) {
         ModelAndView modelAndView = new ModelAndView("redirect:/");
         HttpServletResponse response = ServletUtils.response();
         LarkXpackService larkXpackService = null;
@@ -132,7 +133,7 @@ public class XLarkServer {
             }
             TokenInfo tokenInfo = TokenInfo.builder().userId(sysUserEntity.getUserId()).username(sysUserEntity.getUsername()).build();
             String realPwd = sysUserEntity.getPassword();
-            String token = JWTUtils.sign(tokenInfo, realPwd);
+            String token = JWTUtils.sign(tokenInfo, realPwd, !isMobile);
             ServletUtils.setToken(token);
 
             DeLogUtils.save(SysLogConstants.OPERATE_TYPE.LOGIN, SysLogConstants.SOURCE_TYPE.USER, sysUserEntity.getUserId(), null, null, null);
@@ -168,7 +169,7 @@ public class XLarkServer {
 
     @GetMapping("/callBack")
     public ModelAndView callBack(@RequestParam("code") String code, @RequestParam("state") String state) {
-        return privateCallBack(code, state, false);
+        return privateCallBack(code, state, false, false);
     }
 
     private void bindError(HttpServletResponse response, String url, String errorMsg) {

mobile/src/api/auth.js

@@ -2,7 +2,7 @@ import request from '@/common/js/request'
 
 export function login(data) {
     return request({
-        url: '/api/auth/login',
+        url: '/api/auth/mobileLogin',
         method: 'post',
         data
     })