perf(登录): 移动端不受多端登录限制

2023-03-14 14:59:52 +08:00 · 2023-03-14 14:59:52 +08:00 · cd3f72a876
commit cd3f72a876
parent 3d2b353a84
6 changed files with 58 additions and 11 deletions
--- a/backend/src/main/java/io/dataease/auth/api/AuthApi.java
+++ b/backend/src/main/java/io/dataease/auth/api/AuthApi.java
@ -22,6 +22,10 @@ public interface AuthApi {
    @PostMapping("/login")
    Object login(LoginDto loginDto) throws Exception;
    @ApiOperation("移动端登录")
    @PostMapping("/mobileLogin")
    Object mobileLogin(LoginDto loginDto) throws Exception;
    @PostMapping("/seizeLogin")
    Object seizeLogin(SeizeLoginDto loginDto) throws Exception;
--- a/backend/src/main/java/io/dataease/auth/server/AuthServer.java
+++ b/backend/src/main/java/io/dataease/auth/server/AuthServer.java
@ -67,6 +67,46 @@ public class AuthServer implements AuthApi {
    @Autowired
    private WsService wsService;
    @Override
    public Object mobileLogin(@RequestBody LoginDto loginDto) throws Exception {
        String username = RsaUtil.decryptByPrivateKey(RsaProperties.privateKey, loginDto.getUsername());
        String pwd = RsaUtil.decryptByPrivateKey(RsaProperties.privateKey, loginDto.getPassword());
        AccountLockStatus accountLockStatus = authUserService.lockStatus(username, 0);
        if (accountLockStatus.getLocked()) {
            String msg = Translator.get("I18N_ACCOUNT_LOCKED");
            msg = String.format(msg, username, accountLockStatus.getRelieveTimes().toString());
            DataEaseException.throwException(msg);
        }
        SysUserEntity user = authUserService.getUserByName(username);
        if (ObjectUtils.isEmpty(user)) {
            AccountLockStatus lockStatus = authUserService.recordLoginFail(username, 0);
            DataEaseException.throwException(appendLoginErrorMsg(Translator.get("i18n_id_or_pwd_error"), lockStatus));
        }
        if (user.getEnabled() == 0) {
            AccountLockStatus lockStatus = authUserService.recordLoginFail(username, 0);
            DataEaseException.throwException(appendLoginErrorMsg(Translator.get("i18n_user_is_disable"), lockStatus));
        }
        String realPwd = user.getPassword();
        pwd = CodingUtil.md5(pwd);
        if (!StringUtils.equals(pwd, realPwd)) {
            AccountLockStatus lockStatus = authUserService.recordLoginFail(username, 0);
            DataEaseException.throwException(appendLoginErrorMsg(Translator.get("i18n_id_or_pwd_error"), lockStatus));
        }
        TokenInfo tokenInfo = TokenInfo.builder().userId(user.getUserId()).username(username).build();
        String token = JWTUtils.sign(tokenInfo, realPwd, false);
        // 记录token操作时间
        Map<String, Object> result = new HashMap<>();
        result.put("token", token);
        ServletUtils.setToken(token);
        DeLogUtils.save(SysLogConstants.OPERATE_TYPE.LOGIN, SysLogConstants.SOURCE_TYPE.USER, user.getUserId(), null, null, null);
        authUserService.unlockAccount(username, 0);
        authUserService.clearCache(user.getUserId());
        return result;
    }
    @Override
    public Object login(@RequestBody LoginDto loginDto) throws Exception {
        Map<String, Object> result = new HashMap<>();
--- a/backend/src/main/java/io/dataease/auth/service/impl/ShiroServiceImpl.java
+++ b/backend/src/main/java/io/dataease/auth/service/impl/ShiroServiceImpl.java
@ -83,6 +83,7 @@ public class ShiroServiceImpl implements ShiroService {
        filterChainDefinitionMap.put("/api/auth/login", ANON);
        filterChainDefinitionMap.put("/api/auth/seizeLogin", ANON);
        filterChainDefinitionMap.put("/api/auth/logout", ANON);
        filterChainDefinitionMap.put("/api/auth/mobileLogin", ANON);
        filterChainDefinitionMap.put("/api/auth/isPluginLoaded", ANON);
        filterChainDefinitionMap.put("/system/requestTimeOut", ANON);
        filterChainDefinitionMap.put("/api/auth/validateName", ANON);
--- a/backend/src/main/java/io/dataease/plugins/server/XDingtalkServer.java
+++ b/backend/src/main/java/io/dataease/plugins/server/XDingtalkServer.java
@ -80,7 +80,7 @@ public class XDingtalkServer {
        return dingtalkXpackService.getQrParam();
    }
-    private ModelAndView privateCallBack(String code, Boolean withoutLogin) {
+    private ModelAndView privateCallBack(String code, Boolean withoutLogin, Boolean isMobile) {
        ModelAndView modelAndView = new ModelAndView("redirect:/");
        HttpServletResponse response = ServletUtils.response();
        DingtalkXpackService dingtalkXpackService = null;
@ -109,7 +109,7 @@ public class XDingtalkServer {
            }
            TokenInfo tokenInfo = TokenInfo.builder().userId(sysUserEntity.getUserId()).username(sysUserEntity.getUsername()).build();
            String realPwd = sysUserEntity.getPassword();
-            String token = JWTUtils.sign(tokenInfo, realPwd);
+            String token = JWTUtils.sign(tokenInfo, realPwd, !isMobile);
            ServletUtils.setToken(token);
            DeLogUtils.save(SysLogConstants.OPERATE_TYPE.LOGIN, SysLogConstants.SOURCE_TYPE.USER, sysUserEntity.getUserId(), null, null, null);
@ -144,13 +144,14 @@ public class XDingtalkServer {
    }
    @GetMapping("/callBackWithoutLogin")
-    public ModelAndView callBackWithoutLogin(@RequestParam("code") String code) {
+    public ModelAndView callBackWithoutLogin(@RequestParam("code") String code, @RequestParam("mobile") String mobile) {
-        return privateCallBack(code, true);
+        boolean isMobile = StringUtils.equals("1", mobile);
        return privateCallBack(code, true, isMobile);
    }
    @GetMapping("/callBack")
    public ModelAndView callBack(@RequestParam("code") String code, @RequestParam("state") String state) {
-        return privateCallBack(code, false);
+        return privateCallBack(code, false, false);
    }
    private void bindError(HttpServletResponse response, String url, String errorMsg) {
--- a/backend/src/main/java/io/dataease/plugins/server/XLarkServer.java
+++ b/backend/src/main/java/io/dataease/plugins/server/XLarkServer.java
@ -92,11 +92,12 @@ public class XLarkServer {
    }
    @GetMapping("/callBackWithoutLogin")
-    public ModelAndView callBackWithoutLogin(@RequestParam("code") String code) {
+    public ModelAndView callBackWithoutLogin(@RequestParam("code") String code, @RequestParam("mobile") String mobile) {
-        return privateCallBack(code, null, true);
+        boolean isMobile = StringUtils.equals("1", mobile);
        return privateCallBack(code, null, true, isMobile);
    }
-    private ModelAndView privateCallBack(String code, String state, Boolean withoutLogin) {
+    private ModelAndView privateCallBack(String code, String state, Boolean withoutLogin, Boolean isMobile) {
        ModelAndView modelAndView = new ModelAndView("redirect:/");
        HttpServletResponse response = ServletUtils.response();
        LarkXpackService larkXpackService = null;
@ -132,7 +133,7 @@ public class XLarkServer {
            }
            TokenInfo tokenInfo = TokenInfo.builder().userId(sysUserEntity.getUserId()).username(sysUserEntity.getUsername()).build();
            String realPwd = sysUserEntity.getPassword();
-            String token = JWTUtils.sign(tokenInfo, realPwd);
+            String token = JWTUtils.sign(tokenInfo, realPwd, !isMobile);
            ServletUtils.setToken(token);
            DeLogUtils.save(SysLogConstants.OPERATE_TYPE.LOGIN, SysLogConstants.SOURCE_TYPE.USER, sysUserEntity.getUserId(), null, null, null);
@ -168,7 +169,7 @@ public class XLarkServer {
    @GetMapping("/callBack")
    public ModelAndView callBack(@RequestParam("code") String code, @RequestParam("state") String state) {
-        return privateCallBack(code, state, false);
+        return privateCallBack(code, state, false, false);
    }
    private void bindError(HttpServletResponse response, String url, String errorMsg) {
--- a/mobile/src/api/auth.js
+++ b/mobile/src/api/auth.js
@ -2,7 +2,7 @@ import request from '@/common/js/request'
 export function login(data) {
    return request({
-        url: '/api/auth/login',
+        url: '/api/auth/mobileLogin',
        method: 'post',
        data
    })