forked from github/dataease
Merge remote-tracking branch 'origin/main' into main
This commit is contained in:
wangjiahao
commit
df0d2a9b22
@ -31,7 +31,4 @@ public interface AuthApi {
|
||||
@PostMapping("/validateName")
|
||||
Boolean validateName(Map<String, String> nameDto);
|
||||
|
||||
|
||||
@GetMapping("/test")
|
||||
String test();
|
||||
}
|
||||
|
||||
@ -19,7 +19,6 @@ import org.apache.shiro.subject.PrincipalCollection;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Lazy;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
@ -13,8 +13,6 @@ public class TokenInfo implements Serializable {
|
||||
|
||||
private Long userId;
|
||||
|
||||
private Long lastLoginTime;
|
||||
|
||||
public String format(){
|
||||
return username + "," +userId;
|
||||
}
|
||||
|
||||
@ -6,7 +6,6 @@ import io.dataease.auth.entity.TokenInfo;
|
||||
import io.dataease.auth.service.AuthUserService;
|
||||
import io.dataease.auth.util.JWTUtils;
|
||||
import io.dataease.commons.utils.CommonBeanFactory;
|
||||
import io.dataease.commons.utils.ServletUtils;
|
||||
import io.dataease.i18n.Translator;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.apache.shiro.authc.AuthenticationException;
|
||||
@ -29,9 +28,6 @@ public class JWTFilter extends BasicHttpAuthenticationFilter {
|
||||
|
||||
public final static String expireMessage = "Login token is expire.";
|
||||
|
||||
/*@Autowired
|
||||
private AuthUserService authUserService;*/
|
||||
|
||||
|
||||
/**
|
||||
* 判断用户是否想要登入。
|
||||
@ -53,22 +49,15 @@ public class JWTFilter extends BasicHttpAuthenticationFilter {
|
||||
String authorization = httpServletRequest.getHeader("Authorization");
|
||||
// 当没有出现登录超时 且需要刷新token 则执行刷新token
|
||||
if (JWTUtils.loginExpire(authorization)){
|
||||
throw new AuthenticationException(expireMessage);
|
||||
throw new AuthenticationException(expireMessage);
|
||||
}
|
||||
if (JWTUtils.needRefresh(authorization)){
|
||||
String oldAuthorization = authorization;
|
||||
authorization = refreshToken(request, response);
|
||||
JWTUtils.removeTokenExpire(oldAuthorization);
|
||||
}
|
||||
// 删除老的操作时间
|
||||
JWTUtils.removeTokenExpire(authorization);
|
||||
// 设置新的操作时间
|
||||
JWTUtils.addTokenExpire(authorization);
|
||||
JWTToken token = new JWTToken(authorization);
|
||||
Subject subject = getSubject(request, response);
|
||||
// 提交给realm进行登入,如果错误他会抛出异常并被捕获
|
||||
subject.login(token);
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
@ -108,14 +97,8 @@ public class JWTFilter extends BasicHttpAuthenticationFilter {
|
||||
}
|
||||
String password = user.getPassword();
|
||||
|
||||
// 删除老token操作时间
|
||||
// JWTUtils.removeTokenExpire(token);
|
||||
String newToken = JWTUtils.sign(tokenInfo, password);
|
||||
// 记录新token操作时间
|
||||
// JWTUtils.addTokenExpire(newToken);
|
||||
|
||||
JWTToken jwtToken = new JWTToken(newToken);
|
||||
this.getSubject(request, response).login(jwtToken);
|
||||
// 设置响应的Header头新Token
|
||||
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
|
||||
httpServletResponse.addHeader("Access-Control-Expose-Headers", "RefreshAuthorization");
|
||||
|
||||
@ -14,16 +14,14 @@ import io.dataease.commons.utils.BeanUtils;
|
||||
import io.dataease.commons.utils.CodingUtil;
|
||||
import io.dataease.commons.utils.ServletUtils;
|
||||
|
||||
/*import io.dataease.plugins.config.SpringContextUtil;
|
||||
|
||||
import io.dataease.plugins.xpack.display.dto.response.SysSettingDto;
|
||||
import io.dataease.plugins.xpack.display.service.DisPlayXpackService;*/
|
||||
import io.dataease.i18n.Translator;
|
||||
import org.apache.commons.lang3.ObjectUtils;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.apache.shiro.SecurityUtils;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
@ -41,11 +39,11 @@ public class AuthServer implements AuthApi {
|
||||
String password = loginDto.getPassword();
|
||||
SysUserEntity user = authUserService.getUserByName(username);
|
||||
|
||||
if (ObjectUtils.isEmpty(user)){
|
||||
throw new RuntimeException("没有该用户!");
|
||||
if (ObjectUtils.isEmpty(user)) {
|
||||
throw new RuntimeException(Translator.get("i18n_id_or_pwd_error"));
|
||||
}
|
||||
if (user.getEnabled()==0){
|
||||
throw new RuntimeException("用户已经失效!");
|
||||
if (user.getEnabled() == 0) {
|
||||
throw new RuntimeException(Translator.get("i18n_id_or_pwd_error"));
|
||||
}
|
||||
String realPwd = user.getPassword();
|
||||
//私钥解密
|
||||
@ -53,14 +51,13 @@ public class AuthServer implements AuthApi {
|
||||
//md5加密
|
||||
pwd = CodingUtil.md5(pwd);
|
||||
|
||||
if (!StringUtils.equals(pwd, realPwd)){
|
||||
throw new RuntimeException("密码错误!");
|
||||
if (!StringUtils.equals(pwd, realPwd)) {
|
||||
throw new RuntimeException(Translator.get("i18n_id_or_pwd_error"));
|
||||
}
|
||||
Map<String,Object> result = new HashMap<>();
|
||||
TokenInfo tokenInfo = TokenInfo.builder().userId(user.getUserId()).username(username).lastLoginTime(System.currentTimeMillis()).build();
|
||||
Map<String, Object> result = new HashMap<>();
|
||||
TokenInfo tokenInfo = TokenInfo.builder().userId(user.getUserId()).username(username).build();
|
||||
String token = JWTUtils.sign(tokenInfo, realPwd);
|
||||
// 记录token操作时间
|
||||
JWTUtils.addTokenExpire(token);
|
||||
result.put("token", token);
|
||||
ServletUtils.setToken(token);
|
||||
return result;
|
||||
@ -68,7 +65,7 @@ public class AuthServer implements AuthApi {
|
||||
|
||||
@Override
|
||||
public CurrentUserDto userInfo() {
|
||||
CurrentUserDto userDto = (CurrentUserDto)SecurityUtils.getSubject().getPrincipal();
|
||||
CurrentUserDto userDto = (CurrentUserDto) SecurityUtils.getSubject().getPrincipal();
|
||||
if (ObjectUtils.isEmpty(userDto)) {
|
||||
String token = ServletUtils.getToken();
|
||||
Long userId = JWTUtils.tokenInfoByToken(token).getUserId();
|
||||
@ -84,7 +81,7 @@ public class AuthServer implements AuthApi {
|
||||
}
|
||||
|
||||
@Override
|
||||
public String logout(){
|
||||
public String logout() {
|
||||
String token = ServletUtils.getToken();
|
||||
Long userId = JWTUtils.tokenInfoByToken(token).getUserId();
|
||||
authUserService.clearCache(userId);
|
||||
@ -105,20 +102,5 @@ public class AuthServer implements AuthApi {
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String test() {
|
||||
SysUserEntity userById = authUserService.getUserById(4L);
|
||||
String nickName = userById.getNickName();
|
||||
// System.out.println(nickName);
|
||||
/* Map<String, DisPlayXpackService> beansOfType = SpringContextUtil.getApplicationContext().getBeansOfType(DisPlayXpackService.class);
|
||||
for (Map.Entry entry : beansOfType.entrySet()) {
|
||||
Object key = entry.getKey();
|
||||
DisPlayXpackService value = (DisPlayXpackService)entry.getValue();
|
||||
List<SysSettingDto> sysSettingDtos = value.systemSettings();
|
||||
|
||||
String name = entry.getValue().getClass().getName();
|
||||
System.out.println("key: "+ key + ", value: "+ name);
|
||||
}*/
|
||||
return "apple";
|
||||
}
|
||||
}
|
||||
|
||||
@ -11,8 +11,7 @@ import io.dataease.commons.utils.CommonBeanFactory;
|
||||
import org.apache.commons.lang3.ObjectUtils;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.apache.shiro.authc.AuthenticationException;
|
||||
import org.springframework.cache.Cache;
|
||||
import org.springframework.cache.CacheManager;
|
||||
|
||||
import org.springframework.core.env.Environment;
|
||||
|
||||
import java.util.Date;
|
||||
@ -38,17 +37,10 @@ public class JWTUtils {
|
||||
public static boolean verify(String token, TokenInfo tokenInfo, String secret) {
|
||||
Algorithm algorithm = Algorithm.HMAC256(secret);
|
||||
JWTVerifier verifier = JWT.require(algorithm)
|
||||
.withClaim("lastLoginTime", tokenInfo.getLastLoginTime())
|
||||
.withClaim("username", tokenInfo.getUsername())
|
||||
.withClaim("userId", tokenInfo.getUserId())
|
||||
.build();
|
||||
verifier.verify(token);
|
||||
if (loginExpire(token)){
|
||||
// 登录超时
|
||||
throw new AuthenticationException(JWTFilter.expireMessage);
|
||||
// 前端拦截 登录超时状态 直接logout
|
||||
//return false;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
@ -60,11 +52,10 @@ public class JWTUtils {
|
||||
DecodedJWT jwt = JWT.decode(token);
|
||||
String username = jwt.getClaim("username").asString();
|
||||
Long userId = jwt.getClaim("userId").asLong();
|
||||
Long lastLoginTime = jwt.getClaim("lastLoginTime").asLong();
|
||||
if (StringUtils.isEmpty(username) || ObjectUtils.isEmpty(userId) || ObjectUtils.isEmpty(lastLoginTime)){
|
||||
if (StringUtils.isEmpty(username) || ObjectUtils.isEmpty(userId) ){
|
||||
throw new RuntimeException("token格式错误!");
|
||||
}
|
||||
TokenInfo tokenInfo = TokenInfo.builder().username(username).userId(userId).lastLoginTime(lastLoginTime).build();
|
||||
TokenInfo tokenInfo = TokenInfo.builder().username(username).userId(userId).build();
|
||||
return tokenInfo;
|
||||
}
|
||||
|
||||
@ -84,24 +75,17 @@ public class JWTUtils {
|
||||
*/
|
||||
public static boolean loginExpire(String token){
|
||||
if (Login_Interval==0) {
|
||||
String property = CommonBeanFactory.getBean(Environment.class).getProperty("dataease.login_timeout");
|
||||
// 默认超时时间是8h
|
||||
int minute = StringUtils.isNotEmpty(property) ? Integer.parseInt(property): (8*60);
|
||||
int minute = CommonBeanFactory.getBean(Environment.class).getProperty("dataease.login_timeout", Integer.class, 8*60);
|
||||
// 分钟换算成毫秒
|
||||
Login_Interval = minute * 1000 * 60;
|
||||
}
|
||||
Long now = System.currentTimeMillis();
|
||||
Long lastOperateTime = tokenLastOperateTime(token);
|
||||
boolean isExpire = false;
|
||||
boolean isExpire = true;
|
||||
if (lastOperateTime != null) {
|
||||
Long now = System.currentTimeMillis();
|
||||
isExpire = now - lastOperateTime > Login_Interval;
|
||||
}
|
||||
if (isExpire) {
|
||||
// System.out.println("-----------------------");
|
||||
// System.out.println("-----上次操作时间是["+lastOperateTime+"]-----");
|
||||
// System.out.println("-----当前操作时间是["+now+"]-----");
|
||||
// System.out.println("-----------------------");
|
||||
}
|
||||
return isExpire;
|
||||
}
|
||||
|
||||
@ -127,10 +111,8 @@ public class JWTUtils {
|
||||
Algorithm algorithm = Algorithm.HMAC256(secret);
|
||||
// 附带username信息
|
||||
return JWT.create()
|
||||
.withClaim("lastLoginTime", tokenInfo.getLastLoginTime())
|
||||
.withClaim("username", tokenInfo.getUsername())
|
||||
.withClaim("userId", tokenInfo.getUserId())
|
||||
.withClaim("exp", date)
|
||||
.withExpiresAt(date)
|
||||
.sign(algorithm);
|
||||
} catch (Exception e) {
|
||||
@ -162,23 +144,9 @@ public class JWTUtils {
|
||||
* @return
|
||||
*/
|
||||
public static Long tokenLastOperateTime(String token){
|
||||
CacheManager cacheManager = CommonBeanFactory.getBean(CacheManager.class);
|
||||
Cache tokens_expire = cacheManager.getCache("tokens_expire");
|
||||
Long expTime = tokens_expire.get(token, Long.class);
|
||||
return expTime;
|
||||
}
|
||||
|
||||
public static void removeTokenExpire(String token){
|
||||
CacheManager cacheManager = CommonBeanFactory.getBean(CacheManager.class);
|
||||
Cache tokens_expire = cacheManager.getCache("tokens_expire");
|
||||
tokens_expire.evict(token);
|
||||
}
|
||||
|
||||
public static void addTokenExpire(String token){
|
||||
CacheManager cacheManager = CommonBeanFactory.getBean(CacheManager.class);
|
||||
Cache tokens_expire = cacheManager.getCache("tokens_expire");
|
||||
long now = System.currentTimeMillis();
|
||||
tokens_expire.put(token, now);
|
||||
DecodedJWT jwt = JWT.decode(token);
|
||||
Date expiresAt = jwt.getExpiresAt();
|
||||
return expiresAt.getTime();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -1,11 +1,9 @@
|
||||
package io.dataease.plugins.config;
|
||||
|
||||
import io.dataease.base.domain.MyPlugin;
|
||||
import io.dataease.commons.utils.DeFileUtils;
|
||||
import io.dataease.commons.utils.LogUtil;
|
||||
import io.dataease.controller.sys.base.BaseGridRequest;
|
||||
import io.dataease.service.sys.PluginService;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.boot.ApplicationArguments;
|
||||
@ -26,7 +24,7 @@ public class PluginRunner implements ApplicationRunner {
|
||||
|
||||
|
||||
@Override
|
||||
public void run(ApplicationArguments args) throws Exception {
|
||||
public void run(ApplicationArguments args) {
|
||||
// 执行加载插件逻辑
|
||||
BaseGridRequest request = new BaseGridRequest();
|
||||
List<MyPlugin> plugins = pluginService.query(request);
|
||||
@ -45,17 +43,14 @@ public class PluginRunner implements ApplicationRunner {
|
||||
if (jarFile.exists()) {
|
||||
pluginService.loadJar(jarPath, plugin);
|
||||
}else {
|
||||
LogUtil.error("插件错误");
|
||||
LogUtil.error("插件路径不存在 {} ", jarPath);
|
||||
}
|
||||
} catch (Exception e) {
|
||||
e.printStackTrace();
|
||||
LogUtil.error(e);
|
||||
//e.printStackTrace();
|
||||
}
|
||||
});
|
||||
|
||||
}
|
||||
|
||||
private boolean isPluginJar(File file) {
|
||||
String name = file.getName();
|
||||
return StringUtils.equals(DeFileUtils.getExtensionName(name), "jar");
|
||||
}
|
||||
}
|
||||
|
||||
@ -69,16 +69,5 @@
|
||||
memoryStoreEvictionPolicy="LRU"
|
||||
/>
|
||||
|
||||
<cache
|
||||
name="tokens_expire"
|
||||
eternal="false"
|
||||
maxElementsInMemory="100"
|
||||
maxElementsOnDisk="1000"
|
||||
overflowToDisk="true"
|
||||
diskPersistent="true"
|
||||
timeToIdleSeconds="1800"
|
||||
timeToLiveSeconds="3600"
|
||||
memoryStoreEvictionPolicy="LRU"
|
||||
/>
|
||||
|
||||
</ehcache>
|
||||
@ -246,4 +246,5 @@ i18n_sync_job_exists=There is already a synchronization task running, please try
|
||||
i18n_datasource_check_fail=Invalid,please check config
|
||||
i18n_not_find_user=Can not find user.
|
||||
i18n_sql_not_empty=SQL can not be empty.
|
||||
i18n_task_name_repeat=Name is used in same data set
|
||||
i18n_task_name_repeat=Name is used in same data set
|
||||
i18n_id_or_pwd_error=Invalid ID or password
|
||||
@ -248,4 +248,5 @@ i18n_sync_job_exists=已经有同步任务在运行,稍后重试
|
||||
i18n_datasource_check_fail=校验失败,请检查配置信息
|
||||
i18n_not_find_user=未找到用户
|
||||
i18n_sql_not_empty=SQL 不能为空
|
||||
i18n_task_name_repeat=同一数据集下任务名称已被使用
|
||||
i18n_task_name_repeat=同一数据集下任务名称已被使用
|
||||
i18n_id_or_pwd_error=无效的ID或密码
|
||||
@ -248,4 +248,5 @@ i18n_sync_job_exists=已經有同步任務在運行,稍後重試
|
||||
i18n_datasource_check_fail=校驗失敗,請檢查配置信息
|
||||
i18n_not_find_user=未找到用戶
|
||||
i18n_sql_not_empty=SQL 不能為空
|
||||
i18n_task_name_repeat=同一數據集下任務名稱已被使用
|
||||
i18n_task_name_repeat=同一數據集下任務名稱已被使用
|
||||
i18n_id_or_pwd_error=無效的ID或密碼
|
||||
@ -69,13 +69,17 @@ export default {
|
||||
changeValue(value) {
|
||||
this.setCondition()
|
||||
// this.inDraw && this.$emit('set-condition-value', { component: this.element, value: [value], operator: this.operator })
|
||||
this.showNumber = false
|
||||
this.$nextTick(() => {
|
||||
if (!this.$refs.deSelect.$refs.tags || !this.options.attrs.multiple) {
|
||||
return
|
||||
}
|
||||
const kids = this.$refs.deSelect.$refs.tags.children[0].children
|
||||
let contentWidth = 0
|
||||
kids.forEach(kid => {
|
||||
contentWidth += kid.offsetWidth
|
||||
})
|
||||
this.showNumber = contentWidth > (this.$refs.deSelect.$refs.tags.clientWidth * 0.7)
|
||||
this.showNumber = contentWidth > (this.$refs.deSelect.$refs.tags.clientWidth * 0.9)
|
||||
})
|
||||
},
|
||||
|
||||
|
||||
@ -283,7 +283,9 @@ export default {
|
||||
},
|
||||
datasource: 'Datasource',
|
||||
char_can_not_more_50: 'Can not more 50 char',
|
||||
share_success: 'Share Success'
|
||||
share_success: 'Share Success',
|
||||
input_id: 'Please input ID',
|
||||
input_pwd: 'Please input password'
|
||||
},
|
||||
documentation: {
|
||||
documentation: 'Documentation',
|
||||
|
||||
@ -283,7 +283,9 @@ export default {
|
||||
},
|
||||
datasource: '數據源',
|
||||
char_can_not_more_50: '不能超過50字符',
|
||||
share_success: '分享成功'
|
||||
share_success: '分享成功',
|
||||
input_id: '請輸入ID',
|
||||
input_pwd: '請輸入密碼'
|
||||
},
|
||||
documentation: {
|
||||
documentation: '文檔',
|
||||
|
||||
@ -283,7 +283,9 @@ export default {
|
||||
},
|
||||
datasource: '数据源',
|
||||
char_can_not_more_50: '不能超过50字符',
|
||||
share_success: '分享成功'
|
||||
share_success: '分享成功',
|
||||
input_id: '请输入ID',
|
||||
input_pwd: '请输入密码'
|
||||
},
|
||||
documentation: {
|
||||
documentation: '文档',
|
||||
|
||||
@ -49,43 +49,43 @@
|
||||
<script>
|
||||
|
||||
import { encrypt } from '@/utils/rsaEncrypt'
|
||||
import { validateUserName } from '@/api/user'
|
||||
// import { validateUserName } from '@/api/user'
|
||||
import { getSysUI } from '@/utils/auth'
|
||||
export default {
|
||||
name: 'Login',
|
||||
data() {
|
||||
const validateUsername = (rule, value, callback) => {
|
||||
const userName = value.trim()
|
||||
validateUserName({ userName: userName }).then(res => {
|
||||
if (res.data) {
|
||||
callback()
|
||||
} else {
|
||||
callback(this.$t('login.username_error'))
|
||||
}
|
||||
}).catch(() => {
|
||||
callback(this.$t('login.username_error'))
|
||||
})
|
||||
// if (!validUsername(value)) {
|
||||
// callback(new Error('Please enter the correct user name'))
|
||||
// const validateUsername = (rule, value, callback) => {
|
||||
// const userName = value.trim()
|
||||
// validateUserName({ userName: userName }).then(res => {
|
||||
// if (res.data) {
|
||||
// callback()
|
||||
// } else {
|
||||
// callback(this.$t('login.username_error'))
|
||||
// }
|
||||
// }).catch(() => {
|
||||
// callback(this.$t('login.username_error'))
|
||||
// })
|
||||
// // if (!validUsername(value)) {
|
||||
// // callback(new Error('Please enter the correct user name'))
|
||||
// // } else {
|
||||
// // callback()
|
||||
// // }
|
||||
// }
|
||||
// const validatePassword = (rule, value, callback) => {
|
||||
// if (value.length < 8) {
|
||||
// callback(this.$t('login.password_error'))
|
||||
// } else {
|
||||
// callback()
|
||||
// }
|
||||
}
|
||||
const validatePassword = (rule, value, callback) => {
|
||||
if (value.length < 8) {
|
||||
callback(this.$t('login.password_error'))
|
||||
} else {
|
||||
callback()
|
||||
}
|
||||
}
|
||||
// }
|
||||
return {
|
||||
loginForm: {
|
||||
username: '',
|
||||
password: ''
|
||||
},
|
||||
loginRules: {
|
||||
username: [{ required: true, trigger: 'blur', validator: validateUsername }],
|
||||
password: [{ required: true, trigger: 'blur', validator: validatePassword }]
|
||||
username: [{ required: true, trigger: 'blur', message: this.$t('commons.input_id') }],
|
||||
password: [{ required: true, trigger: 'blur', message: this.$t('commons.input_pwd') }]
|
||||
},
|
||||
loading: false,
|
||||
passwordType: 'password',
|
||||
|
||||
Loading…
Reference in New Issue
Block a user