潘钊 / bsth_control · Commits

Commit 48fec9d4545854c24cb335e46d92e79636e46ef4

Authored by 王通
1 parent 73715d80
build: skipped

1.实名制和统一平台登录功能

Inline Side-by-side
Showing 16 changed files with 635 additions and 171 deletions
src/main/java/com/bsth/common/Constants.java
  View file @48fec9d
@@ -14,7 +14,8 @@ public class Constants { @@ -14,7 +14,8 @@ public class Constants {
14 * 不需要拦截的资源 14 * 不需要拦截的资源
15 */ 15 */
16 public static final String LOGIN = "/user/login/**"; 16 public static final String LOGIN = "/user/login/**";
17 - public static final String LOGIN_PAGE = "/login.html"; 17 + public static final String ORIGINAL_LOGIN_PAGE = "/login.html";
  18 + public static String LOGIN_PAGE = "/login.html";
18 public static final String ASSETS_URL = "/assets/**"; 19 public static final String ASSETS_URL = "/assets/**";
19 public static final String FAVICON_URL = "/favicon.ico"; 20 public static final String FAVICON_URL = "/favicon.ico";
20 public static final String METRONIC_URL = "/metronic_v4.5.4/**"; 21 public static final String METRONIC_URL = "/metronic_v4.5.4/**";
@@ -63,4 +64,6 @@ public class Constants { @@ -63,4 +64,6 @@ public class Constants {
63 public static final String WEAK_CIPHER = "weakCipher"; 64 public static final String WEAK_CIPHER = "weakCipher";
64 65
65 public static final String FILE_AUTH = "/.well-known/pki-validation/fileauth.txt"; 66 public static final String FILE_AUTH = "/.well-known/pki-validation/fileauth.txt";
  67 +
  68 + public static final String SSO_TOKEN = "ssoToken";
66 } 69 }
src/main/java/com/bsth/controller/IndexController.java
  View file @48fec9d
1 -package com.bsth.controller;  
2 -  
3 -import java.io.BufferedInputStream;  
4 -import java.io.IOException;  
5 -import java.io.InputStream;  
6 -  
7 -import javax.servlet.http.HttpServletResponse;  
8 -  
9 -import org.apache.commons.lang3.StringUtils;  
10 -import org.slf4j.Logger;  
11 -import org.slf4j.LoggerFactory;  
12 -import org.springframework.web.bind.annotation.RequestMapping;  
13 -import org.springframework.web.bind.annotation.RestController;  
14 -  
15 -@RestController  
16 -@RequestMapping("/")  
17 -public class IndexController {  
18 -  
19 - Logger logger = LoggerFactory.getLogger(this.getClass());  
20 -  
21 - String indexSource;  
22 -  
23 - /**  
24 - * 构造函数  
25 - */  
26 - public IndexController() {  
27 - BufferedInputStream bis = null;  
28 -  
29 - try {  
30 - InputStream is = IndexController.class.getClassLoader().getResourceAsStream("static/index.html");  
31 - bis = new BufferedInputStream(is);  
32 - StringBuilder source = new StringBuilder();  
33 - byte[] buffer = new byte[bis.available()];  
34 -  
35 - while (bis.read(buffer) != -1) {  
36 - source.append(new String(buffer));  
37 - }  
38 -  
39 - indexSource = source.toString();  
40 - } catch (Exception e) {  
41 - logger.error("", e);  
42 - } finally {  
43 - try {  
44 - bis.close();  
45 - } catch (IOException e) {  
46 - logger.error("", e);  
47 - }  
48 - }  
49 - }  
50 -  
51 - /**  
52 - *  
53 - * @Title: index  
54 - * @Description: TODO(输出首页 index.html)  
55 - */  
56 - @RequestMapping  
57 - public void index(String initFragment, HttpServletResponse resp) {  
58 -  
59 - // 初始打开的片段地址  
60 - String outStr = StringUtils.replace(indexSource, "^_^initFragment^_^",  
61 - initFragment == null ? "" : initFragment);  
62 -  
63 - resp.setContentType("text/html;charset=UTF-8");  
64 - try {  
65 - resp.getOutputStream().write(outStr.getBytes());  
66 - } catch (IOException e) {  
67 - logger.error("", e);  
68 - }  
69 -  
70 - }  
71 -} 1 +package com.bsth.controller;
  2 +
  3 +import java.io.BufferedInputStream;
  4 +import java.io.IOException;
  5 +import java.io.InputStream;
  6 +
  7 +import javax.servlet.http.HttpServletResponse;
  8 +
  9 +import org.apache.commons.lang3.StringUtils;
  10 +import org.slf4j.Logger;
  11 +import org.slf4j.LoggerFactory;
  12 +import org.springframework.web.bind.annotation.RequestMapping;
  13 +import org.springframework.web.bind.annotation.RequestMethod;
  14 +import org.springframework.web.bind.annotation.RestController;
  15 +
  16 +@RestController
  17 +@RequestMapping("/")
  18 +public class IndexController {
  19 +
  20 + Logger logger = LoggerFactory.getLogger(this.getClass());
  21 +
  22 + String indexSource;
  23 +
  24 + /**
  25 + * 构造函数
  26 + */
  27 + public IndexController() {
  28 + load();
  29 + }
  30 +
  31 + /**
  32 + *
  33 + * @Title: index
  34 + * @Description: TODO(输出首页 index.html)
  35 + */
  36 + @RequestMapping
  37 + public void index(String initFragment, HttpServletResponse resp) {
  38 +
  39 + // 初始打开的片段地址
  40 + String outStr = StringUtils.replace(indexSource, "^_^initFragment^_^",
  41 + initFragment == null ? "" : initFragment);
  42 +
  43 + resp.setContentType("text/html;charset=UTF-8");
  44 + try {
  45 + resp.getOutputStream().write(outStr.getBytes());
  46 + } catch (IOException e) {
  47 + logger.error("", e);
  48 + }
  49 +
  50 + }
  51 +
  52 + @RequestMapping(value = "/index/load", method = RequestMethod.GET)
  53 + public void load() {
  54 + BufferedInputStream bis = null;
  55 +
  56 + try {
  57 + InputStream is = IndexController.class.getClassLoader().getResourceAsStream("static/index.html");
  58 + bis = new BufferedInputStream(is);
  59 + StringBuilder source = new StringBuilder();
  60 + byte[] buffer = new byte[bis.available()];
  61 +
  62 + while (bis.read(buffer) != -1) {
  63 + source.append(new String(buffer));
  64 + }
  65 +
  66 + indexSource = source.toString();
  67 + } catch (Exception e) {
  68 + logger.error("", e);
  69 + } finally {
  70 + try {
  71 + bis.close();
  72 + } catch (IOException e) {
  73 + logger.error("", e);
  74 + }
  75 + }
  76 + }
  77 +}
src/main/java/com/bsth/controller/realcontrol/AdminUtilsController.java
  View file @48fec9d
@@ -7,6 +7,7 @@ import java.util.*; @@ -7,6 +7,7 @@ import java.util.*;
7 7
8 import com.bsth.common.Setting; 8 import com.bsth.common.Setting;
9 import com.bsth.data.BasicData; 9 import com.bsth.data.BasicData;
  10 +import com.bsth.security.SsoConfig;
10 import com.bsth.service.schedule.utils.SpringUtils; 11 import com.bsth.service.schedule.utils.SpringUtils;
11 import com.bsth.util.MailUtils; 12 import com.bsth.util.MailUtils;
12 import com.fasterxml.jackson.core.JsonProcessingException; 13 import com.fasterxml.jackson.core.JsonProcessingException;
@@ -65,13 +66,16 @@ public class AdminUtilsController { @@ -65,13 +66,16 @@ public class AdminUtilsController {
65 PilotReport pilotReport; 66 PilotReport pilotReport;
66 67
67 @Autowired 68 @Autowired
68 - MailUtils mailUtils; 69 + private MailUtils mailUtils;
69 70
70 @Autowired 71 @Autowired
71 - BasicData.BasicDataLoader basicDataLoader; 72 + private BasicData.BasicDataLoader basicDataLoader;
72 73
73 @Autowired 74 @Autowired
74 - Setting setting; 75 + private Setting setting;
  76 +
  77 + @Autowired
  78 + private SsoConfig ssoConfig;
75 79
76 /** 80 /**
77 * 出现重复班次的车辆 81 * 出现重复班次的车辆
@@ -326,4 +330,17 @@ public class AdminUtilsController { @@ -326,4 +330,17 @@ public class AdminUtilsController {
326 330
327 return "error"; 331 return "error";
328 } 332 }
  333 +
  334 + @RequestMapping("/ssoEnabledSwitch")
  335 + public String ssoEnabledSwitch(boolean ssoEnabled) {
  336 + Map<String, Object> result = new HashMap<>();
  337 + try {
  338 + ssoConfig.setSsoEnabled(ssoEnabled);
  339 + return "success";
  340 + } catch (Exception e) {
  341 + e.printStackTrace();
  342 + }
  343 +
  344 + return "error";
  345 + }
329 } 346 }
330 \ No newline at end of file 347 \ No newline at end of file
src/main/java/com/bsth/controller/sys/UserController.java
  View file @48fec9d
@@ -9,25 +9,32 @@ import com.bsth.email.entity.EmailBean; @@ -9,25 +9,32 @@ import com.bsth.email.entity.EmailBean;
9 import com.bsth.entity.sys.CompanyAuthority; 9 import com.bsth.entity.sys.CompanyAuthority;
10 import com.bsth.entity.sys.Role; 10 import com.bsth.entity.sys.Role;
11 import com.bsth.entity.sys.SysUser; 11 import com.bsth.entity.sys.SysUser;
  12 +import com.bsth.security.SsoConfig;
12 import com.bsth.security.util.SecurityUtils; 13 import com.bsth.security.util.SecurityUtils;
13 import com.bsth.service.sys.CompanyAuthorityService; 14 import com.bsth.service.sys.CompanyAuthorityService;
14 import com.bsth.service.sys.SysUserService; 15 import com.bsth.service.sys.SysUserService;
15 import com.bsth.service.sys.impl.PwdGenerator; 16 import com.bsth.service.sys.impl.PwdGenerator;
  17 +import com.bsth.util.HttpClientUtils;
16 import com.bsth.util.IpUtils; 18 import com.bsth.util.IpUtils;
  19 +import com.fasterxml.jackson.core.JsonProcessingException;
  20 +import com.fasterxml.jackson.databind.ObjectMapper;
17 import com.google.common.collect.ArrayListMultimap; 21 import com.google.common.collect.ArrayListMultimap;
18 import org.apache.commons.lang3.StringUtils; 22 import org.apache.commons.lang3.StringUtils;
19 import org.slf4j.Logger; 23 import org.slf4j.Logger;
20 import org.slf4j.LoggerFactory; 24 import org.slf4j.LoggerFactory;
21 import org.springframework.beans.factory.annotation.Autowired; 25 import org.springframework.beans.factory.annotation.Autowired;
  26 +import org.springframework.beans.factory.annotation.Value;
22 import org.springframework.security.authentication.BadCredentialsException; 27 import org.springframework.security.authentication.BadCredentialsException;
23 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; 28 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
24 import org.springframework.security.web.authentication.session.SessionAuthenticationException; 29 import org.springframework.security.web.authentication.session.SessionAuthenticationException;
  30 +import org.springframework.util.Assert;
25 import org.springframework.web.bind.annotation.RequestMapping; 31 import org.springframework.web.bind.annotation.RequestMapping;
26 import org.springframework.web.bind.annotation.RequestMethod; 32 import org.springframework.web.bind.annotation.RequestMethod;
27 import org.springframework.web.bind.annotation.RequestParam; 33 import org.springframework.web.bind.annotation.RequestParam;
28 import org.springframework.web.bind.annotation.RestController; 34 import org.springframework.web.bind.annotation.RestController;
29 35
30 import javax.servlet.http.HttpServletRequest; 36 import javax.servlet.http.HttpServletRequest;
  37 +import javax.servlet.http.HttpServletResponse;
31 import javax.servlet.http.HttpSession; 38 import javax.servlet.http.HttpSession;
32 import java.util.*; 39 import java.util.*;
33 import java.util.regex.Matcher; 40 import java.util.regex.Matcher;
@@ -45,6 +52,11 @@ public class UserController extends BaseController&lt;SysUser, Integer&gt; { @@ -45,6 +52,11 @@ public class UserController extends BaseController&lt;SysUser, Integer&gt; {
45 @Autowired 52 @Autowired
46 CompanyAuthorityService companyAuthorityService; 53 CompanyAuthorityService companyAuthorityService;
47 54
  55 + private ObjectMapper mapper = new ObjectMapper();
  56 +
  57 + @Autowired
  58 + private SsoConfig ssoConfig;
  59 +
48 private Pattern pattern = Pattern.compile("^(?=.*[a-z])(?=.*[A-Z])(?=.*\\d)(?=.*?[#?!@$%^&*-.]).{8,16}$"); 60 private Pattern pattern = Pattern.compile("^(?=.*[a-z])(?=.*[A-Z])(?=.*\\d)(?=.*?[#?!@$%^&*-.]).{8,16}$");
49 61
50 @RequestMapping(value = "/login/jCryptionKey") 62 @RequestMapping(value = "/login/jCryptionKey")
@@ -65,6 +77,66 @@ public class UserController extends BaseController&lt;SysUser, Integer&gt; { @@ -65,6 +77,66 @@ public class UserController extends BaseController&lt;SysUser, Integer&gt; {
65 public static Map<String, Integer> USER_ERRTIMES = new HashMap<>(); 77 public static Map<String, Integer> USER_ERRTIMES = new HashMap<>();
66 public static Map<String, Long> USER_LOCKTIME = new HashMap<>(); 78 public static Map<String, Long> USER_LOCKTIME = new HashMap<>();
67 79
  80 + @RequestMapping(value = "/login/token")
  81 + public void login(@RequestParam String token, @RequestParam String account, @RequestParam Long time, HttpServletRequest request, HttpServletResponse response) throws Exception {
  82 + response.addHeader("Content-Type", "text/html;charset=UTF-8");
  83 + if (!ssoConfig.isSsoEnabled()) {
  84 + response.getWriter().write("系统未开启统一登录配置,请联系管理员");
  85 + return;
  86 + }
  87 + if (token == null || account == null || time == null) {
  88 + throw new IllegalArgumentException("请检查参数");
  89 + }
  90 +
  91 + Map<String, Object> param = new HashMap<>(), user = new HashMap<>();
  92 + param.put("token", token);
  93 + param.put("systemCode", ssoConfig.getSystemCode());
  94 + StringBuilder sb = HttpClientUtils.post(ssoConfig.getSsoAuthUrl(), mapper.writeValueAsString(param));
  95 +
  96 + Assert.notNull(sb, "统一登录平台验证数据不为空");
  97 + param = mapper.readValue(mapper.writeValueAsString(mapper.readValue(sb.toString(), Map.class).get("data")), Map.class);
  98 + String jobCode = (String) param.get("account"), realName = (String) param.get("userName");
  99 + if (!account.equals(jobCode)) {
  100 + response.getWriter().write("token与用户不匹配");
  101 + return;
  102 + }
  103 +
  104 + if (jobCode == null || realName == null) {
  105 + response.getWriter().write("token数据异常");
  106 + return;
  107 + }
  108 +
  109 + user.put("jobCode_eq", jobCode);
  110 + user.put("realName_eq", realName);
  111 + user.put("enabled", true);
  112 +
  113 + Iterator<SysUser> userIterator = sysUserService.list(user).iterator();
  114 + SysUser sysUser = null;
  115 + while (userIterator.hasNext()) {
  116 + sysUser = userIterator.next();
  117 + break;
  118 + }
  119 +
  120 + if (sysUser != null) {
  121 + HttpSession session = request.getSession();
  122 + // 登录
  123 + SecurityUtils.login(sysUser, request);
  124 + sysUserService.recordLoginDate(sysUser.getUserName());
  125 + //session里写入用户名,webSocket连接时标识身份用
  126 + session.setAttribute(Constants.SSO_TOKEN, token);
  127 + session.setAttribute(Constants.SESSION_USERNAME, sysUser.getUserName());
  128 + //获取公司权限数据
  129 + List<CompanyAuthority> cmyAuths = companyAuthorityService.findByUser(sysUser);
  130 + session.setAttribute(Constants.COMPANY_AUTHORITYS, cmyAuths);
  131 +
  132 + USER_ERRTIMES.remove(sysUser.getUserName());
  133 + logger.error(String.format("用户: %s登录, token: %s",sysUser.getUserName(), token));
  134 + response.sendRedirect("/pages/home.html");
  135 + } else {
  136 + response.getWriter().write("未找到有效的用户,请联系管理员");
  137 + }
  138 + }
  139 +
68 @RequestMapping(value = "/login", method = RequestMethod.POST) 140 @RequestMapping(value = "/login", method = RequestMethod.POST)
69 public Map<String, Object> login(HttpServletRequest request, @RequestParam String userName, 141 public Map<String, Object> login(HttpServletRequest request, @RequestParam String userName,
70 @RequestParam String password, String captcha) { 142 @RequestParam String password, String captcha) {
@@ -372,7 +444,7 @@ public class UserController extends BaseController&lt;SysUser, Integer&gt; { @@ -372,7 +444,7 @@ public class UserController extends BaseController&lt;SysUser, Integer&gt; {
372 } 444 }
373 445
374 /** 446 /**
375 - * 解除临时锁定 447 + * 弱密码
376 * @param request 448 * @param request
377 * @return 449 * @return
378 */ 450 */
@@ -385,4 +457,65 @@ public class UserController extends BaseController&lt;SysUser, Integer&gt; { @@ -385,4 +457,65 @@ public class UserController extends BaseController&lt;SysUser, Integer&gt; {
385 return result; 457 return result;
386 } 458 }
387 459
  460 + /**
  461 + * 弱密码
  462 + * @return
  463 + */
  464 + @RequestMapping(value = "/isRealName", method = RequestMethod.POST)
  465 + public Map<String, Object> hasJobCode() {
  466 + Map<String, Object> result = new HashMap<>();
  467 + SysUser user = SecurityUtils.getCurrentUser();
  468 + result.put("status", ResponseCode.SUCCESS);
  469 + result.put("data", (StringUtils.isBlank(user.getJobCode()) || StringUtils.isBlank(user.getRealName())) ? 0 : 1);
  470 +
  471 + return result;
  472 + }
  473 +
  474 + // 重置密码
  475 + @RequestMapping(value = "/realName", method = RequestMethod.POST)
  476 + public Map<String, Object> setJobCode(@RequestParam String jobCode, @RequestParam String realName) throws Exception {
  477 + Map<String, Object> data = new HashMap<>(), result = new HashMap<>();
  478 + result.put("status", ResponseCode.ERROR);
  479 + result.put("data", "设置成功");
  480 +
  481 + if (jobCode == null || realName == null) {
  482 + result.put("data", "你跳过验证了是吧");
  483 + return result;
  484 + }
  485 + data.put("account", jobCode);
  486 + data.put("pageSize", 2);
  487 + data.put("pageNum", 1);
  488 + StringBuilder stringBuilder = HttpClientUtils.post("https://112.64.45.51/businessCenter/userInfo/queryUserList", mapper.writeValueAsString(data));
  489 + if (stringBuilder == null) {
  490 + result.put("data", "统一平台验证失败1");
  491 + return result;
  492 + } else {
  493 + List<Map<String, Object>> maps = mapper.readValue(mapper.writeValueAsString(((Map) mapper.readValue(stringBuilder.toString(), Map.class).get("data")).get("list")), mapper.getTypeFactory().constructParametricType(List.class, Map.class));
  494 + if (maps.size() == 0) {
  495 + result.put("data", "统一平台验证失败2");
  496 + return result;
  497 + } else {
  498 + boolean isAuth = false;
  499 + for (Map<String, Object> map : maps) {
  500 + if (realName.equals(map.get("name"))) {
  501 + isAuth = true;
  502 + break;
  503 + }
  504 + }
  505 + if (!isAuth) {
  506 + result.put("data", "统一平台验证失败3");
  507 + return result;
  508 + }
  509 + }
  510 + }
  511 +
  512 + SysUser user = SecurityUtils.getCurrentUser();
  513 + sysUserService.realName(jobCode, realName, user.getId());
  514 + user.setJobCode(jobCode);
  515 + user.setRealName(realName);
  516 +
  517 + result.put("status", ResponseCode.SUCCESS);
  518 + return result;
  519 + }
  520 +
388 } 521 }
src/main/java/com/bsth/entity/sys/SecurityUser.java
  View file @48fec9d
1 -package com.bsth.entity.sys;  
2 -  
3 -import java.util.ArrayList;  
4 -import java.util.Collection;  
5 -import java.util.Set;  
6 -  
7 -import org.springframework.security.core.GrantedAuthority;  
8 -import org.springframework.security.core.authority.SimpleGrantedAuthority;  
9 -import org.springframework.security.core.userdetails.UserDetails;  
10 -  
11 -public class SecurityUser extends SysUser implements UserDetails {  
12 -  
13 - private static final long serialVersionUID = 1L;  
14 -  
15 - public SecurityUser(SysUser user) {  
16 - if (null != user) {  
17 - this.setId(user.getId());  
18 - this.setUserName(user.getUserName());  
19 - this.setName(user.getName());  
20 - this.setPassword(user.getPassword());  
21 - this.setAgencies(user.getAgencies());  
22 - this.setRoles(user.getRoles());  
23 - this.setEnabled(user.isEnabled());  
24 - }  
25 - }  
26 -  
27 - @Override  
28 - public Collection<? extends GrantedAuthority> getAuthorities() {  
29 - Collection<GrantedAuthority> authorities = new ArrayList<>();  
30 - Set<Role> userRoles = this.getRoles();  
31 -  
32 - if (userRoles != null) {  
33 - for (Role role : userRoles) {  
34 - SimpleGrantedAuthority authority = new SimpleGrantedAuthority(  
35 - role.getCodeName());  
36 - authorities.add(authority);  
37 - }  
38 - }  
39 - return authorities;  
40 - }  
41 -  
42 - @Override  
43 - public String getPassword() {  
44 - return super.getPassword();  
45 - }  
46 -  
47 - @Override  
48 - public boolean isAccountNonExpired() {  
49 - return true;  
50 - }  
51 -  
52 - @Override  
53 - public boolean isAccountNonLocked() {  
54 - return true;  
55 - }  
56 -  
57 - @Override  
58 - public boolean isCredentialsNonExpired() {  
59 - return true;  
60 - }  
61 -  
62 - @Override  
63 - public String getUsername() {  
64 - return super.getUserName();  
65 - }  
66 -  
67 - @Override  
68 - public boolean equals(Object obj) {  
69 - return this.getUserName().equals(((SysUser)obj).getUserName());  
70 - }  
71 -  
72 - @Override  
73 - public int hashCode() {  
74 - return this.getId() + this.getUserName().hashCode();  
75 - }  
76 -} 1 +package com.bsth.entity.sys;
  2 +
  3 +import java.util.ArrayList;
  4 +import java.util.Collection;
  5 +import java.util.Set;
  6 +
  7 +import org.springframework.security.core.GrantedAuthority;
  8 +import org.springframework.security.core.authority.SimpleGrantedAuthority;
  9 +import org.springframework.security.core.userdetails.UserDetails;
  10 +
  11 +public class SecurityUser extends SysUser implements UserDetails {
  12 +
  13 + private static final long serialVersionUID = 1L;
  14 +
  15 + public SecurityUser(SysUser user) {
  16 + if (null != user) {
  17 + this.setId(user.getId());
  18 + this.setUserName(user.getUserName());
  19 + this.setName(user.getName());
  20 + this.setPassword(user.getPassword());
  21 + this.setAgencies(user.getAgencies());
  22 + this.setRoles(user.getRoles());
  23 + this.setEnabled(user.isEnabled());
  24 + this.setJobCode(user.getJobCode());
  25 + this.setRealName(user.getRealName());
  26 + }
  27 + }
  28 +
  29 + @Override
  30 + public Collection<? extends GrantedAuthority> getAuthorities() {
  31 + Collection<GrantedAuthority> authorities = new ArrayList<>();
  32 + Set<Role> userRoles = this.getRoles();
  33 +
  34 + if (userRoles != null) {
  35 + for (Role role : userRoles) {
  36 + SimpleGrantedAuthority authority = new SimpleGrantedAuthority(
  37 + role.getCodeName());
  38 + authorities.add(authority);
  39 + }
  40 + }
  41 + return authorities;
  42 + }
  43 +
  44 + @Override
  45 + public String getPassword() {
  46 + return super.getPassword();
  47 + }
  48 +
  49 + @Override
  50 + public boolean isAccountNonExpired() {
  51 + return true;
  52 + }
  53 +
  54 + @Override
  55 + public boolean isAccountNonLocked() {
  56 + return true;
  57 + }
  58 +
  59 + @Override
  60 + public boolean isCredentialsNonExpired() {
  61 + return true;
  62 + }
  63 +
  64 + @Override
  65 + public String getUsername() {
  66 + return super.getUserName();
  67 + }
  68 +
  69 + @Override
  70 + public boolean equals(Object obj) {
  71 + return this.getUserName().equals(((SysUser)obj).getUserName());
  72 + }
  73 +
  74 + @Override
  75 + public int hashCode() {
  76 + return this.getId() + this.getUserName().hashCode();
  77 + }
  78 +}
src/main/java/com/bsth/entity/sys/SysUser.java
  View file @48fec9d
@@ -44,7 +44,10 @@ public class SysUser implements Serializable { @@ -44,7 +44,10 @@ public class SysUser implements Serializable {
44 44
45 @ManyToMany(fetch = FetchType.EAGER) 45 @ManyToMany(fetch = FetchType.EAGER)
46 private Set<Role> roles = new LinkedHashSet<>(); 46 private Set<Role> roles = new LinkedHashSet<>();
47 - 47 +
  48 + private String jobCode;
  49 +
  50 + private String realName;
48 51
49 public Integer getId() { 52 public Integer getId() {
50 return id; 53 return id;
@@ -125,4 +128,20 @@ public class SysUser implements Serializable { @@ -125,4 +128,20 @@ public class SysUser implements Serializable {
125 public void setRoles(Set<Role> roles) { 128 public void setRoles(Set<Role> roles) {
126 this.roles = roles; 129 this.roles = roles;
127 } 130 }
  131 +
  132 + public String getJobCode() {
  133 + return jobCode;
  134 + }
  135 +
  136 + public void setJobCode(String jobCode) {
  137 + this.jobCode = jobCode;
  138 + }
  139 +
  140 + public String getRealName() {
  141 + return realName;
  142 + }
  143 +
  144 + public void setRealName(String realName) {
  145 + this.realName = realName;
  146 + }
128 } 147 }
src/main/java/com/bsth/repository/sys/SysUserRepository.java
  View file @48fec9d
@@ -30,6 +30,10 @@ public interface SysUserRepository extends BaseRepository&lt;SysUser, Integer&gt;{ @@ -30,6 +30,10 @@ public interface SysUserRepository extends BaseRepository&lt;SysUser, Integer&gt;{
30 List<SysUser> findAll_distinct(); 30 List<SysUser> findAll_distinct();
31 31
32 @Modifying 32 @Modifying
33 - @Query(value="update bsth_c_sys_user set last_login_date=now() where user_name=?1",nativeQuery=true) 33 + @Query(value="update bsth_c_sys_user set last_login_date=now() where user_name = ?1",nativeQuery=true)
34 void recordLoginDate(String userName); 34 void recordLoginDate(String userName);
  35 +
  36 + @Modifying
  37 + @Query(value="update bsth_c_sys_user set job_code = ?1, real_name = ?2 where id = ?3",nativeQuery=true)
  38 + void realName(String jobCode, String realName, int id);
35 } 39 }
src/main/java/com/bsth/security/SsoConfig.java 0 → 100644
  View file @48fec9d
  1 +package com.bsth.security;
  2 +
  3 +import com.bsth.common.Constants;
  4 +import org.springframework.beans.factory.annotation.Value;
  5 +import org.springframework.stereotype.Component;
  6 +
  7 +/**
  8 + * sso登录相关配置信息
  9 + * @author Hill
  10 + */
  11 +@Component
  12 +public class SsoConfig {
  13 +
  14 + /**
  15 + * 是否开启sso登录
  16 + */
  17 + private boolean ssoEnabled;
  18 +
  19 + /**
  20 + * 本系统在统一平台的系统代码
  21 + */
  22 + private String systemCode;
  23 +
  24 + /**
  25 + * sso登录请求地址
  26 + */
  27 + private String ssoLoginUrl;
  28 +
  29 + /**
  30 + * sso登出请求地址
  31 + */
  32 + private String ssoLogoutUrl;
  33 +
  34 + /**
  35 + * sso验证请求地址
  36 + */
  37 + private String ssoAuthUrl;
  38 +
  39 + public boolean isSsoEnabled() {
  40 + return ssoEnabled;
  41 + }
  42 +
  43 + @Value("${sso.enabled}")
  44 + public void setSsoEnabled(boolean ssoEnabled) {
  45 + this.ssoEnabled = ssoEnabled;
  46 + if (ssoEnabled) {
  47 + Constants.LOGIN_PAGE = ssoLoginUrl;
  48 + } else {
  49 + Constants.LOGIN_PAGE = Constants.ORIGINAL_LOGIN_PAGE;
  50 + }
  51 + }
  52 +
  53 +
  54 + public String getSystemCode() {
  55 + return systemCode;
  56 + }
  57 +
  58 + @Value("${sso.systemcode}")
  59 + public void setSystemCode(String systemCode) {
  60 + this.systemCode = systemCode;
  61 + }
  62 +
  63 + public String getSsoLoginUrl() {
  64 + return ssoLoginUrl;
  65 + }
  66 +
  67 + @Value("${sso.http.url.login}")
  68 + public void setSsoLoginUrl(String ssoLoginUrl) {
  69 + this.ssoLoginUrl = ssoLoginUrl;
  70 + if (ssoEnabled) {
  71 + Constants.LOGIN_PAGE = ssoLoginUrl;
  72 + }
  73 + }
  74 +
  75 + public String getSsoLogoutUrl() {
  76 + return ssoLogoutUrl;
  77 + }
  78 +
  79 + @Value("${sso.http.url.logout}")
  80 + public void setSsoLogoutUrl(String ssoLogoutUrl) {
  81 + this.ssoLogoutUrl = ssoLogoutUrl;
  82 + }
  83 +
  84 + public String getSsoAuthUrl() {
  85 + return ssoAuthUrl;
  86 + }
  87 +
  88 + @Value("${sso.http.url.auth}")
  89 + public void setSsoAuthUrl(String ssoAuthUrl) {
  90 + this.ssoAuthUrl = ssoAuthUrl;
  91 + }
  92 +}
src/main/java/com/bsth/security/WebSecurityConfig.java
  View file @48fec9d
@@ -2,7 +2,9 @@ package com.bsth.security; @@ -2,7 +2,9 @@ package com.bsth.security;
2 2
3 import com.bsth.common.Setting; 3 import com.bsth.common.Setting;
4 import com.bsth.filter.WhiteIpFilter; 4 import com.bsth.filter.WhiteIpFilter;
  5 +import com.bsth.security.handler.CustomLogoutSuccessHandler;
5 import org.springframework.beans.factory.annotation.Autowired; 6 import org.springframework.beans.factory.annotation.Autowired;
  7 +import org.springframework.beans.factory.annotation.Value;
6 import org.springframework.boot.web.servlet.ServletListenerRegistrationBean; 8 import org.springframework.boot.web.servlet.ServletListenerRegistrationBean;
7 import org.springframework.context.annotation.Bean; 9 import org.springframework.context.annotation.Bean;
8 import org.springframework.context.annotation.Configuration; 10 import org.springframework.context.annotation.Configuration;
@@ -36,7 +38,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter { @@ -36,7 +38,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
36 SecurityMetadataSourceService securityMetadataSourceService; 38 SecurityMetadataSourceService securityMetadataSourceService;
37 39
38 @Autowired 40 @Autowired
39 - Setting setting; 41 + private Setting setting;
40 42
41 @Override 43 @Override
42 public void configure(WebSecurity web) throws Exception { 44 public void configure(WebSecurity web) throws Exception {
@@ -61,7 +63,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter { @@ -61,7 +63,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
61 //指定登录页 63 //指定登录页
62 .loginPage(Constants.LOGIN_PAGE) 64 .loginPage(Constants.LOGIN_PAGE)
63 .loginProcessingUrl(Constants.LOGIN).permitAll() 65 .loginProcessingUrl(Constants.LOGIN).permitAll()
64 - .and().logout() 66 + .and().logout().logoutSuccessUrl(Constants.LOGIN_PAGE)
65 //禁用CXRF 67 //禁用CXRF
66 .and().csrf().disable() 68 .and().csrf().disable()
67 //禁用匿名用户功能 69 //禁用匿名用户功能
@@ -69,10 +71,10 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter { @@ -69,10 +71,10 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
69 //允许 iframe 71 //允许 iframe
70 .headers().frameOptions().disable(); 72 .headers().frameOptions().disable();
71 73
72 - // 同时只保持一个回话 74 + // 同时只保持一个回话 maxSessionsPreventsLogin(false)让之前的登录过期
73 http.sessionManagement().maximumSessions(1) 75 http.sessionManagement().maximumSessions(1)
74 .expiredUrl(Constants.LOGIN_PAGE + "?error=true") 76 .expiredUrl(Constants.LOGIN_PAGE + "?error=true")
75 - .maxSessionsPreventsLogin(false)//让之前的登录过期 77 + .maxSessionsPreventsLogin(false)
76 .sessionRegistry(sessionRegistry()); 78 .sessionRegistry(sessionRegistry());
77 79
78 WhiteIpFilter whiteIpFilter = new WhiteIpFilter(); 80 WhiteIpFilter whiteIpFilter = new WhiteIpFilter();
@@ -94,16 +96,6 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter { @@ -94,16 +96,6 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
94 return filterSecurityInterceptor; 96 return filterSecurityInterceptor;
95 } 97 }
96 98
97 -/* @Bean  
98 - public LoginSuccessHandler loginSuccessHandler(){  
99 - return new LoginSuccessHandler();  
100 - }*/  
101 -  
102 -/* @Bean  
103 - public LogoutHandler logoutHandler(){  
104 - return new CustomLogoutHandler();  
105 - }*/  
106 -  
107 @Bean 99 @Bean
108 public SessionRegistry sessionRegistry() { 100 public SessionRegistry sessionRegistry() {
109 SessionRegistry sessionRegistry = new SessionRegistryImpl(); 101 SessionRegistry sessionRegistry = new SessionRegistryImpl();
src/main/java/com/bsth/security/handler/CustomLogoutSuccessHandler.java 0 → 100644
  View file @48fec9d
  1 +package com.bsth.security.handler;
  2 +
  3 +import java.io.IOException;
  4 +import java.util.Date;
  5 +import java.util.HashMap;
  6 +import java.util.Map;
  7 +
  8 +import javax.servlet.ServletException;
  9 +import javax.servlet.http.HttpServletRequest;
  10 +import javax.servlet.http.HttpServletResponse;
  11 +import javax.servlet.http.HttpSession;
  12 +
  13 +import com.bsth.common.Constants;
  14 +import com.bsth.util.HttpClientUtils;
  15 +import com.fasterxml.jackson.databind.ObjectMapper;
  16 +import org.slf4j.Logger;
  17 +import org.slf4j.LoggerFactory;
  18 +import org.springframework.beans.factory.annotation.Value;
  19 +import org.springframework.security.core.Authentication;
  20 +
  21 +import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
  22 +import org.springframework.stereotype.Component;
  23 +
  24 +/**
  25 + * @author Hill
  26 + */
  27 +@Component
  28 +public class CustomLogoutSuccessHandler implements LogoutSuccessHandler {
  29 +
  30 + private final static Logger log = LoggerFactory.getLogger(CustomLogoutSuccessHandler.class);
  31 +
  32 + @Value("${sso.http.url.login}")
  33 + private String ssoLoginUrl;
  34 +
  35 + @Value("${sso.http.url.logout}")
  36 + private String ssoLogoutUrl;
  37 +
  38 + @Override
  39 + public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
  40 + HttpSession session = request.getSession();
  41 + String token = String.valueOf(request.getSession().getAttribute(Constants.SSO_TOKEN));
  42 + Map<String, Object> param = new HashMap<>();
  43 + param.put("Authorization", String.format("Bearer %s", token));
  44 + try {
  45 + request.getSession().invalidate();
  46 + StringBuilder sb = HttpClientUtils.post(ssoLogoutUrl, null, param);
  47 + log.error(String.format("注销token:%s,返回结果:%s", token, sb.toString()));
  48 + } catch (Exception e) {
  49 + log.error("注销token异常", e);
  50 + } finally {
  51 + response.sendRedirect(ssoLoginUrl);
  52 + }
  53 + }
  54 +}
src/main/java/com/bsth/service/sys/SysUserService.java
  View file @48fec9d
@@ -22,4 +22,6 @@ public interface SysUserService extends BaseService&lt;SysUser, Integer&gt;{ @@ -22,4 +22,6 @@ public interface SysUserService extends BaseService&lt;SysUser, Integer&gt;{
22 Map<String, Object> resetPassword(@RequestParam Integer id); 22 Map<String, Object> resetPassword(@RequestParam Integer id);
23 23
24 void recordLoginDate(String userName); 24 void recordLoginDate(String userName);
  25 +
  26 + void realName(String jobCode, String realName, int id);
25 } 27 }
src/main/java/com/bsth/service/sys/impl/SysUserServiceImpl.java
  View file @48fec9d
@@ -202,4 +202,10 @@ public class SysUserServiceImpl extends BaseServiceImpl&lt;SysUser, Integer&gt; implem @@ -202,4 +202,10 @@ public class SysUserServiceImpl extends BaseServiceImpl&lt;SysUser, Integer&gt; implem
202 public void recordLoginDate(String userName) { 202 public void recordLoginDate(String userName) {
203 sysUserRepository.recordLoginDate(userName); 203 sysUserRepository.recordLoginDate(userName);
204 } 204 }
  205 +
  206 + @Override
  207 + @Transactional(rollbackFor = Exception.class)
  208 + public void realName(String jobCode, String realName, int id) {
  209 + sysUserRepository.realName(jobCode, realName, id);
  210 + }
205 } 211 }
src/main/resources/application-cloud.properties
  View file @48fec9d
@@ -55,4 +55,10 @@ cp.ack.url= https://58.247.254.118:4003/prod-api/serverApi/instructionsIssue/con @@ -55,4 +55,10 @@ cp.ack.url= https://58.247.254.118:4003/prod-api/serverApi/instructionsIssue/con
55 ## admin mail 55 ## admin mail
56 admin.mail= 3090342880@qq.com 56 admin.mail= 3090342880@qq.com
57 ## enabled 57 ## enabled
58 -enabled.whiteip= true  
59 \ No newline at end of file 58 \ No newline at end of file
  59 +enabled.whiteip= true
  60 +
  61 +sso.enabled= true
  62 +sso.systemcode = SYS0019
  63 +sso.http.url.login= http://180.169.154.251:28090/portal/index.html#/login
  64 +sso.http.url.logout= http://180.169.154.251:18080/information/api/v1/logout
  65 +sso.http.url.auth= http://180.169.154.251:18080/information/authenticate/authorityAuthentication
60 \ No newline at end of file 66 \ No newline at end of file
src/main/resources/datatools/config-prod.properties
  View file @48fec9d
@@ -5,13 +5,13 @@ datatools.kettle_properties=/datatools/kettle.properties @@ -5,13 +5,13 @@ datatools.kettle_properties=/datatools/kettle.properties
5 # 2、ktr文件通用配置变量(数据库连接,根据不同的环境需要修正) 5 # 2、ktr文件通用配置变量(数据库连接,根据不同的环境需要修正)
6 6
7 #数据库ip地址 7 #数据库ip地址
8 -datatools.kvars_dbip=10.10.200.121 8 +datatools.kvars_dbip=192.168.168.241
9 #数据库用户名 9 #数据库用户名
10 datatools.kvars_dbuname=root 10 datatools.kvars_dbuname=root
11 #数据库密码 11 #数据库密码
12 datatools.kvars_dbpwd=root2jsp 12 datatools.kvars_dbpwd=root2jsp
13 #数据库库名 13 #数据库库名
14 -datatools.kvars_dbdname=control 14 +datatools.kvars_dbdname=pd_control
15 15
16 # 3、上传数据配置信息 16 # 3、上传数据配置信息
17 # 上传文件目录配置(根据不同的环境需要修正) 17 # 上传文件目录配置(根据不同的环境需要修正)
src/main/resources/static/index.html
  View file @48fec9d
@@ -454,6 +454,28 @@ @@ -454,6 +454,28 @@
454 } 454 }
455 }); 455 });
456 456
  457 + $.ajax({
  458 + url: '/user/isRealName',
  459 + type: 'POST',
  460 + async: false,
  461 + success: function (result,status,xhr) {
  462 + if (result.data == 0) {
  463 + $.get('/pages/permission/user/jobCode.html', function (content) {
  464 + layer.open({
  465 + type: 1,
  466 + area: ['600px', '360px'],
  467 + content: content,
  468 + title: '设置工号(后期统一登录平台接入)',
  469 + shift: 5,
  470 + scrollbar: false,
  471 + success: function () {
  472 + }
  473 + });
  474 + });
  475 + }
  476 + }
  477 + });
  478 +
457 $.get('/user/currentUser', function (user) { 479 $.get('/user/currentUser', function (user) {
458 $('#indexTopUName').text(user.userName); 480 $('#indexTopUName').text(user.userName);
459 }); 481 });
src/main/resources/static/pages/permission/user/jobCode.html 0 → 100644
  View file @48fec9d
  1 +<div class="row">
  2 +<div class="col-md-12">
  3 +<!-- BEGIN VALIDATION STATES-->
  4 +<div class="portlet light portlet-fit portlet-form bordered">
  5 +<div class="portlet-body">
  6 + <form class="form-horizontal" id="jobCodeForm">
  7 + <div class="alert alert-danger display-hide">
  8 + <button class="close" data-close="alert"></button>您的输入有误,请检查下面的输入项
  9 + </div>
  10 + <div class="form-group" style="margin-top: 60px">
  11 + <label class="control-label col-md-5">姓名:
  12 + </label>
  13 + <div class="col-md-4">
  14 + <div class="input-icon right">
  15 + <i class="fa"></i>
  16 + <input type="input" class="form-control" name="realName" /> </div>
  17 + </div>
  18 + </div>
  19 + <div class="form-group">
  20 + <label class="control-label col-md-5">工号:
  21 + </label>
  22 + <div class="col-md-4">
  23 + <div class="input-icon right">
  24 + <i class="fa"></i>
  25 + <input type="input" class="form-control" name="jobCode" /> </div>
  26 + </div>
  27 + </div>
  28 + <div class="form-actions">
  29 + <div class="row">
  30 + <div class="col-md-offset-5 col-md-7">
  31 + <button type="submit" id="confirm" class="btn green">确定</button>
  32 + <button type="reset" class="btn default">取消</button>
  33 + </div>
  34 + </div>
  35 + </div>
  36 + </form>
  37 +</div>
  38 +</div>
  39 +</div>
  40 +</div>
  41 +
  42 +<script>
  43 +$(function(){
  44 + var form = $('#jobCodeForm');
  45 + //表单 validate
  46 + var error = $('.alert-danger', form);
  47 +
  48 + $.validator.addMethod("jobcoderule", function(value, element) {
  49 + var reg = /^0[1-5]-[A-Za-z0-9]{5}$/;
  50 + return this.optional(element) || reg.test(value) && validate(value);
  51 + }, "格式应该为【2位公司代码-6位工号】");
  52 +
  53 + //表单 validate
  54 + form.validate({
  55 + errorElement : 'span',
  56 + errorClass : 'help-block help-block-error',
  57 + focusInvalid : false,
  58 + rules : {
  59 + 'realName': {
  60 + required: true,
  61 + minlength: 2,
  62 + maxlength: 16
  63 + },
  64 + 'jobCode': {
  65 + required: true,
  66 + minlength: 6,
  67 + maxlength: 9,
  68 + jobcoderule: false
  69 + }
  70 + },
  71 + invalidHandler : function(event, validator) {
  72 + error.show();
  73 + App.scrollTo(error, -200);
  74 + },
  75 +
  76 + highlight : function(element) {
  77 + $(element).closest('.form-group').addClass('has-error');
  78 + },
  79 +
  80 + unhighlight : function(element) {
  81 + $(element).closest('.form-group').removeClass('has-error');
  82 + },
  83 +
  84 + success : function(label) {
  85 + label.closest('.form-group').removeClass('has-error');
  86 + },
  87 +
  88 + submitHandler : function(f) {
  89 + var params = form.serializeJSON();
  90 + error.hide();
  91 + $.ajax({
  92 + url: '/user/realName',
  93 + type: 'POST',
  94 + traditional: true,
  95 + data: params,
  96 + success: function(res){
  97 + layer.alert(res.data);
  98 + if (res.status == 'SUCCESS') {
  99 + layer.closeAll('page');
  100 + }
  101 + }
  102 + });
  103 + }
  104 + });
  105 +});
  106 +</script>
0 \ No newline at end of file 107 \ No newline at end of file