smartor代码库
blame | 历史 | 原始文档
liusheng
2025-04-02 ae086bc3ad6f785e6368b84e57a7e199c675779b 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127

package com.ruoyi.framework.web.service;


 


import javax.annotation.Resource;


 


import org.springframework.beans.factory.annotation.Autowired;


import org.springframework.security.authentication.AuthenticationManager;


import org.springframework.security.authentication.BadCredentialsException;


import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;


import org.springframework.security.core.Authentication;


import org.springframework.stereotype.Component;


import com.ruoyi.common.constant.CacheConstants;


import com.ruoyi.common.constant.Constants;


import com.ruoyi.common.core.domain.entity.SysUser;


import com.ruoyi.common.core.domain.model.LoginUser;


import com.ruoyi.common.core.redis.RedisCache;


import com.ruoyi.common.exception.ServiceException;


import com.ruoyi.common.exception.user.CaptchaException;


import com.ruoyi.common.exception.user.CaptchaExpireException;


import com.ruoyi.common.exception.user.UserPasswordNotMatchException;


import com.ruoyi.common.utils.DateUtils;


import com.ruoyi.common.utils.MessageUtils;


import com.ruoyi.common.utils.ServletUtils;


import com.ruoyi.common.utils.StringUtils;


import com.ruoyi.common.utils.ip.IpUtils;


import com.ruoyi.framework.manager.AsyncManager;


import com.ruoyi.framework.manager.factory.AsyncFactory;


import com.ruoyi.framework.security.context.AuthenticationContextHolder;


import com.ruoyi.system.service.ISysConfigService;


import com.ruoyi.system.service.ISysUserService;


 


/**


 * 登录校验方法


 *


 * @author ruoyi


 */


@Component


public class SysLoginService {


    @Autowired


    private TokenService tokenService;


 


    @Resource


    private AuthenticationManager authenticationManager;


 


    @Autowired


    private RedisCache redisCache;


 


    @Autowired


    private ISysUserService userService;


 


    @Autowired


    private ISysConfigService configService;


 


    /**


     * 登录验证


     *


     * @param username 用户名


     * @param password 密码


     * @param code     验证码


     * @param uuid     唯一标识


     * @return 结果


     */


    public String login(String username, String password, String code, String uuid, String orgid) {


        boolean captchaEnabled = configService.selectCaptchaEnabled();


        // 验证码开关


        if (captchaEnabled) {


            validateCaptcha(username, code, uuid);


        }


        // 用户验证


        Authentication authentication = null;


        try {


            UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username + "&" + orgid, password);


            AuthenticationContextHolder.setContext(authenticationToken);


            // 该方法会去调用UserDetailsServiceImpl.loadUserByUsername


            authentication = authenticationManager.authenticate(authenticationToken);


        } catch (Exception e) {


            if (e instanceof BadCredentialsException) {


                AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.password.not.match")));


                throw new UserPasswordNotMatchException();


            } else {


                AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, e.getMessage()));


                throw new ServiceException(e.getMessage());


            }


        } finally {


            AuthenticationContextHolder.clearContext();


        }


        AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success")));


        LoginUser loginUser = (LoginUser) authentication.getPrincipal();


        recordLoginInfo(loginUser.getUserId());


        // 生成token


        return tokenService.createToken(loginUser);


    }


 


    /**


     * 校验验证码


     *


     * @param username 用户名


     * @param code     验证码


     * @param uuid     唯一标识


     * @return 结果


     */


    public void validateCaptcha(String username, String code, String uuid) {


        String verifyKey = CacheConstants.CAPTCHA_CODE_KEY + StringUtils.nvl(uuid, "");


        String captcha = redisCache.getCacheObject(verifyKey);


        redisCache.deleteObject(verifyKey);


        if (captcha == null) {


            AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.expire")));


            throw new CaptchaExpireException();


        }


        if (!code.equalsIgnoreCase(captcha)) {


            AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.error")));


            throw new CaptchaException();


        }


    }


 


    /**


     * 记录登录信息


     *


     * @param userId 用户ID


     */


    public void recordLoginInfo(Long userId) {


        SysUser sysUser = new SysUser();


        sysUser.setUserId(userId);


        sysUser.setLoginIp(IpUtils.getIpAddr(ServletUtils.getRequest()));


        sysUser.setLoginDate(DateUtils.getNowDate());


        userService.updateUserProfile(sysUser);


    }


}