Example 1 with LoginUser
use of com.ruoyi.common.core.domain.model.LoginUser in project RuoYi-Flowable-Plus by KonBAI-Q.
the class SysRoleController method edit.
/**
* 修改保存角色
*/
@ApiOperation("修改保存角色")
@SaCheckPermission("system:role:edit")
@Log(title = "角色管理", businessType = BusinessType.UPDATE)
@PutMapping
public R<Void> edit(@Validated @RequestBody SysRole role) {
roleService.checkRoleAllowed(role);
roleService.checkRoleDataScope(role.getRoleId());
if (UserConstants.NOT_UNIQUE.equals(roleService.checkRoleNameUnique(role))) {
return R.fail("修改角色'" + role.getRoleName() + "'失败,角色名称已存在");
} else if (UserConstants.NOT_UNIQUE.equals(roleService.checkRoleKeyUnique(role))) {
return R.fail("修改角色'" + role.getRoleName() + "'失败,角色权限已存在");
}
if (roleService.updateRole(role) > 0) {
// 更新缓存用户权限
LoginUser loginUser = getLoginUser();
SysUser sysUser = userService.selectUserById(loginUser.getUserId());
if (ObjectUtil.isNotNull(sysUser) && !sysUser.isAdmin()) {
loginUser.setMenuPermission(permissionService.getMenuPermission(sysUser));
LoginHelper.setLoginUser(loginUser);
}
return R.ok();
}
return R.fail("修改角色'" + role.getRoleName() + "'失败,请联系管理员");
}
Also used :
SysUser(com.ruoyi.common.core.domain.entity.SysUser)
LoginUser(com.ruoyi.common.core.domain.model.LoginUser)
Log(com.ruoyi.common.annotation.Log)
SaCheckPermission(cn.dev33.satoken.annotation.SaCheckPermission)
Example 2 with LoginUser
use of com.ruoyi.common.core.domain.model.LoginUser in project RuoYi-Flowable-Plus by KonBAI-Q.
the class SysLoginService method login.
/**
* 登录验证
*
* @param username 用户名
* @param password 密码
* @param code 验证码
* @param uuid 唯一标识
* @return 结果
*/
public String login(String username, String password, String code, String uuid) {
HttpServletRequest request = ServletUtils.getRequest();
boolean captchaOnOff = configService.selectCaptchaOnOff();
// 验证码开关
if (captchaOnOff) {
validateCaptcha(username, code, uuid, request);
}
// 获取用户登录错误次数(可自定义限制策略 例如: key + username + ip)
Integer errorNumber = RedisUtils.getCacheObject(Constants.LOGIN_ERROR + username);
// 锁定时间内登录 则踢出
if (ObjectUtil.isNotNull(errorNumber) && errorNumber.equals(Constants.LOGIN_ERROR_NUMBER)) {
asyncService.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.password.retry.limit.exceed", Constants.LOGIN_ERROR_LIMIT_TIME), request);
throw new UserException("user.password.retry.limit.exceed", Constants.LOGIN_ERROR_LIMIT_TIME);
}
SysUser user = loadUserByUsername(username);
if (!BCrypt.checkpw(password, user.getPassword())) {
// 是否第一次
errorNumber = ObjectUtil.isNull(errorNumber) ? 1 : errorNumber + 1;
// 达到规定错误次数 则锁定登录
if (errorNumber.equals(Constants.LOGIN_ERROR_NUMBER)) {
RedisUtils.setCacheObject(Constants.LOGIN_ERROR + username, errorNumber, Constants.LOGIN_ERROR_LIMIT_TIME, TimeUnit.MINUTES);
asyncService.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.password.retry.limit.exceed", Constants.LOGIN_ERROR_LIMIT_TIME), request);
throw new UserException("user.password.retry.limit.exceed", Constants.LOGIN_ERROR_LIMIT_TIME);
} else {
// 未达到规定错误次数 则递增
RedisUtils.setCacheObject(Constants.LOGIN_ERROR + username, errorNumber);
asyncService.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.password.retry.limit.count", errorNumber), request);
throw new UserException("user.password.retry.limit.count", errorNumber);
}
}
// 登录成功 清空错误次数
RedisUtils.deleteObject(Constants.LOGIN_ERROR + username);
LoginUser loginUser = buildLoginUser(user);
// 生成token
LoginHelper.loginByDevice(loginUser, DeviceType.PC);
asyncService.recordLogininfor(username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success"), request);
recordLoginInfo(user.getUserId(), username);
return StpUtil.getTokenValue();
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
SysUser(com.ruoyi.common.core.domain.entity.SysUser)
UserException(com.ruoyi.common.exception.user.UserException)
LoginUser(com.ruoyi.common.core.domain.model.LoginUser)
Example 3 with LoginUser
use of com.ruoyi.common.core.domain.model.LoginUser in project RuoYi-Flowable-Plus by KonBAI-Q.
the class UserActionListener method doLogin.
/**
* 每次登录时触发
*/
@Override
public void doLogin(String loginType, Object loginId, SaLoginModel loginModel) {
UserType userType = UserType.getUserType(loginId.toString());
if (userType == UserType.SYS_USER) {
UserAgent userAgent = UserAgentUtil.parse(ServletUtils.getRequest().getHeader("User-Agent"));
String ip = ServletUtils.getClientIP();
LoginUser user = LoginHelper.getLoginUser();
String tokenValue = StpUtil.getTokenValueByLoginId(loginId);
UserOnlineDTO dto = new UserOnlineDTO();
dto.setIpaddr(ip);
dto.setLoginLocation(AddressUtils.getRealAddressByIP(ip));
dto.setBrowser(userAgent.getBrowser().getName());
dto.setOs(userAgent.getOs().getName());
dto.setLoginTime(System.currentTimeMillis());
dto.setTokenId(tokenValue);
dto.setUserName(user.getUsername());
dto.setDeptName(user.getDeptName());
RedisUtils.setCacheObject(Constants.ONLINE_TOKEN_KEY + tokenValue, dto, tokenConfig.getTimeout(), TimeUnit.SECONDS);
log.info("user doLogin, useId:{}, token:{}", loginId, tokenValue);
} else if (userType == UserType.APP_USER) {
// app端 自行根据业务编写
}
}
Also used :
UserOnlineDTO(com.ruoyi.common.core.domain.dto.UserOnlineDTO)
UserAgent(cn.hutool.http.useragent.UserAgent)
LoginUser(com.ruoyi.common.core.domain.model.LoginUser)
UserType(com.ruoyi.common.enums.UserType)
Example 4 with LoginUser
use of com.ruoyi.common.core.domain.model.LoginUser in project RuoYi-Flowable-Plus by KonBAI-Q.
the class SaInterfaceImpl method getRoleList.
@Override
public List<String> getRoleList(Object loginId, String loginType) {
LoginUser loginUser = LoginHelper.getLoginUser();
UserType userType = UserType.getUserType(loginUser.getUserType());
if (userType == UserType.SYS_USER) {
return new ArrayList<>(loginUser.getRolePermission());
} else if (userType == UserType.APP_USER) {
// app端权限返回 自行根据业务编写
}
return new ArrayList<>();
}Example 5 with LoginUser
use of com.ruoyi.common.core.domain.model.LoginUser in project RuoYi-Flowable-Plus by KonBAI-Q.
the class SaInterfaceImpl method getPermissionList.
@Override
public List<String> getPermissionList(Object loginId, String loginType) {
LoginUser loginUser = LoginHelper.getLoginUser();
UserType userType = UserType.getUserType(loginUser.getUserType());
if (userType == UserType.SYS_USER) {
return new ArrayList<>(loginUser.getMenuPermission());
} else if (userType == UserType.APP_USER) {
// app端权限返回 自行根据业务编写
}
return new ArrayList<>();
}Aggregations
LoginUser (com.ruoyi.common.core.domain.model.LoginUser)65
Log (com.ruoyi.common.annotation.Log)16
SysUser (com.ruoyi.common.core.domain.entity.SysUser)13
GetMapping (org.springframework.web.bind.annotation.GetMapping)10
AjaxResult (com.ruoyi.common.core.domain.AjaxResult)9
UserType (com.ruoyi.common.enums.UserType)8
PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)8
ServiceException (com.ruoyi.common.exception.ServiceException)7
ArrayList (java.util.ArrayList)7
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)7
PutMapping (org.springframework.web.bind.annotation.PutMapping)7
UserPasswordNotMatchException (com.ruoyi.common.exception.user.UserPasswordNotMatchException)5
DataColumn (com.ruoyi.common.annotation.DataColumn)4
RoleDTO (com.ruoyi.common.core.domain.dto.RoleDTO)4
SysMenu (com.ruoyi.common.core.domain.entity.SysMenu)4
CaptchaException (com.ruoyi.common.exception.user.CaptchaException)4
CaptchaExpireException (com.ruoyi.common.exception.user.CaptchaExpireException)4
Claims (io.jsonwebtoken.Claims)4
BadCredentialsException (org.springframework.security.authentication.BadCredentialsException)4
Authentication (org.springframework.security.core.Authentication)4
