package org.dromara.auth.service; import cn.dev33.satoken.exception.NotLoginException; import cn.dev33.satoken.secure.BCrypt; import cn.dev33.satoken.stp.StpUtil; import cn.hutool.core.bean.BeanUtil; import cn.hutool.core.collection.CollUtil; import cn.hutool.core.util.ObjectUtil; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; import me.zhyd.oauth.model.AuthUser; import org.apache.dubbo.config.annotation.DubboReference; import org.dromara.auth.form.RegisterBody; import org.dromara.auth.properties.CaptchaProperties; import org.dromara.auth.properties.UserPasswordProperties; import org.dromara.common.core.constant.Constants; import org.dromara.common.core.constant.GlobalConstants; import org.dromara.common.core.constant.TenantConstants; import org.dromara.common.core.enums.LoginType; import org.dromara.common.core.enums.TenantStatus; import org.dromara.common.core.enums.UserType; import org.dromara.common.core.exception.user.CaptchaException; import org.dromara.common.core.exception.user.CaptchaExpireException; import org.dromara.common.core.exception.user.UserException; import org.dromara.common.core.utils.MessageUtils; import org.dromara.common.core.utils.ServletUtils; import org.dromara.common.core.utils.SpringUtils; import org.dromara.common.core.utils.StringUtils; import org.dromara.common.log.event.LogininforEvent; import org.dromara.common.redis.utils.RedisUtils; import org.dromara.common.satoken.utils.LoginHelper; import org.dromara.common.tenant.exception.TenantException; import org.dromara.common.tenant.helper.TenantHelper; import org.dromara.system.api.RemoteSocialService; import org.dromara.system.api.RemoteTenantService; import org.dromara.system.api.RemoteUserService; import org.dromara.system.api.domain.bo.RemoteSocialBo; import org.dromara.system.api.domain.bo.RemoteUserBo; import org.dromara.system.api.domain.vo.RemoteSocialVo; import org.dromara.system.api.domain.vo.RemoteTenantVo; import org.dromara.system.api.model.LoginUser; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import java.time.Duration; import java.util.Date; import java.util.List; import java.util.function.Supplier; /** * 登录校验方法 * * @author ruoyi */ @RequiredArgsConstructor @Service @Slf4j public class SysLoginService { @DubboReference private RemoteUserService remoteUserService; @DubboReference private RemoteTenantService remoteTenantService; @DubboReference private RemoteSocialService remoteSocialService; @Autowired private UserPasswordProperties userPasswordProperties; @Autowired private final CaptchaProperties captchaProperties; /** * 绑定第三方用户 * * @param authUserData 授权响应实体 */ public void socialRegister(AuthUser authUserData) { String authId = authUserData.getSource() + authUserData.getUuid(); // 第三方用户信息 RemoteSocialBo bo = BeanUtil.toBean(authUserData, RemoteSocialBo.class); BeanUtil.copyProperties(authUserData.getToken(), bo); bo.setUserId(LoginHelper.getUserId()); bo.setAuthId(authId); bo.setOpenId(authUserData.getUuid()); bo.setUserName(authUserData.getUsername()); bo.setNickName(authUserData.getNickname()); // 查询是否已经绑定用户 List list = remoteSocialService.selectByAuthId(authId); if (CollUtil.isEmpty(list)) { // 没有绑定用户, 新增用户信息 remoteSocialService.insertByBo(bo); } else { // 更新用户信息 bo.setId(list.get(0).getId()); remoteSocialService.updateByBo(bo); } } /** * 退出登录 */ public void logout() { try { LoginUser loginUser = LoginHelper.getLoginUser(); if (ObjectUtil.isNull(loginUser)) { return; } if (TenantHelper.isEnable() && LoginHelper.isSuperAdmin()) { // 超级管理员 登出清除动态租户 TenantHelper.clearDynamic(); } recordLogininfor(loginUser.getTenantId(), loginUser.getUsername(), Constants.LOGOUT, MessageUtils.message("user.logout.success")); } catch (NotLoginException ignored) { } finally { try { StpUtil.logout(); } catch (NotLoginException ignored) { } } } /** * 注册 */ public void register(RegisterBody registerBody) { String tenantId = registerBody.getTenantId(); String username = registerBody.getUsername(); String password = registerBody.getPassword(); // 校验用户类型是否存在 String userType = UserType.getUserType(registerBody.getUserType()).getUserType(); boolean captchaEnabled = captchaProperties.getEnabled(); // 验证码开关 if (captchaEnabled) { validateCaptcha(tenantId, username, registerBody.getCode(), registerBody.getUuid()); } // 注册用户信息 RemoteUserBo remoteUserBo = new RemoteUserBo(); remoteUserBo.setTenantId(tenantId); remoteUserBo.setUserName(username); remoteUserBo.setNickName(username); remoteUserBo.setPassword(BCrypt.hashpw(password)); remoteUserBo.setUserType(userType); boolean regFlag = remoteUserService.registerUserInfo(remoteUserBo); if (!regFlag) { throw new UserException("user.register.error"); } recordLogininfor(tenantId, username, Constants.REGISTER, MessageUtils.message("user.register.success")); } /** * 校验验证码 * * @param username 用户名 * @param code 验证码 * @param uuid 唯一标识 */ public void validateCaptcha(String tenantId, String username, String code, String uuid) { String verifyKey = GlobalConstants.CAPTCHA_CODE_KEY + StringUtils.defaultString(uuid, ""); String captcha = RedisUtils.getCacheObject(verifyKey); RedisUtils.deleteObject(verifyKey); if (captcha == null) { recordLogininfor(tenantId, username, Constants.REGISTER, MessageUtils.message("user.jcaptcha.expire")); throw new CaptchaExpireException(); } if (!code.equalsIgnoreCase(captcha)) { recordLogininfor(tenantId, username, Constants.REGISTER, MessageUtils.message("user.jcaptcha.error")); throw new CaptchaException(); } } /** * 记录登录信息 * * @param username 用户名 * @param status 状态 * @param message 消息内容 * @return */ public void recordLogininfor(String tenantId, String username, String status, String message) { // 封装对象 LogininforEvent logininforEvent = new LogininforEvent(); logininforEvent.setTenantId(tenantId); logininforEvent.setUsername(username); logininforEvent.setStatus(status); logininforEvent.setMessage(message); logininforEvent.setRequest(ServletUtils.getRequest()); SpringUtils.context().publishEvent(logininforEvent); } /** * 登录校验 */ public void checkLogin(LoginType loginType, String tenantId, String username, Supplier supplier) { String errorKey = GlobalConstants.PWD_ERR_CNT_KEY + username; String loginFail = Constants.LOGIN_FAIL; Integer maxRetryCount = userPasswordProperties.getMaxRetryCount(); Integer lockTime = userPasswordProperties.getLockTime(); // 获取用户登录错误次数,默认为0 (可自定义限制策略 例如: key + username + ip) int errorNumber = ObjectUtil.defaultIfNull(RedisUtils.getCacheObject(errorKey), 0); // 锁定时间内登录 则踢出 if (errorNumber >= maxRetryCount) { recordLogininfor(tenantId, username, loginFail, MessageUtils.message(loginType.getRetryLimitExceed(), maxRetryCount, lockTime)); throw new UserException(loginType.getRetryLimitExceed(), maxRetryCount, lockTime); } if (supplier.get()) { // 错误次数递增 errorNumber++; RedisUtils.setCacheObject(errorKey, errorNumber, Duration.ofMinutes(lockTime)); // 达到规定错误次数 则锁定登录 if (errorNumber >= maxRetryCount) { recordLogininfor(tenantId, username, loginFail, MessageUtils.message(loginType.getRetryLimitExceed(), maxRetryCount, lockTime)); throw new UserException(loginType.getRetryLimitExceed(), maxRetryCount, lockTime); } else { // 未达到规定错误次数 recordLogininfor(tenantId, username, loginFail, MessageUtils.message(loginType.getRetryLimitCount(), errorNumber)); throw new UserException(loginType.getRetryLimitCount(), errorNumber); } } // 登录成功 清空错误次数 RedisUtils.deleteObject(errorKey); } /** * 校验租户 * * @param tenantId 租户ID */ public void checkTenant(String tenantId) { if (!TenantHelper.isEnable()) { return; } if (TenantConstants.DEFAULT_TENANT_ID.equals(tenantId)) { return; } if (StringUtils.isBlank(tenantId)) { throw new TenantException("tenant.number.not.blank"); } RemoteTenantVo tenant = remoteTenantService.queryByTenantId(tenantId); if (ObjectUtil.isNull(tenant)) { log.info("登录租户:{} 不存在.", tenantId); throw new TenantException("tenant.not.exists"); } else if (TenantStatus.DISABLE.getCode().equals(tenant.getStatus())) { log.info("登录租户:{} 已被停用.", tenantId); throw new TenantException("tenant.blocked"); } else if (ObjectUtil.isNotNull(tenant.getExpireTime()) && new Date().after(tenant.getExpireTime())) { log.info("登录租户:{} 已超过有效期.", tenantId); throw new TenantException("tenant.expired"); } } }