Merge pull request #65 from geekidea/dev

🇨🇳 1.3.0.RELEASE shiro+jwt

Author: springboot-plus

src/main/java/io/geekidea/springbootplus/common/entity/BaseEntity.java

@@ -21,6 +21,7 @@
 import java.io.Serializable;
 
 /**
+ * 实体父类
  * @author geekidea
  * @date 2018-11-08
  */

src/main/java/io/geekidea/springbootplus/shiro/cache/impl/LoginRedisServiceImpl.java

@@ -22,6 +22,7 @@
 import io.geekidea.springbootplus.shiro.vo.JwtTokenRedisVo;
 import io.geekidea.springbootplus.shiro.vo.LoginSysUserRedisVo;
 import io.geekidea.springbootplus.shiro.vo.LoginSysUserVo;
+import io.geekidea.springbootplus.system.convert.SysUserConvert;
 import io.geekidea.springbootplus.util.ClientInfoUtil;
 import io.geekidea.springbootplus.util.HttpServletRequestUtil;
 import org.apache.commons.codec.digest.DigestUtils;
@@ -84,7 +85,7 @@ public void cacheLoginInfo(JwtToken jwtToken, LoginSysUserVo loginSysUserVo, boo
 
         // Redis缓存登陆用户信息
         // 将LoginSysUserVo对象复制到LoginSysUserRedisVo，使用mapstruct进行对象属性复制
-        LoginSysUserRedisVo loginSysUserRedisVo = ShiroMapstructConvert.INSTANCE.loginSysUserVoToLoginSysUserRedisVo(loginSysUserVo);
+        LoginSysUserRedisVo loginSysUserRedisVo = SysUserConvert.INSTANCE.loginSysUserVoToLoginSysUserRedisVo(loginSysUserVo);
         loginSysUserRedisVo.setSalt(salt);
         loginSysUserRedisVo.setClientInfo(clientInfo);
 

src/main/java/io/geekidea/springbootplus/shiro/convert/ShiroMapstructConvert.java

@@ -15,8 +15,6 @@
 
 import io.geekidea.springbootplus.shiro.jwt.JwtToken;
 import io.geekidea.springbootplus.shiro.vo.JwtTokenRedisVo;
-import io.geekidea.springbootplus.shiro.vo.LoginSysUserRedisVo;
-import io.geekidea.springbootplus.shiro.vo.LoginSysUserVo;
 import org.mapstruct.Mapper;
 import org.mapstruct.factory.Mappers;
 
@@ -32,14 +30,6 @@ public interface ShiroMapstructConvert {
 
     ShiroMapstructConvert INSTANCE = Mappers.getMapper(ShiroMapstructConvert.class);
 
-    /**
-     * LoginSysUserVo对象转换成LoginSysUserRedisVo
-     *
-     * @param loginSysUserVo
-     * @return
-     */
-    LoginSysUserRedisVo loginSysUserVoToLoginSysUserRedisVo(LoginSysUserVo loginSysUserVo);
-
     /**
      * JwtToken对象转换成JwtTokenRedisVo
      *

src/main/java/io/geekidea/springbootplus/shiro/jwt/JwtRealm.java

@@ -28,7 +28,7 @@
 import org.apache.shiro.subject.PrincipalCollection;
 
 /**
- * Shiro JST授权认证
+ * Shiro 授权认证
  *
  * @author geekidea
  * @date 2019-09-27

src/main/java/io/geekidea/springbootplus/shiro/service/impl/LoginServiceImpl.java

@@ -30,6 +30,10 @@
 import io.geekidea.springbootplus.shiro.util.SaltUtil;
 import io.geekidea.springbootplus.shiro.vo.LoginSysUserRedisVo;
 import io.geekidea.springbootplus.shiro.vo.LoginSysUserVo;
+import io.geekidea.springbootplus.system.convert.SysUserConvert;
+import io.geekidea.springbootplus.system.entity.SysUser;
+import io.geekidea.springbootplus.system.mapper.SysUserMapper;
+import io.geekidea.springbootplus.util.PasswordUtil;
 import io.swagger.annotations.Api;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.collections4.SetUtils;
@@ -67,25 +71,36 @@ public class LoginServiceImpl implements LoginService {
     @Autowired
     private JwtProperties jwtProperties;
 
+    @Autowired
+    private SysUserMapper sysUserMapper;
+
     @Override
     public ApiResult login(LoginParam loginParam, HttpServletResponse response) {
         String username = loginParam.getUsername();
-        // TODO 从数据库中获取登陆用户信息
-        LoginSysUserVo loginSysUserVo = new LoginSysUserVo()
-                .setId(1L)
-                .setUsername(loginParam.getUsername())
-                .setSalt("666") // 可选
-                .setRoles(SetUtils.hashSet("admin"));
-
-        if (loginSysUserVo == null) {
+        // 从数据库中获取登陆用户信息
+        SysUser sysUser = sysUserMapper.getSysUserByUsername(username);
+        if (sysUser == null) {
             log.error("登陆失败,loginParam:{}", loginParam);
             return ApiResult.fail(ApiCode.LOGIN_EXCEPTION);
         }
+        // 实际项目中，前端传过来的密码应先加密
+        // 原始密码：123456
+        // 加密规则：sha256(666666+123456) = 751ade2f90ceb660cb2460f12cc6fe08268e628e4607bdb88a00605b3d66973c
+        String encryptPassword = PasswordUtil.encrypt(loginParam.getPassword());
+        if (!encryptPassword.equals(sysUser.getPassword())) {
+            log.error("用户名或密码错误");
+            return ApiResult.fail(ApiCode.LOGIN_EXCEPTION);
+        }
+        // 将系统用户对象转换成登陆用户对象
+        LoginSysUserVo loginSysUserVo = SysUserConvert.INSTANCE.sysUserToLoginSysUserVo(sysUser);
+        // TODO 从数据库中获取登陆用户角色权限信息
+        loginSysUserVo.setRoles(SetUtils.hashSet("admin"));
+
         String newSalt;
-        if (jwtProperties.isSaltCheck()){
+        if (jwtProperties.isSaltCheck()) {
             // 包装盐值
             newSalt = SaltUtil.getSalt(jwtProperties.getSecret(), loginSysUserVo.getSalt());
-        }else{
+        } else {
             newSalt = jwtProperties.getSecret();
         }
         // 删除登陆用户盐值，盐值保存到后台Redis缓存中

src/main/java/io/geekidea/springbootplus/shiro/util/SaltUtil.java

@@ -14,7 +14,9 @@
 package io.geekidea.springbootplus.shiro.util;
 
 import org.apache.commons.codec.digest.DigestUtils;
+import org.apache.commons.lang3.RandomUtils;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.crypto.SecureRandomNumberGenerator;
 
 /**
  * 盐值包装工具类
@@ -40,4 +42,15 @@ public static String getSalt(String secret, String salt) {
         String newSalt = DigestUtils.sha256Hex(secret + salt);
         return newSalt;
     }
+
+    /**
+     * 生成32位随机盐
+     *
+     * @return
+     */
+    public static String generateSalt() {
+        return new SecureRandomNumberGenerator().nextBytes(16).toHex();
+    }
+
 }
+

src/main/java/io/geekidea/springbootplus/system/convert/SysUserConvert.java

@@ -0,0 +1,46 @@
+/*
+ * Copyright 2019-2029 geekidea(https://github.com/geekidea)
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.geekidea.springbootplus.system.convert;
+
+import io.geekidea.springbootplus.shiro.vo.LoginSysUserRedisVo;
+import io.geekidea.springbootplus.shiro.vo.LoginSysUserVo;
+import io.geekidea.springbootplus.system.entity.SysUser;
+import org.mapstruct.Mapper;
+import org.mapstruct.factory.Mappers;
+
+/**
+ * @author geekidea
+ * @date 2019-10-05
+ **/
+@Mapper
+public interface SysUserConvert {
+
+    SysUserConvert INSTANCE = Mappers.getMapper(SysUserConvert.class);
+
+    /**
+     * 系统用户实体对象转换成登陆用户VO对象
+     * @param sysUser
+     * @return
+     */
+    LoginSysUserVo sysUserToLoginSysUserVo(SysUser sysUser);
+
+    /**
+     * LoginSysUserVo对象转换成LoginSysUserRedisVo
+     *
+     * @param loginSysUserVo
+     * @return
+     */
+    LoginSysUserRedisVo loginSysUserVoToLoginSysUserRedisVo(LoginSysUserVo loginSysUserVo);
+
+}

src/main/java/io/geekidea/springbootplus/system/entity/SysLog.java

@@ -1,26 +1,27 @@
 package io.geekidea.springbootplus.system.entity;
 
 import com.baomidou.mybatisplus.annotation.IdType;
+import java.util.Date;
 import com.baomidou.mybatisplus.annotation.TableId;
 import io.geekidea.springbootplus.common.entity.BaseEntity;
 import io.swagger.annotations.ApiModel;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;
 import lombok.EqualsAndHashCode;
-
-import java.util.Date;
+import lombok.experimental.Accessors;
 
 /**
  * <p>
  * 系统日志
  * </p>
  *
  * @author geekidea
- * @since 2019-08-04
+ * @since 2019-10-05
  */
 @Data
+@Accessors(chain = true)
 @EqualsAndHashCode(callSuper = true)
-@ApiModel(value="SysLog对象", description="系统日志")
+@ApiModel(value = "SysLog对象", description = "系统日志")
 public class SysLog extends BaseEntity {
 
     private static final long serialVersionUID = 1L;

src/main/java/io/geekidea/springbootplus/system/entity/SysUser.java

@@ -8,44 +8,50 @@
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;
 import lombok.EqualsAndHashCode;
-
-import java.util.Date;
+import lombok.experimental.Accessors;
 
 /**
  * <p>
  * SystemUser
  * </p>
  *
  * @author geekidea
- * @since 2019-08-26
+ * @since 2019-10-05
  */
 @Data
+@Accessors(chain = true)
 @EqualsAndHashCode(callSuper = true)
-@ApiModel(value="SysUser对象", description="SystemUser")
+@ApiModel(value = "SysUser对象", description = "SystemUser")
 public class SysUser extends BaseEntity {
 
     private static final long serialVersionUID = 1L;
 
-    @ApiModelProperty(value = "id")
+    @ApiModelProperty(value = "主键")
     @TableId(value = "id", type = IdType.ID_WORKER)
     private Long id;
 
-    @ApiModelProperty(value = "name")
-    private String name;
+    @ApiModelProperty(value = "用户名")
+    private String username;
 
-    @ApiModelProperty(value = "account")
-    private String account;
+    @ApiModelProperty(value = "昵称")
+    private String nickname;
 
-    @ApiModelProperty(value = "password")
-    private String pwd;
+    @ApiModelProperty(value = "密码")
+    private String password;
+
+    @ApiModelProperty(value = "盐值")
+    private String salt;
 
     @ApiModelProperty(value = "remark")
     private String remark;
 
-    @ApiModelProperty(value = "create time")
+    @ApiModelProperty(value = "状态，0：禁用，1：启用")
+    private Integer status;
+
+    @ApiModelProperty(value = "创建时间")
     private Date createTime;
 
-    @ApiModelProperty(value = "update time")
+    @ApiModelProperty(value = "修改时间")
     private Date updateTime;
 
 }

src/main/java/io/geekidea/springbootplus/system/mapper/SysLogMapper.java

@@ -17,24 +17,26 @@
  * </p>
  *
  * @author geekidea
- * @since 2019-08-04
+ * @since 2019-10-05
  */
 @Repository
 public interface SysLogMapper extends BaseMapper<SysLog> {
 
     /**
      * 根据ID获取查询对象
+     *
      * @param id
      * @return
      */
     SysLogQueryVo getSysLogById(Serializable id);
 
     /**
      * 获取分页对象
+     *
      * @param page
-     * @param sysLogQueryParam
+     * @param SysLogQueryParam
      * @return
      */
-    IPage<SysLogQueryVo> getSysLogPageList(@Param("page") Page page, @Param("param") SysLogQueryParam sysLogQueryParam);
+    IPage<SysLogQueryVo> getSysLogPageList(@Param("page") Page page, @Param("param") SysLogQueryParam SysLogQueryParam);
 
 }