登录重构

pom.xml

@@ -16,33 +16,31 @@
         <module>yami-shop-service</module>
         <module>yami-shop-security</module>
         <module>yami-shop-quartz</module>
-        <module>yami-shop-mp</module>
     </modules>
 
     <properties>
         <yami.shop.version>0.0.1-SNAPSHOT</yami.shop.version>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
         <maven.compiler.plugin.version>3.7.0</maven.compiler.plugin.version>
-        <spring-boot.version>2.3.6.RELEASE</spring-boot.version>
-        <security.oauth.auto.version>2.3.4.RELEASE</security.oauth.auto.version>
+        <spring-boot.version>2.3.12.RELEASE</spring-boot.version>
         <java.version>1.8</java.version>
         <guava.version>28.2-jre</guava.version>
-        <hutool.version>4.5.0</hutool.version>
+        <hutool.version>5.7.15</hutool.version>
         <jsoup.version>1.11.3</jsoup.version>
         <poi.version>3.17</poi.version>
         <qiniu.version>7.2.18</qiniu.version>
         <weixin.version>3.5.0</weixin.version>
         <orika.version>1.5.4</orika.version>
         <swagger2.version>2.9.2</swagger2.version>
-        <swagger-bootstrap.version>1.9.3</swagger-bootstrap.version>
+        <swagger-bootstrap.version>1.9.6</swagger-bootstrap.version>
         <emoji.version>4.0.0</emoji.version>
         <aliyun-core.version>4.3.9</aliyun-core.version>
         <aliyun-dysmsapi.version>1.1.0</aliyun-dysmsapi.version>
         <mybatis-plus.version>3.1.0</mybatis-plus.version>
-        <redisson.version>3.10.6</redisson.version>
-        <fst.version>2.57</fst.version>
-
+        <redisson.version>3.12.5</redisson.version>
+        <kryo.version>4.0.2</kryo.version>
+        <transmittable-thread-local.version>2.12.1</transmittable-thread-local.version>
         <log4j.version>2.17.1</log4j.version>
     </properties>
 
@@ -55,11 +53,6 @@
                 <type>pom</type>
                 <scope>import</scope>
             </dependency>
-            <dependency>
-                <groupId>org.springframework.security.oauth.boot</groupId>
-                <artifactId>spring-security-oauth2-autoconfigure</artifactId>
-                <version>${security.oauth.auto.version}</version>
-            </dependency>
             <dependency>
                 <groupId>com.github.binarywang</groupId>
                 <artifactId>weixin-java-pay</artifactId>
@@ -138,9 +131,9 @@
             </dependency>
             <!-- 用于序列化和反序列化-->
             <dependency>
-                <groupId>de.ruedigermoeller</groupId>
-                <artifactId>fst</artifactId>
-                <version>${fst.version}</version>
+                <groupId>com.esotericsoftware</groupId>
+                <artifactId>kryo</artifactId>
+                <version>${kryo.version}</version>
             </dependency>
             <dependency>
                 <groupId>org.apache.logging.log4j</groupId>
@@ -157,6 +150,11 @@
                 <artifactId>log4j-api</artifactId>
                 <version>${log4j.version}</version>
             </dependency>
+            <dependency>
+                <groupId>com.alibaba</groupId>
+                <artifactId>transmittable-thread-local</artifactId>
+                <version>${transmittable-thread-local.version}</version>
+            </dependency>
         </dependencies>
     </dependencyManagement>
 
@@ -199,6 +197,15 @@
                     <encoding>${project.build.sourceEncoding}</encoding>
                 </configuration>
             </plugin>
+            <plugin>
+                <groupId>org.springframework.boot</groupId>
+                <artifactId>spring-boot-maven-plugin</artifactId>
+                <configuration>
+                    <layers>
+                        <enabled>true</enabled>
+                    </layers>
+                </configuration>
+            </plugin>
         </plugins>
     </build>
 

yami-shop-admin/pom.xml

@@ -7,7 +7,6 @@
         <groupId>com.yami.shop</groupId>
         <artifactId>yami-shop</artifactId>
         <version>0.0.1-SNAPSHOT</version>
-        <relativePath>../pom.xml</relativePath>
     </parent>
 
 
@@ -29,19 +28,14 @@
        </dependency>
         <dependency>
             <groupId>com.yami.shop</groupId>
-            <artifactId>yami-shop-security</artifactId>
+            <artifactId>yami-shop-security-admin</artifactId>
             <version>${yami.shop.version}</version>
         </dependency>
         <dependency>
             <groupId>com.yami.shop</groupId>
             <artifactId>yami-shop-quartz</artifactId>
             <version>${yami.shop.version}</version>
         </dependency>
-        <dependency>
-            <groupId>com.yami.shop</groupId>
-            <artifactId>yami-shop-mp</artifactId>
-            <version>${yami.shop.version}</version>
-        </dependency>
     </dependencies>
 
 

yami-shop-admin/src/main/java/com/yami/shop/admin/controller/AdminLoginController.java

@@ -0,0 +1,129 @@
+/*
+ * Copyright (c) 2018-2999 广州市蓝海创新科技有限公司 All rights reserved.
+ *
+ * https://www.mall4j.com/
+ *
+ * 未经允许，不可做商业用途！
+ *
+ * 版权所有，侵权必究！
+ */
+package com.yami.shop.admin.controller;
+
+import cn.hutool.core.util.StrUtil;
+import com.anji.captcha.model.common.ResponseModel;
+import com.anji.captcha.model.vo.CaptchaVO;
+import com.anji.captcha.service.CaptchaService;
+import com.baomidou.mybatisplus.core.toolkit.Wrappers;
+import com.yami.shop.common.exception.YamiShopBindException;
+import com.yami.shop.security.admin.dto.CaptchaAuthenticationDTO;
+import com.yami.shop.security.common.bo.UserInfoInTokenBO;
+import com.yami.shop.security.common.enums.SysTypeEnum;
+import com.yami.shop.security.common.manager.PasswordCheckManager;
+import com.yami.shop.security.common.manager.PasswordManager;
+import com.yami.shop.security.common.manager.TokenStore;
+import com.yami.shop.security.common.vo.TokenInfoVO;
+import com.yami.shop.sys.constant.Constant;
+import com.yami.shop.sys.model.SysMenu;
+import com.yami.shop.sys.model.SysUser;
+import com.yami.shop.sys.service.SysMenuService;
+import com.yami.shop.sys.service.SysUserService;
+import io.swagger.annotations.Api;
+import io.swagger.annotations.ApiOperation;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RestController;
+
+import javax.validation.Valid;
+import java.util.Arrays;
+import java.util.List;
+import java.util.Objects;
+import java.util.Set;
+import java.util.stream.Collectors;
+
+/**
+ * @author FrozenWatermelon
+ * @date 2020/6/30
+ */
+@RestController
+@Api(tags = "登录")
+public class AdminLoginController {
+
+    @Autowired
+    private TokenStore tokenStore;
+
+    @Autowired
+    private SysUserService sysUserService;
+
+    @Autowired
+    private SysMenuService sysMenuService;
+
+    @Autowired
+    private PasswordCheckManager passwordCheckManager;
+
+    @Autowired
+    private CaptchaService captchaService;
+
+    @Autowired
+    private PasswordManager passwordManager;
+
+    @PostMapping("/adminLogin")
+    @ApiOperation(value = "账号密码 + 验证码登录(用于后台登录)", notes = "通过账号/手机号/用户名密码登录")
+    public ResponseEntity<?> login(
+            @Valid @RequestBody CaptchaAuthenticationDTO captchaAuthenticationDTO) {
+        // 登陆后台登录需要再校验一遍验证码
+        CaptchaVO captchaVO = new CaptchaVO();
+        captchaVO.setCaptchaVerification(captchaAuthenticationDTO.getCaptchaVerification());
+        ResponseModel response = captchaService.verification(captchaVO);
+        if (!response.isSuccess()) {
+            return ResponseEntity.badRequest().body("验证码有误或已过期");
+        }
+
+        SysUser sysUser = sysUserService.getByUserName(captchaAuthenticationDTO.getUserName());
+        if (sysUser == null) {
+            throw new YamiShopBindException("账号或密码不正确");
+        }
+
+        // 半小时内密码输入错误十次，已限制登录30分钟
+        String decryptPassword = passwordManager.decryptPassword(captchaAuthenticationDTO.getPassWord());
+        passwordCheckManager.checkPassword(SysTypeEnum.ADMIN,captchaAuthenticationDTO.getUserName(), decryptPassword, sysUser.getPassword());
+
+        // 不是店铺超级管理员，并且是禁用状态，无法登录
+        if (Objects.equals(sysUser.getStatus(),0)) {
+            // 未找到此用户信息
+            throw new YamiShopBindException("未找到此用户信息");
+        }
+
+        UserInfoInTokenBO userInfoInToken = new UserInfoInTokenBO();
+        userInfoInToken.setUserId(String.valueOf(sysUser.getUserId()));
+        userInfoInToken.setSysType(SysTypeEnum.ADMIN.value());
+        userInfoInToken.setEnabled(sysUser.getStatus() == 1);
+        userInfoInToken.setPerms(getUserPermissions(sysUser.getUserId()));
+        userInfoInToken.setNickName(sysUser.getUsername());
+        userInfoInToken.setShopId(sysUser.getShopId());
+        // 存储token返回vo
+        TokenInfoVO tokenInfoVO = tokenStore.storeAndGetVo(userInfoInToken);
+        return ResponseEntity.ok(tokenInfoVO);
+    }
+
+
+    private Set<String> getUserPermissions(Long userId) {
+        List<String> permsList;
+
+        //系统管理员，拥有最高权限
+        if(userId == Constant.SUPER_ADMIN_ID){
+            List<SysMenu> menuList = sysMenuService.list(Wrappers.emptyWrapper());
+            permsList = menuList.stream().map(SysMenu::getPerms).collect(Collectors.toList());
+        }else{
+            permsList = sysUserService.queryAllPerms(userId);
+        }
+        return permsList.stream().flatMap((perms)->{
+                    if (StrUtil.isBlank(perms)) {
+                        return null;
+                    }
+                    return Arrays.stream(perms.trim().split(StrUtil.COMMA));
+                }
+        ).collect(Collectors.toSet());
+    }
+}

yami-shop-admin/src/main/java/com/yami/shop/admin/controller/AttributeController.java

@@ -10,31 +10,20 @@
 
 package com.yami.shop.admin.controller;
 
-import java.util.Objects;
-
-import javax.validation.Valid;
-
+import com.baomidou.mybatisplus.core.metadata.IPage;
+import com.yami.shop.bean.enums.ProdPropRule;
+import com.yami.shop.bean.model.ProdProp;
+import com.yami.shop.common.exception.YamiShopBindException;
 import com.yami.shop.common.util.PageParam;
-import com.yami.shop.common.enums.YamiHttpStatus;
-
-import com.yami.shop.security.util.SecurityUtils;
+import com.yami.shop.security.admin.util.SecurityUtils;
+import com.yami.shop.service.ProdPropService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.prepost.PreAuthorize;
-import org.springframework.web.bind.annotation.DeleteMapping;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PathVariable;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.PutMapping;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
-
+import org.springframework.web.bind.annotation.*;
 
-import com.yami.shop.bean.enums.ProdPropRule;
-import com.yami.shop.bean.model.ProdProp;
-import com.yami.shop.common.exception.YamiShopBindException;
-import com.yami.shop.service.ProdPropService;
-import com.baomidou.mybatisplus.core.metadata.IPage;
+import javax.validation.Valid;
+import java.util.Objects;
 
 /**
  * 参数管理

yami-shop-admin/src/main/java/com/yami/shop/admin/controller/CategoryController.java

@@ -10,34 +10,20 @@
 
 package com.yami.shop.admin.controller;
 
-import java.util.Date;
-import java.util.List;
-import java.util.Objects;
-
-
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
+import com.yami.shop.bean.model.Category;
+import com.yami.shop.common.annotation.SysLog;
 import com.yami.shop.common.exception.YamiShopBindException;
-import com.yami.shop.security.util.SecurityUtils;
+import com.yami.shop.security.admin.util.SecurityUtils;
+import com.yami.shop.service.CategoryService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.prepost.PreAuthorize;
-import org.springframework.web.bind.annotation.DeleteMapping;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PathVariable;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.PutMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
 
-
-import com.yami.shop.bean.model.Category;
-import com.yami.shop.common.annotation.SysLog;
-import com.yami.shop.service.BrandService;
-import com.yami.shop.service.CategoryService;
-import com.yami.shop.service.ProdPropService;
-
-import cn.hutool.core.collection.CollectionUtil;
+import java.util.Date;
+import java.util.List;
+import java.util.Objects;
 
 
 

yami-shop-admin/src/main/java/com/yami/shop/admin/controller/HotSearchController.java

@@ -10,34 +10,21 @@
 
 package com.yami.shop.admin.controller;
 
-import javax.validation.Valid;
-import java.util.Date;
-import java.util.List;
-
-
 import cn.hutool.core.util.StrUtil;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
-import com.yami.shop.security.util.SecurityUtils;
+import com.baomidou.mybatisplus.core.metadata.IPage;
+import com.yami.shop.bean.model.HotSearch;
+import com.yami.shop.common.util.PageParam;
+import com.yami.shop.security.admin.util.SecurityUtils;
+import com.yami.shop.service.HotSearchService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.prepost.PreAuthorize;
-import org.springframework.web.bind.annotation.DeleteMapping;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PathVariable;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.PutMapping;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RestController;
-import com.yami.shop.common.util.PageParam;
-import com.baomidou.mybatisplus.core.metadata.IPage;
-
-
-
-
+import org.springframework.web.bind.annotation.*;
 
-import com.yami.shop.service.HotSearchService;
-import com.yami.shop.bean.model.HotSearch;
+import javax.validation.Valid;
+import java.util.Date;
+import java.util.List;
 
 /**
  *

yami-shop-admin/src/main/java/com/yami/shop/admin/controller/IndexImgController.java

@@ -15,7 +15,7 @@
 import com.yami.shop.bean.model.IndexImg;
 import com.yami.shop.bean.model.Product;
 import com.yami.shop.common.util.PageParam;
-import com.yami.shop.security.util.SecurityUtils;
+import com.yami.shop.security.admin.util.SecurityUtils;
 import com.yami.shop.service.IndexImgService;
 import com.yami.shop.service.ProductService;
 import org.springframework.beans.factory.annotation.Autowired;