Merge remote-tracking branch 'origin/master'
# Conflicts: # system/system-service-impl/src/main/java/cn/iocoder/mall/admin/service/SmsYunPianPlatform.java
This commit is contained in:
sin
@@ -2,17 +2,12 @@ package cn.iocoder.mall.admin.convert;
|
||||
|
||||
import cn.iocoder.mall.admin.api.bo.oauth2.OAuth2AccessTokenBO;
|
||||
import cn.iocoder.mall.admin.api.bo.oauth2.OAuth2AuthenticationBO;
|
||||
import cn.iocoder.mall.admin.api.bo.oauth2.OAuth2AuthenticationOldBO;
|
||||
import cn.iocoder.mall.admin.dataobject.AdminRoleDO;
|
||||
import cn.iocoder.mall.admin.dataobject.OAuth2AccessTokenDO;
|
||||
import org.mapstruct.Mapper;
|
||||
import org.mapstruct.Mapping;
|
||||
import org.mapstruct.Mappings;
|
||||
import org.mapstruct.factory.Mappers;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
@Mapper
|
||||
public interface OAuth2Convert {
|
||||
|
||||
@@ -28,15 +23,8 @@ public interface OAuth2Convert {
|
||||
.setExpiresIn(Math.max((int) ((oauth2AccessTokenDO.getExpiresTime().getTime() - System.currentTimeMillis()) / 1000), 0));
|
||||
}
|
||||
|
||||
@Mappings({})
|
||||
OAuth2AuthenticationOldBO convertToAuthenticationOld(OAuth2AccessTokenDO oauth2AccessTokenDO);
|
||||
|
||||
@Mappings({})
|
||||
OAuth2AuthenticationBO convertToAuthentication(OAuth2AccessTokenDO oauth2AccessTokenDO);
|
||||
|
||||
default OAuth2AuthenticationOldBO convertToAuthenticationOld(OAuth2AccessTokenDO oauth2AccessTokenDO, List<AdminRoleDO> adminRoleDOs) {
|
||||
return convertToAuthenticationOld(oauth2AccessTokenDO)
|
||||
.setRoleIds(adminRoleDOs.stream().map(AdminRoleDO::getRoleId).collect(Collectors.toSet()));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -8,9 +8,16 @@ import org.springframework.stereotype.Repository;
|
||||
@Repository
|
||||
public interface OAuth2AccessTokenMapper extends BaseMapper<OAuth2AccessTokenDO> {
|
||||
|
||||
default int updateToInvalidByAdminId(Integer adminId) {
|
||||
default int updateToInvalid(Integer userId, Integer userType) {
|
||||
QueryWrapper<OAuth2AccessTokenDO> query = new QueryWrapper<OAuth2AccessTokenDO>()
|
||||
.eq("admin_id", adminId).eq("valid", true);
|
||||
.eq("user_id", userId).eq("user_type", userType)
|
||||
.eq("valid", true);
|
||||
return update(new OAuth2AccessTokenDO().setValid(false), query);
|
||||
}
|
||||
|
||||
default int updateToInvalidByRefreshToken(String refreshToken) {
|
||||
QueryWrapper<OAuth2AccessTokenDO> query = new QueryWrapper<OAuth2AccessTokenDO>()
|
||||
.eq("refresh_token", refreshToken).eq("valid", true);
|
||||
return update(new OAuth2AccessTokenDO().setValid(false), query);
|
||||
}
|
||||
|
||||
|
||||
@@ -8,9 +8,10 @@ import org.springframework.stereotype.Repository;
|
||||
@Repository
|
||||
public interface OAuth2RefreshTokenMapper extends BaseMapper<OAuth2RefreshTokenDO> {
|
||||
|
||||
default int updateToInvalidByAdminId(Integer adminId) {
|
||||
default int updateToInvalid(Integer userId, Integer userType) {
|
||||
QueryWrapper<OAuth2RefreshTokenDO> query = new QueryWrapper<OAuth2RefreshTokenDO>()
|
||||
.eq("admin_id", adminId).eq("valid", true);
|
||||
.eq("user_id", userId).eq("user_type", userType)
|
||||
.eq("valid", true);
|
||||
return update(new OAuth2RefreshTokenDO().setValid(false), query);
|
||||
}
|
||||
|
||||
|
||||
@@ -16,6 +16,7 @@ import cn.iocoder.mall.admin.api.constant.AdminConstants;
|
||||
import cn.iocoder.mall.admin.api.constant.AdminErrorCodeEnum;
|
||||
import cn.iocoder.mall.admin.api.dto.admin.*;
|
||||
import cn.iocoder.mall.admin.api.dto.oauth2.OAuth2CreateTokenDTO;
|
||||
import cn.iocoder.mall.admin.api.dto.oauth2.OAuth2RemoveTokenByUserDTO;
|
||||
import cn.iocoder.mall.admin.convert.AdminConvert;
|
||||
import cn.iocoder.mall.admin.dao.AdminMapper;
|
||||
import cn.iocoder.mall.admin.dao.AdminRoleMapper;
|
||||
@@ -96,9 +97,14 @@ public class AdminServiceImpl implements AdminService {
|
||||
@Override
|
||||
public Boolean updateAdmin(Integer adminId, AdminUpdateDTO adminUpdateDTO) {
|
||||
// 校验账号存在
|
||||
if (adminMapper.selectById(adminUpdateDTO.getId()) == null) {
|
||||
AdminDO admin = adminMapper.selectById(adminUpdateDTO.getId());
|
||||
if (admin == null) {
|
||||
throw ServiceExceptionUtil.exception(AdminErrorCodeEnum.ADMIN_USERNAME_NOT_REGISTERED.getCode());
|
||||
}
|
||||
if (AdminConstants.USERNAME_ADMIN.equals(admin.getUsername())
|
||||
|| AdminConstants.USERNAME_DEMO.equals(admin.getUsername())) { // 特殊账号,不允许编辑
|
||||
throw ServiceExceptionUtil.exception(AdminErrorCodeEnum.ADMIN_ADMIN_CAN_NOT_UPDATE.getCode());
|
||||
}
|
||||
// 校验账号唯一
|
||||
AdminDO usernameAdmin = adminMapper.selectByUsername(adminUpdateDTO.getUsername());
|
||||
if (usernameAdmin != null && !usernameAdmin.getId().equals(adminUpdateDTO.getId())) {
|
||||
@@ -120,7 +126,8 @@ public class AdminServiceImpl implements AdminService {
|
||||
if (admin == null) {
|
||||
throw ServiceExceptionUtil.exception(AdminErrorCodeEnum.ADMIN_USERNAME_NOT_REGISTERED.getCode());
|
||||
}
|
||||
if (AdminConstants.USERNAME_ADMIN.equals(admin.getUsername())) {
|
||||
if (AdminConstants.USERNAME_ADMIN.equals(admin.getUsername())
|
||||
|| AdminConstants.USERNAME_DEMO.equals(admin.getUsername())) { // 特殊账号,不允许编辑
|
||||
throw ServiceExceptionUtil.exception(AdminErrorCodeEnum.ADMIN_ADMIN_STATUS_CAN_NOT_UPDATE.getCode());
|
||||
}
|
||||
// 如果状态相同,则返回错误
|
||||
@@ -132,7 +139,7 @@ public class AdminServiceImpl implements AdminService {
|
||||
adminMapper.updateById(updateAdmin);
|
||||
// 如果是关闭管理员,则标记 token 失效。否则,管理员还可以继续蹦跶
|
||||
if (CommonStatusEnum.DISABLE.getValue().equals(adminUpdateStatusDTO.getStatus())) {
|
||||
oauth2Service.removeToken(adminUpdateStatusDTO.getId());
|
||||
oauth2Service.removeToken(new OAuth2RemoveTokenByUserDTO().setUserId(adminId).setUserType(UserTypeEnum.ADMIN.getValue()));
|
||||
}
|
||||
// TODO 插入操作日志
|
||||
// 返回成功
|
||||
@@ -234,8 +241,11 @@ public class AdminServiceImpl implements AdminService {
|
||||
}
|
||||
}
|
||||
}
|
||||
// 获得用户
|
||||
AdminDO admin = adminMapper.selectById(adminId);
|
||||
// 返回成功
|
||||
return new AdminAuthorizationBO().setId(adminId).setRoleIds(adminRoleIds);
|
||||
return new AdminAuthorizationBO().setId(adminId).setUsername(admin.getUsername())
|
||||
.setRoleIds(adminRoleIds);
|
||||
}
|
||||
|
||||
private String encodePassword(String password) {
|
||||
|
||||
@@ -7,6 +7,8 @@ import cn.iocoder.mall.admin.api.bo.oauth2.OAuth2AuthenticationBO;
|
||||
import cn.iocoder.mall.admin.api.constant.AdminErrorCodeEnum;
|
||||
import cn.iocoder.mall.admin.api.dto.oauth2.OAuth2CreateTokenDTO;
|
||||
import cn.iocoder.mall.admin.api.dto.oauth2.OAuth2GetTokenDTO;
|
||||
import cn.iocoder.mall.admin.api.dto.oauth2.OAuth2RefreshTokenDTO;
|
||||
import cn.iocoder.mall.admin.api.dto.oauth2.OAuth2RemoveTokenByUserDTO;
|
||||
import cn.iocoder.mall.admin.convert.OAuth2Convert;
|
||||
import cn.iocoder.mall.admin.dao.OAuth2AccessTokenMapper;
|
||||
import cn.iocoder.mall.admin.dao.OAuth2RefreshTokenMapper;
|
||||
@@ -59,17 +61,37 @@ public class OAuth2ServiceImpl implements OAuth2Service {
|
||||
return OAuth2Convert.INSTANCE.convertToAccessTokenWithExpiresIn(oauth2AccessTokenDO);
|
||||
}
|
||||
|
||||
/**
|
||||
* 移除管理员对应的 Token
|
||||
*
|
||||
* @param adminId 管理员编号
|
||||
*/
|
||||
@Override
|
||||
@Transactional
|
||||
public void removeToken(Integer adminId) {
|
||||
public void removeToken(OAuth2RemoveTokenByUserDTO oauth2RemoveTokenByUserDTO) {
|
||||
Integer userId = oauth2RemoveTokenByUserDTO.getUserId();
|
||||
Integer userType = oauth2RemoveTokenByUserDTO.getUserType();
|
||||
// 设置 access token 失效
|
||||
oauth2AccessTokenMapper.updateToInvalidByAdminId(adminId);
|
||||
oauth2AccessTokenMapper.updateToInvalid(userId, userType);
|
||||
// 设置 refresh token 失效
|
||||
oauth2RefreshTokenMapper.updateToInvalidByAdminId(adminId);
|
||||
oauth2RefreshTokenMapper.updateToInvalid(userId, userType);
|
||||
}
|
||||
|
||||
@Override
|
||||
public OAuth2AccessTokenBO refreshToken(OAuth2RefreshTokenDTO oauth2RefreshTokenDTO) {
|
||||
OAuth2RefreshTokenDO refreshTokenDO = oauth2RefreshTokenMapper.selectById(oauth2RefreshTokenDTO.getRefreshToken());
|
||||
// 校验刷新令牌是否合法
|
||||
if (refreshTokenDO == null) { // 不存在
|
||||
throw ServiceExceptionUtil.exception(AdminErrorCodeEnum.OAUTH_INVALID_REFRESH_TOKEN_NOT_FOUND.getCode());
|
||||
}
|
||||
if (refreshTokenDO.getExpiresTime().getTime() < System.currentTimeMillis()) { // 已过期
|
||||
throw ServiceExceptionUtil.exception(AdminErrorCodeEnum.OAUTH_INVALID_REFRESH_TOKEN_EXPIRED.getCode());
|
||||
}
|
||||
if (!refreshTokenDO.getValid()) { // 无效
|
||||
throw ServiceExceptionUtil.exception(AdminErrorCodeEnum.OAUTH_INVALID_REFRESH_TOKEN_INVALID.getCode());
|
||||
}
|
||||
// 标记 refreshToken 对应的 accessToken 都不合法
|
||||
oauth2AccessTokenMapper.updateToInvalidByRefreshToken(oauth2RefreshTokenDTO.getRefreshToken());
|
||||
// 创建访问令牌
|
||||
OAuth2AccessTokenDO oauth2AccessTokenDO = createOAuth2AccessToken(refreshTokenDO.getUserId(), refreshTokenDO.getUserType(),
|
||||
refreshTokenDO.getId());
|
||||
// 转换返回
|
||||
return OAuth2Convert.INSTANCE.convertToAccessTokenWithExpiresIn(oauth2AccessTokenDO);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@@ -1,5 +0,0 @@
|
||||
/**
|
||||
* @author Sin
|
||||
* @time 2019/5/16 10:52 AM
|
||||
*/
|
||||
package cn.iocoder.mall.admin;
|
||||
Reference in New Issue
Block a user