All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.dromara.jpom.service.user.UserService Maven / Gradle / Ivy

There is a newer version: 2.11.9
Show newest version
/*
 * The MIT License (MIT)
 *
 * Copyright (c) 2019 Code Technology Studio
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy of
 * this software and associated documentation files (the "Software"), to deal in
 * the Software without restriction, including without limitation the rights to
 * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
 * the Software, and to permit persons to whom the Software is furnished to do so,
 * subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in all
 * copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
 * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
 * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
 * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 */
package org.dromara.jpom.service.user;

import cn.hutool.core.collection.CollUtil;
import cn.hutool.core.date.SystemClock;
import cn.hutool.core.util.RandomUtil;
import cn.hutool.core.util.StrUtil;
import cn.hutool.crypto.SecureUtil;
import cn.hutool.db.Entity;
import org.dromara.jpom.common.ServerConst;
import org.dromara.jpom.model.dto.UserLoginDto;
import org.dromara.jpom.model.user.UserModel;
import org.dromara.jpom.service.h2db.BaseDbService;
import org.dromara.jpom.util.JwtUtil;
import org.dromara.jpom.util.TwoFactorAuthUtils;
import org.springframework.stereotype.Service;
import org.springframework.util.Assert;

import java.util.List;

/**
 * @author bwcx_jzy
 * @since 2021/12/3
 */
@Service
public class UserService extends BaseDbService {

    /**
     * 是否需要初始化
     *
     * @return true 有系统管理员账号,系统可以正常使用
     */
    public boolean canUse() {
        UserModel userModel = new UserModel();
        userModel.setSystemUser(1);
        return super.exists(userModel);
    }

    @Override
    protected void fillSelectResult(UserModel data) {
        if (data == null) {
            return;
        }
        data.setSalt(null);
        data.setPassword(null);
        data.setTwoFactorAuthKey(null);
    }

    /**
     * 生成 随机盐值
     *
     * @return 随机盐值
     */
    public synchronized String generateSalt() {
        while (true) {
            String salt = RandomUtil.randomString(UserModel.SALT_LEN);
            UserModel userModel = new UserModel();
            userModel.setSalt(salt);
            boolean exists = super.exists(userModel);
            if (exists) {
                continue;
            }
            return salt + StrUtil.DASHED + SystemClock.now();
        }
    }

    /**
     * 验证用户md5
     *
     * @param userMd5 用户md5
     * @return userModel 用户对象
     */
    public UserModel checkUser(String userMd5) {
        UserModel userModel = new UserModel();
        userModel.setPassword(userMd5);
        return super.queryByBean(userModel);
    }

    /**
     * 查询用户 jwt id
     *
     * @param userModel 用户
     * @return jwt id
     */
    public UserLoginDto getUserJwtId(UserModel userModel) {
        // 判断是否禁用
        Integer status = userModel.getStatus();
        Assert.state(status == null || status == 1, ServerConst.ACCOUNT_LOCKED_TIP);
        String id = userModel.getId();
        String sql = "select password from " + this.tableName + " where id=?";
        List query = super.query(sql, id);
        Entity first = CollUtil.getFirst(query);
        Assert.notEmpty(first, "没有对应的用户信息");
        String password = (String) first.get("password");
        Assert.hasText(password, "没有对应的用户信息");
        return new UserLoginDto(JwtUtil.builder(userModel, password), password);
    }

    /**
     * 当前系统中的系统管理员的数量
     *
     * @return int
     */
    public long systemUserCount() {
        UserModel userModel = new UserModel();
        userModel.setSystemUser(1);
        return super.count(super.dataBeanToEntity(userModel));
    }

    /**
     * 修改密码
     *
     * @param id     账号ID
     * @param newPwd 新密码
     */
    public void updatePwd(String id, String newPwd) {
        String salt = this.generateSalt();
        UserModel userModel = UserModel.unLock(id);
        //		userModel.setId(id);
        userModel.setSalt(salt);
        userModel.setPassword(SecureUtil.sha1(newPwd + salt));
        super.updateById(userModel);
    }

    /**
     * 用户登录
     *
     * @param name 用户名
     * @param pwd  密码
     * @return 登录
     */
    public UserModel simpleLogin(String name, String pwd) {
        UserModel userModel = super.getByKey(name, false);
        if (userModel == null) {
            return null;
        }
        String obj = SecureUtil.sha1(pwd + userModel.getSalt());
        if (StrUtil.equals(obj, userModel.getPassword())) {
            super.fillSelectResult(userModel);
            return userModel;
        }
        return null;
    }

    /**
     * 重置超级管理账号密码
     *
     * @return 新密码
     */
    public String restSuperUserPwd() {
        UserModel userModel = new UserModel();
        userModel.setParent(UserModel.SYSTEM_ADMIN);
        UserModel queryByBean = super.queryByBean(userModel);
        if (queryByBean == null) {
            return null;
        }
        String newPwd = RandomUtil.randomString(UserModel.SALT_LEN);
        this.updatePwd(queryByBean.getId(), SecureUtil.sha1(newPwd));
        return StrUtil.format("重置超级管理员账号密码成功,登录账号为:{} 新密码为:{}", queryByBean.getId(), newPwd);
    }

    /**
     * 关闭超级管理账号 mfa
     *
     * @return 新密码
     */
    public String closeSuperUserMfa() {
        UserModel where = new UserModel();
        where.setParent(UserModel.SYSTEM_ADMIN);
        UserModel update = new UserModel();
        update.setTwoFactorAuthKey(StrUtil.EMPTY);
        int count = super.update(super.dataBeanToEntity(update), super.dataBeanToEntity(where));
        return StrUtil.format("成功关闭超级管理员账号 mfa 验证:{} ", count);
    }

    /**
     * 是否包含 demo 账号
     *
     * @return true
     */
    public boolean hasDemoUser() {
        UserModel userModel = new UserModel();
        userModel.setId(UserModel.DEMO_USER);
        return super.exists(userModel);
    }

    /**
     * 判断是否绑定 两步验证 mfa
     *
     * @param useId 用户ID
     * @return false 没有绑定
     */
    public boolean hasBindMfa(String useId) {
        UserModel byKey = super.getByKey(useId, false);
        Assert.notNull(byKey, "用户不存在");
        return !StrUtil.isEmpty(byKey.getTwoFactorAuthKey()) && !StrUtil.equals(byKey.getTwoFactorAuthKey(), "ignore");
    }

    /**
     * 绑定 两步验证 mfa
     *
     * @param useId 用户ID
     * @param mfa   mfa key
     */
    public void bindMfa(String useId, String mfa) {
        UserModel byKey = new UserModel();
        byKey.setId(useId);
        byKey.setTwoFactorAuthKey(mfa);
        super.updateById(byKey);
    }

    /**
     * 判断验证码是否正确
     *
     * @param userId 用户ID
     * @param code   验证码
     * @return true 正确
     */
    public boolean verifyMfaCode(String userId, String code) {
        UserModel byKey = super.getByKey(userId, false);
        Assert.notNull(byKey, "用户不存在");
        if (StrUtil.isEmpty(byKey.getTwoFactorAuthKey()) || StrUtil.equals(byKey.getTwoFactorAuthKey(), "ignore")) {
            throw new IllegalStateException("当前账号没有开启两步验证");
        }
        return TwoFactorAuthUtils.validateTFACode(byKey.getTwoFactorAuthKey(), code);
    }
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy