分布式环境激活码问题解决

Signed-off-by: TanYibin <5491541@qq.com>

分布式环境激活码问题解决
Signed-off-by: TanYibin <5491541@qq.com>
谭毅彬
1 parent 1e6b8a96
Showing 7 changed files with 87 additions and 84 deletions
ant-design-vue-jeecg/src/views/user/modules/SystemActivationModal.vue
huaheng-wms-core/src/main/java/org/jeecg/modules/system/controller/LoginController.java
huaheng-wms-core/src/main/java/org/jeecg/utils/HuahengJwtUtil.java
huaheng-wms-core/src/main/java/org/jeecg/utils/HuahengRedisUtil.java
huaheng-wms-core/src/main/resources/application-dev.yml
huaheng-wms-core/src/main/resources/application-prod.yml
huaheng-wms-core/src/main/resources/application-test.yml
@@ -2,12 +2,7 @@
   <div class="main">
     <a-form-model class="user-layout-login" @keyup.enter.native="handleSubmit" :model="model" :rules="validatorRules">
       <a-tabs :activeKey="customActiveKey" :tabBarStyle="{ textAlign: 'center', borderBottom: 'unset' }" @change="handleTabClick">
-        <a-tab-pane key="tab1" tab="激活码授权">
-          <!-- <login-account ref="alogin" @validateFail="validateFail" @success="requestSuccess" @fail="requestFailed"></login-account> -->
-        </a-tab-pane>
-               <!-- <a-tab-pane key="tab2" tab="手机号登录">
-                 <login-phone ref="plogin" @validateFail="validateFail" @success="requestSuccess" @fail="requestFailed"></login-phone>
-               </a-tab-pane> -->
+        <a-tab-pane key="tab1" tab="激活码授权"/>
       </a-tabs>
       <a-form-model-item>
         <a-input size="large" v-model="model.activationCode" autocomplete="false" placeholder="请输入激活码"/>
@@ -18,12 +13,9 @@
       </a-form-item>
     </a-form-model>
     <two-step-captcha v-if="requiredTwoStepCaptcha" :visible="stepCaptchaVisible" @success="stepCaptchaSuccess" @cancel="stepCaptchaCancel"></two-step-captcha>
-    <!-- <login-select-tenant ref="loginSelect" @success="loginSelectOk"></login-select-tenant> -->
-    <!--    <third-login ref="thirdLogin"></third-login>-->
   </div>
 </template>
  
-
 <script>
 import Vue from 'vue'
 import {ACCESS_TOKEN, ENCRYPTED_STRING} from '@/store/mutation-types'
@@ -51,11 +43,6 @@ export default {
       model: {
         activationCode: ''
       },
-      validatorRules: {
-        activationCode: [{
-          required: true, message: '请输入激活码', validator: 'click'
-        }],
-      }
     }
   },
   created() {
@@ -79,27 +66,6 @@ export default {
         }
       })
     },
-    // 验证字段
-    validateFields(arr, callback) {
-      let promiseArray = []
-      for (let item of arr) {
-        let p = new Promise((resolve, reject) => {
-          this.$refs['form'].validateField(item, (err) => {
-            if (!err) {
-              resolve();
-            } else {
-              reject(err);
-            }
-          })
-        });
-        promiseArray.push(p)
-      }
-      Promise.all(promiseArray).then(() => {
-        callback()
-      }).catch(err => {
-        callback(err)
-      })
-    },
     //验证激活码
     handleSubmit() {
       this.loginBtn = true;
@@ -110,13 +76,11 @@ export default {
       this.$router.push({path: "/user/login"});
       this.$notification.success({
         message: '激活成功，请重新登录',
-        // description: `${timeFix()}，欢迎回来`,
       });
     },
     systemActivationSuccessError(message) {
       this.$notification.error({
         message: message,
-        // description: `${timeFix()}，欢迎回来`,
       });
       this.loginBtn = false;
     },
 package org.jeecg.modules.system.controller;
  
 import java.io.File;
+import java.io.FileInputStream;
 import java.io.FileOutputStream;
 import java.io.IOException;
 import java.util.ArrayList;
@@ -14,6 +15,7 @@ import java.util.Map;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
  
+import org.apache.commons.io.IOUtils;
 import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.constant.CacheConstant;
@@ -41,8 +43,8 @@ import org.jeecg.modules.system.service.ISysTenantService;
 import org.jeecg.modules.system.service.ISysUserService;
 import org.jeecg.modules.system.util.RandImageUtil;
 import org.jeecg.utils.HuahengJwtUtil;
+import org.jeecg.utils.HuahengRedisUtil;
 import org.jeecg.utils.StringUtils;
-import org.jeecg.utils.support.ApiAuthentication;
 import org.jeecg.utils.support.SystemRSA256Key;
 import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -67,6 +69,7 @@ import com.auth0.jwt.JWT;
 import com.auth0.jwt.JWTVerifier;
 import com.auth0.jwt.algorithms.Algorithm;
 import com.auth0.jwt.exceptions.JWTVerificationException;
+import com.auth0.jwt.exceptions.TokenExpiredException;
 import com.auth0.jwt.interfaces.DecodedJWT;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.toolkit.IdWorker;
@@ -111,6 +114,9 @@ public class LoginController {
  
     @Autowired
     private BaseCommonService baseCommonService;
+    
+    @Autowired
+    private HuahengRedisUtil huahengRedisUtil;
  
     @ApiOperation("登录接口")
     @RequestMapping(value = "/login", method = RequestMethod.POST)
@@ -163,10 +169,10 @@ public class LoginController {
             return result;
         }
         // 激活信息认证
-//        result = HuahengJwtUtil.checkSystemActivationCode();
-//        if (!result.isSuccess()) {
-//            return result;
-//        }
+        result = this.checkSystemActivationCode();
+        if (!result.isSuccess()) {
+            return result;
+        }
         // 用户登录信息
         result = userInfo(sysUser, warehouseCode);
         // update-begin--Author:liusq Date:20210126 for：登录成功，删除redis中的验证码
@@ -193,16 +199,15 @@ public class LoginController {
             JWTVerifier verifier =
                 JWT.require(algorithm).withClaim("operator", HuahengJwtUtil.HUAHENG_SYSTEM_ID).withIssuer(HuahengJwtUtil.HUAHENG_SYSTEM_ID).build();
             DecodedJWT jwt = verifier.verify(systemActivationModel.getActivationCode());
-            new ApiAuthentication.ApiAuthenticationBuild().operator(jwt.getClaim("operator").asString()).audience(jwt.getAudience().get(0)).issuer(jwt.getIssuer())
-                .issuedAt(jwt.getIssuedAt()).expireDateTime(jwt.getExpiresAt()).bulid();
-
             // 验证通过写入文件
             File file = new File(System.getProperties().getProperty("user.dir") + File.separatorChar + HuahengJwtUtil.SYSTEM_ACTIVATION_CODE_FILE_NAME);
             outputStream = new FileOutputStream(file, false);
             FileCopyUtils.copy(systemActivationModel.getActivationCode().getBytes(), outputStream);
+            // 验证通过写入Redis
+            huahengRedisUtil.setWithNoExpirationTime(HuahengJwtUtil.SYSTEM_ACTIVATION_CODE_KEY, systemActivationModel.getActivationCode());
         } catch (JWTVerificationException e) {
             log.error(e.getMessage());
-            result.error500("激活失败");
+            result.error500("系统激活码无效");
             return result;
         } finally {
             if (outputStream != null) {
@@ -212,6 +217,58 @@ public class LoginController {
         result.setMessage("激活成功");
         return result;
     }
+    
+    private Result<JSONObject> checkSystemActivationCode() throws IOException {
+        Result<JSONObject> result = new Result<JSONObject>();
+        FileInputStream inputStream = null;
+        FileOutputStream outputStream = null;
+        try {
+            String activationCode = null;
+            File file = new File(System.getProperties().getProperty("user.dir") + File.separatorChar + HuahengJwtUtil.SYSTEM_ACTIVATION_CODE_FILE_NAME);
+            if (file.exists()) {
+                inputStream = new FileInputStream(file);
+                activationCode = IOUtils.toString(inputStream, "utf-8");
+            }
+            String redisActivationCode = huahengRedisUtil.get(HuahengJwtUtil.SYSTEM_ACTIVATION_CODE_KEY, String.class);
+            // 文件激活码为空或redis中的激活码与文件中的激活码不一致，更新文件激活码
+            if (!StringUtils.isEmpty(redisActivationCode) && (StringUtils.isEmpty(activationCode) || !activationCode.equals(redisActivationCode))) {
+                activationCode = redisActivationCode;
+                outputStream = new FileOutputStream(file, false);
+                FileCopyUtils.copy(activationCode.getBytes(), outputStream);
+            }
+            if (StringUtils.isEmpty(activationCode)) {
+                result.setSuccess(false);
+                result.setCode(499);
+                result.setMessage("系统激活码无效");
+                return result;
+            }
+            // 验证激活码
+            Algorithm algorithm = Algorithm.RSA256(new SystemRSA256Key().getPublicKey(), new SystemRSA256Key().getPrivateKey());
+            JWTVerifier verifier =
+                JWT.require(algorithm).withClaim("operator", HuahengJwtUtil.HUAHENG_SYSTEM_ID).withIssuer(HuahengJwtUtil.HUAHENG_SYSTEM_ID).build();
+            DecodedJWT jwt = verifier.verify(activationCode);
+            // 如果redis中不存在激活码 则写入redis
+            if (StringUtils.isEmpty(redisActivationCode) || !redisActivationCode.equals(activationCode)) {
+                huahengRedisUtil.setWithNoExpirationTime(HuahengJwtUtil.SYSTEM_ACTIVATION_CODE_KEY, activationCode);
+            }
+        } catch (TokenExpiredException e) {
+            result.setSuccess(false);
+            result.setCode(499);
+            result.setMessage("系统激活码使用期限已到期");
+        } catch (Exception e) {
+            result.setSuccess(false);
+            result.setCode(499);
+            result.setMessage("系统激活码无效");
+        } finally {
+            if (inputStream != null) {
+                inputStream.close();
+            }
+            if (outputStream != null) {
+                outputStream.close();
+            }
+        }
+        return result;
+    }
  
     @Bean
     public ResourceLoader createResourceLoader() {
 package org.jeecg.utils;
  
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.io.InputStream;
 import java.lang.reflect.Field;
 import java.util.Arrays;
 import java.util.Date;
@@ -12,9 +8,7 @@ import java.util.UUID;
  
 import javax.servlet.http.HttpServletRequest;
  
-import org.apache.commons.io.IOUtils;
 import org.apache.shiro.SecurityUtils;
-import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.exception.JeecgBootException;
 import org.jeecg.common.system.vo.LoginUser;
 import org.jeecg.common.util.oConvertUtils;
@@ -25,12 +19,10 @@ import org.jeecg.utils.support.SystemRSA256Key;
 import org.springframework.stereotype.Component;
 import org.springframework.util.CollectionUtils;
  
-import com.alibaba.fastjson.JSONObject;
 import com.auth0.jwt.JWT;
 import com.auth0.jwt.JWTVerifier;
 import com.auth0.jwt.algorithms.Algorithm;
 import com.auth0.jwt.exceptions.JWTDecodeException;
-import com.auth0.jwt.exceptions.TokenExpiredException;
 import com.auth0.jwt.interfaces.DecodedJWT;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
@@ -57,6 +49,8 @@ public class HuahengJwtUtil {
     public static final String ALL_WAREHOUSE_CODE = "ALL_WAREHOUSE";
  
     public static final String SYSTEM_ACTIVATION_CODE_FILE_NAME = "ActivationCode.txt";
+    
+    public static final String SYSTEM_ACTIVATION_CODE_KEY = "ActivationCode";
  
     /**
      * 根据request中的token获取用户账号
@@ -266,36 +260,6 @@ public class HuahengJwtUtil {
         }
     }
  
-    public static Result<JSONObject> checkSystemActivationCode() throws IOException {
-        Result<JSONObject> result = new Result<JSONObject>();
-        InputStream inputStream = null;
-        try {
-            File file = new File(System.getProperties().getProperty("user.dir") + File.separatorChar + SYSTEM_ACTIVATION_CODE_FILE_NAME);
-            inputStream = new FileInputStream(file);
-            // 获得激活码
-            String activationCode = IOUtils.toString(inputStream, "utf-8");
-            Algorithm algorithm = Algorithm.RSA256(new SystemRSA256Key().getPublicKey(), new SystemRSA256Key().getPrivateKey());
-            JWTVerifier verifier =
-                JWT.require(algorithm).withClaim("operator", HuahengJwtUtil.HUAHENG_SYSTEM_ID).withIssuer(HuahengJwtUtil.HUAHENG_SYSTEM_ID).build();
-            DecodedJWT jwt = verifier.verify(activationCode);
-            new ApiAuthentication.ApiAuthenticationBuild().operator(jwt.getClaim("operator").asString()).audience(jwt.getAudience().get(0)).issuer(jwt.getIssuer())
-                .issuedAt(jwt.getIssuedAt()).expireDateTime(jwt.getExpiresAt()).bulid();
-        } catch (TokenExpiredException e) {
-            result.setSuccess(false);
-            result.setCode(499);
-            result.setMessage("系统激活码使用期限已到期");
-        } catch (Exception e) {
-            result.setSuccess(false);
-            result.setCode(499);
-            result.setMessage("系统激活码无效");
-        } finally {
-            if (inputStream != null) {
-                inputStream.close();
-            }
-        }
-        return result;
-    }
-
     /**
      * 生成第三方系统HTTP访问TOKEN
      * @author               TanYibin
@@ -99,6 +99,21 @@ public class HuahengRedisUtil {
             log.error("操作缓存异常：key:{}", key, e);
         }
     }
+    
+    /**
+     * 设置key，value 无过期时间
+     * @author           TanYibin
+     * @createDate       2023年2月8日
+     * @param      key
+     * @param      value
+     */
+    public void setWithNoExpirationTime(@Nonnull String key, @Nonnull Object value) {
+        try {
+            redisTemplate.opsForValue().set(key, toJson(value));
+        } catch (Exception e) {
+            log.error("操作缓存异常：key:{}", key, e);
+        }
+    }
  
     /**
      * 设置key，value，过期时间
@@ -162,6 +162,7 @@ spring:
     host: 127.0.0.1
     port: 6379
     password:
+    timeout: 5000 #超时时间ms
     lettuce:
       pool:
         min-idle: 0     #最小等待连接中的数量,设 0 为没有限制
@@ -162,6 +162,7 @@ spring:
     host: 172.16.29.77
     port: 6379
     password: 123456
+    timeout: 5000 #超时时间ms
     lettuce:
       pool:
         min-idle: 0     #最小等待连接中的数量,设 0 为没有限制
@@ -163,6 +163,7 @@ spring:
     host: 172.16.29.77
     port: 6379
     password: 123456
+    timeout: 5000 #超时时间ms
     lettuce:
       pool:
         min-idle: 0     #最小等待连接中的数量,设 0 为没有限制