From 257507122150b6105a0b9fd9c022015493063c99 Mon Sep 17 00:00:00 2001
From: zhuo <2089219845@qq.com>
Date: 星期六, 15 三月 2025 09:56:56 +0800
Subject: [PATCH] 单点登录调整
---
ruoyi-admin/src/main/resources/application-test.yml | 7 ++
ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java | 19 +++++-
ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java | 1
ruoyi-admin/src/main/resources/application-prod.yml | 7 ++
ruoyi-admin/src/main/resources/application-druid.yml | 7 ++
ruoyi-admin/src/main/resources/i18n/messages.properties | 70 ++++++++++++-----------
ruoyi-framework/src/main/java/com/ruoyi/framework/security/handle/LogoutSuccessHandlerImpl.java | 22 ++++++
ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java | 2
ruoyi-admin/src/main/resources/application.yml | 9 --
9 files changed, 94 insertions(+), 50 deletions(-)
diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java
index c620578..ec23e7e 100644
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java
@@ -108,7 +108,6 @@
* @return
*/
- @Anonymous
@GetMapping("/getSsoAuthUrl")
public AjaxResult getSsoAuthUrl() {
String uuid = UUID.randomUUID().toString();
diff --git a/ruoyi-admin/src/main/resources/application-druid.yml b/ruoyi-admin/src/main/resources/application-druid.yml
index dfad74e..a0e5864 100644
--- a/ruoyi-admin/src/main/resources/application-druid.yml
+++ b/ruoyi-admin/src/main/resources/application-druid.yml
@@ -103,6 +103,13 @@
# 鏄惁寮�鍚痵wagger
enabled: true
+# 鏃ュ織閰嶇疆
+logging:
+ file-location: /javaWork/lims-ruoyi
+ level:
+ com.ruoyi: info
+ org.springframework: warn
+
minio:
endpoint: http://114.132.189.42/
port: 7019
diff --git a/ruoyi-admin/src/main/resources/application-prod.yml b/ruoyi-admin/src/main/resources/application-prod.yml
index 6f68d66..c8e986c 100644
--- a/ruoyi-admin/src/main/resources/application-prod.yml
+++ b/ruoyi-admin/src/main/resources/application-prod.yml
@@ -98,6 +98,13 @@
cache-enabled: false
log-impl: # org.apache.ibatis.logging.stdout.StdOutImpl
+# 鏃ュ織閰嶇疆
+logging:
+ file-location: /javaWork/lims-ruoyi
+ level:
+ com.ruoyi: info
+ org.springframework: warn
+
# Swagger閰嶇疆
swagger:
# 鏄惁寮�鍚痵wagger
diff --git a/ruoyi-admin/src/main/resources/application-test.yml b/ruoyi-admin/src/main/resources/application-test.yml
index 3b9a971..560cdd9 100644
--- a/ruoyi-admin/src/main/resources/application-test.yml
+++ b/ruoyi-admin/src/main/resources/application-test.yml
@@ -99,6 +99,13 @@
cache-enabled: false
log-impl: # org.apache.ibatis.logging.stdout.StdOutImpl
+# 鏃ュ織閰嶇疆
+logging:
+ file-location: /center-lims/Java
+ level:
+ com.ruoyi: info
+ org.springframework: warn
+
# Swagger閰嶇疆
swagger:
# 鏄惁寮�鍚痵wagger
diff --git a/ruoyi-admin/src/main/resources/application.yml b/ruoyi-admin/src/main/resources/application.yml
index b6f9251..ca23fdf 100644
--- a/ruoyi-admin/src/main/resources/application.yml
+++ b/ruoyi-admin/src/main/resources/application.yml
@@ -31,13 +31,6 @@
# Tomcat鍚姩鍒濆鍖栫殑绾跨▼鏁帮紝榛樿鍊�10
min-spare: 100
-# 鏃ュ織閰嶇疆
-logging:
- file-location: /javaWork/lims-ruoyi
- level:
- com.ruoyi: info
- org.springframework: warn
-
# 鐢ㄦ埛閰嶇疆
user:
password:
@@ -95,7 +88,7 @@
# 鍖归厤閾炬帴
urlPatterns: /system/*,/monitor/*,/tool/*
-#闆嗗洟缁熶竴鐧诲綍娴嬭瘯搴�
+#闆嗗洟缁熶竴鐧诲綍
sso:
url:
clientId:
diff --git a/ruoyi-admin/src/main/resources/i18n/messages.properties b/ruoyi-admin/src/main/resources/i18n/messages.properties
index 93de005..31680fe 100644
--- a/ruoyi-admin/src/main/resources/i18n/messages.properties
+++ b/ruoyi-admin/src/main/resources/i18n/messages.properties
@@ -1,38 +1,40 @@
-#閿欒娑堟伅
-not.null=* 蹇呴』濉啓
-user.jcaptcha.error=楠岃瘉鐮侀敊璇�
-user.jcaptcha.expire=楠岃瘉鐮佸凡澶辨晥
-user.not.exists=鐢ㄦ埛涓嶅瓨鍦�/瀵嗙爜閿欒
-user.password.not.match=鐢ㄦ埛涓嶅瓨鍦�/瀵嗙爜閿欒
-user.password.retry.limit.count=瀵嗙爜杈撳叆閿欒{0}娆�
-user.password.retry.limit.exceed=瀵嗙爜杈撳叆閿欒{0}娆★紝甯愭埛閿佸畾{1}鍒嗛挓
-user.password.delete=瀵逛笉璧凤紝鎮ㄧ殑璐﹀彿宸茶鍒犻櫎
-user.blocked=鐢ㄦ埛宸插皝绂侊紝璇疯仈绯荤鐞嗗憳
-role.blocked=瑙掕壊宸插皝绂侊紝璇疯仈绯荤鐞嗗憳
-login.blocked=寰堥仐鎲撅紝璁块棶IP宸茶鍒楀叆绯荤粺榛戝悕鍗�
-user.logout.success=閫�鍑烘垚鍔�
+#\u9519\u8BEF\u6D88\u606F
+not.null=* \u5FC5\u987B\u586B\u5199
+user.jcaptcha.error=\u9A8C\u8BC1\u7801\u9519\u8BEF
+user.jcaptcha.expire=\u9A8C\u8BC1\u7801\u5DF2\u5931\u6548
+user.not.exists=\u7528\u6237\u4E0D\u5B58\u5728/\u5BC6\u7801\u9519\u8BEF
+user.password.not.match=\u7528\u6237\u4E0D\u5B58\u5728/\u5BC6\u7801\u9519\u8BEF
+user.password.retry.limit.count=\u5BC6\u7801\u8F93\u5165\u9519\u8BEF{0}\u6B21
+user.password.retry.limit.exceed=\u5BC6\u7801\u8F93\u5165\u9519\u8BEF{0}\u6B21\uFF0C\u5E10\u6237\u9501\u5B9A{1}\u5206\u949F
+user.password.delete=\u5BF9\u4E0D\u8D77\uFF0C\u60A8\u7684\u8D26\u53F7\u5DF2\u88AB\u5220\u9664
+user.blocked=\u7528\u6237\u5DF2\u5C01\u7981\uFF0C\u8BF7\u8054\u7CFB\u7BA1\u7406\u5458
+role.blocked=\u89D2\u8272\u5DF2\u5C01\u7981\uFF0C\u8BF7\u8054\u7CFB\u7BA1\u7406\u5458
+login.blocked=\u5F88\u9057\u61BE\uFF0C\u8BBF\u95EEIP\u5DF2\u88AB\u5217\u5165\u7CFB\u7EDF\u9ED1\u540D\u5355
+user.logout.success=\u9000\u51FA\u6210\u529F
+user.single.logout.success=\u5355\u70B9\u767B\u5F55\u9000\u51FA\u6210\u529F
-length.not.valid=闀垮害蹇呴』鍦▄min}鍒皗max}涓瓧绗︿箣闂�
+length.not.valid=\u957F\u5EA6\u5FC5\u987B\u5728{min}\u5230{max}\u4E2A\u5B57\u7B26\u4E4B\u95F4
-user.username.not.valid=* 2鍒�20涓眽瀛椼�佸瓧姣嶃�佹暟瀛楁垨涓嬪垝绾跨粍鎴愶紝涓斿繀椤讳互闈炴暟瀛楀紑澶�
-user.password.not.valid=* 5-50涓瓧绗�
-
-user.email.not.valid=閭鏍煎紡閿欒
-user.mobile.phone.number.not.valid=鎵嬫満鍙锋牸寮忛敊璇�
-user.login.success=鐧诲綍鎴愬姛
-user.register.success=娉ㄥ唽鎴愬姛
-user.notfound=璇烽噸鏂扮櫥褰�
-user.forcelogout=绠$悊鍛樺己鍒堕��鍑猴紝璇烽噸鏂扮櫥褰�
-user.unknown.error=鏈煡閿欒锛岃閲嶆柊鐧诲綍
+user.username.not.valid=* 2\u523020\u4E2A\u6C49\u5B57\u3001\u5B57\u6BCD\u3001\u6570\u5B57\u6216\u4E0B\u5212\u7EBF\u7EC4\u6210\uFF0C\u4E14\u5FC5\u987B\u4EE5\u975E\u6570\u5B57\u5F00\u5934
+user.password.not.valid=* 5-50\u4E2A\u5B57\u7B26
-##鏂囦欢涓婁紶娑堟伅
-upload.exceed.maxSize=涓婁紶鐨勬枃浠跺ぇ灏忚秴鍑洪檺鍒剁殑鏂囦欢澶у皬锛�<br/>鍏佽鐨勬枃浠舵渶澶уぇ灏忔槸锛歿0}MB锛�
-upload.filename.exceed.length=涓婁紶鐨勬枃浠跺悕鏈�闀縶0}涓瓧绗�
+user.email.not.valid=\u90AE\u7BB1\u683C\u5F0F\u9519\u8BEF
+user.mobile.phone.number.not.valid=\u624B\u673A\u53F7\u683C\u5F0F\u9519\u8BEF
+user.login.success=\u767B\u5F55\u6210\u529F
+user.single.login.success=\u5355\u70B9\u767B\u5F55\u6210\u529F
+user.register.success=\u6CE8\u518C\u6210\u529F
+user.notfound=\u8BF7\u91CD\u65B0\u767B\u5F55
+user.forcelogout=\u7BA1\u7406\u5458\u5F3A\u5236\u9000\u51FA\uFF0C\u8BF7\u91CD\u65B0\u767B\u5F55
+user.unknown.error=\u672A\u77E5\u9519\u8BEF\uFF0C\u8BF7\u91CD\u65B0\u767B\u5F55
-##鏉冮檺
-no.permission=鎮ㄦ病鏈夋暟鎹殑鏉冮檺锛岃鑱旂郴绠$悊鍛樻坊鍔犳潈闄� [{0}]
-no.create.permission=鎮ㄦ病鏈夊垱寤烘暟鎹殑鏉冮檺锛岃鑱旂郴绠$悊鍛樻坊鍔犳潈闄� [{0}]
-no.update.permission=鎮ㄦ病鏈変慨鏀规暟鎹殑鏉冮檺锛岃鑱旂郴绠$悊鍛樻坊鍔犳潈闄� [{0}]
-no.delete.permission=鎮ㄦ病鏈夊垹闄ゆ暟鎹殑鏉冮檺锛岃鑱旂郴绠$悊鍛樻坊鍔犳潈闄� [{0}]
-no.export.permission=鎮ㄦ病鏈夊鍑烘暟鎹殑鏉冮檺锛岃鑱旂郴绠$悊鍛樻坊鍔犳潈闄� [{0}]
-no.view.permission=鎮ㄦ病鏈夋煡鐪嬫暟鎹殑鏉冮檺锛岃鑱旂郴绠$悊鍛樻坊鍔犳潈闄� [{0}]
+##\u6587\u4EF6\u4E0A\u4F20\u6D88\u606F
+upload.exceed.maxSize=\u4E0A\u4F20\u7684\u6587\u4EF6\u5927\u5C0F\u8D85\u51FA\u9650\u5236\u7684\u6587\u4EF6\u5927\u5C0F\uFF01<br/>\u5141\u8BB8\u7684\u6587\u4EF6\u6700\u5927\u5927\u5C0F\u662F\uFF1A{0}MB\uFF01
+upload.filename.exceed.length=\u4E0A\u4F20\u7684\u6587\u4EF6\u540D\u6700\u957F{0}\u4E2A\u5B57\u7B26
+
+##\u6743\u9650
+no.permission=\u60A8\u6CA1\u6709\u6570\u636E\u7684\u6743\u9650\uFF0C\u8BF7\u8054\u7CFB\u7BA1\u7406\u5458\u6DFB\u52A0\u6743\u9650 [{0}]
+no.create.permission=\u60A8\u6CA1\u6709\u521B\u5EFA\u6570\u636E\u7684\u6743\u9650\uFF0C\u8BF7\u8054\u7CFB\u7BA1\u7406\u5458\u6DFB\u52A0\u6743\u9650 [{0}]
+no.update.permission=\u60A8\u6CA1\u6709\u4FEE\u6539\u6570\u636E\u7684\u6743\u9650\uFF0C\u8BF7\u8054\u7CFB\u7BA1\u7406\u5458\u6DFB\u52A0\u6743\u9650 [{0}]
+no.delete.permission=\u60A8\u6CA1\u6709\u5220\u9664\u6570\u636E\u7684\u6743\u9650\uFF0C\u8BF7\u8054\u7CFB\u7BA1\u7406\u5458\u6DFB\u52A0\u6743\u9650 [{0}]
+no.export.permission=\u60A8\u6CA1\u6709\u5BFC\u51FA\u6570\u636E\u7684\u6743\u9650\uFF0C\u8BF7\u8054\u7CFB\u7BA1\u7406\u5458\u6DFB\u52A0\u6743\u9650 [{0}]
+no.view.permission=\u60A8\u6CA1\u6709\u67E5\u770B\u6570\u636E\u7684\u6743\u9650\uFF0C\u8BF7\u8054\u7CFB\u7BA1\u7406\u5458\u6DFB\u52A0\u6743\u9650 [{0}]
diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
index 1823e03..974a5e2 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
@@ -111,7 +111,7 @@
.authorizeHttpRequests((requests) -> {
permitAllUrl.getUrls().forEach(url -> requests.antMatchers(url).permitAll());
// 瀵逛簬鐧诲綍login 娉ㄥ唽register 楠岃瘉鐮乧aptchaImage 鍏佽鍖垮悕璁块棶
- requests.antMatchers("/login", "/register", "/captchaImage").permitAll()
+ requests.antMatchers("/login", "/register", "/captchaImage", "/getSsoAuthUrl", "/loginBySSO").permitAll()
// 闈欐�佽祫婧愶紝鍙尶鍚嶈闂�
.antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**", "/img/**", "/word/**").permitAll()
.antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll()
diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/security/handle/LogoutSuccessHandlerImpl.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/security/handle/LogoutSuccessHandlerImpl.java
index ba23910..5d16c74 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/security/handle/LogoutSuccessHandlerImpl.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/security/handle/LogoutSuccessHandlerImpl.java
@@ -4,8 +4,12 @@
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+
+import com.ruoyi.common.config.SsoBean;
+import com.ruoyi.common.utils.SecurityUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
+import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
import com.alibaba.fastjson2.JSON;
@@ -29,6 +33,10 @@
{
@Autowired
private TokenService tokenService;
+ @Autowired
+ private RedisTemplate redisTemplate;
+ @Autowired
+ private SsoBean ssoBean;
/**
* 閫�鍑哄鐞�
@@ -40,14 +48,24 @@
throws IOException, ServletException
{
LoginUser loginUser = tokenService.getLoginUser(request);
+ String loginOutUrl = null;
if (StringUtils.isNotNull(loginUser))
{
String userName = loginUser.getUsername();
// 鍒犻櫎鐢ㄦ埛缂撳瓨璁板綍
tokenService.delLoginUser(loginUser.getToken());
// 璁板綍鐢ㄦ埛閫�鍑烘棩蹇�
- AsyncManager.me().execute(AsyncFactory.recordLogininfor(userName, Constants.LOGOUT, MessageUtils.message("user.logout.success")));
+ // 娓呴櫎鍗曠偣鐧诲綍淇℃伅
+ Object idToken = redisTemplate.opsForValue().get("ssoOauthToken:idToken:" + userName);
+ if (idToken != null) {
+ loginOutUrl = ssoBean.getUrl() + "/oauth2/sessions/logout?id_token_hint=" + idToken;
+ redisTemplate.delete("ssoOauthToken:idToken:" + SecurityUtils.getUsername());
+ AsyncManager.me().execute(AsyncFactory.recordLogininfor(userName, Constants.LOGOUT, MessageUtils.message("user.single.logout.success")));
+ } else {
+ AsyncManager.me().execute(AsyncFactory.recordLogininfor(userName, Constants.LOGOUT, MessageUtils.message("user.logout.success")));
+ }
+
}
- ServletUtils.renderString(response, JSON.toJSONString(AjaxResult.success(MessageUtils.message("user.logout.success"))));
+ ServletUtils.renderString(response, JSON.toJSONString(AjaxResult.success(MessageUtils.message("user.logout.success"), loginOutUrl)));
}
}
diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java
index 05fbbf4..b6841dd 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java
@@ -4,11 +4,12 @@
import javax.net.ssl.SSLContext;
import com.alibaba.fastjson.JSON;
-import com.alibaba.fastjson.PropertyNamingStrategy;
-import com.alibaba.fastjson.parser.ParserConfig;
+import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.ruoyi.common.config.SsoBean;
+import com.ruoyi.common.core.domain.entity.User;
import com.ruoyi.framework.model.SsoOauthTokenModel;
import com.ruoyi.framework.model.SsoUserInfoModel;
+import com.ruoyi.system.mapper.UserMapper;
import lombok.extern.slf4j.Slf4j;
import org.apache.http.HttpEntity;
import org.apache.http.HttpStatus;
@@ -24,6 +25,7 @@
import org.apache.http.ssl.TrustStrategy;
import org.apache.http.util.EntityUtils;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
@@ -60,6 +62,7 @@
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
+import java.util.concurrent.TimeUnit;
/**
* 鐧诲綍鏍¢獙鏂规硶
@@ -80,13 +83,19 @@
private RedisCache redisCache;
@Autowired
- private ISysUserService userService;
+ private ISysUserService sysUserService;
@Autowired
private ISysConfigService configService;
@Autowired
private SsoBean ssoBean;
+
+ @Autowired
+ private RedisTemplate redisTemplate;
+
+ @Autowired
+ private UserMapper userMapper;
/**
* 鐧诲綍楠岃瘉
@@ -212,7 +221,7 @@
sysUser.setUserId(userId);
sysUser.setLoginIp(IpUtils.getIpAddr());
sysUser.setLoginDate(DateUtils.getNowDate());
- userService.updateUserProfile(sysUser);
+ sysUserService.updateUserProfile(sysUser);
}
/**
@@ -238,6 +247,8 @@
+ AsyncManager.me().execute(AsyncFactory.recordLogininfor(userInfo.getEmployeeId(), Constants.LOGIN_SUCCESS, MessageUtils.message("user.single.login.success")));
+ redisTemplate.opsForValue().set("ssoOauthToken:idToken:" + userInfo.getEmployeeId(), tokenModel.getId_token(), 3, TimeUnit.DAYS);
// 鐢熸垚token
return tokenService.createToken(null);
}
--
Gitblit v1.9.3