feat: update code

Author: pnoker

dc3-api/dc3-api-auth/src/main/java/io/github/pnoker/api/center/auth/feign/BlackIpClient.java

@@ -44,7 +44,7 @@ public interface BlackIpClient {
     /**
      * 新增 BlackIp
      *
-     * @param blackIp  BlackIp
+     * @param blackIp BlackIp
      * @return BlackIp
      */
     @PostMapping("/add")
@@ -65,7 +65,7 @@ public interface BlackIpClient {
      * 支  持: Enable
      * 不支持: Ip
      *
-     * @param blackIp  BlackIp
+     * @param blackIp BlackIp
      * @return BlackIp
      */
     @PostMapping("/update")
@@ -83,7 +83,7 @@ public interface BlackIpClient {
     /**
      * 根据 Ip 查询 BlackIp
      *
-     * @param ip       Black Ip
+     * @param ip Black Ip
      * @return BlackIp
      */
     @GetMapping("/ip/{ip}")
@@ -101,7 +101,7 @@ public interface BlackIpClient {
     /**
      * 检测 Ip 是否在 Ip 黑名单列表
      *
-     * @param ip       Black Ip
+     * @param ip Black Ip
      * @return Boolean
      */
     @GetMapping("/check/{ip}")

dc3-center/dc3-center-auth/src/main/java/io/github/pnoker/center/auth/api/TokenApi.java

@@ -45,19 +45,19 @@ public class TokenApi implements TokenClient {
 
     @Override
     public R<String> generateSalt(Login login) {
-        String salt = tokenService.generateSalt(login.getName());
+        String salt = tokenService.generateSalt(login.getName(), login.getTenant());
         return null != salt ? R.ok(salt, "The salt will expire in 5 minutes") : R.fail();
     }
 
     @Override
     public R<String> generateToken(Login login) {
-        String token = tokenService.generateToken(login.getTenant(), login.getName(), login.getSalt(), login.getPassword());
+        String token = tokenService.generateToken(login.getName(), login.getSalt(), login.getPassword(), login.getTenant());
         return null != token ? R.ok(token, "The token will expire in 12 hours.") : R.fail();
     }
 
     @Override
     public R<String> checkTokenValid(Login login) {
-        TokenValid tokenValid = tokenService.checkTokenValid(login.getName(), login.getSalt(), login.getToken());
+        TokenValid tokenValid = tokenService.checkTokenValid(login.getName(), login.getSalt(), login.getToken(), login.getTenant());
         if (tokenValid.isValid()) {
             String expireTime = Dc3Util.formatCompleteData(tokenValid.getExpireTime());
             return R.ok(expireTime, "The token will expire in " + expireTime);
@@ -67,6 +67,6 @@ public R<String> checkTokenValid(Login login) {
 
     @Override
     public R<Boolean> cancelToken(Login login) {
-        return tokenService.cancelToken(login.getName()) ? R.ok() : R.fail();
+        return tokenService.cancelToken(login.getName(), login.getTenant()) ? R.ok() : R.fail();
     }
 }

dc3-center/dc3-center-auth/src/main/java/io/github/pnoker/center/auth/service/TokenService.java

@@ -27,35 +27,38 @@ public interface TokenService {
     /**
      * 生成用户的随机 salt
      *
-     * @param username Username
+     * @param username   Username
+     * @param tenantName Tenant Name
      * @return String
      */
-    String generateSalt(String username);
+    String generateSalt(String username, String tenantName);
 
     /**
      * 生成用户的Token令牌
      *
-     * @param tenant   Tenant
-     * @param name     User Name
-     * @param salt     User Salt
-     * @param password User Password
+     * @param username       User Name
+     * @param salt       User Salt
+     * @param password   User Password
+     * @param tenantName Tenant Name
      * @return String
      */
-    String generateToken(String tenant, String name, String salt, String password);
+    String generateToken(String username, String salt, String password, String tenantName);
 
     /**
      * 校验用户的Token令牌是否有效
      *
-     * @param username Username
-     * @param token    Token
+     * @param username   Username
+     * @param token      Token
+     * @param tenantName Tenant Name
      * @return TokenValid
      */
-    TokenValid checkTokenValid(String username, String salt, String token);
+    TokenValid checkTokenValid(String username, String salt, String token, String tenantName);
 
     /**
      * 注销用户的Token令牌
      *
-     * @param username Username
+     * @param username   Username
+     * @param tenantName Tenant Name
      */
-    boolean cancelToken(String username);
+    boolean cancelToken(String username, String tenantName);
 }

dc3-center/dc3-center-auth/src/main/java/io/github/pnoker/center/auth/service/impl/TokenServiceImpl.java

@@ -63,7 +63,9 @@ public class TokenServiceImpl implements TokenService {
     private RedisUtil redisUtil;
 
     @Override
-    public String generateSalt(String username) {
+    public String generateSalt(String username, String tenantName) {
+        // todo 此处一个bug，会抛异常，导致无法记录失败登录次数
+        Tenant tenant = tenantService.selectByName(tenantName);
         String redisSaltKey = CacheConstant.Entity.USER + CacheConstant.Suffix.SALT + CommonConstant.Symbol.SEPARATOR + username;
         String salt = redisUtil.getKey(redisSaltKey, String.class);
         if (StrUtil.isBlank(salt)) {
@@ -74,43 +76,48 @@ public String generateSalt(String username) {
     }
 
     @Override
-    public String generateToken(String tenant, String name, String salt, String password) {
-        checkUserLimit(name);
-        Tenant tempTenant = tenantService.selectByName(tenant);
-        User tempUser = userService.selectByName(name, false);
-        if (tempTenant.getEnable() && tempUser.getEnable()) {
-            tenantBindService.selectByTenantIdAndUserId(tempTenant.getId(), tempUser.getId());
-            String redisSaltKey = CacheConstant.Entity.USER + CacheConstant.Suffix.SALT + CommonConstant.Symbol.SEPARATOR + name;
-            String tempSalt = redisUtil.getKey(redisSaltKey, String.class);
-            if (StrUtil.isNotEmpty(tempSalt) && tempSalt.equals(salt)) {
-                if (Dc3Util.md5(tempUser.getPassword() + tempSalt).equals(password)) {
-                    String redisTokenKey = CacheConstant.Entity.USER + CacheConstant.Suffix.TOKEN + CommonConstant.Symbol.SEPARATOR + name;
-                    String token = KeyUtil.generateToken(name, tempSalt);
+    public String generateToken(String username, String salt, String password, String tenantName) {
+        checkUserLimit(username);
+        // todo 此处一个bug，会抛异常，导致无法记录失败登录次数
+        Tenant tenant = tenantService.selectByName(tenantName);
+        User user = userService.selectByName(username, false);
+        if (tenant.getEnable() && user.getEnable()) {
+            tenantBindService.selectByTenantIdAndUserId(tenant.getId(), user.getId());
+            String redisSaltKey = CacheConstant.Entity.USER + CacheConstant.Suffix.SALT + CommonConstant.Symbol.SEPARATOR + username;
+            String saltValue = redisUtil.getKey(redisSaltKey, String.class);
+            if (StrUtil.isNotEmpty(saltValue) && saltValue.equals(salt)) {
+                if (Dc3Util.md5(user.getPassword() + saltValue).equals(password)) {
+                    String redisTokenKey = CacheConstant.Entity.USER + CacheConstant.Suffix.TOKEN + CommonConstant.Symbol.SEPARATOR + username;
+                    String token = KeyUtil.generateToken(username, saltValue, tenant.getId());
                     redisUtil.setKey(redisTokenKey, token, CacheConstant.Timeout.TOKEN_CACHE_TIMEOUT, TimeUnit.HOURS);
                     return token;
                 }
             }
         }
-        updateUserLimit(name, true);
-        throw new ServiceException("Invalid tenant、username、password");
+        updateUserLimit(username, true);
+        throw new ServiceException("Invalid username、password、tenant");
     }
 
     @Override
-    public TokenValid checkTokenValid(String username, String salt, String token) {
+    public TokenValid checkTokenValid(String username, String salt, String token, String tenantName) {
+        // todo 此处一个bug，会抛异常，导致无法记录失败登录次数
+        Tenant tenant = tenantService.selectByName(tenantName);
         String redisToken = redisUtil.getKey(CacheConstant.Entity.USER + CacheConstant.Suffix.TOKEN + CommonConstant.Symbol.SEPARATOR + username, String.class);
         if (StrUtil.isBlank(redisToken) || !redisToken.equals(token)) {
             return new TokenValid(false, null);
         }
         try {
-            Claims claims = KeyUtil.parserToken(username, salt, token);
+            // todo 需要传 tenantId
+            Claims claims = KeyUtil.parserToken(username, salt, token, tenant.getId());
             return new TokenValid(true, claims.getExpiration());
         } catch (Exception e) {
             return new TokenValid(false, null);
         }
     }
 
     @Override
-    public boolean cancelToken(String username) {
+    public boolean cancelToken(String username, String tenantName) {
+        Tenant tenant = tenantService.selectByName(tenantName);
         redisUtil.deleteKey(CacheConstant.Entity.USER + CacheConstant.Suffix.TOKEN + CommonConstant.Symbol.SEPARATOR + username);
         return true;
     }

dc3-common/dc3-common-base/pom.xml

@@ -38,6 +38,12 @@
             <artifactId>spring-web</artifactId>
         </dependency>
 
+        <!-- Spring Aop -->
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>spring-aspects</artifactId>
+        </dependency>
+
         <!-- Spring Data MongoDB -->
         <dependency>
             <groupId>org.springframework.data</groupId>

dc3-common/dc3-common-core/src/main/java/io/github/pnoker/common/annotation/Logs.java dc3-common/dc3-common-base/src/main/java/io/github/pnoker/common/annotation/Logs.java

@@ -40,7 +40,7 @@ public void logsCut() {
     }
 
     // 2022-03-13 检查：通过
-    @Around("logsCut()&&@annotation(logs)")
+    @Around("logsCut() && @annotation(logs)")
     public Object doAround(ProceedingJoinPoint proceedingJoinPoint, Logs logs) throws Throwable {
         String uuid = IdUtil.fastSimpleUUID();
         String className = proceedingJoinPoint.getSignature().getDeclaringType().getSimpleName();
@@ -49,7 +49,7 @@ public Object doAround(ProceedingJoinPoint proceedingJoinPoint, Logs logs) throw
         log.info("Start => [{}].[{}.{}]: {}", uuid, className, methodName, logs.value());
         try {
             Object proceed = proceedingJoinPoint.proceed();
-            log.info("End <= [{}].[{}.{}].[{}ms]: {}", uuid, className, methodName, System.currentTimeMillis() - startTime, logs.value());
+            log.info("End   <= [{}].[{}.{}].[{}ms]: {}", uuid, className, methodName, System.currentTimeMillis() - startTime, logs.value());
             return proceed;
         } catch (Throwable throwable) {
             log.info("End   <= [{}].[{}.{}].[{}ms]: {}", uuid, className, methodName, System.currentTimeMillis() - startTime, logs.value());

dc3-common/dc3-common-core/src/main/java/io/github/pnoker/common/annotation/LogsAspect.java dc3-common/dc3-common-base/src/main/java/io/github/pnoker/common/annotation/LogsAspect.java

@@ -51,6 +51,11 @@ interface Symbol {
          * 分隔符
          */
         String SEPARATOR = "::";
+
+        /**
+         * 斜线
+         */
+        String SLASH = "/";
     }
 
     /**
@@ -60,7 +65,7 @@ interface Algorithm {
         /**
          * 默认密钥
          */
-        String DEFAULT_KEY = "pnoker/dc3";
+        String DEFAULT_KEY = "io.github.pnoker.dc3";
 
         /**
          * 默认密码

dc3-common/dc3-common-core/src/main/java/io/github/pnoker/common/annotation/LogsType.java dc3-common/dc3-common-base/src/main/java/io/github/pnoker/common/annotation/LogsType.java

@@ -27,12 +27,11 @@ public interface ServiceConstant {
      * 请求 Header 相关
      */
     interface Header {
+        String X_AUTH_TENANT_ID = "X-Auth-Tenant-Id";
+        String X_AUTH_TENANT = "X-Auth-Tenant";
+        String X_AUTH_USER_ID = "X-Auth-User-Id";
         String X_AUTH_USER = "X-Auth-User";
-        String X_AUTH_SALT = "X-Auth-Salt";
         String X_AUTH_TOKEN = "X-Auth-Token";
-        String X_AUTH_USER_ID = "X-Auth-User-Id";
-        String X_AUTH_TENANT = "X-Auth-Tenant";
-        String X_AUTH_TENANT_ID = "X-Auth-Tenant-Id";
     }
 
     /**

dc3-common/dc3-common-base/src/main/java/io/github/pnoker/common/constant/CommonConstant.java

@@ -20,7 +20,6 @@
 import cn.hutool.crypto.digest.MD5;
 import io.github.pnoker.common.bean.TreeNode;
 import io.github.pnoker.common.constant.CommonConstant;
-import io.github.pnoker.common.constant.ServiceConstant;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.fileupload.FileItem;
 import org.apache.commons.fileupload.FileItemFactory;
@@ -536,38 +535,4 @@ public static String getRequestHeader(HttpServletRequest httpServletRequest, Str
         return httpServletRequest.getHeader(key);
     }
 
-    /**
-     * 从 Request 中获取指定 User ID 的 Header 值
-     *
-     * @param httpServletRequest HttpServletRequest
-     * @return String
-     */
-    public static String getRequestUserId(HttpServletRequest httpServletRequest) {
-        String userId = Long.toString(-1L);
-        String header = getRequestHeader(httpServletRequest, ServiceConstant.Header.X_AUTH_USER_ID);
-        try {
-            userId = header.trim();
-            return userId;
-        } catch (Exception e) {
-            return userId;
-        }
-    }
-
-    /**
-     * 从 Request 中获取指定 Tenant ID 的 Header 值
-     *
-     * @param httpServletRequest HttpServletRequest
-     * @return String
-     */
-    public static String getRequestTenantId(HttpServletRequest httpServletRequest) {
-        String tenantId = Long.toString(-1L);
-        String header = getRequestHeader(httpServletRequest, ServiceConstant.Header.X_AUTH_TENANT_ID);
-        try {
-            tenantId = header.trim();
-            return tenantId;
-        } catch (Exception e) {
-            return tenantId;
-        }
-    }
-
 }

dc3-common/dc3-common-base/src/main/java/io/github/pnoker/common/constant/ServiceConstant.java

@@ -161,9 +161,9 @@ public static String decryptRsa(String str, String privateKey) throws Exception
      * @param username String
      * @return String
      */
-    public static String generateToken(String username, String salt) {
+    public static String generateToken(String username, String salt, String tenantId) {
         JwtBuilder builder = Jwts.builder()
-                .setIssuer(CommonConstant.Algorithm.DEFAULT_KEY)
+                .setIssuer(CommonConstant.Algorithm.DEFAULT_KEY + CommonConstant.Symbol.SLASH + tenantId)
                 .setSubject(username)
                 .setIssuedAt(new Date())
                 .signWith(SignatureAlgorithm.HS256, salt.getBytes(StandardCharsets.UTF_8))
@@ -179,9 +179,9 @@ public static String generateToken(String username, String salt) {
      * @param token    String
      * @return Claims
      */
-    public static Claims parserToken(String username, String salt, String token) {
+    public static Claims parserToken(String username, String salt, String token, String tenantId) {
         return Jwts.parser()
-                .requireIssuer(CommonConstant.Algorithm.DEFAULT_KEY)
+                .requireIssuer(CommonConstant.Algorithm.DEFAULT_KEY+ CommonConstant.Symbol.SLASH + tenantId)
                 .requireSubject(username)
                 .setSigningKey(salt.getBytes(StandardCharsets.UTF_8))
                 .parseClaimsJws(token)

dc3-common/dc3-common-base/src/main/java/io/github/pnoker/common/utils/Dc3Util.java

@@ -1,2 +1,3 @@
 org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
-  io.github.pnoker.common.exception.GlobalExceptionAdvice
+  io.github.pnoker.common.exception.GlobalExceptionAdvice,\
+  io.github.pnoker.common.annotation.LogsAspect

dc3-common/dc3-common-base/src/main/java/io/github/pnoker/common/utils/KeyUtil.java

@@ -71,12 +71,6 @@
             <artifactId>spring-webmvc</artifactId>
         </dependency>
 
-        <!-- Spring Aop -->
-        <dependency>
-            <groupId>org.springframework</groupId>
-            <artifactId>spring-aspects</artifactId>
-        </dependency>
-
         <!-- Dc3 Common Base -->
         <dependency>
             <groupId>io.github.pnoker</groupId>

dc3-common/dc3-common-base/src/main/resources/META-INF/spring.factories

@@ -5,5 +5,4 @@ org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
   io.github.pnoker.common.config.RedisCacheConfig,\
   io.github.pnoker.common.config.ThreadPoolConfig,\
   io.github.pnoker.common.config.WebMvcConfig,\
-  io.github.pnoker.common.utils.RedisUtil,\
-  io.github.pnoker.common.annotation.LogsAspect
+  io.github.pnoker.common.utils.RedisUtil

dc3-common/dc3-common-core/pom.xml

@@ -0,0 +1,36 @@
+/*
+ * Copyright 2022 Pnoker All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.github.pnoker.gateway.bean;
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+import lombok.experimental.Accessors;
+
+/**
+ * Request Token Header
+ *
+ * @author pnoker
+ */
+@Data
+@NoArgsConstructor
+@AllArgsConstructor
+@Accessors(chain = true)
+public class TokenRequestHeader {
+    private String salt;
+    private String token;
+}