fix: 前台登录接口增加登录限制

Author: moxi624

mogu_base/src/main/java/com/moxi/mougblog/base/enums/ELoginType.java

@@ -0,0 +1,52 @@
+package com.moxi.mougblog.base.enums;
+
+/**
+ * 网站登录方式枚举类
+ *
+ * @Author: 陌溪
+ * @Date: 2020年10月14日11:10:04
+ */
+public enum ELoginType {
+
+    /**
+     * 账号密码
+     */
+    PASSWORD("1", "PASSWORD"),
+
+    /**
+     * 码云
+     */
+    GITEE("2", "GITEE"),
+
+    /**
+     * GITHUB
+     */
+    GITHUB("3", "GITHUB"),
+
+    /**
+     * QQ
+     */
+    QQ("4", "QQ"),
+
+    /**
+     * Gitee
+     */
+    WECHAT("5", "WECHAT");
+
+
+    private final String code;
+    private final String name;
+
+    ELoginType(String code, String name) {
+        this.code = code;
+        this.name = name;
+    }
+
+    public String getCode() {
+        return code;
+    }
+
+    public String getName() {
+        return name;
+    }
+}

mogu_base/src/main/java/com/moxi/mougblog/base/global/BaseRedisConf.java

@@ -163,5 +163,15 @@ public class BaseRedisConf {
      */
     public final static String BLOG_CONTRIBUTE_COUNT = "BLOG_CONTRIBUTE_COUNT";
 
+    /**
+     * 登录方式
+     */
+    public final static String LOGIN_TYPE = "LOGIN_TYPE";
+    public final static String GITEE = "GITEE";
+    public final static String GITHUB = "GITHUB";
+    public final static String QQ = "QQ";
+    public final static String PASSWORD = "PASSWORD";
+    public final static String WECHAT = "WECHAT";
+
 
 }

mogu_web/src/main/java/com/moxi/mogublog/web/restapi/AuthRestApi.java

@@ -16,18 +16,12 @@
 import com.moxi.mogublog.web.global.SQLConf;
 import com.moxi.mogublog.web.global.SysConf;
 import com.moxi.mogublog.web.utils.RabbitMqUtil;
-import com.moxi.mogublog.xo.service.FeedbackService;
-import com.moxi.mogublog.xo.service.LinkService;
-import com.moxi.mogublog.xo.service.SystemConfigService;
-import com.moxi.mogublog.xo.service.UserService;
+import com.moxi.mogublog.xo.service.*;
 import com.moxi.mogublog.xo.utils.WebUtil;
 import com.moxi.mogublog.xo.vo.FeedbackVO;
 import com.moxi.mogublog.xo.vo.LinkVO;
 import com.moxi.mogublog.xo.vo.UserVO;
-import com.moxi.mougblog.base.enums.EGender;
-import com.moxi.mougblog.base.enums.ELinkStatus;
-import com.moxi.mougblog.base.enums.EOpenStatus;
-import com.moxi.mougblog.base.enums.EStatus;
+import com.moxi.mougblog.base.enums.*;
 import com.moxi.mougblog.base.exception.ThrowableUtils;
 import com.moxi.mougblog.base.global.Constants;
 import com.moxi.mougblog.base.validator.group.Insert;
@@ -52,6 +46,7 @@
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
+import javax.annotation.Resource;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
@@ -74,6 +69,8 @@ public class AuthRestApi {
     @Autowired
     private SystemConfigService systemConfigService;
     @Autowired
+    private WebConfigService webConfigService;
+    @Autowired
     private FeedbackService feedbackService;
     @Autowired
     private LinkService linkService;
@@ -112,12 +109,17 @@ public class AuthRestApi {
 
     @Autowired
     private StringRedisTemplate stringRedisTemplate;
-    @Autowired
+    @Resource
     private PictureFeignClient pictureFeignClient;
 
     @ApiOperation(value = "获取认证", notes = "获取认证")
     @RequestMapping("/render")
-    public String renderAuth(String source, HttpServletResponse response) throws IOException {
+    public String renderAuth(String source) {
+        // 将传递过来的转换成大写
+        Boolean isOpenLoginType = webConfigService.isOpenLoginType(source.toUpperCase());
+        if (!isOpenLoginType){
+            return ResultUtil.result(SysConf.ERROR, "后台未开启该登录方式!");
+        }
         log.info("进入render:" + source);
         AuthRequest authRequest = getAuthRequest(source);
         String token = AuthStateUtils.createState();
@@ -132,7 +134,7 @@ public String renderAuth(String source, HttpServletResponse response) throws IOE
      * oauth平台中配置的授权回调地址，以本项目为例，在创建gitee授权应用时的回调地址应为：http://127.0.0.1:8603/oauth/callback/gitee
      */
     @RequestMapping("/callback/{source}")
-    public void login(@PathVariable("source") String source, AuthCallback callback, HttpServletRequest request, HttpServletResponse httpServletResponse) throws IOException {
+    public void login(@PathVariable("source") String source, AuthCallback callback, HttpServletResponse httpServletResponse) throws IOException {
         log.info("进入callback：" + source + " callback params：" + JSONObject.toJSONString(callback));
         AuthRequest authRequest = getAuthRequest(source);
         AuthResponse response = authRequest.login(callback);
@@ -218,36 +220,27 @@ public void login(@PathVariable("source") String source, AuthCallback callback,
         } else {
             user.setLoginCount(user.getLoginCount() + 1);
         }
-
         // 获取浏览器，IP来源，以及操作系统
         user = userService.serRequestInfo(user);
-
         // 暂时将token也存入到user表中，为了以后方便更新redis中的内容
         user.setValidCode(accessToken);
-
         if (exist) {
             user.updateById();
         } else {
-
             user.setUuid(data.get(SysConf.UUID).toString());
             user.setSource(data.get(SysConf.SOURCE).toString());
-
             String userName = PROJECT_NAME_EN.concat("_").concat(user.getSource()).concat("_").concat(user.getUuid());
             user.setUserName(userName);
-
             // 如果昵称为空，那么直接设置用户名
             if (StringUtils.isEmpty(user.getNickName())) {
                 user.setNickName(userName);
             }
-
             // 默认密码
             user.setPassWord(MD5Utils.string2MD5(DEFAULE_PWD));
             user.insert();
         }
-
         // 过滤密码
         user.setPassWord("");
-
         if (user != null) {
             //将从数据库查询的数据缓存到redis中
             stringRedisTemplate.opsForValue().set(RedisConf.USER_TOKEN + Constants.SYMBOL_COLON + accessToken, JsonUtils.objectToJson(user), userTokenSurvivalTime, TimeUnit.HOURS);

mogu_web/src/main/java/com/moxi/mogublog/web/restapi/CommentRestApi.java

@@ -433,7 +433,6 @@ public String getListByUser(HttpServletRequest request, @Validated({GetList.clas
         Map<String, Object> resultMap = new HashMap<>();
         resultMap.put(SysConf.COMMENT_LIST, commentList);
         resultMap.put(SysConf.REPLY_LIST, replyList);
-
         return ResultUtil.result(SysConf.SUCCESS, resultMap);
     }
 
@@ -451,7 +450,6 @@ public String getPraiseListByUser(@ApiParam(name = "currentPage", value = "当
             return ResultUtil.result(SysConf.ERROR, MessageConf.INVALID_TOKEN);
         }
         String userUid = request.getAttribute(SysConf.USER_UID).toString();
-
         QueryWrapper<Comment> queryWrappe = new QueryWrapper<>();
         queryWrappe.eq(SQLConf.USER_UID, userUid);
         queryWrappe.eq(SQLConf.TYPE, ECommentType.PRAISE);
@@ -462,7 +460,6 @@ public String getPraiseListByUser(@ApiParam(name = "currentPage", value = "当
         page.setSize(pageSize);
         IPage<Comment> pageList = commentService.page(page, queryWrappe);
         List<Comment> praiseList = pageList.getRecords();
-
         List<String> blogUids = new ArrayList<>();
         praiseList.forEach(item -> {
             blogUids.add(item.getBlogUid());
@@ -482,9 +479,7 @@ public String getPraiseListByUser(@ApiParam(name = "currentPage", value = "当
                 item.setBlog(blogMap.get(item.getBlogUid()));
             }
         });
-
         pageList.setRecords(praiseList);
-
         return ResultUtil.result(SysConf.SUCCESS, pageList);
     }
 
@@ -494,11 +489,9 @@ public String getPraiseListByUser(@ApiParam(name = "currentPage", value = "当
     public String add(@Validated({Insert.class}) @RequestBody CommentVO commentVO, BindingResult result) {
         ThrowableUtils.checkParamArgument(result);
         HttpServletRequest request = RequestHolder.getRequest();
-
         if (request.getAttribute(SysConf.USER_UID) == null) {
             return ResultUtil.result(SysConf.ERROR, MessageConf.INVALID_TOKEN);
         }
-
         QueryWrapper<WebConfig> queryWrapper = new QueryWrapper<>();
         queryWrapper.eq(SysConf.STATUS, EStatus.ENABLE);
         WebConfig webConfig = webConfigService.getOne(queryWrapper);
@@ -514,11 +507,8 @@ public String add(@Validated({Insert.class}) @RequestBody CommentVO commentVO, B
                 return ResultUtil.result(SysConf.ERROR, MessageConf.BLOG_NO_OPEN_COMMENTS);
             }
         }
-
         String userUid = request.getAttribute(SysConf.USER_UID).toString();
-
         User user = userService.getById(userUid);
-
         // 判断字数是否超过限制
         if (commentVO.getContent().length() > SysConf.ONE_ZERO_TWO_FOUR) {
             return ResultUtil.result(SysConf.ERROR, MessageConf.COMMENT_CAN_NOT_MORE_THAN_1024);

mogu_web/src/main/java/com/moxi/mogublog/web/restapi/LoginRestApi.java

@@ -11,6 +11,7 @@
 import com.moxi.mogublog.web.global.SysConf;
 import com.moxi.mogublog.web.utils.RabbitMqUtil;
 import com.moxi.mogublog.xo.service.UserService;
+import com.moxi.mogublog.xo.service.WebConfigService;
 import com.moxi.mogublog.xo.utils.WebUtil;
 import com.moxi.mogublog.xo.vo.UserVO;
 import com.moxi.mougblog.base.enums.EStatus;
@@ -29,6 +30,7 @@
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
+import javax.annotation.Resource;
 import javax.servlet.http.HttpServletRequest;
 import java.util.Date;
 import java.util.List;
@@ -48,13 +50,14 @@
 @Slf4j
 public class LoginRestApi {
 
-
     @Autowired
-    RabbitMqUtil rabbitMqUtil;
+    private RabbitMqUtil rabbitMqUtil;
     @Autowired
-    PictureFeignClient pictureFeignClient;
+    private WebConfigService webConfigService;
+    @Resource
+    private PictureFeignClient pictureFeignClient;
     @Autowired
-    WebUtil webUtil;
+    private WebUtil webUtil;
     @Autowired
     private UserService userService;
     @Autowired
@@ -66,6 +69,11 @@ public class LoginRestApi {
     @PostMapping("/login")
     public String login(@Validated({GetOne.class}) @RequestBody UserVO userVO, BindingResult result) {
         ThrowableUtils.checkParamArgument(result);
+        Boolean isOpenLoginType = webConfigService.isOpenLoginType(RedisConf.PASSWORD);
+        if (!isOpenLoginType){
+            return ResultUtil.result(SysConf.ERROR, "后台未开启该登录方式!");
+        }
+
         String userName = userVO.getUserName();
         QueryWrapper<User> queryWrapper = new QueryWrapper<>();
         queryWrapper.and(wrapper -> wrapper.eq(SQLConf.USER_NAME, userName).or().eq(SQLConf.EMAIL, userName));

mogu_xo/src/main/java/com/moxi/mogublog/xo/global/SysConf.java

@@ -62,6 +62,8 @@ public final class SysConf extends BaseSysConf {
      */
     public static final String GITHUB = "github";
     public static final String GITEE = "gitee";
+    public static final String QQ_NUMBER = "qqNumber";
+
     public static final String PIC_URL = "picUrl";
     public static final String QI_NIU_URL = "qiNiuUrl";
     public static final String NICKNAME = "nickname";

mogu_xo/src/main/java/com/moxi/mogublog/xo/service/WebConfigService.java

@@ -17,20 +17,27 @@ public interface WebConfigService extends SuperService<WebConfig> {
      *
      * @return
      */
-    public WebConfig getWebConfig();
+    WebConfig getWebConfig();
 
     /**
      * 通过显示列表获取配置
      *
      * @return
      */
-    public WebConfig getWebConfigByShowList();
+    WebConfig getWebConfigByShowList();
 
     /**
      * 修改网站配置
      *
      * @param webConfigVO
      * @return
      */
-    public String editWebConfig(WebConfigVO webConfigVO);
+    String editWebConfig(WebConfigVO webConfigVO);
+
+    /**
+     * 是否开启该登录方式【账号密码、码云、Github、QQ、微信】
+     * @param loginType
+     * @return
+     */
+    Boolean isOpenLoginType(String loginType);
 }