mirror of
https://gitee.com/dromara/sa-token.git
synced 2025-04-05 17:37:53 +08:00
账号封禁模块新增服务指定功能
This commit is contained in:
click33
parent
3a84a070c4
commit
a2798b3105
sa-token-core/src/main/java/cn/dev33/satoken
annotation
exception
listener
SaTokenEventCenter.javaSaTokenListener.javaSaTokenListenerForConsolePrint.javaSaTokenListenerForSimple.java
stp
strategy
util
sa-token-demo
sa-token-demo-solon/src/main/java/com/pj/test
sa-token-demo-springboot-redis/src/main/java/com/pj/current
sa-token-demo-springboot/src/main/java/com/pj/current
sa-token-demo-webflux/src/main/java/com/pj/test
sa-token-plugin/sa-token-spring-aop/src/main/java/cn/dev33/satoken/aop
sa-token-starter/sa-token-solon-plugin/src/main/java/cn/dev33/satoken/solon
sa-token-test
sa-token-jwt-test/src/test/java/com/pj/test
sa-token-springboot-test/src/test/java/cn/dev33/satoken
@ -5,8 +5,10 @@ import java.lang.annotation.Retention;
|
||||
import java.lang.annotation.RetentionPolicy;
|
||||
import java.lang.annotation.Target;
|
||||
|
||||
import cn.dev33.satoken.util.SaTokenConsts;
|
||||
|
||||
/**
|
||||
* 校验当前用户是否可用
|
||||
* 服务禁用校验:在没有被禁用服务的情况下才可以进入方法
|
||||
*
|
||||
* <p> 可标注在函数、类上(效果等同于标注在此类的所有方法上)
|
||||
*
|
||||
@ -14,11 +16,19 @@ import java.lang.annotation.Target;
|
||||
*/
|
||||
@Retention(RetentionPolicy.RUNTIME)
|
||||
@Target({ ElementType.METHOD, ElementType.TYPE })
|
||||
public @interface SaCheckEnable {
|
||||
public @interface SaCheckDisable {
|
||||
|
||||
/**
|
||||
* 多账号体系下所属的账号体系标识
|
||||
* @return see note
|
||||
*/
|
||||
String type() default "";
|
||||
|
||||
/**
|
||||
* 服务标识 (要校验是否禁用的服务名称)
|
||||
*
|
||||
* @return see note
|
||||
*/
|
||||
String[] value() default { SaTokenConsts.DEFAULT_DISABLE_SERVICE };
|
||||
|
||||
}
|
||||
@ -21,9 +21,4 @@ public @interface SaCheckLogin {
|
||||
*/
|
||||
String type() default "";
|
||||
|
||||
/**
|
||||
* 是否检查当前登陆账号是否禁用 (true: 检查 false: 不检查)
|
||||
* @return see note
|
||||
*/
|
||||
String checkEnable() default "false";
|
||||
}
|
||||
|
||||
@ -7,6 +7,7 @@ import java.lang.annotation.Target;
|
||||
|
||||
/**
|
||||
* 二级认证校验:必须二级认证之后才能进入该方法
|
||||
*
|
||||
* <p> 可标注在函数、类上(效果等同于标注在此类的所有方法上)
|
||||
* @author kong
|
||||
*
|
||||
|
||||
@ -1,11 +1,11 @@
|
||||
package cn.dev33.satoken.exception;
|
||||
|
||||
/**
|
||||
* 一个异常:代表账号已被封禁
|
||||
* 一个异常:代表指定账号指定服务已被封禁
|
||||
*
|
||||
* @author kong
|
||||
*/
|
||||
public class DisableLoginException extends SaTokenException {
|
||||
public class DisableServiceException extends SaTokenException {
|
||||
|
||||
/**
|
||||
* 序列化版本号
|
||||
@ -16,7 +16,7 @@ public class DisableLoginException extends SaTokenException {
|
||||
public static final String BE_VALUE = "disable";
|
||||
|
||||
/** 异常提示语 */
|
||||
public static final String BE_MESSAGE = "此账号已被封禁";
|
||||
public static final String BE_MESSAGE = "此账号已被禁止访问服务:";
|
||||
|
||||
/**
|
||||
* 账号类型
|
||||
@ -32,7 +32,12 @@ public class DisableLoginException extends SaTokenException {
|
||||
* 封禁剩余时间,单位:秒
|
||||
*/
|
||||
private long disableTime;
|
||||
|
||||
|
||||
/**
|
||||
* 具体被封禁的服务
|
||||
*/
|
||||
private String service;
|
||||
|
||||
/**
|
||||
* 获取账号类型
|
||||
*
|
||||
@ -50,6 +55,15 @@ public class DisableLoginException extends SaTokenException {
|
||||
public Object getLoginId() {
|
||||
return loginId;
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取: 被封禁的服务
|
||||
*
|
||||
* @return See above
|
||||
*/
|
||||
public Object getService() {
|
||||
return service;
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取: 封禁剩余时间,单位:秒
|
||||
@ -60,16 +74,18 @@ public class DisableLoginException extends SaTokenException {
|
||||
}
|
||||
|
||||
/**
|
||||
* 一个异常:代表账号已被封禁
|
||||
* 一个异常:代表指定账号指定服务已被封禁
|
||||
*
|
||||
* @param loginType 账号类型
|
||||
* @param loginId 被封禁的账号id
|
||||
* @param service 具体封禁的服务
|
||||
* @param disableTime 封禁剩余时间,单位:秒
|
||||
*/
|
||||
public DisableLoginException(String loginType, Object loginId, long disableTime) {
|
||||
super(BE_MESSAGE);
|
||||
public DisableServiceException(String loginType, Object loginId, String service, long disableTime) {
|
||||
super(BE_MESSAGE + service);
|
||||
this.loginId = loginId;
|
||||
this.loginType = loginType;
|
||||
this.service = service;
|
||||
this.disableTime = disableTime;
|
||||
}
|
||||
|
||||
@ -176,11 +176,12 @@ public class SaTokenEventCenter {
|
||||
* 每次被封禁时触发
|
||||
* @param loginType 账号类别
|
||||
* @param loginId 账号id
|
||||
* @param service 指定服务
|
||||
* @param disableTime 封禁时长,单位: 秒
|
||||
*/
|
||||
public static void doDisable(String loginType, Object loginId, long disableTime) {
|
||||
public static void doDisable(String loginType, Object loginId, String service, long disableTime) {
|
||||
for (SaTokenListener listener : listenerList) {
|
||||
listener.doDisable(loginType, loginId, disableTime);
|
||||
listener.doDisable(loginType, loginId, service, disableTime);
|
||||
}
|
||||
}
|
||||
|
||||
@ -188,10 +189,11 @@ public class SaTokenEventCenter {
|
||||
* 每次被解封时触发
|
||||
* @param loginType 账号类别
|
||||
* @param loginId 账号id
|
||||
* @param service 指定服务
|
||||
*/
|
||||
public static void doUntieDisable(String loginType, Object loginId) {
|
||||
public static void doUntieDisable(String loginType, Object loginId, String service) {
|
||||
for (SaTokenListener listener : listenerList) {
|
||||
listener.doUntieDisable(loginType, loginId);
|
||||
listener.doUntieDisable(loginType, loginId, service);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -47,16 +47,18 @@ public interface SaTokenListener {
|
||||
* 每次被封禁时触发
|
||||
* @param loginType 账号类别
|
||||
* @param loginId 账号id
|
||||
* @param service 指定服务
|
||||
* @param disableTime 封禁时长,单位: 秒
|
||||
*/
|
||||
public void doDisable(String loginType, Object loginId, long disableTime);
|
||||
public void doDisable(String loginType, Object loginId, String service, long disableTime);
|
||||
|
||||
/**
|
||||
* 每次被解封时触发
|
||||
* @param loginType 账号类别
|
||||
* @param loginId 账号id
|
||||
* @param service 指定服务
|
||||
*/
|
||||
public void doUntieDisable(String loginType, Object loginId);
|
||||
public void doUntieDisable(String loginType, Object loginId, String service);
|
||||
|
||||
/**
|
||||
* 每次创建Session时触发
|
||||
|
||||
@ -49,17 +49,17 @@ public class SaTokenListenerForConsolePrint implements SaTokenListener {
|
||||
* 每次被封禁时触发
|
||||
*/
|
||||
@Override
|
||||
public void doDisable(String loginType, Object loginId, long disableTime) {
|
||||
public void doDisable(String loginType, Object loginId, String service, long disableTime) {
|
||||
Date date = new Date(System.currentTimeMillis() + disableTime * 1000);
|
||||
println("账号[" + loginId + "]被封禁 (解封时间: " + SaFoxUtil.formatDate(date) + ")");
|
||||
println("账号[" + loginId + "] " + service + " 服务被封禁 (解封时间: " + SaFoxUtil.formatDate(date) + ")");
|
||||
}
|
||||
|
||||
/**
|
||||
* 每次被解封时触发
|
||||
*/
|
||||
@Override
|
||||
public void doUntieDisable(String loginType, Object loginId) {
|
||||
println("账号[" + loginId + "]被解除封禁");
|
||||
public void doUntieDisable(String loginType, Object loginId, String service) {
|
||||
println("账号[" + loginId + "] " + service + " 服务被解除封禁");
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -33,12 +33,12 @@ public class SaTokenListenerForSimple implements SaTokenListener {
|
||||
}
|
||||
|
||||
@Override
|
||||
public void doDisable(String loginType, Object loginId, long disableTime) {
|
||||
public void doDisable(String loginType, Object loginId, String service, long disableTime) {
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public void doUntieDisable(String loginType, Object loginId) {
|
||||
public void doUntieDisable(String loginType, Object loginId, String service) {
|
||||
|
||||
}
|
||||
|
||||
|
||||
@ -6,7 +6,12 @@ import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
import cn.dev33.satoken.SaManager;
|
||||
import cn.dev33.satoken.annotation.*;
|
||||
import cn.dev33.satoken.annotation.SaCheckDisable;
|
||||
import cn.dev33.satoken.annotation.SaCheckLogin;
|
||||
import cn.dev33.satoken.annotation.SaCheckPermission;
|
||||
import cn.dev33.satoken.annotation.SaCheckRole;
|
||||
import cn.dev33.satoken.annotation.SaCheckSafe;
|
||||
import cn.dev33.satoken.annotation.SaMode;
|
||||
import cn.dev33.satoken.config.SaCookieConfig;
|
||||
import cn.dev33.satoken.config.SaTokenConfig;
|
||||
import cn.dev33.satoken.context.SaHolder;
|
||||
@ -15,7 +20,7 @@ import cn.dev33.satoken.context.model.SaRequest;
|
||||
import cn.dev33.satoken.context.model.SaStorage;
|
||||
import cn.dev33.satoken.dao.SaTokenDao;
|
||||
import cn.dev33.satoken.exception.ApiDisabledException;
|
||||
import cn.dev33.satoken.exception.DisableLoginException;
|
||||
import cn.dev33.satoken.exception.DisableServiceException;
|
||||
import cn.dev33.satoken.exception.NotLoginException;
|
||||
import cn.dev33.satoken.exception.NotPermissionException;
|
||||
import cn.dev33.satoken.exception.NotRoleException;
|
||||
@ -309,10 +314,6 @@ public class StpLogic {
|
||||
|
||||
// ------ 前置检查
|
||||
SaTokenException.throwByNull(id, "账号id不能为空");
|
||||
if(isDisable(id)) {
|
||||
// 如果此账号已被封禁
|
||||
throw new DisableLoginException(loginType, id, getDisableTime(id));
|
||||
}
|
||||
|
||||
// ------ 1、初始化 loginModel
|
||||
SaTokenConfig config = getConfig();
|
||||
@ -1602,10 +1603,6 @@ public class StpLogic {
|
||||
*/
|
||||
public void checkByAnnotation(SaCheckLogin at) {
|
||||
this.checkLogin();
|
||||
Object loginId = getLoginId();
|
||||
if ("true".equalsIgnoreCase(at.checkEnable().trim()) && isDisable(loginId)) {
|
||||
throw new DisableLoginException(getLoginType(), loginId, getDisableTime(loginId));
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
@ -1661,29 +1658,43 @@ public class StpLogic {
|
||||
*
|
||||
* @param at 注解对象
|
||||
*/
|
||||
public void checkByAnnotation(SaCheckEnable at) {
|
||||
this.isDisable(getLoginId());
|
||||
public void checkByAnnotation(SaCheckDisable at) {
|
||||
this.checkDisable(getLoginId(), at.value());
|
||||
}
|
||||
|
||||
// ------------------- 账号封禁 -------------------
|
||||
|
||||
/**
|
||||
* 封禁指定账号
|
||||
* <p> 此方法不会直接将此账号id踢下线,而是在对方再次登录时抛出`DisableLoginException`异常
|
||||
* <p> 此方法不会直接将此账号id踢下线,如需封禁后立即掉线,请追加调用 StpUtil.logout(id)
|
||||
* @param loginId 指定账号id
|
||||
* @param disableTime 封禁时间, 单位: 秒 (-1=永久封禁)
|
||||
*/
|
||||
public void disable(Object loginId, long disableTime) {
|
||||
// 空值不做处理
|
||||
disable(loginId, SaTokenConsts.DEFAULT_DISABLE_SERVICE, disableTime);
|
||||
}
|
||||
|
||||
/**
|
||||
* 封禁 指定账号 指定服务
|
||||
* <p> 此方法不会直接将此账号id踢下线,如需封禁后立即掉线,请追加调用 StpUtil.logout(id)
|
||||
* @param loginId 指定账号id
|
||||
* @param service 指定服务
|
||||
* @param disableTime 封禁时间, 单位: 秒 (-1=永久封禁)
|
||||
*/
|
||||
public void disable(Object loginId, String service, long disableTime) {
|
||||
// 空值检查
|
||||
if(SaFoxUtil.isEmpty(loginId)) {
|
||||
return;
|
||||
throw new SaTokenException("请提供要封禁的账号");
|
||||
}
|
||||
if(SaFoxUtil.isEmpty(service)) {
|
||||
throw new SaTokenException("请提供要封禁的服务");
|
||||
}
|
||||
|
||||
// 标注为已被封禁
|
||||
getSaTokenDao().set(splicingKeyDisable(loginId), DisableLoginException.BE_VALUE, disableTime);
|
||||
getSaTokenDao().set(splicingKeyDisable(loginId, service), DisableServiceException.BE_VALUE, disableTime);
|
||||
|
||||
// $$ 发布事件
|
||||
SaTokenEventCenter.doDisable(loginType, loginId, disableTime);
|
||||
SaTokenEventCenter.doDisable(loginType, loginId, service, disableTime);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -1692,27 +1703,90 @@ public class StpLogic {
|
||||
* @return see note
|
||||
*/
|
||||
public boolean isDisable(Object loginId) {
|
||||
return getSaTokenDao().get(splicingKeyDisable(loginId)) != null;
|
||||
return isDisable(loginId, SaTokenConsts.DEFAULT_DISABLE_SERVICE);
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取指定账号剩余封禁时间,单位:秒(-1=永久封禁,-2=未被封禁)
|
||||
* 指定账号 指定服务 是否已被封禁 (true=已被封禁, false=未被封禁)
|
||||
* @param loginId 账号id
|
||||
* @param service 指定服务
|
||||
* @return see note
|
||||
*/
|
||||
public boolean isDisable(Object loginId, String service) {
|
||||
return getSaTokenDao().get(splicingKeyDisable(loginId, service)) != null;
|
||||
}
|
||||
|
||||
/**
|
||||
* 校验指定账号是否已被封禁,如果被封禁则抛出异常
|
||||
* @param loginId 账号id
|
||||
*/
|
||||
public void checkDisable(Object loginId) {
|
||||
checkDisable(loginId, SaTokenConsts.DEFAULT_DISABLE_SERVICE);
|
||||
}
|
||||
|
||||
/**
|
||||
* 校验 指定账号 指定服务 是否已被封禁,如果被封禁则抛出异常
|
||||
* @param loginId 账号id
|
||||
* @param services 指定服务,可以指定多个
|
||||
*/
|
||||
public void checkDisable(Object loginId, String... services) {
|
||||
if(services != null) {
|
||||
for (String service : services) {
|
||||
if(isDisable(loginId, service)) {
|
||||
throw new DisableServiceException(loginType, loginId, service, getDisableTime(loginId, service));
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取 指定账号 剩余封禁时间,单位:秒(-1=永久封禁,-2=未被封禁)
|
||||
* @param loginId 账号id
|
||||
* @return see note
|
||||
*/
|
||||
public long getDisableTime(Object loginId) {
|
||||
return getSaTokenDao().getTimeout(splicingKeyDisable(loginId));
|
||||
return getDisableTime(loginId, SaTokenConsts.DEFAULT_DISABLE_SERVICE);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* 获取 指定账号 指定服务 剩余封禁时间,单位:秒(-1=永久封禁,-2=未被封禁)
|
||||
* @param loginId 账号id
|
||||
* @param service 指定服务
|
||||
* @return see note
|
||||
*/
|
||||
public long getDisableTime(Object loginId, String service) {
|
||||
return getSaTokenDao().getTimeout(splicingKeyDisable(loginId, service));
|
||||
}
|
||||
|
||||
/**
|
||||
* 解封指定账号
|
||||
* @param loginId 账号id
|
||||
*/
|
||||
public void untieDisable(Object loginId) {
|
||||
getSaTokenDao().delete(splicingKeyDisable(loginId));
|
||||
|
||||
// $$ 发布事件
|
||||
SaTokenEventCenter.doUntieDisable(loginType, loginId);
|
||||
untieDisable(loginId, SaTokenConsts.DEFAULT_DISABLE_SERVICE);
|
||||
}
|
||||
|
||||
/**
|
||||
* 解封指定账号、指定服务
|
||||
* @param loginId 账号id
|
||||
* @param services 指定服务,可以指定多个
|
||||
*/
|
||||
public void untieDisable(Object loginId, String... services) {
|
||||
// 空值检查
|
||||
if(SaFoxUtil.isEmpty(loginId)) {
|
||||
throw new SaTokenException("请提供要解禁的账号");
|
||||
}
|
||||
if(services == null || services.length == 0) {
|
||||
throw new SaTokenException("请提供要解禁的服务");
|
||||
}
|
||||
|
||||
for (String service : services) {
|
||||
// 解封
|
||||
getSaTokenDao().delete(splicingKeyDisable(loginId, service));
|
||||
|
||||
// $$ 发布事件
|
||||
SaTokenEventCenter.doUntieDisable(loginType, loginId, service);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -1884,10 +1958,11 @@ public class StpLogic {
|
||||
/**
|
||||
* 拼接key: 账号封禁
|
||||
* @param loginId 账号id
|
||||
* @param service 具体封禁的服务
|
||||
* @return key
|
||||
*/
|
||||
public String splicingKeyDisable(Object loginId) {
|
||||
return getConfig().getTokenName() + ":" + loginType + ":disable:" + loginId;
|
||||
public String splicingKeyDisable(Object loginId, String service) {
|
||||
return getConfig().getTokenName() + ":" + loginType + ":disable:" + service + ":" + loginId;
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -761,13 +761,24 @@ public class StpUtil {
|
||||
|
||||
/**
|
||||
* 封禁指定账号
|
||||
* <p> 此方法不会直接将此账号id踢下线,而是在对方再次登录时抛出`DisableLoginException`异常
|
||||
* <p> 此方法不会直接将此账号id踢下线,如需封禁后立即掉线,请追加调用 StpUtil.logout(id)
|
||||
* @param loginId 指定账号id
|
||||
* @param disableTime 封禁时间, 单位: 秒 (-1=永久封禁)
|
||||
*/
|
||||
public static void disable(Object loginId, long disableTime) {
|
||||
stpLogic.disable(loginId, disableTime);
|
||||
}
|
||||
|
||||
/**
|
||||
* 封禁 指定账号 指定服务
|
||||
* <p> 此方法不会直接将此账号id踢下线,如需封禁后立即掉线,请追加调用 StpUtil.logout(id)
|
||||
* @param loginId 指定账号id
|
||||
* @param service 指定服务
|
||||
* @param disableTime 封禁时间, 单位: 秒 (-1=永久封禁)
|
||||
*/
|
||||
public static void disable(Object loginId, String service, long disableTime) {
|
||||
stpLogic.disable(loginId, service, disableTime);
|
||||
}
|
||||
|
||||
/**
|
||||
* 指定账号是否已被封禁 (true=已被封禁, false=未被封禁)
|
||||
@ -777,6 +788,33 @@ public class StpUtil {
|
||||
public static boolean isDisable(Object loginId) {
|
||||
return stpLogic.isDisable(loginId);
|
||||
}
|
||||
|
||||
/**
|
||||
* 指定账号 指定服务 是否已被封禁 (true=已被封禁, false=未被封禁)
|
||||
* @param loginId 账号id
|
||||
* @param service 指定服务
|
||||
* @return see note
|
||||
*/
|
||||
public static boolean isDisable(Object loginId, String service) {
|
||||
return stpLogic.isDisable(loginId, service);
|
||||
}
|
||||
|
||||
/**
|
||||
* 校验指定账号是否已被封禁,如果被封禁则抛出异常
|
||||
* @param loginId 账号id
|
||||
*/
|
||||
public static void checkDisable(Object loginId) {
|
||||
stpLogic.checkDisable(loginId);
|
||||
}
|
||||
|
||||
/**
|
||||
* 校验 指定账号 指定服务 是否已被封禁,如果被封禁则抛出异常
|
||||
* @param loginId 账号id
|
||||
* @param services 指定服务,可以指定多个
|
||||
*/
|
||||
public static void checkDisable(Object loginId, String... services) {
|
||||
stpLogic.checkDisable(loginId, services);
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取指定账号剩余封禁时间,单位:秒(-1=永久封禁,-2=未被封禁)
|
||||
@ -787,6 +825,16 @@ public class StpUtil {
|
||||
return stpLogic.getDisableTime(loginId);
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取 指定账号 指定服务 剩余封禁时间,单位:秒(-1=永久封禁,-2=未被封禁)
|
||||
* @param loginId 账号id
|
||||
* @param service 指定服务
|
||||
* @return see note
|
||||
*/
|
||||
public static long getDisableTime(Object loginId, String service) {
|
||||
return stpLogic.getDisableTime(loginId, service);
|
||||
}
|
||||
|
||||
/**
|
||||
* 解封指定账号
|
||||
* @param loginId 账号id
|
||||
@ -794,6 +842,15 @@ public class StpUtil {
|
||||
public static void untieDisable(Object loginId) {
|
||||
stpLogic.untieDisable(loginId);
|
||||
}
|
||||
|
||||
/**
|
||||
* 解封指定账号、指定服务
|
||||
* @param loginId 账号id
|
||||
* @param services 指定服务,可以指定多个
|
||||
*/
|
||||
public static void untieDisable(Object loginId, String... services) {
|
||||
stpLogic.untieDisable(loginId, services);
|
||||
}
|
||||
|
||||
|
||||
// =================== 身份切换 ===================
|
||||
|
||||
@ -10,7 +10,13 @@ import java.util.function.Consumer;
|
||||
import java.util.function.Function;
|
||||
|
||||
import cn.dev33.satoken.SaManager;
|
||||
import cn.dev33.satoken.annotation.*;
|
||||
import cn.dev33.satoken.annotation.SaCheckBasic;
|
||||
import cn.dev33.satoken.annotation.SaCheckDisable;
|
||||
import cn.dev33.satoken.annotation.SaCheckLogin;
|
||||
import cn.dev33.satoken.annotation.SaCheckPermission;
|
||||
import cn.dev33.satoken.annotation.SaCheckRole;
|
||||
import cn.dev33.satoken.annotation.SaCheckSafe;
|
||||
import cn.dev33.satoken.annotation.SaIgnore;
|
||||
import cn.dev33.satoken.basic.SaBasicUtil;
|
||||
import cn.dev33.satoken.session.SaSession;
|
||||
import cn.dev33.satoken.util.SaFoxUtil;
|
||||
@ -157,18 +163,18 @@ public final class SaStrategy {
|
||||
if(checkSafe != null) {
|
||||
SaManager.getStpLogic(checkSafe.type()).checkByAnnotation(checkSafe);
|
||||
}
|
||||
|
||||
// 校验 @SaCheckDisable 注解
|
||||
SaCheckDisable checkDisable = (SaCheckDisable) SaStrategy.me.getAnnotation.apply(target, SaCheckDisable.class);
|
||||
if(checkDisable != null) {
|
||||
SaManager.getStpLogic(checkDisable.type()).checkByAnnotation(checkDisable);
|
||||
}
|
||||
|
||||
// 校验 @SaCheckBasic 注解
|
||||
SaCheckBasic checkBasic = (SaCheckBasic) SaStrategy.me.getAnnotation.apply(target, SaCheckBasic.class);
|
||||
if(checkBasic != null) {
|
||||
SaBasicUtil.check(checkBasic.realm(), checkBasic.account());
|
||||
}
|
||||
|
||||
// 校验 @SaCheckEable 注解
|
||||
SaCheckEnable checkEable = (SaCheckEnable) SaStrategy.me.getAnnotation.apply(target, SaCheckEnable.class);
|
||||
if(checkEable != null) {
|
||||
SaManager.getStpLogic(checkEable.type()).checkByAnnotation(checkEable);
|
||||
}
|
||||
};
|
||||
|
||||
/**
|
||||
|
||||
@ -53,6 +53,11 @@ public class SaTokenConsts {
|
||||
* 常量key标记: 在登录时,默认使用的设备类型
|
||||
*/
|
||||
public static final String DEFAULT_LOGIN_DEVICE = "default-device";
|
||||
|
||||
/**
|
||||
* 常量key标记: 在封禁账号时,默认封禁的服务类型
|
||||
*/
|
||||
public static final String DEFAULT_DISABLE_SERVICE = "login";
|
||||
|
||||
/**
|
||||
* 常量key标记: 在进行临时身份切换时使用的key
|
||||
|
||||
@ -32,8 +32,8 @@ public class GlobalException implements EventListener<Throwable> {
|
||||
} else if (e instanceof NotPermissionException) { // 如果是权限异常
|
||||
NotPermissionException ee = (NotPermissionException) e;
|
||||
aj = AjaxJson.getNotJur("无此权限:" + ee.getPermission());
|
||||
} else if (e instanceof DisableLoginException) { // 如果是被封禁异常
|
||||
DisableLoginException ee = (DisableLoginException) e;
|
||||
} else if (e instanceof DisableServiceException) { // 如果是被封禁异常
|
||||
DisableServiceException ee = (DisableServiceException) e;
|
||||
aj = AjaxJson.getNotJur("账号被封禁:" + ee.getDisableTime() + "秒后解封");
|
||||
} else { // 普通异常, 输出:500 + 异常信息
|
||||
aj = AjaxJson.getError(e.getMessage());
|
||||
|
||||
@ -8,7 +8,7 @@ import org.springframework.web.bind.annotation.RestControllerAdvice;
|
||||
|
||||
import com.pj.util.AjaxJson;
|
||||
|
||||
import cn.dev33.satoken.exception.DisableLoginException;
|
||||
import cn.dev33.satoken.exception.DisableServiceException;
|
||||
import cn.dev33.satoken.exception.NotLoginException;
|
||||
import cn.dev33.satoken.exception.NotPermissionException;
|
||||
import cn.dev33.satoken.exception.NotRoleException;
|
||||
@ -42,9 +42,9 @@ public class GlobalException {
|
||||
NotPermissionException ee = (NotPermissionException) e;
|
||||
aj = AjaxJson.getNotJur("无此权限:" + ee.getPermission());
|
||||
}
|
||||
else if(e instanceof DisableLoginException) { // 如果是被封禁异常
|
||||
DisableLoginException ee = (DisableLoginException) e;
|
||||
aj = AjaxJson.getNotJur("账号被封禁:" + ee.getDisableTime() + "秒后解封");
|
||||
else if(e instanceof DisableServiceException) { // 如果是被封禁异常
|
||||
DisableServiceException ee = (DisableServiceException) e;
|
||||
aj = AjaxJson.getNotJur("当前账号 " + ee.getService() + " 服务已被封禁:" + ee.getDisableTime() + "秒后解封");
|
||||
}
|
||||
else { // 普通异常, 输出:500 + 异常信息
|
||||
aj = AjaxJson.getError(e.getMessage());
|
||||
|
||||
@ -9,7 +9,7 @@ import org.springframework.web.bind.annotation.ResponseBody;
|
||||
|
||||
import com.pj.util.AjaxJson;
|
||||
|
||||
import cn.dev33.satoken.exception.DisableLoginException;
|
||||
import cn.dev33.satoken.exception.DisableServiceException;
|
||||
import cn.dev33.satoken.exception.NotLoginException;
|
||||
import cn.dev33.satoken.exception.NotPermissionException;
|
||||
import cn.dev33.satoken.exception.NotRoleException;
|
||||
@ -44,8 +44,8 @@ public class GlobalException {
|
||||
NotPermissionException ee = (NotPermissionException) e;
|
||||
aj = AjaxJson.getNotJur("无此权限:" + ee.getPermission());
|
||||
}
|
||||
else if(e instanceof DisableLoginException) { // 如果是被封禁异常
|
||||
DisableLoginException ee = (DisableLoginException) e;
|
||||
else if(e instanceof DisableServiceException) { // 如果是被封禁异常
|
||||
DisableServiceException ee = (DisableServiceException) e;
|
||||
aj = AjaxJson.getNotJur("账号被封禁:" + ee.getDisableTime() + "秒后解封");
|
||||
}
|
||||
else { // 普通异常, 输出:500 + 异常信息
|
||||
|
||||
@ -6,7 +6,7 @@ import org.springframework.web.bind.annotation.ResponseBody;
|
||||
|
||||
import com.pj.util.AjaxJson;
|
||||
|
||||
import cn.dev33.satoken.exception.DisableLoginException;
|
||||
import cn.dev33.satoken.exception.DisableServiceException;
|
||||
import cn.dev33.satoken.exception.NotLoginException;
|
||||
import cn.dev33.satoken.exception.NotPermissionException;
|
||||
import cn.dev33.satoken.exception.NotRoleException;
|
||||
@ -38,8 +38,8 @@ public class GlobalException {
|
||||
} else if(e instanceof NotPermissionException) { // 如果是权限异常
|
||||
NotPermissionException ee = (NotPermissionException) e;
|
||||
aj = AjaxJson.getNotJur("无此权限:" + ee.getPermission());
|
||||
} else if(e instanceof DisableLoginException) { // 如果是被封禁异常
|
||||
DisableLoginException ee = (DisableLoginException) e;
|
||||
} else if(e instanceof DisableServiceException) { // 如果是被封禁异常
|
||||
DisableServiceException ee = (DisableServiceException) e;
|
||||
aj = AjaxJson.getNotJur("账号被封禁:" + ee.getDisableTime() + "秒后解封");
|
||||
} else { // 普通异常, 输出:500 + 异常信息
|
||||
aj = AjaxJson.getError(e.getMessage());
|
||||
|
||||
@ -38,6 +38,7 @@ public class SaCheckAspect {
|
||||
+ "@within(cn.dev33.satoken.annotation.SaCheckRole) || @annotation(cn.dev33.satoken.annotation.SaCheckRole) || "
|
||||
+ "@within(cn.dev33.satoken.annotation.SaCheckPermission) || @annotation(cn.dev33.satoken.annotation.SaCheckPermission) || "
|
||||
+ "@within(cn.dev33.satoken.annotation.SaCheckSafe) || @annotation(cn.dev33.satoken.annotation.SaCheckSafe) || "
|
||||
+ "@within(cn.dev33.satoken.annotation.SaCheckDisable) || @annotation(cn.dev33.satoken.annotation.SaCheckDisable) || "
|
||||
+ "@within(cn.dev33.satoken.annotation.SaCheckBasic) || @annotation(cn.dev33.satoken.annotation.SaCheckBasic)";
|
||||
|
||||
/**
|
||||
|
||||
@ -1,12 +1,17 @@
|
||||
package cn.dev33.satoken.solon;
|
||||
|
||||
import cn.dev33.satoken.annotation.*;
|
||||
import org.noear.solon.Solon;
|
||||
import org.noear.solon.core.AopContext;
|
||||
import org.noear.solon.core.Plugin;
|
||||
import org.noear.solon.core.event.EventBus;
|
||||
|
||||
import cn.dev33.satoken.SaManager;
|
||||
import cn.dev33.satoken.annotation.SaCheckBasic;
|
||||
import cn.dev33.satoken.annotation.SaCheckDisable;
|
||||
import cn.dev33.satoken.annotation.SaCheckLogin;
|
||||
import cn.dev33.satoken.annotation.SaCheckPermission;
|
||||
import cn.dev33.satoken.annotation.SaCheckRole;
|
||||
import cn.dev33.satoken.annotation.SaCheckSafe;
|
||||
import cn.dev33.satoken.basic.SaBasicTemplate;
|
||||
import cn.dev33.satoken.basic.SaBasicUtil;
|
||||
import cn.dev33.satoken.config.SaTokenConfig;
|
||||
@ -37,8 +42,8 @@ public class XPluginImp implements Plugin {
|
||||
context.beanAroundAdd(SaCheckRole.class, SaTokenAnnotationInterceptor.INSTANCE);
|
||||
context.beanAroundAdd(SaCheckLogin.class, SaTokenAnnotationInterceptor.INSTANCE);
|
||||
context.beanAroundAdd(SaCheckSafe.class, SaTokenAnnotationInterceptor.INSTANCE);
|
||||
context.beanAroundAdd(SaCheckDisable.class, SaTokenAnnotationInterceptor.INSTANCE);
|
||||
context.beanAroundAdd(SaCheckBasic.class, SaTokenAnnotationInterceptor.INSTANCE);
|
||||
context.beanAroundAdd(SaCheckEnable.class, SaTokenAnnotationInterceptor.INSTANCE);
|
||||
|
||||
//集成初始化
|
||||
|
||||
|
||||
@ -12,7 +12,7 @@ import org.springframework.boot.test.context.SpringBootTest;
|
||||
import cn.dev33.satoken.SaManager;
|
||||
import cn.dev33.satoken.dao.SaTokenDao;
|
||||
import cn.dev33.satoken.exception.ApiDisabledException;
|
||||
import cn.dev33.satoken.exception.DisableLoginException;
|
||||
import cn.dev33.satoken.exception.DisableServiceException;
|
||||
import cn.dev33.satoken.jwt.SaJwtUtil;
|
||||
import cn.dev33.satoken.jwt.StpLogicJwtForMixin;
|
||||
import cn.dev33.satoken.session.SaSession;
|
||||
@ -203,11 +203,11 @@ public class JwtForMixinTest {
|
||||
// 测试:账号封禁
|
||||
@Test
|
||||
public void testDisable() {
|
||||
Assertions.assertThrows(DisableLoginException.class, () -> {
|
||||
Assertions.assertThrows(DisableServiceException.class, () -> {
|
||||
// 封号
|
||||
StpUtil.disable(10007, 200);
|
||||
Assertions.assertTrue(StpUtil.isDisable(10007));
|
||||
Assertions.assertEquals(dao.get("satoken:login:disable:" + 10007), DisableLoginException.BE_VALUE);
|
||||
Assertions.assertEquals(dao.get("satoken:login:disable:" + 10007), DisableServiceException.BE_VALUE);
|
||||
|
||||
// 解封
|
||||
StpUtil.untieDisable(10007);
|
||||
|
||||
@ -35,7 +35,6 @@ public class MoreController {
|
||||
&& SaFoxUtil.equals(req.getHeader("div2", "zhang"), "zhang")
|
||||
;
|
||||
|
||||
System.out.println("::: "+SaHolder.getRequest().getUrl());
|
||||
SaHolder.getResponse().setServer("sa-server");
|
||||
return SaResult.data(flag);
|
||||
}
|
||||
|
||||
@ -20,7 +20,7 @@ import cn.dev33.satoken.SaManager;
|
||||
import cn.dev33.satoken.context.SaHolder;
|
||||
import cn.dev33.satoken.context.SaTokenContext;
|
||||
import cn.dev33.satoken.dao.SaTokenDao;
|
||||
import cn.dev33.satoken.exception.DisableLoginException;
|
||||
import cn.dev33.satoken.exception.DisableServiceException;
|
||||
import cn.dev33.satoken.exception.NotLoginException;
|
||||
import cn.dev33.satoken.exception.NotPermissionException;
|
||||
import cn.dev33.satoken.exception.NotRoleException;
|
||||
@ -359,7 +359,7 @@ public class BasicsTest {
|
||||
// 封号
|
||||
StpUtil.disable(10007, 200);
|
||||
Assertions.assertTrue(StpUtil.isDisable(10007));
|
||||
Assertions.assertEquals(dao.get("satoken:login:disable:" + 10007), DisableLoginException.BE_VALUE);
|
||||
Assertions.assertEquals(dao.get("satoken:login:disable:" + 10007), DisableServiceException.BE_VALUE);
|
||||
|
||||
// 封号时间
|
||||
long disableTime = StpUtil.getDisableTime(10007);
|
||||
@ -370,9 +370,9 @@ public class BasicsTest {
|
||||
Assertions.assertFalse(StpUtil.isDisable(10007));
|
||||
Assertions.assertEquals(dao.get("satoken:login:disable:" + 10007), null);
|
||||
|
||||
// 封号后登陆 (会抛出 DisableLoginException 异常)
|
||||
// 封号后检测一下 (会抛出 DisableLoginException 异常)
|
||||
StpUtil.disable(10007, 200);
|
||||
Assertions.assertThrows(DisableLoginException.class, () -> StpUtil.login(10007));
|
||||
Assertions.assertThrows(DisableServiceException.class, () -> StpUtil.checkDisable(10007));
|
||||
}
|
||||
|
||||
// 测试:身份切换
|
||||
|
||||
Loading…
Reference in New Issue
Block a user