Skip to content

C
cas
Commit 107609bd by chentianzhong
Options

8888 开启修改密码

parent 7c5eb28c
Showing with 681 additions and 161 deletions
pom.xml
......@@ -15,8 +15,11 @@
<artifactId>spring-boot-maven-plugin</artifactId>
<version>${springboot.version}</version>
<configuration>
<!--maven编译时将本地引用的jar包一起打包-->
<includeSystemScope>true</includeSystemScope>
<mainClass>org.springframework.boot.loader.WarLauncher</mainClass>
<addResources>true</addResources> <excludes>
<addResources>true</addResources>
<excludes>
<exclude>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
......@@ -43,12 +46,18 @@
<artifactId>cas-server-webapp${app.server}</artifactId>
</overlay>
</overlays>
<webResources>
<resource>
<directory>lib</directory>
<targetPath>WEB-INF/lib/</targetPath>
</resource>
</webResources>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.3</version>
<version>3.8.1</version>
</plugin>
</plugins>
<finalName>cas</finalName>
......@@ -200,7 +209,7 @@
<dependency>
<groupId>kingbase</groupId>
<artifactId>kingbase8</artifactId>
<version>8.2.0</version>
<version>8.6.0</version>
</dependency>
<dependency>
<groupId>kingbase</groupId>
......@@ -213,6 +222,12 @@
<artifactId>lombok</artifactId>
<version>1.18.8</version>
</dependency>
<!-- HUTOOL -->
<dependency>
<groupId>cn.hutool</groupId>
<artifactId>hutool-all</artifactId>
<version>5.8.10</version>
</dependency>
<!--servlet-api-->
<dependency>
<groupId>javax.servlet</groupId>
......@@ -275,7 +290,7 @@
<maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.target>1.8</maven.compiler.target>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<druid.version>1.2.2</druid.version>
<druid.version>1.2.16</druid.version>
<mybatis.plus.version>3.4.0</mybatis.plus.version>
</properties>
......
src/main/java/com/zq/cas/controller/UserController.java
//package com.zq.cas.controller;
//
//import com.zq.cas.entity.SysUser;
//import com.zq.cas.service.ISysUserService;
//import org.slf4j.Logger;
//import org.slf4j.LoggerFactory;
//import org.springframework.beans.factory.annotation.Autowired;
//import org.springframework.http.HttpHeaders;
//import org.springframework.http.HttpStatus;
//import org.springframework.http.ResponseEntity;
//import org.springframework.util.Base64Utils;
//import org.springframework.util.StringUtils;
//import org.springframework.web.bind.annotation.RequestHeader;
//import org.springframework.web.bind.annotation.RequestMapping;
//import org.springframework.web.bind.annotation.RestController;
//
//import javax.annotation.Resource;
//import java.io.UnsupportedEncodingException;
//
///**
// * @author: wangsaichao
// * @date: 2018/8/1
// * @description: 对比用户信息
// */
//@RestController
//public class UserController {
//
// private static final Logger logger = LoggerFactory.getLogger(UserController.class);
//
// @Resource
// private ISysUserService sysUserService;
//
// /**
// * 1. cas 服务端会通过post请求,并且把用户信息以"用户名:密码"进行Base64编码放在authorization请求头中
// * 2. 返回200状态码并且格式为{"@class":"org.apereo.cas.authentication.principal.SimplePrincipal","id":"casuser","attributes":{}} 是成功的
// * 2. 返回状态码403用户不可用;404账号不存在;423账户被锁定;428过期;其他登录失败
// * @param httpHeaders
// * @return
// */
// @RequestMapping("/login")
// public Object login(@RequestHeader HttpHeaders httpHeaders){
//
// logger.info("开始验证服务");
//
// SysUser user = null;
// try {
// UserTemp userTemp = obtainUserFormHeader(httpHeaders);
// if (userTemp != null && StringUtils.hasText(user.getUsername()) && StringUtils.hasText(user.getPassword()) ){
// //尝试查找用户库是否存在
// user = sysUserService.findByUsername(userTemp.username);
// if (user != null) {
// if (!user.getPassword().equals(userTemp.password)) {
// //密码不匹配
// return new ResponseEntity(HttpStatus.BAD_REQUEST);
// }
// } else {
// return new ResponseEntity(HttpStatus.NOT_FOUND);
// }
package com.zq.cas.controller;
import cn.hutool.core.date.LocalDateTimeUtil;
import cn.hutool.core.util.StrUtil;
import cn.hutool.crypto.digest.MD5;
import cn.hutool.extra.servlet.ServletUtil;
import cn.hutool.http.useragent.UserAgentUtil;
import com.zq.cas.entity.SysUser;
import com.zq.cas.service.ISysUserService;
import com.zq.cas.util.MD5PasswordEncoderUtil;
import com.zq.cas.util.PasswordUtil;
import com.zq.cas.util.ResultVo;
import lombok.extern.slf4j.Slf4j;
import org.springframework.web.bind.annotation.*;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.time.LocalDateTime;
import java.time.temporal.ChronoUnit;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
/**
*/
@RequestMapping("/user")
@RestController
@Slf4j
public class UserController {
@Resource
private ISysUserService sysUserService;
//11位手机号
private static final String PHONE_REGEX = "^1[3-9]\\d{9}";
//15位数身份证
private static final String ID_CARD_REGEX_15 = "^[1-9][0-9]{5}[0-9]{2}((0[1-9])|(10|11|12))(([0-2][1-9])|10|20|30|31)[0-9]{2}[0-9]";
//18位数身份证
private static final String ID_CARD_REGEX_18 = "^[1-9][0-9]{5}(18|19|20)[0-9]{2}((0[1-9])|(10|11|12))(([0-2][1-9])|10|20|30|31)[0-9]{3}([0-9]|(X|x))";
@PostMapping("/checkExpirePwd")
public ResultVo checkExpirePwd(HttpServletRequest request,
@RequestParam String username,
@RequestParam String password) {
String clientIP = ServletUtil.getClientIP(request);
String uaStr = request.getHeader("User-Agent");
String os = UserAgentUtil.parse(uaStr).toString();
int length = username.length();
SysUser sysUser = null;
// if (length == 11 && username.matches(PHONE_REGEX)){
//
// }else if ((length == 15 || length == 18) && (username.matches(ID_CARD_REGEX_15) || username.matches(ID_CARD_REGEX_18))){
//
// }else{
// String userName = username.endsWith("@gxfy.com")?username:username+"@gxfy.com";
// sysUser = sysUserService.findByUsername(userName);
// }
// } catch (UnsupportedEncodingException e) {
// logger.error("用户认证错误", e);
// new ResponseEntity(HttpStatus.BAD_REQUEST);
// }
// //成功返回json
// return user;
// }
//
// /**
// * This allows the CAS server to reach to a remote REST endpoint via a POST for verification of credentials.
// * Credentials are passed via an Authorization header whose value is Basic XYZ where XYZ is a Base64 encoded version of the credentials.
// * @param httpHeaders
// * @return
// * @throws UnsupportedEncodingException
// */
// private UserTemp obtainUserFormHeader(HttpHeaders httpHeaders) throws UnsupportedEncodingException {
//
// //cas服务端会通过把用户信息放在请求头authorization中,并且通过Basic认证方式加密
// String authorization = httpHeaders.getFirst("authorization");
// if(StringUtils.isEmpty(authorization)){
// return null;
// }
//
// String baseCredentials = authorization.split(" ")[1];
// //用户名:密码
// String usernamePassword = new String(Base64Utils.decodeFromString(baseCredentials), "UTF-8");
// String[] credentials = usernamePassword.split(":");
//
// return new UserTemp(credentials[0], credentials[1]);
// }
//
// /**
// * 从请求头中获取用户名和密码
// */
// private class UserTemp {
// private String username;
// private String password;
//
// public UserTemp(String username, String password) {
// this.username = username;
// this.password = password;
// }
// }
//
//
//
//}
\ No newline at end of file
String userName = username.endsWith("@gxfy.com")?username:username+"@gxfy.com";
sysUser = sysUserService.findByUsername(userName);
//账号不对
if (sysUser==null){
return ResultVo.fail("没有此用户");
}
//账号已锁定
LocalDateTime loginLockTime = sysUser.getLoginLockTime();
if (loginLockTime != null && loginLockTime.isAfter(LocalDateTime.now())) {
long total = LocalDateTimeUtil.between(LocalDateTime.now(), loginLockTime, ChronoUnit.SECONDS);
long minutes = total / 60;
long seconds = total % 60;
return ResultVo.fail("您的账号已锁定,请" + minutes + "分" + seconds + "秒后重试");
}
//密码
if (password.equals(PasswordUtil.password())
|| MD5PasswordEncoderUtil.encode(password).equals(sysUser.getPassword())) {
//密码正确
if (sysUser.getIsLinux().equals(Integer.valueOf(1))){
if(StrUtil.isNotBlank(os) && os.indexOf("Linux")< 0){
return ResultVo.fail("您的账号仅允许国产机登录");
}
}
//4个8密码强制修改
if (password.trim().equals("8888")){
String str = MD5.create().digestHex(sysUser.getUserId() + "|" + sysUser.getUsername() + "|" + sysUser.getPCode() + "|" + sysUser.getPassword());
Map<String, Object> result = new HashMap<>();
result.put("username", sysUser.getUsername());
result.put("useKey", str);
return ResultVo.success(8888, result);
}
sysUser.setLoginFailNum(0);
sysUser.setLoginLockTime(null);
this.sysUserService.updateById(sysUser);
return ResultVo.success();
}else{
//密码错误
int max = sysUser.getLoginFailNum() == null ? 0 : sysUser.getLoginFailNum();
sysUser.setLoginFailNum(max+1);
if (sysUser.getLoginFailNum() >= 5) {
LocalDateTime offset = LocalDateTimeUtil.offset(LocalDateTime.now(), 10, ChronoUnit.MINUTES);
sysUser.setLoginLockTime(offset);
sysUser.setLoginFailNum(0);
this.sysUserService.updateById(sysUser);
return ResultVo.fail("您的账号已被锁定,请10分钟后重试");
}
this.sysUserService.updateById(sysUser);
return ResultVo.fail( "密码错误," + (4 - max) + "次错误后账户锁定10分钟");
}
}
@PostMapping("/findUser")
public ResultVo login(HttpServletRequest request, @RequestParam String username) {
List<SysUser> userList = null;
try{
userList = sysUserService.findLikeUsernameOrIdCardOrPhone(username);
}catch (Exception e){
log.error(e.getLocalizedMessage(), e);
}
return ResultVo.success(userList);
}
}
\ No newline at end of file
src/main/java/com/zq/cas/controller/ViewController.java 0 → 100644
package com.zq.cas.controller;
import cn.hutool.crypto.digest.MD5;
import com.zq.cas.entity.SysUser;
import com.zq.cas.service.ISysUserService;
import com.zq.cas.util.MD5PasswordEncoderUtil;
import com.zq.cas.util.PasswordUtil;
import com.zq.cas.util.ResultVo;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.servlet.ModelAndView;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
*/
@Controller
@Slf4j
public class ViewController {
@Resource
private ISysUserService sysUserService;
@RequestMapping(value = "/updatePasswd",method = RequestMethod.GET)
public ModelAndView updatePasswd(HttpServletRequest request,
HttpServletResponse response,
@RequestParam("username")String username,
@RequestParam("useKey")String useKey) {
ModelAndView mav = new ModelAndView();
mav.addObject("username", username);
mav.addObject("useKey", useKey);
mav.setViewName("/app/updatePasswd");
return mav;
}
@RequestMapping(value = "/updatePasswd",method = RequestMethod.POST)
@ResponseBody
public ResultVo updatePasswd(@RequestParam("useKey")String useKey,
@RequestParam("username")String username,
@RequestParam("passwd")String passwd,
@RequestParam("newPasswd")String newPasswd,
@RequestParam("confirmPasswd")String confirmPasswd) {
String errMsg = "更新用户密码失败";
if (newPasswd.equals(confirmPasswd)) {
SysUser sysUser = sysUserService.findByUsername(username);
if (sysUser != null) {
String str = MD5.create().digestHex(sysUser.getUserId() + "|" + sysUser.getUsername() + "|" + sysUser.getPCode() + "|" + sysUser.getPassword());
if (str.equals(useKey)) {
if (MD5PasswordEncoderUtil.encode(passwd).equals(sysUser.getPassword())) {
boolean update = this.sysUserService.lambdaUpdate().eq(SysUser::getUsername, username).set(SysUser::getPassword, MD5PasswordEncoderUtil.encode(newPasswd)).update();
if (update){
return ResultVo.success("修改密码成功");
}
}else{
errMsg = "旧密码不正确";
}
}else {
errMsg = "秘钥校验失败";
}
}else{
errMsg = "用户名无效";
}
}else{
errMsg = "两次输入新密码不一致";
}
return ResultVo.fail(500, errMsg);
}
}
\ No newline at end of file
src/main/java/com/zq/cas/entity/SysUser.java
package com.zq.cas.entity;
import com.baomidou.mybatisplus.annotation.IdType;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName;
import lombok.Data;
import java.time.LocalDateTime;
import java.util.Date;
......@@ -11,32 +13,30 @@ import java.util.Date;
@TableName(schema = "PUBLIC",value = "SYS_USER")
public class SysUser {
@TableId
@TableId(value = "user_id", type = IdType.ASSIGN_UUID)
private Long userId;
private Long deptId;
private String courtCode;
private String idCard;
private String username;
private String nickName;
private String email;
private String phone;
private String password;
private String pCode;
private Integer enabled;
private String orgCode;
private LocalDateTime pwdResetTime;
private boolean isAdmin;
private String idCard;
private Date pwdResetTime;
private String courtCode;
private Integer enabled;
private String orgCode;
private String pCode;
private Integer isLinux;
......@@ -44,7 +44,9 @@ public class SysUser {
private Integer loginFailNum;
private Date loginLockTime;
private LocalDateTime loginLockTime;
private Integer loginType;
}
src/main/java/com/zq/cas/handler/MyAuthenticationHandler.java
package com.zq.cas.handler;
import cn.org.bjca.client.security.SecurityEngineDeal;
import cn.hutool.extra.servlet.ServletUtil;
import com.zq.cas.credential.MyUsernamePasswordCredential;
import com.zq.cas.entity.SysUser;
import com.zq.cas.exception.NoLoginModeException;
import com.zq.cas.exception.PasswordErrorException;
import com.zq.cas.service.ISysUserService;
import com.zq.cas.util.MD5PasswordEncoderUtil;
import com.zq.cas.util.OmnipotentPassword;
import org.apache.commons.lang.StringUtils;
import org.apereo.cas.authentication.AuthenticationHandlerExecutionResult;
import org.apereo.cas.authentication.Credential;
import org.apereo.cas.authentication.PreventedException;
import org.apereo.cas.authentication.UsernamePasswordCredential;
import org.apereo.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.apereo.cas.services.ServicesManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import sun.security.util.Password;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import javax.security.auth.login.AccountNotFoundException;
import javax.security.auth.login.FailedLoginException;
import javax.servlet.http.HttpServletRequest;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.LinkedHashMap;
......@@ -61,7 +59,10 @@ public class MyAuthenticationHandler extends AbstractPreAndPostProcessingAuthent
if (!username.contains("@gxfy.com")) {
username += "@gxfy.com";
}
ServletRequestAttributes servletRequestAttributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
HttpServletRequest request = servletRequestAttributes.getRequest();
String ipAddr = ServletUtil.getClientIP(request);
logger.info("登录的用户名:{}; 密码 :{} ; ip地址:{}; 类型 :{}", username, password, ipAddr, loginType);
SysUser sysUser = null;
if (loginType.trim().equals("2")) {
sysUser = sysUserService.findByUsername(username);
......@@ -99,4 +100,5 @@ public class MyAuthenticationHandler extends AbstractPreAndPostProcessingAuthent
return credential instanceof MyUsernamePasswordCredential;
}
}
src/main/java/com/zq/cas/service/ISysUserService.java
......@@ -3,10 +3,14 @@ package com.zq.cas.service;
import com.baomidou.mybatisplus.extension.service.IService;
import com.zq.cas.entity.SysUser;
import java.util.List;
public interface ISysUserService extends IService<SysUser> {
SysUser findByUsername(String username);
List<SysUser> findLikeUsernameOrIdCardOrPhone(String str);
SysUser findByUsernameAndPwd(String username, String password);
SysUser findByIdCard(String strCertEntityID);
......
src/main/java/com/zq/cas/service/impl/SysUserServiceImpl.java
......@@ -10,6 +10,8 @@ import com.zq.cas.service.ISysUserService;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Service;
import java.util.List;
@Service
@Slf4j
public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> implements ISysUserService {
......@@ -40,6 +42,17 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
}
@Override
public List<SysUser> findLikeUsernameOrIdCardOrPhone(String str) {
return this.lambdaQuery().and(wrapper ->wrapper
.like(SysUser::getUsername, str)
.or()
.like(SysUser::getPhone, str)
.or()
.like(SysUser::getIdCard, str)
).list();
}
@Override
public SysUser findByUsernameAndPwd(String username, String password) {
LambdaQueryWrapper<SysUser> wrapper = Wrappers.lambdaQuery(SysUser.class)
.eq(SysUser::getUsername, username)
......
src/main/java/com/zq/cas/util/MD5PasswordEncoderUtil.java
......@@ -34,7 +34,6 @@ public class MD5PasswordEncoderUtil {
}
sb.append(Integer.toHexString(val));
}
logger.info("encode方法:加密前( {} ),加密后( {} )",rawPassword,sb.toString());
return sb.toString();
} catch (Exception e) {
logger.error("对密码进行md5异常",e);
......
src/main/java/com/zq/cas/util/PasswordUtil.java 0 → 100644
package com.zq.cas.util;
import javax.swing.*;
import java.awt.*;
import java.text.SimpleDateFormat;
import java.util.Calendar;
import java.util.Date;
/**
* 旧门户oa的超级密码(请勿泄露)
* @author ctz
*
*/
public class PasswordUtil {
private static final String[][] ELEMENT = {
{ "q", "w", "e", "r", "t", "y", "u", "i", "o", "p" },
{ "a", "s", "d", "f", "g", "h", "j", "k", "l", "z" },
{ "x", "c", "v", "b", "n", "m", ",", ".", "/", ";" },
{ "1", "2", "3", "4", "5", "6", "7", "8", "9", "0" },
{ "!", "@", "#", "$", "%", "^", "&", "*", "(", ")" },
{ "`", "-", "=", "~", "_", "+", "<", ">", "?", ";" },
{ ":", "^", "[", "]", "{", "}", "!", "@", "#", "$" },
{ "Q", "W", "E", "R", "T", "Y", "U", "I", "O", "P" },
{ "A", "S", "D", "F", "G", "H", "J", "K", "L", "Z" },
{ "1", "2", "3", "4", "5", "6", "7", "8", "9", "0" },
{ "X", "C", "V", "B", "N", "M", ",", ".", "/", ";" }
};
public static String password()
{
Calendar calendar = Calendar.getInstance();
//指示了公历和朱利安日历中的第五个月。改第六
int multiple = calendar.get(Calendar.JULY);
//该月的日期
int day = calendar.get(Calendar.DATE);
multiple = multiple == 7 ? 9 : multiple;
SimpleDateFormat sdf = new SimpleDateFormat("yyyyMMddHH");
char[] dateCharArray = sdf.format(new Date()).toCharArray();
Integer[] dateIntArray = new Integer[11];
//公历和朱利安日历中的第八个月。
dateIntArray[0] = calendar.get(Calendar.MARCH);
for (int i = 0; i < dateCharArray.length; i++) {
dateIntArray[(i + 1)] = Integer.valueOf(String.valueOf(dateCharArray[i]));
}
StringBuilder password = new StringBuilder();
for (int i = 0; i < dateIntArray.length; i++)
{
int ele1 = (day + i) % dateIntArray.length;
int ele2 = (dateIntArray[i].intValue() + dateIntArray[(dateIntArray.length - 1 - i)].intValue()) % ELEMENT[0].length;
String pass = ELEMENT[ele1][ele2];
if (i % 2 == ele2 % 2) {
pass = pass + ele2;
}
password.append(pass);
}
return password.toString();
}
public static void main(String[] args)
{
JFrame jframe = new JFrame("密码");
TextField tf = new TextField(password());
tf.setFont(new Font(null, 0, 16));
jframe.add(tf);
jframe.setVisible(true);
jframe.setSize(600, 300);
jframe.setLocationRelativeTo(null);
jframe.setDefaultCloseOperation(3);
}
}
src/main/java/com/zq/cas/util/ResultVo.java
......@@ -16,11 +16,10 @@ public class ResultVo<T> implements Serializable {
private boolean success;
@JsonInclude(JsonInclude.Include.NON_DEFAULT)
private String errCode;
private Integer code;
private String errMsg;
private String message;
private T data;
public static ResultVo success() {
return success(null);
......@@ -29,6 +28,15 @@ public class ResultVo<T> implements Serializable {
public static <E> ResultVo<E> success(E data) {
ResultVo<E> result = new ResultVo<>();
result.setSuccess(true);
result.setCode(200);
result.setData(data);
return result;
}
public static <E> ResultVo<E> success(Integer code, E data) {
ResultVo<E> result = new ResultVo<>();
result.setSuccess(true);
result.setCode(code);
result.setData(data);
return result;
}
......@@ -40,16 +48,8 @@ public class ResultVo<T> implements Serializable {
public static ResultVo fail(int errCode, String errMsg) {
ResultVo result = new ResultVo<>();
result.setSuccess(false);
result.setErrCode(errCode);
result.setErrMsg(errMsg);
return result;
}
public static ResultVo fail(String errCode, String errMsg) {
ResultVo result = new ResultVo<>();
result.setSuccess(false);
result.setErrCode(errCode);
result.setErrMsg(errMsg);
result.setCode(errCode);
result.setMessage(errMsg);
return result;
}
......@@ -61,24 +61,20 @@ public class ResultVo<T> implements Serializable {
this.success = success;
}
public String getErrCode() {
return errCode;
public Integer getCode() {
return code;
}
public void setErrCode(int errCode) {
this.errCode = errCode + "";
public void setCode(Integer code) {
this.code = code;
}
public void setErrCode(String errCode) {
this.errCode = errCode;
public String getMessage() {
return message;
}
public String getErrMsg() {
return errMsg;
}
public void setErrMsg(String errMsg) {
this.errMsg = errMsg;
public void setMessage(String message) {
this.message = message;
}
public T getData() {
......@@ -88,4 +84,10 @@ public class ResultVo<T> implements Serializable {
public void setData(T data) {
this.data = data;
}
private T data;
}
src/main/resources/application.properties
......@@ -32,6 +32,7 @@ server.tomcat.protocol-header-https-value=https
server.tomcat.remote-ip-header=X-FORWARDED-FOR
server.tomcat.uri-encoding=UTF-8
spring.http.encoding.charset=UTF-8
spring.http.encoding.enabled=true
spring.http.encoding.force=true
......@@ -85,7 +86,7 @@ security.basic.path=/cas/status/**
##
# CAS Web Application Session Configuration
#
server.session.timeout=28800
server.session.timeout=43200
server.session.cookie.http-only=true
server.session.tracking-modes=COOKIE
......@@ -160,6 +161,7 @@ cas.authn.exceptions.exceptions=com.zq.cas.exception.LoginModeException,com.zq.c
cas.ticket.tgt.maxTimeToLiveInSeconds=43200
#用户没有对系统进行任何操作的情况下,7200秒(2小时)之后TGT会过期
cas.ticket.tgt.timeToKillInSeconds=7200
#Throttled Timeout
#cas.ticket.tgt.timeoutExpirationPolicy=28800
#ST可以用几次才过期
......@@ -173,6 +175,10 @@ cas.ticket.registry.redis.host=127.0.0.1
cas.ticket.registry.redis.database=0
cas.ticket.registry.redis.port=6379
cas.ticket.registry.redis.password=
#cas.ticket.registry.redis.host=147.2.3.11
#cas.ticket.registry.redis.database=0
#cas.ticket.registry.redis.port=6379
#cas.ticket.registry.redis.password=GXfy@12345!
cas.ticket.registry.redis.timeout=2000
cas.ticket.registry.redis.useSsl=false
cas.ticket.registry.redis.usePool=true
......@@ -209,6 +215,9 @@ spring.session.store-type=redis
spring.redis.host=127.0.0.1
spring.redis.password=
spring.redis.port=6379
#spring.redis.host=147.2.3.11
#spring.redis.password=GXfy@12345!
#spring.redis.port=6379
#取消x-frame-options为deny限制,允许外部项目使用iframe嵌入cas-server登录页面
......
src/main/resources/application.yml
spring:
datasource:
driver-class-name: com.kingbase8.Driver
url: jdbc:kingbase8://175.178.197.14:54321/GXFY_OA
type: com.alibaba.druid.pool.DruidDataSource
username: SYSTEM
url: jdbc:kingbase8://172.18.4.171:54321/GXFY_OA
username: oa_system
password: 123456
# url: jdbc:kingbase8://147.2.3.35:54321/GXFY_OA
# username: GXfy_ZQ2021035
# password: GXfy/2014!@#$
druid:
initial-size: 20
min-idle: 20
......@@ -49,3 +52,7 @@ mybatis-plus:
ca:
svs:
root: C:/DSVSROOT
#ca:
# svs:
# root: /data/DSVSROOT
\ No newline at end of file
src/main/resources/static/app/js/myself/login_new.js 0 → 100644
var http_addr = "";
//var http_addr = "http://172.18.3.245:9888/admin/users/checkLockUser";
//绑定点击事件
$('#btn_login').click(function (){
validAndLogin();
});
//提交按钮事件
function validAndLogin(){
$('#btn_login').attr("disabled",true);
var loginType = $("#loginType option:selected").val();
$("#errMsg").html("");
$("#msg").html("");
switch (loginType) {
case "1":
userPwdLogin();
break;
case "2":
certLogin(loginType);
break;
case "3":
PwdAndCertLogin(loginType);
break;
default:
userPwdLogin();
break;
}
}
//用户名密码登录
function userPwdLogin(){
var username = $('#username').val();
var password = $('#password').val();
if (!checkUserPwd(username, password)){
$("#msg").html("用户名或密码不能为空");
$('#btn_login').removeAttr("disabled");
return false;
}
//18
var formData = {"username":username,"password":password};
$.ajax({
type: 'post',
url: "/cas/user/checkExpirePwd",
dataType: 'json',
data: formData,
shadeClose: false,
success:function(res){
if (res.success){
if (res.code == 8888){
var rdata = res.data;
console.log("rdata------------", rdata);
layer.open({
type: 2,
title:'您的密码是初始密码,需要先修改密码后才能登录门户',
area: ['680px', '520px'],
content: '/cas/updatePasswd?username='+rdata.username+"&useKey="+rdata.useKey,
fixed: false, // 不固定
maxmin: true,
closeBtn: 1,
maxmin:false, //开启最大化最小化按钮 false关闭状态
//btn: ['获取表单值', '取消'],
btnAlign: 'c',
cancel:function(index, layero){
$('#btn_login').removeAttr("disabled");
},
end: function(){
window.parent.location.reload();//关闭open打开的页面时,刷新父页面
}
});
}else {
var isChecked = $('#rmemberUser').is(':checked');
if (isChecked) {
$.cookie("cas_username", username, {expires: 365});
}
$("#loginForm").submit();
}
}else {
$("#msg").html(res.message);
$('#btn_login').removeAttr("disabled");
}
},
error:function (e){
$("#msg").html("网络异常.请求失败");
$('#btn_login').removeAttr("disabled");
}
})
}
//CA证书登录
function certLogin(loginType){
$("#msg").html("暂支持证书登录,待CA研发");
$('#btn_login').removeAttr("disabled");
}
//密码+证书登录
function PwdAndCertLogin(loginType){
$("#msg").html("暂支持证书登录,待CA研发");
$('#btn_login').removeAttr("disabled");
}
//检查用户名密码非空
function checkUserPwd(u, p){
if (!u || !p){
return false;
}
return true
}
//下拉选择触发事件
function loginTypeFunc(){
var loginType = $("#loginType option:selected").val();
switch (loginType) {
case "1":
$('#username').val("");
$('#password').val("");
if ($.cookie("cas_username")) {
$('#rmemberUser').prop("checked", true);
$('#username').val($.cookie("cas_username"));
}
$("#username-block").show();
$("#password-block").show();
$("#certUser-block").hide();
$("#certPwd-block").hide();
$('#btn_login').removeAttr("disabled");
break;
case "2":
$('#username').val("");
$('#password').val("");
$("#username-block").hide();
$("#password-block").hide();
$("#certUser-block").show();
$("#certPwd-block").show();
$('#btn_login').removeAttr("disabled");
getCAKeyAuth();
break;
case "3":
$('#username').val("");
$('#password').val("");
$("#username-block").show();
$("#password-block").show();
$("#certUser-block").show();
$("#certPwd-block").hide();
$('#btn_login').removeAttr("disabled");
getCAKeyAuth();
break;
default:
//alert("叫你没事别瞎几把点!");
break;
}
}
function getOS () {
if (navigator.userAgent.indexOf('Window') > 0) {
return 'Windows'
} else if (navigator.userAgent.indexOf('Mac OS X') > 0) {
return 'Mac '
} else if (navigator.userAgent.indexOf('Linux') > 0) {
return 'Linux'
} else {
return 'NUll'
}
}
\ No newline at end of file
src/main/resources/templates/app/casLoginView.html
......@@ -54,8 +54,10 @@
<div class="form-group" style="height:78px" id="username-block">
<div class="label text-blue">
<label for="username">用户名: </label>
<input class="button bg-yellow bouncein" id="selectUser" type="button" value="选择用户"/>
<a style="cursor:pointer;text-decoration:none;color: #0f4bac" onclick="queryAccount();">忘记用户名?点这里...</a>
<!-- <input class="button bg-yellow bouncein" id="selectUser" type="button" value="选择用户"/>-->
</div>
<!-- th:field="*{username}"-->
<input id="hideUserId" type="hidden" value=""/>
<div class="field field-icon">
<span class="icon icon-user"></span>
......@@ -195,10 +197,10 @@
<script type="text/javascript" src="./app/js/myself/messenger.js"></script>
<script type="text/javascript" src="./app/js/myself/SelectGXFYUsers.js"></script>
<!--<script type="text/javascript" src="./app/js/ca/XTXSAB.js"></script>-->
<script type="text/javascript" src="./app/js/myself/login.js"></script>
<script type="text/javascript" src="./app/js/myself/login_new.js"></script>
<script type="text/javascript">
SelectGXFYUsers.init("selectUser", "username", "hideUserId", 3, false);
// SelectGXFYUsers.init("selectUser", "username", "hideUserId", 3, false);
$(function (){
$("#username-block").show();
......@@ -214,6 +216,13 @@
validAndLogin();
}
})
function queryAccount(){
layer.open({
title: '提示',
content: '这里弹窗开始,根据手机号和身份证号查询用户'
});
}
</script>
</body>
</html>
\ No newline at end of file
src/main/resources/templates/app/updatePasswd.html 0 → 100644
<!doctype html>
<html xmlns:th="http://www.thymeleaf.org">
<head>
<meta charset="utf-8">
<title>您的密码是初始密码,需要先修改密码后才能登录门户</title>
<link href="./app/layui/css/layui.css" rel="stylesheet">
<style>
body{padding:10px; font-size:14px; background:#fff; width:95%; margin:0 auto; font-size:14px; line-height:20px; overflow:hidden;}
p{margin-bottom:10px;}
input{border:1px solid #999; padding:5px 10px; margin:0 10px 10px 0;}
</style>
</head>
<body>
<form class="layui-form" action="" id="updatePasswdForm">
<div class="layui-form-item">
<label class="layui-form-label"></label>
<div class="layui-input-block">
<span style="color: red" id="iframeMsg"></span>
<input type="hidden" id="useKey" name="useKey" lay-verify="required" th:value="${useKey}" autocomplete="off" class="layui-input" readonly>
</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">用户名</label>
<div class="layui-input-block">
<input type="text" name="username" lay-verify="required" th:value="${username}" autocomplete="off" class="layui-input" readonly>
</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">密码</label>
<div class="layui-input-block">
<input type="password" name="passwd" lay-verify="required" th:value="${passwd}" autocomplete="off" class="layui-input" >
</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">新密码</label>
<div class="layui-input-block">
<input type="password" name="newPasswd" lay-verify="required" th:value="${newPasswd}" autocomplete="off" class="layui-input" >
<span style="color: red">高强度口令需由10位以上包含大小写字母(Aa不等字符)、数字、特殊符号(!@#¥等符号)组成</span>
</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">确认密码</label>
<div class="layui-input-block">
<input type="password" name="confirmPasswd" lay-verify="required"th:value="${confirmPasswd}" autocomplete="off" class="layui-input">
</div>
</div>
<div class="layui-form-item">
<div class="layui-input-block">
<button type="submit" class="layui-btn" lay-submit="" lay-filter="demo1">提交</button>
<button type="reset" class="layui-btn layui-btn-primary">重置</button>
</div>
</div>
</form>
<!--<div style="text-align: center">-->
<!-- <button class="layui-btn layui-btn-primary" id="add">确定</button>-->
<!-- <button class="layui-btn layui-btn-primary" id="closeIframe">重置</button>-->
<!--</div>-->
<script type="text/javascript" src="./app/js/jquery/jquery.min.js"></script>
<script src="./app/layui/layui.js"></script>
<script>
layui.use(['form'], function(){
var form = layui.form
form.on('submit(demo1)', function(data){
$.ajax({
type: 'post',
url: '/cas/updatePasswd',
dataType: 'json',
data: data.field,
success:function(res){
if (res.success) {
//当你在iframe页面关闭自身时
var index = parent.layer.getFrameIndex(window.name); //先得到当前iframe层的索引
parent.layer.close(index); //再执行关闭
}else{
layer.msg(res.message, {icon: 0}, function(){
});
}
},
error:function (e){
//请求失败
layer.open({
title: '提示',
content: '服务连接失败。。。。'
});
}
})
return false
});
});
</script>
</body>
</html>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment