refactor: 用户名和密码长度限制

backend/framework/sdk/src/main/java/io/metersphere/sdk/controller/LoginController.java

@@ -24,6 +24,7 @@ import org.apache.commons.lang3.StringUtils;
 import org.apache.shiro.SecurityUtils;
 import org.springframework.context.i18n.LocaleContextHolder;
 import org.springframework.http.HttpStatus;
+import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
 @RestController
@@ -61,7 +62,7 @@ public class LoginController {
 
     @PostMapping(value = "/login")
     @Operation(summary = "登录")
-    public ResultHolder login(@RequestBody LoginRequest request) {
+    public ResultHolder login(@Validated @RequestBody LoginRequest request) {
         SessionUser sessionUser = SessionUtils.getUser();
         if (sessionUser != null) {
             if (!StringUtils.equals(sessionUser.getId(), request.getUsername())) {

backend/framework/sdk/src/main/java/io/metersphere/sdk/dto/LoginRequest.java

@@ -3,6 +3,7 @@ package io.metersphere.sdk.dto;
 import io.metersphere.sdk.util.RsaKey;
 import io.metersphere.sdk.util.RsaUtil;
 import jakarta.validation.constraints.NotBlank;
+import jakarta.validation.constraints.Size;
 import lombok.Getter;
 import lombok.Setter;
 
@@ -10,8 +11,10 @@ import lombok.Setter;
 @Setter
 public class LoginRequest {
     @NotBlank(message = "{user_name_is_null}")
+    @Size(max = 64, message = "{user_name_length_too_long}")
     private String username;
     @NotBlank(message = "{password_is_null}")
+    @Size(max = 256, message = "{password_length_too_long}")
     private String password;
     private String authenticate;
 

backend/framework/sdk/src/main/java/io/metersphere/sdk/util/FilterChainUtils.java

@@ -28,7 +28,6 @@ public class FilterChainUtils {
         filterChainDefinitionMap.put("/sso/callback/**", "anon");
         filterChainDefinitionMap.put("/license/validate", "anon");
         filterChainDefinitionMap.put("/system/version/current", "anon");
-        filterChainDefinitionMap.put("/system/parameter/get/base-info", "anon");
 
         // for swagger
         filterChainDefinitionMap.put("/swagger-ui.html", "anon");

backend/framework/sdk/src/main/resources/i18n/commons_en_US.properties

@@ -18,8 +18,10 @@ upload_file_fail_get_file_path_fail=Failed to upload the file, failed to get the
 user_email_already_exists=User email already exists
 user_id_is_null=User ID cannot be null
 user_name_is_null=User name cannot be null
+user_name_length_too_long=User name length cannot exceed 64 characters
 user_email_is_null=User email cannot be null
 password_is_null=Password cannot be null
+password_length_too_long=Password length cannot exceed 256 characters
 user_id_already_exists=User ID already exists
 password_modification_failed=The old password is wrong. Please re-enter it
 cannot_delete_current_user=Cannot delete the user currently logged in

backend/framework/sdk/src/main/resources/i18n/commons_zh_CN.properties

@@ -16,6 +16,8 @@ upload_file_fail_get_file_path_fail=文件上传失败，获取文件上传路
 user_email_already_exists=用户邮箱已存在
 user_id_is_null=用户ID不能为空
 user_name_is_null=用户名不能为空
+user_name_length_too_long=用户名称长度不能超过64个字符
+password_length_too_long=密码长度不能超过256个字符
 user_email_is_null=用户邮箱不能为空
 password_is_null=密码不能为空
 user_id_already_exists=用户id已存在

backend/framework/sdk/src/main/resources/i18n/commons_zh_TW.properties

@@ -16,8 +16,10 @@ upload_file_fail_get_file_path_fail=文件上傳失敗，獲取文件上傳路
 user_email_already_exists=用戶郵箱已存在
 user_id_is_null=用戶ID不能為空
 user_name_is_null=用戶名不能為空
+user_name_length_too_long=用戶名称長度不能超過64個字符
 user_email_is_null=用戶郵箱不能為空
 password_is_null=密碼不能為空
+password_length_too_long=密碼長度不能超過256個字符
 user_id_already_exists=用戶id已存在
 password_modification_failed=舊密碼輸入錯誤，請重新輸入
 cannot_delete_current_user=無法刪除當前登錄用戶