Merge remote-tracking branch 'origin/master'
This commit is contained in:
commit
cd9f39c8b1
|
@ -1,23 +1,13 @@
|
|||
package io.metersphere.controller;
|
||||
|
||||
import io.metersphere.base.domain.UserRole;
|
||||
import io.metersphere.commons.constants.UserSource;
|
||||
import io.metersphere.controller.request.LoginRequest;
|
||||
import io.metersphere.dto.UserDTO;
|
||||
import io.metersphere.i18n.Translator;
|
||||
import io.metersphere.service.UserService;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.apache.shiro.SecurityUtils;
|
||||
import org.apache.shiro.authc.*;
|
||||
import org.apache.shiro.authz.UnauthorizedException;
|
||||
import org.apache.shiro.subject.Subject;
|
||||
import org.springframework.context.i18n.LocaleContextHolder;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
import java.util.List;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
import static io.metersphere.commons.constants.SessionConstants.ATTR_USER;
|
||||
|
||||
@RestController
|
||||
@RequestMapping
|
||||
|
@ -36,6 +26,7 @@ public class LoginController {
|
|||
|
||||
@PostMapping(value = "/signin")
|
||||
public ResultHolder login(@RequestBody LoginRequest request) {
|
||||
SecurityUtils.getSubject().getSession().setAttribute("authenticate", UserSource.LOCAL.name());
|
||||
return userService.login(request);
|
||||
}
|
||||
|
||||
|
|
|
@ -9,12 +9,12 @@ import io.metersphere.controller.request.LoginRequest;
|
|||
import io.metersphere.i18n.Translator;
|
||||
import io.metersphere.ldap.domain.Person;
|
||||
import io.metersphere.ldap.service.LdapService;
|
||||
import io.metersphere.ldap.domain.LdapInfo;
|
||||
import io.metersphere.service.SystemParameterService;
|
||||
import io.metersphere.service.UserService;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.apache.shiro.SecurityUtils;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
|
||||
@RestController
|
||||
|
@ -38,10 +38,9 @@ public class LdapController {
|
|||
|
||||
Person person = ldapService.authenticate(request);
|
||||
|
||||
SecurityUtils.getSubject().getSession().setAttribute("authenticate", "ldap");
|
||||
SecurityUtils.getSubject().getSession().setAttribute("authenticate", UserSource.LDAP.name());
|
||||
|
||||
String username = request.getUsername();
|
||||
String password = request.getPassword();
|
||||
|
||||
String email = person.getEmail();
|
||||
|
||||
|
@ -55,19 +54,15 @@ public class LdapController {
|
|||
user.setId(username);
|
||||
user.setName(username);
|
||||
user.setEmail(email);
|
||||
user.setPassword(password);
|
||||
user.setSource(UserSource.LDAP.name());
|
||||
userService.addLdapUser(user);
|
||||
} else {
|
||||
request.setUsername(u.getId());
|
||||
request.setPassword(u.getPassword());
|
||||
}
|
||||
|
||||
return userService.login(request);
|
||||
}
|
||||
|
||||
@PostMapping("/test/connect")
|
||||
public void testConnect(@RequestBody LdapInfo ldapInfo) {
|
||||
public void testConnect() {
|
||||
ldapService.testConnect();
|
||||
}
|
||||
|
||||
|
|
|
@ -2,6 +2,7 @@ package io.metersphere.security;
|
|||
|
||||
|
||||
import io.metersphere.base.domain.Role;
|
||||
import io.metersphere.commons.constants.UserSource;
|
||||
import io.metersphere.commons.user.SessionUser;
|
||||
import io.metersphere.commons.utils.SessionUtils;
|
||||
import io.metersphere.dto.UserDTO;
|
||||
|
@ -64,10 +65,69 @@ public class ShiroDBRealm extends AuthorizingRealm {
|
|||
@Override
|
||||
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
|
||||
UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
|
||||
String login = (String) SecurityUtils.getSubject().getSession().getAttribute("authenticate");
|
||||
|
||||
String userId = token.getUsername();
|
||||
String password = String.valueOf(token.getPassword());
|
||||
|
||||
if (StringUtils.equals("local", runMode)) {
|
||||
UserDTO user = getUserWithOutAuthenticate(userId);
|
||||
userId = user.getId();
|
||||
SessionUser sessionUser = SessionUser.fromUser(user);
|
||||
SessionUtils.putUser(sessionUser);
|
||||
return new SimpleAuthenticationInfo(userId, password, getName());
|
||||
}
|
||||
|
||||
if (StringUtils.equals(login, UserSource.LOCAL.name())) {
|
||||
return loginLocalMode(userId, password);
|
||||
}
|
||||
|
||||
if (StringUtils.equals(login, UserSource.LDAP.name())) {
|
||||
return loginLdapMode(userId, password);
|
||||
}
|
||||
|
||||
UserDTO user = getUserWithOutAuthenticate(userId);
|
||||
userId = user.getId();
|
||||
SessionUser sessionUser = SessionUser.fromUser(user);
|
||||
SessionUtils.putUser(sessionUser);
|
||||
return new SimpleAuthenticationInfo(userId, password, getName());
|
||||
|
||||
}
|
||||
|
||||
private UserDTO getUserWithOutAuthenticate(String userId) {
|
||||
UserDTO user = userService.getUserDTO(userId);
|
||||
String msg;
|
||||
if (user == null) {
|
||||
user = userService.getUserDTOByEmail(userId);
|
||||
if (user == null) {
|
||||
msg = "The user does not exist: " + userId;
|
||||
logger.warn(msg);
|
||||
throw new UnknownAccountException(Translator.get("user_not_exist") + userId);
|
||||
}
|
||||
}
|
||||
return user;
|
||||
}
|
||||
|
||||
|
||||
private AuthenticationInfo loginLdapMode(String userId, String password) {
|
||||
UserDTO user = userService.getLoginUser(userId, UserSource.LDAP.name());
|
||||
String msg;
|
||||
if (user == null) {
|
||||
msg = "The user does not exist: " + userId;
|
||||
logger.warn(msg);
|
||||
throw new UnknownAccountException(Translator.get("user_not_exist") + userId);
|
||||
}
|
||||
userId = user.getId();
|
||||
|
||||
SessionUser sessionUser = SessionUser.fromUser(user);
|
||||
SessionUtils.putUser(sessionUser);
|
||||
return new SimpleAuthenticationInfo(userId, password, getName());
|
||||
|
||||
}
|
||||
|
||||
private AuthenticationInfo loginLocalMode(String userId, String password) {
|
||||
UserDTO user = userService.getLoginUser(userId, UserSource.LOCAL.name());
|
||||
String msg;
|
||||
if (user == null) {
|
||||
user = userService.getUserDTOByEmail(userId);
|
||||
if (user == null) {
|
||||
|
@ -77,27 +137,6 @@ public class ShiroDBRealm extends AuthorizingRealm {
|
|||
}
|
||||
userId = user.getId();
|
||||
}
|
||||
|
||||
// local test
|
||||
if (StringUtils.equals("local", runMode)) {
|
||||
SessionUser sessionUser = SessionUser.fromUser(user);
|
||||
SessionUtils.putUser(sessionUser);
|
||||
return new SimpleAuthenticationInfo(userId, password, getName());
|
||||
}
|
||||
// apikey 校验不验证密码
|
||||
if (ApiKeySessionHandler.random.equalsIgnoreCase(password)) {
|
||||
SessionUser sessionUser = SessionUser.fromUser(user);
|
||||
SessionUtils.putUser(sessionUser);
|
||||
return new SimpleAuthenticationInfo(userId, password, getName());
|
||||
}
|
||||
|
||||
String login = (String) SecurityUtils.getSubject().getSession().getAttribute("authenticate");
|
||||
if (StringUtils.equals(login, "ldap")) {
|
||||
SessionUser sessionUser = SessionUser.fromUser(user);
|
||||
SessionUtils.putUser(sessionUser);
|
||||
return new SimpleAuthenticationInfo(userId, password, getName());
|
||||
}
|
||||
|
||||
// 密码验证
|
||||
if (!userService.checkUserPassword(userId, password)) {
|
||||
throw new IncorrectCredentialsException(Translator.get("password_is_incorrect"));
|
||||
|
|
|
@ -180,6 +180,15 @@ public class UserService {
|
|||
return userDTO;
|
||||
}
|
||||
|
||||
public UserDTO getLoginUser(String userId, String source) {
|
||||
UserExample example = new UserExample();
|
||||
example.createCriteria().andIdEqualTo(userId).andSourceEqualTo(source);
|
||||
if (userMapper.countByExample(example) == 0) {
|
||||
return null;
|
||||
}
|
||||
return getUserDTO(userId);
|
||||
}
|
||||
|
||||
public UserDTO getUserDTOByEmail(String email) {
|
||||
UserExample example = new UserExample();
|
||||
example.createCriteria().andEmailEqualTo(email);
|
||||
|
@ -487,11 +496,15 @@ public class UserService {
|
|||
}
|
||||
|
||||
public ResultHolder login(LoginRequest request) {
|
||||
String login = (String) SecurityUtils.getSubject().getSession().getAttribute("authenticate");
|
||||
String msg;
|
||||
String username = StringUtils.trim(request.getUsername());
|
||||
String password = StringUtils.trim(request.getPassword());
|
||||
if (StringUtils.isBlank(username) || StringUtils.isBlank(password)) {
|
||||
return ResultHolder.error("user or password can't be null");
|
||||
String password = "";
|
||||
if (!StringUtils.equals(login, UserSource.LDAP.name())) {
|
||||
password = StringUtils.trim(request.getPassword());
|
||||
if (StringUtils.isBlank(username) || StringUtils.isBlank(password)) {
|
||||
return ResultHolder.error("user or password can't be null");
|
||||
}
|
||||
}
|
||||
|
||||
UsernamePasswordToken token = new UsernamePasswordToken(username, password);
|
||||
|
|
|
@ -199,7 +199,7 @@
|
|||
initTableData() {
|
||||
this.result = this.$get("/user/info/" + this.currentUser().id, response => {
|
||||
let data = response.data;
|
||||
this.isLdapUser = response.data.source === 'Ldap' ? true : false;
|
||||
this.isLdapUser = response.data.source === 'LDAP' ? true : false;
|
||||
let dataList = [];
|
||||
dataList[0] = data;
|
||||
this.tableData = dataList;
|
||||
|
|
|
@ -17,8 +17,8 @@
|
|||
<div class="form">
|
||||
<el-form-item v-slot:default>
|
||||
<el-radio-group v-model="form.authenticate">
|
||||
<el-radio label="ldap" size="mini">LDAP</el-radio>
|
||||
<el-radio label="normal" size="mini">普通登录</el-radio>
|
||||
<el-radio label="LDAP" size="mini">LDAP</el-radio>
|
||||
<el-radio label="LOCAL" size="mini">普通登录</el-radio>
|
||||
</el-radio-group>
|
||||
</el-form-item>
|
||||
<el-form-item prop="username">
|
||||
|
@ -69,7 +69,7 @@
|
|||
form: {
|
||||
username: '',
|
||||
password: '',
|
||||
authenticate: 'normal'
|
||||
authenticate: 'LOCAL'
|
||||
},
|
||||
rules: {
|
||||
username: [
|
||||
|
@ -115,10 +115,10 @@
|
|||
this.$refs[form].validate((valid) => {
|
||||
if (valid) {
|
||||
switch (this.form.authenticate) {
|
||||
case "normal":
|
||||
case "LOCAL":
|
||||
this.normalLogin();
|
||||
break;
|
||||
case "ldap":
|
||||
case "LDAP":
|
||||
this.ldapLogin();
|
||||
break;
|
||||
default:
|
||||
|
|
Loading…
Reference in New Issue