diff --git a/backend/src/main/java/io/metersphere/controller/LoginController.java b/backend/src/main/java/io/metersphere/controller/LoginController.java index cc339067bb..997df80108 100644 --- a/backend/src/main/java/io/metersphere/controller/LoginController.java +++ b/backend/src/main/java/io/metersphere/controller/LoginController.java @@ -1,23 +1,13 @@ package io.metersphere.controller; -import io.metersphere.base.domain.UserRole; +import io.metersphere.commons.constants.UserSource; import io.metersphere.controller.request.LoginRequest; -import io.metersphere.dto.UserDTO; -import io.metersphere.i18n.Translator; import io.metersphere.service.UserService; -import org.apache.commons.lang3.StringUtils; import org.apache.shiro.SecurityUtils; -import org.apache.shiro.authc.*; -import org.apache.shiro.authz.UnauthorizedException; -import org.apache.shiro.subject.Subject; import org.springframework.context.i18n.LocaleContextHolder; import org.springframework.web.bind.annotation.*; import javax.annotation.Resource; -import java.util.List; -import java.util.stream.Collectors; - -import static io.metersphere.commons.constants.SessionConstants.ATTR_USER; @RestController @RequestMapping @@ -36,6 +26,7 @@ public class LoginController { @PostMapping(value = "/signin") public ResultHolder login(@RequestBody LoginRequest request) { + SecurityUtils.getSubject().getSession().setAttribute("authenticate", UserSource.LOCAL.name()); return userService.login(request); } diff --git a/backend/src/main/java/io/metersphere/ldap/controller/LdapController.java b/backend/src/main/java/io/metersphere/ldap/controller/LdapController.java index 97ccea9f51..4a8c3b8deb 100644 --- a/backend/src/main/java/io/metersphere/ldap/controller/LdapController.java +++ b/backend/src/main/java/io/metersphere/ldap/controller/LdapController.java @@ -9,12 +9,12 @@ import io.metersphere.controller.request.LoginRequest; import io.metersphere.i18n.Translator; import io.metersphere.ldap.domain.Person; import io.metersphere.ldap.service.LdapService; -import io.metersphere.ldap.domain.LdapInfo; import io.metersphere.service.SystemParameterService; import io.metersphere.service.UserService; import org.apache.commons.lang3.StringUtils; import org.apache.shiro.SecurityUtils; import org.springframework.web.bind.annotation.*; + import javax.annotation.Resource; @RestController @@ -38,10 +38,9 @@ public class LdapController { Person person = ldapService.authenticate(request); - SecurityUtils.getSubject().getSession().setAttribute("authenticate", "ldap"); + SecurityUtils.getSubject().getSession().setAttribute("authenticate", UserSource.LDAP.name()); String username = request.getUsername(); - String password = request.getPassword(); String email = person.getEmail(); @@ -55,19 +54,15 @@ public class LdapController { user.setId(username); user.setName(username); user.setEmail(email); - user.setPassword(password); user.setSource(UserSource.LDAP.name()); userService.addLdapUser(user); - } else { - request.setUsername(u.getId()); - request.setPassword(u.getPassword()); } return userService.login(request); } @PostMapping("/test/connect") - public void testConnect(@RequestBody LdapInfo ldapInfo) { + public void testConnect() { ldapService.testConnect(); } diff --git a/backend/src/main/java/io/metersphere/security/ShiroDBRealm.java b/backend/src/main/java/io/metersphere/security/ShiroDBRealm.java index 0f9b899116..9f8f47687a 100644 --- a/backend/src/main/java/io/metersphere/security/ShiroDBRealm.java +++ b/backend/src/main/java/io/metersphere/security/ShiroDBRealm.java @@ -2,6 +2,7 @@ package io.metersphere.security; import io.metersphere.base.domain.Role; +import io.metersphere.commons.constants.UserSource; import io.metersphere.commons.user.SessionUser; import io.metersphere.commons.utils.SessionUtils; import io.metersphere.dto.UserDTO; @@ -64,10 +65,69 @@ public class ShiroDBRealm extends AuthorizingRealm { @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken; + String login = (String) SecurityUtils.getSubject().getSession().getAttribute("authenticate"); + String userId = token.getUsername(); String password = String.valueOf(token.getPassword()); + + if (StringUtils.equals("local", runMode)) { + UserDTO user = getUserWithOutAuthenticate(userId); + userId = user.getId(); + SessionUser sessionUser = SessionUser.fromUser(user); + SessionUtils.putUser(sessionUser); + return new SimpleAuthenticationInfo(userId, password, getName()); + } + + if (StringUtils.equals(login, UserSource.LOCAL.name())) { + return loginLocalMode(userId, password); + } + + if (StringUtils.equals(login, UserSource.LDAP.name())) { + return loginLdapMode(userId, password); + } + + UserDTO user = getUserWithOutAuthenticate(userId); + userId = user.getId(); + SessionUser sessionUser = SessionUser.fromUser(user); + SessionUtils.putUser(sessionUser); + return new SimpleAuthenticationInfo(userId, password, getName()); + + } + + private UserDTO getUserWithOutAuthenticate(String userId) { UserDTO user = userService.getUserDTO(userId); String msg; + if (user == null) { + user = userService.getUserDTOByEmail(userId); + if (user == null) { + msg = "The user does not exist: " + userId; + logger.warn(msg); + throw new UnknownAccountException(Translator.get("user_not_exist") + userId); + } + } + return user; + } + + + private AuthenticationInfo loginLdapMode(String userId, String password) { + UserDTO user = userService.getLoginUser(userId, UserSource.LDAP.name()); + String msg; + if (user == null) { + msg = "The user does not exist: " + userId; + logger.warn(msg); + throw new UnknownAccountException(Translator.get("user_not_exist") + userId); + } + userId = user.getId(); + + SessionUser sessionUser = SessionUser.fromUser(user); + SessionUtils.putUser(sessionUser); + return new SimpleAuthenticationInfo(userId, password, getName()); + + } + + private AuthenticationInfo loginLocalMode(String userId, String password) { + UserDTO user = userService.getLoginUser(userId, UserSource.LOCAL.name()); + String msg; if (user == null) { user = userService.getUserDTOByEmail(userId); if (user == null) { @@ -77,27 +137,6 @@ public class ShiroDBRealm extends AuthorizingRealm { } userId = user.getId(); } - - // local test - if (StringUtils.equals("local", runMode)) { - SessionUser sessionUser = SessionUser.fromUser(user); - SessionUtils.putUser(sessionUser); - return new SimpleAuthenticationInfo(userId, password, getName()); - } - // apikey 校验不验证密码 - if (ApiKeySessionHandler.random.equalsIgnoreCase(password)) { - SessionUser sessionUser = SessionUser.fromUser(user); - SessionUtils.putUser(sessionUser); - return new SimpleAuthenticationInfo(userId, password, getName()); - } - - String login = (String) SecurityUtils.getSubject().getSession().getAttribute("authenticate"); - if (StringUtils.equals(login, "ldap")) { - SessionUser sessionUser = SessionUser.fromUser(user); - SessionUtils.putUser(sessionUser); - return new SimpleAuthenticationInfo(userId, password, getName()); - } - // 密码验证 if (!userService.checkUserPassword(userId, password)) { throw new IncorrectCredentialsException(Translator.get("password_is_incorrect")); diff --git a/backend/src/main/java/io/metersphere/service/UserService.java b/backend/src/main/java/io/metersphere/service/UserService.java index f91cf31cb4..be6671a6eb 100644 --- a/backend/src/main/java/io/metersphere/service/UserService.java +++ b/backend/src/main/java/io/metersphere/service/UserService.java @@ -180,6 +180,15 @@ public class UserService { return userDTO; } + public UserDTO getLoginUser(String userId, String source) { + UserExample example = new UserExample(); + example.createCriteria().andIdEqualTo(userId).andSourceEqualTo(source); + if (userMapper.countByExample(example) == 0) { + return null; + } + return getUserDTO(userId); + } + public UserDTO getUserDTOByEmail(String email) { UserExample example = new UserExample(); example.createCriteria().andEmailEqualTo(email); @@ -487,11 +496,15 @@ public class UserService { } public ResultHolder login(LoginRequest request) { + String login = (String) SecurityUtils.getSubject().getSession().getAttribute("authenticate"); String msg; String username = StringUtils.trim(request.getUsername()); - String password = StringUtils.trim(request.getPassword()); - if (StringUtils.isBlank(username) || StringUtils.isBlank(password)) { - return ResultHolder.error("user or password can't be null"); + String password = ""; + if (!StringUtils.equals(login, UserSource.LDAP.name())) { + password = StringUtils.trim(request.getPassword()); + if (StringUtils.isBlank(username) || StringUtils.isBlank(password)) { + return ResultHolder.error("user or password can't be null"); + } } UsernamePasswordToken token = new UsernamePasswordToken(username, password); diff --git a/frontend/src/business/components/settings/personal/PersonSetting.vue b/frontend/src/business/components/settings/personal/PersonSetting.vue index 25bbd84ec7..2c25b6721a 100644 --- a/frontend/src/business/components/settings/personal/PersonSetting.vue +++ b/frontend/src/business/components/settings/personal/PersonSetting.vue @@ -199,7 +199,7 @@ initTableData() { this.result = this.$get("/user/info/" + this.currentUser().id, response => { let data = response.data; - this.isLdapUser = response.data.source === 'Ldap' ? true : false; + this.isLdapUser = response.data.source === 'LDAP' ? true : false; let dataList = []; dataList[0] = data; this.tableData = dataList; diff --git a/frontend/src/login/Login.vue b/frontend/src/login/Login.vue index 03b995cbb6..f59cf45b8f 100644 --- a/frontend/src/login/Login.vue +++ b/frontend/src/login/Login.vue @@ -17,8 +17,8 @@