修复bug054

school_lend_back_end/pom.xml

@@ -43,6 +43,7 @@
             <artifactId>alipay-sdk-java</artifactId>
             <version>4.38.0.ALL</version>
         </dependency>
+        <!--hutool-->
         <dependency>
             <groupId>cn.hutool</groupId>
             <artifactId>hutool-all</artifactId>
@@ -105,6 +106,22 @@
             <artifactId>lombok</artifactId>
             <version>1.18.30</version>
         </dependency>
+
+        <!-- redis -->
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-data-redis</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.session</groupId>
+            <artifactId>spring-session-data-redis</artifactId>
+        </dependency>
+
+        <!--    websocket-->
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-websocket</artifactId>
+        </dependency>
     </dependencies>
 
     <build>

school_lend_back_end/sql/create_table.sql

@@ -234,4 +234,14 @@ create table if not exists systemInfo
     type       tinyint                            not null comment '类型:0公告,1轮播图',
     content    varchar(256)                       not null comment '功能内容',
     createTime datetime default CURRENT_TIMESTAMP not null comment '创建时间'
-) comment '系统信息' collate = utf8mb4_unicode_ci;
+) comment '系统信息' collate = utf8mb4_unicode_ci;
+
+-- 聊天记录表
+create table private_message
+(
+    id               bigint auto_increment primary key,
+    from_userAccount varchar(255) not null comment '发消息者',
+    to_userAccount   varchar(255) not null comment '接收消息者',
+    orderId          BIGINT       null comment '订单id',
+    message          varchar(255) null comment '消息内容'
+)comment '聊天记录' collate = utf8mb4_unicode_ci;

school_lend_back_end/src/main/java/com/bsz/school_send_back_end/common/ErrorCode.java

@@ -12,6 +12,7 @@ public enum ErrorCode {
     NOT_LOGIN(40100, "未登录", ""),
     NO_AUTH(40101, "无权限", ""),
     NOT_FOUND_ERROR(40400,"请求数据不存在",""),
+    FORBIDDEN_ERROR(40300, "禁止访问",""),
     SYSTEM_ERROR(50000, "系统内部异常", ""),
     OPERATION_ERROR(50001, "操作失败", "");
 

school_lend_back_end/src/main/java/com/bsz/school_send_back_end/contant/UserConstant.java

@@ -5,11 +5,6 @@ package com.bsz.school_send_back_end.contant;
  */
 public interface UserConstant {
 
-    /**
-     * 用户登录态键
-     */
-    String USER_LOGIN_STATE = "userLoginState";
-
     /**
      * 盐值
      */

school_lend_back_end/src/main/java/com/bsz/school_send_back_end/controller/AlipayController.java

@@ -16,7 +16,7 @@ import com.bsz.school_send_back_end.common.BaseResponse;
 import com.bsz.school_send_back_end.common.ErrorCode;
 import com.bsz.school_send_back_end.common.ResultUtils;
 import com.bsz.school_send_back_end.config.AlipayClients;
-import com.bsz.school_send_back_end.contant.UserConstant;
+import com.bsz.school_send_back_end.contant.RedisKeyConstant;
 import com.bsz.school_send_back_end.mapper.UserMapper;
 import com.bsz.school_send_back_end.model.domain.User;
 import com.bsz.school_send_back_end.utils.RandomNumberGenerator;
@@ -30,7 +30,6 @@ import org.springframework.web.bind.annotation.RestController;
 import javax.annotation.Resource;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
 import java.io.PrintWriter;
 import java.text.SimpleDateFormat;
 import java.util.*;
@@ -102,13 +101,13 @@ public class AlipayController {
                 user.setUserPassword("123456");
                 user.setAvatarUrl(StringUtils.isAnyBlank(response1.getAvatar()) ? "https://tfs.alipayobjects.com/images/partner/ATuihpR50zu7UAAAAAAAAAAAAADtl2AA" : response1.getAvatar());
                 userMapper.insert(user);
-                req.getSession().setAttribute(UserConstant.USER_LOGIN_STATE,user);
+                req.getSession().setAttribute(RedisKeyConstant.USER_LOGIN_STATE,user);
                 return ResultUtils.success(user,"注册成功");
             }
-            req.getSession().setAttribute(UserConstant.USER_LOGIN_STATE,oid);
+            req.getSession().setAttribute(RedisKeyConstant.USER_LOGIN_STATE,oid);
             return ResultUtils.success(oid,"登录成功");
         }
-        req.getSession().setAttribute(UserConstant.USER_LOGIN_STATE,oid);
+        req.getSession().setAttribute(RedisKeyConstant.USER_LOGIN_STATE,oid);
         return ResultUtils.success(oid,"登录成功");
     }
 
@@ -158,10 +157,10 @@ public class AlipayController {
                 user.setUserPassword("123456");
                 user.setAvatarUrl(StringUtils.isAnyBlank(response1.getAvatar()) ? "https://tfs.alipayobjects.com/images/partner/ATuihpR50zu7UAAAAAAAAAAAAADtl2AA" : response1.getAvatar());
                 userMapper.insert(user);
-                req.getSession().setAttribute(UserConstant.USER_LOGIN_STATE,oid);
+                req.getSession().setAttribute(RedisKeyConstant.USER_LOGIN_STATE,oid);
                 return ResultUtils.success(user,"注册成功");
             }
-            req.getSession().setAttribute(UserConstant.USER_LOGIN_STATE,oid);
+            req.getSession().setAttribute(RedisKeyConstant.USER_LOGIN_STATE,oid);
             return ResultUtils.success(oid,"登录成功");
         }
         return ResultUtils.error(ErrorCode.PARAMS_ERROR);

school_lend_back_end/src/main/java/com/bsz/school_send_back_end/controller/FileController.java

@@ -32,7 +32,7 @@ public class FileController {
     @Resource
     private UserService userService;
     @PostMapping("/upload/server/not_login")
-    public BaseResponse<String> uploadServerNotLogin (@RequestPart("file")MultipartFile multipartFile, UploadFileRequest uploadFileRequest) {
+    public BaseResponse<String> uploadServerNotLogin (@RequestPart("file")MultipartFile multipartFile, @RequestBody UploadFileRequest uploadFileRequest) {
         //获取业务名称
         String biz = uploadFileRequest.getBiz();
         FileUploadBizEnum fileUploadBizEnum = FileUploadBizEnum.getEnumByValue(biz);
@@ -67,7 +67,7 @@ public class FileController {
     }
 
     @PostMapping("/upload/server")
-    public BaseResponse<String> uploadServerFile(@RequestPart("file") MultipartFile multipartFile, UploadFileRequest uploadFileRequest, HttpServletRequest request) {
+    public BaseResponse<String> uploadServerFile(@RequestPart("file") MultipartFile multipartFile,  @RequestBody UploadFileRequest uploadFileRequest, HttpServletRequest request) {
         // 获取业务名称
         String biz = uploadFileRequest.getBiz();
         FileUploadBizEnum fileUploadBizEnum = FileUploadBizEnum.getEnumByValue(biz);

school_lend_back_end/src/main/java/com/bsz/school_send_back_end/controller/UserController.java

@@ -75,7 +75,7 @@ public class UserController {
      * @return
      */
     @PostMapping("/login")
-    public BaseResponse<LoginUserVO> userLogin(@RequestBody UserLoginRequest userLoginRequest, HttpServletRequest request) {
+    public BaseResponse<String> userLogin(@RequestBody UserLoginRequest userLoginRequest, HttpServletRequest request) {
         if (userLoginRequest == null) {
             throw new BusinessException(ErrorCode.PARAMS_ERROR, "请求参数为空");
         }
@@ -87,8 +87,8 @@ public class UserController {
             throw new BusinessException(ErrorCode.PARAMS_ERROR, "请求参数为空");
         }
 
-        LoginUserVO loginUserVO = userService.userLogin(userAccount, userPassword, request);
-        return ResultUtils.success(loginUserVO);
+        String message = userService.userLogin(userAccount, userPassword, request);
+        return ResultUtils.success(message);
     }
 
  /*

school_lend_back_end/src/main/java/com/bsz/school_send_back_end/model/dto/file/UploadFileRequest.java

@@ -1,8 +1,10 @@
 package com.bsz.school_send_back_end.model.dto.file;
 
 
+import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.Data;
 
+import javax.validation.constraints.NotBlank;
 import java.io.Serial;
 import java.io.Serializable;
 
@@ -12,6 +14,8 @@ public class UploadFileRequest implements Serializable {
     /**
      * 业务
      */
+    @NotBlank(message = "业务名称不能为空")
+    @Schema(description = "业务标识，例如：user_avatar，dishes，card，system", example = "user_avatar")
     private String biz;
 
     @Serial

school_lend_back_end/src/main/java/com/bsz/school_send_back_end/service/UserService.java

@@ -37,7 +37,7 @@ public interface UserService extends IService<User> {
      * @return 脱敏后的用户信息
      */
 
-    LoginUserVO userLogin(String userAccount, String userPassword, HttpServletRequest request);
+    String userLogin(String userAccount, String userPassword, HttpServletRequest request);
 
 
     /**

school_lend_back_end/src/main/java/com/bsz/school_send_back_end/service/impl/UserServiceImpl.java

@@ -1,17 +1,21 @@
 package com.bsz.school_send_back_end.service.impl;
 
 import cn.hutool.core.util.RandomUtil;
+import cn.hutool.core.util.StrUtil;
 import cn.hutool.json.JSONObject;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import com.bsz.school_send_back_end.common.ErrorCode;
 import com.bsz.school_send_back_end.exception.BusinessException;
+import com.bsz.school_send_back_end.manager.SessionManager;
 import com.bsz.school_send_back_end.mapper.UserMapper;
+import com.bsz.school_send_back_end.model.enums.UserRoleEnum;
 import com.bsz.school_send_back_end.model.vo.LoginUserVO;
 import com.bsz.school_send_back_end.model.domain.User;
 import com.bsz.school_send_back_end.model.dto.user.UserSearchRequest;
 import com.bsz.school_send_back_end.model.dto.user.UserUpdatePasswordRequest;
 import com.bsz.school_send_back_end.service.UserService;
+import com.bsz.school_send_back_end.utils.NetUtils;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.BeanUtils;
@@ -25,7 +29,8 @@ import java.util.Date;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 
-import static com.bsz.school_send_back_end.contant.UserConstant.USER_LOGIN_STATE;
+import static com.bsz.school_send_back_end.contant.RedisKeyConstant.USER_LOGIN_STATE;
+
 
 /**
  * @author bsz
@@ -38,6 +43,9 @@ public class UserServiceImpl extends ServiceImpl<UserMapper, User>
     @Resource
     private UserMapper userMapper;
 
+    @Resource
+    private SessionManager sessionManager;
+
     /**
      * 盐值 对密码进行混淆加密
      */
@@ -112,7 +120,7 @@ public class UserServiceImpl extends ServiceImpl<UserMapper, User>
      */
 
     @Override
-    public LoginUserVO userLogin(String userAccount, String userPassword, HttpServletRequest request) {
+    public String userLogin(String userAccount, String userPassword, HttpServletRequest request) {
         //非空
         if (StringUtils.isAllBlank(userAccount, userPassword)) {
             throw new BusinessException(ErrorCode.PARAMS_ERROR, "参数为空");
@@ -147,8 +155,7 @@ public class UserServiceImpl extends ServiceImpl<UserMapper, User>
         }
 
         //用户登陆成功
-        request.getSession().setAttribute(USER_LOGIN_STATE, user);
-        return this.getLoginUserVO(user);
+        return sessionManager.login(user, request);
     }
 
     /**
@@ -186,6 +193,11 @@ public class UserServiceImpl extends ServiceImpl<UserMapper, User>
      */
     @Override
     public int userLogout(HttpServletRequest request) {
+        if (request.getSession().getAttribute(USER_LOGIN_STATE) == null) {
+            throw new BusinessException(ErrorCode.NOT_FOUND_ERROR);
+        }
+        sessionManager.logout(request);
+        //移除登录态
         request.getSession().removeAttribute(USER_LOGIN_STATE);
         return 1;
     }
@@ -206,11 +218,22 @@ public class UserServiceImpl extends ServiceImpl<UserMapper, User>
             throw new BusinessException(ErrorCode.NOT_LOGIN, "未登录");
         }
         //从数据库中获取该用户的信息
+        String ipAddress = NetUtils.getIpAddress(request);
+        String oldSessionId = sessionManager.checkOtherLogin(currentUser.getId(), ipAddress, request);
+        if (StrUtil.isNotBlank(oldSessionId)) {
+            request.getSession().removeAttribute(USER_LOGIN_STATE);
+            throw new BusinessException(ErrorCode.NO_AUTH, "已在其他设备登录，请重新登录");
+        }
+
         long userId = currentUser.getId();
         currentUser = this.getById(userId);
         if (currentUser == null) {
             throw new BusinessException(ErrorCode.NOT_LOGIN, "未登录");
         }
+        //被封号
+        if (UserRoleEnum.BAN.getValue().equals(currentUser.getUserRole())) {
+            throw new BusinessException(ErrorCode.NOT_FOUND_ERROR,"用户已被封禁，禁止登录");
+        }
         return currentUser;
     }
 

school_lend_back_end/src/main/resources/application.yml

@@ -21,8 +21,17 @@ spring:
   mvc:
     pathmatch:
       matching-strategy: ant_path_matcher
+  redis:
+    host: 39.101.78.35
+    port: 6379
+    database: 3
+    password: 12345678
+    timeout: 60000
   profiles:
     active: dev
+  session:
+    store-type: redis
+    timeout: 2592000
 knife4j:
   enable: true
 server: