5th commit

blog-api/pom.xml

@@ -81,9 +81,17 @@
     <dependency>
         <groupId>org.apache.commons</groupId>
         <artifactId>commons-lang3</artifactId>
+        <version>3.3.2</version>
     </dependency>
 
-    <dependency>
+        <dependency>
+            <groupId>commons-codec</groupId>
+            <artifactId>commons-codec</artifactId>
+            <version>1.10</version>
+        </dependency>
+
+
+        <dependency>
         <groupId>commons-collections</groupId>
         <artifactId>commons-collections</artifactId>
         <version>3.2.2</version>
@@ -109,8 +117,29 @@
          <artifactId>jjwt</artifactId>
          <version>0.9.1</version>
      </dependency>
+        <dependency>
+            <groupId>javax.xml.bind</groupId>
+            <artifactId>jaxb-api</artifactId>
+            <version>2.3.0</version>
+        </dependency>
+        <dependency>
+            <groupId>com.sun.xml.bind</groupId>
+            <artifactId>jaxb-impl</artifactId>
+            <version>2.3.0</version>
+        </dependency>
+        <dependency>
+            <groupId>com.sun.xml.bind</groupId>
+            <artifactId>jaxb-core</artifactId>
+            <version>2.3.0</version>
+        </dependency>
+        <dependency>
+            <groupId>javax.activation</groupId>
+            <artifactId>activation</artifactId>
+            <version>1.1.1</version>
+        </dependency>
     </dependencies>
 
 
 
+
 </project>

blog-api/src/main/java/com/mszlu/blog/controller/LoginController.java

@@ -0,0 +1,24 @@
+package com.mszlu.blog.controller;
+
+import com.mszlu.blog.service.LoginService;
+import com.mszlu.blog.vo.Result;
+import com.mszlu.blog.vo.params.LoginParam;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+@RequestMapping("login")
+public class LoginController {
+
+    @Autowired
+    private LoginService loginService;
+
+    @PostMapping
+    public Result login(@RequestBody LoginParam loginParam){
+        return loginService.login(loginParam);
+    }
+
+}

blog-api/src/main/java/com/mszlu/blog/controller/LogoutController.java

@@ -0,0 +1,20 @@
+package com.mszlu.blog.controller;
+
+import com.mszlu.blog.service.LoginService;
+import com.mszlu.blog.vo.Result;
+import com.mszlu.blog.vo.params.LoginParam;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.*;
+
+@RestController
+@RequestMapping("logout")
+public class LogoutController {
+
+    @Autowired
+    private LoginService loginService;
+
+    @GetMapping
+    public Result logout(@RequestHeader("Authorization") String token){
+        return loginService.logout(token);
+    }
+}

blog-api/src/main/java/com/mszlu/blog/controller/RegisterController.java

@@ -0,0 +1,24 @@
+package com.mszlu.blog.controller;
+
+import com.mszlu.blog.service.LoginService;
+import com.mszlu.blog.vo.Result;
+import com.mszlu.blog.vo.params.LoginParam;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+@RequestMapping("register")
+public class RegisterController {
+
+    @Autowired
+    private LoginService loginService;
+
+    @PostMapping
+    public Result register(@RequestBody LoginParam loginParam){
+        //sso 单点登录，后期如果把登录注册功能 提出去（单独的服务，可以独立提供服务）
+        return loginService.register(loginParam);
+    }
+}

blog-api/src/main/java/com/mszlu/blog/controller/UsersController.java

@@ -0,0 +1,19 @@
+package com.mszlu.blog.controller;
+
+import com.mszlu.blog.service.SysUserService;
+import com.mszlu.blog.vo.Result;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.*;
+
+@RestController
+@RequestMapping("users")
+public class UsersController {
+    @Autowired
+    private SysUserService sysUserService;
+
+    @GetMapping("currentUser")
+    public Result curentUser(@RequestHeader("Authorization") String token){
+        return sysUserService.findUserByToken(token);
+    }
+
+}

blog-api/src/main/java/com/mszlu/blog/service/LoginService.java

@@ -0,0 +1,30 @@
+package com.mszlu.blog.service;
+
+import com.mszlu.blog.dao.pojo.SysUser;
+import com.mszlu.blog.vo.Result;
+import com.mszlu.blog.vo.params.LoginParam;
+
+public interface LoginService {
+    /**
+     * 登录功能
+     * @param loginParam
+     * @return
+     */
+    Result login(LoginParam loginParam);
+
+    SysUser checkToken(String token);
+
+    /**
+     * 退出登录
+     * @param token
+     * @return
+     */
+    Result logout(String token);
+
+    /**
+     * 注册
+     * @param loginParam
+     * @return
+     */
+    Result register(LoginParam loginParam);
+}

blog-api/src/main/java/com/mszlu/blog/service/SysUserService.java

@@ -1,7 +1,30 @@
 package com.mszlu.blog.service;
 
 import com.mszlu.blog.dao.pojo.SysUser;
+import com.mszlu.blog.vo.Result;
 
 public interface SysUserService {
     SysUser findUserById(Long id);
+
+    SysUser findUser(String account, String password);
+
+    /**
+     * 根据token查询用户信息
+     * @param token
+     * @return
+     */
+    Result findUserByToken(String token);
+
+    /**
+     * 根据账户查找用户
+     * @param account
+     * @return
+     */
+    SysUser findUserByAccount(String account);
+
+    /**
+     * 保存用户
+     * @param sysUser
+     */
+    void save(SysUser sysUser);
 }

blog-api/src/main/java/com/mszlu/blog/service/impl/ArticleServiceImpl.java

@@ -49,7 +49,7 @@ public class ArticleServiceImpl implements ArticleService {
         LambdaQueryWrapper<Article> queryWrapper = new LambdaQueryWrapper<>();
         queryWrapper.orderByDesc(Article::getViewCounts);
         queryWrapper.select(Article::getId,Article::getTitle);
-        queryWrapper.last("limit"+limit);
+        queryWrapper.last("limit "+limit);
         //select id.title from article order by view_counts desc limit 5
         List<Article> articles = articleMapper.selectList(queryWrapper);
 

blog-api/src/main/java/com/mszlu/blog/service/impl/LoginServiceImpl.java

@@ -0,0 +1,126 @@
+package com.mszlu.blog.service.impl;
+
+import com.alibaba.fastjson.JSON;
+import com.mszlu.blog.dao.pojo.SysUser;
+import com.mszlu.blog.service.LoginService;
+import com.mszlu.blog.service.SysUserService;
+import com.mszlu.blog.utils.JWTUtils;
+import com.mszlu.blog.vo.ErrorCode;
+import com.mszlu.blog.vo.Result;
+import com.mszlu.blog.vo.params.LoginParam;
+import org.apache.commons.codec.digest.DigestUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+import java.util.Map;
+import java.util.concurrent.TimeUnit;
+
+@Service
+@Transactional
+public class LoginServiceImpl implements LoginService {
+
+    private static final String slat = "mszlu!@#";
+    @Autowired
+    private SysUserService sysUserService;
+    @Autowired
+    private RedisTemplate<String,String> redisTemplate;
+
+    @Override
+    public Result login(LoginParam loginParam) {
+        /**
+         * 1.检查参数是否合法
+         * 2.根据用户名和密码去user表中查询 是否存在
+         * 3.如果不存在 登陆失败
+         * 4.如果存在，使用jwt 生成token 返回给前端
+         * 5.token放入redis当中，redis token：user信息 设置过期时间
+         * （登录认证的时候 先认证toke字符串是否合法，去redis认证是否存在）
+         */
+        String account = loginParam.getAccount();
+        String password = loginParam.getPassword();
+        if (StringUtils.isBlank(account) || StringUtils.isBlank(password)){
+            return Result.fail(ErrorCode.PARAMS_ERROR.getCode(), ErrorCode.PARAMS_ERROR.getMsg());
+        }
+         //password = DigestUtils.md5DigestAsHex(password.getBytes(StandardCharsets.UTF_8)) + DigestUtils.md5DigestAsHex(slat.getBytes(StandardCharsets.UTF_8));
+        password = DigestUtils.md5Hex(password + slat);
+        SysUser sysUser = sysUserService.findUser(account,password);
+        if (sysUser == null){
+            return Result.fail(ErrorCode.ACCOUNT_PWD_NOT_EXIST.getCode(),ErrorCode.ACCOUNT_PWD_NOT_EXIST.getMsg());
+        }
+        String token = JWTUtils.createToken(sysUser.getId());
+
+        redisTemplate.opsForValue().set("TOKEN_"+token, JSON.toJSONString(sysUser), 1,TimeUnit.DAYS);
+
+        return Result.success(token);
+        //return null;
+    }
+
+    @Override
+    public SysUser checkToken(String token) {
+        if(StringUtils.isBlank(token)){
+            return null;
+        }
+        Map<String, Object> stringObjectMap = JWTUtils.checkToken(token);
+        if (stringObjectMap == null){
+            return null;
+        }
+        String userJson = redisTemplate.opsForValue().get("TOKEN_" + token);
+        if(StringUtils.isBlank(userJson)){
+            return null;
+        }
+        SysUser sysUser = JSON.parseObject(userJson, SysUser.class);
+        return sysUser;
+    }
+
+    @Override
+    public Result logout(String token) {
+        redisTemplate.delete("TOKEN_"+token);
+        return Result.success(null);
+    }
+
+    @Override
+    public Result register(LoginParam loginParam) {
+        /**
+         * 1.判断参数是否合法
+         * 2.判断账户是否存在，如果存在 返回账户已注册
+         * 3.如果不存在 注册用户
+         * 4.生成token
+         * 5.传入redis 并返回
+         * 6.注意 加上事务，一旦中间的任何过程出现问题 注册的用户需要回滚
+         */
+        String account = loginParam.getAccount();
+        String password = loginParam.getPassword();
+        String nickname = loginParam.getNickname();
+        if (StringUtils.isBlank(account)
+                || StringUtils.isBlank(password)
+                || StringUtils.isBlank(nickname)
+        ){
+            return Result.fail(ErrorCode.PARAMS_ERROR.getCode(),ErrorCode.PARAMS_ERROR.getMsg());
+        }
+
+        SysUser sysUser = sysUserService.findUserByAccount(account);
+        if(sysUser != null){
+            return Result.fail(ErrorCode.ACCOUNT_PWD_NOT_EXIST.getCode(), "账户已经被注册了");
+        }
+        sysUser = new SysUser();
+        sysUser.setNickname(nickname);
+        sysUser.setAccount(account);
+        sysUser.setPassword(DigestUtils.md5Hex(password+slat));
+        sysUser.setCreateDate(System.currentTimeMillis());
+        sysUser.setLastLogin(System.currentTimeMillis());
+        sysUser.setAvatar("/static/img/logo.b3a48c0.png");
+        sysUser.setAdmin(1); //1 为true
+        sysUser.setDeleted(0); // 0 为false
+        sysUser.setSalt("");
+        sysUser.setStatus("");
+        sysUser.setEmail("");
+        this.sysUserService.save(sysUser);
+        String token = JWTUtils.createToken(sysUser.getId());
+
+        redisTemplate.opsForValue().set("TOKEN_"+token, JSON.toJSONString(sysUser), 1,TimeUnit.DAYS);
+
+        return Result.success(token);
+    }
+}

blog-api/src/main/java/com/mszlu/blog/service/impl/SysUserServiceImpl.java

@@ -1,15 +1,25 @@
 package com.mszlu.blog.service.impl;
 
+import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.mszlu.blog.dao.mapper.SysUserMapper;
 import com.mszlu.blog.dao.pojo.SysUser;
+import com.mszlu.blog.service.LoginService;
 import com.mszlu.blog.service.SysUserService;
+import com.mszlu.blog.vo.ErrorCode;
+import com.mszlu.blog.vo.LoginUserVo;
+import com.mszlu.blog.vo.Result;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.stereotype.Service;
 
 @Service
 public class SysUserServiceImpl implements SysUserService {
     @Autowired
     private SysUserMapper sysUserMapper;
+    @Autowired
+    private RedisTemplate<String,String> redisTemplate;
+    @Autowired
+    private LoginService loginService;
     @Override
     public SysUser findUserById(Long id){
         SysUser sysUser = sysUserMapper.selectById(id);
@@ -19,4 +29,55 @@ public class SysUserServiceImpl implements SysUserService {
         }
         return sysUser;
     }
+
+    @Override
+    public SysUser findUser(String account, String password) {
+        LambdaQueryWrapper<SysUser> queryWrapper = new LambdaQueryWrapper<>();
+        queryWrapper.eq(SysUser::getAccount,account);
+        queryWrapper.eq(SysUser::getPassword,password);
+        queryWrapper.select(SysUser::getAccount,SysUser::getId,SysUser::getAvatar,SysUser::getNickname);
+        queryWrapper.last("limit 1");
+        return sysUserMapper.selectOne(queryWrapper);
+    }
+
+    @Override
+    public Result findUserByToken(String token) {
+        /**
+         * 1.token合法性校验
+         *      是否为空，解析是否成功  redis是否存在
+         * 2.如果校验失败 返回错误
+         * 3.如果成功，返回对应的结果 LoginUserVo
+         *
+         */
+        //if(StringUtils.isBlank(token)){
+          //  return Result.fail(ErrorCode.TOKEN_ERROR.getCode(),ErrorCode.TOKEN_ERROR.getMsg());
+        //}
+        SysUser sysUser = loginService.checkToken(token);
+        if(sysUser == null){
+           Result.fail(ErrorCode.TOKEN_ERROR.getCode(),ErrorCode.TOKEN_ERROR.getMsg());
+        }
+        LoginUserVo loginUserVo = new LoginUserVo();
+        loginUserVo.setId(sysUser.getId());
+        loginUserVo.setNickname(sysUser.getNickname());
+        loginUserVo.setAvatar(sysUser.getAvatar());
+        loginUserVo.setAccount(sysUser.getAccount());
+        return Result.success(loginUserVo);
+    }
+
+    @Override
+    public SysUser findUserByAccount(String account) {
+        LambdaQueryWrapper<SysUser> queryWrapper = new LambdaQueryWrapper<>();
+        queryWrapper.eq(SysUser::getAccount,account);
+        queryWrapper.last("limit 1");
+        return this.sysUserMapper.selectOne(queryWrapper);
+
+    }
+
+    @Override
+    public void save(SysUser sysUser) {
+        //保存用户 id会自动生成
+        //某人生成的id是分布式id 雪花算法
+
+        this.sysUserMapper.insert(sysUser);
+    }
 }

blog-api/src/main/java/com/mszlu/blog/utils/JWTUtils.java

@@ -0,0 +1,39 @@
+package com.mszlu.blog.utils;
+
+import io.jsonwebtoken.Jwt;
+import io.jsonwebtoken.JwtBuilder;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.SignatureAlgorithm;
+
+import java.util.Date;
+import java.util.HashMap;
+import java.util.Map;
+
+public class JWTUtils {
+
+    private static final String jwtToken = "123456Mszlu!@#$$";
+
+    public static String createToken(Long userId){
+        Map<String,Object> claims = new HashMap<>();
+        claims.put("userId",userId);
+        JwtBuilder jwtBuilder = Jwts.builder()
+                .signWith(SignatureAlgorithm.HS256, jwtToken) // 签发算法，秘钥为jwtToken
+                .setClaims(claims) // body数据，要唯一，自行设置
+                .setIssuedAt(new Date()) // 设置签发时间
+                .setExpiration(new Date(System.currentTimeMillis() + 24 * 60 * 60 * 60 * 1000));// 一天的有效时间
+        String token = jwtBuilder.compact();
+        return token;
+    }
+
+    public static Map<String, Object> checkToken(String token){
+        try {
+            Jwt parse = Jwts.parser().setSigningKey(jwtToken).parse(token);
+            return (Map<String, Object>) parse.getBody();
+        }catch (Exception e){
+            e.printStackTrace();
+        }
+        return null;
+
+    }
+
+}

blog-api/src/main/java/com/mszlu/blog/vo/ErrorCode.java

@@ -0,0 +1,36 @@
+package com.mszlu.blog.vo;
+
+public enum  ErrorCode {
+
+    PARAMS_ERROR(10001,"参数有误"),
+    ACCOUNT_PWD_NOT_EXIST(10002,"用户名或密码不存在"),
+    TOKEN_ERROR(10003,"token不合法"),
+    ACCOUNT_EXIST(10004,"账号已存在"),
+    NO_PERMISSION(70001,"无访问权限"),
+    SESSION_TIME_OUT(90001,"会话超时"),
+    NO_LOGIN(90002,"未登录"),;
+
+    private int code;
+    private String msg;
+
+    ErrorCode(int code, String msg){
+        this.code = code;
+        this.msg = msg;
+    }
+
+    public int getCode() {
+        return code;
+    }
+
+    public void setCode(int code) {
+        this.code = code;
+    }
+
+    public String getMsg() {
+        return msg;
+    }
+
+    public void setMsg(String msg) {
+        this.msg = msg;
+    }
+}

blog-api/src/main/java/com/mszlu/blog/vo/LoginUserVo.java

@@ -0,0 +1,16 @@
+package com.mszlu.blog.vo;
+
+import lombok.Data;
+
+@Data
+public class LoginUserVo {
+
+    private Long id;
+
+    private String account;
+
+    private String nickname;
+
+    private String avatar;
+
+}

blog-api/src/main/java/com/mszlu/blog/vo/params/LoginParam.java

@@ -0,0 +1,13 @@
+package com.mszlu.blog.vo.params;
+
+import lombok.Data;
+
+@Data
+public class LoginParam {
+
+    private String account;
+
+    private String password;
+
+    private String nickname;
+}

blog-api/src/main/resources/application.properties

@@ -9,4 +9,8 @@ spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
 
 #mybatis-plus
 mybatis-plus.configuration.log-impl=org.apache.ibatis.logging.stdout.StdOutImpl
-mybatis-plus.global-config.db-config.table-prefix=ms_
+mybatis-plus.global-config.db-config.table-prefix=ms_
+
+
+spring.redis.host=localhost
+spring.redis.port=6379