新增用户安全相关的

2026-02-03 22:21:55 +08:00
parent 3a0f192599
commit db762a0f03
19 changed files with 1726 additions and 10 deletions
--- a/vetti-admin/src/main/java/com/vetti/web/controller/hotake/HotakeSecurityController.java
+++ b/vetti-admin/src/main/java/com/vetti/web/controller/hotake/HotakeSecurityController.java
@@ -0,0 +1,106 @@
+package com.vetti.web.controller.hotake;
+
+import com.vetti.common.core.domain.AjaxResult;
+import com.vetti.common.core.domain.R;
+import com.vetti.common.utils.MessageUtils;
+import com.vetti.hotake.domain.HotakeSecuritySettings;
+import com.vetti.hotake.domain.dto.SecurityChangePasswordDto;
+import com.vetti.hotake.domain.vo.SecuritySessionVo;
+import com.vetti.hotake.service.IHotakeSecurityService;
+import io.swagger.annotations.Api;
+import io.swagger.annotations.ApiOperation;
+import io.swagger.annotations.ApiParam;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.validation.annotation.Validated;
+import org.springframework.web.bind.annotation.*;
+
+import java.util.List;
+
+/**
+ * 安全设置控制器
+ *
+ * @author vetti
+ * @date 2026-02-02
+ */
+@Api(tags = "安全设置模块")
+@RestController
+@RequestMapping("/security")
+public class HotakeSecurityController
+{
+    @Autowired
+    private IHotakeSecurityService securityService;
+
+    /**
+     * 获取当前用户的安全设置
+     */
+    @ApiOperation("获取当前用户的安全设置")
+    @GetMapping("/settings")
+    public R<HotakeSecuritySettings> getSecuritySettings()
+    {
+        HotakeSecuritySettings settings = securityService.getCurrentUserSecuritySettings();
+        // 脱敏处理，不返回敏感信息
+        settings.setTwoFactorSecret(null);
+        settings.setBackupCodes(null);
+        settings.setPasswordResetToken(null);
+        return R.ok(settings, "");
+    }
+
+    /**
+     * 更新两步验证设置
+     */
+    @ApiOperation("更新两步验证设置")
+    @PutMapping("/two-factor")
+    public AjaxResult updateTwoFactorEnabled(
+            @ApiParam(value = "是否启用", required = true)
+            @RequestParam Boolean enabled)
+    {
+        securityService.updateTwoFactorEnabled(enabled);
+        return AjaxResult.success(MessageUtils.messageCustomize("HotakeSecurityController10001"));
+    }
+
+    /**
+     * 修改密码
+     */
+    @ApiOperation("修改密码")
+    @PostMapping("/change-password")
+    public AjaxResult changePassword(@Validated @RequestBody SecurityChangePasswordDto dto)
+    {
+        securityService.changePassword(dto);
+        return AjaxResult.success(MessageUtils.messageCustomize("HotakeSecurityController10002"));
+    }
+
+    /**
+     * 获取活跃会话列表
+     */
+    @ApiOperation("获取活跃会话列表")
+    @GetMapping("/sessions")
+    public R<List<SecuritySessionVo>> getActiveSessions()
+    {
+        List<SecuritySessionVo> sessions = securityService.getActiveSessions();
+        return R.ok(sessions, "");
+    }
+
+    /**
+     * 终止指定会话
+     */
+    @ApiOperation("终止指定会话")
+    @DeleteMapping("/sessions/{sessionId}")
+    public AjaxResult terminateSession(
+            @ApiParam(value = "会话ID", required = true)
+            @PathVariable Long sessionId)
+    {
+        securityService.terminateSession(sessionId);
+        return AjaxResult.success(MessageUtils.messageCustomize("HotakeSecurityController10003"));
+    }
+
+    /**
+     * 终止所有其他会话
+     */
+    @ApiOperation("终止所有其他会话")
+    @DeleteMapping("/sessions/terminate-all")
+    public AjaxResult terminateAllOtherSessions()
+    {
+        securityService.terminateAllOtherSessions();
+        return AjaxResult.success(MessageUtils.messageCustomize("HotakeSecurityController10004"));
+    }
+}
--- a/vetti-admin/src/main/java/com/vetti/web/controller/system/SysLoginController.java
+++ b/vetti-admin/src/main/java/com/vetti/web/controller/system/SysLoginController.java
@@ -71,6 +71,28 @@ public class SysLoginController
        LoginDto loginDto = loginService.login(loginBody.getUsername(), loginBody.getPassword(), loginBody.getCode(),
                loginBody.getUuid());
        
+        // TODO: 安全功能集成 - 记录登录会话到安全表
+        // 在用户成功登录后，记录会话信息到hotake_security_login_sessions表
+        // 用于支持"Login Sessions"功能，显示用户的所有活跃会话
+        try {
+            String ipAddress = com.vetti.common.utils.ip.IpUtils.getIpAddr();
+            String userAgent = com.vetti.common.utils.ServletUtils.getRequest().getHeader("User-Agent");
+            // 使用Spring的ApplicationContext来获取bean，避免循环依赖
+            try {
+                Object securityService = com.vetti.common.utils.spring.SpringUtils.getBean("hotakeSecurityServiceImpl");
+                if (securityService != null) {
+                    // 使用反射调用方法
+                    java.lang.reflect.Method method = securityService.getClass().getMethod(
+                        "recordLoginSession", Long.class, String.class, String.class, String.class);
+                    method.invoke(securityService, loginDto.getUserId(), loginDto.getToken(), ipAddress, userAgent);
+                }
+            } catch (Exception e) {
+                // 安全服务不存在或调用失败，不影响登录流程
+            }
+        } catch (Exception e) {
+            // 记录会话失败不影响登录流程
+        }
+        
        // 如果是候选者，查询是否有简历
        if (loginDto.getUser() != null && "candidate".equals(loginDto.getUser().getSysUserType())) {
            HotakeCvInfo query = new HotakeCvInfo();
@@ -180,11 +202,7 @@ public class SysLoginController
    public AjaxResult logout()
    {
        LoginUser loginUser = SecurityUtils.getLoginUser();
-        if (loginUser != null)
-        {
-            // 删除用户缓存记录
-            tokenService.delLoginUser(loginUser.getToken());
-        }
+        loginService.logout(loginUser);
        return AjaxResult.success("退出成功");
    }
 }
--- a/vetti-admin/src/main/resources/application-druid.yml
+++ b/vetti-admin/src/main/resources/application-druid.yml
@@ -2,7 +2,7 @@
 # 开发环境配置
 server:
    # 服务器的HTTP端口，默认为8080
-    port: 8080
+    port: 8686
    servlet:
        # 应用的访问路径
        context-path: /
--- a/vetti-admin/src/main/resources/i18n/messages_en_US.properties
+++ b/vetti-admin/src/main/resources/i18n/messages_en_US.properties
@@ -65,4 +65,24 @@ VerificationEmailTiTle = Your verification code
 VerificationEmailContent = Your verification code is: {0}, valid for {1} minutes.


-HotakeRolesApplyInfoServiceImpl10001 = You have already applied for this position
+HotakeRolesApplyInfoServiceImpl10001 = You have already applied for this position
+
+# Security settings related messages
+HotakeSecurityServiceImpl10001 = New password and confirm password do not match
+HotakeSecurityServiceImpl10002 = Current password is incorrect
+HotakeSecurityServiceImpl10003 = New password cannot be the same as the last 5 passwords used
+HotakeSecurityServiceImpl10004 = Session does not exist or no permission to operate
+HotakeSecurityServiceImpl10005 = Failed to change password: current password is incorrect
+HotakeSecurityServiceImpl10006 = Two-factor authentication enabled
+HotakeSecurityServiceImpl10007 = Two-factor authentication disabled
+HotakeSecurityServiceImpl10008 = Password changed successfully
+HotakeSecurityServiceImpl10009 = Terminate session
+HotakeSecurityServiceImpl10010 = Terminate all other sessions
+
+HotakeSecurityController10001 = Two-factor authentication settings updated
+HotakeSecurityController10002 = Password changed successfully
+HotakeSecurityController10003 = Session terminated
+HotakeSecurityController10004 = All other sessions terminated
+
+# Logout related
+HotakeSecurityServiceImpl10011 = User logged out
--- a/vetti-admin/src/main/resources/i18n/messages_zh_CN.properties
+++ b/vetti-admin/src/main/resources/i18n/messages_zh_CN.properties
@@ -62,4 +62,24 @@ HotakeRolesInfoServiceImpl10001 = 岗位信息异常,请稍后再试
 VerificationEmailTiTle = 你的验证码
 VerificationEmailContent = 你的验证码是: {0}，有效期为 {1} 分钟。

-HotakeRolesApplyInfoServiceImpl10001 = 您已申请该职位
+HotakeRolesApplyInfoServiceImpl10001 = 您已申请该职位
+
+# 安全设置相关消息
+HotakeSecurityServiceImpl10001 = 新密码和确认密码不一致
+HotakeSecurityServiceImpl10002 = 当前密码错误
+HotakeSecurityServiceImpl10003 = 新密码不能与最近5次使用过的密码相同
+HotakeSecurityServiceImpl10004 = 会话不存在或无权操作
+HotakeSecurityServiceImpl10005 = 修改密码失败：当前密码错误
+HotakeSecurityServiceImpl10006 = 启用两步验证
+HotakeSecurityServiceImpl10007 = 禁用两步验证
+HotakeSecurityServiceImpl10008 = 修改密码成功
+HotakeSecurityServiceImpl10009 = 终止会话
+HotakeSecurityServiceImpl10010 = 终止所有其他会话
+
+HotakeSecurityController10001 = 两步验证设置已更新
+HotakeSecurityController10002 = 密码修改成功
+HotakeSecurityController10003 = 会话已终止
+HotakeSecurityController10004 = 所有其他会话已终止
+
+# 退出登录相关
+HotakeSecurityServiceImpl10011 = 用户退出登录
--- a/vetti-admin/target/classes/i18n/messages_en_US.properties
+++ b/vetti-admin/target/classes/i18n/messages_en_US.properties
@@ -65,4 +65,24 @@ VerificationEmailTiTle = Your verification code
 VerificationEmailContent = Your verification code is: {0}, valid for {1} minutes.


-HotakeRolesApplyInfoServiceImpl10001 = You have already applied for this position
+HotakeRolesApplyInfoServiceImpl10001 = You have already applied for this position
+
+# Security settings related messages
+HotakeSecurityServiceImpl10001 = New password and confirm password do not match
+HotakeSecurityServiceImpl10002 = Current password is incorrect
+HotakeSecurityServiceImpl10003 = New password cannot be the same as the last 5 passwords used
+HotakeSecurityServiceImpl10004 = Session does not exist or no permission to operate
+HotakeSecurityServiceImpl10005 = Failed to change password: current password is incorrect
+HotakeSecurityServiceImpl10006 = Two-factor authentication enabled
+HotakeSecurityServiceImpl10007 = Two-factor authentication disabled
+HotakeSecurityServiceImpl10008 = Password changed successfully
+HotakeSecurityServiceImpl10009 = Terminate session
+HotakeSecurityServiceImpl10010 = Terminate all other sessions
+
+HotakeSecurityController10001 = Two-factor authentication settings updated
+HotakeSecurityController10002 = Password changed successfully
+HotakeSecurityController10003 = Session terminated
+HotakeSecurityController10004 = All other sessions terminated
+
+# Logout related
+HotakeSecurityServiceImpl10011 = User logged out
--- a/vetti-admin/target/classes/i18n/messages_zh_CN.properties
+++ b/vetti-admin/target/classes/i18n/messages_zh_CN.properties
@@ -62,4 +62,24 @@ HotakeRolesInfoServiceImpl10001 = 岗位信息异常,请稍后再试
 VerificationEmailTiTle = 你的验证码
 VerificationEmailContent = 你的验证码是: {0}，有效期为 {1} 分钟。

-HotakeRolesApplyInfoServiceImpl10001 = 您已申请该职位
+HotakeRolesApplyInfoServiceImpl10001 = 您已申请该职位
+
+# 安全设置相关消息
+HotakeSecurityServiceImpl10001 = 新密码和确认密码不一致
+HotakeSecurityServiceImpl10002 = 当前密码错误
+HotakeSecurityServiceImpl10003 = 新密码不能与最近5次使用过的密码相同
+HotakeSecurityServiceImpl10004 = 会话不存在或无权操作
+HotakeSecurityServiceImpl10005 = 修改密码失败：当前密码错误
+HotakeSecurityServiceImpl10006 = 启用两步验证
+HotakeSecurityServiceImpl10007 = 禁用两步验证
+HotakeSecurityServiceImpl10008 = 修改密码成功
+HotakeSecurityServiceImpl10009 = 终止会话
+HotakeSecurityServiceImpl10010 = 终止所有其他会话
+
+HotakeSecurityController10001 = 两步验证设置已更新
+HotakeSecurityController10002 = 密码修改成功
+HotakeSecurityController10003 = 会话已终止
+HotakeSecurityController10004 = 所有其他会话已终止
+
+# 退出登录相关
+HotakeSecurityServiceImpl10011 = 用户退出登录