!464 发布 5.1.2 版本 2023 最后一版

Merge pull request !464 from 疯狂的狮子Li/dev

.run/ruoyi-monitor-admin.run.xml

@@ -2,7 +2,7 @@
  <configuration default="false" name="ruoyi-monitor-admin" type="docker-deploy" factoryName="dockerfile" server-name="Docker">
  <deployment type="dockerfile">
  <settings>
- <option name="imageTag" value="ruoyi/ruoyi-monitor-admin:5.1.1" />
+ <option name="imageTag" value="ruoyi/ruoyi-monitor-admin:5.1.2" />
  <option name="buildOnly" value="true" />
  <option name="sourceFilePath" value="ruoyi-extend/ruoyi-monitor-admin/Dockerfile" />
  </settings>

.run/ruoyi-powerjob-server.run.xml

@@ -2,7 +2,7 @@
  <configuration default="false" name="ruoyi-powerjob-server" type="docker-deploy" factoryName="dockerfile" server-name="Docker">
  <deployment type="dockerfile">
  <settings>
- <option name="imageTag" value="ruoyi/ruoyi-powerjob-server:5.1.1" />
+ <option name="imageTag" value="ruoyi/ruoyi-powerjob-server:5.1.2" />
  <option name="buildOnly" value="true" />
  <option name="sourceFilePath" value="ruoyi-extend/ruoyi-powerjob-server/Dockerfile" />
  </settings>

.run/ruoyi-server.run.xml

@@ -2,7 +2,7 @@
  <configuration default="false" name="ruoyi-server" type="docker-deploy" factoryName="dockerfile" server-name="Docker">
  <deployment type="dockerfile">
  <settings>
- <option name="imageTag" value="ruoyi/ruoyi-server:5.1.1" />
+ <option name="imageTag" value="ruoyi/ruoyi-server:5.1.2" />
  <option name="buildOnly" value="true" />
  <option name="sourceFilePath" value="ruoyi-admin/Dockerfile" />
  </settings>

README.md

@@ -9,7 +9,7 @@
 [![License](https://img.shields.io/badge/License-MIT-blue.svg)](https://gitee.com/dromara/RuoYi-Vue-Plus/blob/master/LICENSE)
 [![使用IntelliJ IDEA开发维护](https://img.shields.io/badge/IntelliJ%20IDEA-提供支持-blue.svg)](https://www.jetbrains.com/?from=RuoYi-Vue-Plus)
 <br>
-[![RuoYi-Vue-Plus](https://img.shields.io/badge/RuoYi_Vue_Plus-5.1.1-success.svg)](https://gitee.com/dromara/RuoYi-Vue-Plus)
+[![RuoYi-Vue-Plus](https://img.shields.io/badge/RuoYi_Vue_Plus-5.1.2-success.svg)](https://gitee.com/dromara/RuoYi-Vue-Plus)
 [![Spring Boot](https://img.shields.io/badge/Spring%20Boot-3.1-blue.svg)]()
 [![JDK-17](https://img.shields.io/badge/JDK-17-green.svg)]()
 [![JDK-21](https://img.shields.io/badge/JDK-21-green.svg)]()
@@ -36,7 +36,7 @@
 | 权限认证 | 采用 Sa-Token、Jwt 静态使用功能齐全 低耦合 高扩展 | Spring Security 配置繁琐扩展性极差 |
 | 权限注解 | 采用 Sa-Token 支持注解 登录校验、角色校验、权限校验、二级认证校验、HttpBasic校验、忽略校验<br/>角色与权限校验支持多种条件 如 `AND` `OR` 或 `权限 OR 角色` 等复杂表达式 | 只支持是否存在匹配 |
 | 三方鉴权 | 采用 JustAuth 第三方登录组件 支持微信、钉钉等数十种三方认证 | 无 |
-| 关系数据库支持 | 原生支持 MySQL、Oracle、PostgreSQL、SQLServer<br/>可同时使用异构切换  | 支持 Mysql、Oracle 不支持同时使用、不支持异构切换 |
+| 关系数据库支持 | 原生支持 MySQL、Oracle、PostgreSQL、SQLServer<br/>可同时使用异构切换(支持其他 mybatis-plus 支持的所有数据库 只需要增加jdbc依赖即可使用 达梦金仓等均有成功案例) | 支持 Mysql、Oracle 不支持同时使用、不支持异构切换 |
 | 缓存数据库 | 支持 Redis 5-7 支持大部分新功能特性 如 分布式限流、分布式队列 | Redis 简单 get set 支持 |
 | Redis客户端 | 采用 Redisson Redis官方推荐 基于Netty的客户端工具<br/>支持Redis 90%以上的命令 底层优化规避很多不正确的用法 例如: keys被转换为scan<br/>支持单机、哨兵、单主集群、多主集群等模式 | Lettuce + RedisTemplate 支持模式少 工具使用繁琐<br/>连接池采用 common-pool Bug多经常性出问题 |
 | 缓存注解 | 采用 Spring-Cache 注解 对其扩展了实现支持了更多功能<br/>例如 过期时间 最大空闲时间 组最大长度等 只需一个注解即可完成数据自动缓存 | 需手动编写Redis代码逻辑 |

pom.xml

@@ -13,38 +13,38 @@
  <description>RuoYi-Vue-Plus多租户管理系统</description>
 
  <properties>
- <revision>5.1.1</revision>
- <spring-boot.version>3.1.5</spring-boot.version>
+ <revision>5.1.2</revision>
+ <spring-boot.version>3.1.7</spring-boot.version>
  <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
  <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
  <java.version>17</java.version>
- <spring-boot.mybatis>3.0.2</spring-boot.mybatis>
+ <spring-boot.mybatis>3.0.3</spring-boot.mybatis>
  <springdoc.version>2.2.0</springdoc.version>
  <therapi-javadoc.version>0.15.0</therapi-javadoc.version>
  <poi.version>5.2.3</poi.version>
- <easyexcel.version>3.3.2</easyexcel.version>
+ <easyexcel.version>3.3.3</easyexcel.version>
  <velocity.version>2.3</velocity.version>
  <satoken.version>1.37.0</satoken.version>
  <mybatis-plus.version>3.5.4</mybatis-plus.version>
  <p6spy.version>3.9.1</p6spy.version>
  <hutool.version>5.8.22</hutool.version>
  <okhttp.version>4.10.0</okhttp.version>
- <spring-boot-admin.version>3.1.7</spring-boot-admin.version>
- <redisson.version>3.24.1</redisson.version>
+ <spring-boot-admin.version>3.1.8</spring-boot-admin.version>
+ <redisson.version>3.24.3</redisson.version>
  <lock4j.version>2.2.5</lock4j.version>
  <dynamic-ds.version>4.2.0</dynamic-ds.version>
- <alibaba-ttl.version>2.14.2</alibaba-ttl.version>
- <powerjob.version>4.3.3</powerjob.version>
+ <alibaba-ttl.version>2.14.4</alibaba-ttl.version>
+ <powerjob.version>4.3.6</powerjob.version>
  <mapstruct-plus.version>1.3.5</mapstruct-plus.version>
  <mapstruct-plus.lombok.version>0.2.0</mapstruct-plus.lombok.version>
  <lombok.version>1.18.30</lombok.version>
  <bouncycastle.version>1.76</bouncycastle.version>
- <justauth.version>1.16.5</justauth.version>
+ <justauth.version>1.16.6</justauth.version>
  <!-- 离线IP地址定位库 -->
  <ip2region.version>2.7.0</ip2region.version>
 
  <!-- OSS 配置 -->
- <aws-java-sdk-s3.version>1.12.540</aws-java-sdk-s3.version>
+ <aws-java-sdk-s3.version>1.12.600</aws-java-sdk-s3.version>
  <!-- SMS 配置 -->
  <sms4j.version>2.2.0</sms4j.version>
  <!-- 限制框架中的fastjson版本 -->

ruoyi-admin/Dockerfile

@@ -9,16 +9,16 @@ RUN mkdir -p /ruoyi/server/logs \
 
 WORKDIR /ruoyi/server
 
-ENV SERVER_PORT=8080 LANG=C.UTF-8 LC_ALL=C.UTF-8
+ENV SERVER_PORT=8080 LANG=C.UTF-8 LC_ALL=C.UTF-8 JAVA_OPTS=""
 
 EXPOSE ${SERVER_PORT}
 
 ADD ./target/ruoyi-admin.jar ./app.jar
 
-ENTRYPOINT ["java", \
-  "-Djava.security.egd=file:/dev/./urandom", \
-  "-Dserver.port=${SERVER_PORT}", \
-  # 应用名称 如果想区分集群节点监控 改成不同的名称即可
-#  "-Dskywalking.agent.service_name=ruoyi-server", \
-#  "-javaagent:/ruoyi/skywalking/agent/skywalking-agent.jar", \
- "-jar", "app.jar"]
+ENTRYPOINT java -Djava.security.egd=file:/dev/./urandom -Dserver.port=${SERVER_PORT} \
+ # 应用名称 如果想区分集群节点监控 改成不同的名称即可
+ #-Dskywalking.agent.service_name=ruoyi-server \
+ #-javaagent:/ruoyi/skywalking/agent/skywalking-agent.jar \
+ -jar app.jar \
+ -XX:+HeapDumpOnOutOfMemoryError -Xlog:gc*,:time,tags,level -XX:+UseZGC ${JAVA_OPTS}
+

ruoyi-admin/pom.xml

@@ -48,6 +48,10 @@
  <artifactId>ruoyi-common-social</artifactId>
  </dependency>
 
+ <dependency>
+ <groupId>org.dromara</groupId>
+ <artifactId>ruoyi-common-ratelimiter</artifactId>
+ </dependency>
 
  <dependency>
  <groupId>org.dromara</groupId>

ruoyi-admin/src/main/java/org/dromara/web/controller/AuthController.java

@@ -16,6 +16,7 @@
 import org.dromara.common.core.domain.model.RegisterBody;
 import org.dromara.common.core.domain.model.SocialLoginBody;
 import org.dromara.common.core.utils.*;
+import org.dromara.common.encrypt.annotation.ApiEncrypt;
 import org.dromara.common.json.utils.JsonUtils;
 import org.dromara.common.satoken.utils.LoginHelper;
 import org.dromara.common.social.config.properties.SocialLoginConfigProperties;
@@ -51,7 +52,6 @@
  */
 @Slf4j
 @SaIgnore
-@Validated
 @RequiredArgsConstructor
 @RestController
 @RequestMapping("/auth")
@@ -73,8 +73,9 @@ public class AuthController {
  * @param body 登录信息
  * @return 结果
  */
+ @ApiEncrypt
  @PostMapping("/login")
- public R<LoginVo> login(@Validated @RequestBody String body) {
+ public R<LoginVo> login(@RequestBody String body) {
  LoginBody loginBody = JsonUtils.parseObject(body, LoginBody.class);
  ValidatorUtils.validate(loginBody);
  // 授权类型和客户端id
@@ -163,6 +164,7 @@ public R<Void> logout() {
  /**
  * 用户注册
  */
+ @ApiEncrypt
  @PostMapping("/register")
  public R<Void> register(@Validated @RequestBody RegisterBody user) {
  if (!configService.selectRegisterEnabled(user.getTenantId())) {

ruoyi-admin/src/main/java/org/dromara/web/controller/CaptchaController.java

@@ -13,6 +13,8 @@
 import org.dromara.common.core.utils.reflect.ReflectUtils;
 import org.dromara.common.mail.config.properties.MailProperties;
 import org.dromara.common.mail.utils.MailUtils;
+import org.dromara.common.ratelimiter.annotation.RateLimiter;
+import org.dromara.common.ratelimiter.enums.LimitType;
 import org.dromara.common.redis.utils.RedisUtils;
 import org.dromara.common.web.config.properties.CaptchaProperties;
 import org.dromara.common.web.enums.CaptchaType;
@@ -54,6 +56,7 @@ public class CaptchaController {
  *
  * @param phonenumber 用户手机号
  */
+ @RateLimiter(key = "#phonenumber", time = 60, count = 1)
  @GetMapping("/resource/sms/code")
  public R<Void> smsCode(@NotBlank(message = "{user.phonenumber.not.blank}") String phonenumber) {
  String key = GlobalConstants.CAPTCHA_CODE_KEY + phonenumber;
@@ -77,6 +80,7 @@ public R<Void> smsCode(@NotBlank(message = "{user.phonenumber.not.blank}") Strin
  *
  * @param email 邮箱
  */
+ @RateLimiter(key = "#email", time = 60, count = 1)
  @GetMapping("/resource/email/code")
  public R<Void> emailCode(@NotBlank(message = "{user.email.not.blank}") String email) {
  if (!mailProperties.getEnabled()) {
@@ -97,6 +101,7 @@ public R<Void> emailCode(@NotBlank(message = "{user.email.not.blank}") String em
  /**
  * 生成验证码
  */
+ @RateLimiter(time = 60, count = 10, limitType = LimitType.IP)
  @GetMapping("/auth/code")
  public R<CaptchaVo> getCode() {
  CaptchaVo captchaVo = new CaptchaVo();

ruoyi-common/ruoyi-common-satoken/src/main/java/org/dromara/common/satoken/listener/UserActionListener.java → ruoyi-admin/src/main/java/org/dromara/web/listener/UserActionListener.java

@@ -1,20 +1,24 @@
-package org.dromara.common.satoken.listener;
+package org.dromara.web.listener;
 
 import cn.dev33.satoken.config.SaTokenConfig;
 import cn.dev33.satoken.listener.SaTokenListener;
 import cn.dev33.satoken.stp.SaLoginModel;
 import cn.hutool.http.useragent.UserAgent;
 import cn.hutool.http.useragent.UserAgentUtil;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.dromara.common.core.constant.CacheConstants;
+import org.dromara.common.core.constant.Constants;
 import org.dromara.common.core.domain.dto.UserOnlineDTO;
 import org.dromara.common.core.domain.model.LoginUser;
-import org.dromara.common.core.enums.UserType;
+import org.dromara.common.core.utils.MessageUtils;
+import org.dromara.common.core.utils.ServletUtils;
+import org.dromara.common.core.utils.SpringUtils;
+import org.dromara.common.core.utils.ip.AddressUtils;
+import org.dromara.common.log.event.LogininforEvent;
 import org.dromara.common.redis.utils.RedisUtils;
 import org.dromara.common.satoken.utils.LoginHelper;
-import org.dromara.common.core.utils.ip.AddressUtils;
-import org.dromara.common.core.utils.ServletUtils;
-import lombok.RequiredArgsConstructor;
-import lombok.extern.slf4j.Slf4j;
+import org.dromara.web.service.SysLoginService;
 import org.springframework.stereotype.Component;
 
 import java.time.Duration;
@@ -30,37 +34,43 @@
 public class UserActionListener implements SaTokenListener {
 
  private final SaTokenConfig tokenConfig;
+ private final SysLoginService loginService;
 
  /**
  * 每次登录时触发
  */
  @Override
  public void doLogin(String loginType, Object loginId, String tokenValue, SaLoginModel loginModel) {
- UserType userType = UserType.getUserType(loginId.toString());
- if (userType == UserType.SYS_USER) {
- UserAgent userAgent = UserAgentUtil.parse(ServletUtils.getRequest().getHeader("User-Agent"));
- String ip = ServletUtils.getClientIP();
- LoginUser user = LoginHelper.getLoginUser();
- UserOnlineDTO dto = new UserOnlineDTO();
- dto.setIpaddr(ip);
- dto.setLoginLocation(AddressUtils.getRealAddressByIP(ip));
- dto.setBrowser(userAgent.getBrowser().getName());
- dto.setOs(userAgent.getOs().getName());
- dto.setLoginTime(System.currentTimeMillis());
- dto.setTokenId(tokenValue);
- dto.setUserName(user.getUsername());
- dto.setClientKey(user.getClientKey());
- dto.setDeviceType(user.getDeviceType());
- dto.setDeptName(user.getDeptName());
- if(tokenConfig.getTimeout() == -1) {
- RedisUtils.setCacheObject(CacheConstants.ONLINE_TOKEN_KEY + tokenValue, dto);
- } else {
- RedisUtils.setCacheObject(CacheConstants.ONLINE_TOKEN_KEY + tokenValue, dto, Duration.ofSeconds(tokenConfig.getTimeout()));
- }
- log.info("user doLogin, userId:{}, token:{}", loginId, tokenValue);
- } else if (userType == UserType.APP_USER) {
- // app端 自行根据业务编写
+ UserAgent userAgent = UserAgentUtil.parse(ServletUtils.getRequest().getHeader("User-Agent"));
+ String ip = ServletUtils.getClientIP();
+ LoginUser user = LoginHelper.getLoginUser();
+ UserOnlineDTO dto = new UserOnlineDTO();
+ dto.setIpaddr(ip);
+ dto.setLoginLocation(AddressUtils.getRealAddressByIP(ip));
+ dto.setBrowser(userAgent.getBrowser().getName());
+ dto.setOs(userAgent.getOs().getName());
+ dto.setLoginTime(System.currentTimeMillis());
+ dto.setTokenId(tokenValue);
+ dto.setUserName(user.getUsername());
+ dto.setClientKey(user.getClientKey());
+ dto.setDeviceType(user.getDeviceType());
+ dto.setDeptName(user.getDeptName());
+ if(tokenConfig.getTimeout() == -1) {
+ RedisUtils.setCacheObject(CacheConstants.ONLINE_TOKEN_KEY + tokenValue, dto);
+ } else {
+ RedisUtils.setCacheObject(CacheConstants.ONLINE_TOKEN_KEY + tokenValue, dto, Duration.ofSeconds(tokenConfig.getTimeout()));
  }
+ // 记录登录日志
+ LogininforEvent logininforEvent = new LogininforEvent();
+ logininforEvent.setTenantId(user.getTenantId());
+ logininforEvent.setUsername(user.getUsername());
+ logininforEvent.setStatus(Constants.LOGIN_SUCCESS);
+ logininforEvent.setMessage(MessageUtils.message("user.login.success"));
+ logininforEvent.setRequest(ServletUtils.getRequest());
+ SpringUtils.context().publishEvent(logininforEvent);
+ // 更新登录信息
+ loginService.recordLoginInfo(user.getUserId(), ip);
+ log.info("user doLogin, userId:{}, token:{}", loginId, tokenValue);
  }
 
  /**

ruoyi-admin/src/main/java/org/dromara/web/service/SysLoginService.java

@@ -3,6 +3,7 @@
 import cn.dev33.satoken.exception.NotLoginException;
 import cn.dev33.satoken.stp.StpUtil;
 import cn.hutool.core.bean.BeanUtil;
+import cn.hutool.core.collection.CollUtil;
 import cn.hutool.core.util.ObjectUtil;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
@@ -17,6 +18,7 @@
 import org.dromara.common.core.exception.user.UserException;
 import org.dromara.common.core.utils.*;
 import org.dromara.common.log.event.LogininforEvent;
+import org.dromara.common.mybatis.helper.DataPermissionHelper;
 import org.dromara.common.redis.utils.RedisUtils;
 import org.dromara.common.satoken.utils.LoginHelper;
 import org.dromara.common.tenant.exception.TenantException;
@@ -77,13 +79,13 @@ public void socialRegister(AuthUser authUserData) {
  bo.setUserName(authUserData.getUsername());
  bo.setNickName(authUserData.getNickname());
  // 查询是否已经绑定用户
- SysSocialVo vo = sysSocialService.selectByAuthId(authId);
- if (ObjectUtil.isEmpty(vo)) {
+ List<SysSocialVo> list = sysSocialService.selectByAuthId(authId);
+ if (CollUtil.isEmpty(list)) {
  // 没有绑定用户, 新增用户信息
  sysSocialService.insertByBo(bo);
  } else {
  // 更新用户信息
- bo.setId(vo.getId());
+ bo.setId(list.get(0).getId());
  sysSocialService.updateByBo(bo);
  }
  }
@@ -95,6 +97,9 @@ public void socialRegister(AuthUser authUserData) {
  public void logout() {
  try {
  LoginUser loginUser = LoginHelper.getLoginUser();
+ if (ObjectUtil.isNull(loginUser)) {
+ return;
+ }
  if (TenantHelper.isEnable() && LoginHelper.isSuperAdmin()) {
  // 超级管理员 登出清除动态租户
  TenantHelper.clearDynamic();
@@ -152,13 +157,13 @@ public LoginUser buildLoginUser(SysUserVo user) {
  *
  * @param userId 用户ID
  */
- public void recordLoginInfo(Long userId) {
+ public void recordLoginInfo(Long userId, String ip) {
  SysUser sysUser = new SysUser();
  sysUser.setUserId(userId);
- sysUser.setLoginIp(ServletUtils.getClientIP());
+ sysUser.setLoginIp(ip);
  sysUser.setLoginDate(DateUtils.getNowDate());
  sysUser.setUpdateBy(userId);
- userMapper.updateById(sysUser);
+ DataPermissionHelper.ignore(() -> userMapper.updateById(sysUser));
  }
 
  /**