admin/qingcheng-houduan
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

参数校验

Browse Source
This commit is contained in:
chen-xin-zhi
2025-04-29 21:37:00 +08:00
parent 698b5b4504
commit 2ce8f06cfb
6 changed files with 28 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
src/main/java/com/greenorange/promotion/controller/user/UserInfoController.java
View File

@ -26,10 +26,9 @@ import io.swagger.v3.oas.annotations.tags.Tag;
import jakarta.annotation.Resource;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.validation.Valid;
import jakarta.validation.constraints.NotBlank;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;
import java.util.List;
@ -70,10 +69,9 @@ public class UserInfoController {
*/
@PostMapping("login")
@Operation(summary = "web端管理员登录", description = "参数用户登录请求体权限管理员boss, admin)方法名userInfoLogin")
public BaseResponse<String> userInfoLogin(@RequestBody UserInfoLoginRequest userInfoLoginRequest, HttpServletRequest request) {
public BaseResponse<String> userInfoLogin(@Valid @RequestBody UserInfoLoginRequest userInfoLoginRequest, HttpServletRequest request) {
String userAccount = userInfoLoginRequest.getUserAccount();
String userPassword = userInfoLoginRequest.getUserPassword();
ThrowUtils.throwIf(StringUtils.isAnyBlank(userAccount, userPassword), ErrorCode.PARAMS_ERROR);
String token = userInfoService.userInfoLogin(userAccount, userPassword, request);
return ResultUtils.success(token);
}
@ -87,11 +85,10 @@ public class UserInfoController {
@PostMapping("logout")
@Operation(summary = "web端管理员退出登录", description = "参数JWT权限管理员boss, admin)方法名userInfoLogout")
@RequiresPermission(mustRole = UserConstant.ADMIN_ROLE)
public BaseResponse<Boolean> userInfoLogout(@RequestHeader("Authorization") String token) {
public BaseResponse<Boolean> userInfoLogout(@NotBlank @RequestHeader("Authorization") String token) {
// 获取token的过期时间
DecodedJWT decodedJWT = jwtUtils.verify(token);
long expirationTime = decodedJWT.getExpiresAt().getTime() - System.currentTimeMillis();
// 将token存入Redis黑名单并设置过期时间与token一致
redisTemplate.opsForValue().set(token, token, expirationTime, TimeUnit.MILLISECONDS);
return ResultUtils.success(true);
@ -106,7 +103,7 @@ public class UserInfoController {
* @return 是否添加成功
*/
@PostMapping("add")
@Operation(summary = "web端管理员添加用户", description = "参数用户表添加请求体权限管理员boss, admin)方法名addUserInfo")
@Operation(summary = "web端管理员添加用户", description = "参数用户表添加请求体权限管理员boss, admin)方法名addUserInfo")
public BaseResponse<Boolean> addUserInfo(@Valid @RequestBody UserInfoAddRequest userInfoAddRequest) {
UserInfo userInfo = commonService.copyProperties(userInfoAddRequest, UserInfo.class);
userInfoService.save(userInfo);
@ -121,9 +118,8 @@ public class UserInfoController {
* @return 是否更新成功
*/
@PostMapping("update")
@Operation(summary = "web端管理员更新用户", description = "参数用户表更新请求体权限管理员boss, admin)方法名updateUserInfo")
public BaseResponse<Boolean> updateUserInfo(@RequestBody UserInfoUpdateRequest userInfoUpdateRequest) {
ThrowUtils.throwIf(userInfoUpdateRequest == null || userInfoUpdateRequest.getId() <= 0, ErrorCode.PARAMS_ERROR);
@Operation(summary = "web端管理员更新用户", description = "参数用户表更新请求体权限管理员boss, admin)方法名updateUserInfo")
public BaseResponse<Boolean> updateUserInfo(@Valid @RequestBody UserInfoUpdateRequest userInfoUpdateRequest) {
UserInfo userInfo = commonService.copyProperties(userInfoUpdateRequest, UserInfo.class);
userInfoService.updateById(userInfo);
return ResultUtils.success(true);
@ -135,9 +131,8 @@ public class UserInfoController {
* @return 是否删除成功
*/
@PostMapping("delete")
@Operation(summary = "web端管理员删除用户", description = "参数用户表删除请求体权限管理员boss, admin)方法名delUserInfo")
public BaseResponse<Boolean> delUserInfo(@RequestBody CommonRequest commonRequest) {
ThrowUtils.throwIf(commonRequest == null || commonRequest.getId() <= 0, ErrorCode.PARAMS_ERROR);
@Operation(summary = "web端管理员删除用户", description = "参数用户表删除请求体权限管理员boss, admin)方法名delUserInfo")
public BaseResponse<Boolean> delUserInfo(@Valid @RequestBody CommonRequest commonRequest) {
Long id = commonRequest.getId();
userInfoService.removeById(id);
return ResultUtils.success(true);
@ -149,9 +144,8 @@ public class UserInfoController {
* @return 用户表列表
*/
@PostMapping("page")
@Operation(summary = "Web端管理员分页查看用户", description = "参数用户表查询请求体权限管理员boss, admin),方法名:listUserInfoByPage")
public BaseResponse<Page<UserInfoVO>> listUserInfoByPage(@RequestBody UserInfoQueryRequest userInfoQueryRequest) {
if (userInfoQueryRequest == null) throw new BusinessException(ErrorCode.PARAMS_ERROR);
@Operation(summary = "Web端管理员分页查看用户", description = "参数用户表查询请求体权限管理员boss, admin),方法名:listUserInfoByPage")
public BaseResponse<Page<UserInfoVO>> listUserInfoByPage(@Valid @RequestBody UserInfoQueryRequest userInfoQueryRequest) {
long current = userInfoQueryRequest.getCurrent();
long pageSize = userInfoQueryRequest.getPageSize();
QueryWrapper<UserInfo> queryWrapper = userInfoService.getQueryWrapper(userInfoQueryRequest);
@ -173,10 +167,9 @@ public class UserInfoController {
* @return 用户表信息
*/
@PostMapping("queryById")
@Operation(summary = "web端管理员根据id查询用户", description = "参数用户表查询请求体权限管理员boss, admin),方法名:queryUserInfoById")
@Operation(summary = "web端管理员根据id查询用户", description = "参数用户表查询请求体权限管理员boss, admin),方法名:queryUserInfoById")
@RequiresPermission(mustRole = UserConstant.ADMIN_ROLE)
public BaseResponse<UserInfoVO> queryUserInfoById(@RequestBody CommonRequest commonRequest) {
ThrowUtils.throwIf(commonRequest == null || commonRequest.getId() <= 0, ErrorCode.PARAMS_ERROR);
public BaseResponse<UserInfoVO> queryUserInfoById(@Valid @RequestBody CommonRequest commonRequest) {
Long id = commonRequest.getId();
UserInfo userInfo = userInfoService.getById(id);
ThrowUtils.throwIf(userInfo == null, ErrorCode.OPERATION_ERROR, "当前用户不存在");
@ -191,9 +184,8 @@ public class UserInfoController {
* @return 是否删除成功
*/
@PostMapping("delBatch")
@Operation(summary = "web端管理员批量删除用户", description = "参数用户表批量删除请求体权限管理员boss, admin),方法名:delBatchUserInfo")
public BaseResponse<Boolean> delBatchUserInfo(@RequestBody CommonBatchRequest commonBatchRequest) {
ThrowUtils.throwIf(commonBatchRequest == null || commonBatchRequest.getIds() == null || commonBatchRequest.getIds().isEmpty(), ErrorCode.PARAMS_ERROR);
@Operation(summary = "web端管理员批量删除用户", description = "参数用户表批量删除请求体权限管理员boss, admin),方法名:delBatchUserInfo")
public BaseResponse<Boolean> delBatchUserInfo(@Valid @RequestBody CommonBatchRequest commonBatchRequest) {
List<Long> ids = commonBatchRequest.getIds();
userInfoService.removeByIds(ids);
return ResultUtils.success(true);

4
src/main/java/com/greenorange/promotion/exception/GlobalExceptionHandler.java
View File

@ -47,10 +47,11 @@ public class GlobalExceptionHandler {
@ExceptionHandler(HttpMessageNotReadableException.class)
public BaseResponse<?> handleHttpMessageNotReadableException(HttpMessageNotReadableException e) {
log.error("HttpMessageNotReadableException", e);
return ResultUtils.error(ErrorCode.PARAMS_ERROR, e.getMessage());
return ResultUtils.error(ErrorCode.PARAMS_ERROR, "请求体不能为空或格式无效");
}
// 处理业务异常
@ExceptionHandler(BusinessException.class)
public BaseResponse<?> businessExceptionHandler(BusinessException e) {
log.error("BusinessException", e);
@ -58,6 +59,7 @@ public class GlobalExceptionHandler {
}
// 处理运行时异常
@ExceptionHandler(RuntimeException.class)
public BaseResponse<?> runtimeExceptionHandler(RuntimeException e) {
log.error("RuntimeException", e);

6
src/main/java/com/greenorange/promotion/model/dto/user/UserInfoAddRequest.java
View File

@ -42,14 +42,16 @@ public class UserInfoAddRequest implements Serializable {
* 账号
*/
@NotBlank(message = "账号不能为空")
@Schema(description = "账号", example = "qingcheng_account")
@Size(min = 6, max = 10, message = "账号长度在 6 到 10 个字符")
@Schema(description = "账号", example = "qingcheng")
private String userAccount;
/**
* 密码
*/
@NotBlank(message = "密码不能为空")
@Schema(description = "密码", example = "qingcheng_password")
@Size(min = 6, max = 10, message = "密码长度在 6 到 10 个字符")
@Schema(description = "密码", example = "qingcheng")
private String userPassword;
/**

4
src/main/java/com/greenorange/promotion/model/dto/user/UserInfoLoginRequest.java
View File

@ -18,7 +18,7 @@ public class UserInfoLoginRequest implements Serializable {
* 账号
*/
@NotBlank(message = "账号不能为空")
@Size(min = 6, max = 8, message = "账号长度在 6 到 8 个字符")
@Size(min = 6, max = 10, message = "账号长度在 6 到 10 个字符")
@Schema(description = "账号", example = "qingcheng_account")
private String userAccount;
@ -26,7 +26,7 @@ public class UserInfoLoginRequest implements Serializable {
* 密码
*/
@NotBlank(message = "密码不能为空")
@Size(min = 6, max = 8, message = "密码长度在 6 到 8 个字符")
@Size(min = 6, max = 10, message = "密码长度在 6 到 10 个字符")
@Schema(description = "密码", example = "qingcheng_password")
private String userPassword;

3
src/main/java/com/greenorange/promotion/model/dto/user/UserInfoUpdateRequest.java
View File

@ -4,6 +4,7 @@ import io.swagger.v3.oas.annotations.media.Schema;
import jakarta.validation.constraints.Min;
import jakarta.validation.constraints.NotBlank;
import jakarta.validation.constraints.NotNull;
import jakarta.validation.constraints.Size;
import lombok.Data;
import java.io.Serial;
@ -50,6 +51,7 @@ public class UserInfoUpdateRequest implements Serializable {
* 账号
*/
@NotBlank(message = "账号不能为空")
@Size(min = 6, max = 10, message = "账号长度在 6 到 10 个字符")
@Schema(description = "账号", example = "qingcheng_account")
private String userAccount;
@ -57,6 +59,7 @@ public class UserInfoUpdateRequest implements Serializable {
* 密码
*/
@NotBlank(message = "密码不能为空")
@Size(min = 6, max = 10, message = "密码长度在 6 到 10 个字符")
@Schema(description = "密码", example = "qingcheng_password")
private String userPassword;

1
src/main/java/com/greenorange/promotion/service/user/impl/UserInfoServiceImpl.java
View File

@ -57,7 +57,6 @@ public class UserInfoServiceImpl extends ServiceImpl<UserInfoMapper, UserInfo>
*/
@Override
public String userInfoLogin(String userAccount, String userPassword, HttpServletRequest request) {
ThrowUtils.throwIf(userAccount.length() < 6 || userPassword.length() < 6, ErrorCode.PARAMS_ERROR);
LambdaQueryWrapper<UserInfo> lambdaQueryWrapper = new LambdaQueryWrapper<>();
lambdaQueryWrapper.eq(UserInfo::getUserAccount, userAccount).eq(UserInfo::getUserPassword, userPassword);
UserInfo userInfo = this.getOne(lambdaQueryWrapper);