登录日志、操作日志增加防重放

backend/src/main/java/com/jiayue/ssi/controller/SysOperlogController.java

@@ -5,6 +5,7 @@ import cn.hutool.core.util.NumberUtil;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.jiayue.ssi.annotation.OperateLog;
+import com.jiayue.ssi.annotation.PreventReplay;
 import com.jiayue.ssi.backenum.AuditType;
 import com.jiayue.ssi.backenum.BusinessType;
 import com.jiayue.ssi.constant.CustomException;
@@ -41,6 +42,7 @@ public class SysOperlogController {
      * 获取审计类型
      */
     @GetMapping(value = "/getAuditType")
+    @PreventReplay
     public ResponseVO getAuditType() throws CustomException {
         List<Map> list = new ArrayList<>();
         try {
@@ -64,7 +66,7 @@ public class SysOperlogController {
                 list.add(map2);
             }
         } catch (Exception e) {
-            throw new CustomException("操作日志删除异常", e);
+            throw new CustomException("获取审计类型异常", e);
         }
         return ResponseVO.success(list);
     }
@@ -76,6 +78,7 @@ public class SysOperlogController {
      */
     @GetMapping(value = "/getAll")
     @PreAuthorize("@ss.hasPermi('auditManager:operlog:list')")
+    @PreventReplay
     public ResponseVO getAll(String currentPage, String pageSize, String title, String operName, String auditType,
                              String businessType, String status, String startOperTime, String endOperTime, String sortOrder) throws CustomException {
         try {
@@ -137,7 +140,7 @@ public class SysOperlogController {
                 wrapper.le("oper_time", DateUtils.getDayLastTime(DateUtil.parseDate(endOperTime)));
             }
             if (StringUtils.isNotEmpty(sortOrder)) {
-                String[] orders = sortOrder.split("&");
+                String[] orders = sortOrder.replaceAll("＆","&").split("&");
                 String sortDbField = "";
                 if ("operTime".equals(orders[0])) {
                     sortDbField = "oper_time";
@@ -216,6 +219,7 @@ public class SysOperlogController {
      */
     @GetMapping(value = "/sysOperlogTotal")
     @PreAuthorize("@ss.hasPermi('auditManager:sysOperlogTotal:list')")
+    @PreventReplay
     public ResponseVO sysOperlogTotal(String startLoginTime, String endLoginTime) throws CustomException {
         try {
             QueryWrapper<SysOperLog> wrapper = new QueryWrapper<>();

backend/src/main/java/com/jiayue/ssi/filter/JwtAuthenticationTokenFilter.java

@@ -108,6 +108,8 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
                         }
                     }
                 } catch (Exception e) {
+                    ResponseInfo.doResponse(response, "用户名或密码错误！", 403);
+                    return;
                 }
             }
         }

backend/src/main/resources/mapper/system/SysRoleMapper.xml

@@ -71,7 +71,7 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
         from sys_role r
 	        left join sys_user_role ur on ur.role_id = r.role_id
 	        left join sys_user u on u.id = ur.user_id
-	    where u.id = #{userId}
+	    where u.id = #{userId} and r.del_flag = '0' and ur.del_flag = '0' and u.del_flag = '0'
 	</select>
 
 	<select id="selectRoleById" parameterType="Long" resultMap="SysRoleResult">

ui/src/views/auditManager/logininforTotal/index.vue

@@ -79,7 +79,7 @@ export default {
   },
   methods: {
     /** 查询登录日志列表 */
-    getList:debounce(function(){
+    async getList(){
       if (this.dateRange == null || this.dateRange.length==0) {
         this.$message({
           type: 'warning',
@@ -94,12 +94,22 @@ export default {
         return
       }
 
+      let sysTime
+      let lk
+      await this.$axios.get('/sysPolicyController/getLicenseKey').then((res) => {
+        sysTime = res.data.sysTime
+        lk = res.data.lk
+      }).catch((error) => {
+      })
+
       this.loading = true;
       var searchParams = {
         startLoginTime:this.dateRange[0],
-        endLoginTime:this.dateRange[1]
+        endLoginTime:this.dateRange[1],
+        sysTime: sysTime,
+        lk: lk
       }
-      this.$axios.get('/sysLogininforController/logininforTotal',
+      await this.$axios.get('/sysLogininforController/logininforTotal',
         {params: searchParams}).then((res) => {
         this.list = res.data
         if (res.data == '') {
@@ -110,13 +120,12 @@ export default {
         this.loading = false
       }).catch((error) => {
         this.loading = false;
-        // this.$message.error(error)
       })
-    },1000),
+    },
     /** 搜索按钮操作 */
-    handleQuery() {
+    handleQuery:debounce( function(){
       this.getList();
-    }
+    },1000),
   }
 };
 </script>

ui/src/views/auditManager/operlog/index.vue

@@ -270,14 +270,25 @@ export default {
       }
     };
   },
-  created() {
+  async created() {
+    let sysTime
+    let lk
+    await this.$axios.get('/sysPolicyController/getLicenseKey').then((res) => {
+      sysTime = res.data.sysTime
+      lk = res.data.lk
+    }).catch((error) => {
+    })
+    var searchParams = {
+      sysTime: sysTime,
+      lk: lk
+    }
     // 获取审计类型
-    this.$axios.get('/sysOperlogController/getAuditType').then((res) => {
+    await this.$axios.get('/sysOperlogController/getAuditType',{params: searchParams}).then((res) => {
       this.auditTypeOptions = res.data
     }).catch((error) => {
     })
 
-    this.getList();
+    await this.getList();
   },
   methods: {
     sortChangeEvent({column, property, order}) {
@@ -338,7 +349,15 @@ export default {
       return belongTo
     },
     /** 查询操作日志列表 */
-    getList: debounce(function () {
+    getList: debounce(async function () {
+      let sysTime
+      let lk
+      await this.$axios.get('/sysPolicyController/getLicenseKey').then((res) => {
+        sysTime = res.data.sysTime
+        lk = res.data.lk
+      }).catch((error) => {
+      })
+
       this.loading = true;
       let _startOperTime;
       let _endOperTime;
@@ -359,9 +378,11 @@ export default {
         status: this.queryParams.status,
         startOperTime: _startOperTime,
         endOperTime: _endOperTime,
-        sortOrder: this.sortOrder
+        sortOrder: this.sortOrder,
+        sysTime: sysTime,
+        lk: lk
       }
-      this.$axios.get('/sysOperlogController/getAll',
+      await this.$axios.get('/sysOperlogController/getAll',
         {params: searchParams}).then((res) => {
         this.list = res.data.records
         this.total = res.data.total

ui/src/views/auditManager/operlogTotal/index.vue

@@ -80,7 +80,7 @@ export default {
   },
   methods: {
     /** 查询登录日志列表 */
-    getList:debounce(function(){
+    getList:debounce(async function(){
       if (this.dateRange == null || this.dateRange.length==0) {
         this.$message({
           type: 'warning',
@@ -95,12 +95,20 @@ export default {
         return
       }
 
+      let sysTime
+      let lk
+      await this.$axios.get('/sysPolicyController/getLicenseKey').then((res) => {
+        sysTime = res.data.sysTime
+        lk = res.data.lk
+      }).catch((error) => {
+      })
+
       this.loading = true;
       var searchParams = {
         startLoginTime:this.dateRange[0],
         endLoginTime:this.dateRange[1]
       }
-      this.$axios.get('/sysOperlogController/sysOperlogTotal',
+      await this.$axios.get('/sysOperlogController/sysOperlogTotal',
         {params: searchParams}).then((res) => {
         this.list = res.data
         if (res.data == '') {