From 5af44150503024e86409fbb30b103faa46d4af10 Mon Sep 17 00:00:00 2001 From: xuxueli <931591021@qq.com> Date: Sun, 24 Aug 2025 00:13:35 +0800 Subject: [PATCH] =?UTF-8?q?=E9=A1=B9=E7=9B=AE=E7=BB=93=E6=9E=84=E9=87=8D?= =?UTF-8?q?=E6=9E=84=EF=BC=8C=E6=8F=90=E5=8D=87=E5=8F=AF=E7=BB=B4=E6=8A=A4?= =?UTF-8?q?=E6=80=A7=E4=B8=8E=E6=98=93=E8=AF=BB=E6=80=A7=EF=BC=9B?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- doc/XXL-JOB官方文档.md | 11 +- doc/db/tables_xxl_job.sql | 97 +++++++------ .../xxl/job/admin/util/LocalCacheUtil.java | 133 ------------------ .../job/admin/util/old/LocalCacheUtil.java | 133 ++++++++++++++++++ 4 files changed, 192 insertions(+), 182 deletions(-) delete mode 100644 xxl-job-admin/src/main/java/com/xxl/job/admin/util/LocalCacheUtil.java create mode 100644 xxl-job-admin/src/main/java/com/xxl/job/admin/util/old/LocalCacheUtil.java diff --git a/doc/XXL-JOB官方文档.md b/doc/XXL-JOB官方文档.md index 6c0af119..1abb23d3 100644 --- a/doc/XXL-JOB官方文档.md +++ b/doc/XXL-JOB官方文档.md @@ -2557,17 +2557,18 @@ public void execute() { - 11、【新增】GLUE模式(Python) 扩展,可选 "GLUE(Python3)" 或 "GLUE(Python2)" 两种模式,分别支持 python3/2 多版本; - 12、【优化】任务Bean扫描规则调整,过滤冗余不必要扫描,避免系统组件提前初始化; - 13、【重构】项目结构重构,提升可维护性与易读性; - -- 14、【ING】登录安全升级,密码加密处理算法从Md5改为Sha256; +- +- 14、【ING】登录认证重构,提升安全性。密码加密算法从Md5改为Sha256;登录态改为登录后动态随机生成;(需要针对用户表进行字段调整;同时需要重新初始化加密密码;相关SQL脚本如下;) ``` // 1、用户表password字段需要调整长度,执行如下命令 -ALTER TABLE xxl_conf_user +ALTER TABLE xxl_job_user MODIFY COLUMN `password` varchar(100) NOT NULL COMMENT '密码加密信息'; +ALTER TABLE xxl_job_user + ADD COLUMN `token` varchar(100) DEFAULT NULL COMMENT '登录token'; // 2、存量用户密码需要修改,可执行如下命令将密码初始化 “123456”;也可以自行通过 “SHA256Tool.sha256” 工具生成其他初始化密码; -UPDATE xxl_conf_user t SET t.password = '8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92' WHERE t.username = {用户名}; +UPDATE xxl_job_user t SET t.password = '8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92' WHERE t.username = {用户名}; ``` -- 2、【规划中】登录认证重构,规范登录态以及权限认证逻辑,提升系统安全;登陆态Token生成逻辑优化,混淆登陆时间属性,降低token泄漏风险; ### 7.41 版本 v3.2.1 Release Notes[规划中] diff --git a/doc/db/tables_xxl_job.sql b/doc/db/tables_xxl_job.sql index f3522f79..36e1ceb9 100644 --- a/doc/db/tables_xxl_job.sql +++ b/doc/db/tables_xxl_job.sql @@ -7,6 +7,34 @@ use `xxl_job`; SET NAMES utf8mb4; +## —————————————————————— job group and registry —————————————————— + +CREATE TABLE `xxl_job_group` +( + `id` int(11) NOT NULL AUTO_INCREMENT, + `app_name` varchar(64) NOT NULL COMMENT '执行器AppName', + `title` varchar(12) NOT NULL COMMENT '执行器名称', + `address_type` tinyint(4) NOT NULL DEFAULT '0' COMMENT '执行器地址类型:0=自动注册、1=手动录入', + `address_list` text COMMENT '执行器地址列表,多地址逗号分隔', + `update_time` datetime DEFAULT NULL, + PRIMARY KEY (`id`) +) ENGINE = InnoDB + DEFAULT CHARSET = utf8mb4; + +CREATE TABLE `xxl_job_registry` +( + `id` int(11) NOT NULL AUTO_INCREMENT, + `registry_group` varchar(50) NOT NULL, + `registry_key` varchar(255) NOT NULL, + `registry_value` varchar(255) NOT NULL, + `update_time` datetime DEFAULT NULL, + PRIMARY KEY (`id`), + UNIQUE KEY `i_g_k_v` (`registry_group`, `registry_key`, `registry_value`) USING BTREE +) ENGINE = InnoDB + DEFAULT CHARSET = utf8mb4; + +## —————————————————————— job info —————————————————— + CREATE TABLE `xxl_job_info` ( `id` int(11) NOT NULL AUTO_INCREMENT, @@ -37,6 +65,21 @@ CREATE TABLE `xxl_job_info` ) ENGINE = InnoDB DEFAULT CHARSET = utf8mb4; +CREATE TABLE `xxl_job_logglue` +( + `id` int(11) NOT NULL AUTO_INCREMENT, + `job_id` int(11) NOT NULL COMMENT '任务,主键ID', + `glue_type` varchar(50) DEFAULT NULL COMMENT 'GLUE类型', + `glue_source` mediumtext COMMENT 'GLUE源代码', + `glue_remark` varchar(128) NOT NULL COMMENT 'GLUE备注', + `add_time` datetime DEFAULT NULL, + `update_time` datetime DEFAULT NULL, + PRIMARY KEY (`id`) +) ENGINE = InnoDB + DEFAULT CHARSET = utf8mb4; + +## —————————————————————— job log and report —————————————————— + CREATE TABLE `xxl_job_log` ( `id` bigint(20) NOT NULL AUTO_INCREMENT, @@ -75,48 +118,23 @@ CREATE TABLE `xxl_job_log_report` ) ENGINE = InnoDB DEFAULT CHARSET = utf8mb4; -CREATE TABLE `xxl_job_logglue` -( - `id` int(11) NOT NULL AUTO_INCREMENT, - `job_id` int(11) NOT NULL COMMENT '任务,主键ID', - `glue_type` varchar(50) DEFAULT NULL COMMENT 'GLUE类型', - `glue_source` mediumtext COMMENT 'GLUE源代码', - `glue_remark` varchar(128) NOT NULL COMMENT 'GLUE备注', - `add_time` datetime DEFAULT NULL, - `update_time` datetime DEFAULT NULL, - PRIMARY KEY (`id`) -) ENGINE = InnoDB - DEFAULT CHARSET = utf8mb4; +## —————————————————————— lock —————————————————— -CREATE TABLE `xxl_job_registry` +CREATE TABLE `xxl_job_lock` ( - `id` int(11) NOT NULL AUTO_INCREMENT, - `registry_group` varchar(50) NOT NULL, - `registry_key` varchar(255) NOT NULL, - `registry_value` varchar(255) NOT NULL, - `update_time` datetime DEFAULT NULL, - PRIMARY KEY (`id`), - UNIQUE KEY `i_g_k_v` (`registry_group`, `registry_key`, `registry_value`) USING BTREE + `lock_name` varchar(50) NOT NULL COMMENT '锁名称', + PRIMARY KEY (`lock_name`) ) ENGINE = InnoDB DEFAULT CHARSET = utf8mb4; -CREATE TABLE `xxl_job_group` -( - `id` int(11) NOT NULL AUTO_INCREMENT, - `app_name` varchar(64) NOT NULL COMMENT '执行器AppName', - `title` varchar(12) NOT NULL COMMENT '执行器名称', - `address_type` tinyint(4) NOT NULL DEFAULT '0' COMMENT '执行器地址类型:0=自动注册、1=手动录入', - `address_list` text COMMENT '执行器地址列表,多地址逗号分隔', - `update_time` datetime DEFAULT NULL, - PRIMARY KEY (`id`) -) ENGINE = InnoDB - DEFAULT CHARSET = utf8mb4; +## —————————————————————— user —————————————————— CREATE TABLE `xxl_job_user` ( `id` int(11) NOT NULL AUTO_INCREMENT, `username` varchar(50) NOT NULL COMMENT '账号', - `password` varchar(50) NOT NULL COMMENT '密码', + `password` varchar(100) NOT NULL COMMENT '密码加密信息', + `token` varchar(100) DEFAULT NULL COMMENT '登录token', `role` tinyint(4) NOT NULL COMMENT '角色:0-普通用户、1-管理员', `permission` varchar(255) DEFAULT NULL COMMENT '权限:执行器ID列表,多个逗号分割', PRIMARY KEY (`id`), @@ -124,15 +142,8 @@ CREATE TABLE `xxl_job_user` ) ENGINE = InnoDB DEFAULT CHARSET = utf8mb4; -CREATE TABLE `xxl_job_lock` -( - `lock_name` varchar(50) NOT NULL COMMENT '锁名称', - PRIMARY KEY (`lock_name`) -) ENGINE = InnoDB - DEFAULT CHARSET = utf8mb4; - -## —————————————————————— init data —————————————————— +## —————————————————————— for default data —————————————————— INSERT INTO `xxl_job_group`(`id`, `app_name`, `title`, `address_type`, `address_list`, `update_time`) VALUES (1, 'xxl-job-executor-sample', '通用执行器Sample', 0, NULL, now()), @@ -162,14 +173,12 @@ VALUES (1, 1, '示例任务01', now(), now(), 'XXL', '', 'CRON', '0 0 0 * * ? *' "baseUrl": "http://localhost/v1", "apiKey": "app-OUVgNUOQRIMokfmuJvBJoUTN" }', 'SERIAL_EXECUTION', 0, 0, 'BEAN', '', 'GLUE代码初始化', - now(), '') - ; + now(), ''); INSERT INTO `xxl_job_user`(`id`, `username`, `password`, `role`, `permission`) -VALUES (1, 'admin', 'e10adc3949ba59abbe56e057f20f883e', 1, NULL); +VALUES (1, 'admin', '8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92', 1, NULL); INSERT INTO `xxl_job_lock` (`lock_name`) VALUES ('schedule_lock'); commit; - diff --git a/xxl-job-admin/src/main/java/com/xxl/job/admin/util/LocalCacheUtil.java b/xxl-job-admin/src/main/java/com/xxl/job/admin/util/LocalCacheUtil.java deleted file mode 100644 index cdf0d7da..00000000 --- a/xxl-job-admin/src/main/java/com/xxl/job/admin/util/LocalCacheUtil.java +++ /dev/null @@ -1,133 +0,0 @@ -package com.xxl.job.admin.util; - -import java.util.concurrent.ConcurrentHashMap; -import java.util.concurrent.ConcurrentMap; - -/** - * local cache tool - * - * @author xuxueli 2018-01-22 21:37:34 - */ -public class LocalCacheUtil { - - private static ConcurrentMap cacheRepository = new ConcurrentHashMap(); // 类型建议用抽象父类,兼容性更好; - private static class LocalCacheData{ - private String key; - private Object val; - private long timeoutTime; - - public LocalCacheData() { - } - - public LocalCacheData(String key, Object val, long timeoutTime) { - this.key = key; - this.val = val; - this.timeoutTime = timeoutTime; - } - - public String getKey() { - return key; - } - - public void setKey(String key) { - this.key = key; - } - - public Object getVal() { - return val; - } - - public void setVal(Object val) { - this.val = val; - } - - public long getTimeoutTime() { - return timeoutTime; - } - - public void setTimeoutTime(long timeoutTime) { - this.timeoutTime = timeoutTime; - } - } - - - /** - * set cache - * - * @param key - * @param val - * @param cacheTime - * @return - */ - public static boolean set(String key, Object val, long cacheTime){ - - // clean timeout cache, before set new cache (avoid cache too much) - cleanTimeoutCache(); - - // set new cache - if (key==null || key.trim().length()==0) { - return false; - } - if (val == null) { - remove(key); - } - if (cacheTime <= 0) { - remove(key); - } - long timeoutTime = System.currentTimeMillis() + cacheTime; - LocalCacheData localCacheData = new LocalCacheData(key, val, timeoutTime); - cacheRepository.put(localCacheData.getKey(), localCacheData); - return true; - } - - /** - * remove cache - * - * @param key - * @return - */ - public static boolean remove(String key){ - if (key==null || key.trim().length()==0) { - return false; - } - cacheRepository.remove(key); - return true; - } - - /** - * get cache - * - * @param key - * @return - */ - public static Object get(String key){ - if (key==null || key.trim().length()==0) { - return null; - } - LocalCacheData localCacheData = cacheRepository.get(key); - if (localCacheData!=null && System.currentTimeMillis()=localCacheData.getTimeoutTime()) { - cacheRepository.remove(key); - } - } - } - return true; - } - -} diff --git a/xxl-job-admin/src/main/java/com/xxl/job/admin/util/old/LocalCacheUtil.java b/xxl-job-admin/src/main/java/com/xxl/job/admin/util/old/LocalCacheUtil.java new file mode 100644 index 00000000..8026ad39 --- /dev/null +++ b/xxl-job-admin/src/main/java/com/xxl/job/admin/util/old/LocalCacheUtil.java @@ -0,0 +1,133 @@ +//package com.xxl.job.admin.util; +// +//import java.util.concurrent.ConcurrentHashMap; +//import java.util.concurrent.ConcurrentMap; +// +///** +// * local cache tool +// * +// * @author xuxueli 2018-01-22 21:37:34 +// */ +//public class LocalCacheUtil { +// +// private static ConcurrentMap cacheRepository = new ConcurrentHashMap(); // 类型建议用抽象父类,兼容性更好; +// private static class LocalCacheData{ +// private String key; +// private Object val; +// private long timeoutTime; +// +// public LocalCacheData() { +// } +// +// public LocalCacheData(String key, Object val, long timeoutTime) { +// this.key = key; +// this.val = val; +// this.timeoutTime = timeoutTime; +// } +// +// public String getKey() { +// return key; +// } +// +// public void setKey(String key) { +// this.key = key; +// } +// +// public Object getVal() { +// return val; +// } +// +// public void setVal(Object val) { +// this.val = val; +// } +// +// public long getTimeoutTime() { +// return timeoutTime; +// } +// +// public void setTimeoutTime(long timeoutTime) { +// this.timeoutTime = timeoutTime; +// } +// } +// +// +// /** +// * set cache +// * +// * @param key +// * @param val +// * @param cacheTime +// * @return +// */ +// public static boolean set(String key, Object val, long cacheTime){ +// +// // clean timeout cache, before set new cache (avoid cache too much) +// cleanTimeoutCache(); +// +// // set new cache +// if (key==null || key.trim().length()==0) { +// return false; +// } +// if (val == null) { +// remove(key); +// } +// if (cacheTime <= 0) { +// remove(key); +// } +// long timeoutTime = System.currentTimeMillis() + cacheTime; +// LocalCacheData localCacheData = new LocalCacheData(key, val, timeoutTime); +// cacheRepository.put(localCacheData.getKey(), localCacheData); +// return true; +// } +// +// /** +// * remove cache +// * +// * @param key +// * @return +// */ +// public static boolean remove(String key){ +// if (key==null || key.trim().length()==0) { +// return false; +// } +// cacheRepository.remove(key); +// return true; +// } +// +// /** +// * get cache +// * +// * @param key +// * @return +// */ +// public static Object get(String key){ +// if (key==null || key.trim().length()==0) { +// return null; +// } +// LocalCacheData localCacheData = cacheRepository.get(key); +// if (localCacheData!=null && System.currentTimeMillis()=localCacheData.getTimeoutTime()) { +// cacheRepository.remove(key); +// } +// } +// } +// return true; +// } +// +//}