From f5e716f51850b1f81d3a4e3d6a942d9f1361c747 Mon Sep 17 00:00:00 2001
From: Parker <meet.parker@foxmail.com>
Date: Tue, 9 Aug 2022 16:00:39 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20=E4=BF=AE=E5=A4=8D=E8=8B=A5=E5=B9=B2BUG?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

1. 修复登陆后无法记录IP问题
2. 优化白名单URL
3. 去除登陆校验密码安全度选项
---
 .../core/autoconfigure/conf/SecurityConfig.java    |  9 ---------
 .../modulars/system/login/dto/LoginModel.java      |  2 +-
 .../system/logs/factory/UserLoginLogFactory.java   |  3 ++-
 .../security/properties/AuthProperties.java        |  3 ---
 opsli-starter/src/main/resources/application.yaml  | 14 +++++++-------
 5 files changed, 10 insertions(+), 21 deletions(-)

diff --git a/opsli-base-support/opsli-core/src/main/java/org/opsli/core/autoconfigure/conf/SecurityConfig.java b/opsli-base-support/opsli-core/src/main/java/org/opsli/core/autoconfigure/conf/SecurityConfig.java
index 1dc15a2b..7351a134 100644
--- a/opsli-base-support/opsli-core/src/main/java/org/opsli/core/autoconfigure/conf/SecurityConfig.java
+++ b/opsli-base-support/opsli-core/src/main/java/org/opsli/core/autoconfigure/conf/SecurityConfig.java
@@ -82,15 +82,6 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
      * @param http http
      */
     private void initAuthorizeRequests(HttpSecurity http) throws Exception {
-        // 设置URL 未登陆前可访问URL
-        List<String> anonymousList = authProperties.getUrlExclusion().getAnonymous();
-        if(null != anonymousList){
-            String[] urlExclusionArray = anonymousList.toArray(new String[0]);
-            http.authorizeRequests()
-                    // URL 未登陆前可访问
-                    .antMatchers(urlExclusionArray).anonymous();
-        }
-
         // 设置URL白名单
         List<String> permitAll = authProperties.getUrlExclusion().getPermitAll();
         if(null != permitAll){
diff --git a/opsli-modulars/opsli-modulars-system/src/main/java/org/opsli/modulars/system/login/dto/LoginModel.java b/opsli-modulars/opsli-modulars-system/src/main/java/org/opsli/modulars/system/login/dto/LoginModel.java
index 41b8919f..4763c8fd 100644
--- a/opsli-modulars/opsli-modulars-system/src/main/java/org/opsli/modulars/system/login/dto/LoginModel.java
+++ b/opsli-modulars/opsli-modulars-system/src/main/java/org/opsli/modulars/system/login/dto/LoginModel.java
@@ -35,7 +35,7 @@ public class LoginModel {
     private String principal;
 
     /** 密码 */
-    @Validator({ValidatorType.IS_NOT_NULL, ValidatorType.IS_SECURITY_PASSWORD})
+    @Validator({ValidatorType.IS_NOT_NULL})
     @ValidatorLenMin(6)
     private String password;
 
diff --git a/opsli-modulars/opsli-modulars-system/src/main/java/org/opsli/modulars/system/logs/factory/UserLoginLogFactory.java b/opsli-modulars/opsli-modulars-system/src/main/java/org/opsli/modulars/system/logs/factory/UserLoginLogFactory.java
index a99d7955..3b531cdb 100644
--- a/opsli-modulars/opsli-modulars-system/src/main/java/org/opsli/modulars/system/logs/factory/UserLoginLogFactory.java
+++ b/opsli-modulars/opsli-modulars-system/src/main/java/org/opsli/modulars/system/logs/factory/UserLoginLogFactory.java
@@ -5,6 +5,7 @@ import org.opsli.api.wrapper.system.logs.LoginLogsModel;
 import org.opsli.api.wrapper.system.user.UserModel;
 import org.opsli.api.wrapper.system.user.UserOrgRefModel;
 import org.opsli.common.enums.DictType;
+import org.opsli.common.utils.IPUtil;
 import org.opsli.core.utils.UserUtil;
 import org.springframework.util.ObjectUtils;
 
@@ -27,7 +28,7 @@ public final class UserLoginLogFactory {
 		loginInfo.setUsername(user.getUsername());
 		loginInfo.setRealName(user.getRealName());
 		// *** 需要确保 user对象的ip信息是有值的
-		loginInfo.setRemoteAddr(user.getLoginIp());
+		loginInfo.setRemoteAddr(IPUtil.getClientAddressBySingle(request));
 		String header = request.getHeader("User-Agent");
 		loginInfo.setUserAgent(header);
 
diff --git a/opsli-plugins/opsli-plugins-security/src/main/java/org/opsli/plugins/security/properties/AuthProperties.java b/opsli-plugins/opsli-plugins-security/src/main/java/org/opsli/plugins/security/properties/AuthProperties.java
index 8e91c938..44cc0e69 100644
--- a/opsli-plugins/opsli-plugins-security/src/main/java/org/opsli/plugins/security/properties/AuthProperties.java
+++ b/opsli-plugins/opsli-plugins-security/src/main/java/org/opsli/plugins/security/properties/AuthProperties.java
@@ -45,9 +45,6 @@ public class AuthProperties {
     @Data
     public static class UrlExclusion {
 
-        /** 未登陆状态下可以访问 */
-        private List<String> anonymous;
-
         /** 无限制 */
         private List<String> permitAll;
 
diff --git a/opsli-starter/src/main/resources/application.yaml b/opsli-starter/src/main/resources/application.yaml
index 4e1234f3..098d489a 100644
--- a/opsli-starter/src/main/resources/application.yaml
+++ b/opsli-starter/src/main/resources/application.yaml
@@ -165,13 +165,6 @@ opsli:
     # 排除过滤URL
     url-exclusion:
       permit-all:
-        - "/captcha"
-        - "/system/slipCount"
-        - "/system/login"
-        - "/system/login-by-code"
-        - "/api/*/common/public-key"
-        - "/api/*/common/email/create-code"
-        - "/api/*/common/mobile/create-code"
         - "/swagger-ui.html"
         - "/doc.html"
         - "/swagger-resources/**"
@@ -180,6 +173,13 @@ opsli:
         - "/swagger/**"
         - "/v2/api-docs"
         - "/druid/**"
+        - "/captcha"
+        - "/system/slipCount"
+        - "/system/login"
+        - "/system/login-by-code"
+        - "/api/*/common/public-key"
+        - "/api/*/common/email/create-code"
+        - "/api/*/common/mobile/create-code"
 
     # 超级管理员账号
     super-admin: system