[Fix][admin] Fix token invalid exception (#3091)

Co-authored-by: Zzm0809 <[email protected]>

.github/workflows/pr-reviewer-assign.yml

@@ -22,14 +22,4 @@ jobs:
           token: ${{ secrets.GITHUB_TOKEN }}
           pr-emoji: '+1, rocket'
           reviewers: 'zackyoungh,gaoyan1998,Zzm0809,aiwenmo'
-          review-creator: false
-
-
-      - name: Add project
-        if: "github.event_name == 'pull_request_target'"
-        uses: alex-page/[email protected]
-        with:
-          project: Dinky Roadmap
-          column: RoadMap
-          repo-token: ${{ secrets.GITHUB_TOKEN }}
-          action: add
+          review-creator: false

dinky-admin/src/main/java/org/dinky/data/result/Result.java

@@ -203,6 +203,10 @@ public static <T> Result<T> authorizeFailed(Status status) {
         return of(null, CodeEnum.AUTHORIZE_ERROR.getCode(), status.getMessage());
     }
 
+    public static <T> Result<T> authorizeFailed(Status status, Object... args) {
+        return of(null, CodeEnum.AUTHORIZE_ERROR.getCode(), MessageFormat.format(status.getMessage(), args));
+    }
+
     public static <T> Result<T> authorizeFailed(String msg) {
         return of(null, CodeEnum.AUTHORIZE_ERROR.getCode(), msg);
     }

dinky-admin/src/main/java/org/dinky/interceptor/TenantInterceptor.java

@@ -39,11 +39,14 @@
 import org.springframework.web.servlet.AsyncHandlerInterceptor;
 
 import cn.dev33.satoken.SaManager;
+import cn.dev33.satoken.dao.SaTokenDao;
 import cn.dev33.satoken.stp.StpUtil;
 import cn.hutool.core.lang.Opt;
 import lombok.extern.slf4j.Slf4j;
 
-/** tenant interceptor */
+/**
+ * tenant interceptor
+ */
 @Slf4j
 public class TenantInterceptor implements AsyncHandlerInterceptor {
 
@@ -56,13 +59,18 @@ public boolean preHandle(HttpServletRequest request, @NotNull HttpServletRespons
         if (Asserts.isNotNull(cookies)) {
             for (Cookie cookie : cookies) {
                 switch (cookie.getName()) {
-                    case "satoken":
+                    case "token":
                         token = Opt.ofBlankAble(cookie.getValue());
-                        if (SaManager.getSaTokenDao().get("satoken:login:token:" + token.get()) != null) {
+                        SaTokenDao saTokenDao = SaManager.getSaTokenDao();
+                        String keyTokenValue = StpUtil.getStpLogic().splicingKeyTokenValue(token.get());
+                        if (saTokenDao.get(keyTokenValue) != null) {
                             isPass = true;
                         }
                         break;
                     case "tenantId":
+                        if (!StpUtil.isLogin()) {
+                            return false;
+                        }
                         UserDTO userInfo = UserInfoContextHolder.get(StpUtil.getLoginIdAsInt());
                         if (Asserts.isNull(userInfo)) {
                             StpUtil.logout(StpUtil.getLoginIdAsInt());

dinky-admin/src/main/java/org/dinky/service/impl/LdapServiceImpl.java

@@ -73,7 +73,7 @@ public User authenticate(LoginDTO loginDTO) throws AuthException {
         if (result.size() == 0) {
             log.info(String.format(
                     "No results found for search, base: '%s'; filter: '%s'", configuration.getLdapBaseDn(), filter));
-            throw new AuthException(Status.USER_NOT_EXIST);
+            throw new AuthException(Status.USER_NOT_EXIST, loginDTO.getUsername());
         } else if (result.size() > 1) {
             log.error(String.format(
                     "IncorrectResultSize, base: '%s'; filter: '%s'", configuration.getLdapBaseDn(), filter));

dinky-admin/src/main/java/org/dinky/service/impl/UserServiceImpl.java

@@ -75,6 +75,7 @@
 import cn.hutool.core.util.RandomUtil;
 import cn.hutool.core.util.StrUtil;
 import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 
 /**
  * UserServiceImpl
@@ -83,6 +84,7 @@
  */
 @Service
 @RequiredArgsConstructor
+@Slf4j
 public class UserServiceImpl extends SuperServiceImpl<UserMapper, User> implements UserService {
 
     private static final String DEFAULT_PASSWORD = "123456";
@@ -141,7 +143,7 @@ public Boolean modifyUser(User user) {
     public Result<Void> modifyPassword(ModifyPasswordDTO modifyPasswordDTO) {
         User user = getById(modifyPasswordDTO.getId());
         if (Asserts.isNull(user)) {
-            return Result.failed(Status.USER_NOT_EXIST);
+            return Result.authorizeFailed(Status.USER_NOT_EXIST, modifyPasswordDTO.getUsername());
         }
         if (!Asserts.isEquals(SaSecureUtil.md5(modifyPasswordDTO.getPassword()), user.getPassword())) {
             return Result.failed(Status.USER_OLD_PASSWORD_INCORRECT);
@@ -180,7 +182,7 @@ public Result<UserDTO> loginUser(LoginDTO loginDTO) {
             user = loginDTO.isLdapLogin() ? ldapLogin(loginDTO) : localLogin(loginDTO);
         } catch (AuthException e) {
             // Handle authentication exceptions and return the corresponding error status
-            return Result.authorizeFailed(e.getStatus() + e.getMessage());
+            return Result.authorizeFailed(Status.USER_NOT_EXIST, loginDTO.getUsername());
         }
 
         // Check if the user is enabled
@@ -247,7 +249,7 @@ private User localLogin(LoginDTO loginDTO) throws AuthException {
         User user = getUserByUsername(loginDTO.getUsername());
         if (Asserts.isNull(user)) {
             // User doesn't exist
-            throw new AuthException(Status.USER_NOT_EXIST);
+            throw new AuthException(Status.USER_NOT_EXIST, loginDTO.getUsername());
         }
 
         String userPassword = user.getPassword();
@@ -464,8 +466,14 @@ public List<User> getUserListByTenantId(int id) {
                 userTenantService.list(new LambdaQueryWrapper<UserTenant>().eq(UserTenant::getTenantId, id));
         userTenants.forEach(userTenant -> {
             User user = getById(userTenant.getUserId());
-            user.setTenantAdminFlag(userTenant.getTenantAdminFlag());
-            userList.add(user);
+            if (!Asserts.isNull(user)) {
+                user.setTenantAdminFlag(userTenant.getTenantAdminFlag());
+                userList.add(user);
+            } else {
+                log.error(
+                        "Unable to obtain user information, the user may have been deleted, please contact the administrator to verify, userId:[{}]",
+                        userTenant.getUserId());
+            }
         });
         return userList;
     }

dinky-admin/src/main/resources/application-pgsql.yml

@@ -17,7 +17,8 @@
 
 spring:
   datasource:
-    username: postgres
-    password: dinky
+    username: ${POSTGRES_USER:dinky}
+    password: ${POSTGRES_PASSWORD:dinky}
     driver-class-name: org.postgresql.Driver
-    url: jdbc:postgresql://localhost:5432/dinky?stringtype=unspecified
+    # The POSTGRES_ADDR variable is not officially provided. If you use docker, please manually add an env to support it.
+    url: jdbc:postgresql://${POSTGRES_ADDR:localhost:5432}/${POSTGRES_DB:dinky}?stringtype=unspecified

dinky-admin/src/main/resources/application.yml

@@ -44,22 +44,9 @@ spring:
       max-file-size: 524288000
       max-request-size: 524288000
 
-
-  # By default, memory cache metadata information is used,
-  # dinky supports redis cache, if necessary, please change simple to redis, and open the following redis connection configuration
-  # Sub-configuration items can be opened or customized as needed
-  cache:
-    type: simple
-    # If type is configured as redis, this item can be configured as needed, note: Pay attention to the indentation of this configuration item
-    #    redis:
-    #      # Whether to cache empty values, save the default
-    #      cache-null-values: false
-    #      # Cache expiration time, default 24 hours
-    #      time-to-live: 86400
-
-    ########################################################## Redis配置 ##########################################################
-    # If sa-token needs to rely on redis, please open the redis configuration and depend on pom.xml and dinky-admin/pom.xml, and configure redis connection information in application.yml
-    # note: pay attention to the indentation of this configuration item
+########################################################## Redis配置 ##########################################################
+#  If sa-token needs to rely on redis, please open the redis configuration and depend on pom.xml and dinky-admin/pom.xml, and configure redis connection information in application.yml
+#  note: pay attention to the indentation of this configuration item
 #  redis:
 #     host: localhost
 #     port: 6379
@@ -102,21 +89,8 @@ mybatis-plus:
 #################################################################################################################
 ################################################# SMS Config ####################################################
 #################################################################################################################
-#sms:
-#  # Whether to enable SMS
-#  config-type: sql_config
-#  is-print: false
-#  sql:
-#    # The database connection information
-#    url: ${spring.datasource.url}
-#    username: ${spring.datasource.username}
-#    password: ${spring.datasource.password}
-#    driver-class-name: ${spring.datasource.driver-class-name}
-#    table-name: dinky_alert_instance
-#    supplier-field-name: manufacturers
-#    config-name: params
-#    start-name: enabled
-#    is-start: 1
+sms:
+  is-print: false
 
 
 
@@ -147,6 +121,7 @@ sa-token:
   # is read header
   is-read-header: true
   token-name: token
+  is-read-cookie: true
 
 #################################################################################################################
 ################################################# knife4j Config ################################################
@@ -156,8 +131,7 @@ knife4j:
   setting:
     language: en
 
-sms:
-  is-print: false
+
 
 #################################################################################################################
 ################################################# Crypto Config #################################################

dinky-common/src/main/java/org/dinky/data/exception/AuthException.java

@@ -21,6 +21,8 @@
 
 import org.dinky.data.enums.Status;
 
+import java.text.MessageFormat;
+
 import lombok.Data;
 
 /**
@@ -42,4 +44,9 @@ public AuthException(Throwable cause, Status status) {
         super(status.getMessage(), cause);
         this.status = status;
     }
+
+    public AuthException(Status status, Object... args) {
+        super(MessageFormat.format(status.getMessage(), args));
+        this.status = status;
+    }
 }

dinky-common/src/main/resources/i18n/messages_en_US.properties

@@ -34,7 +34,7 @@ test.msg.job.log.url=Click to view the exception log for this task
 user.assign.role.success=User Assign Role Success
 global.params.check.error.value=Field: {0}, Illegal Value: {1}
 change.password.success=Change Password Success
-user.not.exist=User Not Exist
+user.not.exist=User:{0} Not Exist
 refresh.success=Refresh Successfully
 ds.get.node.list.error=Get Node List Error
 ldap.default.tenant.nofound=The LDAP default tenant does not exist

dinky-common/src/main/resources/i18n/messages_zh_CN.properties

@@ -34,7 +34,7 @@ test.msg.job.log.url=点击查看该任务的异常日志
 user.assign.role.success=用户分配角色成功
 global.params.check.error.value=字段: {0}, 不合法的值: {1}
 change.password.success=修改密码成功
-user.not.exist=用户不存在
+user.not.exist=用户:{0} 不存在
 refresh.success=刷新成功
 ds.get.node.list.error=节点获取失败
 ldap.default.tenant.nofound=LDAP默认租户不存在