update: 同步 RuoYi-Vue-Plus（v4.7.0） 更新

Author: KonBAI-Q

.github/FUNDING.yml

@@ -14,7 +14,7 @@
 
     <properties>
         <ruoyi-flowable-plus.version>0.8.3</ruoyi-flowable-plus.version>
-        <spring-boot.version>2.7.9</spring-boot.version>
+        <spring-boot.version>2.7.11</spring-boot.version>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
         <java.version>1.8</java.version>
@@ -27,17 +27,19 @@
         <satoken.version>1.34.0</satoken.version>
         <mybatis-plus.version>3.5.3.1</mybatis-plus.version>
         <p6spy.version>3.9.1</p6spy.version>
-        <hutool.version>5.8.15</hutool.version>
+        <hutool.version>5.8.18</hutool.version>
         <okhttp.version>4.10.0</okhttp.version>
         <spring-boot-admin.version>2.7.10</spring-boot-admin.version>
-        <redisson.version>3.20.0</redisson.version>
+        <redisson.version>3.20.1</redisson.version>
         <lock4j.version>2.2.3</lock4j.version>
         <dynamic-ds.version>3.5.2</dynamic-ds.version>
         <alibaba-ttl.version>2.14.2</alibaba-ttl.version>
-        <xxl-job.version>2.3.1</xxl-job.version>
+        <xxl-job.version>2.4.0</xxl-job.version>
         <lombok.version>1.18.26</lombok.version>
         <bouncycastle.version>1.72</bouncycastle.version>
         <flowable.version>6.8.0</flowable.version>
+        <!-- 离线IP地址定位库 -->
+        <ip2region.version>2.7.0</ip2region.version>
 
         <!-- 临时修复 snakeyaml 漏洞 -->
         <snakeyaml.version>1.33</snakeyaml.version>
@@ -259,6 +261,13 @@
                 <version>${alibaba-ttl.version}</version>
             </dependency>
 
+            <!-- 离线IP地址定位库 ip2region -->
+            <dependency>
+                <groupId>org.lionsoul</groupId>
+                <artifactId>ip2region</artifactId>
+                <version>${ip2region.version}</version>
+            </dependency>
+
             <!-- 临时修复 snakeyaml 漏洞 -->
             <dependency>
                 <groupId>org.yaml</groupId>

pom.xml

@@ -10,10 +10,12 @@
 import com.ruoyi.common.core.domain.R;
 import com.ruoyi.common.enums.CaptchaType;
 import com.ruoyi.common.utils.StringUtils;
+import com.ruoyi.common.utils.email.MailUtils;
 import com.ruoyi.common.utils.redis.RedisUtils;
 import com.ruoyi.common.utils.reflect.ReflectUtils;
 import com.ruoyi.common.utils.spring.SpringUtils;
 import com.ruoyi.framework.config.properties.CaptchaProperties;
+import com.ruoyi.framework.config.properties.MailProperties;
 import com.ruoyi.sms.config.properties.SmsProperties;
 import com.ruoyi.sms.core.SmsTemplate;
 import com.ruoyi.sms.entity.SmsResult;
@@ -47,15 +49,15 @@ public class CaptchaController {
     private final CaptchaProperties captchaProperties;
     private final SmsProperties smsProperties;
     private final ISysConfigService configService;
+    private final MailProperties mailProperties;
 
     /**
      * 短信验证码
      *
      * @param phonenumber 用户手机号
      */
     @GetMapping("/captchaSms")
-    public R<Void> smsCaptcha(@NotBlank(message = "{user.phonenumber.not.blank}")
-                              String phonenumber) {
+    public R<Void> smsCaptcha(@NotBlank(message = "{user.phonenumber.not.blank}") String phonenumber) {
         if (!smsProperties.getEnabled()) {
             return R.fail("当前系统没有开启短信功能！");
         }
@@ -75,6 +77,28 @@ public R<Void> smsCaptcha(@NotBlank(message = "{user.phonenumber.not.blank}")
         return R.ok();
     }
 
+    /**
+     * 邮箱验证码
+     *
+     * @param email 邮箱
+     */
+    @GetMapping("/captchaEmail")
+    public R<Void> emailCode(@NotBlank(message = "{user.email.not.blank}") String email) {
+        if (!mailProperties.getEnabled()) {
+            return R.fail("当前系统没有开启邮箱功能！");
+        }
+        String key = CacheConstants.CAPTCHA_CODE_KEY + email;
+        String code = RandomUtil.randomNumbers(4);
+        RedisUtils.setCacheObject(key, code, Duration.ofMinutes(Constants.CAPTCHA_EXPIRATION));
+        try {
+            MailUtils.sendText(email, "登录验证码", "您本次验证码为：" + code + "，有效性为" + Constants.CAPTCHA_EXPIRATION + "分钟，请尽快填写。");
+        } catch (Exception e) {
+            log.error("验证码短信发送异常 => {}", e.getMessage());
+            return R.fail(e.getMessage());
+        }
+        return R.ok();
+    }
+
     /**
      * 生成验证码
      */

ruoyi-admin/src/main/java/com/ruoyi/web/controller/common/CaptchaController.java

@@ -33,7 +33,6 @@ public class CacheController {
     private final static List<SysCache> CACHES = new ArrayList<>();
 
     static {
-        CACHES.add(new SysCache(CacheConstants.LOGIN_TOKEN_KEY, "用户信息"));
         CACHES.add(new SysCache(CacheConstants.ONLINE_TOKEN_KEY, "在线用户"));
         CACHES.add(new SysCache(CacheNames.SYS_CONFIG, "配置信息"));
         CACHES.add(new SysCache(CacheNames.SYS_DICT, "数据字典"));

ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/CacheController.java

@@ -45,7 +45,7 @@ public TableDataInfo<SysUserOnline> list(String ipaddr, String userName) {
         List<String> keys = StpUtil.searchTokenValue("", 0, -1, false);
         List<UserOnlineDTO> userOnlineDTOList = new ArrayList<>();
         for (String key : keys) {
-            String token = key.replace(CacheConstants.LOGIN_TOKEN_KEY, "");
+            String token = StringUtils.substringAfterLast(key, ":");
             // 如果已经过期则跳过
             if (StpUtil.stpLogic.getTokenActivityTimeoutByToken(token) < -1) {
                 continue;

ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/SysUserOnlineController.java

@@ -5,6 +5,7 @@
 import com.ruoyi.common.core.domain.R;
 import com.ruoyi.common.core.domain.entity.SysMenu;
 import com.ruoyi.common.core.domain.entity.SysUser;
+import com.ruoyi.common.core.domain.model.EmailLoginBody;
 import com.ruoyi.common.core.domain.model.LoginBody;
 import com.ruoyi.common.core.domain.model.LoginUser;
 import com.ruoyi.common.core.domain.model.SmsLoginBody;
@@ -57,7 +58,7 @@ public R<Map<String, Object>> login(@Validated @RequestBody LoginBody loginBody)
     }
 
     /**
-     * 短信登录(示例)
+     * 短信登录
      *
      * @param smsLoginBody 登录信息
      * @return 结果
@@ -72,6 +73,21 @@ public R<Map<String, Object>> smsLogin(@Validated @RequestBody SmsLoginBody smsL
         return R.ok(ajax);
     }
 
+    /**
+     * 邮件登录
+     *
+     * @param body 登录信息
+     * @return 结果
+     */
+    @PostMapping("/emailLogin")
+    public R<Map<String, Object>> emailLogin(@Validated @RequestBody EmailLoginBody body) {
+        Map<String, Object> ajax = new HashMap<>();
+        // 生成令牌
+        String token = loginService.emailLogin(body.getEmail(), body.getEmailCode());
+        ajax.put(Constants.TOKEN, token);
+        return R.ok(ajax);
+    }
+
     /**
      * 小程序登录(示例)
      *

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java

@@ -2,22 +2,14 @@
 
 
 import cn.dev33.satoken.annotation.SaCheckPermission;
-import cn.hutool.core.convert.Convert;
 import cn.hutool.core.util.ObjectUtil;
-import cn.hutool.http.HttpException;
-import cn.hutool.http.HttpUtil;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.core.controller.BaseController;
 import com.ruoyi.common.core.domain.PageQuery;
 import com.ruoyi.common.core.domain.R;
 import com.ruoyi.common.core.page.TableDataInfo;
 import com.ruoyi.common.core.validate.QueryGroup;
 import com.ruoyi.common.enums.BusinessType;
-import com.ruoyi.common.exception.ServiceException;
-import com.ruoyi.common.utils.file.FileUtils;
-import com.ruoyi.oss.core.OssClient;
-import com.ruoyi.oss.factory.OssFactory;
-import com.ruoyi.system.domain.SysOss;
 import com.ruoyi.system.domain.bo.SysOssBo;
 import com.ruoyi.system.domain.vo.SysOssVo;
 import com.ruoyi.system.service.ISysOssService;
@@ -80,7 +72,7 @@ public R<List<SysOssVo>> listByIds(@NotEmpty(message = "主键不能为空")
     @PostMapping(value = "/upload", consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
     public R<Map<String, String>> upload(@RequestPart("file") MultipartFile file) {
         if (ObjectUtil.isNull(file)) {
-            throw new ServiceException("上传文件不能为空");
+            return R.fail("上传文件不能为空");
         }
         SysOssVo oss = iSysOssService.upload(file);
         Map<String, String> map = new HashMap<>(2);

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysOssController.java

@@ -1,22 +1,15 @@
 package com.ruoyi.web.controller.system;
 
 import cn.dev33.satoken.annotation.SaCheckPermission;
-import cn.dev33.satoken.exception.NotLoginException;
-import cn.dev33.satoken.stp.StpUtil;
-import cn.hutool.core.collection.CollUtil;
 import com.ruoyi.common.annotation.Log;
-import com.ruoyi.common.constant.CacheConstants;
-import com.ruoyi.common.constant.UserConstants;
 import com.ruoyi.common.core.controller.BaseController;
 import com.ruoyi.common.core.domain.PageQuery;
 import com.ruoyi.common.core.domain.R;
 import com.ruoyi.common.core.domain.entity.SysDept;
 import com.ruoyi.common.core.domain.entity.SysRole;
 import com.ruoyi.common.core.domain.entity.SysUser;
-import com.ruoyi.common.core.domain.model.LoginUser;
 import com.ruoyi.common.core.page.TableDataInfo;
 import com.ruoyi.common.enums.BusinessType;
-import com.ruoyi.common.helper.LoginHelper;
 import com.ruoyi.common.utils.poi.ExcelUtil;
 import com.ruoyi.system.domain.SysUserRole;
 import com.ruoyi.system.service.ISysDeptService;
@@ -112,25 +105,7 @@ public R<Void> edit(@Validated @RequestBody SysRole role) {
         }
 
         if (roleService.updateRole(role) > 0) {
-            List<String> keys = StpUtil.searchTokenValue("", 0, -1, false);
-            if (CollUtil.isEmpty(keys)) {
-                return R.ok();
-            }
-            // 角色关联的在线用户量过大会导致redis阻塞卡顿 谨慎操作
-            keys.parallelStream().forEach(key -> {
-                String token = key.replace(CacheConstants.LOGIN_TOKEN_KEY, "");
-                // 如果已经过期则跳过
-                if (StpUtil.stpLogic.getTokenActivityTimeoutByToken(token) < -1) {
-                    return;
-                }
-                LoginUser loginUser = LoginHelper.getLoginUser(token);
-                if (loginUser.getRoles().stream().anyMatch(r -> r.getRoleId().equals(role.getRoleId()))) {
-                    try {
-                        StpUtil.logoutByTokenValue(token);
-                    } catch (NotLoginException ignored) {
-                    }
-                }
-            });
+            roleService.cleanOnlineUserByRole(role.getRoleId());
             return R.ok();
         }
         return R.fail("修改角色'" + role.getRoleName() + "'失败，请联系管理员");

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRoleController.java

@@ -51,7 +51,7 @@ logging:
   level:
     com.ruoyi: @logging.level@
     org.springframework: warn
-  config: classpath:logback.xml
+  config: classpath:logback-plus.xml
 
 # 用户配置
 user:

ruoyi-admin/src/main/resources/application.yml

@@ -18,6 +18,7 @@ user.password.not.blank=用户密码不能为空
 user.password.length.valid=用户密码长度必须在{min}到{max}个字符之间
 user.password.not.valid=* 5-50个字符
 user.email.not.valid=邮箱格式错误
+user.email.not.blank=邮箱不能为空
 user.phonenumber.not.blank=用户手机号不能为空
 user.mobile.phone.number.not.valid=手机号格式错误
 user.login.success=登录成功
@@ -42,4 +43,7 @@ rate.limiter.message=访问过于频繁，请稍候再试
 sms.code.not.blank=短信验证码不能为空
 sms.code.retry.limit.count=短信验证码输入错误{0}次
 sms.code.retry.limit.exceed=短信验证码输入错误{0}次，帐户锁定{1}分钟
+email.code.not.blank=邮箱验证码不能为空
+email.code.retry.limit.count=邮箱验证码输入错误{0}次
+email.code.retry.limit.exceed=邮箱验证码输入错误{0}次，帐户锁定{1}分钟
 xcx.code.not.blank=小程序code不能为空