🎉 4.5.0.RELEASE 新增账号锁定与解锁功能，新增腾讯云对象存储支持

README.md

@@ -1,5 +1,5 @@
  <p align="center">
-      <img src="https://img.shields.io/badge/Release-V4.4.0-green.svg" alt="Downloads">
+      <img src="https://img.shields.io/badge/Release-V4.5.0-green.svg" alt="Downloads">
       <img src="https://img.shields.io/badge/JDK-17+-green.svg" alt="Build Status">
   <img src="https://img.shields.io/badge/license-Apache%202-blue.svg" alt="Build Status">
    <img src="https://img.shields.io/badge/Spring%20Cloud-2023-blue.svg" alt="Coverage Status">
@@ -82,18 +82,19 @@ SpringBlade
 ## 官方产品
 
 | 简介              | 演示地址                                                 |
-|---------------|------------------------------------------------------|
+|-----------------|------------------------------------------------------|
 | BladeX企业级开发平台   | [https://saber3.bladex.cn](https://saber3.bladex.cn) |
 | BladeX可视化数据大屏   | [https://data.bladex.cn](https://data.bladex.cn)     |
 | BladeX物联网开发平台   | [https://iot.bladex.cn](https://iot.bladex.cn)       |
+| BladeXAI大模型平台 | [https://aigc.bladex.cn/](https://aigc.bladex.cn/)       |
 
 ## 前端项目
 
 | 简介                 | 地址                                                                           |
-|--------------------|----------------------------------------------------------------------------------------------------|
+|--------------------|------------------------------------------------------------------------------|
+| 前端框架Saber3(基于Vue3) | [https://gitee.com/smallc/Saber3](https://gitee.com/smallc/Saber)            |
+| 前端框架Saber(基于Vue2)  | [https://gitee.com/smallc/Saber2](https://gitee.com/smallc/Saber/tree/vue2/) |
 | 前端框架Sword(基于React) | [https://gitee.com/smallc/Sword](https://gitee.com/smallc/Sword)             |
-| 前端框架Saber(基于Vue2)  | [https://gitee.com/smallc/Saber](https://gitee.com/smallc/Saber)                                   |
-| 前端框架Saber3(基于Vue3) | [https://gitee.com/smallc/Saber3](https://gitee.com/smallc/Saber/tree/3.x/)                        |
 
 ## 后端项目
 | 简介            | 地址                                                                                                 |

blade-auth/pom.xml

@@ -49,6 +49,10 @@
             <groupId>org.springblade</groupId>
             <artifactId>blade-starter-swagger</artifactId>
         </dependency>
+        <dependency>
+            <groupId>com.baomidou</groupId>
+            <artifactId>mybatis-plus-spring-boot-autoconfigure</artifactId>
+        </dependency>
         <!-- Captcha -->
         <dependency>
             <groupId>com.github.whvcse</groupId>

blade-auth/src/main/java/org/springblade/auth/granter/CaptchaTokenGranter.java

@@ -16,6 +16,7 @@
 package org.springblade.auth.granter;
 
 import lombok.AllArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.springblade.auth.enums.BladeUserEnum;
 import org.springblade.auth.utils.TokenUtil;
 import org.springblade.common.cache.CacheNames;
@@ -30,16 +31,20 @@ import org.springframework.stereotype.Component;
 
 import jakarta.servlet.http.HttpServletRequest;
 
+import java.time.Duration;
+
 /**
  * 验证码TokenGranter
  *
  * @author Chill
  */
+@Slf4j
 @Component
 @AllArgsConstructor
 public class CaptchaTokenGranter implements ITokenGranter {
 
 	public static final String GRANT_TYPE = "captcha";
+	public static final Integer FAIL_COUNT = 5;
 
 	private IUserClient userClient;
 	private BladeRedis bladeRedis;
@@ -53,7 +58,7 @@ public class CaptchaTokenGranter implements ITokenGranter {
 		String key = request.getHeader(TokenUtil.CAPTCHA_HEADER_KEY);
 		String code = request.getHeader(TokenUtil.CAPTCHA_HEADER_CODE);
 		// 获取验证码
-		String redisCode = Func.toStr(bladeRedis.get(CacheNames.CAPTCHA_KEY + key));
+		String redisCode = Func.toStr(bladeRedis.getAndDel(CacheNames.CAPTCHA_KEY + key));
 		// 判断验证码
 		if (code == null || !StringUtil.equalsIgnoreCase(redisCode, code)) {
 			throw new ServiceException(TokenUtil.CAPTCHA_NOT_CORRECT);
@@ -62,6 +67,14 @@ public class CaptchaTokenGranter implements ITokenGranter {
 		String tenantId = tokenParameter.getArgs().getStr("tenantId");
 		String account = tokenParameter.getArgs().getStr("account");
 		String password = tokenParameter.getArgs().getStr("password");
+
+		// 判断登录是否锁定
+		int cnt = Func.toInt(bladeRedis.get(CacheNames.tenantKey(tenantId, CacheNames.USER_FAIL_KEY, account)), 0);
+		if (cnt >= FAIL_COUNT) {
+			log.error("用户登录失败次数过多, 账号:{}, IP:{}", account, WebUtil.getIP());
+			throw new ServiceException(TokenUtil.USER_HAS_TOO_MANY_FAILS);
+		}
+
 		UserInfo userInfo = null;
 		if (Func.isNoneBlank(account, password)) {
 			// 获取用户类型
@@ -80,6 +93,14 @@ public class CaptchaTokenGranter implements ITokenGranter {
 			}
 			userInfo = result.isSuccess() ? result.getData() : null;
 		}
+
+		if (userInfo == null || userInfo.getUser() == null) {
+			// 增加错误锁定次数
+			bladeRedis.setEx(CacheNames.tenantKey(tenantId, CacheNames.USER_FAIL_KEY, account), cnt + 1, Duration.ofMinutes(30));
+		} else {
+			// 成功则清除登录缓存
+			bladeRedis.del(CacheNames.tenantKey(tenantId, CacheNames.USER_FAIL_KEY, account));
+		}
 		return userInfo;
 	}
 

blade-auth/src/main/java/org/springblade/auth/granter/PasswordTokenGranter.java

@@ -16,28 +16,38 @@
 package org.springblade.auth.granter;
 
 import lombok.AllArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.springblade.auth.enums.BladeUserEnum;
 import org.springblade.auth.utils.TokenUtil;
+import org.springblade.common.cache.CacheNames;
+import org.springblade.core.log.exception.ServiceException;
+import org.springblade.core.redis.cache.BladeRedis;
 import org.springblade.core.secure.props.BladeAuthProperties;
 import org.springblade.core.tool.api.R;
 import org.springblade.core.tool.utils.DigestUtil;
 import org.springblade.core.tool.utils.Func;
+import org.springblade.core.tool.utils.WebUtil;
 import org.springblade.system.user.entity.UserInfo;
 import org.springblade.system.user.feign.IUserClient;
 import org.springframework.stereotype.Component;
 
+import java.time.Duration;
+
 /**
  * PasswordTokenGranter
  *
  * @author Chill
  */
+@Slf4j
 @Component
 @AllArgsConstructor
 public class PasswordTokenGranter implements ITokenGranter {
 
 	public static final String GRANT_TYPE = "password";
+	public static final Integer FAIL_COUNT = 5;
 
 	private IUserClient userClient;
+	private BladeRedis bladeRedis;
 
 	private BladeAuthProperties authProperties;
 
@@ -46,6 +56,14 @@ public class PasswordTokenGranter implements ITokenGranter {
 		String tenantId = tokenParameter.getArgs().getStr("tenantId");
 		String account = tokenParameter.getArgs().getStr("account");
 		String password = tokenParameter.getArgs().getStr("password");
+
+		// 判断登录是否锁定
+		int cnt = Func.toInt(bladeRedis.get(CacheNames.tenantKey(tenantId, CacheNames.USER_FAIL_KEY, account)), 0);
+		if (cnt >= FAIL_COUNT) {
+			log.error("用户登录失败次数过多, 账号:{}, IP:{}", account, WebUtil.getIP());
+			throw new ServiceException(TokenUtil.USER_HAS_TOO_MANY_FAILS);
+		}
+
 		UserInfo userInfo = null;
 		if (Func.isNoneBlank(account, password)) {
 			// 获取用户类型
@@ -64,6 +82,14 @@ public class PasswordTokenGranter implements ITokenGranter {
 			}
 			userInfo = result.isSuccess() ? result.getData() : null;
 		}
+
+		if (userInfo == null || userInfo.getUser() == null) {
+			// 增加错误锁定次数
+			bladeRedis.setEx(CacheNames.tenantKey(tenantId, CacheNames.USER_FAIL_KEY, account), cnt + 1, Duration.ofMinutes(30));
+		} else {
+			// 成功则清除登录缓存
+			bladeRedis.del(CacheNames.tenantKey(tenantId, CacheNames.USER_FAIL_KEY, account));
+		}
 		return userInfo;
 	}
 

blade-auth/src/main/java/org/springblade/auth/utils/TokenUtil.java

@@ -47,6 +47,7 @@ public class TokenUtil {
 	public final static String HEADER_KEY = "Authorization";
 	public final static String HEADER_PREFIX = "Basic ";
 	public final static String ENCRYPT_PREFIX = "04";
+	public final static String USER_HAS_TOO_MANY_FAILS = "用户登录失败次数过多";
 	public final static String DEFAULT_AVATAR = "https://bladex.cn/images/logo.png";
 
 	/**

blade-common/src/main/java/org/springblade/common/cache/CacheNames.java

@@ -27,6 +27,26 @@ public interface CacheNames {
 	String DICT_VALUE = "dict:value";
 	String DICT_LIST = "dict:list";
 
-	String CAPTCHA_KEY = "blade:auth::captcha:";
+	/**
+	 * 验证码key
+	 */
+	String CAPTCHA_KEY = "blade:auth::blade:captcha:";
+
+	/**
+	 * 登录失败key
+	 */
+	String USER_FAIL_KEY = "blade:user::blade:fail:";
+
+	/**
+	 * 返回租户格式的key
+	 *
+	 * @param tenantId      租户编号
+	 * @param cacheKey      缓存key
+	 * @param cacheKeyValue 缓存key值
+	 * @return tenantKey
+	 */
+	static String tenantKey(String tenantId, String cacheKey, String cacheKeyValue) {
+		return tenantId.concat(":").concat(cacheKey).concat(cacheKeyValue);
+	}
 
 }

blade-gateway/src/main/java/org/springblade/gateway/config/RouterFunctionConfiguration.java

@@ -18,20 +18,13 @@ package org.springblade.gateway.config;
 
 import lombok.AllArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
+import org.springblade.gateway.filter.GatewayFilter;
 import org.springblade.gateway.props.AuthProperties;
+import org.springblade.gateway.props.RequestProperties;
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.http.HttpHeaders;
-import org.springframework.http.HttpMethod;
-import org.springframework.http.HttpStatus;
-import org.springframework.http.server.reactive.ServerHttpRequest;
-import org.springframework.http.server.reactive.ServerHttpResponse;
-import org.springframework.web.cors.reactive.CorsUtils;
-import org.springframework.web.server.ServerWebExchange;
 import org.springframework.web.server.WebFilter;
-import org.springframework.web.server.WebFilterChain;
-import reactor.core.publisher.Mono;
 
 /**
  * 路由配置信息
@@ -41,41 +34,15 @@ import reactor.core.publisher.Mono;
 @Slf4j
 @Configuration(proxyBeanMethods = false)
 @AllArgsConstructor
-@EnableConfigurationProperties({AuthProperties.class})
+@EnableConfigurationProperties({AuthProperties.class, RequestProperties.class})
 public class RouterFunctionConfiguration {
 
 	/**
-	 * 这里为支持的请求头，如果有自定义的header字段请自己添加
+	 * 全局配置
-	 */
-	private static final String ALLOWED_HEADERS = "X-Requested-With, Tenant-Id, Blade-Auth, Content-Type, Authorization, credential, X-XSRF-TOKEN, token, username, client, knfie4j-gateway-request, knife4j-gateway-code, request-origion";
-	private static final String ALLOWED_METHODS = "GET,POST,PUT,DELETE,OPTIONS,HEAD";
-	private static final String ALLOWED_ORIGIN = "*";
-	private static final String ALLOWED_EXPOSE = "*";
-	private static final String MAX_AGE = "18000L";
-
-	/**
-	 * 跨域配置
 	 */
 	@Bean
-	public WebFilter corsFilter() {
+	public WebFilter gatewayFilter(RequestProperties requestProperties) {
-		return (ServerWebExchange ctx, WebFilterChain chain) -> {
+		return new GatewayFilter(requestProperties);
-			ServerHttpRequest request = ctx.getRequest();
-			if (CorsUtils.isCorsRequest(request)) {
-				ServerHttpResponse response = ctx.getResponse();
-				HttpHeaders headers = response.getHeaders();
-				headers.add("Access-Control-Allow-Headers", ALLOWED_HEADERS);
-				headers.add("Access-Control-Allow-Methods", ALLOWED_METHODS);
-				headers.add("Access-Control-Allow-Origin", ALLOWED_ORIGIN);
-				headers.add("Access-Control-Expose-Headers", ALLOWED_EXPOSE);
-				headers.add("Access-Control-Max-Age", MAX_AGE);
-				headers.add("Access-Control-Allow-Credentials", "true");
-				if (request.getMethod() == HttpMethod.OPTIONS) {
-					response.setStatusCode(HttpStatus.OK);
-					return Mono.empty();
-				}
-			}
-			return chain.filter(ctx);
-		};
 	}
 
 }

blade-gateway/src/main/java/org/springblade/gateway/filter/GatewayFilter.java

@@ -0,0 +1,161 @@
+/**
+ * Copyright (c) 2018-2099, Chill Zhuang 庄骞 (bladejava@qq.com).
+ * <p>
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * <p>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p>
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.springblade.gateway.filter;
+
+import lombok.RequiredArgsConstructor;
+import org.springblade.gateway.props.RequestProperties;
+import org.springframework.core.Ordered;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpMethod;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.server.reactive.ServerHttpRequest;
+import org.springframework.http.server.reactive.ServerHttpResponse;
+import org.springframework.lang.NonNull;
+import org.springframework.util.AntPathMatcher;
+import org.springframework.util.PatternMatchUtils;
+import org.springframework.web.cors.reactive.CorsUtils;
+import org.springframework.web.server.ServerWebExchange;
+import org.springframework.web.server.WebFilter;
+import org.springframework.web.server.WebFilterChain;
+import reactor.core.publisher.Mono;
+
+import java.util.List;
+import java.util.Objects;
+
+/**
+ * 全局拦截器
+ *
+ * @author Chill
+ */
+@RequiredArgsConstructor
+public class GatewayFilter implements WebFilter, Ordered {
+
+	/**
+	 * 请求配置
+	 */
+	private final RequestProperties requestProperties;
+	/**
+	 * 路径匹配
+	 */
+	private final AntPathMatcher antPathMatcher = new AntPathMatcher();
+
+	/**
+	 * 默认拦截地址
+	 */
+	private final List<String> defaultBlockUrl = List.of("/**/actuator/**", "/health/**");
+	/**
+	 * 默认白名单
+	 */
+	private final List<String> defaultWhiteList = List.of("127.0.0.1", "172.30.*.*", "192.168.*.*", "10.*.*.*", "0:0:0:0:0:0:0:1");
+	/**
+	 * 默认提示信息
+	 */
+	private final static String DEFAULT_MESSAGE = "当前请求被拒绝，请联系管理员！";
+
+	/**
+	 * 这里为支持的请求头，如果有自定义的header字段请自己添加
+	 */
+	private static final String ALLOWED_HEADERS = "X-Requested-With, Tenant-Id, Blade-Auth, Content-Type, Authorization, credential, X-XSRF-TOKEN, token, username, client, knfie4j-gateway-request, knife4j-gateway-code, request-origion";
+	private static final String ALLOWED_METHODS = "GET,POST,PUT,DELETE,OPTIONS,HEAD";
+	private static final String ALLOWED_ORIGIN = "*";
+	private static final String ALLOWED_EXPOSE = "*";
+	private static final String MAX_AGE = "18000L";
+
+
+	@NonNull
+	@Override
+	public Mono<Void> filter(@NonNull ServerWebExchange exchange, @NonNull WebFilterChain chain) {
+		ServerHttpRequest request = exchange.getRequest();
+		// 处理跨域请求
+		if (CorsUtils.isCorsRequest(request)) {
+			ServerHttpResponse response = exchange.getResponse();
+			HttpHeaders headers = response.getHeaders();
+			headers.add("Access-Control-Allow-Headers", ALLOWED_HEADERS);
+			headers.add("Access-Control-Allow-Methods", ALLOWED_METHODS);
+			headers.add("Access-Control-Allow-Origin", ALLOWED_ORIGIN);
+			headers.add("Access-Control-Expose-Headers", ALLOWED_EXPOSE);
+			headers.add("Access-Control-Max-Age", MAX_AGE);
+			headers.add("Access-Control-Allow-Credentials", "true");
+			if (request.getMethod() == HttpMethod.OPTIONS) {
+				response.setStatusCode(HttpStatus.OK);
+				return Mono.empty();
+			}
+		}
+		// 处理黑白名单与拦截请求
+		if (requestProperties.getEnabled()) {
+			String path = request.getPath().value();
+			String ip = Objects.requireNonNull(request.getRemoteAddress()).getHostString();
+			if (isRequestBlock(path, ip)) {
+				throw new RuntimeException(DEFAULT_MESSAGE);
+			}
+		}
+		return chain.filter(exchange);
+	}
+
+
+	/**
+	 * 是否白名单
+	 *
+	 * @param ip ip地址
+	 * @return boolean
+	 */
+	private boolean isWhiteList(String ip) {
+		List<String> whiteList = requestProperties.getWhiteList();
+		String[] defaultWhiteIps = defaultWhiteList.toArray(new String[0]);
+		String[] whiteIps = whiteList.toArray(new String[0]);
+		return PatternMatchUtils.simpleMatch(defaultWhiteIps, ip) || PatternMatchUtils.simpleMatch(whiteIps, ip);
+	}
+
+	/**
+	 * 是否黑名单
+	 *
+	 * @param ip ip地址
+	 * @return boolean
+	 */
+	private boolean isBlackList(String ip) {
+		List<String> blackList = requestProperties.getBlackList();
+		String[] blackIps = blackList.toArray(new String[0]);
+		return PatternMatchUtils.simpleMatch(blackIps, ip);
+	}
+
+	/**
+	 * 是否禁用请求访问
+	 *
+	 * @param path 请求路径
+	 * @return boolean
+	 */
+	private boolean isRequestBlock(String path) {
+		List<String> blockUrl = requestProperties.getBlockUrl();
+		return defaultBlockUrl.stream().anyMatch(pattern -> antPathMatcher.match(pattern, path)) ||
+			blockUrl.stream().anyMatch(pattern -> antPathMatcher.match(pattern, path));
+	}
+
+	/**
+	 * 是否拦截请求
+	 *
+	 * @param path 请求路径
+	 * @param ip   ip地址
+	 * @return boolean
+	 */
+	private boolean isRequestBlock(String path, String ip) {
+		return (isRequestBlock(path) && !isWhiteList(ip)) || isBlackList(ip);
+	}
+
+	@Override
+	public int getOrder() {
+		return Ordered.HIGHEST_PRECEDENCE;
+	}
+}

blade-gateway/src/main/java/org/springblade/gateway/props/RequestProperties.java

@@ -0,0 +1,58 @@
+/**
+ * Copyright (c) 2018-2099, Chill Zhuang 庄骞 (bladejava@qq.com).
+ * <p>
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * <p>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p>
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.springblade.gateway.props;
+
+import lombok.Data;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * Request配置类
+ *
+ * @author Chill
+ */
+@Data
+@ConfigurationProperties("blade.request")
+public class RequestProperties {
+
+	/**
+	 * 开启自定义request
+	 */
+	private Boolean enabled = true;
+
+	/**
+	 * 放行url
+	 */
+	private List<String> skipUrl = new ArrayList<>();
+
+	/**
+	 * 禁用url
+	 */
+	private List<String> blockUrl = new ArrayList<>();
+
+	/**
+	 * 白名单，支持通配符，例如：10.20.0.8*、10.20.0.*
+	 */
+	private List<String> whiteList = new ArrayList<>();
+
+	/**
+	 * 黑名单，支持通配符，例如：10.20.0.8*、10.20.0.*
+	 */
+	private List<String> blackList = new ArrayList<>();
+
+}

blade-service/blade-system/src/main/java/org/springblade/system/controller/UserController.java

@@ -20,6 +20,7 @@ import com.alibaba.excel.EasyExcel;
 import com.alibaba.excel.read.builder.ExcelReaderBuilder;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.core.metadata.IPage;
+import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import com.github.xiaoymin.knife4j.annotations.ApiOperationSupport;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
@@ -30,8 +31,10 @@ import jakarta.servlet.http.HttpServletResponse;
 import jakarta.validation.Valid;
 import lombok.AllArgsConstructor;
 import lombok.SneakyThrows;
+import org.springblade.common.cache.CacheNames;
 import org.springblade.core.mp.support.Condition;
 import org.springblade.core.mp.support.Query;
+import org.springblade.core.redis.cache.BladeRedis;
 import org.springblade.core.secure.BladeUser;
 import org.springblade.core.secure.annotation.PreAuth;
 import org.springblade.core.secure.utils.SecureUtil;
@@ -39,6 +42,7 @@ import org.springblade.core.tool.api.R;
 import org.springblade.core.tool.constant.BladeConstant;
 import org.springblade.core.tool.constant.RoleConstant;
 import org.springblade.core.tool.utils.Func;
+import org.springblade.core.tool.utils.StringUtil;
 import org.springblade.system.user.entity.User;
 import org.springblade.system.excel.UserExcel;
 import org.springblade.system.excel.UserImportListener;
@@ -69,6 +73,7 @@ import java.util.Map;
 public class UserController {
 
 	private IUserService userService;
+	private BladeRedis bladeRedis;
 
 	/**
 	 * 查询单条
@@ -85,7 +90,7 @@ public class UserController {
 	/**
 	 * 查询单条
 	 */
-	@ApiOperationSupport(order =2)
+	@ApiOperationSupport(order = 2)
 	@Operation(summary = "查看详情", description = "传入id")
 	@GetMapping("/info")
 	public R<UserVO> info(BladeUser user) {
@@ -212,7 +217,7 @@ public class UserController {
 	@Operation(summary = "导入用户", description = "传入excel")
 	public R importUser(MultipartFile file, Integer isCovered) {
 		String filename = file.getOriginalFilename();
-		if (StringUtils.isEmpty(filename)) {
+		if (StringUtil.isBlank(filename)) {
 			throw new RuntimeException("请上传文件!");
 		}
 		if ((!StringUtils.endsWithIgnoreCase(filename, ".xls") && !StringUtils.endsWithIgnoreCase(filename, ".xlsx"))) {
@@ -240,14 +245,14 @@ public class UserController {
 	@PreAuth(RoleConstant.HAS_ROLE_ADMIN)
 	public void exportUser(@Parameter(hidden = true) @RequestParam Map<String, Object> user, BladeUser bladeUser, HttpServletResponse response) {
 		QueryWrapper<User> queryWrapper = Condition.getQueryWrapper(user, User.class);
-		if (!SecureUtil.isAdministrator()){
+		if (!SecureUtil.isAdministrator()) {
 			queryWrapper.lambda().eq(User::getTenantId, bladeUser.getTenantId());
 		}
 		queryWrapper.lambda().eq(User::getIsDeleted, BladeConstant.DB_NOT_DELETED);
 		List<UserExcel> list = userService.exportUser(queryWrapper);
 		response.setContentType("application/vnd.ms-excel");
 		response.setCharacterEncoding(StandardCharsets.UTF_8.name());
-		String fileName = URLEncoder.encode("用户数据导出", StandardCharsets.UTF_8.name());
+		String fileName = URLEncoder.encode("用户数据导出", StandardCharsets.UTF_8);
 		response.setHeader("Content-disposition", "attachment;filename=" + fileName + ".xlsx");
 		EasyExcel.write(response.getOutputStream(), UserExcel.class).sheet("用户数据表").doWrite(list);
 	}
@@ -263,7 +268,7 @@ public class UserController {
 		List<UserExcel> list = new ArrayList<>();
 		response.setContentType("application/vnd.ms-excel");
 		response.setCharacterEncoding(StandardCharsets.UTF_8.name());
-		String fileName = URLEncoder.encode("用户数据模板", StandardCharsets.UTF_8.name());
+		String fileName = URLEncoder.encode("用户数据模板", StandardCharsets.UTF_8);
 		response.setHeader("Content-disposition", "attachment;filename=" + fileName + ".xlsx");
 		EasyExcel.write(response.getOutputStream(), UserExcel.class).sheet("用户数据表").doWrite(list);
 	}
@@ -279,4 +284,20 @@ public class UserController {
 	}
 
 
+	/**
+	 * 用户解锁
+	 */
+	@PostMapping("/unlock")
+	@ApiOperationSupport(order = 16)
+	@Operation(summary = "账号解锁")
+	@PreAuth(RoleConstant.HAS_ROLE_ADMIN)
+	public R unlock(String userIds) {
+		if (StringUtil.isBlank(userIds)) {
+			return R.fail("请至少选择一个用户");
+		}
+		List<User> userList = userService.list(Wrappers.<User>lambdaQuery().in(User::getId, Func.toLongList(userIds)));
+		userList.forEach(user -> bladeRedis.del(CacheNames.tenantKey(user.getTenantId(), CacheNames.USER_FAIL_KEY, user.getAccount())));
+		return R.success("操作成功");
+	}
+
 }

doc/nacos/blade.yaml

@@ -67,13 +67,13 @@ knife4j:
     language: zh_cn
     enableFooter: false
     enableFooterCustom: true
-    footerCustomContent: Copyright © 2024 SpringBlade All Rights Reserved
+    footerCustomContent: Copyright © 2025 SpringBlade All Rights Reserved
 
 #swagger配置信息
 swagger:
   title: SpringBlade 接口文档系统
   description: SpringBlade 接口文档系统
-  version: 4.4.0
+  version: 4.5.0
   license: Powered By SpringBlade
   licenseUrl: https://bladex.cn
   terms-of-service-url: https://bladex.cn

pom.xml

@@ -9,9 +9,9 @@
     <packaging>pom</packaging>
 
     <properties>
-        <revision>4.4.0</revision>
+        <revision>4.5.0</revision>
 
-        <blade.tool.version>4.4.2</blade.tool.version>
+        <blade.tool.version>4.5.0</blade.tool.version>
 
         <java.version>17</java.version>
         <maven.plugin.version>3.11.0</maven.plugin.version>

script/docker/.env

@@ -1,2 +1,2 @@
 REGISTER=192.168.0.157/blade
-TAG=4.4.0
+TAG=4.5.0

script/kuboard/kuboard_spring-blade.yaml

@@ -152,7 +152,7 @@ spec:
     spec:
       containers:
         - name: blade-admin
-          image: 'swr.cn-east-2.myhuaweicloud.com/blade/blade-admin:4.4.0'
+          image: 'swr.cn-east-2.myhuaweicloud.com/blade/blade-admin:4.5.0'
           args:
             - '--spring.profiles.active=${PROFILE}'
             - '--spring.cloud.nacos.config.server-addr=${NACOS_SERVER_ADDR}'
@@ -386,7 +386,7 @@ spec:
     spec:
       containers:
         - name: blade-auth
-          image: 'swr.cn-east-2.myhuaweicloud.com/blade/blade-auth:4.4.0'
+          image: 'swr.cn-east-2.myhuaweicloud.com/blade/blade-auth:4.5.0'
           args:
             - '--spring.profiles.active=${PROFILE}'
             - '--spring.cloud.nacos.config.server-addr=${NACOS_SERVER_ADDR}'
@@ -625,7 +625,7 @@ spec:
     spec:
       containers:
         - name: blade-desk
-          image: 'swr.cn-east-2.myhuaweicloud.com/blade/blade-desk:4.4.0'
+          image: 'swr.cn-east-2.myhuaweicloud.com/blade/blade-desk:4.5.0'
           args:
             - '--spring.profiles.active=${PROFILE}'
             - '--spring.cloud.nacos.config.server-addr=${NACOS_SERVER_ADDR}'
@@ -864,7 +864,7 @@ spec:
     spec:
       containers:
         - name: blade-develop
-          image: 'swr.cn-east-2.myhuaweicloud.com/blade/blade-develop:4.4.0'
+          image: 'swr.cn-east-2.myhuaweicloud.com/blade/blade-develop:4.5.0'
           args:
             - '--spring.profiles.active=${PROFILE}'
             - '--spring.cloud.nacos.config.server-addr=${NACOS_SERVER_ADDR}'
@@ -1096,7 +1096,7 @@ spec:
     spec:
       containers:
         - name: blade-gateway
-          image: 'swr.cn-east-2.myhuaweicloud.com/blade/blade-gateway:4.4.0'
+          image: 'swr.cn-east-2.myhuaweicloud.com/blade/blade-gateway:4.5.0'
           args:
             - '--spring.profiles.active=${PROFILE}'
             - '--spring.cloud.nacos.config.server-addr=${NACOS_SERVER_ADDR}'
@@ -1331,7 +1331,7 @@ spec:
     spec:
       containers:
         - name: blade-log
-          image: 'swr.cn-east-2.myhuaweicloud.com/blade/blade-log:4.4.0'
+          image: 'swr.cn-east-2.myhuaweicloud.com/blade/blade-log:4.5.0'
           args:
             - '--spring.profiles.active=${PROFILE}'
             - '--spring.cloud.nacos.config.server-addr=${NACOS_SERVER_ADDR}'
@@ -1565,7 +1565,7 @@ spec:
     spec:
       containers:
         - name: blade-report
-          image: 'swr.cn-east-2.myhuaweicloud.com/blade/blade-report:4.4.0'
+          image: 'swr.cn-east-2.myhuaweicloud.com/blade/blade-report:4.5.0'
           args:
             - '--spring.profiles.active=${PROFILE}'
             - '--spring.cloud.nacos.config.server-addr=${NACOS_SERVER_ADDR}'
@@ -1799,7 +1799,7 @@ spec:
     spec:
       containers:
         - name: blade-resource
-          image: 'swr.cn-east-2.myhuaweicloud.com/blade/blade-resource:4.4.0'
+          image: 'swr.cn-east-2.myhuaweicloud.com/blade/blade-resource:4.5.0'
           args:
             - '--spring.profiles.active=${PROFILE}'
             - '--spring.cloud.nacos.config.server-addr=${NACOS_SERVER_ADDR}'
@@ -2033,7 +2033,7 @@ spec:
     spec:
       containers:
         - name: blade-system
-          image: 'swr.cn-east-2.myhuaweicloud.com/blade/blade-system:4.4.0'
+          image: 'swr.cn-east-2.myhuaweicloud.com/blade/blade-system:4.5.0'
           args:
             - '--spring.profiles.active=${PROFILE}'
             - '--spring.cloud.nacos.config.server-addr=${NACOS_SERVER_ADDR}'
@@ -2262,7 +2262,7 @@ spec:
     spec:
       containers:
         - name: saber-web
-          image: 'swr.cn-east-2.myhuaweicloud.com/blade/saber-web:4.4.0'
+          image: 'swr.cn-east-2.myhuaweicloud.com/blade/saber-web:4.5.0'
           ports:
             - name: web
               containerPort: 80
@@ -2487,7 +2487,7 @@ spec:
     spec:
       containers:
         - name: blade-swagger
-          image: 'swr.cn-east-2.myhuaweicloud.com/blade/blade-swagger:4.4.0'
+          image: 'swr.cn-east-2.myhuaweicloud.com/blade/blade-swagger:4.5.0'
           args:
             - '--spring.profiles.active=${PROFILE}'
             - '--spring.cloud.nacos.config.server-addr=${NACOS_SERVER_ADDR}'
@@ -3515,7 +3515,7 @@ spec:
     spec:
       containers:
         - name: mysql
-          image: 'swr.cn-east-2.myhuaweicloud.com/blade/saber-db:v4.4.0'
+          image: 'swr.cn-east-2.myhuaweicloud.com/blade/saber-db:v4.5.0'
           ports:
             - name: mysql
               containerPort: 3306