新增：新增上传头像 API，采用本地存储方式存储头像

continew-admin-webapi/src/main/java/top/charles7c/cnadmin/webapi/controller/auth/CaptchaController.java

@@ -60,7 +60,7 @@ public class CaptchaController {
         Captcha captcha = captchaProperties.getCaptcha();
 
         // 保存验证码
-        String uuid = IdUtil.simpleUUID();
+        String uuid = IdUtil.fastSimpleUUID();
         String captchaKey = RedisUtils.formatKey(captchaProperties.getKeyPrefix(), uuid);
         RedisUtils.setCacheObject(captchaKey, captcha.text(),
             Duration.ofMinutes(captchaProperties.getExpirationInMinutes()));

continew-admin-webapi/src/main/java/top/charles7c/cnadmin/webapi/controller/auth/LoginController.java

@@ -39,11 +39,11 @@ import top.charles7c.cnadmin.auth.service.LoginService;
 import top.charles7c.cnadmin.common.config.properties.RsaProperties;
 import top.charles7c.cnadmin.common.model.dto.LoginUser;
 import top.charles7c.cnadmin.common.model.vo.R;
-import top.charles7c.cnadmin.common.util.CheckUtils;
 import top.charles7c.cnadmin.common.util.ExceptionUtils;
 import top.charles7c.cnadmin.common.util.RedisUtils;
 import top.charles7c.cnadmin.common.util.SecureUtils;
 import top.charles7c.cnadmin.common.util.helper.LoginHelper;
+import top.charles7c.cnadmin.common.util.validate.ValidationUtils;
 
 /**
  * 登录 API
@@ -67,14 +67,14 @@ public class LoginController {
         // 校验验证码
         String captchaKey = RedisUtils.formatKey(captchaProperties.getKeyPrefix(), loginRequest.getUuid());
         String captcha = RedisUtils.getCacheObject(captchaKey);
-        CheckUtils.exIfBlank(captcha, "验证码已失效");
+        ValidationUtils.exIfBlank(captcha, "验证码已失效");
         RedisUtils.deleteCacheObject(captchaKey);
-        CheckUtils.exIfCondition(() -> !captcha.equalsIgnoreCase(loginRequest.getCaptcha()), "验证码错误");
+        ValidationUtils.exIfCondition(() -> !captcha.equalsIgnoreCase(loginRequest.getCaptcha()), "验证码错误");
 
         // 用户登录
         String rawPassword = ExceptionUtils
             .exToNull(() -> SecureUtils.decryptByRsaPrivateKey(loginRequest.getPassword(), RsaProperties.PRIVATE_KEY));
-        CheckUtils.exIfBlank(rawPassword, "密码解密失败");
+        ValidationUtils.exIfBlank(rawPassword, "密码解密失败");
         String token = loginService.login(loginRequest.getUsername(), rawPassword);
         return R.ok(new LoginVO().setToken(token));
     }
@@ -85,7 +85,7 @@ public class LoginController {
         in = ParameterIn.HEADER)
     @PostMapping("/logout")
     public R logout() {
-        CheckUtils.exIfCondition(() -> !StpUtil.isLogin(), "Token 无效");
+        ValidationUtils.exIfCondition(() -> !StpUtil.isLogin(), "Token 无效");
         StpUtil.logout();
         return R.ok();
     }

continew-admin-webapi/src/main/java/top/charles7c/cnadmin/webapi/controller/system/UserCenterController.java

@@ -0,0 +1,100 @@
+/*
+ * Copyright (c) 2022-present Charles7c Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package top.charles7c.cnadmin.webapi.controller.system;
+
+import java.io.File;
+
+import javax.validation.constraints.NotNull;
+
+import lombok.RequiredArgsConstructor;
+
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.tags.Tag;
+
+import org.springframework.http.MediaType;
+import org.springframework.validation.annotation.Validated;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.multipart.MultipartFile;
+
+import cn.hutool.core.io.FileUtil;
+import cn.hutool.core.io.file.FileNameUtil;
+import cn.hutool.core.util.StrUtil;
+
+import top.charles7c.cnadmin.common.config.properties.LocalStorageProperties;
+import top.charles7c.cnadmin.common.consts.FileConstants;
+import top.charles7c.cnadmin.common.model.dto.LoginUser;
+import top.charles7c.cnadmin.common.model.vo.R;
+import top.charles7c.cnadmin.common.util.FileUtils;
+import top.charles7c.cnadmin.common.util.helper.LoginHelper;
+import top.charles7c.cnadmin.common.util.validate.CheckUtils;
+import top.charles7c.cnadmin.common.util.validate.ValidationUtils;
+import top.charles7c.cnadmin.system.model.vo.AvatarVO;
+import top.charles7c.cnadmin.system.service.UserService;
+
+/**
+ * 个人中心 API
+ *
+ * @author Charles7c
+ * @since 2023/1/2 11:41
+ */
+@Tag(name = "个人中心 API")
+@Validated
+@RestController
+@RequiredArgsConstructor
+@RequestMapping(value = "/system/user/center", produces = MediaType.APPLICATION_JSON_VALUE)
+public class UserCenterController {
+
+    private final UserService userService;
+    private final LocalStorageProperties localStorageProperties;
+
+    @Operation(summary = "上传头像", description = "用户上传个人头像")
+    @PostMapping("/avatar")
+    public R<AvatarVO> uploadAvatar(@NotNull(message = "头像不能为空") MultipartFile avatarFile) {
+        // 校验
+        ValidationUtils.exIfCondition(avatarFile::isEmpty, "头像不能为空");
+        Long avatarMaxSizeInMb = localStorageProperties.getAvatarMaxSizeInMb();
+        ValidationUtils.exIfCondition(() -> avatarFile.getSize() > avatarMaxSizeInMb * 1024 * 1024,
+            String.format("请上传小于 %s MB 的图片", avatarMaxSizeInMb));
+        String avatarImageType = FileNameUtil.extName(avatarFile.getOriginalFilename());
+        String[] avatarSupportImgTypes = FileConstants.AVATAR_SUPPORTED_IMG_TYPES;
+        ValidationUtils.exIfCondition(() -> !StrUtil.equalsAnyIgnoreCase(avatarImageType, avatarSupportImgTypes),
+            String.format("头像仅支持 %s 格式的图片", String.join("，", avatarSupportImgTypes)));
+
+        // 上传新头像
+        String avatarPath = localStorageProperties.getPath().getAvatar();
+        File newAvatarFile = FileUtils.upload(avatarFile, avatarPath, false);
+        CheckUtils.exIfNull(newAvatarFile, "上传头像失败");
+
+        // 更新用户头像
+        LoginUser loginUser = LoginHelper.getLoginUser();
+        String newAvatar = newAvatarFile.getName();
+        userService.updateAvatar(newAvatar, loginUser.getUserId());
+
+        // 删除原头像
+        String oldAvatar = loginUser.getAvatar();
+        if (StrUtil.isNotBlank(loginUser.getAvatar())) {
+            FileUtil.del(avatarPath + oldAvatar);
+        }
+
+        // 更新登录用户信息
+        loginUser.setAvatar(newAvatar);
+        LoginHelper.updateLoginUser(loginUser);
+        return R.ok("上传成功", new AvatarVO().setAvatar(newAvatar));
+    }
+}

continew-admin-webapi/src/main/resources/application-dev.yml

@@ -73,6 +73,12 @@ spring:
 security:
   # 排除路径配置
   excludes:
+    # 静态资源
+    - /*.html
+    - /**/*.html
+    - /**/*.css
+    - /**/*.js
+    - /webSocket/**
     # 接口文档相关资源
     - /favicon.ico
     - /doc.html
@@ -80,6 +86,9 @@ security:
     - /swagger-ui/**
     - /swagger-resources/**
     - /*/api-docs/**
+    # 本地存储资源
+    - /avatar/**
+    - /file/**
 
 --- ### 非对称加密配置（例如：密码加密传输，前端公钥加密，后端私钥解密；在线生成 RSA 密钥对：http://web.chacuo.net/netrsakeypair）
 rsa:
@@ -106,6 +115,39 @@ springdoc:
   swagger-ui:
     enabled: true
 
+--- ### 文件上传配置
+spring:
+  servlet:
+    multipart:
+      enabled: true
+      # 单文件上传大小限制
+      max-file-size: 10MB
+      # 单次总上传文件大小限制
+      max-request-size: 20MB
+
+--- ### 本地存储配置
+local-storage:
+  # 文件模式
+  filePattern: /file/**
+  # 头像模式
+  avatarPattern: /avatar/**
+  # 文件上传大小限制
+  maxSizeInMb: 10
+  # 头像上传大小限制
+  avatarMaxSizeInMb: 5
+  ## Windows 系统本地存储配置
+  windows:
+    file: C:\continew-admin\data\file\
+    avatar: C:\continew-admin\data\avatar\
+  ## Linux 系统本地存储配置
+  linux:
+    file: /data/file/
+    avatar: /data/avatar/
+  ## Mac 系统本地存储配置
+  mac:
+    file: ~/data/file/
+    avatar: ~/data/avatar/
+
 --- ### 跨域配置
 cors:
   # 配置允许跨域的域名

continew-admin-webapi/src/main/resources/application-prod.yml

@@ -69,6 +69,20 @@ spring:
     # 是否开启 SSL
     ssl: false
 
+--- ### 安全配置
+security:
+  # 排除路径配置
+  excludes:
+    # 静态资源
+    - /*.html
+    - /**/*.html
+    - /**/*.css
+    - /**/*.js
+    - /webSocket/**
+    # 本地存储资源
+    - /avatar/**
+    - /file/**
+
 --- ### 非对称加密配置（例如：密码加密传输，前端公钥加密，后端私钥解密；在线生成 RSA 密钥对：http://web.chacuo.net/netrsakeypair）
 rsa:
   # 私钥
@@ -94,6 +108,39 @@ springdoc:
   swagger-ui:
     enabled: false
 
+--- ### 文件上传配置
+spring:
+  servlet:
+    multipart:
+      enabled: true
+      # 单文件上传大小限制
+      max-file-size: 10MB
+      # 单次总上传文件大小限制
+      max-request-size: 20MB
+
+--- ### 本地存储配置
+local-storage:
+  # 文件模式
+  filePattern: /file/**
+  # 头像模式
+  avatarPattern: /avatar/**
+  # 文件上传大小限制
+  maxSizeInMb: 10
+  # 头像上传大小限制
+  avatarMaxSizeInMb: 5
+  ## Windows 系统本地存储配置
+  windows:
+    file: C:\continew-admin\data\file\
+    avatar: C:\continew-admin\data\avatar\
+  ## Linux 系统本地存储配置
+  linux:
+    file: /data/file/
+    avatar: /data/avatar/
+  ## Mac 系统本地存储配置
+  mac:
+    file: ~/data/file/
+    avatar: ~/data/avatar/
+
 --- ### 跨域配置
 cors:
   # 配置允许跨域的域名

continew-admin-webapi/src/main/resources/application.yml

@@ -92,17 +92,6 @@ sa-token:
   # JWT秘钥
   jwt-secret-key: asdasdasifhueuiwyurfewbfjsdafjk
 
---- ### 安全配置
-security:
-  # 排除路径配置
-  excludes:
-    # 静态资源
-    - /*.html
-    - /**/*.html
-    - /**/*.css
-    - /**/*.js
-    - /webSocket/**
-
 --- ### MyBatis Plus 配置
 mybatis-plus:
   # Mapper 接口扫描包配置（该配置为自定义配置，非 MP 配置，不支持多包，如有需要可通过注解配置或提升扫描包层级）