feat(system/client): 新增客户端管理

continew-module-system/src/main/java/top/continew/admin/auth/AuthHandler.java

@@ -0,0 +1,55 @@
+/*
+ * Copyright (c) 2022-present Charles7c Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package top.continew.admin.auth;
+
+import jakarta.servlet.http.HttpServletRequest;
+import top.continew.admin.auth.enums.AuthTypeEnum;
+import top.continew.admin.auth.model.req.AuthReq;
+import top.continew.admin.system.model.resp.ClientResp;
+
+/**
+ * 认证接口
+ *
+ * @author KAI
+ * @since 2024/12/22 14:52:23
+ */
+public interface AuthHandler<T extends AuthReq, R> {
+
+    /**
+     * 执行登录
+     *
+     * @param authReq 登录请求参数
+     * @param request HTTP请求对象
+     * @return 登录响应
+     */
+    R login(T authReq, ClientResp clientResp, HttpServletRequest request);
+
+    /**
+     * 获取登录类型
+     *
+     * @return 登录类型Enum
+     */
+    AuthTypeEnum getAuthType();
+
+    /**
+     * 校验参数
+     *
+     * @param authReq 登录请求参数
+     */
+    void validate(T authReq);
+
+}

continew-module-system/src/main/java/top/continew/admin/auth/config/AuthHandlerContext.java

@@ -0,0 +1,53 @@
+/*
+ * Copyright (c) 2022-present Charles7c Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package top.continew.admin.auth.config;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+import top.continew.admin.auth.model.req.AuthReq;
+import top.continew.admin.auth.AuthHandler;
+
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * 登录类型策略上文
+ *
+ * @author KAI
+ * @since 2024/12/20 15:16:55
+ */
+@Component
+public class AuthHandlerContext {
+    private final Map<String, AuthHandler<?, ?>> handlerMap = new HashMap<>();
+
+    @Autowired
+    public AuthHandlerContext(List<AuthHandler<?, ?>> strategies) {
+        for (AuthHandler<?, ?> strategy : strategies) {
+            handlerMap.put(strategy.getAuthType().getValue(), strategy);
+        }
+    }
+
+    @SuppressWarnings("unchecked")
+    public <T extends AuthReq, R> AuthHandler<T, R> getHandler(String type) {
+        AuthHandler<?, ?> strategy = handlerMap.get(type);
+        if (strategy == null) {
+            throw new IllegalArgumentException("No handler found for type: " + type);
+        }
+        return (AuthHandler<T, R>)strategy;
+    }
+}

continew-module-system/src/main/java/top/continew/admin/auth/enums/AuthTypeEnum.java

@@ -0,0 +1,57 @@
+/*
+ * Copyright (c) 2022-present Charles7c Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package top.continew.admin.auth.enums;
+
+import lombok.Getter;
+import lombok.RequiredArgsConstructor;
+import top.continew.admin.common.constant.UiConstants;
+import top.continew.starter.core.enums.BaseEnum;
+
+/**
+ * 认证类型
+ *
+ * @author Charles7c
+ * @since 2023/12/23 13:38
+ */
+@Getter
+@RequiredArgsConstructor
+public enum AuthTypeEnum implements BaseEnum<String> {
+
+    /**
+     * 账号
+     */
+    ACCOUNT("account", "账号", UiConstants.COLOR_ERROR),
+
+    /**
+     * 邮箱
+     */
+    EMAIL("email", "邮箱", UiConstants.COLOR_PRIMARY),
+
+    /**
+     * 手机号
+     */
+    PHONE("phone", "手机号", UiConstants.COLOR_SUCCESS),
+
+    /**
+     * 第三方授权
+     */
+    SOCIAL_AUTH("socialAuth", "第三方授权", UiConstants.COLOR_DEFAULT);
+
+    private final String value;
+    private final String description;
+    private final String color;
+}

continew-module-system/src/main/java/top/continew/admin/auth/handler/AbstractAuthHandler.java

@@ -0,0 +1,137 @@
+/*
+ * Copyright (c) 2022-present Charles7c Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package top.continew.admin.auth.handler;
+
+import cn.dev33.satoken.stp.SaLoginModel;
+import cn.dev33.satoken.stp.StpUtil;
+import cn.hutool.core.bean.BeanUtil;
+import jakarta.annotation.Resource;
+import lombok.RequiredArgsConstructor;
+import org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor;
+import org.springframework.stereotype.Component;
+import top.continew.admin.common.context.RoleContext;
+import top.continew.admin.common.context.UserContext;
+import top.continew.admin.common.context.UserContextHolder;
+import top.continew.admin.common.context.UserExtraContext;
+import top.continew.admin.system.model.entity.UserDO;
+import top.continew.admin.system.model.resp.ClientResp;
+import top.continew.admin.system.service.OptionService;
+import top.continew.admin.system.service.RoleService;
+import top.continew.starter.web.util.SpringWebUtils;
+
+import java.util.Set;
+import java.util.concurrent.CompletableFuture;
+
+import static top.continew.admin.system.enums.PasswordPolicyEnum.PASSWORD_EXPIRATION_DAYS;
+
+/**
+ * 认证处理器抽象类
+ *
+ * @author KAI
+ * @since 2024/12/22 14:52
+ */
+@Component
+@RequiredArgsConstructor
+public abstract class AbstractAuthHandler {
+    @Resource
+    private RoleService roleService;
+    @Resource
+    private OptionService optionService;
+    @Resource
+    private ThreadPoolTaskExecutor threadPoolTaskExecutor;
+
+    public static final String CAPTCHA_EXPIRED = "验证码已失效";
+    public static final String CAPTCHA_ERROR = "验证码错误";
+    public static final String CLIENT_ID = "clientId";
+
+    /**
+     * 获取登录凭证
+     *
+     * @param user       用户信息
+     * @param clientResp 客户端信息
+     * @return token 认证信息
+     */
+    protected String authCertificate(UserDO user, ClientResp clientResp) {
+        preLogin(user, clientResp);
+        // 核心登录逻辑
+        Long userId = user.getId();
+        CompletableFuture<Set<String>> permissionFuture = CompletableFuture.supplyAsync(() -> roleService
+            .listPermissionByUserId(userId), threadPoolTaskExecutor);
+        CompletableFuture<Set<RoleContext>> roleFuture = CompletableFuture.supplyAsync(() -> roleService
+            .listByUserId(userId), threadPoolTaskExecutor);
+        CompletableFuture<Integer> passwordExpirationDaysFuture = CompletableFuture.supplyAsync(() -> optionService
+            .getValueByCode2Int(PASSWORD_EXPIRATION_DAYS.name()));
+        CompletableFuture.allOf(permissionFuture, roleFuture, passwordExpirationDaysFuture);
+
+        UserContext userContext = new UserContext(permissionFuture.join(), roleFuture
+            .join(), passwordExpirationDaysFuture.join());
+
+        BeanUtil.copyProperties(user, userContext);
+        SaLoginModel model = new SaLoginModel();
+        // 设置登录 token 最低活跃频率 如未指定，则使用全局配置的 activeTimeout 值
+        model.setActiveTimeout(clientResp.getActiveTimeout());
+        // 设置登录 token 有效期，单位：秒 （如未指定，自动取全局配置的 timeout 值
+        model.setTimeout(clientResp.getTimeout());
+        // 设置设备类型
+        model.setDevice(clientResp.getClientType());
+        userContext.setClientType(clientResp.getClientType());
+        // 设置客户端id
+        userContext.setClientId(clientResp.getClientId());
+        model.setExtra(CLIENT_ID, clientResp.getClientId());
+        // 自定义用户上下文处理
+        customizeUserContext(userContext, user, clientResp);
+
+        // 登录并缓存用户信息
+        StpUtil.login(userContext.getId(), model.setExtraData(BeanUtil.beanToMap(new UserExtraContext(SpringWebUtils
+            .getRequest()))));
+        UserContextHolder.setContext(userContext);
+
+        // 后置处理
+        String token = StpUtil.getTokenValue();
+        postLogin(token, user, clientResp);
+        return token;
+    }
+
+    /**
+     * 登录前置处理
+     *
+     * @param user       用户信息
+     * @param clientResp 客户端信息
+     */
+    private void preLogin(UserDO user, ClientResp clientResp) {
+    }
+
+    /**
+     * 自定义用户上下文处理
+     *
+     * @param userContext 用户上下文
+     * @param user        用户信息
+     * @param clientResp  客户端信息
+     */
+    protected void customizeUserContext(UserContext userContext, UserDO user, ClientResp clientResp) {
+    }
+
+    /**
+     * 登录后置处理
+     *
+     * @param token      登录令牌
+     * @param user       用户信息
+     * @param clientResp 客户端信息
+     */
+    protected void postLogin(String token, UserDO user, ClientResp clientResp) {
+    }
+}

continew-module-system/src/main/java/top/continew/admin/auth/handler/AccountAuthHandler.java

@@ -0,0 +1,120 @@
+/*
+ * Copyright (c) 2022-present Charles7c Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package top.continew.admin.auth.handler;
+
+import jakarta.servlet.http.HttpServletRequest;
+import lombok.RequiredArgsConstructor;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.stereotype.Component;
+import top.continew.admin.auth.enums.AuthTypeEnum;
+import top.continew.admin.auth.model.req.AccountAuthReq;
+import top.continew.admin.auth.model.resp.LoginResp;
+import top.continew.admin.auth.service.LoginService;
+import top.continew.admin.auth.AuthHandler;
+import top.continew.admin.common.constant.SysConstants;
+import top.continew.admin.common.util.SecureUtils;
+import top.continew.admin.system.model.entity.UserDO;
+import top.continew.admin.system.model.resp.ClientResp;
+import top.continew.admin.system.service.OptionService;
+import top.continew.admin.system.service.UserService;
+import top.continew.starter.core.util.ExceptionUtils;
+import top.continew.starter.core.validation.ValidationUtils;
+
+/**
+ * 账号认证处理器
+ *
+ * @author KAI
+ * @since 2024/12/22 14:58:32
+ */
+@Component
+@RequiredArgsConstructor
+public class AccountAuthHandler extends AbstractAuthHandler implements AuthHandler<AccountAuthReq, LoginResp> {
+
+    private final UserService userService;
+    private final LoginService loginService;
+    private final PasswordEncoder passwordEncoder;
+    private final OptionService optionService;
+
+    /**
+     * 获取认证类型
+     *
+     * @return 账号认证类型
+     */
+    @Override
+    public AuthTypeEnum getAuthType() {
+        return AuthTypeEnum.ACCOUNT;
+    }
+
+    /**
+     * 校验账号登录请求对象
+     *
+     * @param authReq 登录请求参数
+     */
+    @Override
+    public void validate(AccountAuthReq authReq) {
+        // 获取验证码开关
+        int enableCaptcha = optionService.getValueByCode2Int("LOGIN_CAPTCHA_ENABLED");
+
+        ValidationUtils.validate(authReq);
+        if (SysConstants.YES.equals(enableCaptcha)) {
+            ValidationUtils.throwIfEmpty(authReq.getCaptcha(), "验证码不能为空");
+            ValidationUtils.throwIfEmpty(authReq.getUuid(), "验证码标识不能为空");
+        }
+    }
+
+    /**
+     * 账号登录
+     *
+     * @param authReq 账号登录请求对象
+     * @param request HTTP请求对象
+     * @return 登录响应
+     */
+    @Override
+    public LoginResp login(AccountAuthReq authReq, ClientResp clientResp, HttpServletRequest request) {
+        this.validate(authReq);
+        // 解密密码
+        String rawPassword = ExceptionUtils.exToNull(() -> SecureUtils.decryptByRsaPrivateKey(authReq.getPassword()));
+        ValidationUtils.throwIfBlank(rawPassword, "密码解密失败");
+
+        // 验证用户名密码
+        UserDO user = userService.getByUsername(authReq.getUsername());
+        boolean isError = user == null || !passwordEncoder.matches(rawPassword, user.getPassword());
+
+        // 检查账号锁定状态
+        loginService.checkUserLocked(authReq.getUsername(), request, isError);
+        ValidationUtils.throwIf(isError, "用户名或密码错误");
+
+        // 检查用户状态
+        loginService.checkUserStatus(user);
+
+        // 执行登录
+        String token = this.authCertificate(user, clientResp);
+        return LoginResp.builder().token(token).build();
+    }
+
+    /**
+     * 获取认证信息
+     *
+     * @param user       用户信息
+     * @param clientResp 客户端信息
+     * @return 认证信息
+     */
+    @Override
+    public String authCertificate(UserDO user, ClientResp clientResp) {
+        return super.authCertificate(user, clientResp);
+    }
+}

continew-module-system/src/main/java/top/continew/admin/auth/handler/EmailAuthHandler.java

@@ -0,0 +1,107 @@
+/*
+ * Copyright (c) 2022-present Charles7c Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package top.continew.admin.auth.handler;
+
+import jakarta.servlet.http.HttpServletRequest;
+import lombok.RequiredArgsConstructor;
+import org.springframework.stereotype.Component;
+import top.continew.admin.auth.enums.AuthTypeEnum;
+import top.continew.admin.auth.model.req.EmailAuthReq;
+import top.continew.admin.auth.model.resp.LoginResp;
+import top.continew.admin.auth.service.LoginService;
+import top.continew.admin.auth.AuthHandler;
+import top.continew.admin.common.constant.CacheConstants;
+import top.continew.admin.system.model.entity.UserDO;
+import top.continew.admin.system.model.resp.ClientResp;
+import top.continew.admin.system.service.UserService;
+import top.continew.starter.cache.redisson.util.RedisUtils;
+import top.continew.starter.core.validation.ValidationUtils;
+
+/**
+ * 邮箱认证处理器
+ *
+ * @author KAI
+ * @since 2024/12/22 14:58
+ */
+@Component
+@RequiredArgsConstructor
+public class EmailAuthHandler extends AbstractAuthHandler implements AuthHandler<EmailAuthReq, LoginResp> {
+
+    private final UserService userService;
+    private final LoginService loginService;
+
+    /**
+     * 获取认证类型
+     *
+     * @return 邮箱认证类型
+     */
+    @Override
+    public AuthTypeEnum getAuthType() {
+        return AuthTypeEnum.EMAIL;
+    }
+
+    /**
+     * 校验邮箱登录请求对象
+     *
+     * @param authReq 邮箱登录请求参数
+     */
+    @Override
+    public void validate(EmailAuthReq authReq) {
+        ValidationUtils.validate(authReq);
+    }
+
+    /**
+     * 邮箱登录
+     *
+     * @param authReq 邮箱登录请求对象
+     * @param request HTTP请求对象
+     * @return 登录响应
+     */
+    @Override
+    public LoginResp login(EmailAuthReq authReq, ClientResp clientResp, HttpServletRequest request) {
+        this.validate(authReq);
+
+        String email = authReq.getEmail();
+        String captchaKey = CacheConstants.CAPTCHA_KEY_PREFIX + email;
+        String captcha = RedisUtils.get(captchaKey);
+        ValidationUtils.throwIfBlank(captcha, AbstractAuthHandler.CAPTCHA_EXPIRED);
+        ValidationUtils.throwIfNotEqualIgnoreCase(authReq.getCaptcha(), captcha, CAPTCHA_ERROR);
+        RedisUtils.delete(captchaKey);
+        // 验证邮箱
+        UserDO user = userService.getByEmail(authReq.getEmail());
+        ValidationUtils.throwIfNull(user, "此邮箱未绑定本系统账号");
+
+        // 检查用户状态
+        loginService.checkUserStatus(user);
+
+        // 执行登录
+        String token = this.authCertificate(user, clientResp);
+        return LoginResp.builder().token(token).build();
+    }
+
+    /**
+     * 获取登录凭证
+     *
+     * @param user       用户信息
+     * @param clientResp 客户端信息
+     * @return token 认证信息
+     */
+    @Override
+    public String authCertificate(UserDO user, ClientResp clientResp) {
+        return super.authCertificate(user, clientResp);
+    }
+}

continew-module-system/src/main/java/top/continew/admin/auth/handler/PhoneAuthHandler.java

@@ -0,0 +1,109 @@
+/*
+ * Copyright (c) 2022-present Charles7c Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package top.continew.admin.auth.handler;
+
+import jakarta.servlet.http.HttpServletRequest;
+import lombok.RequiredArgsConstructor;
+import org.springframework.stereotype.Component;
+import top.continew.admin.auth.enums.AuthTypeEnum;
+import top.continew.admin.auth.model.req.PhoneAuthReq;
+import top.continew.admin.auth.model.resp.LoginResp;
+import top.continew.admin.auth.service.LoginService;
+import top.continew.admin.auth.AuthHandler;
+import top.continew.admin.common.constant.CacheConstants;
+import top.continew.admin.system.model.entity.UserDO;
+import top.continew.admin.system.model.resp.ClientResp;
+import top.continew.admin.system.service.UserService;
+import top.continew.starter.cache.redisson.util.RedisUtils;
+import top.continew.starter.core.validation.ValidationUtils;
+
+/**
+ * 手机号认证处理器
+ *
+ * @author KAI
+ * @since 2024/12/22 14:59
+ */
+@Component
+@RequiredArgsConstructor
+public class PhoneAuthHandler extends AbstractAuthHandler implements AuthHandler<PhoneAuthReq, LoginResp> {
+
+    private final UserService userService;
+    private final LoginService loginService;
+
+    /**
+     * 获取认证类型
+     *
+     * @return 手机号认证类型
+     */
+    @Override
+    public AuthTypeEnum getAuthType() {
+        return AuthTypeEnum.PHONE;
+    }
+
+    /**
+     * 校验手机号登录请求对象
+     *
+     * @param authReq 手机号登录请求参数
+     */
+    @Override
+    public void validate(PhoneAuthReq authReq) {
+        ValidationUtils.validate(authReq);
+    }
+
+    /**
+     * 手机号登录
+     *
+     * @param authReq 手机号登录请求对象
+     * @param request HTTP请求对象
+     * @return 登录响应
+     */
+    @Override
+    public LoginResp login(PhoneAuthReq authReq, ClientResp clientResp, HttpServletRequest request) {
+        //校验参数
+        this.validate(authReq);
+
+        String phone = authReq.getPhone();
+        String captchaKey = CacheConstants.CAPTCHA_KEY_PREFIX + phone;
+        String captcha = RedisUtils.get(captchaKey);
+        ValidationUtils.throwIfBlank(captcha, AbstractAuthHandler.CAPTCHA_EXPIRED);
+        ValidationUtils.throwIfNotEqualIgnoreCase(authReq.getCaptcha(), captcha, AbstractAuthHandler.CAPTCHA_ERROR);
+        RedisUtils.delete(captchaKey);
+
+        // 验证手机号
+        UserDO user = userService.getByPhone(authReq.getPhone());
+        ValidationUtils.throwIfNull(user, "此手机号未绑定本系统账号");
+
+        // 检查用户状态
+        loginService.checkUserStatus(user);
+
+        // 执行登录
+        String token = this.authCertificate(user, clientResp);
+        return LoginResp.builder().token(token).build();
+    }
+
+    /**
+     * 获取登录凭证
+     *
+     * @param user       用户信息
+     * @param clientResp 客户端信息
+     * @return token 认证信息
+     */
+    @Override
+    public String authCertificate(UserDO user, ClientResp clientResp) {
+        return super.authCertificate(user, clientResp);
+    }
+}

continew-module-system/src/main/java/top/continew/admin/auth/handler/SocialAuthHandler.java

@@ -0,0 +1,172 @@
+/*
+ * Copyright (c) 2022-present Charles7c Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package top.continew.admin.auth.handler;
+
+import cn.dev33.satoken.stp.StpUtil;
+import cn.hutool.core.bean.BeanUtil;
+import cn.hutool.core.util.IdUtil;
+import cn.hutool.core.util.RandomUtil;
+import cn.hutool.core.util.ReUtil;
+import cn.hutool.json.JSONUtil;
+import com.xkcoding.justauth.AuthRequestFactory;
+import jakarta.servlet.http.HttpServletRequest;
+import lombok.RequiredArgsConstructor;
+import me.zhyd.oauth.model.AuthCallback;
+import me.zhyd.oauth.model.AuthResponse;
+import me.zhyd.oauth.model.AuthUser;
+import me.zhyd.oauth.request.AuthRequest;
+import org.springframework.stereotype.Component;
+import top.continew.admin.auth.AuthHandler;
+import top.continew.admin.auth.enums.AuthTypeEnum;
+import top.continew.admin.auth.model.req.SocialAuthReq;
+import top.continew.admin.auth.model.resp.LoginResp;
+import top.continew.admin.auth.service.LoginService;
+import top.continew.admin.common.constant.RegexConstants;
+import top.continew.admin.common.constant.SysConstants;
+import top.continew.admin.common.enums.GenderEnum;
+import top.continew.admin.system.model.entity.RoleDO;
+import top.continew.admin.system.model.entity.UserDO;
+import top.continew.admin.system.model.entity.UserSocialDO;
+import top.continew.admin.system.model.resp.ClientResp;
+import top.continew.admin.system.service.RoleService;
+import top.continew.admin.system.service.UserRoleService;
+import top.continew.admin.system.service.UserService;
+import top.continew.admin.system.service.UserSocialService;
+import top.continew.starter.core.exception.BadRequestException;
+import top.continew.starter.core.validation.ValidationUtils;
+
+import java.time.LocalDateTime;
+import java.util.Collections;
+
+/**
+ * 手机号认证处理器
+ *
+ * @author KAI
+ * @since 2024/12/25 14:21
+ */
+@Component
+@RequiredArgsConstructor
+public class SocialAuthHandler extends AbstractAuthHandler implements AuthHandler<SocialAuthReq, LoginResp> {
+    private final AuthRequestFactory authRequestFactory;
+    private final UserSocialService userSocialService;
+    private final UserService userService;
+    private final RoleService roleService;
+    private final UserRoleService userRoleService;
+    private final LoginService loginService;
+
+    /**
+     * 获取认证类型
+     *
+     * @return 第三方认证类型
+     */
+    @Override
+    public AuthTypeEnum getAuthType() {
+        return AuthTypeEnum.SOCIAL_AUTH;
+    }
+
+    /**
+     * 校验第三方登录请求对象
+     *
+     * @param authReq 登录请求参数
+     */
+    @Override
+    public void validate(SocialAuthReq authReq) {
+        ValidationUtils.validate(authReq);
+    }
+
+    /**
+     * 第三方登录
+     *
+     * @param authReq 第三方登录请求对象
+     * @param request HTTP请求对象
+     * @return 登录响应
+     */
+    @Override
+    public LoginResp login(SocialAuthReq authReq, ClientResp clientResp, HttpServletRequest request) {
+        this.validate(authReq);
+        if (StpUtil.isLogin()) {
+            StpUtil.logout();
+        }
+        AuthRequest authRequest = this.getAuthRequest(authReq.getSource());
+        AuthCallback callback = new AuthCallback();
+        callback.setCode(authReq.getCode());
+        callback.setState(authReq.getState());
+        AuthResponse<AuthUser> response = authRequest.login(callback);
+        ValidationUtils.throwIf(!response.ok(), response.getMsg());
+        AuthUser authUser = response.getData();
+        String source = authUser.getSource();
+        String openId = authUser.getUuid();
+        UserSocialDO userSocial = userSocialService.getBySourceAndOpenId(source, openId);
+        UserDO user;
+        if (null == userSocial) {
+            String username = authUser.getUsername();
+            String nickname = authUser.getNickname();
+            UserDO existsUser = userService.getByUsername(username);
+            String randomStr = RandomUtil.randomString(RandomUtil.BASE_CHAR, 5);
+            if (null != existsUser || !ReUtil.isMatch(RegexConstants.USERNAME, username)) {
+                username = randomStr + IdUtil.fastSimpleUUID();
+            }
+            if (!ReUtil.isMatch(RegexConstants.GENERAL_NAME, nickname)) {
+                nickname = source.toLowerCase() + randomStr;
+            }
+            user = new UserDO();
+            user.setUsername(username);
+            user.setNickname(nickname);
+            user.setGender(GenderEnum.valueOf(authUser.getGender().name()));
+            user.setAvatar(authUser.getAvatar());
+            user.setDeptId(SysConstants.SUPER_DEPT_ID);
+            Long userId = userService.add(user);
+            RoleDO role = roleService.getByCode(SysConstants.SUPER_ROLE_CODE);
+            userRoleService.assignRolesToUser(Collections.singletonList(role.getId()), userId);
+            userSocial = new UserSocialDO();
+            userSocial.setUserId(userId);
+            userSocial.setSource(source);
+            userSocial.setOpenId(openId);
+            loginService.sendSecurityMsg(user);
+        } else {
+            user = BeanUtil.copyProperties(userService.getById(userSocial.getUserId()), UserDO.class);
+        }
+        loginService.checkUserStatus(user);
+        userSocial.setMetaJson(JSONUtil.toJsonStr(authUser));
+        userSocial.setLastLoginTime(LocalDateTime.now());
+        userSocialService.saveOrUpdate(userSocial);
+        // 执行登录
+        String token = this.authCertificate(user, clientResp);
+        return LoginResp.builder().token(token).build();
+    }
+
+    private AuthRequest getAuthRequest(String source) {
+        try {
+            return authRequestFactory.get(source);
+        } catch (Exception e) {
+            throw new BadRequestException("暂不支持 [%s] 平台账号登录".formatted(source));
+        }
+    }
+
+    /**
+     * 获取认证信息
+     *
+     * @param user       用户信息
+     * @param clientResp 客户端信息
+     * @return 认证信息
+     */
+    @Override
+    protected String authCertificate(UserDO user, ClientResp clientResp) {
+        return super.authCertificate(user, clientResp);
+    }
+
+}

continew-module-system/src/main/java/top/continew/admin/auth/model/req/AccountAuthReq.java

@@ -31,7 +31,7 @@ import java.io.Serializable;
  */
 @Data
 @Schema(description = "账号登录参数")
-public class AccountLoginReq implements Serializable {
+public class AccountAuthReq extends AuthReq implements Serializable {
 
     @Serial
     private static final long serialVersionUID = 1L;

continew-module-system/src/main/java/top/continew/admin/auth/model/req/AuthReq.java

@@ -0,0 +1,46 @@
+/*
+ * Copyright (c) 2022-present Charles7c Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package top.continew.admin.auth.model.req;
+
+import com.fasterxml.jackson.annotation.JsonSubTypes;
+import com.fasterxml.jackson.annotation.JsonTypeInfo;
+import io.swagger.v3.oas.annotations.media.Schema;
+import jakarta.validation.constraints.NotBlank;
+import lombok.Data;
+
+/**
+ * 登录参数基础类
+ *
+ * @author KAI
+ * @since 2024/12/22 15:16
+ */
+@Data
+@JsonTypeInfo(use = JsonTypeInfo.Id.NAME, include = JsonTypeInfo.As.EXISTING_PROPERTY, property = "authType", visible = true)
+@JsonSubTypes({@JsonSubTypes.Type(value = AccountAuthReq.class, name = "account"),
+    @JsonSubTypes.Type(value = EmailAuthReq.class, name = "email"),
+    @JsonSubTypes.Type(value = PhoneAuthReq.class, name = "phone"),
+    @JsonSubTypes.Type(value = SocialAuthReq.class, name = "socialAuth")})
+public abstract class AuthReq {
+
+    @Schema(description = "客户端id")
+    @NotBlank(message = "客户端id不能为空")
+    private String clientId;
+
+    @Schema(description = "认证类型")
+    @NotBlank(message = "认证类型不能为空")
+    private String authType;
+}

continew-module-system/src/main/java/top/continew/admin/auth/model/req/EmailAuthReq.java

@@ -34,7 +34,7 @@ import java.io.Serializable;
  */
 @Data
 @Schema(description = "邮箱登录参数")
-public class EmailLoginReq implements Serializable {
+public class EmailAuthReq extends AuthReq implements Serializable {
 
     @Serial
     private static final long serialVersionUID = 1L;

continew-module-system/src/main/java/top/continew/admin/auth/model/req/PhoneAuthReq.java

@@ -34,7 +34,7 @@ import java.io.Serializable;
  */
 @Data
 @Schema(description = "手机号登录参数")
-public class PhoneLoginReq implements Serializable {
+public class PhoneAuthReq extends AuthReq implements Serializable {
 
     @Serial
     private static final long serialVersionUID = 1L;

continew-module-system/src/main/java/top/continew/admin/auth/model/req/SocialAuthReq.java

@@ -0,0 +1,49 @@
+/*
+ * Copyright (c) 2022-present Charles7c Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package top.continew.admin.auth.model.req;
+
+import io.swagger.v3.oas.annotations.media.Schema;
+import jakarta.validation.constraints.NotBlank;
+import lombok.Data;
+
+/**
+ * 第三方登录参数
+ *
+ * @author KAI
+ * @since 2024/12/25 15:43
+ */
+@Data
+@Schema(description = "第三方登录参数")
+public class SocialAuthReq extends AuthReq {
+    /**
+     * 第三方登录平台
+     */
+    @NotBlank(message = "第三方登录平台不能为空")
+    private String source;
+
+    /**
+     * 第三方登录code
+     */
+    @NotBlank(message = "第三方登录code不能为空")
+    private String code;
+
+    /**
+     * 第三方登录state
+     */
+    @NotBlank(message = "第三方登录state不能为空")
+    private String state;
+}

continew-module-system/src/main/java/top/continew/admin/auth/service/LoginService.java

@@ -19,6 +19,7 @@ package top.continew.admin.auth.service;
 import jakarta.servlet.http.HttpServletRequest;
 import me.zhyd.oauth.model.AuthUser;
 import top.continew.admin.auth.model.resp.RouteResp;
+import top.continew.admin.system.model.entity.UserDO;
 
 import java.util.List;
 
@@ -31,30 +32,28 @@ import java.util.List;
 public interface LoginService {
 
     /**
-     * 账号登录
+     * 检查用户状态
+     *
+     * @param user 用户信息
+     */
+    void checkUserStatus(UserDO user);
+
+    /**
+     * 检查用户是否被锁定
      *
      * @param username 用户名
-     * @param password 密码
      * @param request  请求对象
-     * @return 令牌
+     * @param isError  是否登录错误
      */
-    String accountLogin(String username, String password, HttpServletRequest request);
+    void checkUserLocked(String username, HttpServletRequest request, boolean isError);
 
     /**
-     * 手机号登录
+     * 执行登录操作
      *
-     * @param phone 手机号
-     * @return 令牌
+     * @param user 用户信息
+     * @return token
      */
-    String phoneLogin(String phone);
-
-    /**
-     * 邮箱登录
-     *
-     * @param email 邮箱
-     * @return 令牌
-     */
-    String emailLogin(String email);
+    String login(UserDO user);
 
     /**
      * 三方账号登录
@@ -71,4 +70,11 @@ public interface LoginService {
      * @return 路由树
      */
     List<RouteResp> buildRouteTree(Long userId);
+
+    /**
+     * 发送安全消息
+     * 
+     * @param user 用户信息
+     */
+    void sendSecurityMsg(UserDO user);
 }

continew-module-system/src/main/java/top/continew/admin/auth/service/impl/LoginServiceImpl.java

@@ -96,32 +96,6 @@ public class LoginServiceImpl implements LoginService {
     private final OptionService optionService;
     private final MessageService messageService;
 
-    @Override
-    public String accountLogin(String username, String password, HttpServletRequest request) {
-        UserDO user = userService.getByUsername(username);
-        boolean isError = ObjectUtil.isNull(user) || !passwordEncoder.matches(password, user.getPassword());
-        this.checkUserLocked(username, request, isError);
-        CheckUtils.throwIf(isError, "用户名或密码错误");
-        this.checkUserStatus(user);
-        return this.login(user);
-    }
-
-    @Override
-    public String phoneLogin(String phone) {
-        UserDO user = userService.getByPhone(phone);
-        CheckUtils.throwIfNull(user, "此手机号未绑定本系统账号");
-        this.checkUserStatus(user);
-        return this.login(user);
-    }
-
-    @Override
-    public String emailLogin(String email) {
-        UserDO user = userService.getByEmail(email);
-        CheckUtils.throwIfNull(user, "此邮箱未绑定本系统账号");
-        this.checkUserStatus(user);
-        return this.login(user);
-    }
-
     @Override
     @Transactional(rollbackFor = Exception.class)
     public String socialLogin(AuthUser authUser) {
@@ -209,7 +183,8 @@ public class LoginServiceImpl implements LoginService {
      * @param user 用户信息
      * @return 令牌
      */
-    private String login(UserDO user) {
+    @Override
+    public String login(UserDO user) {
         Long userId = user.getId();
         CompletableFuture<Set<String>> permissionFuture = CompletableFuture.supplyAsync(() -> roleService
             .listPermissionByUserId(userId), threadPoolTaskExecutor);
@@ -233,7 +208,8 @@ public class LoginServiceImpl implements LoginService {
      *
      * @param user 用户信息
      */
-    private void checkUserStatus(UserDO user) {
+    @Override
+    public void checkUserStatus(UserDO user) {
         CheckUtils.throwIfEqual(DisEnableStatusEnum.DISABLE, user.getStatus(), "此账号已被禁用，如有疑问，请联系管理员");
         DeptDO dept = deptService.getById(user.getDeptId());
         CheckUtils.throwIfEqual(DisEnableStatusEnum.DISABLE, dept.getStatus(), "此账号所属部门已被禁用，如有疑问，请联系管理员");
@@ -246,7 +222,8 @@ public class LoginServiceImpl implements LoginService {
      * @param request  请求对象
      * @param isError  是否登录错误
      */
-    private void checkUserLocked(String username, HttpServletRequest request, boolean isError) {
+    @Override
+    public void checkUserLocked(String username, HttpServletRequest request, boolean isError) {
         // 不锁定
         int maxErrorCount = optionService.getValueByCode2Int(PasswordPolicyEnum.PASSWORD_ERROR_LOCK_COUNT.name());
         if (maxErrorCount <= SysConstants.NO) {
@@ -274,7 +251,8 @@ public class LoginServiceImpl implements LoginService {
      *
      * @param user 用户信息
      */
-    private void sendSecurityMsg(UserDO user) {
+    @Override
+    public void sendSecurityMsg(UserDO user) {
         MessageReq req = new MessageReq();
         MessageTemplateEnum socialRegister = MessageTemplateEnum.SOCIAL_REGISTER;
         req.setTitle(socialRegister.getTitle().formatted(projectProperties.getName()));

continew-module-system/src/main/java/top/continew/admin/system/mapper/ClientMapper.java

@@ -0,0 +1,28 @@
+/*
+ * Copyright (c) 2022-present Charles7c Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package top.continew.admin.system.mapper;
+
+import top.continew.starter.data.mp.base.BaseMapper;
+import top.continew.admin.system.model.entity.ClientDO;
+
+/**
+ * 客户端管理 Mapper
+ *
+ * @author MoChou
+ * @since 2024/12/03 16:04
+ */
+public interface ClientMapper extends BaseMapper<ClientDO> {}

continew-module-system/src/main/java/top/continew/admin/system/model/entity/ClientDO.java

@@ -0,0 +1,82 @@
+/*
+ * Copyright (c) 2022-present Charles7c Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package top.continew.admin.system.model.entity;
+
+import com.baomidou.mybatisplus.annotation.TableField;
+import com.baomidou.mybatisplus.annotation.TableName;
+import com.baomidou.mybatisplus.extension.handlers.JacksonTypeHandler;
+import lombok.Data;
+import top.continew.admin.common.enums.DisEnableStatusEnum;
+import top.continew.starter.extension.crud.model.entity.BaseDO;
+
+import java.io.Serial;
+import java.util.List;
+
+/**
+ * 客户端管理实体
+ *
+ * @author MoChou
+ * @since 2024/12/03 16:04
+ */
+@Data
+@TableName(value = "sys_client", autoResultMap = true)
+public class ClientDO extends BaseDO {
+
+    @Serial
+    private static final long serialVersionUID = 1L;
+
+    /**
+     * 客户端ID
+     */
+    private String clientId;
+
+    /**
+     * 客户端Key
+     */
+    private String clientKey;
+
+    /**
+     * 客户端秘钥
+     */
+    private String clientSecret;
+
+    /**
+     * 登录类型
+     */
+    @TableField(typeHandler = JacksonTypeHandler.class)
+    private List<String> authType;
+
+    /**
+     * 客户端类型
+     */
+    private String clientType;
+
+    /**
+     * Token最低活跃频率（-1为不限制）
+     */
+    private Integer activeTimeout;
+
+    /**
+     * Token有效期（默认30天，单位：秒）
+     */
+    private Integer timeout;
+
+    /**
+     * 状态（1：启用；2：禁用）
+     */
+    private DisEnableStatusEnum status;
+}

continew-module-system/src/main/java/top/continew/admin/system/model/query/ClientQuery.java

@@ -0,0 +1,75 @@
+/*
+ * Copyright (c) 2022-present Charles7c Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package top.continew.admin.system.model.query;
+
+import io.swagger.v3.oas.annotations.media.Schema;
+import lombok.Data;
+import top.continew.admin.common.enums.DisEnableStatusEnum;
+import top.continew.starter.data.core.annotation.Query;
+import top.continew.starter.data.core.enums.QueryType;
+
+import java.io.Serial;
+import java.io.Serializable;
+import java.util.List;
+
+/**
+ * 客户端管理查询条件
+ *
+ * @author MoChou
+ * @since 2024/12/03 16:04
+ */
+@Data
+@Schema(description = "客户端管理查询条件")
+public class ClientQuery implements Serializable {
+
+    @Serial
+    private static final long serialVersionUID = 1L;
+
+    /**
+     * 客户端Key
+     */
+    @Schema(description = "客户端Key")
+    @Query(type = QueryType.EQ)
+    private String clientKey;
+
+    /**
+     * 客户端秘钥
+     */
+    @Schema(description = "客户端秘钥")
+    @Query(type = QueryType.EQ)
+    private String clientSecret;
+
+    /**
+     * 登录类型
+     */
+    @Schema(description = "登录类型")
+    @Query(type = QueryType.IN)
+    private List<String> authType;
+    /**
+     * 客户端类型
+     */
+    @Schema(description = "客户端类型")
+    @Query(type = QueryType.EQ)
+    private String clientType;
+
+    /**
+     * 状态（1：启用；2：禁用）
+     */
+    @Schema(description = "状态")
+    @Query(type = QueryType.EQ)
+    private DisEnableStatusEnum status;
+}

continew-module-system/src/main/java/top/continew/admin/system/model/req/ClientReq.java

@@ -0,0 +1,97 @@
+/*
+ * Copyright (c) 2022-present Charles7c Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package top.continew.admin.system.model.req;
+
+import io.swagger.v3.oas.annotations.media.Schema;
+import jakarta.validation.constraints.NotBlank;
+import jakarta.validation.constraints.NotNull;
+import lombok.Data;
+import org.hibernate.validator.constraints.Length;
+import top.continew.admin.common.enums.DisEnableStatusEnum;
+import top.continew.starter.extension.crud.model.req.BaseReq;
+
+import java.io.Serial;
+import java.util.List;
+
+/**
+ * 创建或修改客户端管理参数
+ *
+ * @author MoChou
+ * @since 2024/12/03 16:04
+ */
+@Data
+@Schema(description = "创建或修改客户端管理参数")
+public class ClientReq extends BaseReq {
+
+    @Serial
+    private static final long serialVersionUID = 1L;
+
+    /**
+     * 客户端ID
+     */
+    @Schema(description = "客户端ID")
+    private String clientId;
+
+    /**
+     * 客户端Key
+     */
+    @Schema(description = "客户端Key")
+    @NotBlank(message = "客户端Key不能为空")
+    @Length(max = 32, message = "客户端Key长度不能超过 {max} 个字符")
+    private String clientKey;
+
+    /**
+     * 客户端秘钥
+     */
+    @Schema(description = "客户端秘钥")
+    @NotBlank(message = "客户端秘钥不能为空")
+    @Length(max = 255, message = "客户端秘钥长度不能超过 {max} 个字符")
+    private String clientSecret;
+
+    /**
+     * 登录类型
+     */
+    @Schema(description = "登录类型")
+    @NotNull(message = "登录类型不能为空")
+    private List<String> authType;
+    /**
+     * 客户端类型
+     */
+    @Schema(description = "客户端类型")
+    @NotBlank(message = "客户端类型不能为空")
+    @Length(max = 32, message = "客户端类型长度不能超过 {max} 个字符")
+    private String clientType;
+
+    /**
+     * Token最低活跃频率（-1为不限制）
+     */
+    @Schema(description = "Token最低活跃频率（-1为不限制）")
+    private Integer activeTimeout;
+
+    /**
+     * Token有效期（默认30天，单位：秒）
+     */
+    @Schema(description = "Token有效期（默认30天，单位：秒）")
+    private Integer timeout;
+
+    /**
+     * 状态（1：启用；2：禁用）
+     */
+    @Schema(description = "状态（1：启用；2：禁用）")
+    @NotNull(message = "状态（1：启用；2：禁用）不能为空")
+    private DisEnableStatusEnum status;
+}

continew-module-system/src/main/java/top/continew/admin/system/model/resp/ClientDetailResp.java

@@ -0,0 +1,98 @@
+/*
+ * Copyright (c) 2022-present Charles7c Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package top.continew.admin.system.model.resp;
+
+import com.alibaba.excel.annotation.ExcelIgnoreUnannotated;
+import com.alibaba.excel.annotation.ExcelProperty;
+import io.swagger.v3.oas.annotations.media.Schema;
+import lombok.Data;
+import top.continew.admin.common.enums.DisEnableStatusEnum;
+import top.continew.starter.extension.crud.model.resp.BaseDetailResp;
+
+import java.io.Serial;
+import java.util.List;
+
+/**
+ * 客户端管理详情信息
+ *
+ * @author MoChou
+ * @since 2024/12/03 16:04
+ */
+@Data
+@ExcelIgnoreUnannotated
+@Schema(description = "客户端管理详情信息")
+public class ClientDetailResp extends BaseDetailResp {
+
+    @Serial
+    private static final long serialVersionUID = 1L;
+
+    /**
+     * 客户端ID
+     */
+    @Schema(description = "客户端ID")
+    @ExcelProperty(value = "客户端ID")
+    private String clientId;
+
+    /**
+     * 客户端Key
+     */
+    @Schema(description = "客户端Key")
+    @ExcelProperty(value = "客户端Key")
+    private String clientKey;
+
+    /**
+     * 客户端秘钥
+     */
+    @Schema(description = "客户端秘钥")
+    @ExcelProperty(value = "客户端秘钥")
+    private String clientSecret;
+
+    /**
+     * 登录类型
+     */
+    @Schema(description = "登录类型")
+    @ExcelProperty(value = "登录类型")
+    private List<String> authType;
+
+    /**
+     * 客户端类型
+     */
+    @Schema(description = "客户端类型")
+    @ExcelProperty(value = "客户端类型")
+    private String clientType;
+
+    /**
+     * Token最低活跃频率（-1为不限制）
+     */
+    @Schema(description = "Token最低活跃频率（-1为不限制）")
+    @ExcelProperty(value = "Token最低活跃频率（-1为不限制）")
+    private Integer activeTimeout;
+
+    /**
+     * Token有效期（默认30天，单位：秒）
+     */
+    @Schema(description = "Token有效期（默认30天，单位：秒）")
+    @ExcelProperty(value = "Token有效期（默认30天，单位：秒）")
+    private Integer timeout;
+
+    /**
+     * 状态
+     */
+    @Schema(description = "状态")
+    @ExcelProperty(value = "状态")
+    private DisEnableStatusEnum status;
+}

continew-module-system/src/main/java/top/continew/admin/system/model/resp/ClientResp.java

@@ -0,0 +1,87 @@
+/*
+ * Copyright (c) 2022-present Charles7c Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package top.continew.admin.system.model.resp;
+
+import io.swagger.v3.oas.annotations.media.Schema;
+import lombok.Data;
+import top.continew.admin.common.enums.DisEnableStatusEnum;
+import top.continew.starter.extension.crud.model.resp.BaseResp;
+
+import java.io.Serial;
+import java.util.List;
+
+/**
+ * 客户端管理信息
+ *
+ * @author MoChou
+ * @since 2024/12/03 16:04
+ */
+@Data
+@Schema(description = "客户端管理信息")
+public class ClientResp extends BaseResp {
+
+    @Serial
+    private static final long serialVersionUID = 1L;
+
+    /**
+     * 客户端ID
+     */
+    @Schema(description = "客户端ID")
+    private String clientId;
+
+    /**
+     * 客户端Key
+     */
+    @Schema(description = "客户端Key")
+    private String clientKey;
+
+    /**
+     * 客户端秘钥
+     */
+    @Schema(description = "客户端秘钥")
+    private String clientSecret;
+
+    /**
+     * 认证类型
+     */
+    @Schema(description = "认证类型")
+    private List<String> authType;
+
+    /**
+     * 客户端类型
+     */
+    @Schema(description = "客户端类型")
+    private String clientType;
+
+    /**
+     * Token最低活跃频率（-1为不限制）
+     */
+    @Schema(description = "Token最低活跃频率（-1为不限制）")
+    private Integer activeTimeout;
+
+    /**
+     * Token有效期（默认30天，单位：秒）
+     */
+    @Schema(description = "Token有效期（默认30天，单位：秒）")
+    private Integer timeout;
+
+    /**
+     * 状态（1：启用；2：禁用）
+     */
+    @Schema(description = "状态")
+    private DisEnableStatusEnum status;
+}

continew-module-system/src/main/java/top/continew/admin/system/service/ClientService.java

@@ -0,0 +1,35 @@
+/*
+ * Copyright (c) 2022-present Charles7c Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package top.continew.admin.system.service;
+
+import top.continew.admin.system.model.query.ClientQuery;
+import top.continew.admin.system.model.req.ClientReq;
+import top.continew.admin.system.model.resp.ClientDetailResp;
+import top.continew.admin.system.model.resp.ClientResp;
+import top.continew.starter.extension.crud.service.BaseService;
+
+/**
+ * 客户端管理业务接口
+ *
+ * @author MoChou
+ * @since 2024/12/03 16:04
+ */
+public interface ClientService extends BaseService<ClientResp, ClientDetailResp, ClientQuery, ClientReq> {
+
+    ClientResp getClientByClientId(String clientId);
+
+}

continew-module-system/src/main/java/top/continew/admin/system/service/impl/ClientServiceImpl.java

@@ -0,0 +1,76 @@
+/*
+ * Copyright (c) 2022-present Charles7c Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package top.continew.admin.system.service.impl;
+
+import cn.hutool.core.bean.BeanUtil;
+import cn.hutool.core.util.StrUtil;
+import cn.hutool.crypto.digest.DigestUtil;
+import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
+import lombok.RequiredArgsConstructor;
+import org.springframework.stereotype.Service;
+import top.continew.admin.auth.enums.AuthTypeEnum;
+import top.continew.admin.system.mapper.ClientMapper;
+import top.continew.admin.system.model.entity.ClientDO;
+import top.continew.admin.system.model.query.ClientQuery;
+import top.continew.admin.system.model.req.ClientReq;
+import top.continew.admin.system.model.resp.ClientDetailResp;
+import top.continew.admin.system.model.resp.ClientResp;
+import top.continew.admin.system.service.ClientService;
+import top.continew.starter.core.constant.StringConstants;
+import top.continew.starter.core.validation.ValidationUtils;
+import top.continew.starter.extension.crud.service.BaseServiceImpl;
+
+import java.util.List;
+
+/**
+ * 客户端管理业务实现
+ *
+ * @author MoChou
+ * @since 2024/12/03 16:04
+ */
+@Service
+@RequiredArgsConstructor
+public class ClientServiceImpl extends BaseServiceImpl<ClientMapper, ClientDO, ClientResp, ClientDetailResp, ClientQuery, ClientReq> implements ClientService {
+    @Override
+    protected void beforeAdd(ClientReq req) {
+        String clientId = DigestUtil.md5Hex(req.getClientKey() + StringConstants.COLON + req.getClientSecret());
+        req.setClientId(clientId);
+    }
+
+    /**
+     * 通过ClientId获取客户端实例
+     * 
+     * @param clientId 客户端id
+     * @return 客户端响应对象
+     */
+    @Override
+    public ClientResp getClientByClientId(String clientId) {
+        ClientDO clientDO = baseMapper.selectOne(new LambdaQueryWrapper<ClientDO>()
+            .eq(ClientDO::getClientId, clientId));
+        return BeanUtil.copyProperties(clientDO, ClientResp.class);
+    }
+
+    @Override
+    protected void beforeDelete(List<Long> ids) {
+        // 查询如果删除客户端记录以后是否还存在账号认证的方式，不存在则不允许删除
+        List<ClientDO> clientDOS = baseMapper.selectList(new LambdaQueryWrapper<ClientDO>().notIn(ClientDO::getId, ids)
+            .like(ClientDO::getAuthType, AuthTypeEnum.ACCOUNT.getValue()));
+        ValidationUtils.throwIfEmpty(clientDOS, StrUtil.format("请至少保留一条{}认证的方式", AuthTypeEnum.ACCOUNT
+            .getDescription()));
+        super.beforeDelete(ids);
+    }
+}