Update setEnvVars.bat

README.md

@@ -132,7 +132,7 @@ App Management UI
 
 | Version    | Date   |  Download URL  |
 | --------   | :----- | :----           | 
-| v 4.1.8   | 2024/08/01   | <a href="https://www.maxkey.top/zh/about/download.html"  target="_blank">Download</a> |
+| v 4.1.9   | 2025/10/10   | <a href="https://www.maxkey.top/zh/about/download.html"  target="_blank">Download</a> |
 
 
 # Install

README_en.md

@@ -133,7 +133,7 @@ App Management UI
 
 | Version    | Date   |   Download URL  |
 | --------   | :----- | :----           | 
-| v 4.1.8   | 2024/08/01   | <a href="https://www.maxkey.top/zh/about/download.html"  target="_blank">Download</a> |
+| v 4.1.9   | 2025/10/10   | <a href="https://www.maxkey.top/zh/about/download.html"  target="_blank">Download</a> |
 
 
 # Install

README_zh.md

@@ -136,7 +136,7 @@ MaxKey <b>遵循 Apache License, Version 2.0 开源免费</b>，开源、安全
 
 | 版本       | 日期    |  下载              | 
 | --------   | :-----  | :----              | 
-| v 4.1.8   | 2024/08/01   | <a href="https://www.maxkey.top/zh/about/download.html" target="_blank">下载</a>|
+| v 4.1.9   | 2025/10/10   | <a href="https://www.maxkey.top/zh/about/download.html" target="_blank">下载</a>|
  
  
 # 安装部署

ReleaseNotes.txt

@@ -1,4 +1,4 @@
-MaxKey v 4.1.9 GA 2025/10/*
+MaxKey v 4.1.9 GA 2025/10/10
     *(MAXKEY-250501) #248 最新镜像 启动登陆异常
     *(MAXKEY-250502) 仪表盘显示和数据优化，增加totalUsers、totalDepts、totalApps统计
     *(MAXKEY-250503) 开源之夏-官方操作手册 by xiaoyvhuv
@@ -11,7 +11,10 @@
     *(MAXKEY-250510) 管理端增加官方网站链接菜单
     *(MAXKEY-250511) mybatis-jpa-extra升级优化
     *(MAXKEY-250512) release.bat构建脚本优化
-    *(MAXKEY-250513) 依赖项引用、更新和升级
+    *(MAXKEY-250513) 社交服务 ->社交登录
+    *(MAXKEY-250514) 国际化切换图标修改，English abbr EN，zh-CN abbr CN
+    *(MAXKEY-250515) sql文件数据结构和数据合并成一个问题maxkey.sql
+    *(MAXKEY-250516) 依赖项引用、更新和升级
             springVersion                   6.2.11
             springBootVersion               3.4.10
             springSecurityVersion           6.5.5

docker/docker-mysql/docker-entrypoint-initdb.d/init.sql

@@ -3,5 +3,4 @@ create database if not exists  `maxkey` /*!40100 DEFAULT CHARACTER SET utf8mb4 C
 use maxkey ;
 
 source /docker-entrypoint-initdb.d/latest/maxkey.sql   ;
-source /docker-entrypoint-initdb.d/latest/maxkey_data.sql   ;
  

gradle.properties

@@ -15,7 +15,7 @@
 # */
 #maxkey properties 
 group                           =org.dromara.maxkey
-version                         =4.1.8
+version                         =4.1.9
 vendor                          =https://www.maxkey.top
 author                          =MaxKeyTop
 githubUrl						=https://github.com/dromara/MaxKey

maxkey-starter/maxkey-starter-passkey/src/main/java/org/dromara/maxkey/passkey/config/PasskeyProperties.java

@@ -21,7 +21,7 @@ import org.springframework.boot.context.properties.ConfigurationProperties;
 /**
  * Passkey配置属性
  */
-@ConfigurationProperties(prefix = "maxkey.passkey")
+@ConfigurationProperties(prefix = "maxkey.login.passkey")
 public class PasskeyProperties {
     
     /**

maxkey-starter/maxkey-starter-passkey/src/main/java/org/dromara/maxkey/passkey/service/impl/PasskeyServiceImpl.java

@@ -488,7 +488,7 @@ public class PasskeyServiceImpl implements PasskeyService {
             
             // 标记挑战为已使用
             challenge.setStatus(1);
-            passkeyChallengeService.saveChallenge(challenge);
+            passkeyChallengeService.validateAndConsumeChallenge(challenge.getId(),challenge.getChallengeType());
             
             _logger.debug("Authentication verification completed successfully");
             return result;

maxkey-web-frontend/maxkey-web-app/src/app/routes/passport/login/login.component.html

@@ -101,12 +101,12 @@
       {{ 'app.login.login' | i18n }}
     </button>
   </nz-form-item>
-  <nz-form-item *ngIf="loginType == 'normal'">
-      <button nz-button type="button" nzType="default" nzSize="large" (click)="passkeyLogin()" nzBlock>
-        <i nz-icon nzType="safety-certificate" nzTheme="outline"></i>
-        {{ 'mxk.login.passkey-login' | i18n }}
-      </button>
-    </nz-form-item>
+  <nz-form-item *ngIf="passkeyEnabled">
+    <button nz-button type="button" nzType="default" nzSize="large" (click)="passkeyLogin()" nzBlock>
+      <i nz-icon nzType="safety-certificate" nzTheme="outline"></i>
+      {{ 'mxk.login.passkey-login' | i18n }}
+    </button>
+  </nz-form-item>
 </form>
 <div class="other" *ngIf="loginType == 'normal'">
   {{ 'app.login.sign-in-with' | i18n }}

maxkey-web-frontend/maxkey-web-app/src/app/routes/passport/login/login.component.ts

@@ -56,6 +56,8 @@ export class UserLoginComponent implements OnInit, OnDestroy {
   loading = false;
   passwordVisible = false;
   qrexpire = false;
+  passkeyEnabled = false;
+  passkeyAllowedOrigins = [];
   imageCaptcha = '';
   captchaType = '';
   state = '';
@@ -136,6 +138,25 @@ export class UserLoginComponent implements OnInit, OnDestroy {
             this.socials = res.data.socials;
             this.state = res.data.state;
             this.captchaType = res.data.captcha;
+            this.passkeyEnabled = res.data.passkeyEnabled;
+            this.passkeyAllowedOrigins = res.data.passkeyAllowedOrigins;
+            let passkeyAllowedOriginsMatch = false;
+            for (let allowedOrigin of this.passkeyAllowedOrigins) {
+              console.log(`passkey allowedOrigin ${allowedOrigin}`);
+              console.log(`location ${window.location.href}`);
+              if (
+                window.location.href.startsWith('http://localhost') ||
+                (window.location.href.startsWith('https') && window.location.href.indexOf(allowedOrigin) > -1)
+              ) {
+                console.log(window.location.href.indexOf(allowedOrigin) > -1);
+                passkeyAllowedOriginsMatch = true;
+              }
+            }
+            if (window.PublicKeyCredential && this.passkeyEnabled && passkeyAllowedOriginsMatch) {
+              this.passkeyEnabled = true;
+            } else {
+              this.passkeyEnabled = false;
+            }
             if (this.captchaType === 'NONE') {
               //清除校验规则
               this.form.get('captcha')?.clearValidators();
@@ -537,10 +558,12 @@ export class UserLoginComponent implements OnInit, OnDestroy {
         }
 
         // 检查是否是没有注册 Passkey 的错误
-        if (errorMessage.includes('没有注册任何 Passkey') || 
-            errorMessage.includes('No Passkeys registered') ||
-            errorMessage.includes('还没有注册任何 Passkey') ||
-            errorMessage.includes('系统中还没有注册任何 Passkey')) {
+        if (
+          errorMessage.includes('没有注册任何 Passkey') ||
+          errorMessage.includes('No Passkeys registered') ||
+          errorMessage.includes('还没有注册任何 Passkey') ||
+          errorMessage.includes('系统中还没有注册任何 Passkey')
+        ) {
           // 直接显示友好提示并返回，不抛出错误避免被全局拦截器捕获
           this.msg.warning('还未注册 Passkey，请注册 Passkey');
           console.log('=== PASSKEY LOGIN DEBUG END ===');
@@ -555,10 +578,12 @@ export class UserLoginComponent implements OnInit, OnDestroy {
         console.error('Failed to get auth options:', authOptionsResponse);
         // 检查是否是没有注册 Passkey 的错误
         const errorMessage = authOptionsResponse?.message || '获取认证选项失败';
-        if (errorMessage.includes('没有注册任何 Passkey') || 
-            errorMessage.includes('No Passkeys registered') ||
-            errorMessage.includes('还没有注册任何 Passkey') ||
-            errorMessage.includes('系统中还没有注册任何 Passkey')) {
+        if (
+          errorMessage.includes('没有注册任何 Passkey') ||
+          errorMessage.includes('No Passkeys registered') ||
+          errorMessage.includes('还没有注册任何 Passkey') ||
+          errorMessage.includes('系统中还没有注册任何 Passkey')
+        ) {
           // 直接显示友好提示并返回，不抛出错误避免被全局拦截器捕获
           this.msg.warning('还未注册 Passkey，请注册 Passkey');
           console.log('=== PASSKEY LOGIN DEBUG END ===');
@@ -597,9 +622,9 @@ export class UserLoginComponent implements OnInit, OnDestroy {
       console.log('Step 3: Calling WebAuthn API navigator.credentials.get()...');
       console.log('Available authenticators will be queried automatically');
 
-      const credential = await navigator.credentials.get({
+      const credential = (await navigator.credentials.get({
         publicKey: convertedOptions
-      }) as PublicKeyCredential;
+      })) as PublicKeyCredential;
 
       if (!credential) {
         console.error('No credential returned from WebAuthn API');
@@ -698,7 +723,6 @@ export class UserLoginComponent implements OnInit, OnDestroy {
         console.error('Invalid auth result - missing userId:', authResult);
         throw new Error('认证成功但用户数据无效');
       }
-      
     } catch (error: any) {
       console.error('=== PASSKEY LOGIN ERROR ===');
       console.error('Error type:', error.constructor.name);
@@ -707,14 +731,17 @@ export class UserLoginComponent implements OnInit, OnDestroy {
       console.error('Full error object:', error);
 
       // 检查是否是没有注册 Passkey 的错误
-      if (error.message && (error.message.includes('PASSKEY_NOT_REGISTERED') ||
-                           error.message.includes('没有找到可用的凭据') || 
-                           error.message.includes('No credentials available') ||
-                           error.message.includes('用户未注册') ||
-                           error.message.includes('credential not found') ||
-                           error.message.includes('没有注册任何 Passkey') ||
-                           error.message.includes('No Passkeys registered') ||
-                           error.message.includes('还没有注册任何 Passkey'))) {
+      if (
+        error.message &&
+        (error.message.includes('PASSKEY_NOT_REGISTERED') ||
+          error.message.includes('没有找到可用的凭据') ||
+          error.message.includes('No credentials available') ||
+          error.message.includes('用户未注册') ||
+          error.message.includes('credential not found') ||
+          error.message.includes('没有注册任何 Passkey') ||
+          error.message.includes('No Passkeys registered') ||
+          error.message.includes('还没有注册任何 Passkey'))
+      ) {
         this.msg.warning('还未注册 Passkey，请注册 Passkey');
         console.log('=== PASSKEY LOGIN DEBUG END ===');
         return;
@@ -747,10 +774,10 @@ export class UserLoginComponent implements OnInit, OnDestroy {
             break;
           default:
             console.error('Unknown WebAuthn error');
-            this.msg.error('Passkey 登录失败：' + (error.message || '请重试或使用其他登录方式'));
+            this.msg.error(`Passkey 登录失败：${error.message || '请重试或使用其他登录方式'}`);
         }
       } else {
-        this.msg.error('Passkey 登录失败：' + (error.message || '请重试或使用其他登录方式'));
+        this.msg.error(`Passkey 登录失败：${error.message || '请重试或使用其他登录方式'}`);
       }
       console.log('=== PASSKEY LOGIN DEBUG END ===');
     } finally {

maxkey-web-frontend/maxkey-web-app/src/app/shared/consts.ts

@@ -27,5 +27,5 @@ export const CONSTS = {
   REDIRECT_URI: 'redirect_uri',
   REMEMBER: 'remember_me',
   TOKEN: '_token',
-  VERSION: 'v4.1.8 GA'
+  VERSION: 'v4.1.9 GA'
 };

maxkey-web-frontend/maxkey-web-app/src/style-icons-auto.ts

@@ -107,6 +107,8 @@ import {
   FileProtectOutline,
   HistoryOutline,
   UserAddOutline,
+  SafetyCertificateOutline,
+  PlusCircleOutline,
   AuditOutline
 } from '@ant-design/icons-angular/icons';
 import { QR_DEFULAT_CONFIG } from '@delon/abc/qr';
@@ -199,5 +201,7 @@ export const ICONS_AUTO = [
   FileProtectOutline,
   HistoryOutline,
   UserAddOutline,
+  SafetyCertificateOutline,
+  PlusCircleOutline,
   AuditOutline
 ];

maxkey-web-frontend/maxkey-web-mgt-app/src/app/shared/consts.ts

@@ -19,5 +19,5 @@ export const CONSTS = {
   INST: 'inst_mgt',
   REDIRECT_URI: 'redirect_uri',
   REMEMBER: 'remember',
-  VERSION: 'v4.1.8 GA'
+  VERSION: 'v4.1.9 GA'
 };

maxkey-webs/maxkey-gataway/src/main/resources/application.yml

@@ -1,7 +1,7 @@
 #端口号
 application:
   name: maxkey-gateway-server
-  formatted-version: v4.1.8 GA
+  formatted-version: v4.1.9 GA
 server:
   port: 9000
 spring:

maxkey-webs/maxkey-web-maxkey/src/main/java/org/dromara/maxkey/web/contorller/LoginEntryPoint.java

@@ -33,6 +33,7 @@ import org.dromara.maxkey.configuration.ApplicationConfig;
 import org.dromara.maxkey.constants.ConstsLoginType;
 import org.dromara.maxkey.entity.*;
 import org.dromara.maxkey.entity.idm.UserInfo;
+import org.dromara.maxkey.passkey.config.PasskeyProperties;
 import org.dromara.maxkey.password.onetimepwd.AbstractOtpAuthn;
 import org.dromara.maxkey.password.sms.SmsOtpAuthnService;
 import org.dromara.maxkey.persistence.service.SocialsAssociatesService;
@@ -73,6 +74,9 @@ public class LoginEntryPoint {
 	@Autowired
   	ApplicationConfig applicationConfig;
 	
+	@Autowired
+    PasskeyProperties passkeyProperties;
+
 	@Autowired
 	AbstractAuthenticationProvider authenticationProvider ;
 
@@ -134,6 +138,8 @@ public class LoginEntryPoint {
 			model.put("otpType", tfaOtpAuthn.getOtpType());
 			model.put("otpInterval", tfaOtpAuthn.getInterval());
 		}
+		model.put("passkeyEnabled", passkeyProperties.isEnabled());
+		model.put("passkeyAllowedOrigins", passkeyProperties.getRelyingParty().getAllowedOrigins());
 
 		if( applicationConfig.getLoginConfig().isKerberos()){
 			model.put("userDomainUrlJson", kerberosService.buildKerberosProxys());

maxkey-webs/maxkey-web-maxkey/src/main/resources/application-maxkey.properties

@@ -88,6 +88,13 @@ maxkey.ipaddress.whitelist                      =false
 #notices show
 maxkey.notices.visible                          =false
 ############################################################################
+# Passkey Configuration                                                     #
+############################################################################
+maxkey.login.passkey.enabled=true
+maxkey.login.passkey.relying-party.name=MaxKey
+maxkey.login.passkey.relying-party.id=localhost
+maxkey.login.passkey.relying-party.allowed-origins=http://localhost
+############################################################################
 #ssl configuration                                                         #
 ############################################################################
 #server.ssl.key-store=maxkeyserver.keystore

maxkey-webs/maxkey-web-maxkey/src/main/resources/application.properties

@@ -16,7 +16,7 @@
 #MaxKey Title and Version                                                  #
 ############################################################################
 application.title                           =MaxKey
-application.formatted-version               =v4.1.8 GA
+application.formatted-version               =v4.1.9 GA
 #for dynamic service discovery
 spring.application.name                     =maxkey
 ############################################################################
@@ -28,11 +28,3 @@ spring.main.banner-mode                     =log
 #spring.profiles.active maxkey                        #
 ############################################################################
 spring.profiles.active                      =${SERVER_PROFILES:maxkey}
-
-############################################################################
-# Passkey Configuration                                                     #
-############################################################################
-maxkey.passkey.enabled=true
-maxkey.passkey.relying-party.name=MaxKey
-maxkey.passkey.relying-party.id=localhost
-maxkey.passkey.relying-party.allowed-origins=http://localhost:8527,http://localhost:8080

maxkey-webs/maxkey-web-mgt/src/main/resources/application.properties

@@ -16,7 +16,7 @@
 #MaxKey Title and Version                                                  #
 ############################################################################
 application.title                               =MaxKey-Mgt
-application.formatted-version                   =v4.1.8 GA
+application.formatted-version                   =v4.1.9 GA
 #for dynamic service discovery
 spring.application.name                         =maxkey-mgt
 ############################################################################

maxkey-webs/maxkey-web-openapi/src/main/resources/application.properties

@@ -16,7 +16,7 @@
 #MaxKey Title and Version                                                  #
 ############################################################################
 application.title                               =MaxKey-OpenApi
-application.formatted-version                   =v4.1.8 GA
+application.formatted-version                   =v4.1.9 GA
 #for dynamic service discovery
 spring.application.name                         =maxkey-openapi
 ############################################################################

setEnvVars.bat

@@ -3,7 +3,7 @@ echo set env
 set JAVA_HOME=C:\IDE\jdk-17
 set GRADLE_HOME=C:\ide\gradle-8.8
 
-set MXK_VERSION=4.1.8
+set MXK_VERSION=4.1.9
 set MXK_REPOSITORY=maxkeytop
 
 call %JAVA_HOME%/bin/java -version

sql/v4.1.9/passkey_tables.sql

@@ -1,52 +0,0 @@
--- MaxKey Passkey 模块数据库表创建脚本
--- 创建用户 Passkey 表和挑战表
-
--- 用户 Passkey 表
-CREATE TABLE IF NOT EXISTS mxk_user_passkeys (
-    id VARCHAR(40) NOT NULL COMMENT '主键ID',
-    user_id VARCHAR(40) NOT NULL COMMENT '用户ID',
-    credential_id VARCHAR(500) NOT NULL COMMENT '凭据ID（Base64编码）',
-    public_key TEXT NOT NULL COMMENT '公钥数据（Base64编码）',
-    display_name VARCHAR(100) COMMENT '显示名称',
-    device_type VARCHAR(50) DEFAULT 'unknown' COMMENT '设备类型',
-    signature_count BIGINT DEFAULT 0 COMMENT '签名计数器',
-    created_date DATETIME NOT NULL COMMENT '创建时间',
-    last_used_date DATETIME COMMENT '最后使用时间',
-    aaguid VARCHAR(100) COMMENT 'AAGUID',
-    inst_id VARCHAR(40) DEFAULT '1' COMMENT '机构ID',
-    status INT DEFAULT 1 COMMENT '状态：1-正常，0-禁用',
-    PRIMARY KEY (id),
-    UNIQUE KEY uk_credential_id (credential_id),
-    KEY idx_user_id (user_id),
-    KEY idx_inst_id (inst_id),
-    KEY idx_created_date (created_date)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='用户Passkey凭据表';
-
--- Passkey 挑战表
-CREATE TABLE IF NOT EXISTS mxk_passkey_challenges (
-    id VARCHAR(40) NOT NULL COMMENT '挑战ID',
-    user_id VARCHAR(40) COMMENT '用户ID（认证时可为空）',
-    challenge TEXT NOT NULL COMMENT '挑战数据（Base64编码）',
-    challenge_type VARCHAR(20) NOT NULL COMMENT '挑战类型：REGISTRATION-注册，AUTHENTICATION-认证',
-    created_date DATETIME NOT NULL COMMENT '创建时间',
-    expires_date DATETIME NOT NULL COMMENT '过期时间',
-    status INT DEFAULT 0 COMMENT '状态：0-未使用，1-已使用',
-    inst_id VARCHAR(40) DEFAULT '1' COMMENT '机构ID',
-    PRIMARY KEY (id),
-    KEY idx_user_id (user_id),
-    KEY idx_challenge_type (challenge_type),
-    KEY idx_expires_date (expires_date),
-    KEY idx_inst_id (inst_id),
-    KEY idx_status (status)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='Passkey挑战表';
-
--- 创建索引以优化查询性能
-CREATE INDEX idx_user_passkeys_user_status ON mxk_user_passkeys(user_id, status);
-CREATE INDEX idx_passkey_challenges_expires_status ON mxk_passkey_challenges(expires_date, status);
-CREATE INDEX idx_passkey_challenges_user_type ON mxk_passkey_challenges(user_id, challenge_type);
-
--- 插入示例数据（可选）
--- INSERT INTO mxk_user_passkeys (id, user_id, credential_id, public_key, display_name, device_type, signature_count, created_date, inst_id) 
--- VALUES ('test_passkey_1', 'test_user_1', 'test_credential_id_1', 'test_public_key_1', 'Test Device', 'platform', 0, NOW(), '1');
-
-COMMIT;