package com.gk.firework.Controller;
|
|
import cn.hutool.core.lang.Dict;
|
import cn.hutool.core.util.ObjectUtil;
|
import cn.hutool.core.util.StrUtil;
|
import cn.hutool.http.HttpRequest;
|
import com.alibaba.fastjson.JSON;
|
import com.alibaba.fastjson.JSONObject;
|
import com.gk.firework.Config.Oauth2.IRedisService;
|
import com.gk.firework.Config.Oauth2.OauthRole;
|
import com.gk.firework.Config.Oauth2.RedisKeyEnum;
|
import com.gk.firework.Domain.AuthorizationInfo;
|
import com.gk.firework.Domain.Log.JsonParams;
|
import com.gk.firework.Domain.Utils.CommonUtil;
|
import com.gk.firework.Domain.Utils.Msg;
|
import com.gk.firework.Domain.Utils.StringUtils;
|
import com.gk.firework.Domain.Vo.UserVo;
|
import com.gk.firework.Service.AuthorizationService;
|
import com.gk.firework.Service.EnterpriseService;
|
import com.gk.firework.Service.UserService;
|
import com.google.common.base.Strings;
|
import com.google.common.net.HttpHeaders;
|
import io.jsonwebtoken.Claims;
|
import io.swagger.annotations.Api;
|
import io.swagger.annotations.ApiOperation;
|
import io.swagger.annotations.ApiParam;
|
import org.apache.commons.collections4.map.SingletonMap;
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Value;
|
import org.springframework.web.bind.annotation.*;
|
import springfox.documentation.annotations.ApiIgnore;
|
|
import javax.servlet.http.HttpServletRequest;
|
import java.nio.charset.StandardCharsets;
|
import java.util.*;
|
|
@Api(tags = "登录登出接口")
|
@RequestMapping("/auth")
|
@RestController
|
public class LoginController {
|
@Autowired
|
IRedisService redisService;
|
@Autowired
|
UserService userService;
|
@Autowired
|
AuthorizationService authorizationService;
|
@Autowired
|
EnterpriseService enterpriseService;
|
@Value("${host}")
|
private String host;
|
/**
|
* login produces = "application/json"
|
*
|
* @param jsonParam {"username":"用户名","password":"密码"}
|
* @return User
|
*/
|
@PostMapping("/login")
|
@JsonParams
|
@ApiOperation(value = "管理端登录授权", notes = "登录授权接口,获取token")
|
public Msg login(@ApiParam(value = "username,password") @RequestParam String encryptStr) {
|
String jsonStr = new String(Base64.getDecoder().decode(encryptStr), StandardCharsets.UTF_8);
|
JSONObject jsonParam = JSON.parseObject(jsonStr);
|
|
String username = jsonParam.getString("username");
|
String password = jsonParam.getString("password");
|
|
Msg msg = new Msg();
|
msg.setCode("200");
|
msg.setMessage("success");
|
try {
|
//query user
|
UserVo user = userService.selectUserVoByName(username);
|
if (null == user) {
|
msg.setCode("100");
|
msg.setMessage("用户不存在");
|
return msg;
|
}
|
|
if (user.getIssale() == 1) {
|
msg.setCode("100");
|
msg.setMessage("用户不存在");
|
return msg;
|
}
|
|
if (StringUtils.isNotBlank(user.getCompanynumber()) && enterpriseService.isLogOut(user.getCompanynumber())) {
|
msg.setCode("166");
|
msg.setMessage("用户已注销");
|
return msg;
|
}
|
// 疆外日期判断
|
Date now = new Date();
|
if (user.getDeadline() != null) {
|
if (user.getDeadline().before(now)){
|
// 当前已经疆外用户已经超期使用 需要缴费
|
msg.setCode("200");
|
msg.setMessage("疆外用户已过期,请及时联系续期");
|
msg.setResult(new SingletonMap<>("deadline",user.getDeadline()));
|
return msg;
|
}
|
|
}
|
|
|
//Call login interface
|
String rs = HttpRequest.post( host + "/oauth/token")
|
.setConnectionTimeout(10000)
|
.setReadTimeout(10000)
|
.header("Authorization", "Basic dWFhLXNlcnZpY2U6MTIzNDU2")
|
.form(Dict.create()
|
.set("username", username)
|
.set("password", password)
|
.set("grant_type", "password")
|
.set("auth_type", "")
|
).execute().body();
|
Map map = JSON.parseObject(rs, Map.class);
|
Object access_token = map.get("access_token");
|
//Verify that the access_token is empty
|
if (ObjectUtil.isNull(access_token)) {
|
msg.setCode("103");
|
msg.setMessage("密码不正确");
|
return msg;
|
}
|
user.setToken("Bearer "+access_token);
|
//add redis
|
String token_key = StrUtil.format(RedisKeyEnum.AUTH_TOKEN.getKey(), map.get("jti"));
|
redisService.set(token_key, user, 60L*60L*18L);
|
|
user.setTokenexpired(60L*60L*18L);
|
/** 登录成功刷新用户 */
|
List<OauthRole> roleByUser = userService.selectRoleByUser(1);
|
if (null != user.getType()&& user.getType() == 1){
|
OauthRole oauthRole = new OauthRole("","超级管理员","super_admin","");
|
roleByUser.add(oauthRole);
|
user.setRoles(roleByUser);
|
}else {
|
roleByUser = userService.selectRoleByUser(user.getId().intValue());
|
user.setRoles(roleByUser);
|
}
|
user.setPassword(null);
|
msg.setResult(user);
|
} catch (Exception e) {
|
e.printStackTrace();
|
msg.setCode("102");
|
msg.setMessage("登录失败请稍后重试");
|
}
|
return msg;
|
}
|
|
@PostMapping("/salelogin")
|
@ApiOperation(value = "销售端登录授权", notes = "登录授权接口,获取token")
|
public Msg Salelogin(@ApiParam(value = "username,password") @RequestBody JSONObject jsonParam) {
|
String username = jsonParam.getString("username");
|
String password = jsonParam.getString("password");
|
|
Msg msg = new Msg();
|
msg.setCode("200");
|
msg.setMessage("success");
|
try {
|
//query user
|
UserVo user = userService.selectUserVoByName(username);
|
if (null == user) {
|
msg.setCode("100");
|
msg.setMessage("用户不存在");
|
return msg;
|
}
|
|
if (user.getIssale() == 0) {
|
msg.setCode("100");
|
msg.setMessage("用户不存在");
|
return msg;
|
}
|
|
if (user.getStatus()!=null && user.getStatus() != 1){
|
msg.setCode("100");
|
msg.setMessage("用户已失效");
|
return msg;
|
}
|
|
if (user.getExpiredate() != null && user.getExpiredate().getTime() < System.currentTimeMillis()){
|
msg.setCode("100");
|
msg.setMessage("用户已失效");
|
return msg;
|
}
|
|
// 疆外日期判断
|
Date now = new Date();
|
if (user.getDeadline() != null) {
|
if (user.getDeadline().before(now)) {
|
// 当前已经疆外用户已经超期使用 需要缴费
|
msg.setCode("166");
|
msg.setMessage("疆外用户已过期,请及时联系续期");
|
return msg;
|
}
|
|
}
|
//Call login interface
|
String rs = HttpRequest.post( host + "/oauth/token")
|
.setConnectionTimeout(10000)
|
.setReadTimeout(10000)
|
.header("Authorization", "Basic dWFhLXNlcnZpY2U6MTIzNDU2")
|
.form(Dict.create()
|
.set("username", username)
|
.set("password", password)
|
.set("grant_type", "password")
|
.set("auth_type", "")
|
).execute().body();
|
Map map = JSON.parseObject(rs, Map.class);
|
Object access_token = map.get("access_token");
|
//Verify that the access_token is empty
|
if (ObjectUtil.isNull(access_token)) {
|
msg.setCode("103");
|
msg.setMessage("密码不正确");
|
return msg;
|
}
|
user.setToken("Bearer "+access_token);
|
//add redis
|
String token_key = StrUtil.format(RedisKeyEnum.AUTH_TOKEN.getKey(), map.get("jti"));
|
redisService.set(token_key, user, 60L*60L*18L);
|
user.setTokenexpired(60L*60L*18L);
|
user.setPassword(null);
|
msg.setResult(user);
|
} catch (Exception e) {
|
msg.setCode("102");
|
msg.setMessage("登录失败请稍后重试");
|
}
|
return msg;
|
}
|
|
@GetMapping("/verify")
|
@ApiOperation(value = "登录验证", notes = "登录验证:flag【true 成功】,【false 失败】", response = Msg.class)
|
public Msg verifyLogin(@ApiIgnore HttpServletRequest request) {
|
Msg msg = new Msg();
|
msg.setCode("200");
|
UserVo userVo = new UserVo();
|
String token = request.getHeader(HttpHeaders.AUTHORIZATION);
|
//解析token
|
Claims claims = CommonUtil.parseJWT(token);
|
if (null != claims){
|
String tokenKey = StrUtil.format(RedisKeyEnum.AUTH_TOKEN.getKey(), claims.getId());
|
Object userInfo = redisService.get(tokenKey);
|
if (null != userInfo){
|
Map map = JSON.parseObject(userInfo.toString(), Map.class);
|
|
userVo = userService.selectUserVoByName(map.get("username").toString());
|
if (null == userVo) {
|
msg.setCode("100");
|
msg.setMessage("用户不存在");
|
return msg;
|
}
|
|
if (userVo.getIssale() == 1){
|
if (userVo.getStatus()!=null && userVo.getStatus() != 1){
|
msg.setCode("100");
|
msg.setMessage("用户已失效");
|
return msg;
|
}
|
|
if (userVo.getExpiredate() != null && userVo.getExpiredate().getTime() < System.currentTimeMillis()){
|
msg.setCode("100");
|
msg.setMessage("用户已失效");
|
return msg;
|
}
|
|
Object loginObj = map.get("logintime");
|
Object authObj = map.get("auth");
|
if (loginObj != null && authObj != null){
|
//通过auth查询授权码最后登录时间
|
AuthorizationInfo authInfo = authorizationService.selectByUser(userVo.getCompanynumber(),authObj.toString());
|
if (authInfo == null){
|
msg.setCode("100");
|
msg.setMessage("授权码无效");
|
return msg;
|
}
|
|
if (authInfo.getLasttime().getTime() > Long.parseLong(loginObj.toString())){
|
redisService.set(tokenKey, userInfo, 0L);
|
msg.setCode("100");
|
msg.setMessage("登录失效,请重新登录");
|
return msg;
|
}
|
}
|
userVo.setAuth(map.get("auth").toString());
|
}
|
else {
|
/** 登录成功刷新用户 */
|
List<OauthRole> roleByUser = userService.selectRoleByUser(1);
|
if (null != userVo.getType()&& userVo.getType() == 1){
|
OauthRole oauthRole = new OauthRole("","超级管理员","super_admin","");
|
roleByUser.add(oauthRole);
|
userVo.setRoles(roleByUser);
|
}else {
|
roleByUser = userService.selectRoleByUser(userVo.getId().intValue());
|
userVo.setRoles(roleByUser);
|
}
|
}
|
userVo.setToken(map.get("token").toString());
|
userVo.setTokenexpired(60L*60L*18L);
|
userVo.setPassword(null);
|
//更新登录超时时间
|
redisService.set(tokenKey, userInfo, 60L*60L*18L);
|
}else {
|
msg.setCode("100");
|
msg.setMessage("登录失效,请重新登录");
|
return msg;
|
}
|
}
|
msg.setResult(userVo);
|
return msg;
|
}
|
|
/**
|
* logout
|
*
|
* @return
|
*/
|
@PostMapping("/logout")
|
@ApiOperation(value = "退出登录", notes = "退出登录接口", produces = "application/json", response = Msg.class)
|
public Msg logout(@ApiIgnore HttpServletRequest request) {
|
Msg msg = new Msg();
|
msg.setCode("200");
|
msg.setMessage("success");
|
/** 解析token */
|
String header = request.getHeader(HttpHeaders.AUTHORIZATION);
|
if (header != null && !header.equals("undefined")) {
|
Claims claims = CommonUtil.parseJWT(header);
|
Optional.ofNullable(claims).ifPresent(cl -> {
|
String token_key = "auth:token:" + cl.getId();
|
redisService.remove(token_key);
|
});
|
}
|
return msg;
|
}
|
|
@PostMapping("/saleauthlogin")
|
@JsonParams
|
@ApiOperation(value = "销售端授权码登录授权", notes = "登录授权接口,获取token")
|
public Msg SaleAuthlogin(@ApiParam(value = "username,password,authcode") @RequestParam String encryptStr) {
|
// System.out.println("BASE64明文: "+encryptStr);
|
String jsonStr = new String(Base64.getDecoder().decode(encryptStr), StandardCharsets.UTF_8);
|
// System.out.println("解密后参数: "+jsonStr);
|
JSONObject jsonParam = JSON.parseObject(jsonStr);
|
String username = jsonParam.getString("username");
|
String password = jsonParam.getString("password");
|
String auth = jsonParam.getString("authcode");
|
|
// System.out.println("name: "+username+" ,pwd: "+password+" ,auth:"+auth);
|
|
Msg msg = new Msg();
|
msg.setCode("200");
|
msg.setMessage("success");
|
try {
|
//query user
|
UserVo user = userService.selectUserVoByName(username);
|
if (null == user) {
|
msg.setCode("100");
|
msg.setMessage("用户不存在");
|
return msg;
|
}
|
|
if (user.getIssale() == 0) {
|
msg.setCode("100");
|
msg.setMessage("用户不存在");
|
return msg;
|
}
|
|
if (user.getStatus()!=null && user.getStatus() != 1){
|
msg.setCode("100");
|
msg.setMessage("用户已失效");
|
return msg;
|
}
|
|
if (user.getExpiredate() == null ||(user.getExpiredate() != null && user.getExpiredate().getTime() < System.currentTimeMillis())){
|
msg.setCode("100");
|
msg.setMessage("用户已失效");
|
return msg;
|
}
|
|
// 疆外日期判断
|
Date now = new Date();
|
if (user.getDeadline() != null) {
|
if (user.getDeadline().before(now)) {
|
// 当前已经疆外用户已经超期使用 需要缴费
|
msg.setCode("166");
|
msg.setMessage("疆外用户已过期,请及时联系续期");
|
return msg;
|
}
|
|
}
|
|
//验证auth是否存在
|
AuthorizationInfo authInfo = authorizationService.selectByUser(user.getCompanynumber(),auth);
|
if (authInfo == null){
|
msg.setCode("100");
|
msg.setMessage("授权码无效");
|
return msg;
|
}
|
|
Date logintime = new Date();
|
//Call login interface
|
String rs = HttpRequest.post( host + "/oauth/token")
|
.setConnectionTimeout(10000)
|
.setReadTimeout(10000)
|
.header("Authorization", "Basic dWFhLXNlcnZpY2U6MTIzNDU2")
|
.form(Dict.create()
|
.set("username", username)
|
.set("password", password)
|
.set("auth", auth)
|
.set("grant_type", "password")
|
.set("auth_type", "")
|
)
|
.execute()
|
.body();
|
Map map = JSON.parseObject(rs, Map.class);
|
Object access_token = map.get("access_token");
|
//Verify that the access_token is empty
|
if (ObjectUtil.isNull(access_token)) {
|
msg.setCode("103");
|
msg.setMessage("密码不正确");
|
return msg;
|
}
|
user.setToken("Bearer "+access_token);
|
user.setAuth(auth);
|
user.setLogintime(logintime.getTime());
|
//add redis
|
String token_key = StrUtil.format(RedisKeyEnum.AUTH_TOKEN.getKey(), map.get("jti"));
|
redisService.set(token_key, user, 60L*60L*18L);
|
user.setTokenexpired(60L*60L*18L);
|
user.setPassword(null);
|
msg.setResult(user);
|
|
//更新auth最后登录时间
|
authInfo.setLasttime(logintime);
|
authorizationService.updateById(authInfo);
|
} catch (Exception e) {
|
msg.setCode("102");
|
msg.setMessage("登录失败请稍后重试");
|
}
|
return msg;
|
}
|
|
|
}
|