FireworkServer.git

对比新文件
			@@ -0,0 +1,442 @@
			package com.gk.firework.Controller;

			import cn.hutool.core.lang.Dict;
			import cn.hutool.core.util.ObjectUtil;
			import cn.hutool.core.util.StrUtil;
			import cn.hutool.http.HttpRequest;
			import com.alibaba.fastjson.JSON;
			import com.alibaba.fastjson.JSONObject;
			import com.gk.firework.Config.Oauth2.IRedisService;
			import com.gk.firework.Config.Oauth2.OauthRole;
			import com.gk.firework.Config.Oauth2.RedisKeyEnum;
			import com.gk.firework.Domain.AuthorizationInfo;
			import com.gk.firework.Domain.Log.JsonParams;
			import com.gk.firework.Domain.Utils.CommonUtil;
			import com.gk.firework.Domain.Utils.Msg;
			import com.gk.firework.Domain.Utils.StringUtils;
			import com.gk.firework.Domain.Vo.UserVo;
			import com.gk.firework.Service.AuthorizationService;
			import com.gk.firework.Service.EnterpriseService;
			import com.gk.firework.Service.UserService;
			import com.google.common.base.Strings;
			import com.google.common.net.HttpHeaders;
			import io.jsonwebtoken.Claims;
			import io.swagger.annotations.Api;
			import io.swagger.annotations.ApiOperation;
			import io.swagger.annotations.ApiParam;
			import org.apache.commons.collections4.map.SingletonMap;
			import org.springframework.beans.factory.annotation.Autowired;
			import org.springframework.beans.factory.annotation.Value;
			import org.springframework.web.bind.annotation.*;
			import springfox.documentation.annotations.ApiIgnore;

			import javax.servlet.http.HttpServletRequest;
			import java.nio.charset.StandardCharsets;
			import java.util.*;

			@Api(tags = "登录登出接口")
			@RequestMapping("/auth")
			@RestController
			public class LoginController {
			@Autowired
			IRedisService redisService;
			@Autowired
			UserService userService;
			@Autowired
			AuthorizationService authorizationService;
			@Autowired
			EnterpriseService enterpriseService;
			@Value("${host}")
			private String host;
			/**
			* login produces = "application/json"
			*
			* @param jsonParam {"username":"用户名","password":"密码"}
			* @return User
			*/
			@PostMapping("/login")
			@JsonParams
			@ApiOperation(value = "管理端登录授权", notes = "登录授权接口，获取token")
			public Msg login(@ApiParam(value = "username,password") @RequestParam String encryptStr) {
			String jsonStr = new String(Base64.getDecoder().decode(encryptStr), StandardCharsets.UTF_8);
			JSONObject jsonParam = JSON.parseObject(jsonStr);

			String username = jsonParam.getString("username");
			String password = jsonParam.getString("password");

			Msg msg = new Msg();
			msg.setCode("200");
			msg.setMessage("success");
			try {
			//query user
			UserVo user = userService.selectUserVoByName(username);
			if (null == user) {
			msg.setCode("100");
			msg.setMessage("用户不存在");
			return msg;
			}

			if (user.getIssale() == 1) {
			msg.setCode("100");
			msg.setMessage("用户不存在");
			return msg;
			}

			if (StringUtils.isNotBlank(user.getCompanynumber()) && enterpriseService.isLogOut(user.getCompanynumber())) {
			msg.setCode("166");
			msg.setMessage("用户已注销");
			return msg;
			}
			// 疆外日期判断
			Date now = new Date();
			if (user.getDeadline() != null) {
			if (user.getDeadline().before(now)){
			// 当前已经疆外用户已经超期使用需要缴费
			msg.setCode("200");
			msg.setMessage("疆外用户已过期，请及时联系续期");
			msg.setResult(new SingletonMap<>("deadline",user.getDeadline()));
			return msg;
			}

			}


			//Call login interface
			String rs = HttpRequest.post( host + "/oauth/token")
			.setConnectionTimeout(10000)
			.setReadTimeout(10000)
			.header("Authorization", "Basic dWFhLXNlcnZpY2U6MTIzNDU2")
			.form(Dict.create()
			.set("username", username)
			.set("password", password)
			.set("grant_type", "password")
			.set("auth_type", "")
			).execute().body();
			Map map = JSON.parseObject(rs, Map.class);
			Object access_token = map.get("access_token");
			//Verify that the access_token is empty
			if (ObjectUtil.isNull(access_token)) {
			msg.setCode("103");
			msg.setMessage("密码不正确");
			return msg;
			}
			user.setToken("Bearer "+access_token);
			//add redis
			String token_key = StrUtil.format(RedisKeyEnum.AUTH_TOKEN.getKey(), map.get("jti"));
			redisService.set(token_key, user, 60L60L18L);

			user.setTokenexpired(60L60L18L);
			/** 登录成功刷新用户 */
			List<OauthRole> roleByUser = userService.selectRoleByUser(1);
			if (null != user.getType()&& user.getType() == 1){
			OauthRole oauthRole = new OauthRole("","超级管理员","super_admin","");
			roleByUser.add(oauthRole);
			user.setRoles(roleByUser);
			}else {
			roleByUser = userService.selectRoleByUser(user.getId().intValue());
			user.setRoles(roleByUser);
			}
			user.setPassword(null);
			msg.setResult(user);
			} catch (Exception e) {
			e.printStackTrace();
			msg.setCode("102");
			msg.setMessage("登录失败请稍后重试");
			}
			return msg;
			}

			@PostMapping("/salelogin")
			@ApiOperation(value = "销售端登录授权", notes = "登录授权接口，获取token")
			public Msg Salelogin(@ApiParam(value = "username,password") @RequestBody JSONObject jsonParam) {
			String username = jsonParam.getString("username");
			String password = jsonParam.getString("password");

			Msg msg = new Msg();
			msg.setCode("200");
			msg.setMessage("success");
			try {
			//query user
			UserVo user = userService.selectUserVoByName(username);
			if (null == user) {
			msg.setCode("100");
			msg.setMessage("用户不存在");
			return msg;
			}

			if (user.getIssale() == 0) {
			msg.setCode("100");
			msg.setMessage("用户不存在");
			return msg;
			}

			if (user.getStatus()!=null && user.getStatus() != 1){
			msg.setCode("100");
			msg.setMessage("用户已失效");
			return msg;
			}

			if (user.getExpiredate() != null && user.getExpiredate().getTime() < System.currentTimeMillis()){
			msg.setCode("100");
			msg.setMessage("用户已失效");
			return msg;
			}

			// 疆外日期判断
			Date now = new Date();
			if (user.getDeadline() != null) {
			if (user.getDeadline().before(now)) {
			// 当前已经疆外用户已经超期使用需要缴费
			msg.setCode("166");
			msg.setMessage("疆外用户已过期，请及时联系续期");
			return msg;
			}

			}
			//Call login interface
			String rs = HttpRequest.post( host + "/oauth/token")
			.setConnectionTimeout(10000)
			.setReadTimeout(10000)
			.header("Authorization", "Basic dWFhLXNlcnZpY2U6MTIzNDU2")
			.form(Dict.create()
			.set("username", username)
			.set("password", password)
			.set("grant_type", "password")
			.set("auth_type", "")
			).execute().body();
			Map map = JSON.parseObject(rs, Map.class);
			Object access_token = map.get("access_token");
			//Verify that the access_token is empty
			if (ObjectUtil.isNull(access_token)) {
			msg.setCode("103");
			msg.setMessage("密码不正确");
			return msg;
			}
			user.setToken("Bearer "+access_token);
			//add redis
			String token_key = StrUtil.format(RedisKeyEnum.AUTH_TOKEN.getKey(), map.get("jti"));
			redisService.set(token_key, user, 60L60L18L);
			user.setTokenexpired(60L60L18L);
			user.setPassword(null);
			msg.setResult(user);
			} catch (Exception e) {
			msg.setCode("102");
			msg.setMessage("登录失败请稍后重试");
			}
			return msg;
			}

			@GetMapping("/verify")
			@ApiOperation(value = "登录验证", notes = "登录验证：flag【true 成功】，【false 失败】", response = Msg.class)
			public Msg verifyLogin(@ApiIgnore HttpServletRequest request) {
			Msg msg = new Msg();
			msg.setCode("200");
			UserVo userVo = new UserVo();
			String token = request.getHeader(HttpHeaders.AUTHORIZATION);
			//解析token
			Claims claims = CommonUtil.parseJWT(token);
			if (null != claims){
			String tokenKey = StrUtil.format(RedisKeyEnum.AUTH_TOKEN.getKey(), claims.getId());
			Object userInfo = redisService.get(tokenKey);
			if (null != userInfo){
			Map map = JSON.parseObject(userInfo.toString(), Map.class);

			userVo = userService.selectUserVoByName(map.get("username").toString());
			if (null == userVo) {
			msg.setCode("100");
			msg.setMessage("用户不存在");
			return msg;
			}

			if (userVo.getIssale() == 1){
			if (userVo.getStatus()!=null && userVo.getStatus() != 1){
			msg.setCode("100");
			msg.setMessage("用户已失效");
			return msg;
			}

			if (userVo.getExpiredate() != null && userVo.getExpiredate().getTime() < System.currentTimeMillis()){
			msg.setCode("100");
			msg.setMessage("用户已失效");
			return msg;
			}

			Object loginObj = map.get("logintime");
			Object authObj = map.get("auth");
			if (loginObj != null && authObj != null){
			//通过auth查询授权码最后登录时间
			AuthorizationInfo authInfo = authorizationService.selectByUser(userVo.getCompanynumber(),authObj.toString());
			if (authInfo == null){
			msg.setCode("100");
			msg.setMessage("授权码无效");
			return msg;
			}

			if (authInfo.getLasttime().getTime() > Long.parseLong(loginObj.toString())){
			redisService.set(tokenKey, userInfo, 0L);
			msg.setCode("100");
			msg.setMessage("登录失效,请重新登录");
			return msg;
			}
			}
			userVo.setAuth(map.get("auth").toString());
			}
			else {
			/** 登录成功刷新用户 */
			List<OauthRole> roleByUser = userService.selectRoleByUser(1);
			if (null != userVo.getType()&& userVo.getType() == 1){
			OauthRole oauthRole = new OauthRole("","超级管理员","super_admin","");
			roleByUser.add(oauthRole);
			userVo.setRoles(roleByUser);
			}else {
			roleByUser = userService.selectRoleByUser(userVo.getId().intValue());
			userVo.setRoles(roleByUser);
			}
			}
			userVo.setToken(map.get("token").toString());
			userVo.setTokenexpired(60L60L18L);
			userVo.setPassword(null);
			//更新登录超时时间
			redisService.set(tokenKey, userInfo, 60L60L18L);
			}else {
			msg.setCode("100");
			msg.setMessage("登录失效,请重新登录");
			return msg;
			}
			}
			msg.setResult(userVo);
			return msg;
			}

			/**
			* logout
			*
			* @return
			*/
			@PostMapping("/logout")
			@ApiOperation(value = "退出登录", notes = "退出登录接口", produces = "application/json", response = Msg.class)
			public Msg logout(@ApiIgnore HttpServletRequest request) {
			Msg msg = new Msg();
			msg.setCode("200");
			msg.setMessage("success");
			/** 解析token */
			String header = request.getHeader(HttpHeaders.AUTHORIZATION);
			if (header != null && !header.equals("undefined")) {
			Claims claims = CommonUtil.parseJWT(header);
			Optional.ofNullable(claims).ifPresent(cl -> {
			String token_key = "auth:token:" + cl.getId();
			redisService.remove(token_key);
			});
			}
			return msg;
			}

			@PostMapping("/saleauthlogin")
			@JsonParams
			@ApiOperation(value = "销售端授权码登录授权", notes = "登录授权接口，获取token")
			public Msg SaleAuthlogin(@ApiParam(value = "username,password,authcode") @RequestParam String encryptStr) {
			// System.out.println("BASE64明文: "+encryptStr);
			String jsonStr = new String(Base64.getDecoder().decode(encryptStr), StandardCharsets.UTF_8);
			// System.out.println("解密后参数: "+jsonStr);
			JSONObject jsonParam = JSON.parseObject(jsonStr);
			String username = jsonParam.getString("username");
			String password = jsonParam.getString("password");
			String auth = jsonParam.getString("authcode");

			// System.out.println("name: "+username+" ,pwd： "+password+" ,auth："+auth);

			Msg msg = new Msg();
			msg.setCode("200");
			msg.setMessage("success");
			try {
			//query user
			UserVo user = userService.selectUserVoByName(username);
			if (null == user) {
			msg.setCode("100");
			msg.setMessage("用户不存在");
			return msg;
			}

			if (user.getIssale() == 0) {
			msg.setCode("100");
			msg.setMessage("用户不存在");
			return msg;
			}

			if (user.getStatus()!=null && user.getStatus() != 1){
			msg.setCode("100");
			msg.setMessage("用户已失效");
			return msg;
			}

			if (user.getExpiredate() == null \|\|(user.getExpiredate() != null && user.getExpiredate().getTime() < System.currentTimeMillis())){
			msg.setCode("100");
			msg.setMessage("用户已失效");
			return msg;
			}

			// 疆外日期判断
			Date now = new Date();
			if (user.getDeadline() != null) {
			if (user.getDeadline().before(now)) {
			// 当前已经疆外用户已经超期使用需要缴费
			msg.setCode("166");
			msg.setMessage("疆外用户已过期，请及时联系续期");
			return msg;
			}

			}

			//验证auth是否存在
			AuthorizationInfo authInfo = authorizationService.selectByUser(user.getCompanynumber(),auth);
			if (authInfo == null){
			msg.setCode("100");
			msg.setMessage("授权码无效");
			return msg;
			}

			Date logintime = new Date();
			//Call login interface
			String rs = HttpRequest.post( host + "/oauth/token")
			.setConnectionTimeout(10000)
			.setReadTimeout(10000)
			.header("Authorization", "Basic dWFhLXNlcnZpY2U6MTIzNDU2")
			.form(Dict.create()
			.set("username", username)
			.set("password", password)
			.set("auth", auth)
			.set("grant_type", "password")
			.set("auth_type", "")
			)
			.execute()
			.body();
			Map map = JSON.parseObject(rs, Map.class);
			Object access_token = map.get("access_token");
			//Verify that the access_token is empty
			if (ObjectUtil.isNull(access_token)) {
			msg.setCode("103");
			msg.setMessage("密码不正确");
			return msg;
			}
			user.setToken("Bearer "+access_token);
			user.setAuth(auth);
			user.setLogintime(logintime.getTime());
			//add redis
			String token_key = StrUtil.format(RedisKeyEnum.AUTH_TOKEN.getKey(), map.get("jti"));
			redisService.set(token_key, user, 60L60L18L);
			user.setTokenexpired(60L60L18L);
			user.setPassword(null);
			msg.setResult(user);

			//更新auth最后登录时间
			authInfo.setLasttime(logintime);
			authorizationService.updateById(authInfo);
			} catch (Exception e) {
			msg.setCode("102");
			msg.setMessage("登录失败请稍后重试");
			}
			return msg;
			}


			}