package com.gk.hotwork.Controller; import cn.hutool.core.lang.Dict; import cn.hutool.core.util.ObjectUtil; import cn.hutool.core.util.StrUtil; import cn.hutool.http.HttpRequest; import com.alibaba.fastjson.JSON; import com.alibaba.fastjson.JSONObject; import com.gk.hotwork.Config.Oauth2.IRedisService; import com.gk.hotwork.Config.Oauth2.OauthRole; import com.gk.hotwork.Config.Oauth2.RedisKeyEnum; import com.gk.hotwork.Domain.AuthorizationInfo; import com.gk.hotwork.Domain.ExamScoreInfo; import com.gk.hotwork.Domain.Exception.BusinessException; import com.gk.hotwork.Domain.UserFace; import com.gk.hotwork.Domain.UserInfo; import com.gk.hotwork.Domain.Utils.CommonUtil; import com.gk.hotwork.Domain.Utils.Msg; import com.gk.hotwork.Domain.Vo.ExamScoreVo; import com.gk.hotwork.Domain.Vo.UserVo; import com.gk.hotwork.Service.*; import com.google.common.net.HttpHeaders; import io.jsonwebtoken.Claims; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.web.bind.annotation.*; import springfox.documentation.annotations.ApiIgnore; import javax.servlet.http.HttpServletRequest; import java.util.*; @Api(tags = "登录登出接口") @RequestMapping("/auth") @RestController public class LoginController { @Autowired IRedisService redisService; @Autowired UserService userService; @Autowired AuthorizationService authorizationService; @Autowired RoleService roleService; @Autowired ExamScoreService examScoreService; @Autowired UserFaceService userFaceService; @Value("${host}") private String host; @Value("${workname}") private String workname; /** * login produces = "application/json" * * @param jsonParam {"username":"用户名","password":"密码"} * @return User */ @PostMapping("/login") @ApiOperation(value = "管理端登录授权", notes = "登录授权接口,获取token") public Msg login(@ApiParam(value = "username,password") @RequestBody JSONObject jsonParam) { String username = jsonParam.getString("username"); String password = jsonParam.getString("password"); Msg msg = new Msg(); msg.setCode("200"); msg.setMessage("success"); try { //query user UserVo user = userService.selectUserVoByName(workname,username); if (null == user) { msg.setCode("100"); msg.setMessage("用户不存在"); return msg; } //Call login interface String rs = HttpRequest.post( host + "/oauth/token") .setConnectionTimeout(10000) .setReadTimeout(10000) .header("Authorization", "Basic dWFhLXNlcnZpY2U6MTIzNDU2") .form(Dict.create() .set("username", username) .set("password", password) .set("grant_type", "password") .set("auth_type", "") ).execute().body(); Map map = JSON.parseObject(rs, Map.class); Object access_token = map.get("access_token"); //Verify that the access_token is empty if (ObjectUtil.isNull(access_token)) { msg.setCode("103"); msg.setMessage("密码不正确"); return msg; } user.setToken("Bearer "+access_token); //add redis String token_key = StrUtil.format(RedisKeyEnum.AUTH_TOKEN.getKey(), map.get("jti")); redisService.set(token_key, user, 60L*60L*18L); user.setTokenexpired(60L*60L*18L); /** 登录成功刷新用户 */ List roleByUser = roleService.selectOauthRoleByUser(1); if (null != user.getType()&& user.getType() == 1){ OauthRole oauthRole = new OauthRole("","超级管理员","super_admin",""); roleByUser.add(oauthRole); user.setRoles(roleByUser); }else { roleByUser = roleService.selectOauthRoleByUser(user.getId().intValue()); user.setRoles(roleByUser); } List exam = examScoreService.selectByAll(user.getUsername()); user.setExam(exam); user.setPassword(null); UserFace userFace = userFaceService.selectByUserId(user.getId()); if (userFace != null) user.setCode(userFace.getCode()); msg.setResult(user); } catch (Exception e) { e.printStackTrace(); msg.setCode("102"); msg.setMessage("登录失败请稍后重试"); } return msg; } @GetMapping("/verify") @ApiOperation(value = "登录验证", notes = "登录验证:flag【true 成功】,【false 失败】", response = Msg.class) public Msg verifyLogin(@ApiIgnore HttpServletRequest request) { Msg msg = new Msg(); msg.setCode("200"); UserVo userVo = new UserVo(); String token = request.getHeader(HttpHeaders.AUTHORIZATION); //解析token Claims claims = CommonUtil.parseJWT(token); if (null != claims){ String tokenKey = StrUtil.format(RedisKeyEnum.AUTH_TOKEN.getKey(), claims.getId()); Object userInfo = redisService.get(tokenKey); if (null != userInfo){ Map map = JSON.parseObject(userInfo.toString(), Map.class); userVo = userService.selectUserVoByName(workname,map.get("username").toString()); if (null == userVo) { msg.setCode("100"); msg.setMessage("用户不存在"); return msg; } /** 登录成功刷新用户 */ List roleByUser = roleService.selectOauthRoleByUser(1); if (null != userVo.getType()&& userVo.getType() == 1){ OauthRole oauthRole = new OauthRole("","超级管理员","super_admin",""); roleByUser.add(oauthRole); userVo.setRoles(roleByUser); }else { roleByUser = roleService.selectOauthRoleByUser(userVo.getId().intValue()); userVo.setRoles(roleByUser); } List exam = examScoreService.selectByAll(userVo.getUsername()); userVo.setExam(exam); userVo.setToken(map.get("token").toString()); userVo.setTokenexpired(60L*60L*18L); userVo.setPassword(null); //更新登录超时时间 redisService.set(tokenKey, userInfo, 60L*60L*18L); }else { msg.setCode("100"); msg.setMessage("登录失效,请重新登录"); return msg; } } msg.setResult(userVo); return msg; } /** * logout * * @return */ @PostMapping("/logout") @ApiOperation(value = "退出登录", notes = "退出登录接口", produces = "application/json", response = Msg.class) public Msg logout(@ApiIgnore HttpServletRequest request) { Msg msg = new Msg(); msg.setCode("200"); msg.setMessage("success"); /** 解析token */ String header = request.getHeader(HttpHeaders.AUTHORIZATION); if (header != null && !header.equals("undefined")) { Claims claims = CommonUtil.parseJWT(header); Optional.ofNullable(claims).ifPresent(cl -> { String token_key = "auth:token:" + cl.getId(); redisService.remove(token_key); }); } return msg; } @PostMapping("/user-face") Msg userInfo(@RequestBody JSONObject userInfo) { Msg msg = new Msg(); msg.setCode("200"); try { Long userId = userInfo.getLong("userId"); String code = userInfo.getString("code"); userFaceService.copeWith(userId, code); } catch (BusinessException e) { msg.setCode("102"); msg.setMessage(e.getMessage()); } catch (Exception e) { msg.setCode("102"); msg.setMessage("操作失败"); } return msg; } }