package com.glxp.api.controller.auth; import cn.hutool.core.util.StrUtil; import com.glxp.api.annotation.AuthRuleAnnotation; import com.glxp.api.constant.Constant; import com.glxp.api.controller.BaseController; import com.glxp.api.dao.auth.AuthLicenseDao; import com.glxp.api.entity.auth.*; import com.glxp.api.entity.system.CompanyEntity; import com.glxp.api.entity.system.DeviceKeyEntity; import com.glxp.api.exception.JsonException; import com.glxp.api.req.auth.LoginRequest; import com.glxp.api.req.auth.PCLoginRequest; import com.glxp.api.req.auth.UpdatePasswordRequest; import com.glxp.api.res.auth.LoginResponse; import com.glxp.api.res.auth.LoginUserInfoResponse; import com.glxp.api.service.system.CompanyService; import com.glxp.api.service.monitor.LogininforService; import com.glxp.api.common.enums.ResultEnum; import com.glxp.api.common.res.BaseResponse; import com.glxp.api.common.util.ResultVOUtils; import com.glxp.api.service.auth.*; import com.glxp.api.util.*; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.BeanUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.validation.BindingResult; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RestController; import javax.annotation.Resource; import javax.servlet.http.HttpServletRequest; import javax.validation.Valid; import java.util.*; /** * 登录相关 */ @RestController @Slf4j public class LoginController extends BaseController { @Autowired private AuthLoginService authLoginService; @Autowired private AuthAdminService authAdminService; @Resource private LogininforService logininforService; @Resource private AuthCheckService authCheckService; @Resource DeviceKeyService deviceKeyService; @Resource SysPermissionService sysPermissionService; @Resource private CompanyService companyService; @Resource private AuthLicenseDao authLicenseDao; /** * 用户登录 * * @return */ @PostMapping(value = "/login") public BaseResponse index(@RequestBody @Valid LoginRequest loginRequest, BindingResult bindingResult, HttpServletRequest request) { if (bindingResult.hasErrors()) { return ResultVOUtils.error(ResultEnum.PARAM_VERIFY_FALL, bindingResult.getFieldError().getDefaultMessage()); } AuthAdmin authAdmin = authAdminService.findByUserName(loginRequest.getUsername()); if (authAdmin == null) { throw new JsonException(ResultEnum.DATA_NOT, "用户名或密码错误"); } if (!PasswordUtils.authAdminPwd(loginRequest.getPassword()).equals(authAdmin.getPassWord())) { throw new JsonException(ResultEnum.DATA_NOT, "用户名或密码错误"); } if (authAdmin.getUserFlag() == 0) { throw new JsonException(ResultEnum.DATA_NOT, "该用户已被禁用!"); } if (StrUtil.isNotEmpty(loginRequest.getImei())) { DeviceKeyEntity deviceKeyEntity = deviceKeyService.findDeviceByImei(loginRequest.getImei()); if (deviceKeyEntity == null) { return ResultVOUtils.error(410, "该设备未注册"); } else if (deviceKeyEntity.getIsCheck() == 0) { return ResultVOUtils.error(411, "该设备登记审核中,请等待,或联系管理员"); } else if (deviceKeyEntity.getIsCheck() == 2) { return ResultVOUtils.error(412, "该设备被拒绝登录,请联系管理员!"); } } // 更新登录状态 AuthAdmin authAdminUp = new AuthAdmin(); authAdminUp.setId(authAdmin.getId()); authAdminUp.setLastLoginTime(new Date()); authAdminUp.setLastLoginIp(IpUtils.getIpAddr(request)); authAdminService.updateAuthAdmin(authAdminUp); // 登录成功后获取权限,这里面会设置到缓存 authLoginService.listRuleByAdminId(authAdmin.getId()); Map claims = new HashMap<>(); claims.put("admin_id", authAdmin.getId()); String token = JwtUtils.createToken(claims, 86400L); // 一天后过期 Map map = new HashMap<>(); map.put("id", authAdmin.getId()); map.put("token", token); map.put("time", DateUtil.getDateTime()); LoginResponse loginResponse = new LoginResponse(); loginResponse.setId(authAdmin.getId() + ""); loginResponse.setToken(token); loginResponse.setDept(authAdmin.getDept()); loginResponse.setDeptName(authAdmin.getDeptName()); logininforService.recordLogininfor(authAdmin.getEmployeeName(), Constant.LOGIN_SUCCESS, "登录成功!", request); return ResultVOUtils.success(loginResponse); } /** * 用户登录 * * @return */ @PostMapping(value = "/pc/login") public BaseResponse pcLogin(@RequestBody @Valid PCLoginRequest loginRequest, BindingResult bindingResult, HttpServletRequest request) { if (bindingResult.hasErrors()) { return ResultVOUtils.error(ResultEnum.PARAM_VERIFY_FALL, bindingResult.getFieldError().getDefaultMessage()); } AuthCheckEntity authCheckEntity = authCheckService.findByMachine(loginRequest.getMachineInfo()); if (authCheckEntity == null) { authCheckEntity = new AuthCheckEntity(); authCheckEntity.setMachineInfo(loginRequest.getMachineInfo().trim()); authCheckEntity.setCreateDate(new Date()); authCheckService.insertDevices(authCheckEntity); throw new JsonException(ResultEnum.DATA_NOT, "该软件未注册!请联系管理员"); } else { if (authCheckEntity.getRegisterCode() == null) { throw new JsonException(ResultEnum.DATA_NOT, "该软件未注册!请联系管理员"); } else { try { String data = RsaUtils.publicKeyDecrypt(authCheckEntity.getRegisterCode(), RsaUtils.publicKey); if (!data.equals(authCheckEntity.getMachineInfo())) { throw new JsonException(ResultEnum.DATA_NOT, "注册码不匹配,请联系管理员!"); } } catch (Exception e) { e.printStackTrace(); } } } AuthAdmin authAdmin = authAdminService.findByUserName(loginRequest.getUsername()); if (authAdmin == null) { throw new JsonException(ResultEnum.DATA_NOT, "用户名或密码错误"); } if (!PasswordUtils.authAdminPwd(loginRequest.getPassword()).equals(authAdmin.getPassWord())) { throw new JsonException(ResultEnum.DATA_NOT, "用户名或密码错误"); } // 更新登录状态 AuthAdmin authAdminUp = new AuthAdmin(); authAdminUp.setId(authAdmin.getId()); authAdminUp.setLastLoginTime(new Date()); authAdminUp.setLastLoginIp(IpUtils.getIpAddr(request)); authAdminService.updateAuthAdmin(authAdminUp); // 登录成功后获取权限,这里面会设置到缓存 authLoginService.listRuleByAdminId(authAdmin.getId()); Map claims = new HashMap<>(); claims.put("admin_id", authAdmin.getId()); String token = JwtUtils.createToken(claims, 86400L); // 一天后过期 Map map = new HashMap<>(); map.put("id", authAdmin.getId()); map.put("token", token); map.put("time", DateUtil.getDateTime()); return ResultVOUtils.success(map); } @Resource DeptService deptService; @Resource InvWarehouseService invWarehouseService; @AuthRuleAnnotation("") @GetMapping("/admin/auth/login/getInv") public BaseResponse getInv(HttpServletRequest request) { String adminId = request.getHeader("ADMIN_ID"); Long id = Long.valueOf(adminId); AuthAdmin authAdmin = authAdminService.findById(id); LoginUserInfoResponse loginUserInfoResponse = new LoginUserInfoResponse(); BeanUtils.copyProperties(authAdmin, loginUserInfoResponse); DeptEntity deptEntity = deptService.selectByCode(authAdmin.getLocInvCode()); InvWarehouseEntity invWarehouseEntity = invWarehouseService.findByInvSubByCode(authAdmin.getLocSubInvCode()); loginUserInfoResponse.setLocInvName(deptEntity.getName()); loginUserInfoResponse.setLocSubInvName(invWarehouseEntity.getName()); return ResultVOUtils.success(loginUserInfoResponse); } /** * 获取登录用户信息 * * @return */ @AuthRuleAnnotation("") @GetMapping("/admin/auth/login/userInfo") public BaseResponse userInfo(HttpServletRequest request) { String adminId = request.getHeader("ADMIN_ID"); Long id = Long.valueOf(adminId); AuthAdmin authAdmin = authAdminService.findById(id); List authRules = authLoginService.listRuleByAdminId(authAdmin.getId()); LoginUserInfoResponse loginUserInfoResponse = new LoginUserInfoResponse(); BeanUtils.copyProperties(authAdmin, loginUserInfoResponse); loginUserInfoResponse.setAuthRules(authRules); loginUserInfoResponse.setLocInvName(deptService.getInvName(loginUserInfoResponse.getLocInvCode())); loginUserInfoResponse.setLocSubInvName(invWarehouseService.getSubInvName(loginUserInfoResponse.getLocSubInvCode())); return ResultVOUtils.success(loginUserInfoResponse); } @Resource ISysRoleService sysRoleService; @AuthRuleAnnotation("") @GetMapping("/getInfo") public BaseResponse getUserInfo(HttpServletRequest request) { String adminId = request.getHeader("ADMIN_ID"); Long id = Long.valueOf(adminId); AuthAdmin authAdmin = authAdminService.findById(id); List authRules = authLoginService.listRuleByAdminId(authAdmin.getId()); LoginUserInfoResponse loginUserInfoResponse = new LoginUserInfoResponse(); BeanUtils.copyProperties(authAdmin, loginUserInfoResponse); loginUserInfoResponse.setAuthRules(authRules); CompanyEntity companyEntity = companyService.findCompany(); loginUserInfoResponse.setCompanyName(companyEntity.getName()); loginUserInfoResponse.setLocInvName(deptService.getInvName(loginUserInfoResponse.getLocInvCode())); loginUserInfoResponse.setLocSubInvName(invWarehouseService.getSubInvName(loginUserInfoResponse.getLocSubInvCode())); // 角色集合 Set roles = sysPermissionService.getRolePermission(authAdmin); List sysRoles = sysRoleService.selectRolesByUserId(id); authAdmin.setRoles(sysRoles); // 权限集合 Set permissions = sysPermissionService.getMenuPermission(authAdmin); loginUserInfoResponse.setRoles(roles); loginUserInfoResponse.setPermissions(permissions); return ResultVOUtils.success(loginUserInfoResponse); } @Resource ISysMenuService menuService; @GetMapping("/spms/getRouters") public BaseResponse getRouters() { AuthAdmin authAdmin = getUser(); List menus = menuService.selectMenuTreeByUserId(authAdmin.getId()); return ResultVOUtils.success(menuService.buildMenus(menus)); } /** * 登出 * * @return */ @PostMapping("/admin/auth/login/out") public BaseResponse out() { return ResultVOUtils.success(); } /** * 修改密码 * * @return */ @AuthRuleAnnotation("") // 需要登录验证,但是不需要权限验证时,value 值填空字符串 @PostMapping("/admin/auth/login/password") public BaseResponse password(@RequestBody @Valid UpdatePasswordRequest updatePasswordRequest, BindingResult bindingResult) { if (bindingResult.hasErrors()) { return ResultVOUtils.error(ResultEnum.PARAM_VERIFY_FALL.getCode(), bindingResult.getFieldError().getDefaultMessage()); } AuthAdmin authAdmin = authAdminService.findById(updatePasswordRequest.getAdminId()); if (authAdmin == null) { throw new JsonException(ResultEnum.DATA_NOT); } String oldPwd = PasswordUtils.authAdminPwd(updatePasswordRequest.getOldPassword()); // 旧密码不对 if (authAdmin.getPassWord() != null && !authAdmin.getPassWord().equals(oldPwd)) { throw new JsonException(ResultEnum.DATA_NOT, "旧密码匹配失败"); } AuthAdmin authAdminUp = new AuthAdmin(); authAdminUp.setId(authAdmin.getId()); String newPwd = PasswordUtils.authAdminPwd(updatePasswordRequest.getNewPassword()); authAdminUp.setPassWord(newPwd); authAdmin.setLastModifyTime(new Date()); boolean b = authAdminService.updateAuthAdmin(authAdminUp); if (b) { return ResultVOUtils.success(); } return ResultVOUtils.error(ResultEnum.DATA_CHANGE); } }