Главная Обзор Помощь
Регистрация Вход
tl
/
api
5
0
Ответвить 0
Файлы Задачи 0 Запросы на слияние 0 Вики
Дерево: 7de870fcd8
Ветки Метки
api
/
src
/
main
/
java
/
com
/
xjrsoft
/
module
/
system
/
controller
/
LoginController.java

LoginController.java 11 KB
История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294 
  1. package com.xjrsoft.module.system.controller;
    2. 

  2. 

  3. import cn.dev33.satoken.annotation.SaCheckPermission;
    4. 

  4. import cn.dev33.satoken.session.SaSession;
    5. 

  5. import cn.dev33.satoken.stp.StpUtil;
    6. 

  6. import cn.hutool.core.util.IdUtil;
    7. 

  7. import cn.hutool.core.util.StrUtil;
    8. 

  8. import cn.hutool.extra.spring.SpringUtil;
    9. 

  9. import cn.hutool.jwt.JWT;
    10. 

  10. import cn.hutool.jwt.JWTUtil;
    11. 

  11. import com.baomidou.mybatisplus.core.toolkit.StringPool;
    12. 

  12. import com.baomidou.mybatisplus.core.toolkit.Wrappers;
    13. 

  13. import com.xjrsoft.common.annotation.XjrLog;
    14. 

  14. import com.xjrsoft.common.constant.GlobalConstant;
    15. 

  15. import com.xjrsoft.common.model.result.R;
    16. 

  16. import com.xjrsoft.common.model.result.RT;
    17. 

  17. import com.xjrsoft.common.sms.SmsCtcc;
    18. 

  18. import com.xjrsoft.common.utils.QrCodeUtil;
    19. 

  19. import com.xjrsoft.common.utils.RedisUtil;
    20. 

  20. import com.xjrsoft.config.CommonPropertiesConfig;
    21. 

  21. import com.xjrsoft.config.KeyCloakConfig;
    22. 

  22. import com.xjrsoft.module.organization.entity.User;
    23. 

  23. import com.xjrsoft.module.organization.service.IUserService;
    24. 

  24. import com.xjrsoft.module.student.dto.QRLoginDto;
    25. 

  25. import com.xjrsoft.module.system.dto.CaptchaDto;
    26. 

  26. import com.xjrsoft.module.system.dto.CreateAuthorizeUrlDto;
    27. 

  27. import com.xjrsoft.module.system.dto.CreateTokenDto;
    28. 

  28. import com.xjrsoft.module.system.dto.KeyCloakLoginInfoDto;
    29. 

  29. import com.xjrsoft.module.system.dto.LoginByCodeDto;
    30. 

  30. import com.xjrsoft.module.system.dto.LoginCaptchaDto;
    31. 

  31. import com.xjrsoft.module.system.dto.LoginDto;
    32. 

  32. import com.xjrsoft.module.system.dto.LoginQRCodeDto;
    33. 

  33. import com.xjrsoft.module.system.service.ILoginService;
    34. 

  34. import com.xjrsoft.module.system.service.IOauthService;
    35. 

  35. import com.xjrsoft.module.system.vo.LoginCheckQRCodeVo;
    36. 

  36. import com.xjrsoft.module.system.vo.LoginQRCodeVo;
    37. 

  37. import io.swagger.annotations.Api;
    38. 

  38. import io.swagger.annotations.ApiOperation;
    39. 

  39. import lombok.AllArgsConstructor;
    40. 

  40. import me.zhyd.oauth.request.AuthRequest;
    41. 

  41. import me.zhyd.oauth.utils.AuthStateUtils;
    42. 

  42. import org.apache.commons.lang3.RandomUtils;
    43. 

  43. import org.keycloak.authorization.client.AuthzClient;
    44. 

  44. import org.keycloak.authorization.client.Configuration;
    45. 

  45. import org.keycloak.representations.AccessTokenResponse;
    46. 

  46. import org.springframework.web.bind.annotation.GetMapping;
    47. 

  47. import org.springframework.web.bind.annotation.PostMapping;
    48. 

  48. import org.springframework.web.bind.annotation.RequestBody;
    49. 

  49. import org.springframework.web.bind.annotation.RequestMapping;
    50. 

  50. import org.springframework.web.bind.annotation.RequestParam;
    51. 

  51. import org.springframework.web.bind.annotation.RestController;
    52. 

  52. 

  53. import javax.validation.Valid;
    54. 

  54. import java.util.HashMap;
    55. 

  55. import java.util.Map;
    56. 

  56. 

  57. /**
    58. 

  58.  * <p>
    59. 

  59.  * 登录控制器
    60. 

  60.  * </p>
    61. 

  61.  *
    62. 

  62.  * @author tzx
    63. 

  63.  * @since 2022-03-02
    64. 

  64.  */
    65. 

  65. @Api(tags = "登录模块")
    66. 

  66. @RestController
    67. 

  67. @RequestMapping(GlobalConstant.SYSTEM_MODULE_PREFIX)
    68. 

  68. @AllArgsConstructor
    69. 

  69. public class LoginController {
    70. 

  70. 

  71.     private final ILoginService loginService;
    72. 

  72.     private final IUserService userService;
    73. 

  73. 

  74.     private final RedisUtil redisUtil;
    75. 

  75. 

  76.     private KeyCloakConfig keyCloakConfig;
    77. 

  77. 

  78.     private final SmsCtcc smsCtcc;
    79. 

  79. 

  80.     private IOauthService oauthService;
    81. 

  81. 

  82.     private final CommonPropertiesConfig commonPropertiesConfig;
    83. 

  83. 

  84.     @PostMapping("/login")
    85. 

  85.     @ApiOperation(value = "登录", notes = "传入账号:account,密码:password")
    86. 

  86.     @XjrLog(value = "账号密码登录成功")
    87. 

  87.     public R login(@RequestBody @Valid LoginDto dto) throws Exception {
    88. 

  88.         return R.ok(loginService.login(dto));
    89. 

  89.     }
    90. 

  90. 

  91.     @PostMapping("/findUserByCode")
    92. 

  92.     @ApiOperation(value = "登录", notes = "code")
    93. 

  93.     @XjrLog(value = "Code登录成功")
    94. 

  94.     public R findUserByCode(@RequestBody @Valid LoginByCodeDto dto) throws Exception {
    95. 

  95.         return R.ok(loginService.findUserByCode(dto));
    96. 

  96.     }
    97. 

  97. 

  98.     @PostMapping("/loginByCode")
    99. 

  99.     @ApiOperation(value = "登录", notes = "code")
    100. 

  100.     @XjrLog(value = "Code登录成功")
    101. 

  101.     public R loginByCode(@RequestBody @Valid LoginByCodeDto dto) throws Exception {
    102. 

  102.         return R.ok(loginService.loginByCode(dto));
    103. 

  103.     }
    104. 

  104. 

  105.     @GetMapping(value = "/loginQRCode")
    106. 

  106.     @ApiOperation(value="登录-二维码")
    107. 

  107.     @SaCheckPermission("login:detail")
    108. 

  108.     public RT<LoginQRCodeVo> qrcode() {
    109. 

  109.         long loginCode = IdUtil.getSnowflakeNextId();
    110. 

  110.         String url = commonPropertiesConfig.getDomainApp() + "pages/login/qrCodeLogin/index?loginCode="+loginCode;
    111. 

  111.         String active = SpringUtil.getActiveProfile();
    112. 

  112.         if(!"prod".equals(active)){
    113. 

  113.             url = "http://yxh-web.ngrok.yingcaibx.com/app/#/pages/login/qrCodeLogin/index?loginCode="+loginCode;
    114. 

  114.         }
    115. 

  115.         int width = 200;
    116. 

  116.         int height = 200;
    117. 

  117.         int margin = 1;
    118. 

  118. 

  119.         try {
    120. 

  120.             String base64 = QrCodeUtil.createBase64(url, width, height, margin);
    121. 

  121.             LoginQRCodeVo loginQRCodeVo = new LoginQRCodeVo();
    122. 

  122.             loginQRCodeVo.setImgBase64(base64);
    123. 

  123. 

  124.             redisUtil.set(loginCode + "time", System.currentTimeMillis());
    125. 

  125.             loginQRCodeVo.setLoginCode(loginCode + "");
    126. 

  126.             return RT.ok(loginQRCodeVo);
    127. 

  127.         } catch (Exception e) {
    128. 

  128.             return RT.error(e.getMessage());
    129. 

  129.         }
    130. 

  130.     }
    131. 

  131. 

  132.     @PostMapping("/QR-code-login")
    133. 

  133.     @ApiOperation(value = "二维码登录", notes = "code")
    134. 

  134.     @XjrLog(value = "二维码登录")
    135. 

  135.     public RT<String> loginQRCode(@RequestBody LoginQRCodeDto dto) throws Exception {
    136. 

  136. //        Long timestamp = redisUtil.get(dto.getLoginCode() + "time", Long.class);
    137. 

  137. //        long timeMillis = System.currentTimeMillis();
    138. 

  138. //        if(timeMillis - timestamp > 300000){
    139. 

  139. //            return RT.error("二维码失效,请刷新重试");
    140. 

  140. //        }
    141. 

  141.         Boolean b = loginService.loginQRCode(dto);
    142. 

  142.         if(b){
    143. 

  143.             return RT.ok("登录成功");
    144. 

  144.         }
    145. 

  145. 

  146.         return RT.ok("登录失败,未能绑定微信公众号");
    147. 

  147.     }
    148. 

  148. 

  149.     @PostMapping("/check-QR-code-login")
    150. 

  150.     @ApiOperation(value = "验证是否登录成功", notes = "验证是否登录成功")
    151. 

  151.     @XjrLog(value = "验证是否登录成功")
    152. 

  152.     public RT<LoginCheckQRCodeVo> checkLoginQRCode(@RequestBody @Valid QRLoginDto dto) {
    153. 

  153.         Long timestamp = redisUtil.get(dto.getLoginCode() + "time", Long.class);
    154. 

  154.         if(timestamp == null){
    155. 

  155.             timestamp = System.currentTimeMillis();
    156. 

  156.         }
    157. 

  157.         long timeMillis = System.currentTimeMillis();
    158. 

  158.         LoginCheckQRCodeVo loginCheckQRCodeVo = new LoginCheckQRCodeVo();
    159. 

  159.         if(timeMillis - timestamp > 300000){
    160. 

  160.             loginCheckQRCodeVo.setStatus(1);
    161. 

  161.             return RT.ok(loginCheckQRCodeVo);
    162. 

  162.         }
    163. 

  163. 

  164.         String token = redisUtil.get(dto.getLoginCode());
    165. 

  165. 

  166.         loginCheckQRCodeVo.setToken(token);
    167. 

  167.         loginCheckQRCodeVo.setStatus(0);
    168. 

  168.         return RT.ok(loginCheckQRCodeVo);
    169. 

  169.     }
    170. 

  170. 

  171.     @PostMapping("/bindOpenid")
    172. 

  172.     @ApiOperation(value = "登录", notes = "登录")
    173. 

  173.     @XjrLog(value = "code换Openid并绑定")
    174. 

  174.     public R bindOpenid(@RequestBody @Valid LoginByCodeDto dto) throws Exception {
    175. 

  175.         return R.ok(loginService.bindOpenid(dto));
    176. 

  176.     }
    177. 

  177. 

  178.     @GetMapping("/imgcaptcha")
    179. 

  179.     @ApiOperation(value = "图形验证码", notes = "图形验证码")
    180. 

  180.     public R imgCaptcha() {
    181. 

  181.         return R.ok(loginService.imgCaptcha());
    182. 

  182.     }
    183. 

  183. 

  184.     @PostMapping("/create-token")
    185. 

  185.     @ApiOperation(value = "创建token", notes = "传入账号:account,密码:password")
    186. 

  186.     @XjrLog(value = "账号密码登录成功")
    187. 

  187.     public R createToken(@RequestBody @Valid CreateTokenDto dto) {
    188. 

  188.         return R.ok(loginService.createToken(dto));
    189. 

  189.     }
    190. 

  190. 

  191. 

  192.     /**
    193. 

  193.      * 发送验证码
    194. 

  194.      */
    195. 

  195.     @PostMapping("/captcha")
    196. 

  196.     @XjrLog(value = "发送验证码")
    197. 

  197.     @ApiOperation(value = "发送验证码", notes = "传入账号:mobile")
    198. 

  198.     public R captcha(@RequestBody @Valid CaptchaDto captchaDto) {
    199. 

  199. 

  200.         String active = SpringUtil.getActiveProfile();
    201. 

  201.         String code = "111111";
    202. 

  202. 

  203.         // 测试环境使用模拟短信,正式环境才发送短信
    204. 

  204.         if (active.equals("prod")) {
    205. 

  205. //            String captchaCode = redisUtil.get(captchaDto.getKey(), 0);
    206. 

  206. //            if (captchaCode == null) {
    207. 

  207. //                throw new MyException("验证码已过期,请刷新验证码!");
    208. 

  208. //            }
    209. 

  209. //
    210. 

  210. //            if (!captchaCode.equals(captchaDto.getCode())) {
    211. 

  211. //                throw new MyException("验证码不正确,请刷新验证码!");
    212. 

  212. //            }
    213. 

  213.             //生成六位数的字符串
    214. 

  214.             code = RandomUtils.nextInt(100000, 999999) + StringPool.EMPTY;
    215. 

  215.             smsCtcc.sendCaptcha(captchaDto.getMobile(), code, true);
    216. 

  216.         } else {
    217. 

  217.             smsCtcc.sendCaptcha(captchaDto.getMobile(), code, false);
    218. 

  218.         }
    219. 

  219.         return R.ok(Boolean.TRUE);
    220. 

  220.     }
    221. 

  221. 

  222.     /**
    223. 

  223.      * 验证码登录
    224. 

  224.      */
    225. 

  225.     @PostMapping("/loginCaptcha")
    226. 

  226.     @XjrLog(value = "验证码登录")
    227. 

  227.     public R loginByCaptcha(@RequestBody LoginCaptchaDto loginCaptchaDto) throws Exception {
    228. 

  228.         // 验证验证码
    229. 

  229.         if (!smsCtcc.captchaVerify(loginCaptchaDto.getMobile(), loginCaptchaDto.getCode())) {
    230. 

  230.             return R.error("验证码不正确!");
    231. 

  231.         }
    232. 

  232.         return R.ok(loginService.loginByCaptcha(loginCaptchaDto));
    233. 

  233.     }
    234. 

  234. 

  235. 

  236.     /**
    237. 

  237.      * 退出
    238. 

  238.      */
    239. 

  239.     @PostMapping("/logout")
    240. 

  240.     public R logout() {
    241. 

  241.         StpUtil.logout();
    242. 

  242.         return R.ok("登出成功!");
    243. 

  243.     }
    244. 

  244. 

  245.     @PostMapping("/token")
    246. 

  246.     @ApiOperation(value = "根据keycloak-token 登录", notes = "传入keycloak-token")
    247. 

  247.     @XjrLog(value = "keycloak-token登录成功")
    248. 

  248.     public R loginByToken(@RequestBody KeyCloakLoginInfoDto dto) {
    249. 

  249. 

  250.         Map<String, Object> credentialsMap = new HashMap<>(1);
    251. 

  251.         credentialsMap.put("secret", keyCloakConfig.getSecret());
    252. 

  252.         Configuration configuration = new Configuration(keyCloakConfig.getUrl(), keyCloakConfig.getRealm(), keyCloakConfig.getClientId(), credentialsMap, null);
    253. 

  253.         AuthzClient authzClient = AuthzClient.create(configuration);
    254. 

  254.         AccessTokenResponse response = authzClient.obtainAccessToken(keyCloakConfig.getUserName(), keyCloakConfig.getPassword());
    255. 

  255. 

  256.         if (StrUtil.isNotBlank(response.getError())) {
    257. 

  257.             return R.error(response.getError());
    258. 

  258.         }
    259. 

  259.         //TODO keycloak 登陆过 解析token获取数据 做框架登录操作
    260. 

  260.         JWT jwt = JWTUtil.parseToken(dto.getToken());
    261. 

  261.         Object code = jwt.getPayload(keyCloakConfig.getPayload());
    262. 

  262. 

  263.         User user = userService.getOne(Wrappers.lambdaQuery(User.class).eq(User::getCode, code));
    264. 

  264. 

  265.         if (user == null) {
    266. 

  266.             return R.error("帐号密码错误!");
    267. 

  267.         } else if (!Integer.valueOf(1).equals(user.getEnabledMark())) {
    268. 

  268.             return R.error("该账号已被禁用!");
    269. 

  269.         }
    270. 

  270. 

  271.         //此登录接口登录web端
    272. 

  272.         StpUtil.login(user.getId(), dto.getDevice());
    273. 

  273. 

  274.         SaSession tokenSession = StpUtil.getTokenSession();
    275. 

  275.         tokenSession.set(GlobalConstant.LOGIN_USER_INFO_KEY, user);
    276. 

  276. 

  277.         Map<String, Object> vo = new HashMap<>(1);
    278. 

  278.         vo.put(GlobalConstant.TOKEN_KEY, StpUtil.getTokenValue());
    279. 

  279. 

  280.         return R.ok("登录成功!", vo);
    281. 

  281. 

  282. 

  283.     }
    284. 

  284. 

  285.     @PostMapping("/qrcode-login")
    286. 

  286.     @ApiOperation(value = "oauth 扫码登录", notes = "oauth 扫码登录")
    287. 

  287.     @XjrLog(value = "oauth 扫码登录")
    288. 

  288.     public R createAuthorizeUrl(@Valid @RequestBody CreateAuthorizeUrlDto dto){
    289. 

  289. 

  290.         AuthRequest authRequest = oauthService.getAuthRequest(dto.getSource());
    291. 

  291.         String authorizeUrl = authRequest.authorize(AuthStateUtils.createState());
    292. 

  292.         return R.ok(authorizeUrl);
    293. 

  293.     }
    294. 

  294. }
    295.