custauth
This commit is contained in:
parent
d28c08788f
commit
4e7f640edc
|
|
@ -1,4 +1,4 @@
|
|||
package com.bonus.auth.domain;
|
||||
package net.xnzn.domain;
|
||||
|
||||
import io.swagger.annotations.ApiModel;
|
||||
import io.swagger.annotations.ApiModelProperty;
|
||||
|
|
@ -23,4 +23,12 @@ public class CustInfoAppIdLoginVO implements Serializable {
|
|||
private String openid;
|
||||
@ApiModelProperty("登录密码")
|
||||
private String pwd;
|
||||
@ApiModelProperty("用户唯一标识")
|
||||
private String token;
|
||||
@ApiModelProperty("登录IP地址")
|
||||
private String ipaddr;
|
||||
@ApiModelProperty("登录时间")
|
||||
private Long loginTime;
|
||||
@ApiModelProperty("过期时间")
|
||||
private Long expireTime;
|
||||
}
|
||||
|
|
@ -14,6 +14,7 @@ import com.bonus.config.SystemConfig;
|
|||
import com.bonus.system.api.RemoteUserService;
|
||||
import com.bonus.system.api.domain.SysUser;
|
||||
import com.bonus.system.api.model.LoginUser;
|
||||
import net.xnzn.domain.CustInfoAppIdLoginVO;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
|
|
@ -64,34 +65,30 @@ public class TokenService {
|
|||
/**
|
||||
* 创建令牌
|
||||
*/
|
||||
public Map<String, Object> createToken(LoginUser loginUser) {
|
||||
public Map<String, Object> createToken(CustInfoAppIdLoginVO loginUser) {
|
||||
// 检查并删除已有的token
|
||||
delExistingToken(loginUser.getSysUser().getUserId());
|
||||
delExistingToken(loginUser.getCustId());
|
||||
String token = IdUtils.fastUUID();
|
||||
Long userId = loginUser.getSysUser().getUserId();
|
||||
String userName = loginUser.getSysUser().getUserName();
|
||||
Long custId = loginUser.getCustId();
|
||||
String userName = loginUser.getCustName();
|
||||
loginUser.setToken(token);
|
||||
loginUser.setUserid(userId);
|
||||
loginUser.setUsername(userName);
|
||||
loginUser.setCustId(custId);
|
||||
loginUser.setCustName(userName);
|
||||
loginUser.setIpaddr(IpUtils.getIpAddr());
|
||||
refreshToken(loginUser);
|
||||
// Jwt存储信息
|
||||
Map<String, Object> claimsMap = new HashMap<String, Object>(16);
|
||||
claimsMap.put(CUST_USER_KEY, token);
|
||||
claimsMap.put(CUST_DETAILS_USER_ID, userId);
|
||||
claimsMap.put(CUST_DETAILS_USER_ID, custId);
|
||||
claimsMap.put(CUST_DETAILS_USERNAME, userName);
|
||||
String accessToken = JwtUtils.createToken(claimsMap);
|
||||
Map<String, Object> rspMap = new HashMap<String, Object>(16);
|
||||
rspMap.put("cust_access_token", accessToken);
|
||||
rspMap.put("cust_expires_in", EXPIRETIME);
|
||||
rspMap.put("cust_isLogin", isLogin(String.valueOf(userId)));
|
||||
rspMap.put("cust_isLogin", isLogin(String.valueOf(custId)));
|
||||
long tokenTime = getTokenTime();
|
||||
//对token进行存储
|
||||
redisService.setCacheObject(CUST_LOGIN_USER_KEY + userId, token, tokenTime, TimeUnit.MINUTES);
|
||||
SysUser sysUser = new SysUser();
|
||||
sysUser.setUserId(loginUser.getSysUser().getUserId());
|
||||
sysUser.setLoginDate(new Date());
|
||||
AjaxResult edit = remoteUserService.systemUpdateUser(sysUser, SecurityConstants.INNER);
|
||||
redisService.setCacheObject(CUST_LOGIN_USER_KEY + custId, token, tokenTime, TimeUnit.MINUTES);
|
||||
return rspMap;
|
||||
}
|
||||
|
||||
|
|
@ -120,7 +117,7 @@ public class TokenService {
|
|||
*
|
||||
* @return 用户信息
|
||||
*/
|
||||
public LoginUser getLoginUser() {
|
||||
public CustInfoAppIdLoginVO getLoginUser() {
|
||||
return getLoginUser(ServletUtils.getRequest());
|
||||
}
|
||||
|
||||
|
|
@ -129,7 +126,7 @@ public class TokenService {
|
|||
*
|
||||
* @return 用户信息
|
||||
*/
|
||||
public LoginUser getLoginUser(HttpServletRequest request) {
|
||||
public CustInfoAppIdLoginVO getLoginUser(HttpServletRequest request) {
|
||||
// 获取请求携带的令牌
|
||||
String token = SecurityUtils.getToken(request);
|
||||
return getLoginUser(token);
|
||||
|
|
@ -140,8 +137,8 @@ public class TokenService {
|
|||
*
|
||||
* @return 用户信息
|
||||
*/
|
||||
public LoginUser getLoginUser(String token) {
|
||||
LoginUser user = null;
|
||||
public CustInfoAppIdLoginVO getLoginUser(String token) {
|
||||
CustInfoAppIdLoginVO user = null;
|
||||
try {
|
||||
if (StringUtils.isNotEmpty(token)) {
|
||||
String userkey = JwtUtils.getUserKey(token);
|
||||
|
|
@ -157,7 +154,7 @@ public class TokenService {
|
|||
/**
|
||||
* 设置用户身份信息
|
||||
*/
|
||||
public void setLoginUser(LoginUser loginUser) {
|
||||
public void setLoginUser(CustInfoAppIdLoginVO loginUser) {
|
||||
if (StringUtils.isNotNull(loginUser) && StringUtils.isNotEmpty(loginUser.getToken())) {
|
||||
refreshToken(loginUser);
|
||||
}
|
||||
|
|
@ -178,7 +175,7 @@ public class TokenService {
|
|||
*
|
||||
* @param loginUser
|
||||
*/
|
||||
public void verifyToken(LoginUser loginUser) {
|
||||
public void verifyToken(CustInfoAppIdLoginVO loginUser) {
|
||||
long expireTime = loginUser.getExpireTime();
|
||||
long currentTime = System.currentTimeMillis();
|
||||
if (expireTime - currentTime <= MILLIS_MINUTE_TEN) {
|
||||
|
|
@ -191,7 +188,7 @@ public class TokenService {
|
|||
*
|
||||
* @param loginUser 登录信息
|
||||
*/
|
||||
public void refreshToken(LoginUser loginUser) {
|
||||
public void refreshToken(CustInfoAppIdLoginVO loginUser) {
|
||||
long tokenTime = getTokenTime();
|
||||
loginUser.setLoginTime(System.currentTimeMillis());
|
||||
loginUser.setExpireTime(loginUser.getLoginTime() + tokenTime * MILLIS_MINUTE);
|
||||
|
|
|
|||
|
|
@ -2,23 +2,19 @@ package com.bonus.auth.controller;
|
|||
|
||||
import cn.hutool.core.text.CharSequenceUtil;
|
||||
import cn.hutool.core.util.IdUtil;
|
||||
import com.bonus.auth.config.LoginType;
|
||||
import com.bonus.auth.constant.CustLoginTypeEnum;
|
||||
import com.bonus.auth.constant.DelFlagEnum;
|
||||
import com.bonus.auth.domain.CustCasual;
|
||||
import com.bonus.auth.domain.CustInfo;
|
||||
import com.bonus.auth.domain.CustInfoAppIdLoginDTO;
|
||||
import com.bonus.auth.domain.CustInfoAppIdLoginVO;
|
||||
import net.xnzn.domain.CustInfoAppIdLoginVO;
|
||||
import com.bonus.auth.factory.LoginStrategyFactory;
|
||||
import com.bonus.auth.form.LoginBody;
|
||||
import com.bonus.auth.form.RegisterBody;
|
||||
import com.bonus.auth.mapper.CustCasualMapper;
|
||||
import com.bonus.auth.mapper.CustInfoMapper;
|
||||
import com.bonus.auth.service.*;
|
||||
import com.bonus.auth.utils.AesEncryptUtil;
|
||||
import com.bonus.auth.utils.Id;
|
||||
import com.bonus.auth.utils.SM4EncryptUtils;
|
||||
import com.bonus.common.core.constant.SecurityConstants;
|
||||
import com.bonus.common.core.domain.R;
|
||||
import com.bonus.common.core.exception.ServiceException;
|
||||
import com.bonus.common.core.utils.JwtUtils;
|
||||
|
|
@ -30,19 +26,15 @@ import com.bonus.common.security.utils.SecurityUtils;
|
|||
import com.bonus.config.SystemConfig;
|
||||
import com.bonus.system.api.RemoteConfigService;
|
||||
import com.bonus.system.api.RemoteUserService;
|
||||
import com.bonus.system.api.domain.SysUser;
|
||||
import com.bonus.system.api.model.LoginUser;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import net.xnzn.service.TokenService;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||
import org.springframework.web.bind.annotation.DeleteMapping;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
import org.springframework.web.client.RestTemplate;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import java.util.*;
|
||||
|
|
@ -94,32 +86,6 @@ public class TokenController {
|
|||
private static final BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
|
||||
private static final String CUST_LOGIN_TOKEN_KEY = "cust_login_tokens:";
|
||||
|
||||
// @PostMapping("isAdmin")
|
||||
// public R<?> isAdmin(@RequestBody LoginBody form) {
|
||||
// if (!config.isAdmin()) {
|
||||
// return R.ok(false);
|
||||
// }
|
||||
// passwordValidatorService.validateLoginParameters(form.getUsername(), form.getPassword());
|
||||
// //通过用户名获取人员信息
|
||||
// R<LoginUser> userResult = remoteUserService.getUserInfo(form.getUsername(), SecurityConstants.INNER);
|
||||
// // 验证用户查询结果
|
||||
// passwordValidatorService.validateUserResult(form.getUsername(), userResult);
|
||||
// LoginUser userInfo = userResult.getData();
|
||||
// SysUser user = userInfo.getSysUser();
|
||||
// passwordValidatorService.validateApprovalStatus(form.getUsername(), user);
|
||||
// // 验证用户状态
|
||||
// passwordValidatorService.validateUserStatus(form.getUsername(), user);
|
||||
// // 验证密码
|
||||
// passwordService.validate(user, form.getPassword(), System.currentTimeMillis());
|
||||
// // 处理IP校验
|
||||
// passwordValidatorService.handleIpValidation(form.getUsername(), user);
|
||||
// if (userResult.getData() == null || R.FAIL == userResult.getCode()) {
|
||||
// return R.fail("登录用户不存在");
|
||||
// }
|
||||
// Set<String> roles = userResult.getData().getRoles();
|
||||
// return R.ok(roles.contains("admin"));
|
||||
// }
|
||||
|
||||
// @PostMapping("isLogin")
|
||||
// public R<?> isLogin(@RequestBody LoginBody form) {
|
||||
// LoginStrategy strategy = loginStrategyFactory.getStrategy(form.getLoginType());
|
||||
|
|
@ -146,8 +112,8 @@ public class TokenController {
|
|||
if (keys.size() >= concurrency){
|
||||
return R.fail("当前系统用户并发数超过系统配置,请稍后再试");
|
||||
}
|
||||
CustInfoAppIdLoginVO custInfo = custLogin(form);
|
||||
return R.ok(null); //(tokenService.createToken(custInfo));
|
||||
CustInfoAppIdLoginVO loginUser = custLogin(form);
|
||||
return R.ok(tokenService.createToken(loginUser));
|
||||
}
|
||||
|
||||
private CustInfoAppIdLoginVO custLogin(LoginBody content) {
|
||||
|
|
@ -275,7 +241,7 @@ public class TokenController {
|
|||
@PostMapping("refresh")
|
||||
public R<?> refresh(HttpServletRequest request) {
|
||||
try {
|
||||
LoginUser loginUser = tokenService.getLoginUser(request);
|
||||
CustInfoAppIdLoginVO loginUser = tokenService.getLoginUser(request);
|
||||
if (StringUtils.isNotNull(loginUser)) {
|
||||
tokenService.refreshToken(loginUser);
|
||||
return R.ok();
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
package com.bonus.auth.mapper;
|
||||
|
||||
import com.bonus.auth.domain.CustInfo;
|
||||
import com.bonus.auth.domain.CustInfoAppIdLoginVO;
|
||||
import net.xnzn.domain.CustInfoAppIdLoginVO;
|
||||
import org.apache.ibatis.annotations.Mapper;
|
||||
|
||||
@Mapper
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@
|
|||
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
|
||||
<mapper namespace="com.bonus.auth.mapper.CustInfoMapper">
|
||||
<!--根据人员id集合获取人员信息-->
|
||||
<select id="selectLoginInfo" resultType="com.bonus.auth.domain.CustInfoAppIdLoginVO">
|
||||
<select id="selectLoginInfo" resultType="net.xnzn.domain.CustInfoAppIdLoginVO">
|
||||
select cust_id, cust_name, cust_num, cust_photo_url, mobile, pwd
|
||||
from cust_info
|
||||
<where>
|
||||
|
|
|
|||
Reference in New Issue