oyingServer.git

			@@ -1,6 +1,7 @@
			package com.oying.modules.security.rest;

			import cn.hutool.core.util.IdUtil;
			import com.alibaba.fastjson2.JSONObject;
			import com.oying.modules.security.config.CaptchaConfig;
			import com.oying.modules.security.config.LoginProperties;
			import com.oying.modules.security.config.SecurityProperties;
			@@ -8,8 +9,16 @@
			import com.oying.modules.security.security.TokenProvider;
			import com.oying.modules.security.service.OnlineUserService;
			import com.oying.modules.security.service.UserDetailsServiceImpl;
			import com.oying.modules.security.service.WeiXinService;
			import com.oying.modules.security.service.dto.AuthUserDto;
			import com.oying.modules.security.service.dto.AuthUserWeixinDto;
			import com.oying.modules.security.service.dto.JwtUserDto;
			import com.oying.modules.system.domain.DictDetail;
			import com.oying.modules.system.domain.Role;
			import com.oying.modules.system.domain.User;
			import com.oying.modules.system.service.DictDetailService;
			import com.oying.modules.system.service.UserService;
			import com.oying.utils.*;
			import com.wf.captcha.base.Captcha;
			import io.swagger.annotations.Api;
			import io.swagger.annotations.ApiOperation;
			@@ -21,22 +30,17 @@
			import com.oying.annotation.rest.AnonymousPostMapping;
			import com.oying.config.properties.RsaProperties;
			import com.oying.exception.BadRequestException;
			import com.oying.utils.RsaUtils;
			import com.oying.utils.RedisUtils;
			import com.oying.utils.SecurityUtils;
			import com.oying.utils.StringUtils;
			import org.springframework.http.HttpStatus;
			import org.springframework.http.ResponseEntity;
			import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
			import org.springframework.security.core.Authentication;
			import org.springframework.security.core.context.SecurityContextHolder;
			import org.springframework.security.core.userdetails.UserDetails;
			import org.springframework.security.crypto.password.PasswordEncoder;
			import org.springframework.validation.annotation.Validated;
			import org.springframework.web.bind.annotation.*;

			import javax.servlet.http.HttpServletRequest;
			import java.util.HashMap;
			import java.util.Map;
			import java.util.*;
			import java.util.concurrent.TimeUnit;

			/**
			@@ -59,9 +63,12 @@
			private final LoginProperties loginProperties;
			private final PasswordEncoder passwordEncoder;
			private final UserDetailsServiceImpl userDetailsService;
			private final WeiXinService weiXinService;
			private final UserService userService;
			private final DictDetailService dictDetailService;

			@Log("用户登录")
			@ApiOperation("登录授权")
			@Log("账号密码登录")
			@ApiOperation("账号密码登录")
			@AnonymousPostMapping(value = "/login")
			public ResponseEntity<Object> login(@Validated @RequestBody AuthUserDto authUser, HttpServletRequest request) throws Exception {
			// 密码解密
			@@ -98,14 +105,113 @@
			// 保存在线信息
			onlineUserService.save(jwtUser, token, request);
			// 返回登录信息
			return ResponseEntity.ok(authInfo);
			return ResponseEntity.ok(R.success(authInfo));
			}

			@Log("微信授权登录")
			@ApiOperation("微信授权登录")
			@AnonymousPostMapping(value = "/login/weixin")
			public ResponseEntity<Object> loginWeixin(@Validated @RequestBody AuthUserWeixinDto authUser, HttpServletRequest request) throws Exception {
			JSONObject jsonObject;
			switch (authUser.getCode()) {
			case "OLD":
			jsonObject = weiXinService.code2Session(authUser.getCode());
			String openid = jsonObject.getString("openid");
			User userDto = userService.findByOpenid(openid);
			if (userDto == null) {
			Map<String, Object> authInfo = new HashMap<String, Object>(2) {{
			put("token", openid);
			put("member", null);
			}};
			return ResponseEntity.ok(authInfo);
			}
			authUser.setUsername(userDto.getUsername());
			break;
			case "NEW":
			jsonObject = weiXinService.getPhoneNumber(authUser.getCode());
			String phone = jsonObject.getJSONObject("phone_info").getString("purePhoneNumber");
			User user1 = userService.findByName(phone);
			if (user1 == null) {
			//创建用户
			User user = new User();
			user.setUsername(phone);
			user.setNickName("LYHD-" + phone);
			user.setUserType(ConstantsKey.BUYER);
			user.setEnabled(true);
			getRole(user);
			user.setPassword(passwordEncoder.encode(phone.substring(phone.length() - 6)));
			user.setOpenid(authUser.getUsername());
			userService.create(user);
			} else {
			if (user1.getUserType().equals(ConstantsKey.BUYER)) {
			if (user1.getRoles() == null) {
			getRole(user1);
			}
			}
			user1.setOpenid(authUser.getUsername());
			userService.update(user1);
			}
			authUser.setUsername(phone);
			break;
			default:
			throw new BadRequestException("登录类型错误");

			}
			// 获取用户信息
			JwtUserDto jwtUser = userDetailsService.loadUserByUsername(authUser.getUsername());
			Authentication authentication = new UsernamePasswordAuthenticationToken(jwtUser, null, jwtUser.getAuthorities());
			SecurityContextHolder.getContext().setAuthentication(authentication);
			// 生成令牌
			String token = tokenProvider.createToken(jwtUser);
			// 返回 token 与用户信息
			Map<String, Object> authInfo = new HashMap<String, Object>(2) {{
			put("token", properties.getTokenStartWith() + token);
			put("user", jwtUser);
			}};
			if (loginProperties.isSingleLogin()) {
			// 踢掉之前已经登录的token
			onlineUserService.kickOutForUsername(authUser.getUsername());
			}
			// 保存在线信息
			onlineUserService.save(jwtUser, token, request);
			// 返回登录信息
			return ResponseEntity.ok(R.success(authInfo));
			}

			public void getRole(User user1) {
			Set<Role> roles = new HashSet<>();
			Role role = new Role();
			DictDetail detail = dictDetailService.getDictByName(ConstantsKey.USER_TYPE_BUYER).get(0);
			role.setId(Long.valueOf(detail.getLabel()));
			roles.add(role);
			user1.setRoles(roles);
			}

			@ApiOperation("临时授权")
			@AnonymousGetMapping(value = "/token")
			public ResponseEntity<Object> loginTest(@RequestParam String username, HttpServletRequest request) {
			// 生成令牌与第三方系统获取令牌方式
			JwtUserDto jwtUser = userDetailsService.loadUserByUsername(username);
			Authentication authentication = new UsernamePasswordAuthenticationToken(jwtUser, null, jwtUser.getAuthorities());
			SecurityContextHolder.getContext().setAuthentication(authentication);
			// 生成令牌
			String token = tokenProvider.createToken(jwtUser);
			// 返回 token 与用户信息
			Map<String, Object> authInfo = new HashMap<String, Object>(2) {{
			put("token", properties.getTokenStartWith() + token);
			put("user", jwtUser);
			}};
			// 保存在线信息
			onlineUserService.save(jwtUser, token, request);
			// 返回登录信息
			return ResponseEntity.ok(R.success(authInfo));
			}

			@ApiOperation("获取用户信息")
			@GetMapping(value = "/info")
			public ResponseEntity<UserDetails> getUserInfo() {
			public ResponseEntity<Object> getUserInfo() {
			JwtUserDto jwtUser = (JwtUserDto) SecurityUtils.getCurrentUser();
			return ResponseEntity.ok(jwtUser);
			return ResponseEntity.ok(R.success(jwtUser));
			}

			@ApiOperation("获取验证码")
			@@ -126,7 +232,7 @@
			put("img", captcha.toBase64());
			put("uuid", uuid);
			}};
			return ResponseEntity.ok(imgResult);
			return ResponseEntity.ok(R.success(imgResult));
			}

			@ApiOperation("退出登录")
			@@ -134,6 +240,6 @@
			public ResponseEntity<Object> logout(HttpServletRequest request) {
			String token = tokenProvider.getToken(request);
			onlineUserService.logout(token);
			return new ResponseEntity<>(HttpStatus.OK);
			return new ResponseEntity<>(R.success(), HttpStatus.OK);
			}
			}