骑手微信登录

彭雪彬

2025-07-15 25526c5fe2edd5a6133a239b490f9d03044e75cf

 oying-system/src/main/java/com/oying/modules/security/rest/AuthController.java

@@ -1,6 +1,7 @@
package com.oying.modules.security.rest;

import cn.hutool.core.util.IdUtil;
import com.alibaba.fastjson2.JSONObject;
import com.oying.modules.security.config.CaptchaConfig;
import com.oying.modules.security.config.LoginProperties;
import com.oying.modules.security.config.SecurityProperties;
@@ -8,8 +9,17 @@
import com.oying.modules.security.security.TokenProvider;
import com.oying.modules.security.service.OnlineUserService;
import com.oying.modules.security.service.UserDetailsServiceImpl;
import com.oying.modules.security.service.WeiXinService;
import com.oying.modules.security.service.dto.AuthUserDto;
import com.oying.modules.security.service.dto.AuthUserPhoneDto;
import com.oying.modules.security.service.dto.AuthUserWeixinDto;
import com.oying.modules.security.service.dto.JwtUserDto;
import com.oying.modules.system.domain.DictDetail;
import com.oying.modules.system.domain.Role;
import com.oying.modules.system.domain.User;
import com.oying.modules.system.service.DictDetailService;
import com.oying.modules.system.service.UserService;
import com.oying.utils.*;
import com.wf.captcha.base.Captcha;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
@@ -21,22 +31,17 @@
import com.oying.annotation.rest.AnonymousPostMapping;
import com.oying.config.properties.RsaProperties;
import com.oying.exception.BadRequestException;
import com.oying.utils.RsaUtils;
import com.oying.utils.RedisUtils;
import com.oying.utils.SecurityUtils;
import com.oying.utils.StringUtils;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpServletRequest;
import java.util.HashMap;
import java.util.Map;
import java.util.*;
import java.util.concurrent.TimeUnit;

/**
@@ -59,9 +64,12 @@
    private final LoginProperties loginProperties;
    private final PasswordEncoder passwordEncoder;
    private final UserDetailsServiceImpl userDetailsService;
    private final WeiXinService weiXinService;
    private final UserService userService;
    private final DictDetailService dictDetailService;

    @Log("用户登录")
    @ApiOperation("登录授权")
    @Log("账号密码登录")
    @ApiOperation("账号密码登录")
    @AnonymousPostMapping(value = "/login")
    public ResponseEntity<Object> login(@Validated @RequestBody AuthUserDto authUser, HttpServletRequest request) throws Exception {
        // 密码解密
@@ -73,7 +81,7 @@
        if (StringUtils.isBlank(code)) {
            throw new BadRequestException("验证码不存在或已过期");
        }
        if (StringUtils.isBlank(authUser.getCode()) || !authUser.getCode().equalsIgnoreCase(code)) {
        if (!authUser.getCode().equalsIgnoreCase(code)) {
            throw new BadRequestException("验证码错误");
        }
        // 获取用户信息
@@ -98,14 +106,218 @@
        // 保存在线信息
        onlineUserService.save(jwtUser, token, request);
        // 返回登录信息
        return ResponseEntity.ok(authInfo);
        return ResponseEntity.ok(R.success(authInfo));
    }

    @Log("短信验证码登录")
    @ApiOperation("短信验证码登录")
    @AnonymousPostMapping(value = "/login/phone")
    public ResponseEntity<Object> loginPhone(@Validated @RequestBody AuthUserPhoneDto authUser, HttpServletRequest request) {
        // 查询验证码
        String code = redisUtils.get(authUser.getUuid(), String.class);
        // 清除验证码
        redisUtils.del(authUser.getUuid());
        if (StringUtils.isBlank(code)) {
            throw new BadRequestException("验证码不存在或已过期");
        }
        if (!authUser.getCode().equalsIgnoreCase(code)) {
            throw new BadRequestException("验证码错误");
        }
        // 获取用户信息
        JwtUserDto jwtUser = userDetailsService.loadUserByUsername(authUser.getUsername());
        Authentication authentication = new UsernamePasswordAuthenticationToken(jwtUser, null, jwtUser.getAuthorities());
        SecurityContextHolder.getContext().setAuthentication(authentication);
        // 生成令牌
        String token = tokenProvider.createToken(jwtUser);
        // 返回 token 与 用户信息
        Map<String, Object> authInfo = new HashMap<String, Object>(2) {{
            put("token", properties.getTokenStartWith() + token);
            put("user", jwtUser);
        }};
        if (loginProperties.isSingleLogin()) {
            // 踢掉之前已经登录的token
            onlineUserService.kickOutForUsername(authUser.getUsername());
        }
        // 保存在线信息
        onlineUserService.save(jwtUser, token, request);
        // 返回登录信息
        return ResponseEntity.ok(R.success(authInfo));
    }

    public static final String OLD = "OLD";
    public static final String NEW = "NEW";

    @Log("小程序：微信授权登录")
    @ApiOperation("小程序：微信授权登录")
    @AnonymousPostMapping(value = "/login/weixin")
    public ResponseEntity<Object> loginWeixin(@Validated @RequestBody AuthUserWeixinDto authUser, HttpServletRequest request) throws Exception {
        JSONObject jsonObject;
        switch (authUser.getType()) {
            case OLD:
                jsonObject = weiXinService.code2Session(authUser.getCode());
                String openid = jsonObject.getString("openid");
                User userDto = userService.findByOpenid(openid);
                if (userDto == null) {
                    return ResponseEntity.ok(R.success(openid));
                }
                authUser.setUsername(userDto.getUsername());
                break;
            case NEW:
                jsonObject = weiXinService.getPhoneNumber(authUser.getCode());
                String phone = jsonObject.getJSONObject("phone_info").getString("purePhoneNumber");
                User user1 = userService.findByName(phone);
                if (user1 == null) {
                    //创建用户
                    User user = new User();
                    user.setUsername(phone);
                    user.setNickName("OYING-" + phone);
                    user.setUserType(ConstantsKey.BUYER);
                    user.setPhone(phone);
                    user.setGender("男");
                    user.setEnabled(true);
                    getRole(user);
                    user.setPassword(passwordEncoder.encode(phone.substring(phone.length() - 6)));
                    user.setOpenid(authUser.getUsername());
                    userService.create(user);
                } else {
                    if (user1.getUserType().equals(ConstantsKey.BUYER)) {
                        if (user1.getRoles() == null) {
                            getRole(user1);
                        }
                    }
                    user1.setOpenid(authUser.getUsername());
                    userService.update(user1);
                }
                authUser.setUsername(phone);
                break;
            default:
                throw new BadRequestException("登录类型错误");

        }
        // 获取用户信息
        JwtUserDto jwtUser = userDetailsService.loadUserByUsername(authUser.getUsername());
        Authentication authentication = new UsernamePasswordAuthenticationToken(jwtUser, null, jwtUser.getAuthorities());
        SecurityContextHolder.getContext().setAuthentication(authentication);
        // 生成令牌
        String token = tokenProvider.createToken(jwtUser);
        // 返回 token 与 用户信息
        Map<String, Object> authInfo = new HashMap<String, Object>(2) {{
            put("token", properties.getTokenStartWith() + token);
            put("user", jwtUser);
        }};
        if (loginProperties.isSingleLogin()) {
            // 踢掉之前已经登录的token
            onlineUserService.kickOutForUsername(authUser.getUsername());
        }
        // 保存在线信息
        onlineUserService.save(jwtUser, token, request);
        // 返回登录信息
        return ResponseEntity.ok(R.success(authInfo));
    }

    public void getRole(User user1) {
        Set<Role> roles = new HashSet<>();
        Role role = new Role();
        DictDetail detail = dictDetailService.getDictByName(ConstantsKey.USER_TYPE_BUYER).get(0);
        role.setId(Long.valueOf(detail.getValue()));
        roles.add(role);
        user1.setRoles(roles);
    }

    @Log("骑手小程序：微信授权登录")
    @ApiOperation("骑手小程序：微信授权登录")
    @AnonymousPostMapping(value = "/rider/login/weixin")
    public ResponseEntity<Object> riderLoginWeixin(@Validated @RequestBody AuthUserWeixinDto authUser, HttpServletRequest request) throws Exception {
        JSONObject jsonObject;
        switch (authUser.getType()) {
            case OLD:
                jsonObject = weiXinService.code2SessionRider(authUser.getCode());
                String openid = jsonObject.getString("openid");
                User userDto = userService.findByRiderOpenId(openid);
                if (userDto == null) {
                    return ResponseEntity.ok(R.success(openid));
                }
                authUser.setUsername(userDto.getUsername());
                break;
            case NEW:
                jsonObject = weiXinService.getRiderPhoneNumber(authUser.getCode());
                String phone = jsonObject.getJSONObject("phone_info").getString("purePhoneNumber");
                User user1 = userService.findByName(phone);
                if (user1 == null) {
                    //创建用户
                    User user = new User();
                    user.setUsername(phone);
                    user.setNickName("OYING-" + phone);
                    user.setUserType(ConstantsKey.BUYER);
                    user.setPhone(phone);
                    user.setGender("男");
                    user.setEnabled(true);
                    getRole(user);
                    user.setPassword(passwordEncoder.encode(phone.substring(phone.length() - 6)));
                    user.setRiderOpenId(authUser.getUsername());
                    userService.create(user);
                } else {
                    if (user1.getUserType().equals(ConstantsKey.BUYER)) {
                        if (user1.getRoles() == null) {
                            getRole(user1);
                        }
                    }
                    user1.setRiderOpenId(authUser.getUsername());
                    // userService.update(user1);
                    userService.updateRiderOpenId(user1);
                }
                authUser.setUsername(phone);
                break;
            default:
                throw new BadRequestException("登录类型错误");

        }
        // 获取用户信息
        JwtUserDto jwtUser = userDetailsService.loadUserByUsername(authUser.getUsername());
        Authentication authentication = new UsernamePasswordAuthenticationToken(jwtUser, null, jwtUser.getAuthorities());
        SecurityContextHolder.getContext().setAuthentication(authentication);
        // 生成令牌
        String token = tokenProvider.createToken(jwtUser);
        // 返回 token 与 用户信息
        Map<String, Object> authInfo = new HashMap<String, Object>(2) {{
            put("token", properties.getTokenStartWith() + token);
            put("user", jwtUser);
        }};
        if (loginProperties.isSingleLogin()) {
            // 踢掉之前已经登录的token
            onlineUserService.kickOutForUsername(authUser.getUsername());
        }
        // 保存在线信息
        onlineUserService.save(jwtUser, token, request);
        // 返回登录信息
        return ResponseEntity.ok(R.success(authInfo));
    }

    @ApiOperation("临时授权")
    @AnonymousGetMapping(value = "/token")
    public ResponseEntity<Object> loginTest(@RequestParam String username, HttpServletRequest request) {
        // 生成令牌与第三方系统获取令牌方式
        JwtUserDto jwtUser = userDetailsService.loadUserByUsername(username);
        Authentication authentication = new UsernamePasswordAuthenticationToken(jwtUser, null, jwtUser.getAuthorities());
        SecurityContextHolder.getContext().setAuthentication(authentication);
        // 生成令牌
        String token = tokenProvider.createToken(jwtUser);
        // 返回 token 与 用户信息
        Map<String, Object> authInfo = new HashMap<String, Object>(2) {{
            put("token", properties.getTokenStartWith() + token);
            put("user", jwtUser);
        }};
        // 保存在线信息
        onlineUserService.save(jwtUser, token, request);
        // 返回登录信息
        return ResponseEntity.ok(R.success(authInfo));
    }

    @ApiOperation("获取用户信息")
    @GetMapping(value = "/info")
    public ResponseEntity<UserDetails> getUserInfo() {
    public ResponseEntity<Object> getUserInfo() {
        JwtUserDto jwtUser = (JwtUserDto) SecurityUtils.getCurrentUser();
        return ResponseEntity.ok(jwtUser);
        return ResponseEntity.ok(R.success(jwtUser));
    }

    @ApiOperation("获取验证码")
@@ -126,7 +338,7 @@
            put("img", captcha.toBase64());
            put("uuid", uuid);
        }};
        return ResponseEntity.ok(imgResult);
        return ResponseEntity.ok(R.success(imgResult));
    }

    @ApiOperation("退出登录")
@@ -134,6 +346,6 @@
    public ResponseEntity<Object> logout(HttpServletRequest request) {
        String token = tokenProvider.getToken(request);
        onlineUserService.logout(token);
        return new ResponseEntity<>(HttpStatus.OK);
        return new ResponseEntity<>(R.success(), HttpStatus.OK);
    }
}