package com.stylefeng.guns.modular.code.controller;
|
|
import com.baomidou.mybatisplus.mapper.EntityWrapper;
|
import com.stylefeng.guns.core.base.tips.ErrorTip;
|
import com.stylefeng.guns.core.base.tips.Tip;
|
import com.stylefeng.guns.core.common.annotion.BussinessLog;
|
import com.stylefeng.guns.core.common.constant.Const;
|
import com.stylefeng.guns.core.common.constant.dictmap.UserDict;
|
import com.stylefeng.guns.core.common.constant.factory.ConstantFactory;
|
import com.stylefeng.guns.core.common.constant.state.ManagerStatus;
|
import com.stylefeng.guns.core.common.exception.BizExceptionEnum;
|
import com.stylefeng.guns.core.exception.GunsException;
|
import com.stylefeng.guns.core.log.LogManager;
|
import com.stylefeng.guns.core.log.LogObjectHolder;
|
import com.stylefeng.guns.core.log.factory.LogTaskFactory;
|
import com.stylefeng.guns.core.mutidatasource.annotion.DataSource;
|
import com.stylefeng.guns.core.shiro.ShiroKit;
|
import com.stylefeng.guns.core.shiro.ShiroUser;
|
import com.stylefeng.guns.core.support.HttpKit;
|
import com.stylefeng.guns.core.util.JwtTokenUtil;
|
import com.stylefeng.guns.core.util.ToolUtil;
|
import com.stylefeng.guns.modular.system.dao.UserMapper;
|
import com.stylefeng.guns.modular.system.dto.Host;
|
import com.stylefeng.guns.modular.system.factory.UserFactory;
|
import com.stylefeng.guns.modular.system.model.*;
|
import com.stylefeng.guns.modular.system.service.IBannerService;
|
import com.stylefeng.guns.modular.system.service.IEncyclopedicKnowledgeService;
|
import com.stylefeng.guns.modular.system.service.ISysDataTypeService;
|
import com.stylefeng.guns.modular.system.service.IUserService;
|
import com.stylefeng.guns.modular.system.transfer.UserDto;
|
import com.stylefeng.guns.modular.system.util.ResultUtil;
|
import com.stylefeng.guns.modular.system.warpper.UserWarpper;
|
import io.swagger.annotations.ApiOperation;
|
import org.apache.shiro.authc.SimpleAuthenticationInfo;
|
import org.apache.shiro.authc.UsernamePasswordToken;
|
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
|
import org.apache.shiro.crypto.hash.Md5Hash;
|
import org.apache.shiro.subject.Subject;
|
import org.apache.shiro.util.ByteSource;
|
import org.springframework.beans.BeanUtils;
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.stereotype.Controller;
|
import org.springframework.ui.Model;
|
import org.springframework.validation.BindingResult;
|
import org.springframework.web.bind.annotation.*;
|
|
import javax.naming.NoPermissionException;
|
import javax.servlet.http.Cookie;
|
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletResponse;
|
import javax.validation.Valid;
|
import java.util.Date;
|
import java.util.HashMap;
|
import java.util.List;
|
import java.util.Map;
|
|
import static com.stylefeng.guns.core.support.HttpKit.getIp;
|
|
@Controller
|
@RequestMapping("/base/user")
|
public class UserController {
|
|
protected HttpServletResponse getHttpServletResponse() {
|
return HttpKit.getResponse();
|
}
|
protected HttpServletRequest getHttpServletRequest() {
|
return HttpKit.getRequest();
|
}
|
|
@Autowired
|
private IUserService userService;
|
|
@Autowired
|
private IBannerService bannerService;
|
|
@Autowired
|
private IEncyclopedicKnowledgeService knowledgeService;
|
|
@Autowired
|
private ISysDataTypeService typeService;
|
|
|
@Autowired
|
private UserMapper userMapper;
|
|
@ApiOperation(value = "拿token", tags = {"登录"})
|
@PostMapping("/token/auth")
|
@ResponseBody
|
public Object auth(@RequestParam("username") String username,
|
@RequestParam("password") String password) {
|
|
//封装请求账号密码为shiro可验证的token
|
UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(username, password.toCharArray());
|
|
//获取数据库中的账号密码,准备比对
|
// User user = userMapper.getByAccount(username);
|
User user = new User();
|
List<User> account = userMapper.selectList(new EntityWrapper<User>().eq("account", username));
|
user = account.get(0);
|
String credentials = user.getPassword();
|
String salt = user.getSalt();
|
ByteSource credentialsSalt = new Md5Hash(salt);
|
SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(
|
new ShiroUser(), credentials, credentialsSalt, "");
|
//校验用户账号密码
|
HashedCredentialsMatcher md5CredentialsMatcher = new HashedCredentialsMatcher();
|
md5CredentialsMatcher.setHashAlgorithmName(ShiroKit.hashAlgorithmName);
|
md5CredentialsMatcher.setHashIterations(ShiroKit.hashIterations);
|
boolean passwordTrueFlag = md5CredentialsMatcher.doCredentialsMatch(
|
usernamePasswordToken, simpleAuthenticationInfo);
|
|
if (passwordTrueFlag) {
|
HashMap<String, Object> result = new HashMap<>();
|
result.put("token", JwtTokenUtil.generateToken(String.valueOf(user.getId())));
|
return result;
|
} else {
|
return new ErrorTip(500, "账号密码错误!");
|
}
|
}
|
|
|
|
@GetMapping(value = "/logout")
|
@ApiOperation(value = "注销", tags = {"登录"})
|
@ResponseBody
|
public ResultUtil logOut() {
|
System.err.println(ShiroKit.getUser());
|
LogManager.me().executeLog(LogTaskFactory.exitLog(ShiroKit.getUser().getId(), getIp()));
|
ShiroKit.getSubject().logout();
|
deleteAllCookie();
|
return ResultUtil.success("注销成功");
|
}
|
|
protected void deleteAllCookie() {
|
Cookie[] cookies = this.getHttpServletRequest().getCookies();
|
for (Cookie cookie : cookies) {
|
Cookie temp = new Cookie(cookie.getName(), "");
|
temp.setMaxAge(0);
|
this.getHttpServletResponse().addCookie(temp);
|
}
|
}
|
|
@GetMapping(value = "/tt")
|
@ApiOperation(value = "tt", tags = {"登录"})
|
@ResponseBody
|
public void tt() {
|
System.err.println(ShiroKit.getUser().getName());
|
}
|
|
@ApiOperation(value = "登录", tags = {"登录"})
|
@ResponseBody
|
@PostMapping(value = "/login")
|
public ResultUtil loginVali(Model model) {
|
model.addAttribute("updatePaw", false);
|
String username = "admin";
|
String password = "123456";
|
|
//验证验证码是否正确
|
// if (KaptchaUtil.getKaptchaOnOff()) {
|
// String kaptcha = super.getPara("kaptcha").trim();
|
// String code = (String) super.getSession().getAttribute(Constants.KAPTCHA_SESSION_KEY);
|
// if (ToolUtil.isEmpty(kaptcha) || !kaptcha.equalsIgnoreCase(code)) {
|
// model.addAttribute("tips", "验证码错误");
|
// return "/login.html";
|
// }
|
// }
|
|
User user = userService.selectOne(new EntityWrapper<User>().eq("account", username).ne("status", 3));
|
|
|
// if(null == user.getUpdatePasswordTime() || (user.getUpdatePasswordTime().getTime() + 7776000000L) <= System.currentTimeMillis()){
|
// model.addAttribute("tips", "密码已经90天没更新了,请先修改密码!");
|
// model.addAttribute("updatePaw", true);
|
// return "/login.html";
|
// }
|
|
|
// Long t = loginTime.get(username);
|
// t = null == t ? 0 : t;
|
// //超过30分钟初始化
|
// if(System.currentTimeMillis() - t > (30 * 60 * 1000)){
|
// loginFailures.put(username, 0);
|
// loginTime.put(username, System.currentTimeMillis());
|
// }
|
//
|
// Integer f = loginFailures.get(username);
|
// f = f == null ? 0 : f;
|
//密码错误开始记录
|
if(!user.getPassword().equals(ShiroKit.md5(password, user.getSalt()))) {
|
return ResultUtil.error("密码错误");
|
}
|
// f++;
|
// loginFailures.put(username, f);
|
// }
|
// if(f > 5 && (System.currentTimeMillis() - t) <= (30 * 60 * 1000)){
|
// model.addAttribute("tips", "错误次数过多,请等30分钟再试!");
|
// return "/login.html";
|
// }
|
|
|
|
|
Subject currentUser = ShiroKit.getSubject();
|
UsernamePasswordToken token = new UsernamePasswordToken(username, password.toCharArray());
|
token.setRememberMe(false);
|
|
// currentUser.login(token);
|
|
ShiroUser shiroUser = ShiroKit.getUser();
|
// super.getSession().setAttribute("shiroUser", shiroUser);
|
// super.getSession().setAttribute("username", shiroUser.getAccount());
|
|
LogManager.me().executeLog(LogTaskFactory.loginLog(shiroUser.getId(), getIp()));
|
|
ShiroKit.getSession().setAttribute("sessionFlag", true);
|
|
System.out.println(ShiroKit.getUser().getName());
|
return ResultUtil.success("1");
|
}
|
|
|
|
|
@PostMapping("/add")
|
@BussinessLog(value = "添加管理员", key = "account", dict = UserDict.class)
|
@ApiOperation(value = "添加用户", tags = {"后台-系统设置"})
|
@ResponseBody
|
public ResultUtil add(@Valid UserDto user, BindingResult result) {
|
if (result.hasErrors()) {
|
throw new GunsException(BizExceptionEnum.REQUEST_NULL);
|
}
|
|
// 判断账号是否重复
|
User theUser = userService.getByAccount(user.getAccount());
|
if (theUser != null) {
|
throw new GunsException(BizExceptionEnum.USER_ALREADY_REG);
|
}
|
|
// 完善账号信息
|
user.setSalt(ShiroKit.getRandomSalt(5));
|
user.setPassword(ShiroKit.md5(user.getPassword(), user.getSalt()));
|
user.setStatus(ManagerStatus.OK.getCode());
|
user.setCreatetime(new Date());
|
// user.setVersion(1);
|
|
this.userService.insert(UserFactory.createUser(user));
|
return ResultUtil.success("添加成功");
|
|
|
}
|
|
|
@ApiOperation(value = "查询管理员", tags = {"后台-系统设置"})
|
@GetMapping("/list")
|
@ResponseBody
|
public Object list(String account, @RequestParam()int pageNo, @RequestParam()int pageSize,@RequestParam("1=平台管理员 2=员工") int version) {
|
int index = (pageNo-1)*pageSize;
|
int size = pageSize;
|
List<Map<String, Object>> users = userService.getUsers(account,index,size,version);
|
return users;
|
}
|
|
|
@DataSource(name = "dataSourceGuns")
|
@PutMapping("/setRole")
|
@BussinessLog(value = "分配角色", key = "userId,roleIds", dict = UserDict.class)
|
@ApiOperation(value = "分配角色", tags = {"后台-系统设置"})
|
@ResponseBody
|
public ResultUtil setRole(@RequestParam("userId") Integer userId, @RequestParam("roleIds") String roleIds) {
|
if (ToolUtil.isOneEmpty(userId, roleIds)) {
|
throw new GunsException(BizExceptionEnum.REQUEST_NULL);
|
}
|
//不能修改超级管理员
|
if (userId.equals(Const.ADMIN_ID)) {
|
throw new GunsException(BizExceptionEnum.CANT_CHANGE_ADMIN);
|
}
|
// assertAuth(userId);
|
this.userService.setRoles(userId, roleIds);
|
User user = userService.selectById(userId);
|
return ResultUtil.success("分配成功");
|
}
|
|
|
|
@DataSource(name = "dataSourceBiz")
|
@GetMapping("/pre/edit/{userId}")
|
@ApiOperation(value = "编辑获取信息", tags = {"后台-系统设置"})
|
public User edit(@PathVariable Integer userId, Model model) {
|
|
User user = this.userService.selectById(userId);
|
|
return user;
|
}
|
|
|
@DataSource(name = "dataSourceGuns")
|
@PutMapping("/edit")
|
@BussinessLog(value = "修改管理员", key = "account", dict = UserDict.class)
|
@ApiOperation(value = "修改管理员", tags = {"后台-系统设置"})
|
@ResponseBody
|
public ResultUtil edit(@Valid UserDto user, BindingResult result) throws NoPermissionException {
|
|
|
User oldUser = userService.selectById(user.getId());
|
|
|
this.userService.updateById(UserFactory.editUser(user, oldUser));
|
return ResultUtil.success("修改成功");
|
|
}
|
|
|
@DataSource(name = "dataSourceGuns")
|
@PutMapping("/frozen")
|
@BussinessLog(value = "冻结-解冻-删除", key = "account", dict = UserDict.class)
|
@ApiOperation(value = "冻结-解冻-删除", tags = {"后台-系统设置"})
|
@ResponseBody
|
public ResultUtil frozen(@RequestParam Integer userId,@RequestParam("1:解冻 2:冻结 3:删除") Integer status ) throws NoPermissionException {
|
User user = userService.selectById(userId);
|
user.setStatus(status);
|
userService.updateById(user);
|
String res = "";
|
switch (status) {
|
case 1:
|
res = "解冻";
|
break;
|
case 2:
|
res = "冻结";
|
break;
|
case 3:
|
res = "删除";
|
break;
|
}
|
return ResultUtil.success(res+"成功");
|
|
}
|
|
@ResponseBody
|
@GetMapping ("/text")
|
@ApiOperation(value = "3系统公告....", tags = {"后台-基础信息管理"})
|
public List<Banner> text(){
|
Integer [] ids = {3,4,5};
|
return bannerService.selectList(new EntityWrapper<Banner>().in("position",ids));
|
}
|
|
|
@ResponseBody
|
@PutMapping ("/text/edit")
|
@ApiOperation(value = "编辑系统公告", tags = {"后台-基础信息管理"})
|
public ResultUtil textUpdate(Banner banner){
|
bannerService.insertOrUpdate(banner);
|
return ResultUtil.success("保存成功");
|
|
}
|
|
|
@ResponseBody
|
@GetMapping ("/know/list")
|
@ApiOperation(value = "列表", tags = {"后台-知识百科"})
|
public List<EncyclopedicKnowledge> list(Integer type, String title,@RequestParam int pageNo,@RequestParam int pageSize){
|
|
int index = (pageNo-1)*pageSize;
|
int size = pageSize;
|
|
return knowledgeService.list(type,title,index,size);
|
|
}
|
|
|
@ResponseBody
|
@GetMapping ("/know/select")
|
@ApiOperation(value = "类型下拉框", tags = {"后台-知识百科"})
|
public List<SysDataType> select(){
|
return typeService.getSysDataType(1);
|
|
}
|
|
@ResponseBody
|
@PostMapping ("/know/add")
|
@ApiOperation(value = "添加", tags = {"后台-知识百科"})
|
public ResultUtil add(EncyclopedicKnowledge knowledge){
|
knowledge.setInsertTime(new Date());
|
knowledgeService.insert(knowledge);
|
return ResultUtil.success("添加成功");
|
}
|
@ResponseBody
|
@GetMapping ("/know/pre/edit")
|
@ApiOperation(value = "编辑获取信息", tags = {"后台-知识百科"})
|
public EncyclopedicKnowledge preedit(Integer id){
|
return knowledgeService.selectById(id);
|
}
|
|
|
@ResponseBody
|
@PutMapping ("/know/edit")
|
@ApiOperation(value = "修改", tags = {"后台-知识百科"})
|
public ResultUtil edit(EncyclopedicKnowledge knowledge){
|
knowledgeService.updateById(knowledge);
|
return ResultUtil.success("修改成功");
|
}
|
|
|
@ResponseBody
|
@DeleteMapping ("/know/delete")
|
@ApiOperation(value = "编辑获取信息", tags = {"后台-知识百科"})
|
public ResultUtil delete(Integer id){
|
knowledgeService.deleteById(id);
|
return ResultUtil.success("删除成功");
|
}
|
|
|
|
private void assertAuth(Integer userId) {
|
if (ShiroKit.isAdmin()) {
|
return;
|
}
|
List<Integer> deptDataScope = ShiroKit.getDeptDataScope();
|
User user = this.userService.selectById(userId);
|
Integer deptid = user.getDeptid();
|
if (deptDataScope.contains(deptid)) {
|
return;
|
} else {
|
throw new GunsException(BizExceptionEnum.NO_PERMITION);
|
}
|
|
}
|
|
|
}
|
