package com.ruoyi.auth.service;
|
|
import com.ruoyi.auth.form.MgtPasswordDTO;
|
import com.ruoyi.common.core.constant.CacheConstants;
|
import com.ruoyi.common.core.constant.Constants;
|
import com.ruoyi.common.core.constant.SecurityConstants;
|
import com.ruoyi.common.core.constant.UserConstants;
|
import com.ruoyi.common.core.domain.R;
|
import com.ruoyi.common.core.enums.UserStatus;
|
import com.ruoyi.common.core.exception.CaptchaException;
|
import com.ruoyi.common.core.exception.ServiceException;
|
import com.ruoyi.common.core.text.Convert;
|
import com.ruoyi.common.core.utils.DateUtils;
|
import com.ruoyi.common.core.utils.StringUtils;
|
import com.ruoyi.common.core.utils.ip.IpUtils;
|
import com.ruoyi.common.redis.service.RedisService;
|
import com.ruoyi.common.security.utils.SecurityUtils;
|
import com.ruoyi.company.api.RemoteCompanyService;
|
import com.ruoyi.company.api.RemoteCompanyUserService;
|
import com.ruoyi.company.api.domain.Company;
|
import com.ruoyi.company.api.domain.User;
|
import com.ruoyi.company.api.domain.dto.MgtCompanyDTO;
|
import com.ruoyi.company.api.model.RegisterUser;
|
import com.ruoyi.system.api.RemoteUserService;
|
import com.ruoyi.system.api.domain.SysUser;
|
import com.ruoyi.system.api.model.LoginUser;
|
import lombok.RequiredArgsConstructor;
|
import org.springframework.context.annotation.Lazy;
|
import org.springframework.stereotype.Component;
|
|
import javax.annotation.Resource;
|
import java.util.List;
|
import java.util.Objects;
|
|
/**
|
* 登录校验方法
|
*
|
* @author ruoyi
|
*/
|
@Component
|
@RequiredArgsConstructor(onConstructor_ = {@Lazy})
|
public class SysLoginService {
|
@Resource
|
private RemoteUserService remoteUserService;
|
@Resource
|
private RemoteCompanyUserService remoteCompanyUserService;
|
@Resource
|
private RemoteCompanyService remoteCompanyService;
|
private final SysPasswordService passwordService;
|
private final SysRecordLogService recordLogService;
|
private final RedisService redisService;
|
|
/**
|
* 登录
|
*/
|
public LoginUser login(String username, String password) {
|
// 用户名或密码为空 错误
|
if (StringUtils.isAnyBlank(username, password)) {
|
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户/密码必须填写");
|
throw new ServiceException("用户/密码必须填写");
|
}
|
// 密码如果不在指定范围内 错误
|
if (password.length() < UserConstants.PASSWORD_MIN_LENGTH
|
|| password.length() > UserConstants.PASSWORD_MAX_LENGTH) {
|
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户密码不在指定范围");
|
throw new ServiceException("用户密码不在指定范围");
|
}
|
// 用户名不在指定范围内 错误
|
if (username.length() < UserConstants.USERNAME_MIN_LENGTH
|
|| username.length() > UserConstants.USERNAME_MAX_LENGTH) {
|
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户名不在指定范围");
|
throw new ServiceException("用户名不在指定范围");
|
}
|
// IP黑名单校验
|
String blackStr = Convert.toStr(redisService.getCacheObject(CacheConstants.SYS_LOGIN_BLACKIPLIST));
|
if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr())) {
|
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "很遗憾,访问IP已被列入系统黑名单");
|
throw new ServiceException("很遗憾,访问IP已被列入系统黑名单");
|
}
|
// 查询用户信息
|
R<LoginUser> userResult = remoteUserService.getUserInfo(username, SecurityConstants.INNER);
|
|
if (R.FAIL == userResult.getCode()) {
|
throw new ServiceException(userResult.getMsg());
|
}
|
|
LoginUser userInfo = userResult.getData();
|
SysUser user = userResult.getData().getSysUser();
|
if (UserStatus.DELETED.getCode().equals(user.getDelFlag())) {
|
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "对不起,您的账号已被删除");
|
throw new ServiceException("对不起,您的账号:" + username + " 已被删除");
|
}
|
if (UserStatus.DISABLE.getCode().equals(user.getStatus())) {
|
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户已停用,请联系管理员");
|
throw new ServiceException("对不起,您的账号:" + username + " 已停用");
|
}
|
passwordService.validate(user, password);
|
recordLogService.recordLogininfor(username, Constants.LOGIN_SUCCESS, "登录成功");
|
recordLoginInfo(user.getUserId());
|
return userInfo;
|
}
|
|
/**
|
* 记录登录信息
|
*
|
* @param userId 用户ID
|
*/
|
public void recordLoginInfo(Long userId) {
|
SysUser sysUser = new SysUser();
|
sysUser.setUserId(userId);
|
// 更新用户登录IP
|
sysUser.setLoginIp(IpUtils.getIpAddr());
|
// 更新用户登录时间
|
sysUser.setLoginDate(DateUtils.getNowDate());
|
remoteUserService.recordUserLogin(sysUser, SecurityConstants.INNER);
|
}
|
|
public void logout(String loginName) {
|
recordLogService.recordLogininfor(loginName, Constants.LOGOUT, "退出成功");
|
}
|
|
/**
|
* 注册
|
*/
|
public void register(String username, String password) {
|
// 用户名或密码为空 错误
|
if (StringUtils.isAnyBlank(username, password)) {
|
throw new ServiceException("用户/密码必须填写");
|
}
|
if (username.length() < UserConstants.USERNAME_MIN_LENGTH
|
|| username.length() > UserConstants.USERNAME_MAX_LENGTH) {
|
throw new ServiceException("账户长度必须在2到20个字符之间");
|
}
|
if (password.length() < UserConstants.PASSWORD_MIN_LENGTH
|
|| password.length() > UserConstants.PASSWORD_MAX_LENGTH) {
|
throw new ServiceException("密码长度必须在5到20个字符之间");
|
}
|
|
// 注册用户信息
|
SysUser sysUser = new SysUser();
|
sysUser.setUserName(username);
|
sysUser.setNickName(username);
|
sysUser.setPassword(SecurityUtils.encryptPassword(password));
|
R<?> registerResult = remoteUserService.registerUserInfo(sysUser, SecurityConstants.INNER);
|
|
if (R.FAIL == registerResult.getCode()) {
|
throw new ServiceException(registerResult.getMsg());
|
}
|
recordLogService.recordLogininfor(username, Constants.REGISTER, "注册成功");
|
}
|
|
public void companyRegister(MgtCompanyDTO registerUser) {
|
String accountName = registerUser.getAccountName();
|
String password = registerUser.getPassword();
|
// 用户名或密码为空 错误
|
if (StringUtils.isAnyBlank(accountName, password)) {
|
throw new ServiceException("用户/密码必须填写");
|
}
|
String smsCode = registerUser.getSmsCode();
|
if (!"999999".equals(smsCode)) {
|
String verifyKey = CacheConstants.PHONE_CODE_KEY + StringUtils.nvl(registerUser.getPhone(), "");
|
String captcha = redisService.getCacheObject(verifyKey);
|
if (captcha == null) {
|
throw new CaptchaException("验证码已失效");
|
}
|
redisService.deleteObject(verifyKey);
|
if (!smsCode.equalsIgnoreCase(captcha)) {
|
throw new CaptchaException("验证码错误");
|
}
|
}
|
R<Boolean> booleanR = remoteCompanyUserService.registerUser(registerUser, SecurityConstants.INNER);
|
if (R.isError(booleanR)) {
|
throw new ServiceException(booleanR.getMsg());
|
}
|
}
|
|
|
public User companyLogin(RegisterUser registerUser) {
|
String accountName = registerUser.getAccountName();
|
String password = registerUser.getPassword();
|
|
R<User> userByPhoneR = remoteCompanyUserService.getUserByPhone(accountName, SecurityConstants.INNER);
|
if (R.isError(userByPhoneR)) {
|
throw new ServiceException(userByPhoneR.getMsg());
|
}
|
if (userByPhoneR.getData() != null) {
|
if (SecurityUtils.matchesPassword(password, userByPhoneR.getData().getPassword())) {
|
return userByPhoneR.getData();
|
}
|
}
|
|
|
R<User> r = remoteCompanyUserService.getUserByAccountName(accountName, SecurityConstants.INNER);
|
if (R.isError(r)) {
|
throw new ServiceException(r.getMsg());
|
}
|
if (r.getData() == null) {
|
throw new ServiceException("账号不存在");
|
}
|
if (!SecurityUtils.matchesPassword(password, r.getData().getPassword())) {
|
throw new ServiceException("密码错误");
|
}
|
return r.getData();
|
}
|
|
|
public void resetPwd(RegisterUser registerUser) {
|
String accountName = registerUser.getAccountName();
|
R<User> userByPhoneR = remoteCompanyUserService.getUserByPhone(accountName, SecurityConstants.INNER);
|
if (R.isError(userByPhoneR)) {
|
throw new ServiceException(userByPhoneR.getMsg());
|
}
|
boolean check = false;
|
R<User> userR = new R<>();
|
if (userByPhoneR.getData() != null) {
|
check = check(userByPhoneR.getData(), registerUser.getCompanyName(), registerUser.getIdCardNumber());
|
}
|
if (!check){
|
userR = remoteCompanyUserService.getUserByAccountName(accountName, SecurityConstants.INNER);
|
if (R.isError(userR)) {
|
throw new ServiceException(userR.getMsg());
|
}
|
if (userR.getData() == null) {
|
throw new ServiceException("账号不存在");
|
}
|
check = check(userR.getData(), registerUser.getCompanyName(), registerUser.getIdCardNumber());
|
}
|
|
if (!check) {
|
throw new ServiceException("账号不存在");
|
}
|
String password = SecurityUtils.encryptPassword(registerUser.getPassword());
|
User user = userR.getData();
|
user.setPassword(password);
|
R<Void> r = remoteCompanyUserService.updateUser(user);
|
if (R.isError(r)) {
|
throw new ServiceException(userR.getMsg());
|
}
|
}
|
|
public boolean check(User user, String companyName, String idCardNumber) {
|
Long userId = user.getUserId();
|
R<List<Company>> companyR = remoteCompanyService.getCompanyByUserId(userId, SecurityConstants.INNER);
|
if (R.isError(companyR)) {
|
throw new ServiceException(companyR.getMsg());
|
}
|
List<Company> companyList = companyR.getData();
|
if (companyList != null) {
|
long count = companyList.stream()
|
.filter(company -> company.getCompanyName().equals(companyName) &&
|
company.getIdCardNumber().equals(idCardNumber))
|
.count();
|
return count > 0;
|
}
|
return false;
|
}
|
|
/**
|
* 管理端-修改密码
|
* @param dto
|
*/
|
public void modifyPwd(MgtPasswordDTO dto) {
|
Long userId = SecurityUtils.getUserId();
|
SysUser sysUser = remoteUserService.getUserById(userId, SecurityConstants.INNER).getData();
|
if (Objects.isNull(sysUser)){
|
throw new ServiceException("用户不存在");
|
}
|
if (!SecurityUtils.matchesPassword(dto.getOldPassword(), sysUser.getPassword())){
|
throw new ServiceException("原密码错误");
|
}
|
sysUser.setPassword(SecurityUtils.encryptPassword(dto.getNewPassword()));
|
remoteUserService.updateUser(sysUser,SecurityConstants.INNER);
|
}
|
}
|
