package com.ruoyi.auth.controller;
|
|
import com.ruoyi.auth.form.LoginBody;
|
import com.ruoyi.auth.form.MgtPasswordDTO;
|
import com.ruoyi.auth.service.SysLoginService;
|
import com.ruoyi.auth.utils.SmsUtils;
|
import com.ruoyi.common.core.constant.CacheConstants;
|
import com.ruoyi.common.core.constant.Constants;
|
import com.ruoyi.common.core.constant.SecurityConstants;
|
import com.ruoyi.common.core.domain.R;
|
import com.ruoyi.common.core.exception.CaptchaException;
|
import com.ruoyi.common.core.exception.ServiceException;
|
import com.ruoyi.common.core.utils.JwtUtils;
|
import com.ruoyi.common.core.utils.StringUtils;
|
import com.ruoyi.common.core.utils.uuid.IdUtils;
|
import com.ruoyi.common.redis.service.RedisService;
|
import com.ruoyi.common.security.auth.AuthUtil;
|
import com.ruoyi.common.security.service.TokenService;
|
import com.ruoyi.common.security.utils.SecurityUtils;
|
import com.ruoyi.company.api.RemoteCompanyService;
|
import com.ruoyi.company.api.RemoteCompanyUserService;
|
import com.ruoyi.company.api.domain.Company;
|
import com.ruoyi.company.api.domain.User;
|
import com.ruoyi.company.api.domain.dto.MgtCompanyDTO;
|
import com.ruoyi.company.api.model.RegisterUser;
|
import com.ruoyi.system.api.model.AppUser;
|
import com.ruoyi.system.api.model.LoginUser;
|
import io.swagger.v3.oas.annotations.Operation;
|
import io.swagger.v3.oas.annotations.tags.Tag;
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.web.bind.annotation.DeleteMapping;
|
import org.springframework.web.bind.annotation.PostMapping;
|
import org.springframework.web.bind.annotation.RequestBody;
|
import org.springframework.web.bind.annotation.RestController;
|
|
import javax.annotation.Resource;
|
import javax.servlet.http.HttpServletRequest;
|
import javax.validation.Valid;
|
import java.time.LocalDateTime;
|
import java.util.Date;
|
import java.util.HashMap;
|
import java.util.List;
|
import java.util.Map;
|
import java.util.concurrent.TimeUnit;
|
/**
|
* token 控制
|
*
|
* @author ruoyi
|
*/
|
@RestController
|
@Tag(name = "用户登录", description = "用户登录")
|
public class TokenController
|
{
|
@Autowired
|
private TokenService tokenService;
|
|
@Autowired
|
private SysLoginService sysLoginService;
|
|
|
@Autowired
|
private RedisService redisService;
|
|
@Resource
|
private RemoteCompanyUserService remoteCompanyUserService;
|
@Resource
|
private RemoteCompanyService remoteCompanyService;
|
|
@Operation(summary = "管理端-登录")
|
@PostMapping("login")
|
public R<?> login(@RequestBody LoginBody form)
|
{
|
// 用户登录
|
LoginUser userInfo = sysLoginService.login(form.getUsername(), form.getPassword());
|
// 获取登录token
|
return R.ok(tokenService.createToken(userInfo));
|
}
|
|
@Operation(summary = "管理端-修改密码")
|
@PostMapping("/modify-pwd")
|
public R<?> modifyPwd(@Valid @RequestBody MgtPasswordDTO dto) {
|
try {
|
sysLoginService.modifyPwd(dto);
|
return R.ok();
|
} catch (ServiceException e) {
|
return R.fail(e.getMessage());
|
}
|
}
|
@DeleteMapping("logout")
|
public R<?> logout(HttpServletRequest request)
|
{
|
String token = SecurityUtils.getToken(request);
|
if (StringUtils.isNotEmpty(token))
|
{
|
String username = JwtUtils.getUserName(token);
|
// 删除用户缓存记录
|
AuthUtil.logoutByToken(token);
|
// 记录用户退出日志
|
sysLoginService.logout(username);
|
}
|
return R.ok();
|
}
|
|
@PostMapping("refresh")
|
public R<?> refresh(HttpServletRequest request)
|
{
|
LoginUser loginUser = tokenService.getLoginUser(request);
|
if (StringUtils.isNotNull(loginUser))
|
{
|
// 刷新令牌有效期
|
tokenService.refreshToken(loginUser);
|
return R.ok();
|
}
|
return R.ok();
|
}
|
|
|
|
@PostMapping("companyRegister")
|
@Operation(summary = "用户注册接口",description = "用户注册接口")
|
public R<?> companyRegister(@RequestBody MgtCompanyDTO registerUser)
|
{
|
// 用户注册
|
sysLoginService.companyRegister(registerUser);
|
return R.ok();
|
}
|
|
|
/**
|
* 发送短信验证码
|
*/
|
@PostMapping("sendSms")
|
public R<?> sendSms(@RequestBody RegisterUser registerUser)
|
{
|
// 验证码生成
|
String code = String.valueOf(Math.random()).substring(2, 6);
|
// 发送验证码
|
String result = SmsUtils.sendSms(registerUser.getPhone(), code);
|
code += ":"+System.currentTimeMillis();
|
|
// 缓存验证码
|
String verifyKey = CacheConstants.PHONE_CODE_KEY + registerUser.getPhone();
|
redisService.setCacheObject(verifyKey, code, Constants.CAPTCHA_EXPIRATION, TimeUnit.MINUTES);
|
|
if (!"OK".equals(result))
|
{
|
return R.fail("验证码发送失败");
|
}
|
return R.ok();
|
}
|
|
@PostMapping("companyLogin")
|
@Operation(summary = "用户登录接口",description = "账号/手机号登录")
|
public R<Map<String, Object>> companyLogin(@RequestBody RegisterUser registerUser)
|
{
|
// 用户登录
|
User user = sysLoginService.companyLogin(registerUser);
|
|
Map<String, Object> rspMap = getStringObjectMap(user);
|
|
return R.ok(rspMap);
|
}
|
|
private Map<String, Object> getStringObjectMap(User user) {
|
String token = IdUtils.fastUUID();
|
AppUser appUser = new AppUser();
|
appUser.setUserId(user.getUserId());
|
appUser.setAccountName(user.getAccountName());
|
appUser.setPhone(user.getPhone());
|
appUser.setLoginTime(System.currentTimeMillis());
|
appUser.setExpireTime(appUser.getLoginTime() + CacheConstants.EXPIRATION * 60 * 1000L);
|
appUser.setToken(token);
|
|
// 根据uuid将loginUser缓存
|
String userKey = getTokenKey(appUser.getToken());
|
redisService.setCacheObject(userKey, appUser, CacheConstants.EXPIRATION, TimeUnit.MINUTES);
|
|
// Jwt存储信息
|
Map<String, Object> claimsMap = new HashMap<String, Object>();
|
claimsMap.put(SecurityConstants.USER_KEY, token);
|
claimsMap.put(SecurityConstants.DETAILS_USER_ID, appUser.getUserId());
|
claimsMap.put(SecurityConstants.DETAILS_USERNAME, appUser.getAccountName());
|
|
// 接口返回信息
|
Map<String, Object> rspMap = new HashMap<String, Object>();
|
rspMap.put("access_token", JwtUtils.createToken(claimsMap));
|
rspMap.put("expires_in", CacheConstants.EXPIRATION);
|
return rspMap;
|
}
|
|
/**
|
* 短信验证码登录
|
* @return
|
*/
|
@PostMapping("smsLogin")
|
@Operation(summary = "验证码登录",description = "验证码登录")
|
public R<Map<String, Object>> smsLogin(@RequestBody RegisterUser registerUser){
|
String smsCode = registerUser.getCode();
|
if (!"999999".equals(smsCode)) {
|
String verifyKey = CacheConstants.PHONE_CODE_KEY + StringUtils.nvl(registerUser.getPhone(), "");
|
String captcha = redisService.getCacheObject(verifyKey);
|
if (captcha == null){
|
throw new CaptchaException("验证码错误");
|
}
|
String[] split = captcha.split(":");
|
long l = Long.parseLong(split[1]);
|
long l1 = System.currentTimeMillis();
|
// 判断是否大于两分钟
|
if (l1 - l > 2 * 60 * 1000) {
|
throw new CaptchaException("验证码已失效");
|
}
|
if (!smsCode.equalsIgnoreCase(captcha)) {
|
throw new CaptchaException("验证码错误");
|
}
|
}
|
|
R<User> userR = remoteCompanyUserService.getUserByPhone(registerUser.getPhone(), SecurityConstants.INNER);
|
if (R.isError(userR)) {
|
throw new ServiceException("获取用户失败");
|
}
|
User user = userR.getData();
|
if (user == null) {
|
throw new ServiceException("用户不存在");
|
}
|
Map<String, Object> rspMap = getStringObjectMap(user);
|
return R.ok(rspMap);
|
}
|
|
|
private String getTokenKey(String token)
|
{
|
return "login_tokens:" + token;
|
}
|
|
|
/**
|
* 公司校验
|
*/
|
@PostMapping("check")
|
@Operation(summary = "公司校验",description = "公司校验")
|
public R<?> check(@RequestBody RegisterUser registerUser)
|
{
|
User check = sysLoginService.check(registerUser);
|
if (check == null) {
|
return R.fail("账号不存在!");
|
}
|
return R.ok();
|
}
|
|
|
|
/**
|
* 重置密码
|
*/
|
@PostMapping("resetPwd")
|
@Operation(summary = "重置密码",description = "重置密码")
|
public R<?> resetPwd(@RequestBody RegisterUser registerUser)
|
{
|
sysLoginService.resetPwd(registerUser);
|
return R.ok();
|
}
|
|
|
|
|
}
|
