租房小程序
blame | 历史 | 补丁 | 提交 | 提交对比 | ignore whitespace
luo
2023-12-08 1300cd0e47d9f0890d972bafeba888d10395ed38 
 guns-management/src/main/java/com/stylefeng/guns/modular/code/controller/UserController.java


@@ -1,37 +1,222 @@


package com.stylefeng.guns.modular.code.controller;




import com.baomidou.mybatisplus.mapper.EntityWrapper;


import com.stylefeng.guns.core.base.tips.ErrorTip;


import com.stylefeng.guns.core.base.tips.Tip;


import com.stylefeng.guns.core.common.annotion.BussinessLog;


import com.stylefeng.guns.core.common.constant.Const;


import com.stylefeng.guns.core.common.constant.dictmap.UserDict;


import com.stylefeng.guns.core.common.constant.factory.ConstantFactory;


import com.stylefeng.guns.core.common.constant.state.ManagerStatus;


import com.stylefeng.guns.core.common.exception.BizExceptionEnum;


import com.stylefeng.guns.core.exception.GunsException;


import com.stylefeng.guns.core.log.LogManager;


import com.stylefeng.guns.core.log.LogObjectHolder;


import com.stylefeng.guns.core.log.factory.LogTaskFactory;


import com.stylefeng.guns.core.mutidatasource.annotion.DataSource;


import com.stylefeng.guns.core.shiro.ShiroKit;


import com.stylefeng.guns.core.shiro.ShiroUser;


import com.stylefeng.guns.core.support.HttpKit;


import com.stylefeng.guns.core.util.JwtTokenUtil;


import com.stylefeng.guns.core.util.ToolUtil;


import com.stylefeng.guns.modular.system.dao.UserMapper;


import com.stylefeng.guns.modular.system.dto.Host;


import com.stylefeng.guns.modular.system.factory.UserFactory;


import com.stylefeng.guns.modular.system.model.User;


import com.stylefeng.guns.modular.system.model.*;


import com.stylefeng.guns.modular.system.service.IBannerService;


import com.stylefeng.guns.modular.system.service.IEncyclopedicKnowledgeService;


import com.stylefeng.guns.modular.system.service.ISysDataTypeService;


import com.stylefeng.guns.modular.system.service.IUserService;


import com.stylefeng.guns.modular.system.transfer.UserDto;


import com.stylefeng.guns.modular.system.util.ResultUtil;


import com.stylefeng.guns.modular.system.warpper.UserWarpper;


import io.swagger.annotations.ApiOperation;


import org.apache.shiro.authc.SimpleAuthenticationInfo;


import org.apache.shiro.authc.UsernamePasswordToken;


import org.apache.shiro.authc.credential.HashedCredentialsMatcher;


import org.apache.shiro.crypto.hash.Md5Hash;


import org.apache.shiro.subject.Subject;


import org.apache.shiro.util.ByteSource;


import org.springframework.beans.BeanUtils;


import org.springframework.beans.factory.annotation.Autowired;


import org.springframework.stereotype.Controller;


import org.springframework.ui.Model;


import org.springframework.validation.BindingResult;


import org.springframework.web.bind.annotation.PostMapping;


import org.springframework.web.bind.annotation.RequestMapping;


import org.springframework.web.bind.annotation.ResponseBody;


import org.springframework.web.bind.annotation.*;




import javax.naming.NoPermissionException;


import javax.servlet.http.Cookie;


import javax.servlet.http.HttpServletRequest;


import javax.servlet.http.HttpServletResponse;


import javax.validation.Valid;


import java.util.Date;


import java.util.HashMap;


import java.util.List;


import java.util.Map;




import static com.stylefeng.guns.core.support.HttpKit.getIp;




@Controller


@RequestMapping("/base/user")


public class UserController {






    protected HttpServletResponse getHttpServletResponse() {


        return HttpKit.getResponse();


    }


    protected HttpServletRequest getHttpServletRequest() {


        return HttpKit.getRequest();


    }




    @Autowired


    private IUserService userService;




    @Autowired


    private IBannerService bannerService;




    @Autowired


    private IEncyclopedicKnowledgeService knowledgeService;




    @Autowired


    private ISysDataTypeService typeService;






    @Autowired


    private UserMapper userMapper;




    @ApiOperation(value = "拿token", tags = {"登录"})


    @PostMapping("/token/auth")


    @ResponseBody


    public Object auth(@RequestParam("username") String username,


                       @RequestParam("password") String password) {




        //封装请求账号密码为shiro可验证的token


        UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(username, password.toCharArray());




        //获取数据库中的账号密码,准备比对


//        User user = userMapper.getByAccount(username);


        User user = new User();


        List<User> account = userMapper.selectList(new EntityWrapper<User>().eq("account", username));


        user = account.get(0);


        String credentials = user.getPassword();


        String salt = user.getSalt();


        ByteSource credentialsSalt = new Md5Hash(salt);


        SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(


                new ShiroUser(), credentials, credentialsSalt, "");


        //校验用户账号密码


        HashedCredentialsMatcher md5CredentialsMatcher = new HashedCredentialsMatcher();


        md5CredentialsMatcher.setHashAlgorithmName(ShiroKit.hashAlgorithmName);


        md5CredentialsMatcher.setHashIterations(ShiroKit.hashIterations);


        boolean passwordTrueFlag = md5CredentialsMatcher.doCredentialsMatch(


                usernamePasswordToken, simpleAuthenticationInfo);




        if (passwordTrueFlag) {


            HashMap<String, Object> result = new HashMap<>();


            result.put("token", JwtTokenUtil.generateToken(String.valueOf(user.getId())));


            return result;


        } else {


            return new ErrorTip(500, "账号密码错误!");


        }


    }








    @GetMapping(value = "/logout")


    @ApiOperation(value = "注销", tags = {"登录"})


    @ResponseBody


    public ResultUtil logOut() {


        System.err.println(ShiroKit.getUser());


        LogManager.me().executeLog(LogTaskFactory.exitLog(ShiroKit.getUser().getId(), getIp()));


        ShiroKit.getSubject().logout();


        deleteAllCookie();


        return ResultUtil.success("注销成功");


    }




    protected void deleteAllCookie() {


        Cookie[] cookies = this.getHttpServletRequest().getCookies();


        for (Cookie cookie : cookies) {


            Cookie temp = new Cookie(cookie.getName(), "");


            temp.setMaxAge(0);


            this.getHttpServletResponse().addCookie(temp);


        }


    }




    @GetMapping(value = "/tt")


    @ApiOperation(value = "tt", tags = {"登录"})


    @ResponseBody


    public void tt() {


        System.err.println(ShiroKit.getUser().getName());


    }




    @ApiOperation(value = "登录", tags = {"登录"})


    @ResponseBody


    @PostMapping(value = "/login")


    public ResultUtil loginVali(Model model) {


        model.addAttribute("updatePaw", false);


        String username = "admin";


        String password = "123456";




        //验证验证码是否正确


//        if (KaptchaUtil.getKaptchaOnOff()) {


//            String kaptcha = super.getPara("kaptcha").trim();


//            String code = (String) super.getSession().getAttribute(Constants.KAPTCHA_SESSION_KEY);


//            if (ToolUtil.isEmpty(kaptcha) || !kaptcha.equalsIgnoreCase(code)) {


//                model.addAttribute("tips", "验证码错误");


//                return "/login.html";


//            }


//        }




        User user = userService.selectOne(new EntityWrapper<User>().eq("account", username).ne("status", 3));






//        if(null == user.getUpdatePasswordTime() || (user.getUpdatePasswordTime().getTime() + 7776000000L) <= System.currentTimeMillis()){


//            model.addAttribute("tips", "密码已经90天没更新了,请先修改密码!");


//            model.addAttribute("updatePaw", true);


//            return "/login.html";


//        }






//        Long t = loginTime.get(username);


//        t = null == t ? 0 : t;


//        //超过30分钟初始化


//        if(System.currentTimeMillis() - t > (30 * 60 * 1000)){


//            loginFailures.put(username, 0);


//            loginTime.put(username, System.currentTimeMillis());


//        }


//


//        Integer f = loginFailures.get(username);


//        f = f == null ? 0 : f;


        //密码错误开始记录


        if(!user.getPassword().equals(ShiroKit.md5(password, user.getSalt()))) {


            return ResultUtil.error("密码错误");


        }


//            f++;


//            loginFailures.put(username, f);


//        }


//        if(f > 5 && (System.currentTimeMillis() - t) <= (30 * 60 * 1000)){


//            model.addAttribute("tips", "错误次数过多,请等30分钟再试!");


//            return "/login.html";


//        }










        Subject currentUser = ShiroKit.getSubject();


        UsernamePasswordToken token = new UsernamePasswordToken(username, password.toCharArray());


        token.setRememberMe(false);




//        currentUser.login(token);




        ShiroUser shiroUser = ShiroKit.getUser();


//        super.getSession().setAttribute("shiroUser", shiroUser);


//        super.getSession().setAttribute("username", shiroUser.getAccount());




        LogManager.me().executeLog(LogTaskFactory.loginLog(shiroUser.getId(), getIp()));




        ShiroKit.getSession().setAttribute("sessionFlag", true);




        System.out.println(ShiroKit.getUser().getName());


        return ResultUtil.success("1");


    }








@@ -56,8 +241,189 @@


        user.setPassword(ShiroKit.md5(user.getPassword(), user.getSalt()));


        user.setStatus(ManagerStatus.OK.getCode());


        user.setCreatetime(new Date());


//        user.setVersion(1);




        this.userService.insert(UserFactory.createUser(user));


        return ResultUtil.success("添加成功");






    }






    @ApiOperation(value = "查询管理员", tags = {"后台-系统设置"})


    @GetMapping("/list")


    @ResponseBody


    public Object list(String account, @RequestParam()int pageNo, @RequestParam()int pageSize,@RequestParam("1=平台管理员 2=员工") int version) {


        int index = (pageNo-1)*pageSize;


        int size = pageSize;


        List<Map<String, Object>> users = userService.getUsers(account,index,size,version);


        return users;


    }






    @DataSource(name = "dataSourceGuns")


    @PutMapping("/setRole")


    @BussinessLog(value = "分配角色", key = "userId,roleIds", dict = UserDict.class)


    @ApiOperation(value = "分配角色", tags = {"后台-系统设置"})


    @ResponseBody


    public ResultUtil setRole(@RequestParam("userId") Integer userId, @RequestParam("roleIds") String roleIds) {


        if (ToolUtil.isOneEmpty(userId, roleIds)) {


            throw new GunsException(BizExceptionEnum.REQUEST_NULL);


        }


        //不能修改超级管理员


        if (userId.equals(Const.ADMIN_ID)) {


            throw new GunsException(BizExceptionEnum.CANT_CHANGE_ADMIN);


        }


//        assertAuth(userId);


        this.userService.setRoles(userId, roleIds);


        User user = userService.selectById(userId);


        return ResultUtil.success("分配成功");


    }








    @DataSource(name = "dataSourceBiz")


    @GetMapping("/pre/edit/{userId}")


    @ApiOperation(value = "编辑获取信息", tags = {"后台-系统设置"})


    public User edit(@PathVariable Integer userId, Model model) {




        User user = this.userService.selectById(userId);




        return user;


    }






    @DataSource(name = "dataSourceGuns")


    @PutMapping("/edit")


    @BussinessLog(value = "修改管理员", key = "account", dict = UserDict.class)


    @ApiOperation(value = "修改管理员", tags = {"后台-系统设置"})


    @ResponseBody


    public ResultUtil edit(@Valid UserDto user, BindingResult result) throws NoPermissionException {






        User oldUser = userService.selectById(user.getId());






            this.userService.updateById(UserFactory.editUser(user, oldUser));


            return ResultUtil.success("修改成功");




    }






    @DataSource(name = "dataSourceGuns")


    @PutMapping("/frozen")


    @BussinessLog(value = "冻结-解冻-删除", key = "account", dict = UserDict.class)


    @ApiOperation(value = "冻结-解冻-删除", tags = {"后台-系统设置"})


    @ResponseBody


    public ResultUtil frozen(@RequestParam Integer userId,@RequestParam("1:解冻  2:冻结  3:删除") Integer status ) throws NoPermissionException {


        User user = userService.selectById(userId);


        user.setStatus(status);


        userService.updateById(user);


        String res = "";


        switch (status) {


            case 1:


                res = "解冻";


                break;


            case 2:


                res = "冻结";


                break;


            case 3:


                res = "删除";


                break;


        }


        return ResultUtil.success(res+"成功");




    }




    @ResponseBody


    @GetMapping ("/text")


    @ApiOperation(value = "3系统公告....", tags = {"后台-基础信息管理"})


    public List<Banner> text(){


        Integer [] ids = {3,4,5};


        return     bannerService.selectList(new EntityWrapper<Banner>().in("position",ids));


    }






    @ResponseBody


    @PutMapping ("/text/edit")


    @ApiOperation(value = "编辑系统公告", tags = {"后台-基础信息管理"})


    public ResultUtil textUpdate(Banner banner){


            bannerService.insertOrUpdate(banner);


            return ResultUtil.success("保存成功");




    }






    @ResponseBody


    @GetMapping ("/know/list")


    @ApiOperation(value = "列表", tags = {"后台-知识百科"})


    public List<EncyclopedicKnowledge> list(Integer type, String title,@RequestParam int pageNo,@RequestParam int pageSize){




        int index = (pageNo-1)*pageSize;


        int size = pageSize;




     return  knowledgeService.list(type,title,index,size);




    }






    @ResponseBody


    @GetMapping ("/know/select")


    @ApiOperation(value = "类型下拉框", tags = {"后台-知识百科"})


    public List<SysDataType> select(){


        return  typeService.getSysDataType(1);




    }




    @ResponseBody


    @PostMapping ("/know/add")


    @ApiOperation(value = "添加", tags = {"后台-知识百科"})


    public ResultUtil add(EncyclopedicKnowledge knowledge){


        knowledge.setInsertTime(new Date());


        knowledgeService.insert(knowledge);


        return ResultUtil.success("添加成功");


    }


    @ResponseBody


    @GetMapping  ("/know/pre/edit")


    @ApiOperation(value = "编辑获取信息", tags = {"后台-知识百科"})


    public EncyclopedicKnowledge preedit(Integer id){


        return knowledgeService.selectById(id);


    }






    @ResponseBody


    @PutMapping ("/know/edit")


    @ApiOperation(value = "修改", tags = {"后台-知识百科"})


    public ResultUtil edit(EncyclopedicKnowledge knowledge){


        knowledgeService.updateById(knowledge);


        return ResultUtil.success("修改成功");


    }






    @ResponseBody


    @DeleteMapping  ("/know/delete")


    @ApiOperation(value = "编辑获取信息", tags = {"后台-知识百科"})


    public ResultUtil delete(Integer id){


         knowledgeService.deleteById(id);


         return ResultUtil.success("删除成功");


    }








    private void assertAuth(Integer userId) {


        if (ShiroKit.isAdmin()) {


            return;


        }


        List<Integer> deptDataScope = ShiroKit.getDeptDataScope();


        User user = this.userService.selectById(userId);


        Integer deptid = user.getDeptid();


        if (deptDataScope.contains(deptid)) {


            return;


        } else {


            throw new GunsException(BizExceptionEnum.NO_PERMITION);


        }




    }






}