1

luodangjia

2025-01-23 698ae84adaf1b8d0e8dd61d7279863fe17c1e81d

 ruoyi-auth/src/main/java/com/ruoyi/auth/service/SysLoginService.java

@@ -1,23 +1,13 @@
package com.ruoyi.auth.service;

import com.ruoyi.common.core.exception.CaptchaException;
import com.ruoyi.common.security.annotation.RequiresPermissions;
import com.ruoyi.company.api.RemoteCompanyService;
import com.ruoyi.company.api.RemoteCompanyUserService;
import com.ruoyi.company.api.domain.Company;
import com.ruoyi.company.api.domain.User;
import com.ruoyi.company.api.model.RegisterUser;
import lombok.RequiredArgsConstructor;
import org.jacoco.agent.rt.internal_43f5073.core.internal.flow.IFrame;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Lazy;
import org.springframework.stereotype.Component;
import com.ruoyi.auth.form.MgtPasswordDTO;
import com.ruoyi.common.core.constant.CacheConstants;
import com.ruoyi.common.core.constant.Constants;
import com.ruoyi.common.core.constant.SecurityConstants;
import com.ruoyi.common.core.constant.UserConstants;
import com.ruoyi.common.core.domain.R;
import com.ruoyi.common.core.enums.UserStatus;
import com.ruoyi.common.core.exception.CaptchaException;
import com.ruoyi.common.core.exception.ServiceException;
import com.ruoyi.common.core.text.Convert;
import com.ruoyi.common.core.utils.DateUtils;
@@ -25,13 +15,26 @@
import com.ruoyi.common.core.utils.ip.IpUtils;
import com.ruoyi.common.redis.service.RedisService;
import com.ruoyi.common.security.utils.SecurityUtils;
import com.ruoyi.company.api.RemoteCompanyService;
import com.ruoyi.company.api.RemoteCompanyUserService;
import com.ruoyi.company.api.domain.Company;
import com.ruoyi.company.api.domain.User;
import com.ruoyi.company.api.domain.dto.MgtCompanyDTO;
import com.ruoyi.company.api.model.RegisterUser;
import com.ruoyi.system.api.RemoteUserService;
import com.ruoyi.system.api.domain.SysUser;
import com.ruoyi.system.api.model.AppUser;
import com.ruoyi.system.api.model.LoginUser;
import lombok.RequiredArgsConstructor;
import org.springframework.context.annotation.Lazy;
import org.springframework.stereotype.Component;

import javax.annotation.Resource;
import java.time.LocalDateTime;
import java.util.Collection;
import java.util.List;
import java.util.Objects;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

/**
 * 登录校验方法
@@ -150,7 +153,7 @@
        recordLogService.recordLogininfor(username, Constants.REGISTER, "注册成功");
    }

    public void companyRegister(RegisterUser registerUser) {
    public void companyRegister(MgtCompanyDTO registerUser) {
        String accountName = registerUser.getAccountName();
        String password = registerUser.getPassword();
        // 用户名或密码为空 错误
@@ -161,10 +164,17 @@
        if (!"999999".equals(smsCode)) {
            String verifyKey = CacheConstants.PHONE_CODE_KEY + StringUtils.nvl(registerUser.getPhone(), "");
            String captcha = redisService.getCacheObject(verifyKey);
            if (captcha == null) {
            if (captcha == null){
                throw new ServiceException("验证码错误");
            }
            String[] split = captcha.split(":");
            long l = Long.parseLong(split[1]);
            long l1 = System.currentTimeMillis();
            // 判断是否大于两分钟
            if (l1 - l > 2 * 60 * 1000) {
                throw new CaptchaException("验证码已失效");
            }
            redisService.deleteObject(verifyKey);
            captcha = split[0];
            if (!smsCode.equalsIgnoreCase(captcha)) {
                throw new CaptchaException("验证码错误");
            }
@@ -177,85 +187,123 @@


    public User companyLogin(RegisterUser registerUser) {
        // 输入验证
        if (registerUser == null || registerUser.getAccountName() == null || registerUser.getPassword() == null) {
            throw new ServiceException("无效的输入");
        }
        String accountName = registerUser.getAccountName();
        String password = registerUser.getPassword();

        R<User> userByPhoneR = remoteCompanyUserService.getUserByPhone(accountName, SecurityConstants.INNER);
        if (R.isError(userByPhoneR)) {
            throw new ServiceException(userByPhoneR.getMsg());
        R<User> userByAccountNameR = remoteCompanyUserService.getUserByAccountName(accountName, SecurityConstants.INNER);

        User user = null;
        if (userByPhoneR.getData() != null) {
            user = userByPhoneR.getData();
        } else if (userByAccountNameR.getData() != null) {
            user = userByAccountNameR.getData();
        }
        if (userByPhoneR.getData() == null) {

        if (user == null) {
            throw new ServiceException("账号不存在");
        }

        if (SecurityUtils.matchesPassword(password, userByPhoneR.getData().getPassword())) {
            return userByPhoneR.getData();
        if (!SecurityUtils.matchesPassword(password, user.getPassword())) {
            throw new ServiceException("账号或密码错误");
        }


        R<User> r = remoteCompanyUserService.getUserByAccountName(accountName, SecurityConstants.INNER);
        if (R.isError(r)) {
            throw new ServiceException(r.getMsg());
        }
        if (r.getData() == null) {
            throw new ServiceException("账号不存在");
        }
        if (!SecurityUtils.matchesPassword(password, r.getData().getPassword())) {
            throw new ServiceException("密码错误");
        }
        return r.getData();
        return user;
    }



    public void resetPwd(RegisterUser registerUser) {
        User user = check(registerUser);

        String verifyKey = CacheConstants.PHONE_CODE_KEY + StringUtils.nvl(registerUser.getPhone(), "");
        String captcha = redisService.getCacheObject(verifyKey);
        if (captcha == null) {
            throw new CaptchaException("验证码错误");
        }
        String[] split = captcha.split(":");


        long l = Long.parseLong(split[1]);
        long l1 = System.currentTimeMillis();
        // 判断是否大于两分钟
        if (l1 - l > 2 * 60 * 1000) {
            throw new CaptchaException("验证码已失效");
        }
        captcha = split[0];
        if (!registerUser.getCode().equalsIgnoreCase(captcha)) {
            throw new CaptchaException("验证码错误");
        }

        String password = SecurityUtils.encryptPassword(registerUser.getPassword());
        user.setPassword(password);
        R<Void> r = remoteCompanyUserService.updateUser(user, SecurityConstants.INNER);
        if (R.isError(r)) {
            throw new ServiceException(r.getMsg());
        }
        forceLogout(user.getUserId());
    }

    public void forceLogout(Long userId) {
        Collection<String> keys = redisService.keys(CacheConstants.LOGIN_TOKEN_KEY + "*");
        for (String key : keys) {
            Object user = redisService.getCacheObject(key);
            if (user instanceof AppUser) {
                AppUser appUser = (AppUser) user;
                if (appUser.getUserId().equals(userId)) {
                    redisService.deleteObject(key);
                }
            }
        }
    }



    public User check(RegisterUser registerUser) {
        String accountName = registerUser.getAccountName();
        R<User> userByPhoneR = remoteCompanyUserService.getUserByPhone(accountName, SecurityConstants.INNER);
        if (R.isError(userByPhoneR)) {
            throw new ServiceException(userByPhoneR.getMsg());
        }
        boolean check = false;
        R<User> userR = new R<>();
        if (userByPhoneR.getData() != null) {
            check = check(userByPhoneR.getData(), registerUser.getCompanyName(), registerUser.getIdCardNumber());
        }
        if (!check){
            userR = remoteCompanyUserService.getUserByAccountName(accountName, SecurityConstants.INNER);
            if (R.isError(userR)) {
                throw new ServiceException(userR.getMsg());
            }
            if (userR.getData() == null) {
                throw new ServiceException("账号不存在");
            }
            check = check(userR.getData(), registerUser.getCompanyName(), registerUser.getIdCardNumber());
        }
        R<User> userByAccountNameR= remoteCompanyUserService.getUserByAccountName(accountName, SecurityConstants.INNER);

        if (!check) {
        User user;
        if (userByPhoneR.getData() != null) {
            user = userByPhoneR.getData();
        } else if (userByAccountNameR.getData() != null) {
            user = userByAccountNameR.getData();
        }else {
            throw new ServiceException("账号不存在");
        }
        String password = SecurityUtils.encryptPassword(registerUser.getPassword());
        User user = userR.getData();
        user.setPassword(password);
        R<Void> r = remoteCompanyUserService.updateUser(user);
        if (R.isError(r)) {
            throw new ServiceException(userR.getMsg());

        R<List<Company>> companyListR = remoteCompanyService.getCompanyByUserId(user.getUserId(), SecurityConstants.INNER);
        List<Company> companyList = companyListR.getData();
        long count = companyList.stream().filter(company -> company.getCompanyName()
                .equals(registerUser.getCompanyName()) &&
                company.getIdCardNumber().equals(registerUser.getIdCardNumber())).count();
        if (count == 0) {
            return null;
        }

        return user;
    }

    public boolean check(User user, String companyName, String idCardNumber) {
        Long userId = user.getUserId();
        R<List<Company>> companyR = remoteCompanyService.getCompanyByUserId(userId, SecurityConstants.INNER);
        if (R.isError(companyR)) {
            throw new ServiceException(companyR.getMsg());
        }
        List<Company> companyList = companyR.getData();
        if (companyList != null) {
            long count = companyList.stream()
                    .filter(company -> company.getCompanyName().equals(companyName) &&
                            company.getIdCardNumber().equals(idCardNumber))
                    .count();
            return count > 0;
        }
        return false;
    }


    /**
     * 管理端-修改密码
     * @param dto
     */
    public void modifyPwd(MgtPasswordDTO dto) {
        Long userId = SecurityUtils.getUserId();
        SysUser sysUser = remoteUserService.getUserById(userId, SecurityConstants.INNER).getData();
        if (Objects.isNull(sysUser)){
            throw new ServiceException("用户不存在");
        }
        if (!SecurityUtils.matchesPassword(dto.getOldPassword(), sysUser.getPassword())){
            throw new ServiceException("原密码错误");
        }
        sysUser.setPassword(SecurityUtils.encryptPassword(dto.getNewPassword()));
        remoteUserService.updateUser(sysUser,SecurityConstants.INNER);
    }
}