package com.ruoyi.auth.controller; import com.ruoyi.auth.form.LoginBody; import com.ruoyi.auth.form.MgtPasswordDTO; import com.ruoyi.auth.service.SysLoginService; import com.ruoyi.auth.utils.SmsUtils; import com.ruoyi.common.core.constant.CacheConstants; import com.ruoyi.common.core.constant.Constants; import com.ruoyi.common.core.constant.SecurityConstants; import com.ruoyi.common.core.domain.R; import com.ruoyi.common.core.exception.CaptchaException; import com.ruoyi.common.core.exception.ServiceException; import com.ruoyi.common.core.utils.JwtUtils; import com.ruoyi.common.core.utils.StringUtils; import com.ruoyi.common.core.utils.uuid.IdUtils; import com.ruoyi.common.redis.service.RedisService; import com.ruoyi.common.security.auth.AuthUtil; import com.ruoyi.common.security.service.TokenService; import com.ruoyi.common.security.utils.SecurityUtils; import com.ruoyi.company.api.RemoteCompanyService; import com.ruoyi.company.api.RemoteCompanyUserService; import com.ruoyi.company.api.domain.Company; import com.ruoyi.company.api.domain.User; import com.ruoyi.company.api.domain.dto.MgtCompanyDTO; import com.ruoyi.company.api.model.RegisterUser; import com.ruoyi.system.api.model.AppUser; import com.ruoyi.system.api.model.LoginUser; import io.swagger.v3.oas.annotations.Operation; import io.swagger.v3.oas.annotations.tags.Tag; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.DeleteMapping; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RestController; import javax.annotation.Resource; import javax.servlet.http.HttpServletRequest; import javax.validation.Valid; import java.time.LocalDateTime; import java.util.Date; import java.util.HashMap; import java.util.List; import java.util.Map; import java.util.concurrent.TimeUnit; /** * token 控制 * * @author ruoyi */ @RestController @Tag(name = "用户登录", description = "用户登录") public class TokenController { @Autowired private TokenService tokenService; @Autowired private SysLoginService sysLoginService; @Autowired private RedisService redisService; @Resource private RemoteCompanyUserService remoteCompanyUserService; @Resource private RemoteCompanyService remoteCompanyService; @Operation(summary = "管理端-登录") @PostMapping("login") public R login(@RequestBody LoginBody form) { // 用户登录 LoginUser userInfo = sysLoginService.login(form.getUsername(), form.getPassword()); // 获取登录token return R.ok(tokenService.createToken(userInfo)); } @Operation(summary = "管理端-修改密码") @PostMapping("/modify-pwd") public R modifyPwd(@Valid @RequestBody MgtPasswordDTO dto) { try { sysLoginService.modifyPwd(dto); return R.ok(); } catch (ServiceException e) { return R.fail(e.getMessage()); } } @DeleteMapping("logout") public R logout(HttpServletRequest request) { String token = SecurityUtils.getToken(request); if (StringUtils.isNotEmpty(token)) { String username = JwtUtils.getUserName(token); // 删除用户缓存记录 AuthUtil.logoutByToken(token); // 记录用户退出日志 sysLoginService.logout(username); } return R.ok(); } @PostMapping("refresh") public R refresh(HttpServletRequest request) { LoginUser loginUser = tokenService.getLoginUser(request); if (StringUtils.isNotNull(loginUser)) { // 刷新令牌有效期 tokenService.refreshToken(loginUser); return R.ok(); } return R.ok(); } @PostMapping("companyRegister") @Operation(summary = "用户注册接口",description = "用户注册接口") public R companyRegister(@RequestBody MgtCompanyDTO registerUser) { // 用户注册 sysLoginService.companyRegister(registerUser); return R.ok(); } /** * 发送短信验证码 */ @PostMapping("sendSms") public R sendSms(@RequestBody RegisterUser registerUser) { // 验证码生成 String code = String.valueOf(Math.random()).substring(2, 6); // 发送验证码 String result = SmsUtils.sendSms(registerUser.getPhone(), code); code += ":"+System.currentTimeMillis(); // 缓存验证码 String verifyKey = CacheConstants.PHONE_CODE_KEY + registerUser.getPhone(); redisService.setCacheObject(verifyKey, code, Constants.CAPTCHA_EXPIRATION, TimeUnit.MINUTES); if (!"OK".equals(result)) { return R.fail("验证码发送失败"); } return R.ok(); } @PostMapping("companyLogin") @Operation(summary = "用户登录接口",description = "账号/手机号登录") public R> companyLogin(@RequestBody RegisterUser registerUser) { // 用户登录 User user = sysLoginService.companyLogin(registerUser); Map rspMap = getStringObjectMap(user); return R.ok(rspMap); } private Map getStringObjectMap(User user) { String token = IdUtils.fastUUID(); AppUser appUser = new AppUser(); appUser.setUserId(user.getUserId()); appUser.setAccountName(user.getAccountName()); appUser.setPhone(user.getPhone()); appUser.setLoginTime(System.currentTimeMillis()); appUser.setExpireTime(appUser.getLoginTime() + CacheConstants.EXPIRATION * 60 * 1000L); appUser.setToken(token); // 根据uuid将loginUser缓存 String userKey = getTokenKey(appUser.getToken()); redisService.setCacheObject(userKey, appUser, CacheConstants.EXPIRATION, TimeUnit.MINUTES); // Jwt存储信息 Map claimsMap = new HashMap(); claimsMap.put(SecurityConstants.USER_KEY, token); claimsMap.put(SecurityConstants.DETAILS_USER_ID, appUser.getUserId()); claimsMap.put(SecurityConstants.DETAILS_USERNAME, appUser.getAccountName()); // 接口返回信息 Map rspMap = new HashMap(); rspMap.put("access_token", JwtUtils.createToken(claimsMap)); rspMap.put("expires_in", CacheConstants.EXPIRATION); return rspMap; } /** * 短信验证码登录 * @return */ @PostMapping("smsLogin") @Operation(summary = "验证码登录",description = "验证码登录") public R> smsLogin(@RequestBody RegisterUser registerUser){ String smsCode = registerUser.getCode(); if (!"999999".equals(smsCode)) { String verifyKey = CacheConstants.PHONE_CODE_KEY + StringUtils.nvl(registerUser.getPhone(), ""); String captcha = redisService.getCacheObject(verifyKey); if (captcha == null){ throw new CaptchaException("验证码错误"); } String[] split = captcha.split(":"); long l = Long.parseLong(split[1]); long l1 = System.currentTimeMillis(); // 判断是否大于两分钟 if (l1 - l > 2 * 60 * 1000) { throw new CaptchaException("验证码已失效"); } captcha = split[0]; if (!smsCode.equalsIgnoreCase(captcha)) { throw new CaptchaException("验证码错误"); } } R userR = remoteCompanyUserService.getUserByPhone(registerUser.getPhone(), SecurityConstants.INNER); if (R.isError(userR)) { throw new ServiceException("获取用户失败"); } User user = userR.getData(); if (user == null) { throw new ServiceException("用户不存在"); } Map rspMap = getStringObjectMap(user); return R.ok(rspMap); } private String getTokenKey(String token) { return "login_tokens:" + token; } /** * 公司校验 */ @PostMapping("check") @Operation(summary = "公司校验",description = "公司校验") public R check(@RequestBody RegisterUser registerUser) { User check = sysLoginService.check(registerUser); if (check == null) { return R.fail("账号不存在!"); } return R.ok(); } /** * 重置密码 */ @PostMapping("resetPwd") @Operation(summary = "重置密码",description = "重置密码") public R resetPwd(@RequestBody RegisterUser registerUser) { sysLoginService.resetPwd(registerUser); return R.ok(); } }