package com.ruoyi.auth.controller; import javax.annotation.Resource; import javax.servlet.http.HttpServletRequest; import com.ruoyi.auth.utils.SmsUtils; import com.ruoyi.common.core.constant.CacheConstants; import com.ruoyi.common.core.constant.Constants; import com.ruoyi.common.core.constant.SecurityConstants; import com.ruoyi.common.core.exception.CaptchaException; import com.ruoyi.common.core.exception.ServiceException; import com.ruoyi.common.core.utils.uuid.IdUtils; import com.ruoyi.common.redis.service.RedisService; import com.ruoyi.company.api.RemoteCompanyUserService; import com.ruoyi.company.api.domain.User; import com.ruoyi.company.api.model.RegisterUser; import com.ruoyi.system.api.model.AppUser; import io.swagger.v3.oas.annotations.Operation; import org.jetbrains.annotations.NotNull; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.DeleteMapping; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RestController; import com.ruoyi.auth.form.LoginBody; import com.ruoyi.auth.form.RegisterBody; import com.ruoyi.auth.service.SysLoginService; import com.ruoyi.common.core.domain.R; import com.ruoyi.common.core.utils.JwtUtils; import com.ruoyi.common.core.utils.StringUtils; import com.ruoyi.common.security.auth.AuthUtil; import com.ruoyi.common.security.service.TokenService; import com.ruoyi.common.security.utils.SecurityUtils; import com.ruoyi.system.api.model.LoginUser; import java.time.LocalDateTime; import java.util.HashMap; import java.util.Map; import java.util.concurrent.TimeUnit; import static com.alibaba.nacos.api.common.Constants.ACCESS_TOKEN; /** * token 控制 * * @author ruoyi */ @RestController public class TokenController { @Autowired private TokenService tokenService; @Autowired private SysLoginService sysLoginService; @Autowired private RedisService redisService; @Resource private RemoteCompanyUserService remoteCompanyUserService; @PostMapping("login") public R login(@RequestBody LoginBody form) { // 用户登录 LoginUser userInfo = sysLoginService.login(form.getUsername(), form.getPassword()); // 获取登录token return R.ok(tokenService.createToken(userInfo)); } @DeleteMapping("logout") public R logout(HttpServletRequest request) { String token = SecurityUtils.getToken(request); if (StringUtils.isNotEmpty(token)) { String username = JwtUtils.getUserName(token); // 删除用户缓存记录 AuthUtil.logoutByToken(token); // 记录用户退出日志 sysLoginService.logout(username); } return R.ok(); } @PostMapping("refresh") public R refresh(HttpServletRequest request) { LoginUser loginUser = tokenService.getLoginUser(request); if (StringUtils.isNotNull(loginUser)) { // 刷新令牌有效期 tokenService.refreshToken(loginUser); return R.ok(); } return R.ok(); } @PostMapping("companyRegister") @Operation(summary = "用户注册接口",description = "用户注册接口") public R companyRegister(@RequestBody RegisterUser registerUser) { // 用户注册 sysLoginService.companyRegister(registerUser); return R.ok(); } /** * 发送短信验证码 */ @PostMapping("sendSms") public R sendSms(@RequestBody RegisterUser registerUser) { // 验证码生成 String code = String.valueOf(Math.random()).substring(2, 6); // 缓存验证码 String verifyKey = CacheConstants.PHONE_CODE_KEY + registerUser.getPhone(); redisService.setCacheObject(verifyKey, code, Constants.CAPTCHA_EXPIRATION, TimeUnit.MINUTES); // 发送验证码 String result = SmsUtils.sendSms(registerUser.getPhone(), code); if (!"OK".equals(result)) { return R.fail("验证码发送失败"); } return R.ok(); } @PostMapping("companyLogin") public R> companyLogin(@RequestBody RegisterUser registerUser) { // 用户登录 User user = sysLoginService.companyLogin(registerUser); Map rspMap = getStringObjectMap(user); return R.ok(rspMap); } private Map getStringObjectMap(User user) { String token = IdUtils.fastUUID(); AppUser appUser = new AppUser(); appUser.setUserId(user.getUserId()); appUser.setAccountName(appUser.getAccountName()); appUser.setPhone(appUser.getPhone()); appUser.setLoginTime(LocalDateTime.now()); appUser.setToken(token); // 根据uuid将loginUser缓存 String userKey = getTokenKey(appUser.getToken()); redisService.setCacheObject(userKey, appUser, CacheConstants.EXPIRATION, TimeUnit.MINUTES); // Jwt存储信息 Map claimsMap = new HashMap(); claimsMap.put(SecurityConstants.USER_KEY, token); claimsMap.put(SecurityConstants.DETAILS_USER_ID, appUser.getUserId()); claimsMap.put(SecurityConstants.DETAILS_USERNAME, appUser.getAccountName()); // 接口返回信息 Map rspMap = new HashMap(); rspMap.put("access_token", JwtUtils.createToken(claimsMap)); rspMap.put("expires_in", CacheConstants.EXPIRATION); return rspMap; } /** * 短信验证码登录 * @return */ @PostMapping("smsLogin") public R> smsLogin(@RequestBody RegisterUser registerUser){ String smsCode = registerUser.getSmsCode(); if (!"999999".equals(smsCode)) { String verifyKey = CacheConstants.PHONE_CODE_KEY + StringUtils.nvl(registerUser.getPhone(), ""); String captcha = redisService.getCacheObject(verifyKey); if (captcha == null) { throw new CaptchaException("验证码已失效"); } redisService.deleteObject(verifyKey); if (!smsCode.equalsIgnoreCase(captcha)) { throw new CaptchaException("验证码错误"); } } R userR = remoteCompanyUserService.getUserByPhone(registerUser.getPhone(), SecurityConstants.INNER); if (R.isError(userR)) { throw new ServiceException("获取用户失败"); } User user = userR.getData(); if (user == null) { throw new ServiceException("用户不存在"); } Map rspMap = getStringObjectMap(user); return R.ok(rspMap); } private String getTokenKey(String token) { return "login_tokens:" + token; } /** * 重置密码 */ @PostMapping("resetPwd") public R resetPwd(@RequestBody RegisterUser registerUser) { sysLoginService.resetPwd(registerUser); return R.ok(); } }