SysLoginController.java
8.09 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
package com.ruoyi.web.controller.system;
import java.text.SimpleDateFormat;
import java.time.LocalDate;
import java.time.ZoneId;
import java.util.*;
import cn.hutool.http.HttpRequest;
import com.alibaba.fastjson2.JSON;
import com.alibaba.fastjson2.JSONObject;
import com.ruoyi.common.core.domain.entity.SysFrontUser;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.common.utils.sign.Base64;
import com.ruoyi.system.service.ISysUserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RestController;
import com.ruoyi.common.constant.Constants;
import com.ruoyi.common.core.domain.AjaxResult;
import com.ruoyi.common.core.domain.entity.SysMenu;
import com.ruoyi.common.core.domain.entity.SysUser;
import com.ruoyi.common.core.domain.model.LoginBody;
import com.ruoyi.common.core.domain.model.LoginUser;
import com.ruoyi.common.utils.SecurityUtils;
import com.ruoyi.framework.web.service.SysLoginService;
import com.ruoyi.framework.web.service.SysPermissionService;
import com.ruoyi.framework.web.service.TokenService;
import com.ruoyi.system.service.ISysMenuService;
/**
* 登录验证
*
* @author ruoyi
*/
@RestController
public class SysLoginController
{
@Autowired
private SysLoginService loginService;
@Autowired
private ISysUserService userService;
@Autowired
private ISysMenuService menuService;
@Autowired
private SysPermissionService permissionService;
@Autowired
private TokenService tokenService;
@Value("${secret.url}")
String secretUrl;
@Value("${secret.appid}")
String secretAppid;
@Value("${secret.code}")
String secretCode;
@Value("${secret.encryptKeyCode}")
String secretEncryptKeyCode;
@Value("${secret.hmacKeyCode}")
String secretHmacKeyCode;
/**
* 登录方法
*
* @param loginBody 登录信息
* @return 结果
*/
@PostMapping("/login")
public AjaxResult login(@RequestBody LoginBody loginBody)
{
AjaxResult ajax = AjaxResult.success();
String password = "";
try {
String authorization = Base64.encode((secretAppid + ":" + secretCode).getBytes());
String hmacData = Base64.encode((loginBody.getUsername() + ":" + loginBody.getPassword()).getBytes());
//调用加密机验证数据完整性校验
Map<String, String> params = new HashMap<String, String>();
params.put("keyCode", secretHmacKeyCode);
params.put("algorithmParam", "HMAC_SM3");
params.put("data", hmacData);
String body = HttpRequest.post(secretUrl + "/api/v1/cipher/hmac").header("Authorization", "Basic " + authorization).body(JSON.toJSONString(params)).execute().body();
JSONObject jsonObject = JSON.parseObject(body);
if (jsonObject != null) {
String resCode = jsonObject.getString("code");
if (!resCode.equals("0")) {
return AjaxResult.error("数据完整性校验失败");
} else {
//和数据库做比较
JSONObject enData = JSONObject.parseObject(jsonObject.getString("data"));
String resHmac = enData.getString("hmac");
String hmc = "";
if (StringUtils.isNotEmpty(loginBody.getFlag()) && loginBody.getFlag().equals("back")) {
SysUser sysUser = userService.selectUserByUserName(loginBody.getUsername());
hmc = sysUser.getHmac();
} else {
SysFrontUser fUser = userService.selectFrontUserByUserName(loginBody.getUsername());
hmc = fUser.getHmac();
}
if (!hmc.equals(resHmac)) {
return AjaxResult.error("数据完整性校验失败");
}
}
}
//调用加密机验证加密算法是否一致
Map<String, String> enParams = new HashMap<String, String>();
String encryptData = Base64.encode((loginBody.getPassword()).getBytes());
enParams.put("keyCode", secretEncryptKeyCode);
enParams.put("algorithmParam", "SM4/ECB/PKCS7Padding");
enParams.put("data", encryptData);
String enBody = HttpRequest.post(secretUrl + "/api/v1/cipher/encrypt").header("Authorization", "Basic " + authorization).body(JSON.toJSONString(enParams)).execute().body();
JSONObject enjsonObject = JSON.parseObject(enBody);
if (enjsonObject != null) {
String resCode = enjsonObject.getString("code");
if (!resCode.equals("0")) {
return AjaxResult.error("密码验证错误");
} else {
JSONObject enData = JSONObject.parseObject(enjsonObject.getString("data"));
String encData = enData.getString("encData");
password = encData;
}
}
}catch (Exception e) {
e.printStackTrace();
return AjaxResult.error("登录错误,请稍后重试");
}
// 生成令牌
String token = loginService.login(loginBody.getUsername(), password, loginBody.getCode(),
loginBody.getUuid());
ajax.put(Constants.TOKEN, token);
return ajax;
}
/**
* 获取用户信息
*
* @return 用户信息
*/
@GetMapping("getInfo")
public AjaxResult getInfo()
{
LoginUser loginUser = SecurityUtils.getLoginUser();
switch (loginUser.getLoginType()) {
//前台用户 : 无后台的任何权限,直接返回用户信息即可
case "front" :
Date updateTime = loginUser.getFrontUser().getUpdateTime();
//updateTime 为null则证明 用户没有修改过密码
if (updateTime == null)
return AjaxResult.success(loginUser.getFrontUser());
//获取当前时间 并与 updateTime比较,超过3个月 则将pwdExpire设置为true 提醒用户修改密码
LocalDate upLocal = updateTime.toInstant().atZone(ZoneId.systemDefault()).toLocalDate();
LocalDate now = LocalDate.now();
LocalDate plusMonths = upLocal.plusMonths(3);
boolean isAfter = now.isAfter(plusMonths);
loginUser.getFrontUser().setPwdExpire(isAfter);
return AjaxResult.success(loginUser.getFrontUser());
//后台用户
case "back" :
SysUser user = loginUser.getUser();
// 角色集合
Set<String> roles = permissionService.getRolePermission(user);
// 权限集合
Set<String> permissions = permissionService.getMenuPermission(user);
if (!loginUser.getPermissions().equals(permissions))
{
loginUser.setPermissions(permissions);
tokenService.refreshToken(loginUser);
}
AjaxResult ajax = AjaxResult.success();
ajax.put("user", user);
ajax.put("roles", roles);
ajax.put("permissions", permissions);
return ajax;
default:
return null;
}
}
/**
* 获取路由信息
*
* @return 路由信息
*/
@GetMapping("getRouters")
public AjaxResult getRouters()
{
Long userId = SecurityUtils.getUserId();
List<SysMenu> menus = menuService.selectMenuTreeByUserId(userId);
return AjaxResult.success(menuService.buildMenus(menus));
}
}