package com.zd.auth.controller;
import cn.hutool.core.util.RandomUtil;
import com.zd.auth.form.LoginBody;
import com.zd.auth.form.RegisterBody;
import com.zd.auth.service.SysLoginService;
import com.zd.chemical.api.fegin.RemoteStockService;
import com.zd.common.core.exception.ParamException;
import com.zd.common.core.exception.ServiceException;
import com.zd.common.core.redis.RedisService;
import com.zd.common.core.security.TokenService;
import com.zd.common.core.utils.DESUtils;
import com.zd.common.core.utils.IdUtils;
import com.zd.common.core.utils.StringUtils;
import com.zd.model.constant.*;
import com.zd.model.domain.AjaxResult;
import com.zd.model.domain.R;
import com.zd.model.domain.ResultData;
import com.zd.model.entity.LoginModel;
import com.zd.model.entity.LoginUser;
import com.zd.model.entity.SysUser;
import com.zd.system.api.bo.SysLoginBo;
import com.zd.system.api.feign.RemoteUserService;
import io.swagger.annotations.ApiOperation;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.multipart.MultipartFile;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.util.List;
import java.util.Map;
import java.util.concurrent.TimeUnit;
import static com.zd.model.constant.BaseConstants.CODE_EXPIRATION;
/***
* 认证接口
*
* @author linft
* @date 6/21/2023
* @version 3.0
*/
@RestController
public class AuthController {
private final Logger logger = LoggerFactory.getLogger(AuthController.class);
@Autowired
private TokenService tokenService;
@Autowired
private SysLoginService sysLoginService;
@Autowired
private RemoteUserService remoteUserService;
@Autowired
private RemoteStockService stockService;
@Resource
private RedisTemplate redisTemplate;
@Autowired
private RedisService redisService;
@PostMapping("/login")
public R login(@RequestBody LoginBody form) {
// 用户登录
String authType = form.getAuthType() == null ? BaseConstants.GRANT_TYPE_PASSWORD : form.getAuthType();
LoginModel loginModel = new LoginModel();
SysLoginBo loginBo = new SysLoginBo();
loginBo.setAccount(form.getUsername());
loginBo.setGrantType(authType);
if (BaseConstants.GRANT_TYPE_PASSWORD.equals(authType)) {
//校验参数
if (StringUtils.isEmpty(form.getUsername()) || StringUtils.isEmpty(form.getPassword())) {
throw new ParamException("账号信息不能为空");
} else if (form.getUsername().length() < UserConstants.USERNAME_MIN_LENGTH
|| form.getUsername().length() > UserConstants.USERNAME_MAX_LENGTH
|| form.getPassword().length() < UserConstants.PASSWORD_MIN_LENGTH
|| form.getPassword().length() > UserConstants.PASSWORD_MAX_LENGTH) {
throw new ParamException("账号参数有误");
} else {
loginBo.setPassword(form.getPassword());
loginBo.setLoginType(UserConstants.USER_LOGIN_PC);
R r = remoteUserService.userLogin(loginBo);
if (r.getCode() == HttpStatus.SUCCESS && r.getData() != null) {
loginModel = r.getData();
} else if (r.getCode() == HttpStatus.ERROR){
return R.fail(r.getMsg());
}
}
} else if (BaseConstants.GRANT_TYPE_MOBILE.equals(authType)) {
//手机号
String key = BaseConstants.DEFAULT_CODE_KEY + BaseConstants.GRANT_TYPE_MOBILE + "@" + form.getUsername();
String code = redisTemplate.opsForValue().get(key);
if (form.getPassword().equals(code)) {
R r = remoteUserService.phoneAccount(loginBo);
if (r.getCode() == HttpStatus.SUCCESS && r.getData() != null) {
loginModel = r.getData();
} else if (r.getCode() == HttpStatus.ERROR){
return R.fail(r.getMsg());
}
}
}
loginModel.setLoginType(UserConstants.USER_LOGIN_PC);
Map data = tokenService.createToken(loginModel);
//这里判断输入的密码,是否和默认配置密码一样,如果一样,需要提示跳转设置密码
AjaxResult resultPassword = remoteUserService.getConfigKey("sys.user.initPassword");
if ((resultPassword.get("code") + "").equals("200")) {
String defaultPassword = (String) resultPassword.get("msg");
if (defaultPassword != null && defaultPassword.equals(form.getPassword())) {
data.put("reset_password", true);
} else {
data.put("reset_password", false);
}
}
// 区分大屏用户
// 查询大屏链接
AjaxResult result = remoteUserService.getRouters(loginModel.getUserId());
try {
List> routers = (List>) result.get("data");
Map dataMenu = routers.stream().filter(
a -> "https://www.sxitdlc.com".equals(a.get("path") + "")).findFirst().orElse(null);
if (dataMenu != null) {
String tokenKey = "login_screen:";
Integer type;
if (loginModel.isAdmin()) {
type = 1;
} else {
result = remoteUserService.selectAuthUserPower(loginModel.getUserId());
Map map = (Map) result.get("data");
type = Integer.parseInt(map.get("type") + "");
}
if (type == null) {
// 没有大屏权限
type = 3;
data.put("screen_token", "");
} else if (redisService.hasKey(tokenKey + loginModel.getUserId())) {
String token = redisService.getCacheObject(tokenKey + loginModel.getUserId());
commLogin(loginModel, token);
data.put("screen_token", token);
} else {
String token = IdUtils.fastUUID();
commLogin(loginModel, token);
redisService.setCacheObject(tokenKey + loginModel.getUserId(), token, 180L, TimeUnit.DAYS);
// 获取大屏TOKEN
data.put("screen_token", token);
}
data.put("screen_type", type);
} else {
// 没有大屏权限
data.put("screen_type", 3);
data.put("screen_token", "");
}
} catch (Exception e) {
// 没有大屏权限
data.put("screen_type", 3);
data.put("screen_token", "");
}
// 获取登录token
return R.ok(data);
}
//公共登录方法
private void commLogin(LoginModel model, String token) {
model.setToken(token);
redisService.setCacheObject(CacheConstants.LOGIN_TOKEN_KEY + token, model, BaseConstants.TOKEN_EXPIRE, TimeUnit.SECONDS);
}
/**
* 一体机登录
* 小程序登录也在用
*/
@PostMapping("/one/login")
public R oneLogin(@RequestBody LoginBody form) {
// 用户登录
SysLoginBo loginBo = new SysLoginBo();
loginBo.setAccount(form.getUsername());
loginBo.setPassword(form.getPassword());
loginBo.setGrantType(BaseConstants.GRANT_TYPE_PASSWORD);
loginBo.setLoginType(UserConstants.USER_LOGIN_WX);
R r = remoteUserService.userLogin(loginBo);
if (r.getCode() != HttpStatus.SUCCESS || r.getData() == null) {
return R.fail(r.getMsg());
}
LoginModel model = r.getData();
model.setLoginType(UserConstants.USER_LOGIN_WX);
// 获取登录token
return R.ok(tokenService.createProgramToken(model));
}
/***
* 手持机账号、密码 登录
* @param form
* @return
*/
@PostMapping("/pda/pwdLogin")
public R padLogin(@RequestBody LoginBody form) {
// 用户登录
SysLoginBo loginBo = new SysLoginBo();
loginBo.setAccount(form.getUsername());
loginBo.setPassword(form.getPassword());
loginBo.setGrantType(BaseConstants.GRANT_TYPE_PASSWORD);
R r = remoteUserService.userLogin(loginBo);
if (r.getCode() != HttpStatus.SUCCESS || r.getData() == null) {
return R.fail(r.getMsg());
}
LoginModel model = r.getData();
model.setLoginType(UserConstants.HANDSET_LOGIN_AIO);
// 获取登录token
return R.ok(tokenService.createProgramToken(model));
}
/**
* 发送验证码
*/
@PostMapping("/send/code")
public R send(@RequestBody LoginBody form) {
String username = form.getUsername();
R userR = remoteUserService.getUserInfo(username, SecurityConstants.INNER);
if (userR.getCode() != HttpStatus.SUCCESS || userR.getData() == null) {
throw new ServiceException("用户不存在", 530);
}
String key = BaseConstants.DEFAULT_CODE_KEY + BaseConstants.GRANT_TYPE_MOBILE + "@" + username;
String code = RandomUtil.randomNumbers(6);
redisTemplate.opsForValue().set(key, code, CODE_EXPIRATION, TimeUnit.MINUTES);
logger.info("========================>{}<=========================", code);
String countKey = BaseConstants.DEFAULT_CODE_KEY + "@" + username + "_COUNT";
String count = redisTemplate.opsForValue().get(countKey);
if (StringUtils.isEmpty(count)) {
redisTemplate.opsForValue().set(countKey, "1", 60, TimeUnit.MINUTES);
} else {
if (count != null) {
int i = Integer.parseInt(count);
if (i >= 5) {
throw new ServiceException("验证码发送超过限制,请一小时后再试", 530);
}
i++;
redisTemplate.opsForValue().set(countKey, i + "", 60, TimeUnit.MINUTES);
}
}
return stockService.sendSydSms(code, 2, null, form.getUsername());
}
/**
* 学习一体机 用户端登录
* 接口修改为分两步操作,1 刷卡获取人员信息和token , 2 人脸验证之后再调用一次实现真实登录
* type : 1 和 2
*/
@PostMapping("/learn/login")
public R learnLogin(HttpServletRequest request, @RequestBody Map params) {
int type = org.apache.commons.lang3.StringUtils.isNotBlank((String) params.get("type")) ? Integer.parseInt((String) params.get("type")) : 1;
String machineCode = params.get("machineCode") == null ? "" : (String) params.get("machineCode");
// 用户登录
String username = (String) params.get("userName");
int aioType = params.get("aioType") == null ? UserConstants.USER_LOGIN_AIO : Integer.parseInt(params.get("aioType") + "");
logger.error("学习机登录,加密前:" + username + ",设备编码:" + machineCode +"设备类型:"+aioType);
if (UserConstants.USER_LOGIN_HXP == aioType) {
//终端传参数据有问题,暂临时后端处理
//通过des生成对称加密卡号
logger.error("化学品补0:" + DESUtils.completeMissing(username));
username = DESUtils.encrypt(DESUtils.completeMissing(username));
logger.error("化学品加密后:" + username);
} else {
username =DESUtils.encrypt(username+"");
logger.error("学习机登录,加密后:" + username);
}
R user = remoteUserService.getUserInfoByCardNum(username, SecurityConstants.INNER);
if (R.FAIL == user.getCode()) {
throw new ServiceException(user.getMsg());
}
if (StringUtils.isNull(user.getData())) {
return R.fail("账号信息不存在");
}
SysLoginBo loginBo = new SysLoginBo();
loginBo.setAccount(user.getData().getUserName());
loginBo.setLoginType(aioType);
R r = remoteUserService.userLoginByNoPassword(loginBo);
if (r.getCode() != R.SUCCESS) {
return R.fail(r.getMsg());
}
if (r.getData() != null) {
LoginModel userInfo = r.getData();
userInfo.setLoginType(aioType);
userInfo.setMachineCode(machineCode);
Map map = null;
if (type == 1) {
// 获取登录token
map = tokenService.createToken(userInfo);
} else if (type == 2) {
// 资源删除
LoginModel loginUser = tokenService.getLoginUser(request);
if (StringUtils.isNotNull(loginUser)) {
// 删除用户缓存记录
tokenService.delLoginUser(loginUser.getToken());
}
map = tokenService.createToken(userInfo);
if (UserConstants.USER_LOGIN_HXP == aioType) {
map.put("positionName", userInfo.getPositionName());
map.put("cabinetLock", userInfo.isCabinetLock());
map.put("airBottle", userInfo.isAirBottle());
} else if (UserConstants.USER_LOGIN_AIO == aioType) {
if (redisService.hasKey(CacheConstants.LEARN_USER_KEY + userInfo.getUserId())) {
LoginModel userCache = redisService.getCacheObject(CacheConstants.LEARN_USER_KEY + userInfo.getUserId());
if(StringUtils.isNull(params.get("isLogin")) || "0".equals(params.get("isLogin"))){
if (machineCode.equals(userCache.getMachineCode())) {
return R.fail(4466,"您已在设备登录,是否重新登录!");
}else{
return R.fail("签到失败,不能重复签到!");
}
}
}
// 记录学习一体机用户登录状态
redisService.setCacheObject(CacheConstants.LEARN_USER_KEY + userInfo.getUserId(), userInfo, BaseConstants.TOKEN_EXPIRE * 60, TimeUnit.SECONDS);
}
}
return R.ok(map);
} else {
return R.fail("账号信息不存在");
}
}
/**
* 手持机 用户端登录
* 接口操作,1刷卡验证之后调用实现真实登录
*/
@PostMapping("/handset/login")
public R handsetLogin(@RequestBody Map params) {
// 用户登录
String username = (String) params.get("userName");
logger.error("手持机登录,加密前:" + username);
//通过des生成对称加密卡号
username = DESUtils.encrypt(username);
logger.error("手持机登录,加密后:" + username);
int aioType = UserConstants.HANDSET_LOGIN_AIO;
R user = remoteUserService.getUserInfoByCardNum(username, SecurityConstants.INNER);
if (R.FAIL == user.getCode()) {
throw new ServiceException(user.getMsg());
}
if (StringUtils.isNull(user.getData())) {
return R.fail("账号信息不存在");
}
SysLoginBo loginBo = new SysLoginBo();
loginBo.setAccount(user.getData().getUserName());
loginBo.setLoginType(aioType);
R r = remoteUserService.userLoginByNoPassword(loginBo);
if (r.getCode() != R.SUCCESS) {
return R.fail(r.getMsg());
}
if (r.getData() != null) {
LoginModel userInfo = r.getData();
userInfo.setLoginType(aioType);
// 获取登录token
Map map = tokenService.createToken(userInfo);
return R.ok(map);
} else {
return R.fail("账号信息不存在");
}
}
/**
* 学习一体机 用户退出登录
*/
@PostMapping("/learn/loginOut")
public R learnLoginOut(HttpServletRequest request) {
LoginModel loginUser = tokenService.getLoginUser(request);
if (StringUtils.isNotNull(loginUser)) {
// 删除用户缓存记录
tokenService.delLoginUser(loginUser.getToken());
// 删除一体机登录状态
redisService.deleteObject(CacheConstants.LEARN_USER_KEY + loginUser.getUserId());
}
return R.ok();
}
@DeleteMapping("logout")
public R logout(HttpServletRequest request) {
LoginModel loginUser = tokenService.getLoginUser(request);
if (StringUtils.isNotNull(loginUser)) {
// 删除用户缓存记录
tokenService.delLoginUser(loginUser.getToken());
}
return R.ok();
}
@PostMapping("refresh")
public R refresh(HttpServletRequest request) {
LoginModel loginUser = tokenService.getLoginUser(request);
if (StringUtils.isNotNull(loginUser)) {
// 刷新令牌有效期
tokenService.refreshToken(loginUser);
return R.ok();
}
return R.ok();
}
@PostMapping("register")
public R register(@RequestBody RegisterBody registerBody) {
// 用户注册
sysLoginService.register(registerBody.getUsername(), registerBody.getPassword());
return R.ok();
}
@ApiOperation(value = "手持机人脸登录")
@PostMapping("/facePda")
public R face(@RequestParam("file") MultipartFile file) {
//调用人脸对比获取用户信息
ResultData result = remoteUserService.pdaCompare(file);
if (result.getCode().equals(HttpStatus.SUCCESS)) {
LoginModel model = result.getData();
Map data = tokenService.createToken(model);
return R.ok(data);
}
return R.fail(result.getMsg());
}
}