实现福建农信的token登录

soc-auth/src/main/java/com/xunmei/auth/controller/TokenController.java

@@ -1,8 +1,7 @@
 package com.xunmei.auth.controller;
 
 import com.xunmei.auth.form.LoginBody;
-import com.xunmei.auth.form.RegisterBody;
-import com.xunmei.auth.service.SysLoginService;
+import com.xunmei.auth.service.LoginService;
 import com.xunmei.common.core.constant.Constants;
 import com.xunmei.common.core.domain.R;
 import com.xunmei.common.core.utils.JwtUtils;
@@ -12,13 +11,12 @@ import com.xunmei.common.security.service.TokenService;
 import com.xunmei.common.security.utils.SecurityUtils;
 import com.xunmei.system.api.model.LoginUser;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.web.bind.annotation.DeleteMapping;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
 
 import javax.annotation.Resource;
 import javax.servlet.http.HttpServletRequest;
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.NotNull;
 
 /**
  * token 控制
@@ -31,17 +29,17 @@ public class TokenController {
     private TokenService tokenService;
 
     @Autowired
-    private SysLoginService sysLoginService;
+    private LoginService loginService;
 
     @PostMapping("login")
     public R<?> login(@RequestBody LoginBody form) {
 
         try {
-            if (!SecurityUtils.isApp()){
+            if (!SecurityUtils.isApp()) {
                 //登录重放问题处理,待前端完成放开
-                //sysLoginService.checkLogin(form.getAuthCode());
+                //loginService.checkLogin(form.getAuthCode());
             }
-            LoginUser userInfo = sysLoginService.login(form.getUsername(), form.getPassword(), Constants.LOGIN_TYPE_1);
+            LoginUser userInfo = loginService.loginByPassword(form.getUsername(), form.getPassword(), Constants.LOGIN_TYPE_1);
             // 获取登录token
             return R.ok(tokenService.createToken(userInfo));
         } catch (Exception e) {
@@ -50,16 +48,15 @@ public class TokenController {
         // 用户登录
     }
 
-
     @PostMapping("loginApp")
     public R<?> loginApp(@RequestBody LoginBody form) {
 
         try {
-            if (!SecurityUtils.isApp()){
+            if (!SecurityUtils.isApp()) {
                 //登录重放问题处理,待前端完成放开
-                //sysLoginService.checkLogin(form.getAuthCode());
+                //loginService.checkLogin(form.getAuthCode());
             }
-            LoginUser userInfo = sysLoginService.login(form.getUsername(), form.getPassword(), Constants.LOGIN_TYPE_0);
+            LoginUser userInfo = loginService.loginByPassword(form.getUsername(), form.getPassword(), Constants.LOGIN_TYPE_0);
             // 获取登录token
             return R.ok(tokenService.createToken(userInfo));
         } catch (Exception e) {
@@ -68,6 +65,21 @@ public class TokenController {
         // 用户登录
     }
 
+    @GetMapping("tokenlogin")
+    public R<?> tokenLogin(@RequestParam @NotEmpty String token, @RequestParam @NotNull String loginType) {
+
+        try {
+            if (!SecurityUtils.isApp()) {
+                //登录重放问题处理,待前端完成放开
+                //loginService.checkLogin(form.getAuthCode());
+            }
+            LoginUser userInfo = loginService.loginByToken(token, loginType);
+            return R.ok(tokenService.createToken(userInfo));
+        } catch (Exception e) {
+            return R.fail(e.getMessage());
+        }
+        // 用户登录
+    }
 
     @DeleteMapping("logout")
     public R<?> logout(HttpServletRequest request) {
@@ -77,7 +89,7 @@ public class TokenController {
             // 删除用户缓存记录
             AuthUtil.logoutByToken(token);
             // 记录用户退出日志
-            sysLoginService.logout(username,Constants.LOGIN_TYPE_1);
+            loginService.logout(username, Constants.LOGIN_TYPE_1);
         }
         return R.ok();
     }
@@ -90,7 +102,7 @@ public class TokenController {
             // 删除用户缓存记录
             AuthUtil.logoutByToken(token);
             // 记录用户退出日志
-            sysLoginService.logout(username,Constants.LOGIN_TYPE_0);
+            loginService.logout(username, Constants.LOGIN_TYPE_0);
         }
         return R.ok();
     }

soc-auth/src/main/java/com/xunmei/auth/service/FJNXLoginService.java

@@ -1,54 +1,72 @@
-//package com.xunmei.auth.service;
-//
-//import cn.hutool.core.util.ObjectUtil;
-//import cn.hutool.json.JSONObject;
-//import com.xunmei.common.core.utils.StringUtils;
-//import io.netty.util.internal.StringUtil;
-//import lombok.extern.flogger.Flogger;
-//import org.apache.http.HttpEntity;
-//import org.apache.http.StatusLine;
-//import org.apache.http.client.methods.CloseableHttpResponse;
-//import org.apache.http.client.methods.HttpGet;
-//import org.apache.http.client.methods.HttpPost;
-//import org.apache.http.entity.StringEntity;
-//import org.apache.http.impl.client.CloseableHttpClient;
-//import org.apache.http.impl.client.HttpClients;
-//import org.apache.http.message.BasicHeader;
-//import org.apache.http.protocol.HTTP;
-//import org.apache.http.util.EntityUtils;
-//import org.slf4j.ILoggerFactory;
-//import org.springframework.beans.factory.annotation.Value;
-//import org.springframework.stereotype.Component;
-//
-//import java.io.IOException;
-//import java.nio.charset.StandardCharsets;
-//import java.util.ArrayList;
-//import java.util.List;
-//
+package com.xunmei.auth.service;
+
+import cn.hutool.core.util.ObjectUtil;
+import cn.hutool.json.JSONObject;
+import com.xunmei.common.core.constant.Constants;
+import com.xunmei.common.core.constant.SecurityConstants;
+import com.xunmei.common.core.domain.R;
+import com.xunmei.common.core.exception.ServiceException;
+import com.xunmei.common.core.utils.StringUtils;
+import com.xunmei.system.api.RemoteLogService;
+import com.xunmei.system.api.RemoteUserService;
+import com.xunmei.system.api.model.LoginUser;
+import io.netty.util.internal.StringUtil;
+import lombok.extern.flogger.Flogger;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.http.HttpEntity;
+import org.apache.http.StatusLine;
+import org.apache.http.client.methods.CloseableHttpResponse;
+import org.apache.http.client.methods.HttpGet;
+import org.apache.http.client.methods.HttpPost;
+import org.apache.http.entity.StringEntity;
+import org.apache.http.impl.client.CloseableHttpClient;
+import org.apache.http.impl.client.HttpClients;
+import org.apache.http.message.BasicHeader;
+import org.apache.http.protocol.HTTP;
+import org.apache.http.util.EntityUtils;
+import org.slf4j.ILoggerFactory;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.stereotype.Component;
+
+import java.io.IOException;
+import java.nio.charset.StandardCharsets;
+import java.util.ArrayList;
+import java.util.List;
+
 //import com.union.api.TUnionTransInfo;
 //import com.union.api.UnionEsscAPI;
-//
-//@Component
-//public class FJNXLoginService {
-//    @Value("${fjnx.host}")
-//    private String host;
-//
-//    @Value("${fjnx.systemCode}")
-//    private String systemCode;
-//
-//    @Value("${fjnx.passIp}")
-//    private String passIp;
-//
-//    @Value("${fjnx.passPort}")
-//    private String passPort;
-//
-//    @Value("${fjnx.appCode}")
-//    private String appCode;
-//
-//    @Value("${fjnx.secretName}")
-//    private String secretName;
-//
-//    public String logingByPassword(String username, String password) {
+
+import javax.annotation.Resource;
+
+@Component
+@ConditionalOnProperty(name = "loginPlatform", matchIfMissing = false, havingValue = "fjnx")
+public class FJNXLoginService implements LoginService {
+    @Value("${fjnx.host}")
+    private String host;
+
+    @Value("${fjnx.systemCode}")
+    private String systemCode;
+
+    @Value("${fjnx.passIp}")
+    private String passIp;
+
+    @Value("${fjnx.passPort}")
+    private String passPort;
+
+    @Value("${fjnx.appCode}")
+    private String appCode;
+
+    @Value("${fjnx.secretName}")
+    private String secretName;
+
+    @Resource
+    private RemoteUserService remoteUserService;
+
+    @Resource
+    private SysRecordLogService recordLogService;
+
+//    private String logingByPassword(String username, String password) {
 //        CloseableHttpClient client = null;
 //        try {
 //            List<String> ipList = new ArrayList<>();
@@ -61,21 +79,19 @@
 //            String pass = StringUtil.toHexString(password.getBytes());
 //            transInfo = shortApi.unionAPIServiceE160(1, secretName, "", 0, 1, pass, "", 1);
 //            if (ObjectUtil.isNull(transInfo)) {
-//                return null;
+//                throw new ServiceException("密码加密失败,返回对象为空");
 //            }
 //
 //            if (ObjectUtil.notEqual(transInfo.getResponseCode(), 0) || ObjectUtil.notEqual(transInfo.getIsSucess(), 1)) {
-//                logger.error("密码加密失败！" + transInfo.getResponseRemark());
-//                return null;
+//                throw new ServiceException("密码加密失败！" + transInfo.getResponseRemark());
 //            }
 //
 //            if (ObjectUtil.isNull(transInfo.getReturnBode())) {
-//                logger.error("密码加密失败,数据为空！");
-//                return null;
+//                throw new ServiceException("密码加密失败,数据为空！");
 //            }
 //
 //            String url = host + "yusp-group/api/login?systemCode=" + systemCode;
-//            logger.info(url);
+//
 //
 //            HttpPost post = new HttpPost(url);
 //            client = HttpClients.createDefault();
@@ -92,12 +108,11 @@
 //            CloseableHttpResponse response = client.execute(post);
 //            HttpEntity entity = response.getEntity();
 //            if (ObjectUtil.isNull(entity)) {
-//                logger.error("登录失败，返回数据为空！");
-//                return null;
+//                throw new ServiceException("登录失败，返回数据为空！");
 //            }
 //
 //            String body = EntityUtils.toString(entity, "utf-8");
-//            logger.warn("登录body返回：" + body);
+////            logger.warn("登录body返回：" + body);
 //            JSONObject jsonObject = new JSONObject(body);
 //            String code = jsonObject.getStr("code");
 //
@@ -106,17 +121,13 @@
 //                JSONObject jsonObject1 = new JSONObject(data);
 //                String userStatus = jsonObject1.getStr("userStatus");
 //                String tokenThird = jsonObject1.getStr("token");
-//                logger.info(tokenThird);
+////                logger.info(tokenThird);
 //                EntityUtils.consume(entity);
 //                response.close();
 //                return tokenThird;
 //            } else {
-//                logger.error("登录失败," + jsonObject.getStr("message"));
-//                return null;
+//                throw new ServiceException("登录失败," + jsonObject.getStr("message"));
 //            }
-//        } catch (Exception e) {
-//            logger.error(e.getMessage());
-//            return null;
 //        } finally {
 //            if (client != null) {
 //                try {
@@ -130,7 +141,8 @@
 //
 //    }
 //
-//    public String loginByToken(String token) throws Exception {
+//
+//    private String loginByToken(String token) throws Exception {
 //        String userName = "";
 //        CloseableHttpClient client = null;
 //
@@ -147,7 +159,7 @@
 //            if (statusCode == 200) {
 //                if (entity != null) {
 //                    String body = EntityUtils.toString(entity, "utf-8");
-//                    logger.warn(body);
+////                    logger.warn(body);
 //                    JSONObject jsonObject = new JSONObject(body);
 //                    String code = jsonObject.getStr("code");
 //                    if (StringUtils.isNotNull(code) && "0".equals(code)) {
@@ -159,19 +171,17 @@
 //                            userName = loginName;
 //                        }
 //                    } else {
-//                        logger.warn("服务异常");
+//                        throw new ServiceException("服务异常");
 //                    }
 //                }
 //            } else {
 //                if (statusCode == 401) {
-//                    logger.warn("无效的token");
+//                    throw new ServiceException("无效的token");
 //
 //                } else {
-//                    logger.warn("调用单点登录失败");
+//                    throw new ServiceException("调用单点登录失败");
 //                }
 //            }
-//        } catch (Exception e) {
-//            logger.error("token登录错误:", e);
 //        } finally {
 //            if (client != null) {
 //                client.close();
@@ -180,4 +190,53 @@
 //
 //        return userName;
 //    }
-//}
+
+
+    @Override
+    public LoginUser loginByPassword(String username, String password, String platformType) {
+        //todo:
+        String token ="3459238452908345alsdfjalkdfjalskd"; // logingByPassword(username, password);
+
+        if (StringUtils.isEmpty(token)) {
+            throw new ServiceException("获取token为空");
+        }
+
+        R<LoginUser> userResult = remoteUserService.getUserInfo(username, SecurityConstants.INNER);
+        if (StringUtils.isNull(userResult) || StringUtils.isNull(userResult.getData())) {
+            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "登录用户不存在", platformType);
+            throw new ServiceException("登录用户：" + username + " 不存在");
+        }
+
+        LoginUser user = userResult.getData();
+        user.setToken(token);
+        user.setPlatformType(platformType);
+        recordLogService.recordLogininfor(username, Constants.LOGIN_SUCCESS, "登录成功", platformType);
+
+        return user;
+    }
+
+    @Override
+    public LoginUser loginByToken(String token, String platformType) throws Exception {
+        //todo:
+        String username ="admin";// loginByToken(token);
+        R<LoginUser> userResult = remoteUserService.getUserInfo(username, SecurityConstants.INNER);
+        if (StringUtils.isNull(userResult) || StringUtils.isNull(userResult.getData())) {
+            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "登录用户不存在", platformType);
+            throw new ServiceException("登录用户：" + username + " 不存在");
+        }
+
+        if (R.FAIL == userResult.getCode()) {
+            throw new ServiceException(userResult.getMsg());
+        }
+        recordLogService.recordLogininfor(username, Constants.LOGIN_SUCCESS, "登录成功", platformType);
+        LoginUser user = userResult.getData();
+        user.setToken(token);
+        user.setPlatformType(platformType);
+        return user;
+    }
+
+    @Override
+    public void logout(String loginName, String platformType) {
+        recordLogService.recordLogininfor(loginName, Constants.LOGOUT, "退出成功", platformType);
+    }
+}

soc-auth/src/main/java/com/xunmei/auth/service/LoginService.java

@@ -0,0 +1,12 @@
+package com.xunmei.auth.service;
+
+import com.xunmei.system.api.model.LoginUser;
+
+
+public interface LoginService {
+    LoginUser loginByPassword(String username, String password, String platformType) throws Exception;
+
+    LoginUser loginByToken(String token, String platformType) throws Exception;
+
+    void logout(String loginName, String platformType);
+}

soc-auth/src/main/java/com/xunmei/auth/service/SysLoginService.java

@@ -20,6 +20,7 @@ import com.xunmei.system.api.RemoteUserService;
 import com.xunmei.system.api.domain.SysUser;
 import com.xunmei.system.api.model.LoginUser;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.data.redis.core.BoundSetOperations;
 import org.springframework.stereotype.Component;
 
@@ -31,8 +32,8 @@ import java.util.Date;
  * @author xunmei
  */
 @Component
-public class SysLoginService
-{
+@ConditionalOnProperty(name = "loginPlatform", matchIfMissing = true, havingValue = "system")
+public class SysLoginService implements LoginService {
     @Autowired
     private RemoteUserService remoteUserService;
 
@@ -42,75 +43,70 @@ public class SysLoginService
     @Autowired
     private SysRecordLogService recordLogService;
 
-
-
     /**
      * 登录
      */
-    public LoginUser  login(String username, String password,String platformType)
-    {
+    @Override
+    public LoginUser loginByPassword(String username, String password, String platformType) {
         // 用户名或密码为空 错误
-        if (StringUtils.isAnyBlank(username, password))
-        {
-            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户/密码必须填写",platformType);
+        if (StringUtils.isAnyBlank(username, password)) {
+            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户/密码必须填写", platformType);
             throw new ServiceException("用户/密码必须填写");
         }
         // 密码如果不在指定范围内 错误
         if (password.length() < UserConstants.PASSWORD_MIN_LENGTH
-                || password.length() > UserConstants.PASSWORD_MAX_LENGTH)
-        {
-            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户密码不在指定范围",platformType);
+                || password.length() > UserConstants.PASSWORD_MAX_LENGTH) {
+            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户密码不在指定范围", platformType);
             throw new ServiceException("用户密码不在指定范围");
         }
         // 用户名不在指定范围内 错误
         if (username.length() < UserConstants.USERNAME_MIN_LENGTH
-                || username.length() > UserConstants.USERNAME_MAX_LENGTH)
-        {
-            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户名不在指定范围",platformType);
+                || username.length() > UserConstants.USERNAME_MAX_LENGTH) {
+            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户名不在指定范围", platformType);
             throw new ServiceException("用户名不在指定范围");
         }
         // IP黑名单校验
         String blackStr = Convert.toStr(RedisUtils.getCacheObject(CacheConstants.SYS_LOGIN_BLACKIPLIST));
-        if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr()))
-        {
-            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "很遗憾，访问IP已被列入系统黑名单",platformType);
+        if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr())) {
+            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "很遗憾，访问IP已被列入系统黑名单", platformType);
             throw new ServiceException("很遗憾，访问IP已被列入系统黑名单");
         }
         // 查询用户信息
         R<LoginUser> userResult = remoteUserService.getUserInfo(username, SecurityConstants.INNER);
 
-        if (StringUtils.isNull(userResult) || StringUtils.isNull(userResult.getData()))
-        {
-            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "登录用户不存在",platformType);
+        if (StringUtils.isNull(userResult) || StringUtils.isNull(userResult.getData())) {
+            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "登录用户不存在", platformType);
             throw new ServiceException("登录用户：" + username + " 不存在");
         }
 
-        if (R.FAIL == userResult.getCode())
-        {
+        if (R.FAIL == userResult.getCode()) {
             throw new ServiceException(userResult.getMsg());
         }
 
         LoginUser userInfo = userResult.getData();
         userInfo.setPlatformType(platformType);
         SysUser user = userResult.getData().getSysUser();
-        if (UserStatus.DELETED.getCode().equals(user.getDeleted()))
-        {
-            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "对不起，您的账号已被删除",platformType);
+        if (UserStatus.DELETED.getCode().equals(user.getDeleted())) {
+            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "对不起，您的账号已被删除", platformType);
             throw new ServiceException("对不起，您的账号：" + username + " 已被删除");
         }
-        if (UserStatus.DISABLE.getCode().equals(Integer.parseInt(user.getIsLock())))
-        {
-            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户已停用，请联系管理员",platformType);
+        if (UserStatus.DISABLE.getCode().equals(Integer.parseInt(user.getIsLock()))) {
+            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户已停用，请联系管理员", platformType);
             throw new ServiceException("对不起，您的账号：" + username + " 已停用");
         }
-        passwordService.validate(user, password,platformType);
-        recordLogService.recordLogininfor(username, Constants.LOGIN_SUCCESS, "登录成功",platformType);
+        passwordService.validate(user, password, platformType);
+        recordLogService.recordLogininfor(username, Constants.LOGIN_SUCCESS, "登录成功", platformType);
         return userInfo;
     }
 
-    public void logout(String loginName,String platformType)
-    {
-        recordLogService.recordLogininfor(loginName, Constants.LOGOUT, "退出成功",platformType);
+    @Override
+    public LoginUser loginByToken(String token, String loginType) throws Exception {
+        throw new RuntimeException("系统不支持token登录");
+    }
+
+    @Override
+    public void logout(String loginName, String platformType) {
+        recordLogService.recordLogininfor(loginName, Constants.LOGOUT, "退出成功", platformType);
     }
 
     public void checkLogin(String authCode) {

soc-common/soc-common-security/src/main/java/com/xunmei/common/security/service/TokenService.java

@@ -48,9 +48,13 @@ public class TokenService {
      */
     public Map<String, Object> createToken(LoginUser loginUser) {
         Long userId = loginUser.getSysUser().getId();
-        String token = userId + "_" + IdUtils.fastUUID();
+
         String userName = loginUser.getSysUser().getName();
-        loginUser.setToken(token);
+        if(StringUtils.isEmpty(loginUser.getToken())){
+            String token = userId + "_" + IdUtils.fastUUID();
+            loginUser.setToken(token);
+        }
+
         loginUser.setUserid(userId);
         loginUser.setUsername(userName);
         loginUser.setOrgId(loginUser.getSysUser().getOrgId());
@@ -60,7 +64,7 @@ public class TokenService {
 
         // Jwt存储信息
         Map<String, Object> claimsMap = new HashMap<String, Object>();
-        claimsMap.put(SecurityConstants.USER_KEY, token);
+        claimsMap.put(SecurityConstants.USER_KEY, loginUser.getToken());
         claimsMap.put(SecurityConstants.DETAILS_USER_ID, userId);
         claimsMap.put(SecurityConstants.DETAILS_USERNAME, userName);
 

soc-modules/soc-modules-system/src/main/java/com/xunmei/system/controller/SysUserController.java

@@ -121,8 +121,8 @@ public class SysUserController extends BaseController {
         // 权限集合
         Set<String> permissions = permissionService.getMenuPermission(sysUser);
         LoginUser sysUserVo = new LoginUser();
-        sysUserVo.setOrgId(sysUserVo.getOrgId());
-        sysUserVo.setName(sysUserVo.getName());
+        sysUserVo.setOrgId(sysUser.getOrgId());
+        sysUserVo.setName(sysUser.getName());
         sysUserVo.setSysUser(sysUser);
         sysUserVo.setRoles(roles);
         sysUserVo.setPermissions(permissions);