package com.xunmei.auth.controller; import cn.hutool.core.util.ObjectUtil; import com.xunmei.auth.form.LoginBody; import com.xunmei.auth.service.FJNXLoginService; import com.xunmei.auth.service.SysLoginService; import com.xunmei.common.core.constant.Constants; import com.xunmei.common.core.domain.R; import com.xunmei.common.core.utils.JwtUtils; import com.xunmei.common.core.utils.StringUtils; import com.xunmei.common.security.auth.AuthUtil; import com.xunmei.common.security.service.TokenService; import com.xunmei.common.security.utils.SecurityUtils; import com.xunmei.system.api.model.LoginUser; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.*; import javax.annotation.Resource; import javax.servlet.http.HttpServletRequest; import javax.validation.constraints.NotEmpty; import javax.validation.constraints.NotNull; import java.util.Map; /** * token 控制 * * @author xunmei */ @RestController public class TokenController { @Resource private TokenService tokenService; @Autowired private SysLoginService loginService; @Autowired private FJNXLoginService fjnxLoginService; private static final Logger logger = LoggerFactory.getLogger("auth.token.login"); @PostMapping("login") public R login(@RequestBody LoginBody form) { try { if (!SecurityUtils.isApp()) { //登录重放问题处理,待前端完成放开 //loginService.checkLogin(form.getAuthCode()); } LoginUser userInfo = loginService.loginByPassword(form.getUsername(), form.getPassword(), Constants.LOGIN_TYPE_1); // 获取登录token return R.ok(tokenService.createToken(userInfo)); } catch (Exception e) { return R.fail(e.getMessage()); } // 用户登录 } @PostMapping("loginApp") public R loginApp(@RequestBody LoginBody form) { try { if (!SecurityUtils.isApp()) { //登录重放问题处理,待前端完成放开 //loginService.checkLogin(form.getAuthCode()); } LoginUser userInfo = loginService.loginByPassword(form.getUsername(), form.getPassword(), Constants.LOGIN_TYPE_0); // 获取登录token return R.ok(tokenService.createTokenNew(userInfo,form.getDeviceFrom())); } catch (Exception e) { return R.fail(e.getMessage()); } // 用户登录 } /** * 大屏登录 * @param form * @return */ @PostMapping("loginLargeScreen") public R loginLargeScreen(@RequestBody LoginBody form) { try { if (!SecurityUtils.isApp()) { //登录重放问题处理,待前端完成放开 //loginService.checkLogin(form.getAuthCode()); } LoginUser userInfo = loginService.loginByPassword(form.getUsername(), form.getPassword(), Constants.LOGIN_TYPE_2); // 获取登录token return R.ok(tokenService.createToken(userInfo)); } catch (Exception e) { return R.fail(e.getMessage()); } // 用户登录 } /** * APP 端切换用户 * @param subUserId * @return */ @GetMapping("switchUser") public R switchUser(@RequestParam @NotEmpty Long subUserId,HttpServletRequest request) { try { if (!SecurityUtils.isApp()) { //登录重放问题处理,待前端完成放开 //loginService.checkLogin(form.getAuthCode()); } // 获取到切换后的用户信息 LoginUser userInfo = loginService.switchUser(subUserId, Constants.LOGIN_TYPE_0); // 子账号切换回 主账号 if(ObjectUtil.equal(SecurityUtils.getMasterUserId(),subUserId)) { userInfo.setMasterUserId(null); userInfo.setMasterUserName(null); } else { // 设置切换后 主账号信息,如当是主账号 切换到子账号 再次切换到子账号 则设置当前登录账号已附带的 主账号信息 if(ObjectUtil.isNotEmpty(SecurityUtils.getMasterUserId()) && ObjectUtil.isNotEmpty(SecurityUtils.getMasterUsername())) { userInfo.setMasterUserId(SecurityUtils.getMasterUserId()); userInfo.setMasterUserName(SecurityUtils.getMasterUsername()); } else { userInfo.setMasterUserId(SecurityUtils.getUserId()); userInfo.setMasterUserName(SecurityUtils.getUsername()); } } // 清除主用户的登录缓存数据 String token = SecurityUtils.getToken(request); if (StringUtils.isNotEmpty(token)) { String username = JwtUtils.getUserName(token); // 删除用户缓存记录 AuthUtil.logoutByToken(token); // 记录用户退出日志 loginService.logout(username, Constants.LOGIN_TYPE_0); } // 获取登录token return R.ok(tokenService.createToken(userInfo)); } catch (Exception e) { return R.fail(e.getMessage()); } // 用户登录 } /** * token登录方式 * @param token token * @param loginType 登录类型 0 H5 1 web * @return */ @GetMapping("tokenlogin") public R tokenLogin(@RequestParam @NotEmpty String token, @RequestParam @NotNull String loginType) { try { logger.debug("token登录:1、请求进入。token:{}",token); String username = ""; if(Constants.LOGIN_TYPE_0.equals(loginType)){ username = fjnxLoginService.getUserByAppToken(token); } if(Constants.LOGIN_TYPE_1.equals(loginType)){ username = fjnxLoginService.getUserByWebToken(token); } logger.debug("token登录:4、token验证且返回账号。token:{}",token); if(StringUtils.isNotEmpty(username)){ LoginUser userInfo = loginService.loginToken(username, loginType); if(userInfo == null){ return R.fail("无效的用户数据"); } Map systemToken = tokenService.createToken(userInfo); logger.debug("token登录:5、生成系统自身Token完成,token:{}",token); return R.ok(systemToken); }else{ return R.fail("无效的token"); } } catch (Exception e) { return R.fail(e.getMessage()); } // 用户登录 } /** * 通过统一运营门户的账号密码登录到系统中 * @param login * @return */ @PostMapping("loginFjnx") public R loginFjnx(@RequestBody LoginBody login){ try{ //登录统一运营 String token = fjnxLoginService.webLoginByPass(login); if(StringUtils.isEmpty(token)){ return R.fail("用户认证失败"); } String username = fjnxLoginService.getUserByWebToken(token); if(StringUtils.isNotEmpty(username)){ LoginUser userInfo = loginService.loginToken(username, Constants.LOGIN_TYPE_1); if(userInfo == null){ return R.fail("无效的用户数据"); } return R.ok(tokenService.createToken(userInfo)); }else{ return R.fail("无效的token"); } }catch (Exception e){ e.printStackTrace(); return R.fail("登录失败"); } } @DeleteMapping("logout") public R logout(HttpServletRequest request) { String token = SecurityUtils.getToken(request); if (StringUtils.isNotEmpty(token)) { String username = JwtUtils.getUserName(token); // 删除用户缓存记录 AuthUtil.logoutByToken(token); // 记录用户退出日志 loginService.logout(username, Constants.LOGIN_TYPE_1); } return R.ok(); } @DeleteMapping("logoutApp") public R logoutApp(HttpServletRequest request) { String token = SecurityUtils.getToken(request); if (StringUtils.isNotEmpty(token)) { String username = JwtUtils.getUserName(token); // 删除用户缓存记录 AuthUtil.logoutByToken(token); // 记录用户退出日志 loginService.logout(username, Constants.LOGIN_TYPE_0); } return R.ok(); } @PostMapping("refresh") public R refresh(HttpServletRequest request) { LoginUser loginUser = tokenService.getLoginUser(request); if (StringUtils.isNotNull(loginUser)) { // 刷新令牌有效期 tokenService.refreshToken(loginUser); return R.ok(); } return R.ok(); } }