package com.product.admin.controller;
|
|
import com.alibaba.fastjson.JSON;
|
import com.alibaba.fastjson.JSONObject;
|
import com.product.admin.config.CmnConst;
|
import com.product.admin.config.SystemCode;
|
import com.product.admin.service.LoginInitParameterService;
|
import com.product.admin.service.LoginPunchRecordService;
|
import com.product.admin.service.SystemMenusService;
|
import com.product.admin.util.ResultInfo;
|
import com.product.auth.service.EmailAuthService;
|
import com.product.common.lang.StringUtils;
|
import com.product.core.cache.DataPoolCacheImpl;
|
import com.product.core.config.CoreConst;
|
import com.product.core.config.Global;
|
import com.product.core.controller.support.AbstractBaseController;
|
import com.product.core.dao.BaseDao;
|
import com.product.core.entity.DataTableEntity;
|
import com.product.core.entity.FieldSetEntity;
|
import com.product.core.entity.RequestParameterEntity;
|
import com.product.core.exception.BaseException;
|
import com.product.core.rsa.GenerateRSAKey;
|
import com.product.core.spring.context.SpringMVCContextHolder;
|
import com.product.file.service.OnlineDocumentEditService;
|
import com.product.module.sys.config.SystemErrorCode;
|
import com.product.module.sys.entity.SystemUser;
|
import com.product.module.sys.service.UserService;
|
import com.product.module.sys.version.ApiVersion;
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.stereotype.Controller;
|
import org.springframework.web.bind.annotation.*;
|
|
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletResponse;
|
import javax.servlet.http.HttpSession;
|
|
import java.util.Date;
|
import java.util.HashMap;
|
import java.util.Map;
|
|
@RequestMapping
|
@Controller
|
public class LoginController extends AbstractBaseController {
|
@Autowired
|
UserService userService;
|
@Autowired
|
SystemMenusService systemMenusService;
|
@Autowired
|
public BaseDao baseDao;
|
@Autowired
|
EmailAuthService emailAuthService;
|
@Autowired
|
LoginPunchRecordService loginPunchRecordService;
|
|
@Autowired
|
OnlineDocumentEditService onlineDocumentEditService;
|
|
@RequestMapping(value = "/login", method = RequestMethod.GET)
|
public String getLogin() {
|
logger.info("进入login页面");
|
return "login";
|
}
|
|
@Autowired
|
LoginInitParameterService loginInitParameterService;
|
|
@ResponseBody
|
@RequestMapping(value = "/login", method = RequestMethod.POST)
|
public String doLogin(HttpServletRequest request, HttpServletResponse response, HttpSession session) {
|
|
Object bean = request.getAttribute(CoreConst.API_POST_REQUEST_DATA);
|
Object userName = null;
|
Object pwd = null;
|
Object client_type = null;
|
Object version = null;
|
Object versionUuid = null;
|
Object mobile_mac = null;
|
RequestParameterEntity reqp = (RequestParameterEntity) bean;
|
try {
|
if (reqp != null) {
|
if (reqp.getFormData() != null) {
|
userName = reqp.getFormData().getObject(CmnConst.USER_ACCOUNT);
|
pwd = reqp.getFormData().getObject(CmnConst.USER_PWD);
|
//nginx代理不支持header中参数含下划线的问题 头部取中划线的
|
client_type = reqp.getOther().get(CoreConst.SYSTEM_CLIENT_TYPE_);
|
version = reqp.getOther().get(CoreConst.SYSTEM_CLIENT_VERSION_);
|
//在主体中取下划线的
|
if (client_type == null)
|
client_type = reqp.getFormData().getObject(CoreConst.SYSTEM_CLIENT_TYPE);//客户端类型保存的是web
|
if (version == null)
|
version = reqp.getFormData().getValue(CoreConst.SYSTEM_CLIENT_VERSION);//版本号
|
}
|
}
|
if (userName == null || pwd == null || StringUtils.isBlank(userName.toString()) || StringUtils.isBlank(pwd.toString())) {
|
return this.error(SystemErrorCode.SYSTEM_LOGIN_PARA_ERROR.getValue(), SystemErrorCode.SYSTEM_LOGIN_ACCOUNT_PWD_NULL.getText());
|
}
|
if (version == null) {
|
return this.error(SystemErrorCode.SYSTEM_LOGIN_PARA_ERROR.getValue(), SystemErrorCode.SYSTEM_LOGIN_PARA_ERROR.getText() + CoreConst.SYSTEM_CLIENT_VERSION_);
|
} else if (client_type == null) {
|
return this.error(SystemErrorCode.SYSTEM_LOGIN_PARA_ERROR.getValue(), SystemErrorCode.SYSTEM_LOGIN_PARA_ERROR.getText() + CoreConst.SYSTEM_CLIENT_TYPE_);
|
} else {
|
DataTableEntity table = DataPoolCacheImpl.getInstance().getCacheData("系统版本号", new String[]{client_type.toString(), version.toString()});
|
if (table != null && table.getRows() > 0)
|
versionUuid = table.getObject(0, "uuid");
|
}
|
mobile_mac = reqp.getOther().get(CoreConst.FIELD_MOBILE_MAC);
|
SystemUser user = userService.getSystemUserByName(userName.toString());
|
if (user != null) {
|
//移动设置注册验证
|
//是否启用绑定移动端MAC
|
if (Global.getPropertyToBoolean("mobile.mac.valid.isEnable", "false") && CoreConst.CLIENT_TYPE_APP.equals(client_type)) {//app端
|
String umac = user.getCurrentStaff().getString("mobile_mac");
|
if (
|
StringUtils.isEmpty(mobile_mac)//必须上传mac地址
|
|| StringUtils.isEmpty(umac)//必须上传mac地址
|
//|| table.getInt(0,"is_enable")==0 //没有启用
|
|| !mobile_mac.equals(umac)//与库中存的不一致
|
) {//非法移动设备访问
|
|
throw new BaseException(SystemCode.LOGIN_VALID_FAIL_NOT_MAC.getValue(), SystemCode.LOGIN_VALID_FAIL_NOT_MAC.getText() + mobile_mac);
|
}
|
}
|
if (user.getStatus() == 0) {
|
//是否有锁定截止时间,如果有,是否过期,过期清除锁定信息,可以登录,否则都不能登录
|
Date d = userService.loginUserStatusProcess(user);
|
//如果没有过锁定截止时间,则返回截止时间,返回给前端
|
if (d != null) {
|
return userService.loginLockBack(d);
|
}
|
}
|
boolean islogin = userService.loginValid(user, pwd.toString());
|
if (islogin) {
|
user.setVersion(version.toString());
|
user.setClientType(client_type.toString());
|
user.setVersionUuid(versionUuid == null ? null : versionUuid.toString());
|
//图形码验证
|
//生成Token
|
userService.createTokenInfor(user);
|
String token = user.getToken_info();
|
//生成刷新Token的Token
|
String refreshToken = userService.createTokenInforRefresh(userName.toString());
|
Map<String, Object> dataMap = new HashMap<>();
|
dataMap.put(CoreConst.ACCESS_TOKEN, token);
|
dataMap.put(CoreConst.REFRESH_TOKEN, refreshToken);
|
response.setHeader(CoreConst.ACCESS_TOKEN, token);
|
response.setHeader(CoreConst.REFRESH_TOKEN, refreshToken);
|
//返回登录用户的语言代码
|
//返回公司是否启用邮件二次认证
|
dataMap.put(com.product.auth.config.CmnConst.IS_ENABLE_AUTH, user.isAgainAuth());
|
dataMap.put("user", userInfo(user));
|
Map<String, Object> resultMap = new HashMap<>();
|
resultMap.put(CoreConst.API_RETURN_KEY_CODE, CoreConst.API_RETURN_VALUE_CODE_200);
|
resultMap.put(CoreConst.API_RETURN_KEY_MSG, CoreConst.API_RETURN_VALUE_MSG_SUCCESS);
|
resultMap.put(CoreConst.API_RETURN_KEY_STATUS, CoreConst.API_RETURN_VALUE_STATUS_SUCCESS);
|
resultMap.put(CoreConst.API_RETURN_KEY_DATA, dataMap);
|
String json = JSON.toJSONString(resultMap);
|
user.setRefreshToken(refreshToken);
|
|
//token与用户关联,放入缓存中
|
DataPoolCacheImpl.getInstance().setSessionUser(user);
|
|
//清除登录失败信息
|
userService.loginSuccessProcess(user);
|
SpringMVCContextHolder.getSystemLogger().writeLog("登录成功", reqp);
|
return json;
|
} else {
|
session.setAttribute("user", null);
|
String error = userService.loginFailProcess(user);
|
reqp.getFormData().setValue("user_id", user.getUser_id());
|
reqp.getFormData().setValue("org_level_uuid", user.getOrg_level_uuid());
|
reqp.getFormData().setValue("account_name", user.getUser_account());
|
reqp.getFormData().setValue("log_type", "错误日志");
|
SpringMVCContextHolder.getSystemLogger().writeLog("登录失败:" + SystemErrorCode.SYSTEM_LOGIN_ACCOUNT_PWD_ERROR.getText(), reqp);
|
if (error == null) {
|
return this.error(SystemErrorCode.SYSTEM_LOGIN_ACCOUNT_PWD_ERROR.getValue(), SystemErrorCode.SYSTEM_LOGIN_ACCOUNT_PWD_ERROR.getText());
|
} else {
|
return error;
|
}
|
}
|
} else {
|
|
SpringMVCContextHolder.getSystemLogger().writeLog("登录失败:" + SystemErrorCode.SYSTEM_LOGIN_ACCOUNT_PWD_ERROR.getText(), reqp);
|
return this.error(SystemErrorCode.SYSTEM_LOGIN_ACCOUNT_PWD_ERROR.getValue(), SystemErrorCode.SYSTEM_LOGIN_ACCOUNT_PWD_ERROR.getText());
|
}
|
} catch (BaseException e1) {
|
SpringMVCContextHolder.getSystemLogger().writeLog("登录失败:" + e1.getMessageInfo(), reqp);
|
return this.error(e1);
|
} catch (Exception e1) {
|
e1.printStackTrace();
|
SpringMVCContextHolder.getSystemLogger().writeLog("登录失败:" + e1.getMessage(), reqp);
|
return this.error(SystemErrorCode.SYSTEM_LOGIN_ERROR.getValue(), SystemErrorCode.SYSTEM_LOGIN_ERROR.getText() + e1.getMessage());
|
}
|
|
}
|
|
@ResponseBody
|
@PostMapping("/user-system-param/{version}")
|
@ApiVersion(1)
|
public String getLoginInitParameters() {
|
try {
|
return loginInitParameterService.getLoginParameter();
|
} catch (BaseException e) {
|
e.printStackTrace();
|
return error(e);
|
} catch (Exception e) {
|
e.printStackTrace();
|
return error(SystemCode.GET_LOGIN_PARAM_FAIL.getValue(), SystemCode.GET_LOGIN_PARAM_FAIL.getText());
|
}
|
}
|
|
|
/**
|
* 用户名密码加密码后验证
|
*
|
* @param request
|
* @param response
|
* @param session
|
* @return
|
*/
|
@ResponseBody
|
@RequestMapping(value = "/login/{version}", method = RequestMethod.POST)
|
@ApiVersion(1)
|
public String doLoginV1(HttpServletRequest request, HttpServletResponse response, HttpSession session) {
|
|
Object bean = request.getAttribute(CoreConst.API_POST_REQUEST_DATA);
|
Object userName = null;
|
Object pwd = null;
|
Object client_type = null;
|
Object version = null;
|
Object versionUuid = null;
|
Object mobile_mac = null;
|
String userId = null;
|
RequestParameterEntity reqp = (RequestParameterEntity) bean;
|
try {
|
if (reqp != null) {
|
if (reqp.getFormData() != null) {
|
userName = reqp.getFormData().getObject(CmnConst.USER_ACCOUNT);
|
//是否启用登录用户名密码的非对称加密
|
boolean isEnable = Global.getPropertyToBoolean("login.ecc.isEnable", "false");
|
if (userName != null && isEnable) {
|
//用户名解密
|
userName = GenerateRSAKey.decrypt_str(userName.toString());
|
reqp.getFormData().setValue(CmnConst.USER_ACCOUNT, userName);
|
}
|
pwd = reqp.getFormData().getObject("user_pwd");
|
|
if (pwd != null && isEnable) {
|
//密码解密
|
pwd = GenerateRSAKey.decrypt_str(pwd.toString());
|
reqp.getFormData().setValue("user_pwd", pwd);
|
}
|
//nginx代理不支持header中参数含下划线的问题 头部取中划线的
|
client_type = reqp.getOther().get(CoreConst.SYSTEM_CLIENT_TYPE_);
|
version = reqp.getOther().get(CoreConst.SYSTEM_CLIENT_VERSION_);
|
if (client_type == null)
|
client_type = reqp.getFormData().getObject(CoreConst.SYSTEM_CLIENT_TYPE);//客户端类型保存的是web
|
if (version == null)
|
version = reqp.getFormData().getValue(CoreConst.SYSTEM_CLIENT_VERSION);//版本号
|
}
|
}
|
if (userName == null || pwd == null || StringUtils.isBlank(userName.toString()) || StringUtils.isBlank(pwd.toString())) {
|
return this.error(SystemErrorCode.SYSTEM_LOGIN_PARA_ERROR.getValue(), SystemErrorCode.SYSTEM_LOGIN_ACCOUNT_PWD_NULL.getText());
|
}
|
if (version == null) {
|
return this.error(SystemErrorCode.SYSTEM_LOGIN_PARA_ERROR.getValue(), SystemErrorCode.SYSTEM_LOGIN_PARA_ERROR.getText() + CoreConst.SYSTEM_CLIENT_VERSION_);
|
} else if (client_type == null) {
|
return this.error(SystemErrorCode.SYSTEM_LOGIN_PARA_ERROR.getValue(), SystemErrorCode.SYSTEM_LOGIN_PARA_ERROR.getText() + CoreConst.SYSTEM_CLIENT_TYPE_);
|
} else {
|
DataTableEntity table = DataPoolCacheImpl.getInstance().getCacheData("系统版本号", new String[]{client_type.toString(), version.toString()});
|
if (table != null && table.getRows() > 0)
|
versionUuid = table.getObject(0, "uuid");
|
}
|
mobile_mac = reqp.getOther().get(CoreConst.FIELD_MOBILE_MAC);
|
|
SystemUser user = userService.getSystemUserByName(userName.toString());
|
if (user != null) {
|
userId = user.getUser_id() + "";
|
//移动设置注册验证
|
//是否启用绑定移动端MAC
|
if (Global.getPropertyToBoolean("mobile.mac.valid.isEnable", "false")
|
&& CoreConst.CLIENT_TYPE_APP.equals(client_type)) {//app端
|
String umac = user.getCurrentStaff().getString("mobile_mac");
|
if (
|
StringUtils.isEmpty(mobile_mac)//必须上传mac地址
|
|| StringUtils.isEmpty(umac)//必须上传mac地址
|
//|| table.getInt(0,"is_enable")==0 //没有启用
|
|| !mobile_mac.equals(umac)//与库中存的不一致
|
) {//非法移动设备访问
|
|
throw new BaseException(SystemCode.LOGIN_VALID_FAIL_NOT_MAC.getValue(), SystemCode.LOGIN_VALID_FAIL_NOT_MAC.getText() + mobile_mac);
|
}
|
}
|
if (user.getStatus() == 0) {
|
//是否有锁定截止时间,如果有,是否过期,过期清除锁定信息,可以登录,否则都不能登录
|
Date d = userService.loginUserStatusProcess(user);
|
//如果没有过锁定截止时间,则返回截止时间,返回给前端
|
if (d != null) {
|
return userService.loginLockBack(d);
|
}
|
}
|
boolean islogin = userService.loginValid(user, pwd.toString());
|
if (islogin) {
|
user.setVersion(version.toString());
|
user.setClientType(client_type.toString());
|
user.setVersionUuid(versionUuid == null ? null : versionUuid.toString());
|
//图形码验证
|
//生成Token
|
userService.createTokenInfor(user);
|
String token = user.getToken_info();
|
//生成刷新Token的Token
|
String refreshToken = userService.createTokenInforRefresh(userName.toString());
|
Map<String, Object> dataMap = new HashMap<>();
|
dataMap.put(CoreConst.ACCESS_TOKEN, token);
|
dataMap.put(CoreConst.REFRESH_TOKEN, refreshToken);
|
response.setHeader(CoreConst.ACCESS_TOKEN, token);
|
response.setHeader(CoreConst.REFRESH_TOKEN, refreshToken);
|
|
//返回公司是否启用邮件二次认证
|
// if(Global.getPropertyToBoolean("mail.auth.isEnable", "false")) {
|
dataMap.put(com.product.auth.config.CmnConst.IS_ENABLE_AUTH, user.isAgainAuth());
|
// }
|
|
//登录生成打卡信息
|
// loginPunchRecordService.autoCreatePunchInfo();
|
|
//返回前端消息服务器的ip地址
|
Map<String, Object> resultMap = new HashMap<>();
|
resultMap.put(CoreConst.API_RETURN_KEY_CODE, CoreConst.API_RETURN_VALUE_CODE_200);
|
resultMap.put(CoreConst.API_RETURN_KEY_MSG, CoreConst.API_RETURN_VALUE_MSG_SUCCESS);
|
resultMap.put(CoreConst.API_RETURN_KEY_STATUS, CoreConst.API_RETURN_VALUE_STATUS_SUCCESS);
|
resultMap.put(CoreConst.API_RETURN_KEY_DATA, dataMap);
|
String json = JSON.toJSONString(resultMap);
|
user.setRefreshToken(refreshToken);
|
//token与用户关联,放入缓存中
|
DataPoolCacheImpl.getInstance().setSessionUser(user);
|
//清除登录失败信息
|
userService.loginSuccessProcess(user);
|
SpringMVCContextHolder.getSystemLogger().writeLog("登录成功", reqp);
|
return json;
|
} else {
|
session.setAttribute("user", null);
|
String error = userService.loginFailProcess(user);
|
reqp.getFormData().setValue("user_id", user.getUser_id());
|
reqp.getFormData().setValue("org_level_uuid", user.getOrg_level_uuid());
|
reqp.getFormData().setValue("account_name", user.getUser_account());
|
reqp.getFormData().setValue("log_type", "错误日志");
|
SpringMVCContextHolder.getSystemLogger().writeLog("登录失败:" + SystemErrorCode.SYSTEM_LOGIN_ACCOUNT_PWD_ERROR.getText(), reqp);
|
if (error == null) {
|
return this.error(SystemErrorCode.SYSTEM_LOGIN_ACCOUNT_PWD_ERROR.getValue(), SystemErrorCode.SYSTEM_LOGIN_ACCOUNT_PWD_ERROR.getText());
|
} else {
|
return error;
|
}
|
|
}
|
} else {
|
reqp.getFormData().setValue("account_name", userName);
|
reqp.getFormData().setValue("log_type", "错误日志");
|
SpringMVCContextHolder.getSystemLogger().writeLog("登录失败:用户信息为空", reqp);
|
return this.error(SystemErrorCode.SYSTEM_LOGIN_ACCOUNT_PWD_ERROR.getValue(), SystemErrorCode.SYSTEM_LOGIN_ACCOUNT_PWD_ERROR.getText());
|
}
|
} catch (BaseException e1) {
|
reqp.getFormData().setValue("account_name", userName);
|
reqp.getFormData().setValue("log_type", "错误日志");
|
SpringMVCContextHolder.getSystemLogger().writeLog("登录失败:" + e1.getMessageInfo(), reqp);
|
e1.printStackTrace();
|
return this.error(e1);
|
} catch (Exception e1) {
|
reqp.getFormData().setValue("account_name", userName);
|
reqp.getFormData().setValue("log_type", "错误日志");
|
SpringMVCContextHolder.getSystemLogger().writeLog("登录失败:" + e1.getMessage(), reqp);
|
e1.printStackTrace();
|
return this.error(SystemErrorCode.SYSTEM_LOGIN_ERROR.getValue(), SystemErrorCode.SYSTEM_LOGIN_ERROR.getText() + e1.getMessage());
|
} finally {
|
if (userId != null) {
|
//清空正在编辑的缓存
|
onlineDocumentEditService.clearBeingEditDocumentStatus(userId);
|
}
|
}
|
}
|
|
/**
|
* 登录返回用户信息
|
*
|
* @param user
|
* @return json 对象
|
*/
|
private JSONObject userInfo(SystemUser user) throws BaseException {
|
return loginInitParameterService.getUserInfo(user, null);
|
}
|
|
/**
|
* 更新当前登录用户信息
|
*
|
* @param request
|
* @return
|
*/
|
@ResponseBody
|
@RequestMapping(value = "update-user-info/{version}", method = RequestMethod.POST)
|
@ApiVersion(1)
|
public String updateLoginUserInfo(HttpServletRequest request) {
|
try {
|
SystemUser currentUser = SpringMVCContextHolder.getCurrentUser();
|
// xupencheng updateTime 2020年11月30日10:19:43 调用用户信息 判断类型更新user状态
|
if (currentUser != null && !StringUtils.isEmpty(currentUser.getUpdateType())) {
|
if (com.product.admin.config.CmnConst.UPDATE_MENU_USER.equals(currentUser.getUpdateType())) {
|
currentUser.setUpdateType(com.product.admin.config.CmnConst.UPDATE_MENU);
|
} else if (CmnConst.UPDATE_USER.equals(currentUser.getUpdateType())) {
|
currentUser.setUpdateType(null);
|
}
|
}
|
Object bean = request.getAttribute(CoreConst.API_POST_REQUEST_DATA);
|
RequestParameterEntity reqp = (RequestParameterEntity) bean;
|
if (reqp != null) {
|
FieldSetEntity fse = reqp.getFormData();
|
if (fse != null) {
|
String org_level_uuid = fse.getString("org_level_uuid");
|
if (!StringUtils.isEmpty(org_level_uuid) && currentUser != null) {
|
currentUser.changeCompany(org_level_uuid);
|
}
|
}
|
}
|
DataPoolCacheImpl.getInstance().setSessionUser(currentUser);
|
JSONObject userInfo = loginInitParameterService.getUserInfo(currentUser, null);
|
return ResultInfo.success(userInfo);
|
} catch (BaseException e) {
|
return this.error(e);
|
} catch (Exception e) {
|
e.printStackTrace();
|
return error(SystemCode.SYSTEM_UPDATE_USER_INFO_FIAL.getValue(),
|
SystemCode.SYSTEM_UPDATE_USER_INFO_FIAL.getText());
|
}
|
}
|
|
}
|
