1 changed files with 92 additions and 0 deletions
@ -0,0 +1,92 @@ |
|||||
|
package org.nl.system.controller.secutiry; |
||||
|
|
||||
|
import cn.dev33.satoken.annotation.SaIgnore; |
||||
|
import cn.dev33.satoken.secure.SaSecureUtil; |
||||
|
import cn.dev33.satoken.stp.SaLoginModel; |
||||
|
import cn.dev33.satoken.stp.StpUtil; |
||||
|
import com.alibaba.fastjson.JSON; |
||||
|
import com.alibaba.fastjson.JSONObject; |
||||
|
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; |
||||
|
import io.swagger.annotations.Api; |
||||
|
import io.swagger.annotations.ApiOperation; |
||||
|
import lombok.RequiredArgsConstructor; |
||||
|
import lombok.extern.slf4j.Slf4j; |
||||
|
import org.nl.common.exception.BadRequestException; |
||||
|
import org.nl.common.utils.RedisUtils; |
||||
|
import org.nl.common.utils.RsaUtils; |
||||
|
import org.nl.common.utils.dto.CurrentUser; |
||||
|
import org.nl.config.RsaProperties; |
||||
|
import org.nl.system.service.role.ISysRoleService; |
||||
|
import org.nl.system.service.secutiry.dto.AuthUserDto; |
||||
|
import org.nl.system.service.user.ISysUserService; |
||||
|
import org.nl.system.service.user.dao.SysUser; |
||||
|
import org.springframework.beans.factory.annotation.Autowired; |
||||
|
import org.springframework.validation.annotation.Validated; |
||||
|
import org.springframework.web.bind.annotation.PostMapping; |
||||
|
import org.springframework.web.bind.annotation.RequestBody; |
||||
|
import org.springframework.web.bind.annotation.RequestMapping; |
||||
|
import org.springframework.web.bind.annotation.RestController; |
||||
|
|
||||
|
import javax.servlet.http.HttpServletRequest; |
||||
|
import java.util.List; |
||||
|
|
||||
|
/** |
||||
|
* @Author: lyd |
||||
|
* @Description: 手持登录鉴权 |
||||
|
* @Date: 2023/7/31 |
||||
|
*/ |
||||
|
@Slf4j |
||||
|
@RestController |
||||
|
@RequestMapping("/api/pda") |
||||
|
@Api(tags = "手持:系统授权接口") |
||||
|
public class MobileAuthorizationController { |
||||
|
@Autowired |
||||
|
private ISysUserService userService; |
||||
|
@Autowired |
||||
|
private ISysRoleService roleService; |
||||
|
@ApiOperation("登录授权") |
||||
|
@PostMapping(value = "/login") |
||||
|
@SaIgnore |
||||
|
public JSONObject login(@Validated @RequestBody AuthUserDto authUser, HttpServletRequest request) throws Exception { |
||||
|
// 密码解密 - 前端的加密规则: encrypt(根据实际更改)
|
||||
|
String password = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey, authUser.getPassword()); |
||||
|
// 校验数据库
|
||||
|
// 根据用户名查询,在比对密码
|
||||
|
SysUser userInfo = userService.getOne(new LambdaQueryWrapper<SysUser>() |
||||
|
.eq(SysUser::getUsername, authUser.getUsername())); // 拿不到已经抛出异常
|
||||
|
if (!userInfo.getPassword().equals(SaSecureUtil.md5BySalt(password, "salt"))) { // 这里需要密码加密
|
||||
|
throw new BadRequestException("账号或密码错误!"); |
||||
|
} |
||||
|
// 获取权限列表 - 登录查找权限
|
||||
|
List<String> permissionList = roleService.getPermissionList((JSONObject) JSON.toJSON(userInfo)); |
||||
|
|
||||
|
if (!userInfo.getIs_used()) { |
||||
|
throw new BadRequestException("账号未激活"); |
||||
|
} |
||||
|
|
||||
|
// 登录输入,登出删除
|
||||
|
CurrentUser user = new CurrentUser(); |
||||
|
user.setId(userInfo.getUser_id()); |
||||
|
user.setUsername(userInfo.getUsername()); |
||||
|
user.setPresonName(userInfo.getPerson_name()); |
||||
|
user.setUser(userInfo); |
||||
|
user.setPermissions(permissionList); |
||||
|
|
||||
|
// SaLoginModel 配置登录相关参数
|
||||
|
StpUtil.login(userInfo.getUser_id(), new SaLoginModel() |
||||
|
.setDevice("PE") // 此次登录的客户端设备类型, 用于[同端互斥登录]时指定此次登录的设备类型
|
||||
|
.setExtra("loginInfo", user) // Token挂载的扩展参数 (此方法只有在集成jwt插件时才会生效)
|
||||
|
); |
||||
|
|
||||
|
// 返回 token 与 用户信息
|
||||
|
JSONObject jsonObject = new JSONObject(); |
||||
|
// jsonObject.put("roles", permissionList);
|
||||
|
jsonObject.put("user", userInfo); |
||||
|
JSONObject authInfo = new JSONObject(2) {{ |
||||
|
put("token", "Bearer " + StpUtil.getTokenValue()); |
||||
|
put("user", jsonObject); |
||||
|
}}; |
||||
|
|
||||
|
return authInfo; |
||||
|
} |
||||
|
} |
||||
Loading…
Reference in new issue