package com.yunzhi.questions.controller; import com.yunzhi.questions.common.*; import com.yunzhi.questions.entity.SysLogin; import com.yunzhi.questions.entity.SysUser; import com.yunzhi.questions.entity.TaApp; import com.yunzhi.questions.entity.TaPerson; import com.yunzhi.questions.service.ISysLoginService; import com.yunzhi.questions.service.ISysUserService; import com.yunzhi.questions.service.ITaAppService; import com.yunzhi.questions.service.ITaPersonService; import com.yunzhi.questions.vo.ChangePassword; import com.yunzhi.questions.vo.AdminLoginParam; import com.yunzhi.questions.vo.LoginParam; import com.yunzhi.questions.vo.TokenParam; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.*; import javax.servlet.http.HttpServletRequest; import java.util.HashMap; import java.util.Map; @Api(tags = "登入/登出") @RestController public class LoginController extends BaseController { @Autowired SMSCaptcha smsCaptcha; @Autowired ISysLoginService iSysLoginService; @Autowired ISysUserService iSysUserService; @Autowired ITaPersonService iTaPersonService; @Autowired ITaAppService iTaAppService; @PostMapping("/admin/login") @ApiOperation(value="登录", notes = "登录", httpMethod = "POST", response = ResponseBean.class) public ResponseBean login(@ApiParam("登录参数") @RequestBody AdminLoginParam loginParam) throws Exception { if (null == loginParam) { return ResponseBean.error("账户或密码不能为空", ResponseBean.ERROR_ILLEGAL_PARAMS); } String userName = loginParam.getUserName(); String password = loginParam.getPassword(); if (StringUtils.isEmpty(userName) || StringUtils.isEmpty(password)) { return ResponseBean.error("账户或密码不能为空", ResponseBean.ERROR_ILLEGAL_PARAMS); } SysLogin sysLogin = iSysLoginService.getByLoginName(userName); if (null == sysLogin) { return ResponseBean.error("账户或密码不正确", ResponseBean.ERROR_ILLEGAL_PARAMS); } SysUser sysUser = iSysUserService.getById(sysLogin.getUserId()); if (null == sysUser) { return ResponseBean.error("账户或密码不正确", ResponseBean.ERROR_ILLEGAL_PARAMS); } if (!checkPassword(password, sysLogin.getPassword(), sysLogin.getUserId())) { return ResponseBean.error("账户或密码不正确", ResponseBean.ERROR_ILLEGAL_PARAMS); } if (Constants.STATUS_NORMAL != sysUser.getStatus()) { return ResponseBean.error("用户状态不正确, 请联系管理人员", ResponseBean.ERROR_UNAVAILABLE); } // 生成 token TokenParam tokenParam = new TokenParam() .setUserId(sysUser.getUserId()) .setOrgId("0"); Map tokenMap = tokenParam.toMap(); String token = JWTUtils.encode(tokenMap); // CurrentContext.setTokenParam(tokenMap); Map res = new HashMap() {{ put("user", sysUser); put("token", token); }}; return ResponseBean.success(res); } @PutMapping("/admin/change-password") @ApiOperation(value="修改密码", notes = "修改密码", httpMethod = "PUT", response = ResponseBean.class) public ResponseBean changePassword(@ApiParam("修改密码参数") @RequestBody ChangePassword param, HttpServletRequest request) throws Exception { if (StringUtils.isEmpty(param.getOriginPassword()) || StringUtils.isEmpty(param.getNewPassword())) { return ResponseBean.error("原始密码或新密码不能为空", ResponseBean.ERROR_ILLEGAL_PARAMS); } SysUser currentUser = getCurrentUser(request); SysLogin sysLogin = iSysLoginService.getByUser(currentUser.getUserId()); if (!checkPassword(param.getOriginPassword(), sysLogin.getPassword(), currentUser.getUserId())) { return ResponseBean.error("原始密码不正确", ResponseBean.ERROR_ILLEGAL_PARAMS); } sysLogin.setPassword(EncryptUtils.md5(param.getNewPassword(), currentUser.getUserId())); iSysLoginService.updateById(sysLogin); return ResponseBean.success("密码修改成功"); } @ApiParam("客户端登录") @PostMapping("/{appid}/login") public ResponseBean clientLogin(@ApiParam("APPID") @PathVariable String appid, @ApiParam("登录参数") @RequestBody LoginParam loginParam) throws Exception { if (null == loginParam) { return ResponseBean.error("登录参数不存在", ResponseBean.ERROR_ILLEGAL_PARAMS); } if (StringUtils.isEmpty(loginParam.getName()) || StringUtils.isEmpty(loginParam.getPhone()) || StringUtils.isEmpty(loginParam.getCaptcha())) { return ResponseBean.error("登录参数不合法", ResponseBean.ERROR_ILLEGAL_PARAMS); } boolean isCapatchRight = smsCaptcha.validate(loginParam.getPhone(), loginParam.getCaptcha()); if (!isCapatchRight) { return ResponseBean.error("验证码不正确", ResponseBean.ERROR_ILLEGAL_PARAMS); } // TaApp taApp = iTaAppService.getById(appid); if (null == taApp) { return ResponseBean.error("APPID不正确", ResponseBean.ERROR_ILLEGAL_PARAMS); } TaPerson taPerson = iTaPersonService.getByPhone(loginParam.getPhone()); if (null != taPerson) { return ResponseBean.success(taPerson); } taPerson = new TaPerson(); taPerson.setNickName(loginParam.getName()); taPerson.setPhone(loginParam.getPhone()); if (iTaPersonService.save(taPerson)) { Map result = new HashMap<>(); result.put("person", taPerson); return ResponseBean.success(taPerson); } else { return ResponseBean.error("登录失败, 请重试", ResponseBean.ERROR_UNAVAILABLE); } } // @PutMapping("/admin/reset-password/{userId}") // @ApiOperation(value="重置密码", notes = "重置密码", httpMethod = "PUT", response = ResponseBean.class) // public ResponseBean resetPassword(@ApiParam("用户ID") @PathVariable String userId) throws Exception { // SysLogin sysLogin = iSysLoginService.getByUser(userId); // // String newPassword = EncryptUtils.md5(EncryptUtils.md5(Constants.DEFAULT_PASSWORD), userId); // sysLogin.setPassword(newPassword); // iSysLoginService.updateById(sysLogin); // // return ResponseBean.success("重置密码成功"); // } private boolean checkPassword(String src, String targ, String salt) { return EncryptUtils.md5(src, salt).equals(targ); } }