登录实现
This commit is contained in:
parent
5e56d21107
commit
757283266b
|
|
@ -3,22 +3,19 @@ package com.chinaweal.aiccs.org.controller;
|
|||
import com.alibaba.fastjson.JSON;
|
||||
import com.alibaba.fastjson.JSONObject;
|
||||
import com.chinaweal.aiccs.common.base.controller.BaseController;
|
||||
import com.chinaweal.aiccs.common.base.entity.dto.login.LoginMessage;
|
||||
import com.chinaweal.aiccs.common.constant.CommonConstants;
|
||||
import com.chinaweal.aiccs.common.util.OAuthTokenUtils;
|
||||
import com.chinaweal.aiccs.common.util.SM4Utils;
|
||||
import com.chinaweal.aiccs.common.util.StringUtils;
|
||||
import com.chinaweal.aiccs.org.entity.OauthAccessToken;
|
||||
import com.chinaweal.aiccs.org.entity.OauthAuthorizationCode;
|
||||
import com.chinaweal.aiccs.org.entity.OauthClient;
|
||||
import com.chinaweal.aiccs.org.entity.*;
|
||||
import com.chinaweal.aiccs.org.entity.dto.*;
|
||||
import com.chinaweal.aiccs.org.service.IOauthAccessTokenService;
|
||||
import com.chinaweal.aiccs.org.service.IOauthAuthorizationCodeService;
|
||||
import com.chinaweal.aiccs.org.service.IOauthClientService;
|
||||
import com.chinaweal.aiccs.org.service.IUnifiedAuthService;
|
||||
import com.chinaweal.aiccs.org.service.*;
|
||||
import com.chinaweal.aiccs.redis.RedisService;
|
||||
import com.chinaweal.aicorg.model.AICUser;
|
||||
import com.chinaweal.aicorg.services.OrgUM;
|
||||
import com.chinaweal.youfool.framework.springboot.rest.RestResult;
|
||||
import com.chinaweal.youfool.framework.springboot.rest.ResultCode;
|
||||
import com.chinaweal.youfool.framework.sso.util.SSOUtil;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
|
|
@ -53,9 +50,17 @@ public class OAuth2Controller extends BaseController {
|
|||
@Autowired
|
||||
private IOauthAccessTokenService oauthTokenService;
|
||||
@Autowired
|
||||
private IImsUserService iImsUserService;
|
||||
@Autowired
|
||||
private OrgUM orgUM;
|
||||
@Autowired
|
||||
private IUnifiedAuthService unifiedAuthService;
|
||||
@Autowired
|
||||
private UserBaseService userBaseService;
|
||||
@Autowired
|
||||
private TUsersService usersService;
|
||||
@Autowired
|
||||
private RedisService redisService;
|
||||
|
||||
/**
|
||||
* OAuth授权端点
|
||||
|
|
@ -577,7 +582,8 @@ public class OAuth2Controller extends BaseController {
|
|||
@RequestParam(value = "code", required = false) String code,
|
||||
@RequestParam(value = "state", required = false) String state,
|
||||
@RequestParam(value = "error", required = false) String error,
|
||||
@RequestParam(value = "error_description", required = false) String errorDescription) {
|
||||
@RequestParam(value = "error_description", required = false) String errorDescription,
|
||||
HttpServletRequest request) {
|
||||
|
||||
try {
|
||||
// 检查是否有错误
|
||||
|
|
@ -597,33 +603,58 @@ public class OAuth2Controller extends BaseController {
|
|||
.build();
|
||||
}
|
||||
|
||||
String requestId = StringUtils.getUUID();
|
||||
log.info("收到统一认证平台回调,code: {}, state: {}", code, state);
|
||||
|
||||
// 使用授权码获取访问令牌
|
||||
UnifiedAuthDTO.TokenResponse tokenResponse = unifiedAuthService.getAccessToken(code);
|
||||
if (StringUtils.isNotBlank(tokenResponse.getError())) {
|
||||
log.error("获取访问令牌失败: {} - {}", tokenResponse.getError(), tokenResponse.getError_description());
|
||||
log.error("requestId:{},获取访问令牌失败: {} - {}", requestId, tokenResponse.getError(), tokenResponse.getError_description());
|
||||
return ResponseEntity.status(HttpStatus.FOUND)
|
||||
.location(java.net.URI.create("/integration/#/login?error=" + URLEncoder.encode(tokenResponse.getError_description(), "UTF-8")))
|
||||
.location(java.net.URI.create("/integration/#/login?requestId=" + requestId + "&error=" + URLEncoder.encode(tokenResponse.getError_description(), "UTF-8")))
|
||||
.build();
|
||||
}
|
||||
|
||||
// 使用访问令牌获取用户信息
|
||||
UnifiedAuthDTO.UserInfoResponse userInfo = unifiedAuthService.getUserInfo(tokenResponse.getAccess_token());
|
||||
if (StringUtils.isNotBlank(userInfo.getError())) {
|
||||
log.error("获取用户信息失败: {} - {}", userInfo.getError(), userInfo.getError_description());
|
||||
log.error("requestId:{},获取用户信息失败: {} - {}", requestId, userInfo.getError(), userInfo.getError_description());
|
||||
return ResponseEntity.status(HttpStatus.FOUND)
|
||||
.location(java.net.URI.create("/integration/#/login?error=" + URLEncoder.encode(userInfo.getError_description(), "UTF-8")))
|
||||
.location(java.net.URI.create("/integration/#/login?requestId=" + requestId + "&error=" + URLEncoder.encode(userInfo.getError_description(), "UTF-8")))
|
||||
.build();
|
||||
}
|
||||
|
||||
// 获取到用户信息,进行本地登录处理
|
||||
log.info("统一认证平台OAuth2回调接口,获取到用户信息: {}", JSON.toJSONString(userInfo));
|
||||
log.info("统一认证平台OAuth2回调接口,获取到用户信息,requestId:{},用户信息:{}", requestId, JSON.toJSONString(userInfo));
|
||||
|
||||
// 这里需要根据业务需求,使用用户信息创建本地会话
|
||||
// 例如:调用本地登录逻辑,设置session等
|
||||
// 这里简化处理,实际需要根据系统现有的登录机制实现
|
||||
// TODO:实际登录逻辑
|
||||
// 根据证件号查询IMS用户信息
|
||||
if (StringUtils.isBlank(userInfo.getIdCard())) {
|
||||
return ResponseEntity.status(HttpStatus.FOUND)
|
||||
.location(java.net.URI.create("/integration/#/login?requestId=" + requestId + "&error=" + URLEncoder.encode("统一身份认证回调信息不足以支持登录,请联系系统管理员", "UTF-8")))
|
||||
.build();
|
||||
}
|
||||
ImsUser one = iImsUserService.lambdaQuery().eq(ImsUser::getIdCard, userInfo.getIdCard())
|
||||
.eq(ImsUser::getDeleted, CommonConstants.FALSE_0).last("limit 1").one();
|
||||
if (one == null) {
|
||||
return ResponseEntity.status(HttpStatus.FOUND)
|
||||
.location(java.net.URI.create("/integration/#/login?requestId=" + requestId + "&error=" + URLEncoder.encode("IMS_USER用户信息不存在,请联系系统管理员", "UTF-8")))
|
||||
.build();
|
||||
}
|
||||
// 查询绑定的账号
|
||||
String usercode = one.getUsercode();
|
||||
TUsers tuser = usersService.lambdaQuery().eq(TUsers::getImsusercode, usercode).last("limit 1").one();
|
||||
if (tuser == null) {
|
||||
return ResponseEntity.status(HttpStatus.FOUND)
|
||||
.location(java.net.URI.create("/integration/#/login?requestId=" + requestId + "&error=" + URLEncoder.encode("无匹配的综合监管用户,请联系系统管理员", "UTF-8")))
|
||||
.build();
|
||||
}
|
||||
|
||||
RestResult<AICUser> loginResult = userBaseService.login(tuser.getUsername(), "ChinaWeal_2026");
|
||||
AICUser user = loginResult.getData();
|
||||
// 将登录了的用户信息存至Session
|
||||
request.getSession().setAttribute(DRUID_SESSION_KEY, String.format("%s(%s)", user.getName(), user.getEname()));
|
||||
redisService.remove(tuser.getUsername());
|
||||
SSOUtil.login(user);
|
||||
|
||||
// 跳转到首页
|
||||
return ResponseEntity.status(HttpStatus.FOUND)
|
||||
|
|
|
|||
|
|
@ -100,6 +100,13 @@ public class ImsUser implements Serializable {
|
|||
@ApiModelProperty("组织机构")
|
||||
private String userorg;
|
||||
|
||||
/**
|
||||
* 组织机构编码
|
||||
*/
|
||||
@TableField("USERORGCODE")
|
||||
@ApiModelProperty("组织机构编码")
|
||||
private String userorgcode;
|
||||
|
||||
/**
|
||||
* 身份证号
|
||||
*/
|
||||
|
|
|
|||
|
|
@ -1,5 +1,6 @@
|
|||
package com.chinaweal.aiccs.org.entity;
|
||||
|
||||
import com.baomidou.mybatisplus.annotation.TableField;
|
||||
import com.baomidou.mybatisplus.annotation.TableId;
|
||||
import com.baomidou.mybatisplus.annotation.TableName;
|
||||
import com.baomidou.mybatisplus.extension.activerecord.Model;
|
||||
|
|
@ -7,6 +8,8 @@ import java.io.Serializable;
|
|||
import java.time.LocalDate;
|
||||
import java.time.LocalDateTime;
|
||||
|
||||
import com.chinaweal.aiccs.common.util.DateUtils;
|
||||
import com.fasterxml.jackson.annotation.JsonFormat;
|
||||
import lombok.Data;
|
||||
import lombok.EqualsAndHashCode;
|
||||
import lombok.experimental.Accessors;
|
||||
|
|
@ -27,37 +30,58 @@ public class TUsers extends Model<TUsers> {
|
|||
|
||||
private static final long serialVersionUID=1L;
|
||||
|
||||
@TableId
|
||||
@TableId("USERID")
|
||||
private String userid;
|
||||
|
||||
@TableField("USERNAME")
|
||||
private String username;
|
||||
|
||||
@TableField("PASSWORD")
|
||||
private String password;
|
||||
|
||||
@TableField("REALNAME")
|
||||
private String realname;
|
||||
|
||||
@TableField("LOCKED")
|
||||
private String locked;
|
||||
|
||||
@TableField("DELETED")
|
||||
private String deleted;
|
||||
|
||||
@TableField("ORGDEPTID")
|
||||
private String orgdeptid;
|
||||
|
||||
@TableField("ORGUNITID")
|
||||
private String orgunitid;
|
||||
|
||||
@TableField("ORGJOBID")
|
||||
private String orgjobid;
|
||||
|
||||
@TableField("USERPROP")
|
||||
private Integer userprop;
|
||||
|
||||
@TableField("USERSTATUS")
|
||||
private String userstatus;
|
||||
|
||||
@TableField("GRADENUM")
|
||||
private Integer gradenum;
|
||||
|
||||
@TableField("CUSTOMINDEX")
|
||||
private Integer customindex;
|
||||
|
||||
@TableField("LIMITTNUM")
|
||||
private Integer limittnum; //限制用户登录次数
|
||||
|
||||
@JsonFormat(pattern = DateUtils.DATETIME_DEFAULT_FORMAT, timezone = "GMT+8")
|
||||
@TableField("LASTERRORTIME")
|
||||
private LocalDateTime lasterrortime;//用户登录失败5次后的时间
|
||||
|
||||
/**
|
||||
* 统一身份认证的用户编码
|
||||
*/
|
||||
@TableField("IMSUSERCODE")
|
||||
private String imsusercode;
|
||||
|
||||
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -55,6 +55,9 @@ public class ImsUserDTO implements Serializable {
|
|||
@ApiModelProperty(value = "组织机构")
|
||||
private String userorg;
|
||||
|
||||
@ApiModelProperty(value = "组织机构编码")
|
||||
private String userorgcode;
|
||||
|
||||
@ApiModelProperty(value = "身份证号")
|
||||
private String idCard;
|
||||
|
||||
|
|
|
|||
|
|
@ -73,6 +73,7 @@ public class UnifiedAuthDTO {
|
|||
@Data
|
||||
public static class UserInfoResponse {
|
||||
private String userId;
|
||||
private String idCard;
|
||||
private String userName;
|
||||
private String name;
|
||||
private String code;
|
||||
|
|
|
|||
|
|
@ -85,6 +85,7 @@ public class ImsUserServiceImpl extends ServiceImpl<ImsUserMapper, ImsUser> impl
|
|||
newUser.setIsRoam(dto.getIsRoam());
|
||||
newUser.setStatus(dto.getStatus());
|
||||
newUser.setUserorg(dto.getUserorg());
|
||||
newUser.setUserorgcode(dto.getUserorgcode());
|
||||
newUser.setDeleted("0");
|
||||
this.save(newUser);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -114,7 +114,7 @@ public class UnifiedAuthServiceImpl implements IUnifiedAuthService {
|
|||
ResponseEntity<String> responseEntity = restTemplate.getForEntity(url, String.class);
|
||||
|
||||
String responseBody = responseEntity.getBody();
|
||||
log.info("获取用户信息响应: {}", responseBody);
|
||||
log.info("IMS获取用户信息响应: {}", responseBody);
|
||||
|
||||
// 解析响应
|
||||
UnifiedAuthDTO.UserInfoResponse response = JSON.parseObject(responseBody, UnifiedAuthDTO.UserInfoResponse.class);
|
||||
|
|
|
|||
Loading…
Reference in New Issue