登录实现

2026-03-24 17:04:33 +08:00 · 2026-03-24 17:04:33 +08:00 · 757283266b
parent 5e56d21107
commit 757283266b
7 changed files with 87 additions and 20 deletions
--- a/src/main/java/com/chinaweal/aiccs/org/controller/OAuth2Controller.java
+++ b/src/main/java/com/chinaweal/aiccs/org/controller/OAuth2Controller.java
@ -3,22 +3,19 @@ package com.chinaweal.aiccs.org.controller;
 import com.alibaba.fastjson.JSON;
 import com.alibaba.fastjson.JSONObject;
 import com.chinaweal.aiccs.common.base.controller.BaseController;
-import com.chinaweal.aiccs.common.base.entity.dto.login.LoginMessage;
+import com.chinaweal.aiccs.common.constant.CommonConstants;
 import com.chinaweal.aiccs.common.util.OAuthTokenUtils;
 import com.chinaweal.aiccs.common.util.SM4Utils;
 import com.chinaweal.aiccs.common.util.StringUtils;
-import com.chinaweal.aiccs.org.entity.OauthAccessToken;
+import com.chinaweal.aiccs.org.entity.*;
 import com.chinaweal.aiccs.org.entity.OauthAuthorizationCode;
 import com.chinaweal.aiccs.org.entity.OauthClient;
 import com.chinaweal.aiccs.org.entity.dto.*;
-import com.chinaweal.aiccs.org.service.IOauthAccessTokenService;
+import com.chinaweal.aiccs.org.service.*;
-import com.chinaweal.aiccs.org.service.IOauthAuthorizationCodeService;
+import com.chinaweal.aiccs.redis.RedisService;
 import com.chinaweal.aiccs.org.service.IOauthClientService;
 import com.chinaweal.aiccs.org.service.IUnifiedAuthService;
 import com.chinaweal.aicorg.model.AICUser;
 import com.chinaweal.aicorg.services.OrgUM;
 import com.chinaweal.youfool.framework.springboot.rest.RestResult;
 import com.chinaweal.youfool.framework.springboot.rest.ResultCode;
 import com.chinaweal.youfool.framework.sso.util.SSOUtil;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
@ -53,9 +50,17 @@ public class OAuth2Controller extends BaseController {
    @Autowired
    private IOauthAccessTokenService oauthTokenService;
    @Autowired
    private IImsUserService iImsUserService;
    @Autowired
    private OrgUM orgUM;
    @Autowired
    private IUnifiedAuthService unifiedAuthService;
    @Autowired
    private UserBaseService userBaseService;
    @Autowired
    private TUsersService usersService;
    @Autowired
    private RedisService redisService;
    /**
     * OAuth授权端点
@ -577,7 +582,8 @@ public class OAuth2Controller extends BaseController {
            @RequestParam(value = "code", required = false) String code,
            @RequestParam(value = "state", required = false) String state,
            @RequestParam(value = "error", required = false) String error,
-            @RequestParam(value = "error_description", required = false) String errorDescription) {
+            @RequestParam(value = "error_description", required = false) String errorDescription,
            HttpServletRequest request) {
        try {
            // 检查是否有错误
@ -597,33 +603,58 @@ public class OAuth2Controller extends BaseController {
                        .build();
            }
            String requestId = StringUtils.getUUID();
            log.info("收到统一认证平台回调，code: {}, state: {}", code, state);
            // 使用授权码获取访问令牌
            UnifiedAuthDTO.TokenResponse tokenResponse = unifiedAuthService.getAccessToken(code);
            if (StringUtils.isNotBlank(tokenResponse.getError())) {
-                log.error("获取访问令牌失败: {} - {}", tokenResponse.getError(), tokenResponse.getError_description());
+                log.error("requestId：{}，获取访问令牌失败: {} - {}", requestId, tokenResponse.getError(), tokenResponse.getError_description());
                return ResponseEntity.status(HttpStatus.FOUND)
-                        .location(java.net.URI.create("/integration/#/login?error=" + URLEncoder.encode(tokenResponse.getError_description(), "UTF-8")))
+                        .location(java.net.URI.create("/integration/#/login?requestId=" + requestId + "&error=" + URLEncoder.encode(tokenResponse.getError_description(), "UTF-8")))
                        .build();
            }
            // 使用访问令牌获取用户信息
            UnifiedAuthDTO.UserInfoResponse userInfo = unifiedAuthService.getUserInfo(tokenResponse.getAccess_token());
            if (StringUtils.isNotBlank(userInfo.getError())) {
-                log.error("获取用户信息失败: {} - {}", userInfo.getError(), userInfo.getError_description());
+                log.error("requestId：{}，获取用户信息失败: {} - {}", requestId, userInfo.getError(), userInfo.getError_description());
                return ResponseEntity.status(HttpStatus.FOUND)
-                        .location(java.net.URI.create("/integration/#/login?error=" + URLEncoder.encode(userInfo.getError_description(), "UTF-8")))
+                        .location(java.net.URI.create("/integration/#/login?requestId=" + requestId + "&error=" + URLEncoder.encode(userInfo.getError_description(), "UTF-8")))
                        .build();
            }
            // 获取到用户信息，进行本地登录处理
-            log.info("统一认证平台OAuth2回调接口，获取到用户信息: {}", JSON.toJSONString(userInfo));
+            log.info("统一认证平台OAuth2回调接口，获取到用户信息，requestId：{}，用户信息：{}", requestId, JSON.toJSONString(userInfo));
-            // 这里需要根据业务需求，使用用户信息创建本地会话
+            // 根据证件号查询IMS用户信息
-            // 例如：调用本地登录逻辑，设置session等
+            if (StringUtils.isBlank(userInfo.getIdCard())) {
-            // 这里简化处理，实际需要根据系统现有的登录机制实现
+                return ResponseEntity.status(HttpStatus.FOUND)
-            // TODO:实际登录逻辑
+                        .location(java.net.URI.create("/integration/#/login?requestId=" + requestId + "&error=" + URLEncoder.encode("统一身份认证回调信息不足以支持登录，请联系系统管理员", "UTF-8")))
                        .build();
            }
            ImsUser one = iImsUserService.lambdaQuery().eq(ImsUser::getIdCard, userInfo.getIdCard())
                    .eq(ImsUser::getDeleted, CommonConstants.FALSE_0).last("limit 1").one();
            if (one == null) {
                return ResponseEntity.status(HttpStatus.FOUND)
                        .location(java.net.URI.create("/integration/#/login?requestId=" + requestId + "&error=" + URLEncoder.encode("IMS_USER用户信息不存在，请联系系统管理员", "UTF-8")))
                        .build();
            }
            // 查询绑定的账号
            String usercode = one.getUsercode();
            TUsers tuser = usersService.lambdaQuery().eq(TUsers::getImsusercode, usercode).last("limit 1").one();
            if (tuser == null) {
                return ResponseEntity.status(HttpStatus.FOUND)
                        .location(java.net.URI.create("/integration/#/login?requestId=" + requestId + "&error=" + URLEncoder.encode("无匹配的综合监管用户，请联系系统管理员", "UTF-8")))
                        .build();
            }
            RestResult<AICUser> loginResult = userBaseService.login(tuser.getUsername(), "ChinaWeal_2026");
            AICUser user = loginResult.getData();
            // 将登录了的用户信息存至Session
            request.getSession().setAttribute(DRUID_SESSION_KEY, String.format("%s(%s)", user.getName(), user.getEname()));
            redisService.remove(tuser.getUsername());
            SSOUtil.login(user);
            // 跳转到首页
            return ResponseEntity.status(HttpStatus.FOUND)
--- a/src/main/java/com/chinaweal/aiccs/org/entity/ImsUser.java
+++ b/src/main/java/com/chinaweal/aiccs/org/entity/ImsUser.java
@ -100,6 +100,13 @@ public class ImsUser implements Serializable {
    @ApiModelProperty("组织机构")
    private String userorg;
    /**
     * 组织机构编码
     */
    @TableField("USERORGCODE")
    @ApiModelProperty("组织机构编码")
    private String userorgcode;
    /**
     * 身份证号
     */
--- a/src/main/java/com/chinaweal/aiccs/org/entity/TUsers.java
+++ b/src/main/java/com/chinaweal/aiccs/org/entity/TUsers.java
@ -1,5 +1,6 @@
 package com.chinaweal.aiccs.org.entity;
 import com.baomidou.mybatisplus.annotation.TableField;
 import com.baomidou.mybatisplus.annotation.TableId;
 import com.baomidou.mybatisplus.annotation.TableName;
 import com.baomidou.mybatisplus.extension.activerecord.Model;
@ -7,6 +8,8 @@ import java.io.Serializable;
 import java.time.LocalDate;
 import java.time.LocalDateTime;
 import com.chinaweal.aiccs.common.util.DateUtils;
 import com.fasterxml.jackson.annotation.JsonFormat;
 import lombok.Data;
 import lombok.EqualsAndHashCode;
 import lombok.experimental.Accessors;
@ -27,37 +30,58 @@ public class TUsers extends Model<TUsers> {
    private static final long serialVersionUID=1L;
-    @TableId
+    @TableId("USERID")
    private String userid;
    @TableField("USERNAME")
    private String username;
    @TableField("PASSWORD")
    private String password;
    @TableField("REALNAME")
    private String realname;
    @TableField("LOCKED")
    private String locked;
    @TableField("DELETED")
    private String deleted;
    @TableField("ORGDEPTID")
    private String orgdeptid;
    @TableField("ORGUNITID")
    private String orgunitid;
    @TableField("ORGJOBID")
    private String orgjobid;
    @TableField("USERPROP")
    private Integer userprop;
    @TableField("USERSTATUS")
    private String userstatus;
    @TableField("GRADENUM")
    private Integer gradenum;
    @TableField("CUSTOMINDEX")
    private Integer customindex;
    @TableField("LIMITTNUM")
    private Integer limittnum; //限制用户登录次数
    @JsonFormat(pattern = DateUtils.DATETIME_DEFAULT_FORMAT, timezone = "GMT+8")
    @TableField("LASTERRORTIME")
    private LocalDateTime lasterrortime;//用户登录失败5次后的时间
    /**
     * 统一身份认证的用户编码
     */
    @TableField("IMSUSERCODE")
    private String imsusercode;
    @Override
--- a/src/main/java/com/chinaweal/aiccs/org/entity/dto/ImsUserDTO.java
+++ b/src/main/java/com/chinaweal/aiccs/org/entity/dto/ImsUserDTO.java
@ -55,6 +55,9 @@ public class ImsUserDTO implements Serializable {
    @ApiModelProperty(value = "组织机构")
    private String userorg;
    @ApiModelProperty(value = "组织机构编码")
    private String userorgcode;
    @ApiModelProperty(value = "身份证号")
    private String idCard;
--- a/src/main/java/com/chinaweal/aiccs/org/entity/dto/UnifiedAuthDTO.java
+++ b/src/main/java/com/chinaweal/aiccs/org/entity/dto/UnifiedAuthDTO.java
@ -73,6 +73,7 @@ public class UnifiedAuthDTO {
    @Data
    public static class UserInfoResponse {
        private String userId;
        private String idCard;
        private String userName;
        private String name;
        private String code;
--- a/src/main/java/com/chinaweal/aiccs/org/service/impl/ImsUserServiceImpl.java
+++ b/src/main/java/com/chinaweal/aiccs/org/service/impl/ImsUserServiceImpl.java
@ -85,6 +85,7 @@ public class ImsUserServiceImpl extends ServiceImpl<ImsUserMapper, ImsUser> impl
            newUser.setIsRoam(dto.getIsRoam());
            newUser.setStatus(dto.getStatus());
            newUser.setUserorg(dto.getUserorg());
            newUser.setUserorgcode(dto.getUserorgcode());
            newUser.setDeleted("0");
            this.save(newUser);
        }
--- a/src/main/java/com/chinaweal/aiccs/org/service/impl/UnifiedAuthServiceImpl.java
+++ b/src/main/java/com/chinaweal/aiccs/org/service/impl/UnifiedAuthServiceImpl.java
@ -114,7 +114,7 @@ public class UnifiedAuthServiceImpl implements IUnifiedAuthService {
            ResponseEntity<String> responseEntity = restTemplate.getForEntity(url, String.class);
            String responseBody = responseEntity.getBody();
-            log.info("获取用户信息响应: {}", responseBody);
+            log.info("IMS获取用户信息响应: {}", responseBody);
            // 解析响应
            UnifiedAuthDTO.UserInfoResponse response = JSON.parseObject(responseBody, UnifiedAuthDTO.UserInfoResponse.class);