package org.dromara.web.controller;
|
|
import cn.dev33.satoken.annotation.SaIgnore;
|
import cn.hutool.core.collection.CollUtil;
|
import cn.hutool.core.util.ObjectUtil;
|
import jakarta.servlet.http.HttpServletRequest;
|
import lombok.RequiredArgsConstructor;
|
import lombok.extern.slf4j.Slf4j;
|
import me.zhyd.oauth.model.AuthResponse;
|
import me.zhyd.oauth.model.AuthUser;
|
import me.zhyd.oauth.request.AuthRequest;
|
import me.zhyd.oauth.utils.AuthStateUtils;
|
import org.dromara.common.core.constant.UserConstants;
|
import org.dromara.common.core.domain.R;
|
import org.dromara.common.core.domain.model.LoginBody;
|
import org.dromara.common.core.domain.model.RegisterBody;
|
import org.dromara.common.core.domain.model.SocialLoginBody;
|
import org.dromara.common.core.utils.*;
|
import org.dromara.common.json.utils.JsonUtils;
|
import org.dromara.common.social.config.properties.SocialLoginConfigProperties;
|
import org.dromara.common.social.config.properties.SocialProperties;
|
import org.dromara.common.social.utils.SocialUtils;
|
import org.dromara.common.tenant.helper.TenantHelper;
|
import org.dromara.system.domain.SysClient;
|
import org.dromara.system.domain.bo.SysTenantBo;
|
import org.dromara.system.domain.vo.SysTenantVo;
|
import org.dromara.system.service.ISysClientService;
|
import org.dromara.system.service.ISysConfigService;
|
import org.dromara.system.service.ISysSocialService;
|
import org.dromara.system.service.ISysTenantService;
|
import org.dromara.web.domain.vo.LoginTenantVo;
|
import org.dromara.web.domain.vo.LoginVo;
|
import org.dromara.web.domain.vo.TenantListVo;
|
import org.dromara.web.service.IAuthStrategy;
|
import org.dromara.web.service.SysLoginService;
|
import org.dromara.web.service.SysRegisterService;
|
import org.springframework.validation.annotation.Validated;
|
import org.springframework.web.bind.annotation.*;
|
|
import java.net.URL;
|
import java.util.List;
|
|
/**
|
* 认证
|
*
|
* @author Lion Li
|
*/
|
@Slf4j
|
@SaIgnore
|
@Validated
|
@RequiredArgsConstructor
|
@RestController
|
@RequestMapping("/auth")
|
public class AuthController {
|
|
private final SocialProperties socialProperties;
|
private final SysLoginService loginService;
|
private final SysRegisterService registerService;
|
private final ISysConfigService configService;
|
private final ISysTenantService tenantService;
|
private final ISysSocialService socialUserService;
|
private final ISysClientService clientService;
|
|
|
/**
|
* 登录方法
|
*
|
* @param body 登录信息
|
* @return 结果
|
*/
|
@PostMapping("/login")
|
public R<LoginVo> login(@Validated @RequestBody String body) {
|
LoginBody loginBody = JsonUtils.parseObject(body, LoginBody.class);
|
ValidatorUtils.validate(loginBody);
|
// 授权类型和客户端id
|
String clientId = loginBody.getClientId();
|
String grantType = loginBody.getGrantType();
|
SysClient client = clientService.queryByClientId(clientId);
|
// 查询不到 client 或 client 内不包含 grantType
|
if (ObjectUtil.isNull(client) || !StringUtils.contains(client.getGrantType(), grantType)) {
|
log.info("客户端id: {} 认证类型:{} 异常!.", clientId, grantType);
|
return R.fail(MessageUtils.message("auth.grant.type.error"));
|
} else if (!UserConstants.NORMAL.equals(client.getStatus())) {
|
return R.fail(MessageUtils.message("auth.grant.type.blocked"));
|
}
|
// 校验租户
|
loginService.checkTenant(loginBody.getTenantId());
|
// 登录
|
return R.ok(IAuthStrategy.login(body, client, grantType));
|
}
|
|
/**
|
* 第三方登录请求
|
*
|
* @param source 登录来源
|
* @return 结果
|
*/
|
@GetMapping("/binding/{source}")
|
public R<String> authBinding(@PathVariable("source") String source) {
|
SocialLoginConfigProperties obj = socialProperties.getType().get(source);
|
if (ObjectUtil.isNull(obj)) {
|
return R.fail(source + "平台账号暂不支持");
|
}
|
AuthRequest authRequest = SocialUtils.getAuthRequest(source, socialProperties);
|
String authorizeUrl = authRequest.authorize(AuthStateUtils.createState());
|
return R.ok("操作成功", authorizeUrl);
|
}
|
|
/**
|
* 第三方登录回调业务处理 绑定授权
|
*
|
* @param loginBody 请求体
|
* @return 结果
|
*/
|
@PostMapping("/social/callback")
|
public R<Void> socialCallback(@RequestBody SocialLoginBody loginBody) {
|
// 获取第三方登录信息
|
AuthResponse<AuthUser> response = SocialUtils.loginAuth(
|
loginBody.getSource(), loginBody.getSocialCode(),
|
loginBody.getSocialState(), socialProperties);
|
AuthUser authUserData = response.getData();
|
// 判断授权响应是否成功
|
if (!response.ok()) {
|
return R.fail(response.getMsg());
|
}
|
loginService.socialRegister(authUserData);
|
return R.ok();
|
}
|
|
|
/**
|
* 取消授权
|
*
|
* @param socialId socialId
|
*/
|
@DeleteMapping(value = "/unlock/{socialId}")
|
public R<Void> unlockSocial(@PathVariable Long socialId) {
|
Boolean rows = socialUserService.deleteWithValidById(socialId);
|
return rows ? R.ok() : R.fail("取消授权失败");
|
}
|
|
|
/**
|
* 退出登录
|
*/
|
@PostMapping("/logout")
|
public R<Void> logout() {
|
loginService.logout();
|
return R.ok("退出成功");
|
}
|
|
/**
|
* 用户注册
|
*/
|
@PostMapping("/register")
|
public R<Void> register(@Validated @RequestBody RegisterBody user) {
|
if (!configService.selectRegisterEnabled(user.getTenantId())) {
|
return R.fail("当前系统没有开启注册功能!");
|
}
|
registerService.register(user);
|
return R.ok();
|
}
|
|
/**
|
* 登录页面租户下拉框
|
*
|
* @return 租户列表
|
*/
|
@GetMapping("/tenant/list")
|
public R<LoginTenantVo> tenantList(HttpServletRequest request) throws Exception {
|
List<SysTenantVo> tenantList = tenantService.queryList(new SysTenantBo());
|
List<TenantListVo> voList = MapstructUtils.convert(tenantList, TenantListVo.class);
|
// 获取域名
|
String host;
|
String referer = request.getHeader("referer");
|
if (StringUtils.isNotBlank(referer)) {
|
// 这里从referer中取值是为了本地使用hosts添加虚拟域名,方便本地环境调试
|
host = referer.split("//")[1].split("/")[0];
|
} else {
|
host = new URL(request.getRequestURL().toString()).getHost();
|
}
|
// 根据域名进行筛选
|
List<TenantListVo> list = StreamUtils.filter(voList, vo ->
|
StringUtils.equals(vo.getDomain(), host));
|
// 返回对象
|
LoginTenantVo vo = new LoginTenantVo();
|
vo.setVoList(CollUtil.isNotEmpty(list) ? list : voList);
|
vo.setTenantEnabled(TenantHelper.isEnable());
|
return R.ok(vo);
|
}
|
|
}
|
