lbqms.git - Gitblit

			@@ -1,51 +1,63 @@
			package org.dromara.web.controller;

			import cn.dev33.satoken.annotation.SaIgnore;
			import cn.dev33.satoken.exception.NotLoginException;
			import cn.hutool.core.codec.Base64;
			import cn.hutool.core.collection.CollUtil;
			import cn.hutool.core.util.ObjectUtil;
			import jakarta.servlet.http.HttpServletRequest;
			import jakarta.validation.constraints.NotBlank;
			import lombok.RequiredArgsConstructor;
			import me.zhyd.oauth.model.AuthCallback;
			import lombok.extern.slf4j.Slf4j;
			import me.zhyd.oauth.model.AuthResponse;
			import me.zhyd.oauth.model.AuthUser;
			import me.zhyd.oauth.request.AuthRequest;
			import me.zhyd.oauth.utils.AuthStateUtils;
			import org.dromara.common.core.constant.UserConstants;
			import org.dromara.common.core.domain.R;
			import org.dromara.common.core.domain.model.EmailLoginBody;
			import org.dromara.common.core.domain.model.LoginBody;
			import org.dromara.common.core.domain.model.RegisterBody;
			import org.dromara.common.core.domain.model.SmsLoginBody;
			import org.dromara.common.core.utils.MapstructUtils;
			import org.dromara.common.core.utils.StreamUtils;
			import org.dromara.common.core.utils.StringUtils;
			import org.dromara.common.core.domain.model.SocialLoginBody;
			import org.dromara.common.core.utils.*;
			import org.dromara.common.encrypt.annotation.ApiEncrypt;
			import org.dromara.common.json.utils.JsonUtils;
			import org.dromara.common.satoken.utils.LoginHelper;
			import org.dromara.common.social.config.properties.SocialLoginConfigProperties;
			import org.dromara.common.social.config.properties.SocialProperties;
			import org.dromara.common.social.utils.SocialUtils;
			import org.dromara.common.sse.dto.SseMessageDto;
			import org.dromara.common.sse.utils.SseMessageUtils;
			import org.dromara.common.tenant.helper.TenantHelper;
			import org.dromara.system.domain.bo.SysTenantBo;
			import org.dromara.system.domain.vo.SysClientVo;
			import org.dromara.system.domain.vo.SysTenantVo;
			import org.dromara.system.service.ISysSocialService;
			import org.dromara.system.service.ISysClientService;
			import org.dromara.system.service.ISysConfigService;
			import org.dromara.system.service.ISysSocialService;
			import org.dromara.system.service.ISysTenantService;
			import org.dromara.web.domain.vo.LoginTenantVo;
			import org.dromara.web.domain.vo.LoginVo;
			import org.dromara.web.domain.vo.TenantListVo;
			import org.dromara.web.service.IAuthStrategy;
			import org.dromara.web.service.SysLoginService;
			import org.dromara.web.service.SysRegisterService;
			import org.springframework.validation.annotation.Validated;
			import org.springframework.web.bind.annotation.*;

			import java.net.URL;
			import java.nio.charset.StandardCharsets;
			import java.util.HashMap;
			import java.util.List;
			import java.util.Map;
			import java.util.concurrent.ScheduledExecutorService;
			import java.util.concurrent.TimeUnit;

			/**
			* 认证
			*
			* @author Lion Li
			*/
			@Slf4j
			@SaIgnore
			@Validated
			@RequiredArgsConstructor
			@RestController
			@RequestMapping("/auth")
			@@ -57,6 +69,8 @@
			private final ISysConfigService configService;
			private final ISysTenantService tenantService;
			private final ISysSocialService socialUserService;
			private final ISysClientService clientService;
			private final ScheduledExecutorService scheduledExecutorService;


			/**
			@@ -65,111 +79,80 @@
			* @param body 登录信息
			* @return 结果
			*/
			@ApiEncrypt
			@PostMapping("/login")
			public R<LoginVo> login(@Validated @RequestBody LoginBody body) {
			LoginVo loginVo = new LoginVo();
			// 生成令牌
			String token = loginService.login(
			body.getTenantId(),
			body.getUsername(), body.getPassword(),
			body.getCode(), body.getUuid());
			loginVo.setToken(token);
			public R<LoginVo> login(@RequestBody String body) {
			LoginBody loginBody = JsonUtils.parseObject(body, LoginBody.class);
			ValidatorUtils.validate(loginBody);
			// 授权类型和客户端id
			String clientId = loginBody.getClientId();
			String grantType = loginBody.getGrantType();
			SysClientVo client = clientService.queryByClientId(clientId);
			// 查询不到 client 或 client 内不包含 grantType
			if (ObjectUtil.isNull(client) \|\| !StringUtils.contains(client.getGrantType(), grantType)) {
			log.info("客户端id: {} 认证类型：{} 异常!.", clientId, grantType);
			return R.fail(MessageUtils.message("auth.grant.type.error"));
			} else if (!UserConstants.NORMAL.equals(client.getStatus())) {
			return R.fail(MessageUtils.message("auth.grant.type.blocked"));
			}
			// 校验租户
			loginService.checkTenant(loginBody.getTenantId());
			// 登录
			LoginVo loginVo = IAuthStrategy.login(body, client, grantType);

			Long userId = LoginHelper.getUserId();
			scheduledExecutorService.schedule(() -> {
			SseMessageDto dto = new SseMessageDto();
			dto.setMessage("欢迎登录RuoYi-Vue-Plus后台管理系统");
			dto.setUserIds(List.of(userId));
			SseMessageUtils.publishMessage(dto);
			}, 5, TimeUnit.SECONDS);
			return R.ok(loginVo);
			}

			/**
			* 短信登录
			*
			* @param body 登录信息
			* @return 结果
			*/
			@PostMapping("/smsLogin")
			public R<LoginVo> smsLogin(@Validated @RequestBody SmsLoginBody body) {
			LoginVo loginVo = new LoginVo();
			// 生成令牌
			String token = loginService.smsLogin(
			body.getTenantId(),
			body.getPhonenumber(),
			body.getSmsCode());
			loginVo.setToken(token);
			return R.ok(loginVo);
			}

			/**
			* 邮件登录
			*
			* @param body 登录信息
			* @return 结果
			*/
			@PostMapping("/emailLogin")
			public R<LoginVo> emailLogin(@Validated @RequestBody EmailLoginBody body) {
			LoginVo loginVo = new LoginVo();
			// 生成令牌
			String token = loginService.emailLogin(
			body.getTenantId(),
			body.getEmail(),
			body.getEmailCode());
			loginVo.setToken(token);
			return R.ok(loginVo);
			}

			/**
			* 小程序登录(示例)
			*
			* @param xcxCode 小程序code
			* @return 结果
			*/
			@PostMapping("/xcxLogin")
			public R<LoginVo> xcxLogin(@NotBlank(message = "{xcx.code.not.blank}") String xcxCode) {
			LoginVo loginVo = new LoginVo();
			// 生成令牌
			String token = loginService.xcxLogin(xcxCode);
			loginVo.setToken(token);
			return R.ok(loginVo);
			}


			/**
			* 认证授权
			* 第三方登录请求
			*
			* @param source 登录来源
			* @return 结果
			*/
			@GetMapping("/binding/{source}")
			public R<String> authBinding(@PathVariable("source") String source) {
			public R<String> authBinding(@PathVariable("source") String source,
			@RequestParam String tenantId, @RequestParam String domain) {
			SocialLoginConfigProperties obj = socialProperties.getType().get(source);
			if (ObjectUtil.isNull(obj)) {
			return R.fail(source + "平台账号暂不支持");
			}
			AuthRequest authRequest = SocialUtils.getAuthRequest(source,
			obj.getClientId(),
			obj.getClientSecret(),
			obj.getRedirectUri());
			String authorizeUrl = authRequest.authorize(AuthStateUtils.createState());
			return R.ok(authorizeUrl);
			AuthRequest authRequest = SocialUtils.getAuthRequest(source, socialProperties);
			Map<String, String> map = new HashMap<>();
			map.put("tenantId", tenantId);
			map.put("domain", domain);
			map.put("state", AuthStateUtils.createState());
			String authorizeUrl = authRequest.authorize(Base64.encode(JsonUtils.toJsonString(map), StandardCharsets.UTF_8));
			return R.ok("操作成功", authorizeUrl);
			}

			/**
			* 第三方登录回调业务处理
			* 第三方登录回调业务处理绑定授权
			*
			* @param source 登录来源
			* @param callback 授权响应实体
			* @param loginBody 请求体
			* @return 结果
			*/
			@SuppressWarnings("unchecked")
			@GetMapping("/social-login")
			public R<String> socialLogin(String source, AuthCallback callback) {
			SocialLoginConfigProperties obj = socialProperties.getType().get(source);
			if (ObjectUtil.isNull(obj)) {
			return R.fail(source + "平台账号暂不支持");
			@PostMapping("/social/callback")
			public R<Void> socialCallback(@RequestBody SocialLoginBody loginBody) {
			// 获取第三方登录信息
			AuthResponse<AuthUser> response = SocialUtils.loginAuth(
			loginBody.getSource(), loginBody.getSocialCode(),
			loginBody.getSocialState(), socialProperties);
			AuthUser authUserData = response.getData();
			// 判断授权响应是否成功
			if (!response.ok()) {
			return R.fail(response.getMsg());
			}
			AuthRequest authRequest = SocialUtils.getAuthRequest(source,
			obj.getClientId(),
			obj.getClientSecret(),
			obj.getRedirectUri());
			AuthResponse<AuthUser> response = authRequest.login(callback);
			return loginService.socialLogin(source, response);
			loginService.socialRegister(authUserData);
			return R.ok();
			}


			/**
			* 取消授权
			@@ -195,6 +178,7 @@
			/**
			* 用户注册
			*/
			@ApiEncrypt
			@PostMapping("/register")
			public R<Void> register(@Validated @RequestBody RegisterBody user) {
			if (!configService.selectRegisterEnabled(user.getTenantId())) {
			@@ -211,8 +195,26 @@
			*/
			@GetMapping("/tenant/list")
			public R<LoginTenantVo> tenantList(HttpServletRequest request) throws Exception {
			// 返回对象
			LoginTenantVo result = new LoginTenantVo();
			boolean enable = TenantHelper.isEnable();
			result.setTenantEnabled(enable);
			// 如果未开启租户这直接返回
			if (!enable) {
			return R.ok(result);
			}

			List<SysTenantVo> tenantList = tenantService.queryList(new SysTenantBo());
			List<TenantListVo> voList = MapstructUtils.convert(tenantList, TenantListVo.class);
			try {
			// 如果只超管返回所有租户
			if (LoginHelper.isSuperAdmin()) {
			result.setVoList(voList);
			return R.ok(result);
			}
			} catch (NotLoginException ignored) {
			}

			// 获取域名
			String host;
			String referer = request.getHeader("referer");
			@@ -224,12 +226,9 @@
			}
			// 根据域名进行筛选
			List<TenantListVo> list = StreamUtils.filter(voList, vo ->
			StringUtils.equals(vo.getDomain(), host));
			// 返回对象
			LoginTenantVo vo = new LoginTenantVo();
			vo.setVoList(CollUtil.isNotEmpty(list) ? list : voList);
			vo.setTenantEnabled(TenantHelper.isEnable());
			return R.ok(vo);
			StringUtils.equals(vo.getDomain(), host));
			result.setVoList(CollUtil.isNotEmpty(list) ? list : voList);
			return R.ok(result);
			}

			}