package com.zy.asrs.wms.system.controller;
|
|
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
|
import com.zy.asrs.common.domain.enums.LoginSystemType;
|
import com.zy.asrs.framework.annotations.ManagerAuth;
|
import com.zy.asrs.framework.common.Cools;
|
import com.zy.asrs.framework.common.R;
|
import com.zy.asrs.framework.exception.CoolException;
|
import com.zy.asrs.wms.common.annotation.OperationLog;
|
import com.zy.asrs.wms.common.config.ConfigProperties;
|
import com.zy.asrs.wms.common.security.JwtSubject;
|
import com.zy.asrs.wms.system.controller.param.LoginParam;
|
import com.zy.asrs.wms.system.controller.param.UpdatePasswordParam;
|
import com.zy.asrs.wms.system.controller.result.LoginResult;
|
import com.zy.asrs.wms.system.entity.*;
|
import com.zy.asrs.wms.system.service.*;
|
import com.zy.asrs.wms.utils.JwtUtil;
|
import com.zy.asrs.wms.utils.Utils;
|
import org.springframework.security.access.prepost.PreAuthorize;
|
import org.springframework.web.bind.annotation.*;
|
|
import javax.annotation.Resource;
|
import javax.servlet.http.HttpServletRequest;
|
import java.util.ArrayList;
|
import java.util.List;
|
|
/**
|
* 认证控制器
|
*
|
* Created by vincent on 1/30/2024
|
*/
|
@RestController
|
@RequestMapping("/api")
|
public class AuthController extends BaseController {
|
|
@Resource
|
private ConfigProperties configProperties;
|
@Resource
|
private UserService userService;
|
@Resource
|
private UserLoginService userLoginService;
|
@Resource
|
private RoleMenuService roleMenuService;
|
@Resource
|
private HostService hostService;
|
@Resource
|
private UserRoleService userRoleService;
|
@Resource
|
private MenuService menuService;
|
|
@PostMapping("/login")
|
public R login(@RequestBody LoginParam param, HttpServletRequest request) {
|
String username = param.getUsername();
|
Long hostId = param.getHostId();
|
User user = userService.getByUsername(username, hostId);
|
if (user == null) {
|
return R.error("账号不存在");
|
}
|
if (!user.getStatus().equals(1)) {
|
return R.error("账号被冻结");
|
}
|
if (!userService.comparePassword(user.getPassword(), param.getPassword())) {
|
return R.error("密码错误");
|
}
|
String accessToken = JwtUtil.buildToken(new JwtSubject(username, user.getHostId()),
|
configProperties.getTokenExpireTime(), configProperties.getTokenKey());
|
userLoginService.saveAsync(user.getId(), accessToken, UserLogin.TYPE_LOGIN, hostId, null, request);
|
return R.ok("登录成功").add(new LoginResult(accessToken, user));
|
}
|
|
@GetMapping("/auth/user")
|
public R userInfo() {
|
return R.ok(userService.getByIdRel(getLoginUserId()));
|
}
|
|
@GetMapping("/auth/menu")
|
public R userMenu() {
|
List<Menu> menus = roleMenuService.listMenuByUserId(getLoginUserId(), Menu.TYPE_MENU, getHostId());
|
return R.ok().add(Utils.toTreeData(menus, 0L, Menu::getParentId, Menu::getId, Menu::setChildren));
|
}
|
|
@GetMapping("/auth/host")
|
public R authHost() {
|
List<Host> list = hostService.list();
|
return R.ok().add(list);
|
}
|
|
@PreAuthorize("hasAuthority('sys:auth:user')")
|
@OperationLog
|
@PutMapping("/auth/user")
|
public R updateInfo(@RequestBody User user) {
|
user.setId(getLoginUserId());
|
// 不能修改的字段
|
user.setUsername(null);
|
user.setPassword(null);
|
user.setEmailVerified(null);
|
user.setHostId(null);
|
user.setStatus(null);
|
if (userService.updateById(user)) {
|
return R.ok().add(userService.getByIdRel(user.getId()));
|
}
|
return R.error("保存失败");
|
}
|
|
@PreAuthorize("hasAuthority('sys:auth:password')")
|
@OperationLog
|
@PutMapping("/auth/password")
|
public R updatePassword(@RequestBody UpdatePasswordParam param) {
|
if (Cools.isEmpty(param.getOldPassword(), param.getPassword())) {
|
return R.error("参数不能为空");
|
}
|
Long userId = getLoginUserId();
|
if (userId == null) {
|
return R.error("未登录");
|
}
|
if (!userService.comparePassword(userService.getById(userId).getPassword(), param.getOldPassword())) {
|
return R.error("原密码输入不正确");
|
}
|
User user = new User();
|
user.setId(userId);
|
user.setPassword(userService.encodePassword(param.getPassword()));
|
if (userService.updateById(user)) {
|
return R.ok("修改成功");
|
}
|
return R.error("修改失败");
|
}
|
|
@GetMapping("/auth/router")
|
public R router() {
|
List<UserRole> userRoles = userRoleService.list(new LambdaQueryWrapper<UserRole>().eq(UserRole::getUserId, getLoginUserId()));
|
if (userRoles.isEmpty()) {
|
return R.error();
|
}
|
ArrayList<Long> roles = new ArrayList<>();
|
for (UserRole userRole : userRoles) {
|
roles.add(userRole.getRoleId());
|
}
|
|
ArrayList<Long> menus = new ArrayList<>();
|
List<RoleMenu> roleMenus = roleMenuService.list(new LambdaQueryWrapper<RoleMenu>().in(RoleMenu::getRoleId, roles));
|
for (RoleMenu roleMenu : roleMenus) {
|
if(!menus.contains(roleMenu.getMenuId())) {
|
menus.add(roleMenu.getMenuId());
|
}
|
}
|
|
List<Menu> menuList = menuService.list(new LambdaQueryWrapper<Menu>()
|
.in(Menu::getId, menus)
|
.eq(Menu::getType, Menu.TYPE_MENU)
|
.eq(Menu::getPath, 1)
|
.orderByAsc(Menu::getId));
|
|
return R.ok().add(menuList);
|
}
|
|
@RequestMapping("/show/host.action")
|
@ManagerAuth
|
public R showHosts() {
|
Long hostId = getHostId();
|
String hostName = null;
|
if (hostId != null) {
|
Host host = hostService.getById(hostId);
|
if (host != null) {
|
hostName = host.getName();
|
}
|
}
|
boolean root = false;
|
List<Role> roles = userRoleService.listByUserId(getLoginUserId());
|
for (Role role : roles) {
|
if (role.getId() == 1) {
|
root = true;
|
break;
|
}
|
}
|
return R.ok().add(Cools
|
.add("root", root)
|
.add("host", hostId == null)
|
.add("hostId", hostId)
|
.add("hostName", hostName)
|
);
|
}
|
|
@RequestMapping(value = "/root/change/host/auth")
|
@ManagerAuth
|
public R rootChangeHost(@RequestParam Long hostId) {
|
UserLogin userLogin = userLoginService.superFindByUserId(getLoginUserId(), String.valueOf(LoginSystemType.WMS));
|
if (userLogin != null) {
|
userLogin.setHostId(hostId);
|
if (!userLoginService.updateById(userLogin)) {
|
throw new CoolException("修改商户失败");
|
}
|
return R.ok();
|
} else {
|
return R.error();
|
}
|
}
|
|
}
|
