package com.zy.acs.manager.system.controller; import com.zy.acs.common.utils.Utils; import com.zy.acs.manager.common.annotation.OperationLog; import com.zy.acs.manager.common.config.ConfigProperties; import com.zy.acs.manager.common.security.JwtSubject; import com.zy.acs.manager.common.utils.JwtUtil; import com.zy.acs.manager.system.controller.param.LoginParam; import com.zy.acs.manager.system.controller.param.UpdatePasswordParam; import com.zy.acs.manager.system.controller.result.LoginResult; import com.zy.acs.manager.system.entity.Menu; import com.zy.acs.manager.system.entity.User; import com.zy.acs.manager.system.entity.UserLogin; import com.zy.acs.manager.system.service.RoleMenuService; import com.zy.acs.manager.system.service.TenantService; import com.zy.acs.manager.system.service.UserLoginService; import com.zy.acs.manager.system.service.UserService; import com.zy.acs.framework.common.Cools; import com.zy.acs.framework.common.R; import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.*; import javax.annotation.Resource; import javax.servlet.http.HttpServletRequest; import java.util.List; /** * 认证控制器 * * Created by vincent on 1/30/2024 */ @RestController @RequestMapping("/api") public class AuthController extends BaseController { @Resource private ConfigProperties configProperties; @Resource private UserService userService; @Resource private UserLoginService userLoginService; @Resource private RoleMenuService roleMenuService; @Resource private TenantService tenantService; @PostMapping("/login") public R login(@RequestBody LoginParam param, HttpServletRequest request) { // System.out.println(userService.encodePassword("123456")); String username = param.getUsername(); Long tenantId = param.getTenantId(); User user = userService.getByUsername(username, tenantId); if (user == null) { return R.error("Username Does Not Exist"); } if (!user.getStatus().equals(1)) { return R.error("Account Frozen"); } if (!userService.comparePassword(user.getPassword(), param.getPassword())) { return R.error("Wrong Password"); } String accessToken = JwtUtil.buildToken(new JwtSubject(username, user.getTenantId()), configProperties.getTokenExpireTime(), configProperties.getTokenKey()); userLoginService.saveAsync(user.getId(), accessToken, UserLogin.TYPE_LOGIN, tenantId, null, request); return R.ok("Login Success").add(new LoginResult(accessToken, user)); } @GetMapping("/auth/user") public R userInfo() { return R.ok(userService.getByIdRel(getLoginUserId())); } @GetMapping("/auth/menu") public R userMenu() { List menus = roleMenuService.listMenuByUserId(getLoginUserId(), Menu.TYPE_MENU); return R.ok().add(Utils.toTreeData(menus, 0L, Menu::getParentId, Menu::getId, Menu::setChildren)); } @GetMapping("/auth/tenant") public R authHost() { return R.ok().add(tenantService.list()); } @PreAuthorize("hasAuthority('sys:auth:user')") @OperationLog @PutMapping("/auth/user") public R updateInfo(@RequestBody User user) { user.setId(getLoginUserId()); // 不能修改的字段 user.setUsername(null); user.setPassword(null); user.setEmailVerified(null); user.setTenantId(null); user.setStatus(null); if (userService.updateById(user)) { return R.ok().add(userService.getByIdRel(user.getId())); } return R.error("Save Fail"); } @PreAuthorize("hasAuthority('sys:auth:password')") @OperationLog @PutMapping("/auth/password") public R updatePassword(@RequestBody UpdatePasswordParam param) { if (Cools.isEmpty(param.getOldPassword(), param.getPassword())) { return R.error("Parameters Cannot Be Empty"); } Long userId = getLoginUserId(); if (userId == null) { return R.error("Please Login First"); } if (!userService.comparePassword(userService.getById(userId).getPassword(), param.getOldPassword())) { return R.error("The Origin Password Was Incorrect"); } User user = new User(); user.setId(userId); user.setPassword(userService.encodePassword(param.getPassword())); if (userService.updateById(user)) { return R.ok("Update Success"); } return R.error("Update Fail"); } }