package com.vincent.rsf.server.system.controller; import com.vincent.rsf.common.enums.SystemModeType; import com.vincent.rsf.common.utils.Utils; import com.vincent.rsf.framework.common.BaseRes; import com.vincent.rsf.framework.common.Cools; import com.vincent.rsf.framework.common.R; import com.vincent.rsf.framework.exception.CoolException; import com.vincent.rsf.server.common.annotation.OperationLog; import com.vincent.rsf.server.common.config.ConfigProperties; import com.vincent.rsf.server.common.domain.BusinessRes; import com.vincent.rsf.server.common.security.JwtSubject; import com.vincent.rsf.server.common.service.EmailService; import com.vincent.rsf.server.common.service.RedisService; import com.vincent.rsf.server.common.utils.JwtUtil; import com.vincent.rsf.server.system.controller.param.LoginParam; import com.vincent.rsf.server.system.controller.param.RegisterParam; import com.vincent.rsf.server.system.controller.param.TenantInitParam; import com.vincent.rsf.server.system.controller.param.UpdatePasswordParam; import com.vincent.rsf.server.system.controller.result.LoginResult; import com.vincent.rsf.server.system.controller.result.MenuVo; import com.vincent.rsf.server.system.controller.result.SystemInfoVo; import com.vincent.rsf.server.system.entity.Menu; import com.vincent.rsf.server.system.entity.Tenant; import com.vincent.rsf.server.system.entity.User; import com.vincent.rsf.server.system.entity.UserLogin; import com.vincent.rsf.server.system.enums.EmailType; import com.vincent.rsf.server.system.enums.StatusType; import com.vincent.rsf.server.system.service.RoleMenuService; import com.vincent.rsf.server.system.service.TenantService; import com.vincent.rsf.server.system.service.UserLoginService; import com.vincent.rsf.server.system.service.UserService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.*; import javax.annotation.Resource; import javax.servlet.http.HttpServletRequest; import java.util.List; import java.util.stream.Collectors; /** * Authority Controller * Created by vincent on 1/30/2024 */ @RestController public class AuthController extends BaseController { @Resource private ConfigProperties configProperties; @Resource private UserService userService; @Resource private UserLoginService userLoginService; @Resource private RoleMenuService roleMenuService; @Resource private TenantService tenantService; @Autowired private EmailService emailService; @Autowired private RedisService redisService; @PostMapping("/login") public R login(@RequestBody LoginParam param, HttpServletRequest request) { String username = param.getUsername(); User user = userService.getByUsername(username , configProperties.getSystemMode() .equals(SystemModeType.OFFLINE) ? param.getTenantId() : null ); if (user == null) { return R.parse(BusinessRes.USERNAME_NOT_EXIST); } if (!user.getStatus().equals(StatusType.ENABLE.val)) { return R.parse(BusinessRes.USERNAME_FROZEN); } if (!userService.comparePassword(user.getPassword(), param.getPassword())) { return R.parse(BusinessRes.INVALID_PASSWORD); } String accessToken = JwtUtil.buildToken(new JwtSubject(username, user.getTenantId()), configProperties.getTokenExpireTime(), configProperties.getTokenKey()); userLoginService.saveAsync(user.getId(), accessToken, UserLogin.TYPE_LOGIN, user.getTenantId(), null, request); Tenant tenant = tenantService.getById(user.getTenantId()); return R.ok("Sign In Success").add(new LoginResult(accessToken, user, tenant.getName())); } @GetMapping("/email/code") public R emailCode(@RequestParam(value = "email", required = false) String email) { if (Cools.isEmpty(email)) { return R.parse(BaseRes.PARAM); } if (!emailService.isValid(email)) { return R.parse(BusinessRes.INVALID_EMAIL); } if (null != userService.getByEmail(email, null)) { return R.parse(BusinessRes.EMAIL_EXIT); } Long expire = redisService.getExpire(EmailType.REGISTER_VERIFY.toString(), email); if (expire > (configProperties.getCodeTime() - 60)) { return R.error("Please don't request code too frequently."); } String code = Utils.randomNumbers(configProperties.getCodeLength()); if (emailService.sendEmail(email, EmailType.REGISTER_VERIFY, Cools.add("code", code))) { redisService.setValue(EmailType.REGISTER_VERIFY.toString(), email, code, configProperties.getCodeTime()); } return R.ok(); } @OperationLog("Register") @PostMapping("/register") public R register(@RequestBody RegisterParam param, HttpServletRequest request) { if (Cools.isEmpty(param.getUsername(), param.getPassword(), param.getEmail(), param.getCode())) { return R.parse(BaseRes.PARAM); } // verify code if (!param.getCode().equals(configProperties.getSecurityCode())) { String cacheCode = redisService.getValue(EmailType.REGISTER_VERIFY.toString(), param.getEmail()); if (Cools.isEmpty(cacheCode)) { return R.error("The verification code has expired."); } if (!cacheCode.equals(param.getCode())) { return R.error("The verification code is incorrect."); } } // register TenantInitParam initParam = new TenantInitParam(); initParam.setEmail(param.getEmail()); initParam.setUsername(param.getUsername()); initParam.setPassword(param.getPassword()); initParam.setName(param.getUsername()); initParam.setFlag(param.getUsername()); Long tenantId = tenantService.initTenant(initParam); if (null == tenantId) { throw new CoolException("Failed to register"); } redisService.delete(EmailType.REGISTER_VERIFY.toString(), param.getEmail()); // token User user = userService.getByUsername(param.getUsername(), tenantId); String accessToken = JwtUtil.buildToken(new JwtSubject(user.getUsername(), user.getTenantId()), configProperties.getTokenExpireTime(), configProperties.getTokenKey()); userLoginService.saveAsync(user.getId(), accessToken, UserLogin.TYPE_LOGIN, tenantId, null, request); Tenant tenant = tenantService.getById(user.getTenantId()); return R.ok("Sign Up Success").add(new LoginResult(accessToken, user, tenant.getName())); } @GetMapping("/system/info") public R systemInfo() { SystemInfoVo infoVo = new SystemInfoVo(); infoVo.setName(configProperties.getSystemName()); infoVo.setVersion(configProperties.getSystemVersion()); infoVo.setMode(configProperties.getSystemMode().toString()); return R.ok(infoVo); } @GetMapping("/tenant/list") public R tenantList() { return R.ok().add(tenantService.list()); } @GetMapping("/auth/user") public R userInfo() { User user = userService.getById(getLoginUserId()); return R.ok(userService.setUserAuthInfo(user)); } @GetMapping("/auth/menu") public R userMenu() { List menus = roleMenuService.listMenuByUserId(getLoginUserId(), Menu.TYPE_MENU); List voList = menus.stream().map(this::convertToVo).collect(Collectors.toList()); // exclude tenant if (!configProperties.getSuperUserList().contains(getLoginUser().getUsername())) { voList = voList.stream().filter(vo -> !vo.getName().equals("menu.tenant") && !vo.getName().equals("menu.menu") ).collect(Collectors.toList()); } return R.ok().add(Utils.toTreeData(voList, 0L, MenuVo::getParentId, MenuVo::getId, MenuVo::setChildren)); } @OperationLog("Update UserInfo") @PostMapping("/auth/user") public R updateInfo(@RequestBody User user) { user.setId(getLoginUserId()); user.setUsername(null); user.setPassword(null); user.setEmailVerified(null); user.setTenantId(null); user.setStatus(null); if (!Cools.isEmpty(user.getEmail())) { if (!emailService.isValid(user.getEmail())) { return R.parse(BusinessRes.INVALID_EMAIL); } User one = userService.getByEmail(user.getEmail(), null); if (null != one && !one.getId().equals(user.getId())) { return R.parse(BusinessRes.EMAIL_EXIT); } } if (userService.updateById(user)) { return R.ok("Save Success").add(userService.getById(user.getId())); } return R.error("Save Fail"); } @OperationLog("Reset Password") @PostMapping("/auth/reset/password") public R resetPassword(@RequestBody UpdatePasswordParam param) { if (Cools.isEmpty(param.getOldPassword(), param.getNewPassword())) { return R.parse(BaseRes.PARAM); } Long userId = getLoginUserId(); if (userId == null) { return R.error("Please Login First"); } if (!userService.comparePassword(userService.getById(userId).getPassword(), param.getOldPassword())) { return R.parse(BusinessRes.INVALID_PASSWORD); } User user = new User(); user.setId(userId); user.setPassword(userService.encodePassword(param.getNewPassword())); if (userService.updateById(user)) { return R.ok("Reset Password Success"); } return R.error("Reset Password Fail"); } // ---------------------------------------------------- private MenuVo convertToVo(Menu menu) { if (menu == null) { return null; } MenuVo vo = new MenuVo(); vo.setId(menu.getId()); vo.setName(menu.getName()); vo.setParentId(menu.getParentId()); // vo.setParentName(menu.getParentName()); vo.setPath(menu.getPath()); // vo.setPathName(menu.getPathName()); vo.setRoute(menu.getRoute()); vo.setComponent(menu.getComponent()); vo.setType(menu.getType()); vo.setIcon(menu.getIcon()); vo.setSort(menu.getSort()); if (menu.getChildren() != null && !menu.getChildren().isEmpty()) { List childDTOs = menu.getChildren().stream() .map(this::convertToVo) .collect(Collectors.toList()); vo.setChildren(childDTOs); } return vo; } }