package com.zy.asrs.wms.system.controller; import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; import com.zy.asrs.common.domain.enums.LoginSystemType; import com.zy.asrs.framework.annotations.ManagerAuth; import com.zy.asrs.framework.common.Cools; import com.zy.asrs.framework.common.R; import com.zy.asrs.framework.exception.CoolException; import com.zy.asrs.wms.common.annotation.OperationLog; import com.zy.asrs.wms.common.config.ConfigProperties; import com.zy.asrs.wms.common.security.JwtSubject; import com.zy.asrs.wms.system.controller.param.LoginParam; import com.zy.asrs.wms.system.controller.param.UpdatePasswordParam; import com.zy.asrs.wms.system.controller.result.LoginResult; import com.zy.asrs.wms.system.entity.*; import com.zy.asrs.wms.system.service.*; import com.zy.asrs.wms.utils.JwtUtil; import com.zy.asrs.wms.utils.Utils; import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.*; import javax.annotation.Resource; import javax.servlet.http.HttpServletRequest; import java.util.ArrayList; import java.util.List; /** * 认证控制器 * * Created by vincent on 1/30/2024 */ @RestController @RequestMapping("/api") public class AuthController extends BaseController { @Resource private ConfigProperties configProperties; @Resource private UserService userService; @Resource private UserLoginService userLoginService; @Resource private RoleMenuService roleMenuService; @Resource private HostService hostService; @Resource private UserRoleService userRoleService; @Resource private MenuService menuService; @PostMapping("/login") public R login(@RequestBody LoginParam param, HttpServletRequest request) { String username = param.getUsername(); Long hostId = param.getHostId(); User user = userService.getByUsername(username, hostId); if (user == null) { return R.error("账号不存在"); } if (!user.getStatus().equals(1)) { return R.error("账号被冻结"); } if (!userService.comparePassword(user.getPassword(), param.getPassword())) { return R.error("密码错误"); } String accessToken = JwtUtil.buildToken(new JwtSubject(username, user.getHostId()), configProperties.getTokenExpireTime(), configProperties.getTokenKey()); userLoginService.saveAsync(user.getId(), accessToken, UserLogin.TYPE_LOGIN, hostId, null, request); return R.ok("登录成功").add(new LoginResult(accessToken, user)); } @GetMapping("/auth/user") public R userInfo() { return R.ok(userService.getByIdRel(getLoginUserId())); } @GetMapping("/auth/menu") public R userMenu() { List menus = roleMenuService.listMenuByUserId(getLoginUserId(), Menu.TYPE_MENU, getHostId()); return R.ok().add(Utils.toTreeData(menus, 0L, Menu::getParentId, Menu::getId, Menu::setChildren)); } @GetMapping("/auth/host") public R authHost() { List list = hostService.list(); return R.ok().add(list); } @PreAuthorize("hasAuthority('sys:auth:user')") @OperationLog @PutMapping("/auth/user") public R updateInfo(@RequestBody User user) { user.setId(getLoginUserId()); // 不能修改的字段 user.setUsername(null); user.setPassword(null); user.setEmailVerified(null); user.setHostId(null); user.setStatus(null); if (userService.updateById(user)) { return R.ok().add(userService.getByIdRel(user.getId())); } return R.error("保存失败"); } @PreAuthorize("hasAuthority('sys:auth:password')") @OperationLog @PutMapping("/auth/password") public R updatePassword(@RequestBody UpdatePasswordParam param) { if (Cools.isEmpty(param.getOldPassword(), param.getPassword())) { return R.error("参数不能为空"); } Long userId = getLoginUserId(); if (userId == null) { return R.error("未登录"); } if (!userService.comparePassword(userService.getById(userId).getPassword(), param.getOldPassword())) { return R.error("原密码输入不正确"); } User user = new User(); user.setId(userId); user.setPassword(userService.encodePassword(param.getPassword())); if (userService.updateById(user)) { return R.ok("修改成功"); } return R.error("修改失败"); } @GetMapping("/auth/router") public R router() { List userRoles = userRoleService.list(new LambdaQueryWrapper().eq(UserRole::getUserId, getLoginUserId())); if (userRoles.isEmpty()) { return R.error(); } ArrayList roles = new ArrayList<>(); for (UserRole userRole : userRoles) { roles.add(userRole.getRoleId()); } ArrayList menus = new ArrayList<>(); List roleMenus = roleMenuService.list(new LambdaQueryWrapper().in(RoleMenu::getRoleId, roles)); for (RoleMenu roleMenu : roleMenus) { if(!menus.contains(roleMenu.getMenuId())) { menus.add(roleMenu.getMenuId()); } } List menuList = menuService.list(new LambdaQueryWrapper() .in(Menu::getId, menus) .eq(Menu::getType, Menu.TYPE_MENU) .orderByAsc(Menu::getId)); return R.ok().add(menuList); } @RequestMapping("/show/host.action") @ManagerAuth public R showHosts() { Long hostId = getHostId(); String hostName = null; if (hostId != null) { Host host = hostService.getById(hostId); if (host != null) { hostName = host.getName(); } } boolean root = false; List roles = userRoleService.listByUserId(getLoginUserId()); for (Role role : roles) { if (role.getId() == 1) { root = true; break; } } return R.ok().add(Cools .add("root", root) .add("host", hostId == null) .add("hostId", hostId) .add("hostName", hostName) ); } @RequestMapping(value = "/root/change/host/auth") @ManagerAuth public R rootChangeHost(@RequestParam Long hostId) { UserLogin userLogin = userLoginService.superFindByUserId(getLoginUserId(), String.valueOf(LoginSystemType.WMS)); if (userLogin != null) { userLogin.setHostId(hostId); if (!userLoginService.updateById(userLogin)) { throw new CoolException("修改商户失败"); } return R.ok(); } else { return R.error(); } } }