package com.doumee.service.system.impl; import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper; import com.doumee.biz.system.SystemDictDataBiz; import com.doumee.config.jwt.JwtTokenUtil; import com.doumee.core.exception.BusinessException; import com.doumee.dao.system.dto.LoginH5DTO; import com.doumee.service.business.third.TmsService; import com.doumee.service.business.third.model.LoginUserInfo; import com.doumee.core.constants.ResponseStatus; import com.doumee.core.utils.Constants; import com.doumee.core.utils.Utils; import com.doumee.dao.business.dao.CompanyMapper; import com.doumee.dao.business.dao.MemberMapper; import com.doumee.dao.business.dao.SmsEmailMapper; import com.doumee.dao.business.model.Company; import com.doumee.dao.business.model.Member; import com.doumee.dao.business.model.SmsEmail; import com.doumee.dao.system.SystemUserMapper; import com.doumee.dao.system.dto.LoginDTO; import com.doumee.dao.system.dto.LoginPhoneDTO; import com.doumee.dao.system.model.*; import com.doumee.service.business.third.model.request.TmsEmployeeListRequest; import com.doumee.service.business.third.model.response.TmsEmployeeListResponse; import com.doumee.service.common.CaptchaService; import com.doumee.service.system.*; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.RandomStringUtils; import org.apache.commons.lang3.StringUtils; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.subject.Subject; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Lazy; import org.springframework.http.server.reactive.ServerHttpRequest; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; import javax.annotation.Resource; import javax.servlet.http.HttpServletRequest; import java.util.Date; import java.util.List; import java.util.Objects; @Slf4j @Service public class SystemLoginServiceImpl implements SystemLoginService { @Value("${project.version}") private String systemVersion; @Value("${debug_model}") private Boolean isDebug; @Lazy @Autowired private SystemUserService systemUserService; @Lazy @Autowired private MemberMapper memberMapper; @Autowired private SystemDictDataBiz systemDictDataBiz; @Lazy @Autowired private SystemUserMapper systemUserMapper; @Lazy @Autowired private SmsEmailMapper smsEmailMapper; @Lazy @Autowired private SystemDataPermissionService systemDataPermissionService; @Lazy @Autowired private SystemRoleService systemRoleService; @Lazy @Autowired private SystemPermissionService systemPermissionService; @Lazy @Autowired private CaptchaService captchaService; @Lazy @Autowired private SystemLoginLogService systemLoginLogService; @Autowired private CompanyMapper companyMapper; @Autowired private TmsService tmsService; @Resource private JwtTokenUtil jwtTokenUtil; @Override public String loginByPassword(LoginDTO dto, HttpServletRequest request) { SystemLoginLog loginLog = new SystemLoginLog(); loginLog.setLoginUsername(dto.getUsername()); loginLog.setLoginTime(new Date()); loginLog.setSystemVersion(systemVersion); loginLog.setIp(Utils.User_Client.getIP(request)); // loginLog.setLocation(Utils.Location.getLocationString(loginLog.getIp())); loginLog.setPlatform(Utils.User_Client.getPlatform(request)); loginLog.setClientInfo(Utils.User_Client.getBrowser(request)); loginLog.setOsInfo(Utils.User_Client.getOS(request)); loginLog.setServerIp(Utils.Server.getIP()); if((isDebug == null || !isDebug) && (Objects.isNull(dto.getCheckCode()) || dto.getCheckCode()) ){ // 校验验证码 try { captchaService.check(dto.getUuid(), dto.getCode()); } catch (Exception e) { log.error(e.getMessage(), e); loginLog.setReason(e.getMessage().length() > 200 ? (e.getMessage().substring(0, 190) + "...") : e.getMessage()); loginLog.setSuccess(Boolean.FALSE); systemLoginLogService.create(loginLog); throw e; } } // 校验用户名和密码 Subject subject = SecurityUtils.getSubject(); UsernamePasswordToken token = new UsernamePasswordToken(dto.getUsername(), dto.getPassword()); try { subject.login(token); loginLog.setUserId(((LoginUserInfo)subject.getPrincipal()).getId()); loginLog.setSuccess(Boolean.TRUE); systemLoginLogService.create(loginLog); return (String)subject.getSession().getId(); } catch (AuthenticationException e) { log.error(ResponseStatus.ACCOUNT_INCORRECT.getMessage(), e); loginLog.setReason(e.getMessage().length() > 200 ? (e.getMessage().substring(0, 190) + "...") : e.getMessage()); loginLog.setSuccess(Boolean.FALSE); systemLoginLogService.create(loginLog); throw new BusinessException(ResponseStatus.ACCOUNT_INCORRECT); } } @Override public LoginUserInfo loginByPasswordNew(LoginDTO dto, ServerHttpRequest request) { SystemLoginLog loginLog = getInitLoginlog(dto.getUsername(),request); if((isDebug == null || !isDebug) && (Objects.isNull(dto.getCheckCode()) || dto.getCheckCode()) ){ // 校验验证码 try { captchaService.check(dto.getUuid(), dto.getCode()); } catch (Exception e) { log.error(e.getMessage(), e); loginLog.setReason(e.getMessage().length() > 200 ? (e.getMessage().substring(0, 190) + "...") : e.getMessage()); loginLog.setSuccess(Boolean.FALSE); systemLoginLogService.create(loginLog); throw e; } } LoginUserInfo user = dealLoginByPwdNewBiz(dto.getUsername(),dto.getPassword(),null,dto.getOpenid(),request); systemLoginLogService.create(loginLog); return user; } @Override public LoginUserInfo loginH5 (LoginH5DTO dto, ServerHttpRequest request) { SystemLoginLog loginLog = getInitLoginlog(dto.getUsername(),request); if((isDebug == null || !isDebug) && (Objects.isNull(dto.getCheckCode()) || dto.getCheckCode()) ){ // 校验验证码 try { captchaService.check(dto.getUuid(), dto.getCode()); } catch (Exception e) { log.error(e.getMessage(), e); loginLog.setReason(e.getMessage().length() > 200 ? (e.getMessage().substring(0, 190) + "...") : e.getMessage()); loginLog.setSuccess(Boolean.FALSE); systemLoginLogService.create(loginLog); throw e; } } LoginUserInfo user = dealLoginByPwdNewBiz(dto.getUsername(),dto.getPassword(),null,dto.getOpenid(),request); systemLoginLogService.create(loginLog); return user; } private SystemLoginLog getInitLoginlog(String username, ServerHttpRequest request) { SystemLoginLog loginLog = new SystemLoginLog(); loginLog.setLoginUsername( username); loginLog.setLoginTime(new Date()); loginLog.setSystemVersion(systemVersion); // loginLog.setLocation(Utils.Location.getLocationString(loginLog.getIp())); if(request!=null&&request.getHeaders()!=null && request.getHeaders().size()>0){ loginLog.setIp(Utils.User_Client.getIP(request)); loginLog.setPlatform(Utils.User_Client.getPlatform(request)); loginLog.setClientInfo(Utils.User_Client.getBrowser(request)); loginLog.setOsInfo(Utils.User_Client.getOS(request)); } loginLog.setServerIp(Utils.Server.getIP()); return loginLog; } @Override public LoginUserInfo loginH5ByPhone(LoginPhoneDTO dto, ServerHttpRequest request) { isCaptcheValide(dto.getPhone(),dto.getCode());//检查验证码 SystemLoginLog loginLog = getInitLoginlog(dto.getPhone(),request); LoginUserInfo userInfo = dealLoginByPwdNewBiz(null,null,dto.getPhone(),dto.getOpenid(), request ); systemLoginLogService.create(loginLog); return userInfo; } private LoginUserInfo dealLoginByPwdNewBiz(String username,String pwd, String phone, String openid, ServerHttpRequest request) { // 根据用户名查询用户对象 SystemUser queryDto = new SystemUser(); queryDto.setMobile(phone); queryDto.setUsername(username); queryDto.setType(Constants.memberType.internal); queryDto.setDeleted(Boolean.FALSE); SystemUser user = systemUserService.findOne(queryDto); if (user == null) { throw new BusinessException(ResponseStatus.ACCOUNT_INCORRECT); } if(!Constants.equalsInteger(user.getSource(),Constants.ZERO)){ throw new BusinessException(ResponseStatus.NO_ALLOW_LOGIN); } if(StringUtils.isNotBlank( pwd)){ String pppp = Utils.Secure.encryptPassword(new String(pwd), user.getSalt()); // 比较密码 if( !StringUtils.equals(pppp, user.getPassword())){ throw new BusinessException(ResponseStatus.ACCOUNT_INCORRECT); } } dealOpenIdBiz(user,openid); Company company = new Company(); if(Objects.nonNull(user.getCompanyId())){ company = companyMapper.selectById(user.getCompanyId()); } // 获取登录用户信息 List roles = systemRoleService.findByUserId(user.getId()); List permissions = systemPermissionService.findByUserId(user.getId()); SystemRole rt = new SystemRole(); rt.setDeleted(Boolean.FALSE); //数据部门权限集合 user.setCompanyIdList(systemDataPermissionService.selectHighRole(new SystemDataPermission(),rt,user)); LoginUserInfo userInfo = LoginUserInfo.from(user, roles, permissions,company,null); return userInfo; } @Override public LoginUserInfo loginByPasswordForPda(LoginDTO dto, ServerHttpRequest request) { SystemLoginLog loginLog =getInitLoginlog(dto.getUsername(),request); // 根据用户名查询用户对象 SystemUser queryDto = new SystemUser(); queryDto.setUsername(dto.getUsername()); queryDto.setDeleted(Boolean.FALSE); SystemUser user = systemUserService.findOne(queryDto); if (user == null) { throw new BusinessException(ResponseStatus.ACCOUNT_INCORRECT); } if(!Constants.equalsInteger(user.getSource(),Constants.ZERO)){ throw new BusinessException(ResponseStatus.NO_ALLOW_LOGIN); } String pwd = Utils.Secure.encryptPassword(new String(dto.getPassword()), user.getSalt()); // 比较密码 if( !StringUtils.equals(pwd, user.getPassword())){ throw new BusinessException(ResponseStatus.ACCOUNT_INCORRECT); } dealOpenIdBiz(user,dto.getOpenid()); Company company = new Company(); if(Objects.nonNull(user.getCompanyId())){ company = companyMapper.selectById(user.getCompanyId()); } // 获取登录用户信息 List roles = systemRoleService.findByUserId(user.getId()); List permissions = systemPermissionService.findByUserId(user.getId()); SystemRole rt = new SystemRole(); rt.setDeleted(Boolean.FALSE); //数据部门权限集合 user.setCompanyIdList(systemDataPermissionService.selectHighRole(new SystemDataPermission(),rt,user)); LoginUserInfo userInfo = LoginUserInfo.from(user, roles, permissions,company,null); return userInfo; } private void dealOpenIdBiz(SystemUser user, String openid) { if(StringUtils.isNotBlank(openid)){ //如果openId不为空,绑定该用户openid systemUserMapper.update(null,new UpdateWrapper().lambda() .set(SystemUser::getOpenid,null) .set(SystemUser::getOpenidHkDate,null) .set(SystemUser::getOpenidHkInfo,null) .set(SystemUser::getOpenidHkStatus,Constants.ZERO) .eq(SystemUser::getOpenid,openid) // .eq(SystemUser::getType,user.getType()) ); systemUserMapper.update(null,new UpdateWrapper().lambda() .set(SystemUser::getOpenid,openid) .set(SystemUser::getOpenidHkStatus,Constants.ZERO) .set(SystemUser::getOpenidHkDate,null) .set(SystemUser::getOpenidHkInfo,null) .eq(SystemUser::getId,user.getId())); } } private void dealOpenIdBizForGk(SystemUser user, String openid) { if(StringUtils.isNotBlank(openid)){ //如果openId不为空,绑定该用户openid systemUserMapper.update(null,new UpdateWrapper().lambda() .set(SystemUser::getOpenid,null) .set(SystemUser::getOpenidHkDate,null) .set(SystemUser::getOpenidHkInfo,null) .set(SystemUser::getOpenidHkStatus,Constants.ZERO) .eq(SystemUser::getOpenid,openid) .eq(SystemUser::getType,user.getType()) ); systemUserMapper.update(null,new UpdateWrapper().lambda() .set(SystemUser::getOpenid,openid) .set(SystemUser::getOpenidHkStatus,Constants.ZERO) .set(SystemUser::getOpenidHkDate,null) .set(SystemUser::getOpenidHkInfo,null) .eq(SystemUser::getId,user.getId())); } } @Override public LoginUserInfo loginByPhone(LoginPhoneDTO dto, ServerHttpRequest request) { SystemLoginLog loginLog =getInitLoginlog(dto.getPhone(),request); // 根据用户名查询用户对象 SystemUser queryDto = new SystemUser(); queryDto.setMobile(dto.getPhone()); queryDto.setDeleted(Boolean.FALSE); SystemUser user = systemUserService.findOne(queryDto); if (user == null) { throw new BusinessException(ResponseStatus.ACCOUNT_INCORRECT); } if(!Constants.equalsInteger(user.getSource(),Constants.ZERO)){ throw new BusinessException(ResponseStatus.NO_ALLOW_LOGIN); } if(isDebug == null || !isDebug){ //验证 短信码 SmsEmail model = smsEmailMapper.selectOne(new QueryWrapper().lambda() .eq(SmsEmail::getType, Constants.ZERO) .eq(SmsEmail::getPhone, dto.getPhone()) .eq(SmsEmail::getRemark, dto.getCode()) .eq(SmsEmail::getIsdeleted, Constants.ZERO) ); if(model == null){ throw new BusinessException(ResponseStatus.BAD_REQUEST.getCode(),"对不起,验证码不正确,请重新发送再试!"); } if(!Constants.equalsInteger(model.getStatus(),Constants.ZERO)){ throw new BusinessException(ResponseStatus.BAD_REQUEST.getCode(),"对不起,验证码已失效,请重新发送再试!"); } if(model.getCreateDate() !=null && System.currentTimeMillis() - model.getCreateDate().getTime() > 3*60*1000){ model.setStatus(Constants.ONE); model.setEditDate(new Date()); smsEmailMapper.updateById(model); throw new BusinessException(ResponseStatus.BAD_REQUEST.getCode(),"对不起,验证码已失效,请重新发送再试~"); } model.setStatus(Constants.ONE); model.setEditDate(new Date()); smsEmailMapper.updateById(model); } Company company = new Company(); if(Objects.nonNull(user.getCompanyId())){ company = companyMapper.selectById(user.getCompanyId()); } // 获取登录用户信息 List roles = systemRoleService.findByUserId(user.getId()); List permissions = systemPermissionService.findByUserId(user.getId()); SystemRole rt = new SystemRole(); rt.setDeleted(Boolean.FALSE); //数据部门权限集合 user.setCompanyIdList(systemDataPermissionService.selectHighRole(new SystemDataPermission(),rt,user)); LoginUserInfo userInfo = LoginUserInfo.from(user, roles, permissions,company,null); systemLoginLogService.create(loginLog); return userInfo; } @Override public LoginUserInfo driverLogin(LoginH5DTO dto, ServerHttpRequest request) { SystemLoginLog loginLog =getInitLoginlog(dto.getUsername(),request); LoginUserInfo userInfo = dealLoginDriverBiz(dto.getUsername(),dto.getPassword(),null,dto.getOpenid()); systemLoginLogService.create(loginLog); return userInfo; } @Override public LoginUserInfo loginDriverByPhone(LoginPhoneDTO dto, ServerHttpRequest request){ isCaptcheValide(dto.getPhone(),dto.getCode());//验证码校验 SystemLoginLog loginLog =getInitLoginlog(dto.getPhone(),request); LoginUserInfo userInfo = dealLoginDriverBiz(null,null,dto.getPhone(),dto.getOpenid()); systemLoginLogService.create(loginLog); return userInfo; } private LoginUserInfo dealLoginDriverBiz(String username,String password, String phone, String openid) { // 根据用户名查询用户对象 SystemUser queryDto = new SystemUser(); queryDto.setUsername(username); queryDto.setMobile(phone); queryDto.setDeleted(Boolean.FALSE); SystemUser user = systemUserService.findOne(queryDto); if (user == null) { throw new BusinessException(ResponseStatus.ACCOUNT_INCORRECT); } //注册司机 if((Constants.equalsInteger(user.getType(),Constants.ZERO) ||Constants.equalsInteger(user.getType(),Constants.TWO)) && Objects.nonNull(user.getMemberId())){ if(Constants.equalsInteger(user.getType(),Constants.TWO)){ if(Objects.isNull(user.getCompanyId())){ throw new BusinessException(ResponseStatus.NO_ALLOW_LOGIN); } Company company = companyMapper.selectById(user.getCompanyId()); if(Objects.isNull(company) || Constants.equalsInteger(company.getType(),Constants.ONE)){ throw new BusinessException(ResponseStatus.NO_ALLOW_LOGIN); } } }else{ throw new BusinessException(ResponseStatus.NO_ALLOW_LOGIN); } if(StringUtils.isNotBlank(password)){ String pwd = Utils.Secure.encryptPassword(new String(password), user.getSalt()); // 比较密码 if( !StringUtils.equals(pwd, user.getPassword())){ throw new BusinessException(ResponseStatus.ACCOUNT_INCORRECT); } } dealOpenIdBiz(user,openid); Company company = new Company(); if(Objects.nonNull(user.getCompanyId())){ company = companyMapper.selectById(user.getCompanyId()); } LoginUserInfo userInfo = LoginUserInfo.from(user, null, null,company,null); return userInfo; } public void isCaptcheValide( String phone, String captche) { SmsEmail model = smsEmailMapper.selectOne(new QueryWrapper().lambda() .eq(SmsEmail::getType, Constants.ZERO) .eq(SmsEmail::getPhone, phone) .eq(SmsEmail::getRemark, captche) .eq(SmsEmail::getIsdeleted, Constants.ZERO) ); if(model == null){ throw new BusinessException(ResponseStatus.BAD_REQUEST.getCode(),"对不起,验证码不正确,请重新发送再试!"); } if(!Constants.equalsInteger(model.getStatus(),Constants.ZERO)){ throw new BusinessException(ResponseStatus.BAD_REQUEST.getCode(),"对不起,验证码已失效,请重新发送再试!"); } if(model.getCreateDate() !=null && System.currentTimeMillis() - model.getCreateDate().getTime() > 3*60*1000){ model.setStatus(Constants.ONE); model.setEditDate(new Date()); smsEmailMapper.updateById(model); throw new BusinessException(ResponseStatus.BAD_REQUEST.getCode(),"对不起,验证码已失效,请重新发送再试~"); } model.setStatus(Constants.ONE); model.setEditDate(new Date()); smsEmailMapper.updateById(model); } @Override @Transactional public LoginUserInfo loginDriverWithCode(LoginPhoneDTO param, ServerHttpRequest request) { isCaptcheValide(param.getPhone(),param.getCode());//检查验证码 SystemLoginLog loginLog =getInitLoginlog(param.getPhone(),request); loginLog.setServerIp(Utils.Server.getIP()); // 根据用户名查询用户对象 SystemUser queryDto = new SystemUser(); queryDto.setUsername(param.getPhone()); queryDto.setDeleted(Boolean.FALSE); SystemUser systemUser = systemUserService.findOne(queryDto); if (systemUser == null) { systemUser = autoRegisterUser(Constants.memberType.driver,param.getPhone(),param.getOpenid(),true); }else{ if(!Constants.equalsInteger(systemUser.getType(),Constants.memberType.driver)){ throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起,请使用正确的司机账号登陆!"); } } dealOpenIdBiz(systemUser,param.getOpenid()); Company company = new Company(); if(Objects.nonNull(systemUser.getCompanyId())){ company = companyMapper.selectById(systemUser.getCompanyId()); } LoginUserInfo userInfo = LoginUserInfo.from(systemUser, null, null,company,null); systemLoginLogService.create(loginLog); return userInfo; } private SystemUser autoRegisterUser(int type, String phone,String openid,boolean needMember) { String salt = RandomStringUtils.randomAlphabetic(6); String pwd =Utils.Secure.encryptPassword(systemDictDataBiz.queryByCode(Constants.SYSTEM,Constants.INITIAL_PASSWORD).getCode(), salt); Integer memberId = null; if(needMember){ Member member = new Member(); member.setCreateDate(new Date()); member.setIsdeleted(Constants.ZERO); member.setType(Constants.memberType.driver); member.setPhone(phone); member.setStatus(Constants.ZERO); member.setOpenid(openid); member.setPassward(pwd); memberMapper.insert(member); memberId = member.getId(); } SystemUser systemUser = new SystemUser(); systemUser.setCreateTime(new Date()); systemUser.setCreateUser(1); systemUser.setDeleted(Boolean.FALSE); systemUser.setUsername(phone); systemUser.setRealname(null); systemUser.setMemberId(memberId); systemUser.setMobile(phone); systemUser.setSalt(salt); systemUser.setPassword(pwd); systemUser.setStatus(Constants.ZERO); systemUser.setType(type); systemUser.setSource(Constants.TWO); systemUser.setOpenid(openid); systemUserMapper.insert(systemUser); return systemUser; } @Override @Transactional public LoginUserInfo loginGkUserWithCode(LoginPhoneDTO param, ServerHttpRequest request) { isCaptcheValide(param.getPhone(),param.getCode());//检查验证码 TmsEmployeeListRequest tp = new TmsEmployeeListRequest(); tp.setTel(param.getPhone()); TmsEmployeeListResponse response = tmsService.getEmployeeList(tp); if(response == null || response.getTel()==null){ throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起,您输入的手机号不正确!"); } SystemLoginLog loginLog = getInitLoginlog(param.getPhone(),request); // 根据用户名查询用户对象 SystemUser queryDto = new SystemUser(); queryDto.setUsername(param.getPhone()); queryDto.setType(Constants.memberType.gkuser); queryDto.setDeleted(Boolean.FALSE); SystemUser systemUser = systemUserService.findOne(queryDto); if (systemUser == null) { //新增管控人员数据 systemUser = systemUser = autoRegisterUser(Constants.memberType.gkuser,param.getPhone(),param.getOpenid(),false); } dealOpenIdBizForGk(systemUser,param.getOpenid()); LoginUserInfo userInfo = LoginUserInfo.from(systemUser, null, null,null,null); systemLoginLogService.create(loginLog); return userInfo; } /** * 内部人员 与 司机 根据code查询openId后进行登录接口 * @return */ @Override public String loginByUserId(Integer userId) { SystemLoginLog loginLog = new SystemLoginLog(); loginLog.setLoginTime(new Date()); loginLog.setSystemVersion(systemVersion); // loginLog.setLocation(Utils.Location.getLocationString(loginLog.getIp())); loginLog.setServerIp(Utils.Server.getIP()); // 根据用户名查询用户对象 SystemUser user = systemUserService.findById(userId); if (user == null) { throw new BusinessException(ResponseStatus.ACCOUNT_INCORRECT); } Company company = new Company(); if(Objects.nonNull(user.getCompanyId())){ company = companyMapper.selectById(user.getCompanyId()); } // 获取登录用户信息 List roles = systemRoleService.findByUserId(user.getId()); List permissions = systemPermissionService.findByUserId(user.getId()); SystemRole rt = new SystemRole(); rt.setDeleted(Boolean.FALSE); //数据部门权限集合 user.setCompanyIdList(systemDataPermissionService.selectHighRole(new SystemDataPermission(),rt,user)); LoginUserInfo userInfo = LoginUserInfo.from(user, roles, permissions,company,null); String token = jwtTokenUtil.generateToken(userInfo); return token; } }