qdintc/fishery-back
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a2e6579a3afc9abfbe4296b5c9364ffe5560aa6c
fishery-back/intc-admin/src/main/java/com/intc/web/controller/AuthController.java
tianyongbao a2e6579a3a fix: 微信登录,接口修改。
2026-01-18 20:23:34 +08:00

324 lines
12 KiB
Java
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
package com.intc.web.controller;
import cn.dev33.satoken.annotation.SaIgnore;
import cn.dev33.satoken.exception.NotLoginException;
import cn.dev33.satoken.stp.StpUtil;
import cn.hutool.core.codec.Base64;
import cn.hutool.core.collection.CollUtil;
import cn.hutool.core.util.ObjectUtil;
import com.intc.common.core.constant.SystemConstants;
import com.intc.common.core.domain.R;
import com.intc.common.core.domain.model.LoginBody;
import com.intc.common.core.domain.model.RegisterBody;
import com.intc.common.core.domain.model.SocialLoginBody;
import com.intc.common.core.exception.ServiceException;
import com.intc.common.core.utils.*;
import com.intc.common.encrypt.annotation.ApiEncrypt;
import com.intc.common.json.utils.JsonUtils;
import com.intc.common.ratelimiter.annotation.RateLimiter;
import com.intc.common.ratelimiter.enums.LimitType;
import com.intc.common.satoken.utils.LoginHelper;
import com.intc.common.social.config.properties.SocialLoginConfigProperties;
import com.intc.common.social.config.properties.SocialProperties;
import com.intc.common.social.utils.SocialUtils;
import com.intc.common.sse.dto.SseMessageDto;
import com.intc.common.sse.utils.SseMessageUtils;
import com.intc.common.tenant.helper.TenantHelper;
import com.intc.fishery.domain.AquUser;
import com.intc.system.domain.bo.SysTenantBo;
import com.intc.system.domain.vo.SysClientVo;
import com.intc.system.domain.vo.SysTenantVo;
import com.intc.system.service.ISysClientService;
import com.intc.system.service.ISysConfigService;
import com.intc.system.service.ISysSocialService;
import com.intc.system.service.ISysTenantService;
import com.intc.web.domain.vo.LoginTenantVo;
import com.intc.web.domain.vo.LoginVo;
import com.intc.web.domain.vo.TenantListVo;
import com.intc.web.service.IAuthStrategy;
import com.intc.web.service.SysLoginService;
import com.intc.web.service.SysRegisterService;
import com.intc.weixin.domain.bo.ReqWxLogin;
import com.intc.weixin.service.WxLoginService;
import com.intc.weixin.config.WxMaProperties;
import jakarta.servlet.http.HttpServletRequest;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import me.zhyd.oauth.model.AuthResponse;
import me.zhyd.oauth.model.AuthUser;
import me.zhyd.oauth.request.AuthRequest;
import me.zhyd.oauth.utils.AuthStateUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.TimeUnit;
/**
* 认证
*
* @author Lion Li
*/
@Slf4j
@SaIgnore
@RequiredArgsConstructor
@RestController
@RequestMapping("/auth")
public class AuthController {
private final SocialProperties socialProperties;
private final SysLoginService loginService;
private final SysRegisterService registerService;
private final ISysConfigService configService;
private final ISysTenantService tenantService;
private final ISysSocialService socialUserService;
private final ISysClientService clientService;
private final ScheduledExecutorService scheduledExecutorService;
@Autowired(required = false)
private WxLoginService wxLoginService;
@Autowired(required = false)
private WxMaProperties wxMaProperties;
/**
* 登录方法
*
* @param body 登录信息
* @return 结果
*/
@ApiEncrypt
@PostMapping("/login")
public R<LoginVo> login(@RequestBody String body) {
LoginBody loginBody = JsonUtils.parseObject(body, LoginBody.class);
ValidatorUtils.validate(loginBody);
// 授权类型和客户端id
String clientId = loginBody.getClientId();
String grantType = loginBody.getGrantType();
SysClientVo client = clientService.queryByClientId(clientId);
// 查询不到 client 或 client 内不包含 grantType
if (ObjectUtil.isNull(client) || !StringUtils.contains(client.getGrantType(), grantType)) {
log.info("客户端id: {} 认证类型:{} 异常!.", clientId, grantType);
return R.fail(MessageUtils.message("auth.grant.type.error"));
} else if (!SystemConstants.NORMAL.equals(client.getStatus())) {
return R.fail(MessageUtils.message("auth.grant.type.blocked"));
}
// 校验租户
loginService.checkTenant(loginBody.getTenantId());
// 登录
LoginVo loginVo = IAuthStrategy.login(body, client, grantType);
Long userId = LoginHelper.getUserId();
scheduledExecutorService.schedule(() -> {
SseMessageDto dto = new SseMessageDto();
dto.setMessage("欢迎登录水产养殖监测平台");
dto.setUserIds(List.of(userId));
SseMessageUtils.publishMessage(dto);
}, 5, TimeUnit.SECONDS);
return R.ok(loginVo);
}
/**
* 获取跳转URL
*
* @param source 登录来源
* @return 结果
*/
@GetMapping("/binding/{source}")
public R<String> authBinding(@PathVariable("source") String source,
@RequestParam String tenantId, @RequestParam String domain) {
SocialLoginConfigProperties obj = socialProperties.getType().get(source);
if (ObjectUtil.isNull(obj)) {
return R.fail(source + "平台账号暂不支持");
}
AuthRequest authRequest = SocialUtils.getAuthRequest(source, socialProperties);
Map<String, String> map = new HashMap<>();
map.put("tenantId", tenantId);
map.put("domain", domain);
map.put("state", AuthStateUtils.createState());
String authorizeUrl = authRequest.authorize(Base64.encode(JsonUtils.toJsonString(map), StandardCharsets.UTF_8));
return R.ok("操作成功", authorizeUrl);
}
/**
* 前端回调绑定授权(需要token)
*
* @param loginBody 请求体
* @return 结果
*/
@PostMapping("/social/callback")
public R<Void> socialCallback(@RequestBody SocialLoginBody loginBody) {
// 校验token
StpUtil.checkLogin();
// 获取第三方登录信息
AuthResponse<AuthUser> response = SocialUtils.loginAuth(
loginBody.getSource(), loginBody.getSocialCode(),
loginBody.getSocialState(), socialProperties);
AuthUser authUserData = response.getData();
// 判断授权响应是否成功
if (!response.ok()) {
return R.fail(response.getMsg());
}
loginService.socialRegister(authUserData);
return R.ok();
}
/**
* 取消授权(需要token)
*
* @param socialId socialId
*/
@DeleteMapping(value = "/unlock/{socialId}")
public R<Void> unlockSocial(@PathVariable Long socialId) {
// 校验token
StpUtil.checkLogin();
Boolean rows = socialUserService.deleteWithValidById(socialId);
return rows ? R.ok() : R.fail("取消授权失败");
}
/**
* 退出登录
*/
@PostMapping("/logout")
public R<Void> logout() {
loginService.logout();
return R.ok("退出成功");
}
/**
* 用户注册
*/
@ApiEncrypt
@PostMapping("/register")
public R<Void> register(@Validated @RequestBody RegisterBody user) {
if (!configService.selectRegisterEnabled(user.getTenantId())) {
return R.fail("当前系统没有开启注册功能!");
}
registerService.register(user);
return R.ok();
}
/**
* 登录页面租户下拉框
*
* @return 租户列表
*/
@RateLimiter(time = 60, count = 20, limitType = LimitType.IP)
@GetMapping("/tenant/list")
public R<LoginTenantVo> tenantList(HttpServletRequest request) throws Exception {
// 返回对象
LoginTenantVo result = new LoginTenantVo();
boolean enable = TenantHelper.isEnable();
result.setTenantEnabled(enable);
// 如果未开启租户这直接返回
if (!enable) {
return R.ok(result);
}
List<SysTenantVo> tenantList = tenantService.queryList(new SysTenantBo());
List<TenantListVo> voList = MapstructUtils.convert(tenantList, TenantListVo.class);
try {
// 如果只超管返回所有租户
if (LoginHelper.isSuperAdmin()) {
result.setVoList(voList);
return R.ok(result);
}
} catch (NotLoginException ignored) {
}
// 获取域名
String host;
String referer = request.getHeader("referer");
if (StringUtils.isNotBlank(referer)) {
// 这里从referer中取值是为了本地使用hosts添加虚拟域名方便本地环境调试
host = referer.split("//")[1].split("/")[0];
} else {
host = new URL(request.getRequestURL().toString()).getHost();
}
// 根据域名进行筛选
List<TenantListVo> list = StreamUtils.filter(voList, vo ->
StringUtils.equalsIgnoreCase(vo.getDomain(), host));
result.setVoList(CollUtil.isNotEmpty(list) ? list : voList);
return R.ok(result);
}
/**
* 微信小程序登录
*
* @param body 微信登录请求JSON字符串
* @return 结果
*/
@ApiEncrypt
@PostMapping("/wechat_login")
public R<LoginVo> wechatLogin(@RequestBody String body) {
try {
ReqWxLogin request = JsonUtils.parseObject(body, ReqWxLogin.class);
ValidatorUtils.validate(request);
// 如果未传递 clientId使用默认配置的 clientId
if (StringUtils.isBlank(request.getClientId()) && wxMaProperties != null) {
request.setClientId(wxMaProperties.getDefaultClientId());
// 更新 body 中的 clientId
body = JsonUtils.toJsonString(request);
}
String clientId = request.getClientId();
String grantType = "wechat"; // 微信登录的授权类型
log.info("收到微信登录请求: clientId={}, tenantId={}", clientId, request.getTenantId());
// 1. 检查服务是否可用
if (wxLoginService == null) {
log.error("微信登录服务未启用,请检查配置: wx.miniapp.app-id");
return R.fail("微信登录服务未启用,请联系管理员");
}
// 2. 校验客户端
SysClientVo client = clientService.queryByClientId(clientId);
if (ObjectUtil.isNull(client)) {
log.error("客户端不存在: clientId={}", clientId);
return R.fail(MessageUtils.message("auth.grant.type.error"));
}
// 校验 client 内是否包含 grantType
if (!StringUtils.contains(client.getGrantType(), grantType)) {
log.error("客户端不支持该授权类型: clientId={}, grantType={}", clientId, grantType);
return R.fail(MessageUtils.message("auth.grant.type.error"));
}
if (!SystemConstants.NORMAL.equals(client.getStatus())) {
log.error("客户端已被禁用: clientId={}, status={}", clientId, client.getStatus());
return R.fail(MessageUtils.message("auth.grant.type.blocked"));
}
// 3. 校验租户
if (StringUtils.isNotBlank(request.getTenantId())) {
loginService.checkTenant(request.getTenantId());
}
// 4. 使用标准的 IAuthStrategy 登录方法
LoginVo loginVo = IAuthStrategy.login(body, client, grantType);
log.info("微信登录成功: userId={}, accessToken={}",
loginVo.getUserId(), loginVo.getAccessToken() != null ? "***" : "null");
return R.ok(loginVo);
} catch (ServiceException e) {
log.error("微信登录业务异常: {}", e.getMessage(), e);
return R.fail(e.getMessage());
} catch (Exception e) {
log.error("微信登录系统异常", e);
return R.fail("登录失败: " + e.getMessage());
}
}
}
Reference in New Issue View Git Blame Copy Permalink