| 提交 | 用户 | 时间 | ||
| e7c126 | 1 | package com.iailab.module.system.controller.admin.auth; |
| H | 2 | |
| 3 | import cn.hutool.core.collection.CollUtil; | |
| 4 | import cn.hutool.core.util.StrUtil; | |
| 5 | import com.iailab.framework.common.enums.CommonStatusEnum; | |
| 6 | import com.iailab.framework.common.enums.UserTypeEnum; | |
| 7 | import com.iailab.framework.common.pojo.CommonResult; | |
| 8 | import com.iailab.framework.security.config.SecurityProperties; | |
| 9 | import com.iailab.framework.security.core.util.SecurityFrameworkUtils; | |
| 10 | import com.iailab.module.system.controller.admin.auth.vo.*; | |
| 818a01 | 11 | import com.iailab.module.system.controller.admin.permission.vo.menu.MenuListReqVO; |
| e7c126 | 12 | import com.iailab.module.system.convert.auth.AuthConvert; |
| 818a01 | 13 | import com.iailab.module.system.dal.dataobject.app.AppDO; |
| e7c126 | 14 | import com.iailab.module.system.dal.dataobject.permission.MenuDO; |
| H | 15 | import com.iailab.module.system.dal.dataobject.permission.RoleDO; |
| 16 | import com.iailab.module.system.dal.dataobject.user.AdminUserDO; | |
| 17 | import com.iailab.module.system.enums.logger.LoginLogTypeEnum; | |
| 818a01 | 18 | import com.iailab.module.system.service.app.AppService; |
| e7c126 | 19 | import com.iailab.module.system.service.auth.AdminAuthService; |
| H | 20 | import com.iailab.module.system.service.permission.MenuService; |
| 21 | import com.iailab.module.system.service.permission.PermissionService; | |
| 22 | import com.iailab.module.system.service.permission.RoleService; | |
| 23 | import com.iailab.module.system.service.social.SocialClientService; | |
| 24 | import com.iailab.module.system.service.user.AdminUserService; | |
| 25 | import io.swagger.v3.oas.annotations.Operation; | |
| 26 | import io.swagger.v3.oas.annotations.Parameter; | |
| 27 | import io.swagger.v3.oas.annotations.Parameters; | |
| 28 | import io.swagger.v3.oas.annotations.tags.Tag; | |
| 29 | import lombok.extern.slf4j.Slf4j; | |
| 30 | import org.springframework.validation.annotation.Validated; | |
| 31 | import org.springframework.web.bind.annotation.*; | |
| 32 | ||
| 33 | import javax.annotation.Resource; | |
| 34 | import javax.annotation.security.PermitAll; | |
| 35 | import javax.servlet.http.HttpServletRequest; | |
| 36 | import javax.validation.Valid; | |
| 37 | import java.util.Collections; | |
| 38 | import java.util.List; | |
| 39 | import java.util.Set; | |
| 40 | ||
| 41 | import static com.iailab.framework.common.pojo.CommonResult.success; | |
| 42 | import static com.iailab.framework.common.util.collection.CollectionUtils.convertSet; | |
| 43 | import static com.iailab.framework.security.core.util.SecurityFrameworkUtils.getLoginUserId; | |
| 818a01 | 44 | import static com.iailab.framework.tenant.core.context.TenantContextHolder.getTenantId; |
| e7c126 | 45 | |
| d9f9ba | 46 | |
| e7c126 | 47 | @Tag(name = "管理后台 - 认证") |
| H | 48 | @RestController |
| 49 | @RequestMapping("/system/auth") | |
| 50 | @Validated | |
| 51 | @Slf4j | |
| 52 | public class AuthController { | |
| 53 | ||
| 54 | @Resource | |
| 55 | private AdminAuthService authService; | |
| 56 | @Resource | |
| 57 | private AdminUserService userService; | |
| 58 | @Resource | |
| 59 | private RoleService roleService; | |
| 60 | @Resource | |
| 61 | private MenuService menuService; | |
| 62 | @Resource | |
| 63 | private PermissionService permissionService; | |
| 64 | @Resource | |
| 65 | private SocialClientService socialClientService; | |
| 66 | @Resource | |
| 67 | private SecurityProperties securityProperties; | |
| 818a01 | 68 | @Resource |
| H | 69 | private AppService appService; |
| e7c126 | 70 | |
| H | 71 | @PostMapping("/login") |
| 72 | @PermitAll | |
| 73 | @Operation(summary = "使用账号密码登录") | |
| 74 | public CommonResult<AuthLoginRespVO> login(@RequestBody @Valid AuthLoginReqVO reqVO) { | |
| 75 | return success(authService.login(reqVO)); | |
| 76 | } | |
| 77 | ||
| 78 | @PostMapping("/logout") | |
| 79 | @PermitAll | |
| 80 | @Operation(summary = "登出系统") | |
| 81 | public CommonResult<Boolean> logout(HttpServletRequest request) { | |
| 82 | String token = SecurityFrameworkUtils.obtainAuthorization(request, | |
| 83 | securityProperties.getTokenHeader(), securityProperties.getTokenParameter()); | |
| 84 | if (StrUtil.isNotBlank(token)) { | |
| 85 | authService.logout(token, LoginLogTypeEnum.LOGOUT_SELF.getType()); | |
| 86 | } | |
| 87 | return success(true); | |
| 88 | } | |
| 89 | ||
| 90 | @PostMapping("/refresh-token") | |
| 91 | @PermitAll | |
| 92 | @Operation(summary = "刷新令牌") | |
| 93 | @Parameter(name = "refreshToken", description = "刷新令牌", required = true) | |
| 94 | public CommonResult<AuthLoginRespVO> refreshToken(@RequestParam("refreshToken") String refreshToken) { | |
| 95 | return success(authService.refreshToken(refreshToken)); | |
| 96 | } | |
| 97 | ||
| 98 | @GetMapping("/get-permission-info") | |
| 99 | @Operation(summary = "获取登录用户的权限信息") | |
| 100 | public CommonResult<AuthPermissionInfoRespVO> getPermissionInfo() { | |
| 101 | // 1.1 获得用户信息 | |
| 102 | AdminUserDO user = userService.getUser(getLoginUserId()); | |
| 103 | if (user == null) { | |
| 104 | return success(null); | |
| 105 | } | |
| 106 | ||
| 107 | // 1.2 获得角色列表 | |
| 108 | Set<Long> roleIds = permissionService.getUserRoleIdListByUserId(getLoginUserId()); | |
| 109 | if (CollUtil.isEmpty(roleIds)) { | |
| 110 | return success(AuthConvert.INSTANCE.convert(user, Collections.emptyList(), Collections.emptyList())); | |
| 111 | } | |
| 112 | List<RoleDO> roles = roleService.getRoleList(roleIds); | |
| 113 | roles.removeIf(role -> !CommonStatusEnum.ENABLE.getStatus().equals(role.getStatus())); // 移除禁用的角色 | |
| 114 | ||
| 115 | // 1.3 获得菜单列表 | |
| 116 | Set<Long> menuIds = permissionService.getRoleMenuListByRoleId(convertSet(roles, RoleDO::getId)); | |
| 117 | List<MenuDO> menuList = menuService.getMenuList(menuIds); | |
| d9f9ba | 118 | menuList = menuService.filterDisableMenus(menuList); |
| e7c126 | 119 | |
| H | 120 | // 2. 拼接结果返回 |
| 121 | return success(AuthConvert.INSTANCE.convert(user, roles, menuList)); | |
| 122 | } | |
| 123 | ||
| 818a01 | 124 | @GetMapping("/get-app-permission-info") |
| H | 125 | @Operation(summary = "获取登录用户的app权限信息") |
| 126 | public CommonResult<AuthPermissionInfoRespVO> getAppPermissionInfo() { | |
| 127 | // 1.1 获得用户信息 | |
| 128 | AdminUserDO user = userService.getUser(getLoginUserId()); | |
| 129 | if (user == null) { | |
| 130 | return success(null); | |
| 131 | } | |
| 132 | ||
| 133 | // 1.2 获得角色列表 | |
| 134 | Set<Long> roleIds = permissionService.getUserRoleIdListByUserId(getLoginUserId()); | |
| 135 | if (CollUtil.isEmpty(roleIds)) { | |
| 136 | return success(AuthConvert.INSTANCE.convert(user, Collections.emptyList(), Collections.emptyList())); | |
| 137 | } | |
| 138 | List<RoleDO> roles = roleService.getRoleList(roleIds); | |
| 139 | roles.removeIf(role -> !CommonStatusEnum.ENABLE.getStatus().equals(role.getStatus())); // 移除禁用的角色 | |
| 140 | ||
| 141 | // 1.3 获得应用菜单列表 | |
| 142 | MenuListReqVO reqVO = new MenuListReqVO(); | |
| 143 | List<MenuDO> appMenuList = menuService.getAppMenuList(reqVO); | |
| 144 | Set<Long> menuIds = permissionService.getRoleMenuListByRoleId(convertSet(roles, RoleDO::getId)); | |
| 145 | List<MenuDO> menuList = menuService.getMenuList(menuIds); | |
| 146 | menuList.retainAll(appMenuList); | |
| 147 | menuList = menuService.filterDisableMenus(menuList); | |
| 148 | // 2. 拼接结果返回 | |
| 149 | return success(AuthConvert.INSTANCE.convertAppMenu(user, roles, menuList)); | |
| 150 | } | |
| 151 | ||
| e7c126 | 152 | // ========== 短信登录相关 ========== |
| H | 153 | |
| 154 | @PostMapping("/sms-login") | |
| 155 | @PermitAll | |
| 156 | @Operation(summary = "使用短信验证码登录") | |
| 157 | public CommonResult<AuthLoginRespVO> smsLogin(@RequestBody @Valid AuthSmsLoginReqVO reqVO) { | |
| 158 | return success(authService.smsLogin(reqVO)); | |
| 159 | } | |
| 160 | ||
| 161 | @PostMapping("/send-sms-code") | |
| 162 | @PermitAll | |
| 163 | @Operation(summary = "发送手机验证码") | |
| 164 | public CommonResult<Boolean> sendLoginSmsCode(@RequestBody @Valid AuthSmsSendReqVO reqVO) { | |
| 165 | authService.sendSmsCode(reqVO); | |
| 166 | return success(true); | |
| 167 | } | |
| 168 | ||
| 169 | // ========== 社交登录相关 ========== | |
| 170 | ||
| 171 | @GetMapping("/social-auth-redirect") | |
| 172 | @PermitAll | |
| 173 | @Operation(summary = "社交授权的跳转") | |
| 174 | @Parameters({ | |
| 175 | @Parameter(name = "type", description = "社交类型", required = true), | |
| 176 | @Parameter(name = "redirectUri", description = "回调路径") | |
| 177 | }) | |
| 178 | public CommonResult<String> socialLogin(@RequestParam("type") Integer type, | |
| 179 | @RequestParam("redirectUri") String redirectUri) { | |
| 180 | return success(socialClientService.getAuthorizeUrl( | |
| 181 | type, UserTypeEnum.ADMIN.getValue(), redirectUri)); | |
| 182 | } | |
| 183 | ||
| 184 | @PostMapping("/social-login") | |
| 185 | @PermitAll | |
| 186 | @Operation(summary = "社交快捷登录,使用 code 授权码", description = "适合未登录的用户,但是社交账号已绑定用户") | |
| 187 | public CommonResult<AuthLoginRespVO> socialQuickLogin(@RequestBody @Valid AuthSocialLoginReqVO reqVO) { | |
| 188 | return success(authService.socialLogin(reqVO)); | |
| 189 | } | |
| 190 | ||
| 191 | } | |
