潘志宝
2024-08-15 81c220fd9e0ea6c8ee84c9b766885b0322b4038c
提交 | 用户 | 时间
e7c126 1 package com.iailab.module.system.controller.admin.auth;
H 2
3 import cn.hutool.core.collection.CollUtil;
4 import cn.hutool.core.util.StrUtil;
5 import com.iailab.framework.common.enums.CommonStatusEnum;
6 import com.iailab.framework.common.enums.UserTypeEnum;
7 import com.iailab.framework.common.pojo.CommonResult;
8 import com.iailab.framework.security.config.SecurityProperties;
9 import com.iailab.framework.security.core.util.SecurityFrameworkUtils;
10 import com.iailab.module.system.controller.admin.auth.vo.*;
11 import com.iailab.module.system.convert.auth.AuthConvert;
12 import com.iailab.module.system.dal.dataobject.permission.MenuDO;
13 import com.iailab.module.system.dal.dataobject.permission.RoleDO;
14 import com.iailab.module.system.dal.dataobject.user.AdminUserDO;
15 import com.iailab.module.system.enums.logger.LoginLogTypeEnum;
16 import com.iailab.module.system.service.auth.AdminAuthService;
17 import com.iailab.module.system.service.permission.MenuService;
18 import com.iailab.module.system.service.permission.PermissionService;
19 import com.iailab.module.system.service.permission.RoleService;
20 import com.iailab.module.system.service.social.SocialClientService;
21 import com.iailab.module.system.service.user.AdminUserService;
22 import io.swagger.v3.oas.annotations.Operation;
23 import io.swagger.v3.oas.annotations.Parameter;
24 import io.swagger.v3.oas.annotations.Parameters;
25 import io.swagger.v3.oas.annotations.tags.Tag;
26 import lombok.extern.slf4j.Slf4j;
27 import org.springframework.validation.annotation.Validated;
28 import org.springframework.web.bind.annotation.*;
29
30 import javax.annotation.Resource;
31 import javax.annotation.security.PermitAll;
32 import javax.servlet.http.HttpServletRequest;
33 import javax.validation.Valid;
34 import java.util.Collections;
35 import java.util.List;
36 import java.util.Set;
37
38 import static com.iailab.framework.common.pojo.CommonResult.success;
39 import static com.iailab.framework.common.util.collection.CollectionUtils.convertSet;
40 import static com.iailab.framework.security.core.util.SecurityFrameworkUtils.getLoginUserId;
41
d9f9ba 42
e7c126 43 @Tag(name = "管理后台 - 认证")
H 44 @RestController
45 @RequestMapping("/system/auth")
46 @Validated
47 @Slf4j
48 public class AuthController {
49
50     @Resource
51     private AdminAuthService authService;
52     @Resource
53     private AdminUserService userService;
54     @Resource
55     private RoleService roleService;
56     @Resource
57     private MenuService menuService;
58     @Resource
59     private PermissionService permissionService;
60     @Resource
61     private SocialClientService socialClientService;
62
63     @Resource
64     private SecurityProperties securityProperties;
65
66     @PostMapping("/login")
67     @PermitAll
68     @Operation(summary = "使用账号密码登录")
69     public CommonResult<AuthLoginRespVO> login(@RequestBody @Valid AuthLoginReqVO reqVO) {
70         return success(authService.login(reqVO));
71     }
72
73     @PostMapping("/logout")
74     @PermitAll
75     @Operation(summary = "登出系统")
76     public CommonResult<Boolean> logout(HttpServletRequest request) {
77         String token = SecurityFrameworkUtils.obtainAuthorization(request,
78                 securityProperties.getTokenHeader(), securityProperties.getTokenParameter());
79         if (StrUtil.isNotBlank(token)) {
80             authService.logout(token, LoginLogTypeEnum.LOGOUT_SELF.getType());
81         }
82         return success(true);
83     }
84
85     @PostMapping("/refresh-token")
86     @PermitAll
87     @Operation(summary = "刷新令牌")
88     @Parameter(name = "refreshToken", description = "刷新令牌", required = true)
89     public CommonResult<AuthLoginRespVO> refreshToken(@RequestParam("refreshToken") String refreshToken) {
90         return success(authService.refreshToken(refreshToken));
91     }
92
93     @GetMapping("/get-permission-info")
94     @Operation(summary = "获取登录用户的权限信息")
95     public CommonResult<AuthPermissionInfoRespVO> getPermissionInfo() {
96         // 1.1 获得用户信息
97         AdminUserDO user = userService.getUser(getLoginUserId());
98         if (user == null) {
99             return success(null);
100         }
101
102         // 1.2 获得角色列表
103         Set<Long> roleIds = permissionService.getUserRoleIdListByUserId(getLoginUserId());
104         if (CollUtil.isEmpty(roleIds)) {
105             return success(AuthConvert.INSTANCE.convert(user, Collections.emptyList(), Collections.emptyList()));
106         }
107         List<RoleDO> roles = roleService.getRoleList(roleIds);
108         roles.removeIf(role -> !CommonStatusEnum.ENABLE.getStatus().equals(role.getStatus())); // 移除禁用的角色
109
110         // 1.3 获得菜单列表
111         Set<Long> menuIds = permissionService.getRoleMenuListByRoleId(convertSet(roles, RoleDO::getId));
112         List<MenuDO> menuList = menuService.getMenuList(menuIds);
d9f9ba 113         menuList = menuService.filterDisableMenus(menuList);
e7c126 114
H 115         // 2. 拼接结果返回
116         return success(AuthConvert.INSTANCE.convert(user, roles, menuList));
117     }
118
119     // ========== 短信登录相关 ==========
120
121     @PostMapping("/sms-login")
122     @PermitAll
123     @Operation(summary = "使用短信验证码登录")
124     public CommonResult<AuthLoginRespVO> smsLogin(@RequestBody @Valid AuthSmsLoginReqVO reqVO) {
125         return success(authService.smsLogin(reqVO));
126     }
127
128     @PostMapping("/send-sms-code")
129     @PermitAll
130     @Operation(summary = "发送手机验证码")
131     public CommonResult<Boolean> sendLoginSmsCode(@RequestBody @Valid AuthSmsSendReqVO reqVO) {
132         authService.sendSmsCode(reqVO);
133         return success(true);
134     }
135
136     // ========== 社交登录相关 ==========
137
138     @GetMapping("/social-auth-redirect")
139     @PermitAll
140     @Operation(summary = "社交授权的跳转")
141     @Parameters({
142             @Parameter(name = "type", description = "社交类型", required = true),
143             @Parameter(name = "redirectUri", description = "回调路径")
144     })
145     public CommonResult<String> socialLogin(@RequestParam("type") Integer type,
146                                             @RequestParam("redirectUri") String redirectUri) {
147         return success(socialClientService.getAuthorizeUrl(
148                 type, UserTypeEnum.ADMIN.getValue(), redirectUri));
149     }
150
151     @PostMapping("/social-login")
152     @PermitAll
153     @Operation(summary = "社交快捷登录,使用 code 授权码", description = "适合未登录的用户,但是社交账号已绑定用户")
154     public CommonResult<AuthLoginRespVO> socialQuickLogin(@RequestBody @Valid AuthSocialLoginReqVO reqVO) {
155         return success(authService.socialLogin(reqVO));
156     }
157
158 }