package com.iailab.module.system.controller.admin.auth; import cn.hutool.core.collection.CollUtil; import cn.hutool.core.util.StrUtil; import com.iailab.framework.common.enums.CommonStatusEnum; import com.iailab.framework.common.enums.UserTypeEnum; import com.iailab.framework.common.pojo.CommonResult; import com.iailab.framework.security.config.SecurityProperties; import com.iailab.framework.security.core.util.SecurityFrameworkUtils; import com.iailab.module.system.controller.admin.auth.vo.*; import com.iailab.module.system.controller.admin.permission.vo.menu.MenuListReqVO; import com.iailab.module.system.convert.auth.AuthConvert; import com.iailab.module.system.dal.dataobject.app.AppDO; import com.iailab.module.system.dal.dataobject.permission.MenuDO; import com.iailab.module.system.dal.dataobject.permission.RoleDO; import com.iailab.module.system.dal.dataobject.user.AdminUserDO; import com.iailab.module.system.enums.logger.LoginLogTypeEnum; import com.iailab.module.system.service.app.AppService; import com.iailab.module.system.service.auth.AdminAuthService; import com.iailab.module.system.service.permission.MenuService; import com.iailab.module.system.service.permission.PermissionService; import com.iailab.module.system.service.permission.RoleService; import com.iailab.module.system.service.social.SocialClientService; import com.iailab.module.system.service.user.AdminUserService; import io.swagger.v3.oas.annotations.Operation; import io.swagger.v3.oas.annotations.Parameter; import io.swagger.v3.oas.annotations.Parameters; import io.swagger.v3.oas.annotations.tags.Tag; import lombok.extern.slf4j.Slf4j; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; import javax.annotation.Resource; import javax.annotation.security.PermitAll; import javax.servlet.http.HttpServletRequest; import javax.validation.Valid; import java.util.Collections; import java.util.List; import java.util.Set; import static com.iailab.framework.common.pojo.CommonResult.success; import static com.iailab.framework.common.util.collection.CollectionUtils.convertSet; import static com.iailab.framework.security.core.util.SecurityFrameworkUtils.getLoginUserId; import static com.iailab.framework.tenant.core.context.TenantContextHolder.getTenantId; @Tag(name = "管理后台 - 认证") @RestController @RequestMapping("/system/auth") @Validated @Slf4j public class AuthController { @Resource private AdminAuthService authService; @Resource private AdminUserService userService; @Resource private RoleService roleService; @Resource private MenuService menuService; @Resource private PermissionService permissionService; @Resource private SocialClientService socialClientService; @Resource private SecurityProperties securityProperties; @Resource private AppService appService; @PostMapping("/login") @PermitAll @Operation(summary = "使用账号密码登录") public CommonResult login(@RequestBody @Valid AuthLoginReqVO reqVO) { return success(authService.login(reqVO)); } @PostMapping("/logout") @PermitAll @Operation(summary = "登出系统") public CommonResult logout(HttpServletRequest request) { String token = SecurityFrameworkUtils.obtainAuthorization(request, securityProperties.getTokenHeader(), securityProperties.getTokenParameter()); if (StrUtil.isNotBlank(token)) { authService.logout(token, LoginLogTypeEnum.LOGOUT_SELF.getType()); } return success(true); } @PostMapping("/refresh-token") @PermitAll @Operation(summary = "刷新令牌") @Parameter(name = "refreshToken", description = "刷新令牌", required = true) public CommonResult refreshToken(@RequestParam("refreshToken") String refreshToken) { return success(authService.refreshToken(refreshToken)); } @GetMapping("/get-permission-info") @Operation(summary = "获取登录用户的权限信息") public CommonResult getPermissionInfo() { // 1.1 获得用户信息 AdminUserDO user = userService.getUser(getLoginUserId()); if (user == null) { return success(null); } // 1.2 获得角色列表 Set roleIds = permissionService.getUserRoleIdListByUserId(getLoginUserId()); if (CollUtil.isEmpty(roleIds)) { return success(AuthConvert.INSTANCE.convert(user, Collections.emptyList(), Collections.emptyList())); } List roles = roleService.getRoleList(roleIds); roles.removeIf(role -> !CommonStatusEnum.ENABLE.getStatus().equals(role.getStatus())); // 移除禁用的角色 // 1.3 获得菜单列表 Set menuIds = permissionService.getRoleMenuListByRoleId(convertSet(roles, RoleDO::getId)); List menuList = menuService.getMenuList(menuIds); menuList = menuService.filterDisableMenus(menuList); // 2. 拼接结果返回 return success(AuthConvert.INSTANCE.convert(user, roles, menuList)); } @GetMapping("/get-app-permission-info") @Operation(summary = "获取登录用户的app权限信息") public CommonResult getAppPermissionInfo() { // 1.1 获得用户信息 AdminUserDO user = userService.getUser(getLoginUserId()); if (user == null) { return success(null); } // 1.2 获得角色列表 Set roleIds = permissionService.getUserRoleIdListByUserId(getLoginUserId()); if (CollUtil.isEmpty(roleIds)) { return success(AuthConvert.INSTANCE.convert(user, Collections.emptyList(), Collections.emptyList())); } List roles = roleService.getRoleList(roleIds); roles.removeIf(role -> !CommonStatusEnum.ENABLE.getStatus().equals(role.getStatus())); // 移除禁用的角色 // 1.3 获得应用菜单列表 MenuListReqVO reqVO = new MenuListReqVO(); List appMenuList = menuService.getAppMenuList(reqVO); Set menuIds = permissionService.getRoleMenuListByRoleId(convertSet(roles, RoleDO::getId)); List menuList = menuService.getMenuList(menuIds); menuList.retainAll(appMenuList); menuList = menuService.filterDisableMenus(menuList); // 2. 拼接结果返回 return success(AuthConvert.INSTANCE.convertAppMenu(user, roles, menuList)); } // ========== 短信登录相关 ========== @PostMapping("/sms-login") @PermitAll @Operation(summary = "使用短信验证码登录") public CommonResult smsLogin(@RequestBody @Valid AuthSmsLoginReqVO reqVO) { return success(authService.smsLogin(reqVO)); } @PostMapping("/send-sms-code") @PermitAll @Operation(summary = "发送手机验证码") public CommonResult sendLoginSmsCode(@RequestBody @Valid AuthSmsSendReqVO reqVO) { authService.sendSmsCode(reqVO); return success(true); } // ========== 社交登录相关 ========== @GetMapping("/social-auth-redirect") @PermitAll @Operation(summary = "社交授权的跳转") @Parameters({ @Parameter(name = "type", description = "社交类型", required = true), @Parameter(name = "redirectUri", description = "回调路径") }) public CommonResult socialLogin(@RequestParam("type") Integer type, @RequestParam("redirectUri") String redirectUri) { return success(socialClientService.getAuthorizeUrl( type, UserTypeEnum.ADMIN.getValue(), redirectUri)); } @PostMapping("/social-login") @PermitAll @Operation(summary = "社交快捷登录,使用 code 授权码", description = "适合未登录的用户,但是社交账号已绑定用户") public CommonResult socialQuickLogin(@RequestBody @Valid AuthSocialLoginReqVO reqVO) { return success(authService.socialLogin(reqVO)); } }