|
@@ -22,6 +22,7 @@ import org.jeecg.modules.base.service.BaseCommonService;
|
|
|
import org.jeecg.modules.iotedgeConfig.service.IIotedgeConfigService;
|
|
|
import org.jeecg.modules.iotedgeConfig.util.ConfigInfo;
|
|
|
import org.jeecg.modules.ssoClient.constants.SSOConstants;
|
|
|
+import org.jeecg.modules.ssoClient.dto.SysLoginModelDTO;
|
|
|
import org.jeecg.modules.system.entity.SysDepart;
|
|
|
import org.jeecg.modules.system.entity.SysTenant;
|
|
|
import org.jeecg.modules.system.entity.SysUser;
|
|
@@ -82,20 +83,42 @@ public class SSOLoginLogoutController {
|
|
|
* */
|
|
|
@GetMapping("/tokenvalidation")
|
|
|
@ApiOperation("sso校验token")
|
|
|
- public Boolean ssoJYToken(String token){
|
|
|
- Result<JSONObject> result = ssoTokenValidation(token);
|
|
|
- if(result.isSuccess()){
|
|
|
- return true;
|
|
|
+ public Boolean ssoJYToken(String eiToken, String username){
|
|
|
+ if(eiToken!=null && !"".equals(eiToken)){
|
|
|
+ Result<JSONObject> result = ssoTokenValidation(eiToken);
|
|
|
+ if(result.isSuccess()){
|
|
|
+ // 设置本系统token缓存有效时间
|
|
|
+ redisUtil.set(CommonConstant.PREFIX_USER_TOKEN + eiToken, eiToken);
|
|
|
+ redisUtil.expire(CommonConstant.PREFIX_USER_TOKEN + eiToken, 0);
|
|
|
+ return true;
|
|
|
+ } else{
|
|
|
+ //用户退出逻辑
|
|
|
+ LoginUser sysUser = sysBaseApi.getUserByName(username);
|
|
|
+ if(sysUser!=null) {
|
|
|
+ //update-begin--Author:wangshuai Date:20200714 for:登出日志没有记录人员
|
|
|
+ baseCommonService.addLog("用户名: "+sysUser.getRealname()+",退出成功!", CommonConstant.LOG_TYPE_1, null,sysUser);
|
|
|
+ //update-end--Author:wangshuai Date:20200714 for:登出日志没有记录人员
|
|
|
+ log.info(" 用户名: "+sysUser.getRealname()+",退出成功! ");
|
|
|
+ //清空用户登录Token缓存
|
|
|
+ redisUtil.del(CommonConstant.PREFIX_USER_TOKEN + eiToken);
|
|
|
+ //清空用户登录Shiro权限缓存
|
|
|
+ redisUtil.del(CommonConstant.PREFIX_USER_SHIRO_CACHE + sysUser.getId());
|
|
|
+ //清空用户的缓存信息(包括部门信息),例如sys:cache:user::<username>
|
|
|
+ redisUtil.del(String.format("%s::%s", CacheConstant.SYS_USERS_CACHE, sysUser.getUsername()));
|
|
|
+ //调用shiro的logout
|
|
|
+ SecurityUtils.getSubject().logout();
|
|
|
+ }
|
|
|
+ }
|
|
|
}
|
|
|
- else return false;
|
|
|
+ return false;
|
|
|
}
|
|
|
|
|
|
- public Result<JSONObject> ssoTokenValidation(String token) {
|
|
|
+ public Result<JSONObject> ssoTokenValidation(String eiToken) {
|
|
|
// String url = "http://192.168.2.248:8188/v4.0/tokenvalidation;
|
|
|
String url = configService.getConfigValue(ConfigInfo.SSO_TOKENVALIDATION);
|
|
|
|
|
|
JSONObject jsonObject = new JSONObject();
|
|
|
- jsonObject.put("token",token);
|
|
|
+ jsonObject.put("token",eiToken);
|
|
|
|
|
|
// 设置请求头部
|
|
|
HttpHeaders headers = new HttpHeaders();
|
|
@@ -124,7 +147,7 @@ public class SSOLoginLogoutController {
|
|
|
if (responseBody.contains("Token") || responseBody.contains("Token")) {
|
|
|
String accessToken = extractAccessTokenFromResponseBody(responseBody,"accessToken");
|
|
|
String refreshToken = extractAccessTokenFromResponseBody(responseBody,"refreshToken");
|
|
|
- System.out.println("成功获取到token:" + token);
|
|
|
+ System.out.println("成功获取到token:" + eiToken);
|
|
|
return Result.ok(accessToken);
|
|
|
}
|
|
|
} else {
|
|
@@ -138,9 +161,49 @@ public class SSOLoginLogoutController {
|
|
|
return Result.error("校验失败");
|
|
|
}
|
|
|
|
|
|
+ @ApiOperation(".登录接口(sso)——从IoTedge链接跳转登录")
|
|
|
+ @RequestMapping(value = "/tzlogin", method = RequestMethod.POST)
|
|
|
+ public Result<JSONObject> tzlogin(HttpServletRequest request, HttpServletResponse response, @RequestBody SysLoginModelDTO dto){
|
|
|
+
|
|
|
+ Result<JSONObject> result = new Result<JSONObject>();
|
|
|
+ String username = dto.getUsername();
|
|
|
+ String password = dto.getPassword();
|
|
|
+ String eiToken = dto.getEIToken();
|
|
|
+
|
|
|
+ //校验token有效性
|
|
|
+ Result<JSONObject> tokenValidationResult = ssoTokenValidation(eiToken);
|
|
|
+ if(!tokenValidationResult.isSuccess()){
|
|
|
+ result.error("EIToken校验失败,请重新登录");
|
|
|
+ }
|
|
|
+
|
|
|
+ //1. 校验用户是否有效
|
|
|
+ SysUser sysUser = sysUserService.getUserAll(username);
|
|
|
+ result = sysUserService.checkUserIsEffective(sysUser);
|
|
|
+ if(!result.isSuccess()) {
|
|
|
+ // TODO 已经单点登录成功了的用户如果在本系统不存在,新增用户?
|
|
|
+ if(result.getMessage().equals(SSOConstants.BCZ) ){
|
|
|
+ log.info("用户在本系统不存在,新增该用户");
|
|
|
+ JSONObject addJSONObject = toAddJSONObject(username, password);
|
|
|
+ addUser(addJSONObject);
|
|
|
+ }else if(result.getMessage().equals(SSOConstants.YZX) || result.getMessage().equals(SSOConstants.YDj)){
|
|
|
+ // TODO 已注销或冻结的用户怎么处理?——首先不应该允许在本系统注销或者冻结用户?——如果真的有恢复正常状态?
|
|
|
+ editUserStatusOrDel(username);
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
+ //用户登录信息 TODO-token
|
|
|
+ userInfo1(sysUser, result);
|
|
|
+ LoginUser loginUser = new LoginUser();
|
|
|
+ BeanUtils.copyProperties(sysUser, loginUser);
|
|
|
+ baseCommonService.addLog("用户名: " + username + ",登录成功!", CommonConstant.LOG_TYPE_1, null,loginUser);
|
|
|
+ //update-end--Author:wangshuai Date:20200714 for:登录日志没有记录人员
|
|
|
+ return result;
|
|
|
+ }
|
|
|
+
|
|
|
|
|
|
|
|
|
- @ApiOperation("登录接口")
|
|
|
+
|
|
|
+ @ApiOperation(".登录接口(sso)")
|
|
|
@RequestMapping(value = "/login", method = RequestMethod.POST)
|
|
|
public Result<JSONObject> login(HttpServletRequest request, HttpServletResponse response, @RequestBody SysLoginModel sysLoginModel){
|
|
|
|
|
@@ -169,12 +232,13 @@ public class SSOLoginLogoutController {
|
|
|
}
|
|
|
}
|
|
|
|
|
|
- //用户登录信息 TODO-token
|
|
|
- userInfo1(sysUser, result, eiToken);
|
|
|
+ //用户登录信息
|
|
|
+ userInfo1(sysUser, result);
|
|
|
LoginUser loginUser = new LoginUser();
|
|
|
BeanUtils.copyProperties(sysUser, loginUser);
|
|
|
baseCommonService.addLog("用户名: " + username + ",登录成功!", CommonConstant.LOG_TYPE_1, null,loginUser);
|
|
|
//update-end--Author:wangshuai Date:20200714 for:登录日志没有记录人员
|
|
|
+
|
|
|
return result;
|
|
|
}
|
|
|
|
|
@@ -322,15 +386,14 @@ public class SSOLoginLogoutController {
|
|
|
* @param result
|
|
|
* @return
|
|
|
*/
|
|
|
- private Result<JSONObject> userInfo1(SysUser sysUser, Result<JSONObject> result, String eiToken) {
|
|
|
+ private Result<JSONObject> userInfo1(SysUser sysUser, Result<JSONObject> result) {
|
|
|
String username = sysUser.getUsername();
|
|
|
String syspassword = sysUser.getPassword();
|
|
|
// 获取用户部门信息
|
|
|
JSONObject obj = new JSONObject(new LinkedHashMap<>());
|
|
|
|
|
|
- // 生成token TODO 用本系统生成的token还是sso的token
|
|
|
-// String token = JwtUtil.sign(username, syspassword);
|
|
|
- String token =eiToken;
|
|
|
+ // 生成token
|
|
|
+ String token = JwtUtil.sign(username, syspassword);
|
|
|
// 设置token缓存有效时间
|
|
|
redisUtil.set(CommonConstant.PREFIX_USER_TOKEN + token, token);
|
|
|
redisUtil.expire(CommonConstant.PREFIX_USER_TOKEN + token, JwtUtil.EXPIRE_TIME * 2 / 1000);
|
|
@@ -386,7 +449,8 @@ public class SSOLoginLogoutController {
|
|
|
* @param response
|
|
|
* @return
|
|
|
*/
|
|
|
- @RequestMapping(value = "/logout")
|
|
|
+ @ApiOperation(".登出接口(sso)")
|
|
|
+ @RequestMapping(value = "/logout", method = RequestMethod.POST)
|
|
|
public Result<Object> logout(HttpServletRequest request, HttpServletResponse response) {
|
|
|
log.info("开始退出登录----------------------------------");
|
|
|
|
|
@@ -394,14 +458,6 @@ public class SSOLoginLogoutController {
|
|
|
String msg = IoTedgessolgout(response);
|
|
|
if(!SSOConstants.LOGOUT_SUCCESS.equals(msg)) return Result.error(msg);
|
|
|
|
|
|
- // 创建一个同名的 Cookie 对象
|
|
|
- Cookie cookie = new Cookie("EIToken", "");
|
|
|
- // 设置 Cookie 的路径和最大生存时间(单位:秒)
|
|
|
- cookie.setPath("/"); // 设置路径为根路径,确保能在整个应用中删除该 Cookie
|
|
|
- cookie.setMaxAge(0); // 将 Cookie 的最大生存时间设置为 0,使其立即过期
|
|
|
- // 将 Cookie 添加到 HttpServletResponse 中
|
|
|
- response.addCookie(cookie);
|
|
|
-
|
|
|
//用户退出逻辑
|
|
|
String token = request.getHeader(CommonConstant.X_ACCESS_TOKEN);
|
|
|
if(oConvertUtils.isEmpty(token)) {
|
|
@@ -430,7 +486,7 @@ public class SSOLoginLogoutController {
|
|
|
|
|
|
/**IoTedge sso登出*/
|
|
|
public String IoTedgessolgout(HttpServletResponse response1){
|
|
|
- //String url = "http://192.168.2.248:8082/v1/sso/auth";
|
|
|
+ //String url = "http://192.168.2.248:8188/v4.0/auth/native";
|
|
|
String url = configService.getConfigValue(ConfigInfo.SSO_LOGOUT_URL);
|
|
|
|
|
|
// 设置请求头部
|