Ver código fonte

fix校验+登录

LLL 4 meses atrás
pai
commit
50a25b9727

+ 59 - 32
jeecg-module-interlock/src/main/java/org/jeecg/modules/ssoClient/controller/SSOLoginLogoutController.java

@@ -23,6 +23,7 @@ import org.jeecg.modules.iotedgeConfig.service.IIotedgeConfigService;
 import org.jeecg.modules.iotedgeConfig.util.ConfigInfo;
 import org.jeecg.modules.ssoClient.constants.SSOConstants;
 import org.jeecg.modules.ssoClient.dto.SysLoginModelDTO;
+import org.jeecg.modules.ssoClient.vo.LoginResult;
 import org.jeecg.modules.system.entity.SysDepart;
 import org.jeecg.modules.system.entity.SysTenant;
 import org.jeecg.modules.system.entity.SysUser;
@@ -87,9 +88,9 @@ public class SSOLoginLogoutController {
         if(eiToken!=null && !"".equals(eiToken)){
             Result<JSONObject> result = ssoTokenValidation(eiToken);
             if(result.isSuccess()){
-                // 设置本系统token缓存有效时间
-                redisUtil.set(CommonConstant.PREFIX_USER_TOKEN + eiToken, eiToken);
-                redisUtil.expire(CommonConstant.PREFIX_USER_TOKEN + eiToken, 0);
+//                // 设置本系统token缓存有效时间
+//                redisUtil.set(CommonConstant.PREFIX_USER_TOKEN + eiToken, eiToken);
+//                redisUtil.expire(CommonConstant.PREFIX_USER_TOKEN + eiToken, 0);
                 return true;
             } else{
                 //用户退出逻辑
@@ -161,43 +162,68 @@ public class SSOLoginLogoutController {
         return Result.error("校验失败");
     }
 
+    /**
+     * 从IoTedge链接跳转登录
+     * 没有密码,只有token和账号
+     * */
     @ApiOperation(".登录接口(sso)——从IoTedge链接跳转登录")
     @RequestMapping(value = "/tzlogin", method = RequestMethod.POST)
-    public Result<JSONObject> tzlogin(HttpServletRequest request, HttpServletResponse response, @RequestBody SysLoginModelDTO dto){
+    public LoginResult tzlogin(HttpServletRequest request, HttpServletResponse response, @RequestBody SysLoginModelDTO dto){
 
+        LoginResult loginResult = new LoginResult();
         Result<JSONObject> result = new Result<JSONObject>();
-        String username = dto.getUsername();
+        String usernameSSO = dto.getUsername();
         String password = dto.getPassword();
         String eiToken = dto.getEiToken();
+        String lsToken = request.getHeader(CommonConstant.X_ACCESS_TOKEN);
 
-        //校验token有效性
-        Result<JSONObject> tokenValidationResult = ssoTokenValidation(eiToken);
-        if(!tokenValidationResult.isSuccess()){
-            result.error("EIToken校验失败,请重新登录");
-        }
+        if(eiToken!=null && !"".equals(eiToken)){
+            //校验token有效性
+            Result<JSONObject> tokenValidationResult = ssoTokenValidation(eiToken);
+            if(!tokenValidationResult.isSuccess()){
+                loginResult.setResult(result.error("EIToken校验失败,请重新登录"));
+                loginResult.setUpdate(false);
+                return loginResult;
+            }else {
+                // 如果没有联锁token,或者有但与sso现在登录的账号名字不一样,都需要登录并返回登录信息
+                if(lsToken==null || "".equals(lsToken) || !usernameSSO.equals(JwtUtil.getUsername(lsToken))){
+                    //1. 校验用户是否有效
+                    SysUser sysUser = sysUserService.getUserAll(usernameSSO);
+                    result = sysUserService.checkUserIsEffective(sysUser);
+                    if(!result.isSuccess()) {
+                        // TODO 已经单点登录成功了的用户如果在本系统不存在,新增用户?
+                        if(result.getMessage().equals(SSOConstants.BCZ) ){
+                            log.info("用户在本系统不存在,新增该用户");
+                            JSONObject addJSONObject = toAddJSONObject(usernameSSO,  password);
+                            addUser(addJSONObject);
+                        }else if(result.getMessage().equals(SSOConstants.YZX) || result.getMessage().equals(SSOConstants.YDj)){
+                            // TODO 已注销或冻结的用户怎么处理?——首先不应该允许在本系统注销或者冻结用户?——如果真的有恢复正常状态?
+                            editUserStatusOrDel(usernameSSO);
+                        }
+                    }
 
-        //1. 校验用户是否有效
-        SysUser sysUser = sysUserService.getUserAll(username);
-        result = sysUserService.checkUserIsEffective(sysUser);
-        if(!result.isSuccess()) {
-            // TODO 已经单点登录成功了的用户如果在本系统不存在,新增用户?
-            if(result.getMessage().equals(SSOConstants.BCZ) ){
-                log.info("用户在本系统不存在,新增该用户");
-                JSONObject addJSONObject = toAddJSONObject(username,  password);
-                addUser(addJSONObject);
-            }else if(result.getMessage().equals(SSOConstants.YZX) || result.getMessage().equals(SSOConstants.YDj)){
-                // TODO 已注销或冻结的用户怎么处理?——首先不应该允许在本系统注销或者冻结用户?——如果真的有恢复正常状态?
-                editUserStatusOrDel(username);
+                    SysUser sysUser1 = sysUserService.getUserAll(usernameSSO);
+                    //用户登录信息 TODO-token
+                    userInfo1(sysUser1, result);
+                    LoginUser loginUser = new LoginUser();
+                    BeanUtils.copyProperties(sysUser1, loginUser);
+                    baseCommonService.addLog("用户名: " + usernameSSO + ",登录成功!", CommonConstant.LOG_TYPE_1, null,loginUser);
+                    //update-end--Author:wangshuai  Date:20200714  for:登录日志没有记录人员
+
+                    loginResult.setResult(result);
+                    loginResult.setUpdate(true);
+                    return loginResult;
+                }else {
+                    // 如果有联锁token,且与sso现在登录的账号名字相同,返回true即可
+                    loginResult.setResult(result.success("验证成功"));
+                    loginResult.setUpdate(false);
+                    return loginResult;
+                }
             }
         }
-
-        //用户登录信息 TODO-token
-        userInfo1(sysUser, result);
-        LoginUser loginUser = new LoginUser();
-        BeanUtils.copyProperties(sysUser, loginUser);
-        baseCommonService.addLog("用户名: " + username + ",登录成功!", CommonConstant.LOG_TYPE_1, null,loginUser);
-        //update-end--Author:wangshuai  Date:20200714  for:登录日志没有记录人员
-        return result;
+        loginResult.setResult(result.error("EIToken校验失败,请重新登录"));
+        loginResult.setUpdate(false);
+        return loginResult;
     }
 
 
@@ -232,10 +258,11 @@ public class SSOLoginLogoutController {
             }
         }
 
+        SysUser sysUser1 = sysUserService.getUserAll(username);
         //用户登录信息
-        userInfo1(sysUser, result);
+        userInfo1(sysUser1, result);
         LoginUser loginUser = new LoginUser();
-        BeanUtils.copyProperties(sysUser, loginUser);
+        BeanUtils.copyProperties(sysUser1, loginUser);
         baseCommonService.addLog("用户名: " + username + ",登录成功!", CommonConstant.LOG_TYPE_1, null,loginUser);
         //update-end--Author:wangshuai  Date:20200714  for:登录日志没有记录人员
 

+ 21 - 0
jeecg-module-interlock/src/main/java/org/jeecg/modules/ssoClient/vo/LoginResult.java

@@ -0,0 +1,21 @@
+package org.jeecg.modules.ssoClient.vo;
+
+import com.alibaba.fastjson.JSONObject;
+import lombok.Data;
+import org.jeecg.common.api.vo.Result;
+
+/**
+ * 功能描述
+ *
+ * @author: nn
+ * @date: 2024年07月15日 17:50
+ */
+@Data
+public class LoginResult {
+
+    public Result<JSONObject> result;
+
+    /**是否需要更新用户信息*/
+    public Boolean update;
+
+}