|
|
@@ -276,7 +276,6 @@ public class SSOLoginLogoutController {
|
|
|
return loginResult;
|
|
|
}
|
|
|
|
|
|
-
|
|
|
@ApiOperation(".登录接口(sso)")
|
|
|
@RequestMapping(value = "/login", method = RequestMethod.POST)
|
|
|
public Result<JSONObject> login(HttpServletRequest request, HttpServletResponse response, @RequestBody SysLoginModel sysLoginModel){
|
|
|
@@ -328,6 +327,126 @@ public class SSOLoginLogoutController {
|
|
|
return result;
|
|
|
}
|
|
|
|
|
|
+ /**
|
|
|
+ * 从IoTedge链接跳转登录
|
|
|
+ * 没有密码,只有token和账号
|
|
|
+ * */
|
|
|
+ @ApiOperation(".登录接口(sso)——从IoTedge链接跳转登录 添加权限")
|
|
|
+ @RequestMapping(value = "/interlockTzlogin", method = RequestMethod.POST)
|
|
|
+ public LoginResult interlockTzlogin(HttpServletRequest request, HttpServletResponse response){
|
|
|
+
|
|
|
+ String eiToken = "";
|
|
|
+ String wisEUser = "";
|
|
|
+ String ssoRole = "";
|
|
|
+ String isHasSSORole = "0";//判断cookie中是否有SSORole字段 0没有1有
|
|
|
+
|
|
|
+ Cookie[] cookies = request.getCookies();
|
|
|
+ if (cookies != null) {
|
|
|
+ for (Cookie cookie : cookies) {
|
|
|
+ if (cookie.getName().equals("EIToken")) {
|
|
|
+ eiToken = cookie.getValue();
|
|
|
+ }
|
|
|
+ if (cookie.getName().equals("WISEUser")) {
|
|
|
+ wisEUser = cookie.getValue();
|
|
|
+ }
|
|
|
+ if (cookie.getName().equals("SSORole")) {
|
|
|
+ isHasSSORole = "1";
|
|
|
+ ssoRole = cookie.getValue();
|
|
|
+ }
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
+ LoginResult loginResult = new LoginResult();
|
|
|
+ Result<JSONObject> result = new Result<JSONObject>();
|
|
|
+ String usernameSSO = wisEUser;
|
|
|
+ String lsToken = request.getHeader(CommonConstant.X_ACCESS_TOKEN);
|
|
|
+
|
|
|
+ if(eiToken!=null && !"".equals(eiToken)){
|
|
|
+ //校验token有效性
|
|
|
+ Result<JSONObject> tokenValidationResult = ssoTokenValidation(eiToken);
|
|
|
+ if(!tokenValidationResult.isSuccess()){
|
|
|
+ loginResult.setResult(result.error("EIToken校验失败,请重新登录"));
|
|
|
+ loginResult.setUpdate(false);
|
|
|
+ return loginResult;
|
|
|
+ }else {
|
|
|
+// response.setHeader("Set-Cookie", String.format("EIToken=%s; Max-Age=3600; Path=/", eiToken));
|
|
|
+// response.setHeader("Set-Cookie", String.format("WISEUser=%s; Max-Age=3600; Path=/", usernameSSO));
|
|
|
+
|
|
|
+ if(isHasSSORole.equals("0")){//如果没有SSORole字段,查询一下sso角色
|
|
|
+ //获取用户角色 是否是管理员
|
|
|
+ ssoRole = getSSORole(eiToken);
|
|
|
+ }
|
|
|
+ Cookie cookie = new Cookie("EIToken", eiToken);
|
|
|
+ Cookie cookie1 = new Cookie("WISEUser", usernameSSO);
|
|
|
+ Cookie cookie2 = new Cookie("SSORole", ssoRole);
|
|
|
+ cookie.setMaxAge(3600);
|
|
|
+ cookie1.setMaxAge(3600);
|
|
|
+ cookie2.setMaxAge(3600);
|
|
|
+ cookie.setPath("/");
|
|
|
+ cookie1.setPath("/");
|
|
|
+ cookie2.setPath("/");
|
|
|
+ response.addCookie(cookie);
|
|
|
+ response.addCookie(cookie1);
|
|
|
+ response.addCookie(cookie2);
|
|
|
+
|
|
|
+ // 如果没有联锁token,或者有但与sso现在登录的账号名字不一样,都需要登录并返回登录信息
|
|
|
+ if(lsToken==null || "".equals(lsToken) || !usernameSSO.equals(JwtUtil.getUsername(lsToken))){
|
|
|
+ //1. 校验系统用户是否有效
|
|
|
+ SysUser sysUser = sysUserService.getUserAll(usernameSSO);
|
|
|
+ result = sysUserService.checkUserIsEffective(sysUser);
|
|
|
+ if(!result.isSuccess()) {
|
|
|
+ // TODO 已经单点登录成功了的用户如果在本系统不存在,新增用户?——初始密码设为123456??
|
|
|
+ if(result.getMessage().equals(SSOConstants.BCZ) ){
|
|
|
+ log.info("用户在jeecg系统用户表中不存在,新增该用户");
|
|
|
+ JSONObject addJSONObject = toAddJSONObject(usernameSSO, "123456");
|
|
|
+ addUser(addJSONObject);
|
|
|
+ }else if(result.getMessage().equals(SSOConstants.YZX) || result.getMessage().equals(SSOConstants.YDj)){
|
|
|
+ // TODO 已注销或冻结的用户怎么处理?——首先不应该允许在本系统注销或者冻结用户?——如果真的有恢复正常状态?
|
|
|
+ editUserStatusOrDel(usernameSSO);
|
|
|
+ }
|
|
|
+ }
|
|
|
+ //2.判断联锁用户是否存在
|
|
|
+ InterlockUser interlockUser = interlockUserService.getInterlockUserByUserName(usernameSSO);//根据用户名查询用户信息
|
|
|
+ //如果联锁用户表中没有该sso用户,新增用户
|
|
|
+ if(oConvertUtils.isEmpty(interlockUser)){
|
|
|
+ // TODO 已经单点登录成功了的用户如果在本系统不存在,新增用户?
|
|
|
+ log.info("用户在联锁系统用户表不存在,新增该用户");
|
|
|
+ JSONObject addJSONObject = toAddInterlockUserJSONObject(usernameSSO, ssoRole);
|
|
|
+ addInterlockUser(addJSONObject,eiToken);
|
|
|
+ }else{
|
|
|
+ if(ssoRole.equals("globalAdmin")){//已经存在的用户如果是系统管理员,更新用户、用户角色以及权限表
|
|
|
+ if(!interlockUser.getRole().equals("0")){
|
|
|
+ editInterlockAdminUser(interlockUser,eiToken);
|
|
|
+ }
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
+ SysUser sysUser1 = sysUserService.getUserAll(usernameSSO);
|
|
|
+ InterlockUser interlockUser1 = interlockUserService.getInterlockUserByUserName(usernameSSO);//根据用户名查询用户信息
|
|
|
+ //用户登录信息
|
|
|
+ interlockUserInfo1(interlockUser1, sysUser1.getPassword(), result);
|
|
|
+ LoginUser loginUser = new LoginUser();
|
|
|
+// BeanUtils.copyProperties(interlockUser1, loginUser);
|
|
|
+ BeanUtils.copyProperties(sysUser1, loginUser);
|
|
|
+ baseCommonService.addLog("用户名: " + usernameSSO + ",登录成功!", CommonConstant.LOG_TYPE_1, null,loginUser);
|
|
|
+ //update-end--Author:wangshuai Date:20200714 for:登录日志没有记录人员
|
|
|
+
|
|
|
+ loginResult.setResult(result);
|
|
|
+ loginResult.setUpdate(true);
|
|
|
+ return loginResult;
|
|
|
+ }else {
|
|
|
+ // 如果有联锁token,且与sso现在登录的账号名字相同,返回true即可
|
|
|
+ loginResult.setResult(result.success("验证成功"));
|
|
|
+ loginResult.setUpdate(false);
|
|
|
+ return loginResult;
|
|
|
+ }
|
|
|
+ }
|
|
|
+ }
|
|
|
+ loginResult.setResult(result.error("EIToken校验失败,请重新登录"));
|
|
|
+ loginResult.setUpdate(false);
|
|
|
+ return loginResult;
|
|
|
+ }
|
|
|
+
|
|
|
@ApiOperation(".登录接口(sso) 修改权限之后的登陆接口")
|
|
|
@RequestMapping(value = "/interlockLogin", method = RequestMethod.POST)
|
|
|
public Result<JSONObject> interlockLogin(HttpServletRequest request, HttpServletResponse response, @RequestBody SysLoginModel sysLoginModel){
|
|
|
@@ -369,10 +488,24 @@ public class SSOLoginLogoutController {
|
|
|
response.addCookie(cookie1);
|
|
|
response.addCookie(cookie2);
|
|
|
|
|
|
- //1. 校验用户是否有效
|
|
|
-// SysUser sysUser = sysUserService.getUserAll(username);
|
|
|
- InterlockUser interlockUser = interlockUserService.getInterlockUserByUserName(username);//根据用户名查询用户信息
|
|
|
+ //1. 校验系统用户是否有效
|
|
|
+ SysUser sysUser = sysUserService.getUserAll(username);
|
|
|
+ result = sysUserService.checkUserIsEffective(sysUser);
|
|
|
+ if(!result.isSuccess()) {
|
|
|
+ // TODO 已经单点登录成功了的用户如果在本系统不存在,新增用户?
|
|
|
+ if(result.getMessage().equals(SSOConstants.BCZ) ){
|
|
|
+ log.info("用户在本系统不存在,新增该用户");
|
|
|
+ JSONObject addJSONObject = toAddJSONObject(username, password);
|
|
|
+ addUser(addJSONObject);
|
|
|
+ }else if(result.getMessage().equals(SSOConstants.YZX) || result.getMessage().equals(SSOConstants.YDj)){
|
|
|
+ // TODO 已注销或冻结的用户怎么处理?——首先不应该允许在本系统注销或者冻结用户?——如果真的有恢复正常状态?
|
|
|
+ editUserStatusOrDel(username);
|
|
|
+ }
|
|
|
+ }
|
|
|
|
|
|
+ //2. 校验联锁用户是否存在
|
|
|
+ SysUser sysUser1 = sysUserService.getUserAll(username);
|
|
|
+ InterlockUser interlockUser = interlockUserService.getInterlockUserByUserName(username);//根据用户名查询用户信息
|
|
|
//如果联锁用户表中没有该sso用户,新增用户
|
|
|
if(oConvertUtils.isEmpty(interlockUser)){
|
|
|
// TODO 已经单点登录成功了的用户如果在本系统不存在,新增用户?
|
|
|
@@ -387,13 +520,12 @@ public class SSOLoginLogoutController {
|
|
|
}
|
|
|
}
|
|
|
|
|
|
-// SysUser sysUser1 = sysUserService.getUserAll(username);
|
|
|
+// SysUser sysUser1 = sysUserService.getUserAll(username);//使用密码用来生成token
|
|
|
InterlockUser interlockUser1 = interlockUserService.getInterlockUserByUserName(username);//根据用户名查询用户信息
|
|
|
//用户登录信息
|
|
|
- interlockUserInfo1(interlockUser1, eiToken, result);
|
|
|
+ interlockUserInfo1(interlockUser1, password, result);
|
|
|
LoginUser loginUser = new LoginUser();
|
|
|
-
|
|
|
- BeanUtils.copyProperties(interlockUser1, loginUser);
|
|
|
+ BeanUtils.copyProperties(sysUser1, loginUser);
|
|
|
baseCommonService.addLog("用户名: " + username + ",登录成功!", CommonConstant.LOG_TYPE_1, null,loginUser);
|
|
|
|
|
|
return result;
|
|
|
@@ -727,12 +859,14 @@ public class SSOLoginLogoutController {
|
|
|
* @param result
|
|
|
* @return
|
|
|
*/
|
|
|
- private Result<JSONObject> interlockUserInfo1(InterlockUser interlockUser, String token, Result<JSONObject> result) {
|
|
|
+ private Result<JSONObject> interlockUserInfo1(InterlockUser interlockUser, String syspassword, Result<JSONObject> result) {
|
|
|
String username = interlockUser.getUsername();
|
|
|
// 获取用户部门信息
|
|
|
JSONObject obj = new JSONObject(new LinkedHashMap<>());
|
|
|
|
|
|
- // 使用eiToken, 设置token缓存有效时间
|
|
|
+ // 生成token
|
|
|
+ String token = JwtUtil.sign(username, syspassword);
|
|
|
+ // 设置token缓存有效时间
|
|
|
redisUtil.set(CommonConstant.PREFIX_USER_TOKEN + token, token);
|
|
|
redisUtil.expire(CommonConstant.PREFIX_USER_TOKEN + token, JwtUtil.EXPIRE_TIME * 2 / 1000);
|
|
|
obj.put("token", token);
|
|
|
@@ -768,12 +902,16 @@ public class SSOLoginLogoutController {
|
|
|
// response.setHeader("Set-Cookie", String.format("EIToken=%s; Max-Age=0; Path=/", ""));
|
|
|
Cookie cookie = new Cookie("EIToken", "");
|
|
|
Cookie cookie1 = new Cookie("WISEUser", "");
|
|
|
+ Cookie cookie2 = new Cookie("SSORole", "");
|
|
|
cookie.setMaxAge(0);
|
|
|
cookie1.setMaxAge(0);
|
|
|
+ cookie2.setMaxAge(0);
|
|
|
cookie.setPath("/");
|
|
|
cookie1.setPath("/");
|
|
|
+ cookie2.setPath("/");
|
|
|
response.addCookie(cookie);
|
|
|
response.addCookie(cookie1);
|
|
|
+ response.addCookie(cookie2);
|
|
|
|
|
|
//用户退出逻辑
|
|
|
String token = request.getHeader(CommonConstant.X_ACCESS_TOKEN);
|
sl