跳转登陆以及单点登陆修改 获取两个用户表的信息

jeecg-module-interlock/src/main/java/org/jeecg/modules/ssoClient/controller/SSOLoginLogoutController.java

@@ -276,7 +276,6 @@ public class SSOLoginLogoutController {
         return loginResult;
     }
 
-
     @ApiOperation(".登录接口（sso）")
     @RequestMapping(value = "/login", method = RequestMethod.POST)
     public Result<JSONObject> login(HttpServletRequest request, HttpServletResponse response, @RequestBody SysLoginModel sysLoginModel){
@@ -328,6 +327,126 @@ public class SSOLoginLogoutController {
         return result;
     }
 
+    /**
+     * 从IoTedge链接跳转登录
+     * 没有密码，只有token和账号
+     * */
+    @ApiOperation(".登录接口（sso）——从IoTedge链接跳转登录  添加权限")
+    @RequestMapping(value = "/interlockTzlogin", method = RequestMethod.POST)
+    public LoginResult interlockTzlogin(HttpServletRequest request, HttpServletResponse response){
+
+        String eiToken = "";
+        String wisEUser = "";
+        String ssoRole = "";
+        String isHasSSORole = "0";//判断cookie中是否有SSORole字段  0没有1有
+
+        Cookie[] cookies = request.getCookies();
+        if (cookies != null) {
+            for (Cookie cookie : cookies) {
+                if (cookie.getName().equals("EIToken")) {
+                    eiToken = cookie.getValue();
+                }
+                if (cookie.getName().equals("WISEUser")) {
+                    wisEUser = cookie.getValue();
+                }
+                if (cookie.getName().equals("SSORole")) {
+                    isHasSSORole = "1";
+                    ssoRole = cookie.getValue();
+                }
+            }
+        }
+
+        LoginResult loginResult = new LoginResult();
+        Result<JSONObject> result = new Result<JSONObject>();
+        String usernameSSO = wisEUser;
+        String lsToken = request.getHeader(CommonConstant.X_ACCESS_TOKEN);
+
+        if(eiToken!=null && !"".equals(eiToken)){
+            //校验token有效性
+            Result<JSONObject> tokenValidationResult = ssoTokenValidation(eiToken);
+            if(!tokenValidationResult.isSuccess()){
+                loginResult.setResult(result.error("EIToken校验失败，请重新登录"));
+                loginResult.setUpdate(false);
+                return loginResult;
+            }else {
+//                response.setHeader("Set-Cookie", String.format("EIToken=%s; Max-Age=3600; Path=/", eiToken));
+//                response.setHeader("Set-Cookie", String.format("WISEUser=%s; Max-Age=3600; Path=/", usernameSSO));
+
+                if(isHasSSORole.equals("0")){//如果没有SSORole字段，查询一下sso角色
+                    //获取用户角色 是否是管理员
+                    ssoRole = getSSORole(eiToken);
+                }
+                Cookie cookie = new Cookie("EIToken", eiToken);
+                Cookie cookie1 = new Cookie("WISEUser", usernameSSO);
+                Cookie cookie2 = new Cookie("SSORole", ssoRole);
+                cookie.setMaxAge(3600);
+                cookie1.setMaxAge(3600);
+                cookie2.setMaxAge(3600);
+                cookie.setPath("/");
+                cookie1.setPath("/");
+                cookie2.setPath("/");
+                response.addCookie(cookie);
+                response.addCookie(cookie1);
+                response.addCookie(cookie2);
+
+                // 如果没有联锁token，或者有但与sso现在登录的账号名字不一样，都需要登录并返回登录信息
+                if(lsToken==null || "".equals(lsToken) || !usernameSSO.equals(JwtUtil.getUsername(lsToken))){
+                    //1. 校验系统用户是否有效
+                    SysUser sysUser = sysUserService.getUserAll(usernameSSO);
+                    result = sysUserService.checkUserIsEffective(sysUser);
+                    if(!result.isSuccess()) {
+                        // TODO 已经单点登录成功了的用户如果在本系统不存在，新增用户？——初始密码设为123456？？
+                        if(result.getMessage().equals(SSOConstants.BCZ) ){
+                            log.info("用户在jeecg系统用户表中不存在，新增该用户");
+                            JSONObject addJSONObject = toAddJSONObject(usernameSSO,  "123456");
+                            addUser(addJSONObject);
+                        }else if(result.getMessage().equals(SSOConstants.YZX) || result.getMessage().equals(SSOConstants.YDj)){
+                            // TODO 已注销或冻结的用户怎么处理？——首先不应该允许在本系统注销或者冻结用户？——如果真的有恢复正常状态？
+                            editUserStatusOrDel(usernameSSO);
+                        }
+                    }
+                    //2.判断联锁用户是否存在
+                    InterlockUser interlockUser = interlockUserService.getInterlockUserByUserName(usernameSSO);//根据用户名查询用户信息
+                    //如果联锁用户表中没有该sso用户，新增用户
+                    if(oConvertUtils.isEmpty(interlockUser)){
+                        // TODO 已经单点登录成功了的用户如果在本系统不存在，新增用户？
+                        log.info("用户在联锁系统用户表不存在，新增该用户");
+                        JSONObject addJSONObject = toAddInterlockUserJSONObject(usernameSSO, ssoRole);
+                        addInterlockUser(addJSONObject,eiToken);
+                    }else{
+                        if(ssoRole.equals("globalAdmin")){//已经存在的用户如果是系统管理员，更新用户、用户角色以及权限表
+                            if(!interlockUser.getRole().equals("0")){
+                                editInterlockAdminUser(interlockUser,eiToken);
+                            }
+                        }
+                    }
+
+                    SysUser sysUser1 = sysUserService.getUserAll(usernameSSO);
+                    InterlockUser interlockUser1 = interlockUserService.getInterlockUserByUserName(usernameSSO);//根据用户名查询用户信息
+                    //用户登录信息
+                    interlockUserInfo1(interlockUser1, sysUser1.getPassword(), result);
+                    LoginUser loginUser = new LoginUser();
+//                    BeanUtils.copyProperties(interlockUser1, loginUser);
+                    BeanUtils.copyProperties(sysUser1, loginUser);
+                    baseCommonService.addLog("用户名: " + usernameSSO + ",登录成功！", CommonConstant.LOG_TYPE_1, null,loginUser);
+                    //update-end--Author:wangshuai  Date:20200714  for：登录日志没有记录人员
+
+                    loginResult.setResult(result);
+                    loginResult.setUpdate(true);
+                    return loginResult;
+                }else {
+                    // 如果有联锁token，且与sso现在登录的账号名字相同，返回true即可
+                    loginResult.setResult(result.success("验证成功"));
+                    loginResult.setUpdate(false);
+                    return loginResult;
+                }
+            }
+        }
+        loginResult.setResult(result.error("EIToken校验失败，请重新登录"));
+        loginResult.setUpdate(false);
+        return loginResult;
+    }
+
     @ApiOperation(".登录接口（sso） 修改权限之后的登陆接口")
     @RequestMapping(value = "/interlockLogin", method = RequestMethod.POST)
     public Result<JSONObject> interlockLogin(HttpServletRequest request, HttpServletResponse response, @RequestBody SysLoginModel sysLoginModel){
@@ -369,10 +488,24 @@ public class SSOLoginLogoutController {
         response.addCookie(cookie1);
         response.addCookie(cookie2);
 
-        //1. 校验用户是否有效
-//        SysUser sysUser = sysUserService.getUserAll(username);
-        InterlockUser interlockUser = interlockUserService.getInterlockUserByUserName(username);//根据用户名查询用户信息
+        //1. 校验系统用户是否有效
+        SysUser sysUser = sysUserService.getUserAll(username);
+        result = sysUserService.checkUserIsEffective(sysUser);
+        if(!result.isSuccess()) {
+            // TODO 已经单点登录成功了的用户如果在本系统不存在，新增用户？
+            if(result.getMessage().equals(SSOConstants.BCZ) ){
+                log.info("用户在本系统不存在，新增该用户");
+                JSONObject addJSONObject = toAddJSONObject(username, password);
+                addUser(addJSONObject);
+            }else if(result.getMessage().equals(SSOConstants.YZX) || result.getMessage().equals(SSOConstants.YDj)){
+                // TODO 已注销或冻结的用户怎么处理？——首先不应该允许在本系统注销或者冻结用户？——如果真的有恢复正常状态？
+                editUserStatusOrDel(username);
+            }
+        }
 
+        //2. 校验联锁用户是否存在
+        SysUser sysUser1 = sysUserService.getUserAll(username);
+        InterlockUser interlockUser = interlockUserService.getInterlockUserByUserName(username);//根据用户名查询用户信息
         //如果联锁用户表中没有该sso用户，新增用户
         if(oConvertUtils.isEmpty(interlockUser)){
             // TODO 已经单点登录成功了的用户如果在本系统不存在，新增用户？
@@ -387,13 +520,12 @@ public class SSOLoginLogoutController {
             }
         }
 
-//        SysUser sysUser1 = sysUserService.getUserAll(username);
+//        SysUser sysUser1 = sysUserService.getUserAll(username);//使用密码用来生成token
         InterlockUser interlockUser1 = interlockUserService.getInterlockUserByUserName(username);//根据用户名查询用户信息
         //用户登录信息
-        interlockUserInfo1(interlockUser1, eiToken, result);
+        interlockUserInfo1(interlockUser1, password, result);
         LoginUser loginUser = new LoginUser();
-
-        BeanUtils.copyProperties(interlockUser1, loginUser);
+        BeanUtils.copyProperties(sysUser1, loginUser);
         baseCommonService.addLog("用户名: " + username + ",登录成功！", CommonConstant.LOG_TYPE_1, null,loginUser);
 
         return result;
@@ -727,12 +859,14 @@ public class SSOLoginLogoutController {
      * @param result
      * @return
      */
-    private Result<JSONObject> interlockUserInfo1(InterlockUser interlockUser, String token, Result<JSONObject> result) {
+    private Result<JSONObject> interlockUserInfo1(InterlockUser interlockUser, String syspassword, Result<JSONObject> result) {
         String username = interlockUser.getUsername();
         // 获取用户部门信息
         JSONObject obj = new JSONObject(new LinkedHashMap<>());
 
-        // 使用eiToken， 设置token缓存有效时间
+        // 生成token
+        String token = JwtUtil.sign(username, syspassword);
+        // 设置token缓存有效时间
         redisUtil.set(CommonConstant.PREFIX_USER_TOKEN + token, token);
         redisUtil.expire(CommonConstant.PREFIX_USER_TOKEN + token, JwtUtil.EXPIRE_TIME * 2 / 1000);
         obj.put("token", token);
@@ -768,12 +902,16 @@ public class SSOLoginLogoutController {
 //        response.setHeader("Set-Cookie", String.format("EIToken=%s; Max-Age=0; Path=/", ""));
         Cookie cookie = new Cookie("EIToken", "");
         Cookie cookie1 = new Cookie("WISEUser", "");
+        Cookie cookie2 = new Cookie("SSORole", "");
         cookie.setMaxAge(0);
         cookie1.setMaxAge(0);
+        cookie2.setMaxAge(0);
         cookie.setPath("/");
         cookie1.setPath("/");
+        cookie2.setPath("/");
         response.addCookie(cookie);
         response.addCookie(cookie1);
+        response.addCookie(cookie2);
 
         //用户退出逻辑
         String token = request.getHeader(CommonConstant.X_ACCESS_TOKEN);