Skip to content

C
chnmuseum-party
Commit 85ff986c authored by wzp's avatar wzp
Browse files
Options

互动和日志修改

parent 6cbe2dd4
Show whitespace changes
Inline Side-by-side
Showing with 234 additions and 71 deletions
src/main/java/cn/wisenergy/chnmuseum/party/auth/realm/MyShiroRealm.java
View file @ 85ff986c
......@@ -6,6 +6,7 @@ import cn.wisenergy.chnmuseum.party.model.*;
import cn.wisenergy.chnmuseum.party.service.PermissionService;
import cn.wisenergy.chnmuseum.party.service.RolePermissionService;
import cn.wisenergy.chnmuseum.party.service.RoleService;
import cn.wisenergy.chnmuseum.party.service.TUserService;
import cn.wisenergy.chnmuseum.party.service.impl.EmployeeRoleServiceImpl;
import cn.wisenergy.chnmuseum.party.service.impl.EmployeeServiceImpl;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
......@@ -58,6 +59,9 @@ public class MyShiroRealm extends AuthorizingRealm {
@Resource
private StringRedisTemplate stringRedisTemplate;
@Resource
private TUserService userService;
/**
* 必须重写此方法,不然Shiro会报错
*/
......@@ -89,9 +93,9 @@ public class MyShiroRealm extends AuthorizingRealm {
// 通过username从数据库中查找
// 实际项目中,这里可以根据实际情况做缓存,如果不做,Shiro自己也是有时间间隔机制,2分钟内不会重复执行该方法
String employeeId = JwtTokenUtil.getEmployeeId(credentials);
Employee employee = this.employeeService.selectByEmpId(employeeId);
if (employee == null) {
String userId = JwtTokenUtil.getEmployeeId(credentials);
TUser user = userService.getById(userId);
if (user == null) {
throw new AuthenticationException("User does not exist!");
}
......@@ -99,7 +103,7 @@ public class MyShiroRealm extends AuthorizingRealm {
throw new AuthenticationException("token invalid");
}
return new SimpleAuthenticationInfo(new Employee(employee.getId(), credentials), credentials, getName());
return new SimpleAuthenticationInfo(new TUser(user.getId(), credentials), credentials, getName());
}
/**
......@@ -108,27 +112,29 @@ public class MyShiroRealm extends AuthorizingRealm {
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
System.out.println("权限认证方法:MyShiroRealm.doGetAuthorizationInfo()");
Employee employee = (Employee) principals.getPrimaryPrincipal();
Boolean hasToken = stringRedisTemplate.hasKey(SHIRO_JWT_TOKEN + employee.getJwtToken());
TUser user = (TUser) principals.getPrimaryPrincipal();
Boolean hasToken = stringRedisTemplate.hasKey(SHIRO_JWT_TOKEN + user.getJwtToken());
if (hasToken == null || !hasToken) {
throw new AuthenticationException("token invalid!");
}
String employeeId = JwtTokenUtil.getEmployeeId(employee.getJwtToken());
String userId = JwtTokenUtil.getEmployeeId(user.getJwtToken());
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
// 根据用户ID查询角色(role),放入到Authorization里。
Map<String, Object> map = new HashMap<>();
map.put("employee_id", employeeId);
List<EmployeeRole> employeeRoleList = this.employeeRoleService.listByMap(map);
List<Role> list = roleService.selectRoleByUserId(userId);
// // 根据用户ID查询角色(role),放入到Authorization里。
// Map<String, Object> map = new HashMap<>();
// map.put("user_id", userId);
// List<EmployeeRole> employeeRoleList = this.employeeRoleService.listByMap(map);
List<String> ridList = new LinkedList<>();
for (EmployeeRole employeeRole : employeeRoleList) {
ridList.add(employeeRole.getRoleId());
}
List<Role> roleList = this.roleService.listByIds(ridList);
// for (EmployeeRole employeeRole : employeeRoleList) {
// ridList.add(employeeRole.getRoleId());
// }
// List<Role> roleList = this.roleService.listByIds(ridList);
Set<String> roleSet = new HashSet<>();
for (Role role : roleList) {
for (Role role : list) {
roleSet.add(role.getAlias());
ridList.add(role.getId());
}
info.setRoles(roleSet);
......
src/main/java/cn/wisenergy/chnmuseum/party/web/controller/ChinaMobileRestApiController.java
View file @ 85ff986c
......@@ -7,8 +7,13 @@ import cn.wisenergy.chnmuseum.party.common.util.TimeUtils;
import cn.wisenergy.chnmuseum.party.common.vo.GenericPageParam;
import cn.wisenergy.chnmuseum.party.model.Employee;
import cn.wisenergy.chnmuseum.party.model.ExhibitionBoard;
import cn.wisenergy.chnmuseum.party.model.RunLog;
import cn.wisenergy.chnmuseum.party.model.TUser;
import cn.wisenergy.chnmuseum.party.service.ExhibitionBoardService;
import cn.wisenergy.chnmuseum.party.service.RunLogService;
import cn.wisenergy.chnmuseum.party.service.impl.EmployeeServiceImpl;
import cn.wisenergy.chnmuseum.party.service.impl.RunLogServiceImpl;
import cn.wisenergy.chnmuseum.party.service.impl.TUserServiceImpl;
import cn.wisenergy.chnmuseum.party.web.controller.base.BaseController;
import com.alibaba.fastjson.JSONObject;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
......@@ -20,6 +25,7 @@ import io.swagger.annotations.ApiOperation;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.DisabledAccountException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
......@@ -30,6 +36,7 @@ import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;
import javax.annotation.Resource;
import java.time.LocalDate;
import java.time.LocalDateTime;
import java.util.concurrent.TimeUnit;
......@@ -46,6 +53,12 @@ public class ChinaMobileRestApiController extends BaseController {
@Resource
private EmployeeServiceImpl employeeService;
@Resource
private TUserServiceImpl userService;
@Resource
private RunLogServiceImpl runLogService;
@Resource
private SysLogController sysLogController;
......@@ -58,6 +71,106 @@ public class ChinaMobileRestApiController extends BaseController {
//用户登录是否被锁定 一小时 redisKey 前缀
private static final String SHIRO_IS_LOCK = "shiro_is_lock_";
// /**
// * 管理员ajax登录请求 后端用户登录
// *
// * @param username
// * @param password
// * @return
// */
// @RequestMapping(value = "/user/webLogin", method = RequestMethod.POST)
// public ResponseEntity<JSONObject> login(@RequestParam(value = "username") String username,
// @RequestParam(value = "password") String password,
// @RequestParam(value = "boxNo") String boxNo) {
// JSONObject resultMap = new JSONObject(true);
// Employee employee;
// if (StringUtils.isNoneBlank(username)) {
// //访问一次,计数一次
// ValueOperations<String, String> opsForValue = stringRedisTemplate.opsForValue();
// if ("LOCK".equals(opsForValue.get(SHIRO_IS_LOCK + username))) {
// resultMap.put("status", 400);
// resultMap.put("message", "由于密码输入错误次数大于5次,12小时内帐号已禁止登录!请您联系相关管理人员,联系电话:13924551212,邮箱:325346534@zh.com。");
// return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(resultMap);
// }
// employee = employeeService.selectByUsername(username);
// if (employee == null) {
// resultMap.put("status", 500);
// resultMap.put("message", "用户名或密码不正确!");
// return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(resultMap);
// }
// try {
// byte[] salt = employee.getPasswordSalt();
// if (!new String(SHA256PasswordEncryptionService.createPasswordHash(password, salt)).equals(new String(employee.getPasswordHash()))) {
// opsForValue.increment(SHIRO_LOGIN_COUNT + username, 1);
// //计数大于5时,设置用户被锁定一小时
// String s = opsForValue.get(SHIRO_LOGIN_COUNT + username);
// if (StringUtils.isNotBlank(s)) {
// if (Integer.parseInt(s) >= 5) {
// opsForValue.set(SHIRO_IS_LOCK + username, "LOCK");
// stringRedisTemplate.expire(SHIRO_IS_LOCK + username, 12, TimeUnit.HOURS);
// }
// }
// throw new IncorrectCredentialsException("用户名或密码不正确!");
// }
// String token = JwtTokenUtil.sign(username, employee.getId());
// // 将token信息存入Redis
// stringRedisTemplate.opsForValue().set(SHIRO_JWT_TOKEN + token, employee.getId(), 240, TimeUnit.MINUTES);
//
// JSONObject jsonObject = new JSONObject(true);
// jsonObject.put("token", token);
// jsonObject.put("userId", employee.getId());
// jsonObject.put("userName", employee.getUsername());
// jsonObject.put("expire", TimeUtils.format(LocalDateTime.now().plusMinutes(240), TimeUtils.FORMAT_ONE));
// jsonObject.put("orgCode", "");
// jsonObject.put("orgName", "");
//
// resultMap.put("resultCode", 200);
// resultMap.put("message", "成功");
// resultMap.put("data", jsonObject);
// return ResponseEntity.status(HttpStatus.OK).body(resultMap);
// } catch (Exception e) {
// resultMap.put("status", 500);
// resultMap.put("message", e.getMessage());
// }
// }
// return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(resultMap);
// }
//
// @ApiOperation(value = "获取单个成员信息")
// @GetMapping(value = "/user/getUserInfo")
// public ResponseEntity<JSONObject> getById(String userId, @RequestHeader("token") String token) {
// try {
// Employee employee = employeeService.selectByEmpId(userId);
//
// if (null == employee) {
// return ResponseEntity.status(HttpStatus.NOT_FOUND).body(null);
// }
//
// JSONObject jsonObject = new JSONObject(true);
// jsonObject.put("token", token);
// jsonObject.put("userId", employee.getId());
// jsonObject.put("userName", employee.getUsername());
// long expire = stringRedisTemplate.getExpire(SHIRO_JWT_TOKEN + token) == null ? 0L : stringRedisTemplate.getExpire(SHIRO_JWT_TOKEN + token);
// jsonObject.put("expire", TimeUtils.format(LocalDateTime.now().plusMinutes(expire), TimeUtils.FORMAT_ONE));
//// BankBranchInfo bankBranch = this.employeeService.getById(Id);
//// if (bankBranch != null) {
//// employee.setBankBranchName(bankBranch.getName());
//// }
// jsonObject.put("orgCode", "");
// jsonObject.put("orgName", "");
//
// JSONObject resultMap = new JSONObject(true);
// resultMap.put("resultCode", 200);
// resultMap.put("message", "成功");
// resultMap.put("data", jsonObject);
// return ResponseEntity.ok(resultMap);
// } catch (Exception e) {
// logger.error("查询成员信息错误!", e);
// }
// return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(null);
// }
/**
* 管理员ajax登录请求 后端用户登录
*
......@@ -68,10 +181,12 @@ public class ChinaMobileRestApiController extends BaseController {
@RequestMapping(value = "/user/webLogin", method = RequestMethod.POST)
public ResponseEntity<JSONObject> login(@RequestParam(value = "username") String username,
@RequestParam(value = "password") String password,
@RequestParam(value = "boxNo") String boxNo) {
@RequestParam(value = "mac") String mac) {
JSONObject resultMap = new JSONObject(true);
Employee employee;
TUser user;
if (StringUtils.isNoneBlank(username)) {
try {
//访问一次,计数一次
ValueOperations<String, String> opsForValue = stringRedisTemplate.opsForValue();
if ("LOCK".equals(opsForValue.get(SHIRO_IS_LOCK + username))) {
......@@ -79,15 +194,25 @@ public class ChinaMobileRestApiController extends BaseController {
resultMap.put("message", "由于密码输入错误次数大于5次,12小时内帐号已禁止登录!请您联系相关管理人员,联系电话:13924551212,邮箱:325346534@zh.com。");
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(resultMap);
}
employee = employeeService.selectByUsername(username);
if (employee == null) {
user = userService.selectByUsername(username);
if (user == null) {
resultMap.put("status", 500);
resultMap.put("message", "用户名或密码不正确!");
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(resultMap);
}
try {
byte[] salt = employee.getPasswordSalt();
if (!new String(SHA256PasswordEncryptionService.createPasswordHash(password, salt)).equals(new String(employee.getPasswordHash()))) {
if ("2".equals(user.getStatus())) {
throw new DisabledAccountException("此帐号已禁用,请联系管理员!");
}
if (user.getPermanent() != null && !user.getPermanent()) {
if (user.getEffectiveDate().isAfter(LocalDate.now()) || user.getExiredDate().isBefore(LocalDate.now())) {
throw new DisabledAccountException("此帐号已失效,请联系管理员!");
}
}
byte[] salt = user.getPasswordSalt();
if (!new String(SHA256PasswordEncryptionService.createPasswordHash(password, salt)).equals(new String(user.getPasswordHash()))) {
opsForValue.increment(SHIRO_LOGIN_COUNT + username, 1);
//计数大于5时,设置用户被锁定一小时
String s = opsForValue.get(SHIRO_LOGIN_COUNT + username);
......@@ -99,24 +224,24 @@ public class ChinaMobileRestApiController extends BaseController {
}
throw new IncorrectCredentialsException("用户名或密码不正确!");
}
String token = JwtTokenUtil.sign(username, employee.getId());
String token = JwtTokenUtil.sign(username, user.getId());
// 将token信息存入Redis
stringRedisTemplate.opsForValue().set(SHIRO_JWT_TOKEN + token, employee.getId(), 240, TimeUnit.MINUTES);
stringRedisTemplate.opsForValue().set(SHIRO_JWT_TOKEN + token, user.getId(), 240, TimeUnit.MINUTES);
JSONObject jsonObject = new JSONObject(true);
jsonObject.put("token", token);
jsonObject.put("userId", employee.getId());
jsonObject.put("userName", employee.getUsername());
jsonObject.put("userId", user.getId());
jsonObject.put("userName", user.getUserName());
jsonObject.put("expire", TimeUtils.format(LocalDateTime.now().plusMinutes(240), TimeUtils.FORMAT_ONE));
jsonObject.put("orgCode", "");
jsonObject.put("orgName", "");
jsonObject.put("orgCode", user.getOrgId());
jsonObject.put("orgName", user.getOrgName());
resultMap.put("resultCode", 200);
resultMap.put("message", "成功");
resultMap.put("data", jsonObject);
return ResponseEntity.status(HttpStatus.OK).body(resultMap);
} catch (Exception e) {
resultMap.put("status", 500);
resultMap.put("resultCode", 500);
resultMap.put("message", e.getMessage());
}
}
......@@ -126,53 +251,78 @@ public class ChinaMobileRestApiController extends BaseController {
@ApiOperation(value = "获取单个成员信息")
@GetMapping(value = "/user/getUserInfo")
public ResponseEntity<JSONObject> getById(String userId, @RequestHeader("token") String token) {
JSONObject resultMap = new JSONObject(true);
try {
Employee employee = employeeService.selectByEmpId(userId);
TUser user = userService.getById(userId);
if (null == employee) {
if (null == user) {
resultMap.put("resultCode", 500);
resultMap.put("message", "用户不存在");
resultMap.put("data", "");
return ResponseEntity.status(HttpStatus.NOT_FOUND).body(null);
}
JSONObject jsonObject = new JSONObject(true);
jsonObject.put("token", token);
jsonObject.put("userId", employee.getId());
jsonObject.put("userName", employee.getUsername());
jsonObject.put("userId", user.getId());
jsonObject.put("userName", user.getUserName());
long expire = stringRedisTemplate.getExpire(SHIRO_JWT_TOKEN + token) == null ? 0L : stringRedisTemplate.getExpire(SHIRO_JWT_TOKEN + token);
jsonObject.put("expire", TimeUtils.format(LocalDateTime.now().plusMinutes(expire), TimeUtils.FORMAT_ONE));
// BankBranchInfo bankBranch = this.employeeService.getById(Id);
// if (bankBranch != null) {
// employee.setBankBranchName(bankBranch.getName());
// }
jsonObject.put("orgCode", "");
jsonObject.put("orgName", "");
//jsonObject.put("expire", TimeUtils.format(LocalDateTime.now().plusMinutes(expire), TimeUtils.FORMAT_ONE));
jsonObject.put("effectiveDate", user.getEffectiveDate());
jsonObject.put("expireDate", user.getExiredDate());
jsonObject.put("orgCode", user.getOrgId());
jsonObject.put("orgName", user.getOrgName());
JSONObject resultMap = new JSONObject(true);
resultMap.put("resultCode", 200);
resultMap.put("message", "成功");
resultMap.put("data", jsonObject);
return ResponseEntity.ok(resultMap);
} catch (Exception e) {
logger.error("查询成员信息错误!", e);
resultMap.put("resultCode", 500);
resultMap.put("message", "获取单个成员信息失败!");
}
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(null);
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(resultMap);
}
@RequestMapping(value = "/user/logout", method = RequestMethod.GET)
public ResponseEntity<JSONObject> logout(@RequestHeader(value = "token") String token) {
JSONObject resultMap = new JSONObject(true);
try {
if (StringUtils.isNotBlank(token)) {
SecurityUtils.getSubject().logout();
// SecurityUtils.getSubject().logout();
this.stringRedisTemplate.delete(SHIRO_JWT_TOKEN + token);
}
JSONObject resultMap = new JSONObject(true);
resultMap.put("resultCode", 200);
resultMap.put("message", "成功");
resultMap.put("data", "");
return ResponseEntity.status(HttpStatus.OK).body(resultMap);
} catch (Exception e) {
LOGGER.error("注销错误!", e);
resultMap.put("resultCode", 500);
resultMap.put("message", "注销错误!");
}
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(resultMap);
}
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).build();
/**
* 插入机顶盒日志表
*/
@ApiOperation(value = "插入机顶盒日志表", notes = "插入机顶盒日志表")
@PostMapping(value = "/insertRunLog")
public ResponseEntity<JSONObject> insertRunLog(RunLog runLog) {
JSONObject resultMap = new JSONObject();
try {
boolean b = runLogService.insertRunLog(runLog);
resultMap.put("resultCode", 200);
resultMap.put("message", "成功");
resultMap.put("data", "");
return ResponseEntity.status(HttpStatus.OK).body(resultMap);
} catch (Exception e) {
resultMap.put("resultCode", 500);
resultMap.put("message", "失败");
resultMap.put("data", "");
}
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(resultMap);
}
@ApiImplicitParams(value = {
......
src/main/java/cn/wisenergy/chnmuseum/party/web/controller/LoginController.java
View file @ 85ff986c
......@@ -32,6 +32,7 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.time.LocalDate;
import java.util.*;
import java.util.concurrent.TimeUnit;
......@@ -120,6 +121,8 @@ public class LoginController {
TUser user;
if (StringUtils.isNoneBlank(username)) {
try {
//访问一次,计数一次
ValueOperations<String, String> opsForValue = stringRedisTemplate.opsForValue();
if ("LOCK".equals(opsForValue.get(SHIRO_IS_LOCK + username))) {
......@@ -129,8 +132,6 @@ public class LoginController {
}
user = userService.selectByUsername(username);
List<Role> roles = roleService.selectRoleByUserId(user.getId());
user.setRoleList(roles);
if (user == null) {
resultMap.put("status", 500);
resultMap.put("message", "用户名或密码不正确!");
......@@ -141,11 +142,13 @@ public class LoginController {
throw new DisabledAccountException("此帐号已禁用,请联系管理员!");
}
// if (!user.getAllowLogin()) {
// throw new DisabledAccountException("您无权访问,请联系管理员!");
// }
if (user.getPermanent()!=null&&!user.getPermanent()) {
if (user.getEffectiveDate().isAfter(LocalDate.now())||user.getExiredDate().isBefore(LocalDate.now())) {
throw new DisabledAccountException("此帐号已失效,请联系管理员!");
}
}
try {
byte[] salt = user.getPasswordSalt();
String s1 = new String(SHA256PasswordEncryptionService.createPasswordHash(password, salt));
if (!new String(SHA256PasswordEncryptionService.createPasswordHash(password, salt)).equals(new String(user.getPasswordHash()))) {
......@@ -160,7 +163,8 @@ public class LoginController {
}
throw new IncorrectCredentialsException("用户名或密码不正确!");
}
List<Role> roles = roleService.selectRoleByUserId(user.getId());
user.setRoleList(roles);
//获取当前用户角色拥有菜单
List<Menu> userMenuPerms = new ArrayList<>();
if (roles.size() > 0) {
......
src/main/java/cn/wisenergy/chnmuseum/party/web/controller/RoleController.java
View file @ 85ff986c
......@@ -651,7 +651,7 @@ public class RoleController extends BaseController {
ew.eq("is_deleted", 0);
ew.eq("status", 1);
ew.orderByAsc("sortorder");
ew.orderByDesc("update_time");
ew.orderByDesc("create_time");
return ResponseEntity.ok(this.roleService.list(ew));
} catch (Exception e) {
LOGGER.error("查询角色列表出错!", e);
......
src/main/java/cn/wisenergy/chnmuseum/party/web/controller/SysLogController.java
View file @ 85ff986c
......@@ -31,8 +31,6 @@ import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.time.LocalDateTime;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
@RestController
......@@ -127,7 +125,7 @@ public class SysLogController extends BaseController {
/**
* 插入机顶盒日志表
*/
@ApiOperation(value = "插入系统日志", notes = "插入系统日志")
@ApiOperation(value = "插入机顶盒日志表", notes = "插入机顶盒日志表")
@PostMapping(value = "/insertRunLog")
public Boolean insertRunLog(RunLog runLog) {
boolean b = runLogService.insertRunLog(runLog);
......
src/main/java/cn/wisenergy/chnmuseum/party/web/controller/TInteractionController.java
View file @ 85ff986c
......@@ -124,9 +124,14 @@ public class TInteractionController extends BaseController {
@PostMapping("/getList")
@RequiresPermissions("/interaction/getList")
@ApiImplicitParams(value = {
@ApiImplicitParam(name = "_index", value = "分页起始偏移量", paramType = "query", dataType = "Integer"),
@ApiImplicitParam(name = "_size", value = "返回条数", paramType = "query", dataType = "Integer"),
@ApiImplicitParam(name = "orgId", value = "机构id", paramType = "query", dataType = "String")
})
@ApiOperation(value = "获取看板互动列表", notes = "获取看板互动列表")
public Map<String, Object> getTInteractionPageList(String orgId) {
List<TInteraction> list = tInteractionService.list(new UpdateWrapper<TInteraction>().eq("organ_id", orgId));
Page<TInteraction> list = tInteractionService.page(getPage(),new UpdateWrapper<TInteraction>().eq("organ_id", orgId));
return getResult(list);
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment