| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234 |
- package org.dromara.web.controller;
- import cn.dev33.satoken.annotation.SaIgnore;
- import cn.dev33.satoken.exception.NotLoginException;
- import cn.hutool.core.codec.Base64;
- import cn.hutool.core.collection.CollUtil;
- import cn.hutool.core.util.ObjectUtil;
- import jakarta.servlet.http.HttpServletRequest;
- import lombok.RequiredArgsConstructor;
- import lombok.extern.slf4j.Slf4j;
- import me.zhyd.oauth.model.AuthResponse;
- import me.zhyd.oauth.model.AuthUser;
- import me.zhyd.oauth.request.AuthRequest;
- import me.zhyd.oauth.utils.AuthStateUtils;
- import org.dromara.common.core.constant.UserConstants;
- import org.dromara.common.core.domain.R;
- import org.dromara.common.core.domain.model.LoginBody;
- import org.dromara.common.core.domain.model.RegisterBody;
- import org.dromara.common.core.domain.model.SocialLoginBody;
- import org.dromara.common.core.utils.*;
- import org.dromara.common.encrypt.annotation.ApiEncrypt;
- import org.dromara.common.json.utils.JsonUtils;
- import org.dromara.common.satoken.utils.LoginHelper;
- import org.dromara.common.social.config.properties.SocialLoginConfigProperties;
- import org.dromara.common.social.config.properties.SocialProperties;
- import org.dromara.common.social.utils.SocialUtils;
- import org.dromara.common.tenant.helper.TenantHelper;
- import org.dromara.common.websocket.dto.WebSocketMessageDto;
- import org.dromara.common.websocket.utils.WebSocketUtils;
- import org.dromara.system.domain.bo.SysTenantBo;
- import org.dromara.system.domain.vo.SysClientVo;
- import org.dromara.system.domain.vo.SysTenantVo;
- import org.dromara.system.service.ISysClientService;
- import org.dromara.system.service.ISysConfigService;
- import org.dromara.system.service.ISysSocialService;
- import org.dromara.system.service.ISysTenantService;
- import org.dromara.web.domain.vo.LoginTenantVo;
- import org.dromara.web.domain.vo.LoginVo;
- import org.dromara.web.domain.vo.TenantListVo;
- import org.dromara.web.service.IAuthStrategy;
- import org.dromara.web.service.SysLoginService;
- import org.dromara.web.service.SysRegisterService;
- import org.springframework.validation.annotation.Validated;
- import org.springframework.web.bind.annotation.*;
- import java.net.URL;
- import java.nio.charset.StandardCharsets;
- import java.util.HashMap;
- import java.util.List;
- import java.util.Map;
- import java.util.concurrent.ScheduledExecutorService;
- import java.util.concurrent.TimeUnit;
- /**
- * 认证
- *
- * @author Lion Li
- */
- @Slf4j
- @SaIgnore
- @RequiredArgsConstructor
- @RestController
- @RequestMapping("/auth")
- public class AuthController {
- private final SocialProperties socialProperties;
- private final SysLoginService loginService;
- private final SysRegisterService registerService;
- private final ISysConfigService configService;
- private final ISysTenantService tenantService;
- private final ISysSocialService socialUserService;
- private final ISysClientService clientService;
- private final ScheduledExecutorService scheduledExecutorService;
- /**
- * 登录方法
- *
- * @param body 登录信息
- * @return 结果
- */
- @ApiEncrypt
- @PostMapping("/login")
- public R<LoginVo> login(@RequestBody String body) {
- LoginBody loginBody = JsonUtils.parseObject(body, LoginBody.class);
- ValidatorUtils.validate(loginBody);
- // 授权类型和客户端id
- String clientId = loginBody.getClientId();
- String grantType = loginBody.getGrantType();
- SysClientVo client = clientService.queryByClientId(clientId);
- // 查询不到 client 或 client 内不包含 grantType
- if (ObjectUtil.isNull(client) || !StringUtils.contains(client.getGrantType(), grantType)) {
- log.info("客户端id: {} 认证类型:{} 异常!.", clientId, grantType);
- return R.fail(MessageUtils.message("auth.grant.type.error"));
- } else if (!UserConstants.NORMAL.equals(client.getStatus())) {
- return R.fail(MessageUtils.message("auth.grant.type.blocked"));
- }
- // 校验租户
- loginService.checkTenant(loginBody.getTenantId());
- // 登录
- LoginVo loginVo = IAuthStrategy.login(body, client, grantType);
- Long userId = LoginHelper.getUserId();
- scheduledExecutorService.schedule(() -> {
- WebSocketMessageDto dto = new WebSocketMessageDto();
- dto.setMessage("欢迎登录RuoYi-Vue-Plus后台管理系统");
- dto.setSessionKeys(List.of(userId));
- WebSocketUtils.publishMessage(dto);
- }, 3, TimeUnit.SECONDS);
- return R.ok(loginVo);
- }
- /**
- * 第三方登录请求
- *
- * @param source 登录来源
- * @return 结果
- */
- @GetMapping("/binding/{source}")
- public R<String> authBinding(@PathVariable("source") String source,
- @RequestParam String tenantId, @RequestParam String domain) {
- SocialLoginConfigProperties obj = socialProperties.getType().get(source);
- if (ObjectUtil.isNull(obj)) {
- return R.fail(source + "平台账号暂不支持");
- }
- AuthRequest authRequest = SocialUtils.getAuthRequest(source, socialProperties);
- Map<String, String> map = new HashMap<>();
- map.put("tenantId", tenantId);
- map.put("domain", domain);
- map.put("state", AuthStateUtils.createState());
- String authorizeUrl = authRequest.authorize(Base64.encode(JsonUtils.toJsonString(map), StandardCharsets.UTF_8));
- return R.ok("操作成功", authorizeUrl);
- }
- /**
- * 第三方登录回调业务处理 绑定授权
- *
- * @param loginBody 请求体
- * @return 结果
- */
- @PostMapping("/social/callback")
- public R<Void> socialCallback(@RequestBody SocialLoginBody loginBody) {
- // 获取第三方登录信息
- AuthResponse<AuthUser> response = SocialUtils.loginAuth(
- loginBody.getSource(), loginBody.getSocialCode(),
- loginBody.getSocialState(), socialProperties);
- AuthUser authUserData = response.getData();
- // 判断授权响应是否成功
- if (!response.ok()) {
- return R.fail(response.getMsg());
- }
- loginService.socialRegister(authUserData);
- return R.ok();
- }
- /**
- * 取消授权
- *
- * @param socialId socialId
- */
- @DeleteMapping(value = "/unlock/{socialId}")
- public R<Void> unlockSocial(@PathVariable Long socialId) {
- Boolean rows = socialUserService.deleteWithValidById(socialId);
- return rows ? R.ok() : R.fail("取消授权失败");
- }
- /**
- * 退出登录
- */
- @PostMapping("/logout")
- public R<Void> logout() {
- loginService.logout();
- return R.ok("退出成功");
- }
- /**
- * 用户注册
- */
- @ApiEncrypt
- @PostMapping("/register")
- public R<Void> register(@Validated @RequestBody RegisterBody user) {
- if (!configService.selectRegisterEnabled(user.getTenantId())) {
- return R.fail("当前系统没有开启注册功能!");
- }
- registerService.register(user);
- return R.ok();
- }
- /**
- * 登录页面租户下拉框
- *
- * @return 租户列表
- */
- @GetMapping("/tenant/list")
- public R<LoginTenantVo> tenantList(HttpServletRequest request) throws Exception {
- // 返回对象
- LoginTenantVo result = new LoginTenantVo();
- boolean enable = TenantHelper.isEnable();
- result.setTenantEnabled(enable);
- // 如果未开启租户这直接返回
- if (!enable) {
- return R.ok(result);
- }
- List<SysTenantVo> tenantList = tenantService.queryList(new SysTenantBo());
- List<TenantListVo> voList = MapstructUtils.convert(tenantList, TenantListVo.class);
- try {
- // 如果只超管返回所有租户
- if (LoginHelper.isSuperAdmin()) {
- result.setVoList(voList);
- return R.ok(result);
- }
- } catch (NotLoginException ignored) {
- }
- // 获取域名
- String host;
- String referer = request.getHeader("referer");
- if (StringUtils.isNotBlank(referer)) {
- // 这里从referer中取值是为了本地使用hosts添加虚拟域名,方便本地环境调试
- host = referer.split("//")[1].split("/")[0];
- } else {
- host = new URL(request.getRequestURL().toString()).getHost();
- }
- // 根据域名进行筛选
- List<TenantListVo> list = StreamUtils.filter(voList, vo ->
- StringUtils.equals(vo.getDomain(), host));
- result.setVoList(CollUtil.isNotEmpty(list) ? list : voList);
- return R.ok(result);
- }
- }
|
