del: 去掉手持

2023-08-16 10:44:51 +08:00
parent 35eb9ebd23
commit bdf3c0e75d
1 changed files with 0 additions and 92 deletions
--- a/nladmin-system/nlsso-server/src/main/java/org/nl/system/controller/secutiry/MobileAuthorizationController.java
+++ b/nladmin-system/nlsso-server/src/main/java/org/nl/system/controller/secutiry/MobileAuthorizationController.java
@@ -1,92 +0,0 @@
 package org.nl.system.controller.secutiry;
 import cn.dev33.satoken.annotation.SaIgnore;
 import cn.dev33.satoken.secure.SaSecureUtil;
 import cn.dev33.satoken.stp.SaLoginModel;
 import cn.dev33.satoken.stp.StpUtil;
 import com.alibaba.fastjson.JSON;
 import com.alibaba.fastjson.JSONObject;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.nl.common.exception.BadRequestException;
 import org.nl.common.utils.RedisUtils;
 import org.nl.common.utils.RsaUtils;
 import org.nl.common.utils.dto.CurrentUser;
 import org.nl.config.RsaProperties;
 import org.nl.system.service.role.ISysRoleService;
 import org.nl.system.service.secutiry.dto.AuthUserDto;
 import org.nl.system.service.user.ISysUserService;
 import org.nl.system.service.user.dao.SysUser;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 import javax.servlet.http.HttpServletRequest;
 import java.util.List;
 /**
 * @Author: lyd
 * @Description: 手持登录鉴权
 * @Date: 2023/7/31
 */
@Slf4j
@RestController
@RequestMapping("/api/pda")
@Api(tags = "手持：系统授权接口")
 public class MobileAuthorizationController {
    @Autowired
    private ISysUserService userService;
    @Autowired
    private ISysRoleService roleService;
    @ApiOperation("登录授权")
    @PostMapping(value = "/login")
    @SaIgnore
    public JSONObject login(@Validated @RequestBody AuthUserDto authUser, HttpServletRequest request) throws Exception {
        // 密码解密 - 前端的加密规则: encrypt（根据实际更改）
        String password = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey, authUser.getPassword());
        // 校验数据库
        // 根据用户名查询，在比对密码
        SysUser userInfo = userService.getOne(new LambdaQueryWrapper<SysUser>()
                .eq(SysUser::getUsername, authUser.getUsername())); // 拿不到已经抛出异常
        if (!userInfo.getPassword().equals(SaSecureUtil.md5BySalt(password, "salt"))) { // 这里需要密码加密
            throw new BadRequestException("账号或密码错误！");
        }
        // 获取权限列表 - 登录查找权限
        List<String> permissionList = roleService.getPermissionList((JSONObject) JSON.toJSON(userInfo));
        if (!userInfo.getIs_used()) {
            throw new BadRequestException("账号未激活");
        }
        // 登录输入，登出删除
        CurrentUser user = new CurrentUser();
        user.setId(userInfo.getUser_id());
        user.setUsername(userInfo.getUsername());
        user.setPresonName(userInfo.getPerson_name());
        user.setUser(userInfo);
        user.setPermissions(permissionList);
        // SaLoginModel 配置登录相关参数
        StpUtil.login(userInfo.getUser_id(), new SaLoginModel()
                .setDevice("PE")                // 此次登录的客户端设备类型, 用于[同端互斥登录]时指定此次登录的设备类型
                .setExtra("loginInfo", user)    // Token挂载的扩展参数 （此方法只有在集成jwt插件时才会生效）
        );
        // 返回 token 与 用户信息
        JSONObject jsonObject = new JSONObject();
 //        jsonObject.put("roles", permissionList);
        jsonObject.put("user", userInfo);
        JSONObject authInfo = new JSONObject(2) {{
            put("token", "Bearer " + StpUtil.getTokenValue());
            put("user", jsonObject);
        }};
        return authInfo;
    }
 }