组织机构和用户组相关功能

common/src/main/java/com/huaxu/SmartcityCommonApplication.java

@@ -0,0 +1,16 @@
+package com.huaxu;
+
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.context.ApplicationContext;
+
+@SpringBootApplication
+public class SmartcityCommonApplication {
+
+    public static void main(String[] args) {
+        ApplicationContext context = SpringApplication.run(SmartcityCommonApplication.class, args);
+
+    }
+
+}

user_auth/src/main/java/com/huaxu/controller/UserController.java

@@ -16,6 +16,7 @@ import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import io.swagger.annotations.ApiParam;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.oauth2.common.OAuth2AccessToken;
 import org.springframework.web.bind.annotation.*;
 import springfox.documentation.annotations.ApiIgnore;
 
@@ -125,13 +126,13 @@ public class UserController {
      */
     @RequestMapping(value = "login", method = RequestMethod.POST)
     @ApiOperation(value = "登录")
-    public AjaxMessage<List<UserDto>> login(String mobile,String smsCode) {
-        UserDto userDto=new UserDto();
-        userDto.setLoginName(mobile);
-        userDto.setSmsCode(smsCode);
-        List<UserDto> loginInfo = userService.login(userDto);
+    public AjaxMessage<OAuth2AccessToken> login(String mobile, String tenatId) {
+        User user=new User();
+        user.setPhone(mobile);
+        user.setTenantId(tenatId);
+      ;
 
-        return new AjaxMessage<>(ResultStatus.OK,loginInfo);
+        return new AjaxMessage<>(ResultStatus.OK,userService.chooseUser(user));
     }
     /**
      * 退出

user_auth/src/main/java/com/huaxu/dto/UserDto.java

@@ -14,4 +14,6 @@ public class UserDto {
     @ApiModelProperty(value="验证码")
     private String smsCode;
     private String loginName;
+    @ApiModelProperty(value="验证码")
+    private String tenatId;
 }

user_auth/src/main/java/com/huaxu/entity/UimsUserGroupRole.java

@@ -0,0 +1,54 @@
+package com.huaxu.entity;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+import java.io.Serializable;
+import java.util.Date;
+
+/**
+ * 用户组角色(UimsUserGroupRole)实体类
+ *
+ * @author makejava
+ * @since 2020-10-28 17:08:31
+ */
+@Data
+@ApiModel
+public class UimsUserGroupRole implements Serializable {
+    private static final long serialVersionUID = -76039759427885054L;
+    /**
+     * 主键
+     */
+    @ApiModelProperty(value = "主键")
+    private Integer id;
+    /**
+     * 用户组ID
+     */
+    @ApiModelProperty(value = "用户组ID")
+    private Integer userGroupId;
+    /**
+     * 角色ID
+     */
+    @ApiModelProperty(value = "角色ID")
+    private Integer roleId;
+    /**
+     * 数据删除标记
+     */
+    @ApiModelProperty(value = "数据删除标记")
+    private Integer status;
+    /**
+     * 创建时间
+     */
+    @ApiModelProperty(value = "创建时间")
+    private Date dateCreate;
+    /**
+     * 创建人
+     */
+    @ApiModelProperty(value = "创建人")
+    private String createBy;
+    @ApiModelProperty(value = "")
+    private Date dateUpdate;
+    @ApiModelProperty(value = "")
+    private String updateBy;
+}

user_auth/src/main/java/com/huaxu/security/config/ResourceServerConfig.java

@@ -42,7 +42,7 @@ public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
                 .authorizeRequests()
                 .antMatchers("/sms/**","/statics/**","/validateCode/image").permitAll()
                 .antMatchers("/swagger-ui.html","/webjars/**", "/webjars/**", "/swagger-resources/**",
-                        "/v2/**","/user/login"
+                        "/v2/**"
                         )
                 .permitAll() //配置不需要身份认证的请求路径
                 .anyRequest().authenticated(); //其他所有访问路径都需要身份认证

user_auth/src/main/java/com/huaxu/security/smsCode/SmsCodeCheckUserFilter.java

@@ -49,7 +49,7 @@ public class SmsCodeCheckUserFilter extends OncePerRequestFilter {
                 StringUtils.equals("/user/mp/mobileLogin", request.getRequestURI()))
                 && StringUtils.equalsIgnoreCase(request.getMethod(), "post")) {
             try {
-                //validate(request);
+                validate(request);
             } catch (SmsCodeException e) {
                 userAuthenticationFailureHandler.onAuthenticationFailure(request, response, e);
                 return;
@@ -87,6 +87,17 @@ public class SmsCodeCheckUserFilter extends OncePerRequestFilter {
         }
 
 
+            String key = "smsCode:" +smsCode;
+            byte[] redisValidateCodeByte = redisUtil.get(key.getBytes());
+            if (redisValidateCodeByte == null) {
+                throw new SmsCodeException(ResultStatus.PHONE_VALIDATE_CODE_EXPIRED_ERROR);
+            } else {
+                String validateCode = (String) ByteArrayUtils.bytesToObject(redisValidateCodeByte).get();
+                if (!StringUtils.equals(validateCode, smsCode)) {
+                    throw new SmsCodeException(ResultStatus.PHONE_VALIDATE_CODE_ERROR_ERROR);
+                }
+            }
+
 
     }
 }

user_auth/src/main/java/com/huaxu/service/MyUserDetailService.java

@@ -40,15 +40,13 @@ public class MyUserDetailService implements UserDetailsService {
 
 
     @Override
-    public UserDetails loadUserByUsername(String userInfo) throws UsernameNotFoundException {
+    public UserDetails loadUserByUsername(String phone) throws UsernameNotFoundException {
 
-        User user = JSONObject.parseObject(userInfo, User.class);
+        User user =new User();
         //解析不到参数
-        if (user == null) {
-            throw new SecurityException(ResultStatus.PHONE_NUMBER_NOT_FOUND_ERROR);
-        }
+        user.setPhone(phone);
         //如果电话和租户值任意为空，设置条件使user查不出
-        if(StringUtils.isEmpty(user.getPhone())||StringUtils.isEmpty(user.getTenantId())){
+        if(StringUtils.isEmpty(user.getPhone())){
             user.setPhone("-1");
             user.setTenantId("-1");
         }
@@ -72,78 +70,16 @@ public class MyUserDetailService implements UserDetailsService {
     }
 
     public LoginUser getLoginUser(User user){
-       Set<GrantedAuthority> grantedAuthorities = new HashSet<>();
-        //角色必须是ROLE_开头，其余的是用户功能权限
-        /* List<Permission> permissionList =findPermission(user);
-        Integer permissionType = permissionList.get(0).getPermissionType();
-        List<ProgramItem> programItemList = newArrayList();
-        //获取数据权限
-        getDataPermission(permissionType,user,programItemList);
-        //分配功能权限
-        if (permissionList.size() > 0) {
-            for (Permission permission : permissionList) {
-                if(!StringUtils.equals("",permission.getPermission())){
-                    GrantedAuthority authority1 = new SimpleGrantedAuthority(permission.getPermission());
-                    grantedAuthorities.add(authority1);
-                }
-            }
-        }*/
-        GrantedAuthority authority1 = new SimpleGrantedAuthority("sys:menu:edit");
-        grantedAuthorities.add(authority1);
-        LoginUser loginUser = new LoginUser(user.getId(),user.getUsername(),user.getPhone(),user.getUserType(),user.getTenantId(),grantedAuthorities);
-        loginUser.setLoginToken(UUID.randomUUID().toString());
-       // loginUser.setProgramItemList(programItemList);
-        loginUser.setName(user.getUsername());
-        loginUser.setCompanyId(user.getCompanyOrgId());
-        loginUser.setDepartmentId(user.getDeptOrgId());
 
 
+
+        LoginUser loginUser = new LoginUser(null);
+
+        loginUser.setId(user.getId());
+
         return loginUser;
     }
-    private void getDataPermission(int permissionType,User user, List<ProgramItem> programItemList){
-
-        if(permissionType==1){
-            ProgramItem programItem=new ProgramItem();
-            programItem.setOrgId(user.getCompanyOrgId());
-            programItemList.add(programItem);
-        }else if(permissionType==2){
-            Map<Integer, List<Org>> allOrgs = getAllOrgs("公司");
-            getOrg(user.getCompanyOrgId(),allOrgs,programItemList);
-
-        }else if(permissionType==3){
-            ProgramItem programItem=new ProgramItem();
-            programItem.setOrgId(user.getDeptOrgId());
-            programItemList.add(programItem);
-        }else if(permissionType==4) {
-            Map<Integer, List<Org>> allOrgs = getAllOrgs("公司");
-            getOrg(user.getCompanyOrgId(),allOrgs,programItemList);
-
-        }else if(permissionType==5){
-            programItemList= userMapper.findOrgRole(user);
-        }
 
-    }
-    private    Map<Integer, List<Org>> getAllOrgs(String orgType){
-        Org org=new Org();
-        org.setOrgType(orgType);
-        List<Org> orgs = userMapper.findOrgs(org);
-        Map<Integer, List<Org>> collect = orgs.stream().
-                collect(Collectors.groupingBy(d -> d.getParentOrgId()));
-        return collect;
-    };
-    public void getOrg(Integer id, Map<Integer, List<Org>> collect,List<ProgramItem>programItemList){
-        List<Org> orgs = collect.get(id);
-        if(orgs!=null){
-            orgs.forEach(org->{
-                ProgramItem item=new ProgramItem();
-                item.setOrgId(org.getId());
-                item.setCode(org.getTenantId());
-                programItemList.add(item);
-                getOrg(org.getId(),collect,programItemList);
-
-            });
-        }
-    }
 
 }
 

user_auth/src/main/java/com/huaxu/service/UserService.java

@@ -4,6 +4,7 @@ import com.baomidou.mybatisplus.core.metadata.IPage;
 
 import com.huaxu.dto.UserDto;
 import com.huaxu.entity.User;
+import org.springframework.security.oauth2.common.OAuth2AccessToken;
 
 import java.util.List;
 
@@ -81,7 +82,7 @@ public interface UserService {
     IPage<User> selectPage(User user, IPage<User> page);
     User findUser(User user);
 
-    List<UserDto>login(UserDto dto);
+    OAuth2AccessToken chooseUser(User user);
     boolean logOut(String token);
 
 }

user_auth/src/main/java/com/huaxu/service/impl/UserServiceImpl.java

@@ -5,10 +5,12 @@ import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.huaxu.dao.UserMapper;
 import com.huaxu.dto.UserDto;
 import com.huaxu.entity.LoginLog;
+import com.huaxu.entity.Org;
 import com.huaxu.entity.User;
-import com.huaxu.model.AjaxMessage;
-import com.huaxu.model.ResultStatus;
+import com.huaxu.model.*;
+import com.huaxu.security.config.RedisTokenStore;
 import com.huaxu.security.exception.SecurityException;
+import com.huaxu.security.mobile.MobileLoginAuthenticationToken;
 import com.huaxu.security.smsCode.SmsCodeException;
 import com.huaxu.service.UserService;
 import com.huaxu.util.ByteArrayUtils;
@@ -16,11 +18,21 @@ import com.huaxu.util.RedisUtil;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 
+import org.springframework.data.redis.connection.RedisConnection;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.oauth2.common.OAuth2AccessToken;
+import org.springframework.security.oauth2.common.exceptions.UnapprovedClientAuthenticationException;
+import org.springframework.security.oauth2.provider.*;
+import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
 import org.springframework.security.oauth2.provider.token.ConsumerTokenServices;
 import org.springframework.stereotype.Service;
+import org.springframework.util.ReflectionUtils;
 
 import javax.servlet.http.HttpServletRequest;
-import java.util.List;
+import java.util.*;
+import java.util.stream.Collectors;
 
 /**
  * 用户(User表)服务实现类
@@ -38,6 +50,12 @@ public class UserServiceImpl implements UserService {
     private RedisUtil redisUtil;
     @Autowired
     private HttpServletRequest request;
+    @Autowired
+    private ClientDetailsService clientDetailsService;
+
+    @Autowired
+    private AuthorizationServerTokenServices authorizationServerTokenServices;
+
 
     /**
      * 通过ID查询单条数据
@@ -148,31 +166,103 @@ public class UserServiceImpl implements UserService {
 
 
     @Override
-    public List<UserDto> login(UserDto dto) {
+    public OAuth2AccessToken chooseUser(User user) {
 
-        List<UserDto> loginInfo = userMapper.findLoginInfo(dto);
-        if(loginInfo.size()==0){
-            throw new SecurityException(ResultStatus.PHONE_NUMBER_NOT_FOUND_ERROR);
-        }
-        if(!dto.getSmsCode().equals("20201023")){
-            String key = "smsCode:" + dto.getLoginName();
-            byte[] redisValidateCodeByte = redisUtil.get(key.getBytes());
-            if (redisValidateCodeByte == null) {
-                throw new SmsCodeException(ResultStatus.PHONE_VALIDATE_CODE_EXPIRED_ERROR);
-            } else {
-                String validateCode = (String) ByteArrayUtils.bytesToObject(redisValidateCodeByte).get();
-                if (!StringUtils.equals(validateCode, dto.getSmsCode())) {
-                    throw new SmsCodeException(ResultStatus.PHONE_VALIDATE_CODE_ERROR_ERROR);
+
+        user=findUser(user);
+        Set<GrantedAuthority> grantedAuthorities = new HashSet<>();
+        OAuth2Authentication oAuth2Authentication = (OAuth2Authentication) SecurityContextHolder.getContext().getAuthentication();
+        LoginUser loginUser = (LoginUser) oAuth2Authentication.getPrincipal();
+
+        //角色必须是ROLE_开头，其余的是用户功能权限
+        /* List<Permission> permissionList =findPermission(user);
+        Integer permissionType = permissionList.get(0).getPermissionType();
+        List<ProgramItem> programItemList = newArrayList();
+        //获取数据权限
+        getDataPermission(permissionType,user,programItemList);
+        //分配功能权限
+        if (permissionList.size() > 0) {
+            for (Permission permission : permissionList) {
+                if(!StringUtils.equals("",permission.getPermission())){
+                    GrantedAuthority authority1 = new SimpleGrantedAuthority(permission.getPermission());
+                    grantedAuthorities.add(authority1);
                 }
             }
+        }*/
+        GrantedAuthority authority1 = new SimpleGrantedAuthority("sys:menu:edit");
+        grantedAuthorities.add(authority1);
+        loginUser.setLoginToken(UUID.randomUUID().toString());
+        // loginUser.setProgramItemList(programItemList);
+        loginUser.setName(user.getUsername());
+        loginUser.setId(user.getId());
+        loginUser.setUsername(user.getUsername());
+        loginUser.setCompanyId(user.getCompanyOrgId());
+        loginUser.setDepartmentId(user.getDeptOrgId());
+        loginUser.setTenantId(user.getTenantId());
+        loginUser.setType(user.getUserType());
+        loginUser.setAuthorities(grantedAuthorities);
+        MobileLoginAuthenticationToken authenticationTokenReslut = new MobileLoginAuthenticationToken(loginUser,oAuth2Authentication.getCredentials(),loginUser.getAuthorities());
+        authenticationTokenReslut.setDetails(oAuth2Authentication.getDetails());
+        OAuth2Authentication oAuth2AuthenticationNew = new OAuth2Authentication(oAuth2Authentication.getOAuth2Request(), authenticationTokenReslut);
+
+        OAuth2AccessToken accessToken = authorizationServerTokenServices.createAccessToken(oAuth2AuthenticationNew);
+        //0404d87f-c25d-4947-b17a-0cb65210f5bb
+        //new RedisTokenStore()
+        return accessToken;
+    }
+
+    private void getDataPermission(int permissionType,User user, List<ProgramItem> programItemList){
+
+        if(permissionType==1){
+            ProgramItem programItem=new ProgramItem();
+            programItem.setOrgId(user.getCompanyOrgId());
+            programItemList.add(programItem);
+        }else if(permissionType==2){
+            Map<Integer, List<Org>> allOrgs = getAllOrgs("公司");
+            getOrg(user.getCompanyOrgId(),allOrgs,programItemList);
+
+        }else if(permissionType==3){
+            ProgramItem programItem=new ProgramItem();
+            programItem.setOrgId(user.getDeptOrgId());
+            programItemList.add(programItem);
+        }else if(permissionType==4) {
+            Map<Integer, List<Org>> allOrgs = getAllOrgs("公司");
+            getOrg(user.getCompanyOrgId(),allOrgs,programItemList);
+
+        }else if(permissionType==5){
+            programItemList= userMapper.findOrgRole(user);
         }
 
+    }
+    private    Map<Integer, List<Org>> getAllOrgs(String orgType){
+        Org org=new Org();
+        org.setOrgType(orgType);
+        List<Org> orgs = userMapper.findOrgs(org);
+        Map<Integer, List<Org>> collect = orgs.stream().
+                collect(Collectors.groupingBy(d -> d.getParentOrgId()));
+        return collect;
+    };
+    public void getOrg(Integer id, Map<Integer, List<Org>> collect,List<ProgramItem>programItemList){
+        List<Org> orgs = collect.get(id);
+        if(orgs!=null){
+            orgs.forEach(org->{
+                ProgramItem item=new ProgramItem();
+                item.setOrgId(org.getId());
+                item.setCode(org.getTenantId());
+                programItemList.add(item);
+                getOrg(org.getId(),collect,programItemList);
 
-        return loginInfo;
+            });
+        }
     }
+    private List<Permission>findPermission(User user){
+        List<Permission> permissionList = userMapper.findPermission(user);
 
+        return permissionList;
+    }
     @Override
     public boolean logOut(String token) {
+
         boolean flag=consumerTokenServices.revokeToken(token);
         return flag;
     }

user_center/src/main/java/com/huaxu/config/ResourceServerConfig.java

@@ -17,8 +17,7 @@ public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
                 .and()
                 .authorizeRequests()
                 .antMatchers("/swagger-ui.html","/webjars/**", "/webjars/**", "/swagger-resources/**",
-                        "/v2/**","/app/**","/user/**","/menu/**","/role/**","/org/**","/userGroup/**")
-                        "/v2/**","/app/**","/user/**","/menu/**","/loginLog/**","/operateLog/**","/excel/download/**")
+                       "/v2/**","/app/**","/user/**","/menu/**","/role/**","/org/**","/userGroup/**","/loginLog/**","/operateLog/**","/excel/download/**")
                 .permitAll() //配置不需要身份认证的请求路径
                 .anyRequest().authenticated() //其他所有访问路径都需要身份认证
                 .and()