登录信息调整

common/src/main/java/com/huaxu/model/LoginUser.java

@@ -40,11 +40,17 @@ public class LoginUser implements UserDetails {
     private String tenantId;
     @ApiModelProperty(value="用户权限类型")
     private Integer permissonType;
+    @ApiModelProperty(value="用户角色id")
+    private Integer roleId;
 
     @JsonIgnore
     private String LoginToken;
+
     //数据权限
     private List<ProgramItem> programItemList;
+    @JsonIgnore
+    //同一个手机号下的所有用户信息
+    private String userInfos;
 
 
 

user_auth/src/main/java/com/huaxu/controller/UserController.java

@@ -89,17 +89,23 @@ public class UserController {
     @ApiIgnore
     @GetMapping("/principal")
     @ApiOperation(value = "各子系统获取用户信息接口")
-    public Principal user(Principal principal)
+    public Principal user(Principal principal,HttpServletRequest request)
     {
+        LoginUser currentUser = UserUtil.getCurrentUser();
+        Integer roleId = currentUser.getRoleId();
+        String roleKey="disableRole:"+roleId;
+
+        byte[] bytes = redisUtil.get(roleKey.getBytes());
+        if(bytes!=null){
+            return null;
+        }
+       /* String authorization = request.getHeader("Authorization");
+        String token =authorization.substring(authorization.indexOf("Bearer")+6).trim();
+        redisUtil.setExpire("auth:"+token,60000);
+        redisUtil.setExpire("access:"+token,60000);*/
         return principal;
     }
 
 
-    @GetMapping("/logininfo")
-    @CrossOrigin(allowCredentials = "true")
-    @ApiOperation(value = "用户需要信息")
-    public AjaxMessage logininfo(String mobile, String smsCode) {
-        String info="登录调用接口地址：/user-auth/user/smsCodeLogin";
-        return new AjaxMessage<>(ResultStatus.OK,info);
-    }
+
 }

user_auth/src/main/java/com/huaxu/dto/UserDto.java

@@ -7,13 +7,15 @@ import lombok.Data;
 
 @Data
 public class UserDto {
-    @ApiModelProperty(value="用户")
-    private User user;
+    @ApiModelProperty(value="电话")
+    private String phone;
     @ApiModelProperty(value="租户")
-    private Tenant tenant;
-    @ApiModelProperty(value="验证码")
-    private String smsCode;
-    private String loginName;
-    @ApiModelProperty(value="验证码")
-    private String tenatId;
+    private String  tenantName;
+    @ApiModelProperty(value="租户id")
+    private Integer tenantId;
+    @ApiModelProperty(value="界面url")
+    private String webUrl;
+    @ApiModelProperty(value="logo")
+    private String logo;
+    private Integer id;
 }

user_auth/src/main/java/com/huaxu/security/MyAuthenticationSuccessHandler.java

@@ -1,5 +1,6 @@
 package com.huaxu.security;
 
+import com.alibaba.fastjson.JSONObject;
 import com.fasterxml.jackson.databind.ObjectMapper;
 
 import com.huaxu.dao.LoginLogMapper;
@@ -83,7 +84,10 @@ public class MyAuthenticationSuccessHandler extends SavedRequestAwareAuthenticat
 
         response.setContentType("application/json;charset=UTF-8");
         ObjectMapper objectMapper = new ObjectMapper();
-        AjaxMessage ajaxMessage = new AjaxMessage(ResultStatus.OK,token);
+        JSONObject result=new JSONObject();
+        result.put("token",token);
+        result.put("userInfos",loginUser.getUserInfos());
+        AjaxMessage ajaxMessage = new AjaxMessage(ResultStatus.OK,result);
 
 
 

user_auth/src/main/java/com/huaxu/service/MyUserDetailService.java

@@ -1,20 +1,19 @@
 package com.huaxu.service;
 
 
+
 import com.alibaba.fastjson.JSONObject;
 import com.huaxu.dao.UserMapper;
+import com.huaxu.dto.UserDto;
 import com.huaxu.model.LoginUser;
-import com.huaxu.entity.Org;
+
 import com.huaxu.entity.User;
-import com.huaxu.model.Permission;
-import com.huaxu.model.ProgramItem;
+
 import com.huaxu.model.ResultStatus;
 
 import com.huaxu.security.exception.SecurityException;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
@@ -32,8 +31,7 @@ import static com.google.common.collect.Lists.newArrayList;
 public class MyUserDetailService implements UserDetailsService {
 
 
-    @Autowired
-    private UserService userService;
+
 
     @Autowired
     private UserMapper userMapper;
@@ -42,43 +40,29 @@ public class MyUserDetailService implements UserDetailsService {
     @Override
     public UserDetails loadUserByUsername(String phone) throws UsernameNotFoundException {
 
-        User user =new User();
+        UserDto userDto=new UserDto();
         //解析不到参数
-        user.setPhone(phone);
+         userDto.setPhone(phone);
         //如果电话和租户值任意为空，设置条件使user查不出
-        if(StringUtils.isEmpty(user.getPhone())){
-            user.setPhone("-1");
-            user.setTenantId("-1");
-        }
-        user=userService.findUser(user);
-        if (user == null) {
-            throw new SecurityException(ResultStatus.PHONE_NUMBER_NOT_FOUND_ERROR);
-        }
+        if(StringUtils.isEmpty(phone)){
+            userDto.setPhone("-1");
 
-        //判断是否禁用
-        if (user.getEnableState().equals("1")) {
-            throw new SecurityException(ResultStatus.ACCESS_DISABLED_ERROR);
         }
+        List<UserDto> loginInfos = userMapper.findLoginInfo(userDto);
 
-        return getLoginUser(user);
-    }
-
-    private List<Permission>findPermission(User user){
-        List<Permission> permissionList = userMapper.findPermission(user);
+        if (loginInfos.size()==0) {
+            throw new SecurityException(ResultStatus.PHONE_NUMBER_NOT_FOUND_ERROR);
+        }
+        LoginUser loginUser = new LoginUser(null);
+        loginUser.setId(loginInfos.get(0).getId());
 
-        return permissionList;
+        loginUser.setUserInfos(JSONObject.toJSONString(loginInfos));
+        return loginUser;
     }
 
-    public LoginUser getLoginUser(User user){
 
 
 
-        LoginUser loginUser = new LoginUser(null);
-
-        loginUser.setId(user.getId());
-
-        return loginUser;
-    }
 
 
 }

user_auth/src/main/resources/application-dev.properties

@@ -61,8 +61,8 @@ spring.kafka.consumer.properties.spring.json.trusted.packages=*
 
 #nacos
 spring.cloud.nacos.discovery.server-addr=127.0.0.1:8848
-maxSendCodeNum=50
-getSendCodeMax=5
+maxSendCodeNum=3
+getSendCodeMax=2
 
 
 

user_auth/src/main/resources/mapper/UserMapper.xml

@@ -20,42 +20,7 @@
         <result property="dateUpdate" column="DATE_UPDATE" jdbcType="TIMESTAMP"/>
         <result property="updateBy" column="UPDATE_BY" jdbcType="VARCHAR"/>
     </resultMap>
-    <resultMap id="loginInfo" type="com.huaxu.dto.UserDto">
-        <association property="user" javaType="com.huaxu.entity.User">
-            <result property="id" column="ID" jdbcType="INTEGER"/>
-            <result property="tenantId" column="TENANT_ID" jdbcType="VARCHAR"/>
-            <result property="username" column="USERNAME" jdbcType="VARCHAR"/>
-            <result property="phone" column="PHONE" jdbcType="VARCHAR"/>
-            <result property="companyOrgId" column="COMPANY_ORG_ID" jdbcType="INTEGER"/>
-            <result property="deptOrgId" column="DEPT_ORG_ID" jdbcType="INTEGER"/>
-            <result property="photo" column="PHOTO" jdbcType="VARCHAR"/>
-            <result property="userType" column="USER_TYPE" jdbcType="VARCHAR"/>
-            <result property="enableState" column="ENABLE_STATE" jdbcType="VARCHAR"/>
-            <result property="remark" column="REMARK" jdbcType="VARCHAR"/>
-            <result property="email" column="EMAIL" jdbcType="VARCHAR"/>
-            <result property="status" column="STATUS" jdbcType="INTEGER"/>
-            <result property="dateCreate" column="DATE_CREATE" jdbcType="TIMESTAMP"/>
-            <result property="createBy" column="CREATE_BY" jdbcType="VARCHAR"/>
-            <result property="dateUpdate" column="DATE_UPDATE" jdbcType="TIMESTAMP"/>
-            <result property="updateBy" column="UPDATE_BY" jdbcType="VARCHAR"/>
-        </association>
-        <association property="tenant" javaType="com.huaxu.entity.Tenant">
-            <result property="id" column="ID" jdbcType="INTEGER"/>
-            <result property="tenantName" column="TENANT_NAME" jdbcType="VARCHAR"/>
-            <result property="code" column="CODE" jdbcType="VARCHAR"/>
-            <result property="logo" column="LOGO" jdbcType="VARCHAR"/>
-            <result property="webUrl" column="WEB_URL" jdbcType="VARCHAR"/>
-            <result property="startDate" column="START_DATE" jdbcType="TIMESTAMP"/>
-            <result property="endDate" column="END_DATE" jdbcType="TIMESTAMP"/>
-            <result property="tenantState" column="TENANT_STATE" jdbcType="INTEGER"/>
-            <result property="remark" column="REMARK" jdbcType="VARCHAR"/>
-            <result property="status" column="STATUS" jdbcType="INTEGER"/>
-            <result property="dateCreate" column="DATE_CREATE" jdbcType="TIMESTAMP"/>
-            <result property="createBy" column="CREATE_BY" jdbcType="VARCHAR"/>
-            <result property="dateUpdate" column="DATE_UPDATE" jdbcType="TIMESTAMP"/>
-            <result property="updateBy" column="UPDATE_BY" jdbcType="VARCHAR"/>
-        </association>
-    </resultMap>
+
 
     <!-- 基本字段 -->
     <sql id="Base_Column_List">
@@ -294,10 +259,11 @@
          </where>
 
     </select>
-    <select id="findLoginInfo" resultMap="loginInfo">
-        select a.PHONE,b.TENANT_NAME,b.CODE,b.WEB_URL from uims_user a left join uims_tenant b on
+    <select id="findLoginInfo" resultType="com.huaxu.dto.UserDto">
+        select a.id, a.PHONE,b.TENANT_NAME,b.id tenantId,b.WEB_URL ,b.LOGO
+        from uims_user a left join uims_tenant b on
         a.TENANT_ID=b.ID
-        where a.PHONE=#{loginName}
+        where a.PHONE=#{phone}
     </select>
 
 </mapper>

user_center/src/main/java/com/huaxu/controller/AppController.java

@@ -3,10 +3,7 @@ package com.huaxu.controller;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.huaxu.entity.App;
-import com.huaxu.model.AjaxMessage;
-import com.huaxu.model.LoginUser;
-import com.huaxu.model.Pagination;
-import com.huaxu.model.ResultStatus;
+import com.huaxu.model.*;
 import com.huaxu.service.AppService;
 import com.huaxu.util.UserUtil;
 import io.swagger.annotations.Api;
@@ -19,6 +16,8 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RestController;
 
+import java.util.List;
+
 /**
  * 应用(App)控制层
  *
@@ -48,6 +47,8 @@ public class AppController {
             @ApiParam(value = "设置配置", required = true) @RequestBody App app) {
         App result = appService.selectById(app.getId());
         LoginUser currentUser = UserUtil.getCurrentUser();
+        //数据权限如此获取
+        List<ProgramItem> programItemList = currentUser.getProgramItemList();
         return new AjaxMessage<>(ResultStatus.OK, result);
     }
 

user_center/src/main/java/com/huaxu/controller/RoleController.java

@@ -101,7 +101,7 @@ public class RoleController {
     }
     @RequestMapping(value = "findUsersByUserGroup", method = RequestMethod.POST)
     @ApiOperation(value = "查询角色对应user")
-    AjaxMessage<List<UserEntity>>  findUsersByRole(@ApiParam(value = "角色id", required = true)Integer id){
+    AjaxMessage<List<UserEntity>>  findUsersByRole(@ApiParam(value = "角色id", required = true)@RequestParam Integer id){
         Role role=new Role();
         role.setId(id);
         return new AjaxMessage<>(ResultStatus.OK,

user_center/src/main/java/com/huaxu/entity/Role.java

@@ -40,7 +40,7 @@ public class Role implements Serializable {
     /**
      * 角色状态
      */
-    @ApiModelProperty(value = "角色状态")
+    @ApiModelProperty(value = "角色状态",notes = "-1:禁用；0:启用")
     private Integer roleState;
     /**
      * 权限约束标记

user_center/src/main/java/com/huaxu/service/impl/RoleServiceImpl.java

@@ -10,6 +10,8 @@ import com.huaxu.dto.RoleRequestDto;
 import com.huaxu.entity.*;
 import com.huaxu.model.LoginUser;
 import com.huaxu.service.RoleService;
+import com.huaxu.util.ByteArrayUtils;
+import com.huaxu.util.RedisUtil;
 import com.huaxu.util.UserUtil;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
@@ -32,6 +34,8 @@ public class RoleServiceImpl implements RoleService {
     private RoleOrgMapper roleOrgMapper;
     @Autowired
     private RoleMenuMapper roleMenuMapper;
+    @Autowired
+    private RedisUtil redisUtil;
 
     /**
      * 通过ID查询单条数据
@@ -114,6 +118,16 @@ public class RoleServiceImpl implements RoleService {
             //删除用户与菜单关系
             roleMapper.deleteRoleMenu(role);
         }
+        //將禁用的角色放入redis，作为登出判断
+        if(role.getRoleState()==-1){
+            String roleKey="disableRole:"+role.getId();
+            redisUtil.setExpire(roleKey.getBytes(), ByteArrayUtils.objectToBytes("1").get(), 60*60*24);//15分钟过期
+
+        } if(role.getRoleState()==0){
+            String roleKey="disableRole:"+role.getId();
+            redisUtil.del(roleKey.getBytes());
+
+        }
         LoginUser currentUser = UserUtil.getCurrentUser();
         role.setUpdateBy(currentUser.getUsername());
         configDataPermission(roleRequestDto);

user_center/src/main/resources/application-dev.properties

@@ -43,6 +43,7 @@ security.oauth2.resource.id=smartcity-deivice-service
 security.oauth2.resource.user-info-uri=http://localhost:8321/user/principal
 security.oauth2.resource.prefer-token-info=false
 
+
 spring.servlet.multipart.max-file-size=100MB
 spring.servlet.multipart.max-request-size=100MB
 spring.servlet.multipart.location=${logging.path}/data