From 1ff3807725d2df5d4daa7b062cec5a240fb08e52 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A2=A8=E5=A4=A7=E5=8F=94?= <494979559@qq.com> Date: Sat, 27 Jul 2024 14:30:08 +0800 Subject: [PATCH] =?UTF-8?q?=E4=B8=B4=E6=97=B6=E6=8F=90=E4=BA=A4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../common/core/domain/model/LoginUser.java | 11 ++-- .../framework/config/SecurityConfig.java | 2 +- .../filter/JwtAuthenticationTokenFilter.java | 7 ++- .../web/service/SysLoginService.java | 7 +++ .../web/service/SysPermissionService.java | 29 +++++++++- .../web/service/UserDetailsServiceImpl.java | 2 +- .../impl/TransactionBillServiceImpl.java | 6 ++ .../ruoyi/ss/wxPay/service/WxPayService.java | 4 -- .../controller/system/SysLoginController.java | 57 +++++++++++++++---- 9 files changed, 100 insertions(+), 25 deletions(-) diff --git a/smart-switch-ruoyi/smart-switch-common/src/main/java/com/ruoyi/common/core/domain/model/LoginUser.java b/smart-switch-ruoyi/smart-switch-common/src/main/java/com/ruoyi/common/core/domain/model/LoginUser.java index 859e757a..3fa21f70 100644 --- a/smart-switch-ruoyi/smart-switch-common/src/main/java/com/ruoyi/common/core/domain/model/LoginUser.java +++ b/smart-switch-ruoyi/smart-switch-common/src/main/java/com/ruoyi/common/core/domain/model/LoginUser.java @@ -11,7 +11,7 @@ import java.util.Set; /** * 登录用户身份权限 - * + * * @author ruoyi */ public class LoginUser implements UserDetails @@ -119,10 +119,11 @@ public class LoginUser implements UserDetails this.permissions = permissions; } - public LoginUser(Long userId, SmUser smUser) { + public LoginUser(Long userId, SmUser smUser, Set permissions) { this.loginType = LoginType.FRONT; this.userId = userId; this.smUser = smUser; + this.permissions = permissions; } public Long getUserId() @@ -186,7 +187,7 @@ public class LoginUser implements UserDetails /** * 指定用户是否解锁,锁定的用户无法进行身份验证 - * + * * @return */ @JSONField(serialize = false) @@ -198,7 +199,7 @@ public class LoginUser implements UserDetails /** * 指示是否已过期的用户的凭据(密码),过期的凭据防止认证 - * + * * @return */ @JSONField(serialize = false) @@ -210,7 +211,7 @@ public class LoginUser implements UserDetails /** * 是否可用 ,禁用的用户不能身份验证 - * + * * @return */ @JSONField(serialize = false) diff --git a/smart-switch-ruoyi/smart-switch-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java b/smart-switch-ruoyi/smart-switch-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java index 9238f3a6..e80bd1ed 100644 --- a/smart-switch-ruoyi/smart-switch-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java +++ b/smart-switch-ruoyi/smart-switch-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java @@ -114,7 +114,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter // 过滤请求 .authorizeRequests() // 对于登录login 注册register 验证码captchaImage 允许匿名访问 - .antMatchers("/login", "/register","/app/**", "/captchaImage").permitAll() + .antMatchers("/login", "/register","/app/**", "/captchaImage", "/userLogin").permitAll() // 静态资源,可匿名访问 .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll() .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll() diff --git a/smart-switch-ruoyi/smart-switch-framework/src/main/java/com/ruoyi/framework/security/filter/JwtAuthenticationTokenFilter.java b/smart-switch-ruoyi/smart-switch-framework/src/main/java/com/ruoyi/framework/security/filter/JwtAuthenticationTokenFilter.java index 3e98a854..de82c651 100644 --- a/smart-switch-ruoyi/smart-switch-framework/src/main/java/com/ruoyi/framework/security/filter/JwtAuthenticationTokenFilter.java +++ b/smart-switch-ruoyi/smart-switch-framework/src/main/java/com/ruoyi/framework/security/filter/JwtAuthenticationTokenFilter.java @@ -11,6 +11,7 @@ import com.ruoyi.common.constant.CacheConstants; import com.ruoyi.common.constant.Constants; import com.ruoyi.common.core.redis.RedisCache; import com.ruoyi.framework.security.domain.AccessLoginUser; +import com.ruoyi.framework.web.service.SysPermissionService; import com.ruoyi.ss.access.domain.AccessVO; import com.ruoyi.ss.access.service.AccessService; import com.ruoyi.ss.user.domain.SmUserVo; @@ -42,9 +43,13 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter @Autowired private ISmUserService userService; + @Autowired private RedisCache redisCache; + @Autowired + private SysPermissionService permissionService; + @Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws ServletException, IOException @@ -98,7 +103,7 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter if (user == null) { return null; } - LoginUser loginUser = new LoginUser(user.getUserId(), user); + LoginUser loginUser = new LoginUser(user.getUserId(), user, permissionService.getMenuPermission(user)); accessLoginUser.setLoginUser(loginUser); // 放入缓存中 diff --git a/smart-switch-ruoyi/smart-switch-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java b/smart-switch-ruoyi/smart-switch-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java index 9ed5a1c5..a13a7e84 100644 --- a/smart-switch-ruoyi/smart-switch-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java +++ b/smart-switch-ruoyi/smart-switch-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java @@ -360,4 +360,11 @@ public class SysLoginService WxMaPhoneNumberInfo wxMaPhoneNumberInfo = JSONObject.parseObject(phoneInfo, WxMaPhoneNumberInfo.class); return wxMaPhoneNumberInfo.getPhoneNumber(); } + + public String userLogin(String username, String password, String code, String uuid) { + // 验证码校验 + validateCaptcha(username, code, uuid); + // 登录 + return this.appLogin(username, password); + } } diff --git a/smart-switch-ruoyi/smart-switch-framework/src/main/java/com/ruoyi/framework/web/service/SysPermissionService.java b/smart-switch-ruoyi/smart-switch-framework/src/main/java/com/ruoyi/framework/web/service/SysPermissionService.java index d1fb4ed8..16f722ab 100644 --- a/smart-switch-ruoyi/smart-switch-framework/src/main/java/com/ruoyi/framework/web/service/SysPermissionService.java +++ b/smart-switch-ruoyi/smart-switch-framework/src/main/java/com/ruoyi/framework/web/service/SysPermissionService.java @@ -3,6 +3,8 @@ package com.ruoyi.framework.web.service; import java.util.HashSet; import java.util.List; import java.util.Set; + +import com.ruoyi.common.core.domain.entity.SmUser; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; import org.springframework.util.CollectionUtils; @@ -13,7 +15,7 @@ import com.ruoyi.system.service.ISysRoleService; /** * 用户权限处理 - * + * * @author ruoyi */ @Component @@ -27,7 +29,7 @@ public class SysPermissionService /** * 获取角色数据权限 - * + * * @param user 用户信息 * @return 角色权限信息 */ @@ -46,9 +48,20 @@ public class SysPermissionService return roles; } + /** + * 获取角色数据权限 + * + * @param user 用户信息 + * @return 角色权限信息 + */ + public Set getRolePermission(SmUser user) { + return new HashSet<>(); + } + + /** * 获取菜单数据权限 - * + * * @param user 用户信息 * @return 菜单权限信息 */ @@ -80,4 +93,14 @@ public class SysPermissionService } return perms; } + + public Set getMenuPermission(SmUser user) { + Set perms = new HashSet(); + // 若是商户,则有商户后台权限 + if (user.getIsMch() != null && user.getIsMch()) { + perms.add("mch:*:*"); + } + return perms; + } + } diff --git a/smart-switch-ruoyi/smart-switch-framework/src/main/java/com/ruoyi/framework/web/service/UserDetailsServiceImpl.java b/smart-switch-ruoyi/smart-switch-framework/src/main/java/com/ruoyi/framework/web/service/UserDetailsServiceImpl.java index 32e135b4..cdecd276 100644 --- a/smart-switch-ruoyi/smart-switch-framework/src/main/java/com/ruoyi/framework/web/service/UserDetailsServiceImpl.java +++ b/smart-switch-ruoyi/smart-switch-framework/src/main/java/com/ruoyi/framework/web/service/UserDetailsServiceImpl.java @@ -127,6 +127,6 @@ public class UserDetailsServiceImpl implements UserDetailsService } public UserDetails createLoginUser(SmUser user) { - return new LoginUser(user.getUserId(), user); + return new LoginUser(user.getUserId(), user, permissionService.getMenuPermission(user)); } } diff --git a/smart-switch-service/src/main/java/com/ruoyi/ss/transactionBill/service/impl/TransactionBillServiceImpl.java b/smart-switch-service/src/main/java/com/ruoyi/ss/transactionBill/service/impl/TransactionBillServiceImpl.java index 1547a22c..b371004c 100644 --- a/smart-switch-service/src/main/java/com/ruoyi/ss/transactionBill/service/impl/TransactionBillServiceImpl.java +++ b/smart-switch-service/src/main/java/com/ruoyi/ss/transactionBill/service/impl/TransactionBillServiceImpl.java @@ -330,6 +330,12 @@ public class TransactionBillServiceImpl implements TransactionBillService { ServiceUtil.assertion(suit == null, "套餐不存在"); order.setSuitName(suit.getName()); + // 用户信息 + SmUserVo user = userService.selectSmUserByUserId(data.getUserId()); + ServiceUtil.assertion(user == null, "用户不存在"); + ServiceUtil.assertion(user.getWxOpenId() == null, "用户微信openId为空"); + order.setAccountNo(user.getWxOpenId()); + // 支付过期时间 long expireTime = TimeUnit.MILLISECONDS.convert(Constants.BILL_UNPAID_TIMEOUT, Constants.BILL_UNPAID_TIMEUNIT) + System.currentTimeMillis(); order.setExpireTime(new Date(expireTime)); diff --git a/smart-switch-service/src/main/java/com/ruoyi/ss/wxPay/service/WxPayService.java b/smart-switch-service/src/main/java/com/ruoyi/ss/wxPay/service/WxPayService.java index 93ef462d..4f769bde 100644 --- a/smart-switch-service/src/main/java/com/ruoyi/ss/wxPay/service/WxPayService.java +++ b/smart-switch-service/src/main/java/com/ruoyi/ss/wxPay/service/WxPayService.java @@ -108,10 +108,6 @@ public class WxPayService implements IWxPayService { ServiceUtil.assertion(!TransactionBillStatus.UNPAID.getStatus().equals(bill.getStatus()), "只能支付未支付的订单"); ServiceUtil.assertion(!TransactionBillType.RECHARGE.getType().equals(bill.getType()), "只能支付充值订单"); - SmUserVo user = smUserService.selectSmUserByUserId(bill.getUserId()); - ServiceUtil.assertion(user == null, "用户不存在"); - ServiceUtil.assertion(user.getWxOpenId() == null, "用户微信openId为空"); - // 获取JSAPI所需参数 // PrepayRequest request = new PrepayRequest(); // request.setAmount(getAmount(bill.getMoney())); diff --git a/smart-switch-web/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java b/smart-switch-web/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java index 23c24d6d..c2a4ebd0 100644 --- a/smart-switch-web/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java +++ b/smart-switch-web/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java @@ -3,6 +3,9 @@ package com.ruoyi.web.controller.system; import java.util.List; import java.util.Set; +import com.ruoyi.common.core.domain.entity.SmUser; +import com.ruoyi.common.core.domain.model.LoginUser; +import com.ruoyi.common.enums.LoginType; import io.swagger.annotations.ApiOperation; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.GetMapping; @@ -19,9 +22,11 @@ import com.ruoyi.framework.web.service.SysLoginService; import com.ruoyi.framework.web.service.SysPermissionService; import com.ruoyi.system.service.ISysMenuService; +import static oshi.util.UserGroupInfo.getUser; + /** * 登录验证 - * + * * @author ruoyi */ @RestController @@ -38,7 +43,7 @@ public class SysLoginController /** * 登录方法 - * + * * @param loginBody 登录信息 * @return 结果 */ @@ -53,29 +58,61 @@ public class SysLoginController return ajax; } + /** + * 普通用户登录方法 + * + * @param loginBody 登录信息 + * @return 结果 + */ + @PostMapping("/userLogin") + public AjaxResult userLogin(@RequestBody LoginBody loginBody) + { + AjaxResult ajax = AjaxResult.success(); + // 生成令牌 + String token = loginService.userLogin(loginBody.getUsername(), loginBody.getPassword(), loginBody.getCode(), + loginBody.getUuid()); + ajax.put(Constants.TOKEN, token); + return ajax; + } + /** * 获取用户信息 - * + * * @return 用户信息 */ @GetMapping("getInfo") public AjaxResult getInfo() { - SysUser user = SecurityUtils.getLoginUser().getUser(); - // 角色集合 - Set roles = permissionService.getRolePermission(user); - // 权限集合 - Set permissions = permissionService.getMenuPermission(user); AjaxResult ajax = AjaxResult.success(); - ajax.put("user", user); + LoginUser loginUser = SecurityUtils.getLoginUser(); + + // 角色集合 + Set roles = null; + // 权限集合 + Set permissions = null; + // 管理员 + if (LoginType.ADMIN.equals(loginUser.getLoginType())) { + SysUser user = loginUser.getUser(); + roles = permissionService.getRolePermission(user); + permissions = permissionService.getMenuPermission(user); + ajax.put("user", user); + } + // 普通用户 + else { + SmUser user = loginUser.getSmUser(); + roles = permissionService.getRolePermission(user); + permissions = permissionService.getMenuPermission(user); + ajax.put("user", user); + } ajax.put("roles", roles); ajax.put("permissions", permissions); + ajax.put("userType", loginUser.getLoginType().getType()); return ajax; } /** * 获取路由信息 - * + * * @return 路由信息 */ @GetMapping("getRouters")