验证码实现

liuhaonan

2022-04-25 763789a6797ffe6ab09b4e2a35ed4a8d4a3b29c5

 ximon-admin/src/main/java/com/sandu/ximon/admin/controller/ClientController.java

@@ -1,11 +1,14 @@
package com.sandu.ximon.admin.controller;

import cn.hutool.core.bean.BeanUtil;
import cn.hutool.core.util.StrUtil;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.github.pagehelper.PageHelper;
import com.sandu.common.domain.ResponseVO;
import com.sandu.common.enums.AdminStatusStatus;
import com.sandu.common.enums.ResponseStatusEnums;
import com.sandu.common.execption.BusinessException;
import com.sandu.common.log.Log;
import com.sandu.common.object.BaseConditionVO;
import com.sandu.common.security.LoginUserInfo;
import com.sandu.common.security.annotation.AnonymousAccess;
@@ -13,27 +16,26 @@
import com.sandu.common.security.token.TokenProvider;
import com.sandu.common.util.IpUtil;
import com.sandu.common.util.ResponseUtil;
import com.sandu.ximon.admin.context.CustomerInspectContextHolder;
import com.sandu.ximon.admin.param.AddClientPrarm;
import com.sandu.ximon.admin.param.AdminLoginParam;
import com.sandu.ximon.admin.param.ClientPrarm;
import com.sandu.ximon.admin.dto.ClientDto;
import com.sandu.ximon.admin.param.*;
import com.sandu.ximon.admin.security.PermissionConfig;
import com.sandu.ximon.admin.security.SecurityUtils;
import com.sandu.ximon.admin.service.ClientRoleRelationService;
import com.sandu.ximon.admin.service.ClientService;
import com.sandu.ximon.admin.service.RoleService;
import com.sandu.ximon.dao.domain.Admin;
import com.sandu.ximon.dao.domain.Client;
import com.sandu.ximon.dao.domain.ClientRoleRelation;
import com.sandu.ximon.dao.enums.AdministratorEnums;
import jodd.cli.Cli;
import com.sandu.ximon.dao.enums.MenuEnum;
import lombok.AllArgsConstructor;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpServletRequest;
import java.time.LocalDateTime;
import java.util.Collection;
import java.util.HashMap;
import java.util.Map;
import java.util.*;
import java.util.stream.Collectors;

/**
@@ -48,7 +50,9 @@
    private final ClientService clientService;
    private final PasswordEncoder passwordEncoder;
    private final RoleService roleService;
    private final ClientRoleRelationService clientRoleRelationService;
    private final TokenProvider tokenProvider;
    private PermissionConfig permissionConfig;

    @PostMapping("/add")
    public ResponseVO<Object> addClient(@RequestBody @Validated AddClientPrarm addClientPrarm) {
@@ -62,13 +66,45 @@


    @PostMapping("/update/{id}")
    public ResponseVO<Object> updateClient(@PathVariable Long id, @RequestBody @Validated ClientPrarm clientPrarm) {
        boolean b = clientService.updateClient(id, clientPrarm);
    public ResponseVO<Object> updateClient(@PathVariable Long id, @RequestBody @Validated UpdateClientPrarm updateClientPrarm) {
        boolean b = clientService.updateClient(id, updateClientPrarm);
        if (b) {
            return ResponseUtil.success("更新成功");
        } else {
            return ResponseUtil.fail("更新失败");
        }
    }

    /**
     * 修改普通用户的密码
     */
    @Log("修改普通用户的密码")
    @PostMapping("/updateClientPassword")
    public ResponseVO<Object> updateClientPassword(@Validated @RequestBody UserPwsParm param) {
        boolean result;

        //超管直接修改
        if (SecurityUtils.getUserDetails().getAdministratorType().equals(AdministratorEnums.ADMIN.getCode())) {
            result = clientService.updateAdminPassword(param);
        } else {
            //当前登录账号ID
            Long userId = SecurityUtils.getUserId();
            //要修要密码的用户的上级ID
            Client client = clientService.getOne(Wrappers.lambdaQuery(Client.class).eq(Client::getId, param.getUserid()));
            //为其下属才能修改
            if (client != null && userId.equals(client.getSuperiorId())) {
                result = clientService.updateAdminPassword(param);
            } else {
                throw new BusinessException("非超级管理员或该用户不是您下属用户，无法修改密码！");
            }
        }

        if (result) {
            return ResponseUtil.success("修改成功");
        } else {
            return ResponseUtil.fail("修改失败");
        }

    }

    @PostMapping("/delete/{id}")
@@ -83,31 +119,56 @@

    @GetMapping("/list")
    public ResponseVO<Object> listLikeClient(BaseConditionVO baseConditionVO, @RequestParam(value = "keyword", required = false) String keyword) {
        if (!permissionConfig.check(MenuEnum.CLIENT_LIST.getCode())) {
            return ResponseUtil.fail("缺少对应用户权限");
        }

        PageHelper.startPage(baseConditionVO.getPageNo(), baseConditionVO.getPageSize());
        LambdaQueryWrapper<Client> wrapper = Wrappers.lambdaQuery(Client.class);
        if (AdministratorEnums.CUSTOMER.getCode().equals(SecurityUtils.getAdministratorIdentity())) {
            wrapper.eq(Client::getSuperiorId, SecurityUtils.getUserId());
        if (AdministratorEnums.NORMAL.getCode().equals(SecurityUtils.getAdministratorIdentity())) {
            wrapper.eq(Client::getSuperiorId, SecurityUtils.getUserId()).or(w -> w.eq(
                    Client::getId, SecurityUtils.getUserId()
            ));
        }
        if (null != keyword) {
        if (keyword != null && !keyword.isEmpty()) {
            wrapper.like(Client::getClientName, keyword)
                    .or(clientLambdaQueryWrapper -> clientLambdaQueryWrapper.like(Client::getMobile, keyword))
                    .or(clientLambdaQueryWrapper -> clientLambdaQueryWrapper.like(Client::getLinkMan, keyword));
                    .or(w1 -> w1.like(Client::getMobile, keyword))
                    .or(w2 -> w2.like(Client::getLinkMan, keyword));
        }
        return ResponseUtil.successPage(clientService.list(wrapper));
        List<Client> clientList = clientService.list(wrapper);
        List<ClientDto> clientDtoList = new ArrayList<>();

        for (Client demo : clientList) {
            ClientDto clientDto = new ClientDto();
            BeanUtil.copyProperties(demo, clientDto);
            ClientRoleRelation one = clientRoleRelationService.getOne(Wrappers.lambdaQuery(ClientRoleRelation.class)
                    .eq(ClientRoleRelation::getClientId, demo.getId()));

            if (one != null) {
                clientDto.setRoleId(one.getRoleId());
            }
            clientDtoList.add(clientDto);

        }
        return ResponseUtil.successPage(clientDtoList);
    }

    @AnonymousAccess
    @PostMapping(value = "/login")
    public ResponseVO<Object> longin(@RequestBody @Validated AdminLoginParam loginParam) {
    public ResponseVO<Object> longin(HttpServletRequest request, @RequestBody @Validated AdminLoginParam loginParam) {
        Client client = clientService.getOne(Wrappers.lambdaQuery(Client.class).eq(Client::getClientName, loginParam.getUsername()).last("limit 1"));
        if (client == null) {
            return ResponseUtil.error(ResponseStatusEnums.BAD_CREDENTIALS.getCode(), ResponseStatusEnums.BAD_CREDENTIALS.getMessage());
        }
        String session_vcode = (String) request.getSession().getAttribute(loginParam.getKey());
        if (!StrUtil.equalsIgnoreCase(session_vcode, loginParam.getVlue())) {
            return ResponseUtil.error(ResponseStatusEnums.BAD_AUTHENTICATION.getCode(), ResponseStatusEnums.BAD_AUTHENTICATION.getMessage());
        }
        if (!passwordEncoder.matches(loginParam.getPassword(), client.getPassword())) {
            return ResponseUtil.error(ResponseStatusEnums.BAD_CREDENTIALS.getCode(), ResponseStatusEnums.BAD_CREDENTIALS.getMessage());
        }

        Collection<GrantedAuthority> grantedAuthorities = roleService.mapToGrantedAuthorities(client.getId());
        Collection<GrantedAuthority> grantedAuthorities = roleService.mapToGrantedAuthorities(client.getId(), false);

        LoginUserInfo loginUserInfo = new LoginUserInfo();
        loginUserInfo.setUserId(client.getId());