package com.qxgmat.controller.api; import com.github.pagehelper.Page; import com.nuliji.tools.Response; import com.nuliji.tools.ResponseHelp; import com.nuliji.tools.Tools; import com.nuliji.tools.Transform; import com.nuliji.tools.exception.AuthException; import com.nuliji.tools.exception.ParameterException; import com.nuliji.tools.exception.SystemException; import com.qxgmat.data.constants.enums.ServiceKey; import com.qxgmat.data.dao.entity.TextbookLibrary; import com.qxgmat.data.dao.entity.User; import com.qxgmat.data.dao.entity.UserMessage; import com.qxgmat.data.dao.entity.UserOrderRecord; import com.qxgmat.data.relation.entity.UserPreviewPaperRelation; import com.qxgmat.dto.request.*; import com.qxgmat.dto.response.MyDto; import com.qxgmat.help.AiHelp; import com.qxgmat.help.CaptchaHelp; import com.qxgmat.help.ShiroHelp; import com.qxgmat.help.SmsHelp; import com.qxgmat.service.UsersService; import com.qxgmat.service.UserServiceService; import com.qxgmat.service.extend.MessageExtendService; import com.qxgmat.service.extend.PreviewService; import com.qxgmat.service.inline.TextbookLibraryService; import com.qxgmat.service.inline.UserAbnormalService; import com.qxgmat.service.inline.UserMessageService; import com.qxgmat.service.inline.UserOrderRecordService; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.MediaType; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import javax.validation.Validator; import java.util.Collection; import java.util.Date; import java.util.List; /** * Created by GaoJie on 2017/10/31. */ @RestController @RequestMapping("/api/auth") @Api(tags = "用户验证", description = "登录注册找回密码", produces = MediaType.APPLICATION_JSON_VALUE) public class AuthController { @Autowired private CaptchaHelp captchaHelp; @Autowired private SmsHelp smsHelp; @Autowired private AiHelp aiHelp; @Autowired private ShiroHelp shiroHelp; @Autowired private UsersService usersService; @Autowired private UserServiceService userServiceService; @Autowired private UserAbnormalService userAbnormalService; // 初始化用户信息 @Autowired private TextbookLibraryService textbookLibraryService; @Autowired private UserMessageService userMessageService; @Autowired private UserOrderRecordService userOrderRecordService; @Autowired private PreviewService previewService; @Autowired private MessageExtendService messageExtendService; @RequestMapping(value = "/token", method = RequestMethod.POST) @ApiOperation(value = "验证token", httpMethod = "POST") public Response token(@RequestHeader(value = "token", required = false) String token, HttpSession session, HttpServletRequest request) { User user; if (token == null || token.isEmpty()){ user = shiroHelp.getLoginUser(); if (user == null) { throw new AuthException("未登录"); } }else{ user = usersService.getUserByToken(token); // 用该token登录 shiroHelp.getSession().login(shiroHelp.user(user.getArea()+":"+user.getMobile(), "")); } User entity = usersService.get(user.getId()); MyDto dto = processUser(entity, request); return ResponseHelp.success(dto); } @RequestMapping(value = "/login", method = RequestMethod.POST) @ApiOperation(value = "登录/注册", httpMethod = "POST") public Response login(@RequestBody @Validated UserLoginDto userLoginDto, HttpSession session, HttpServletRequest request) { if (!smsHelp.verifyCode(userLoginDto.getArea(), userLoginDto.getMobile(), userLoginDto.getMobileVerifyCode(), session)) { throw new ParameterException("手机验证码错误!"); } try { String ip = Tools.getClientIp(request); usersService.register(userLoginDto.getArea(), userLoginDto.getMobile(), userLoginDto.getInviteCode(), userLoginDto.getEmail(), null, ip, aiHelp.parseIp(ip)); }catch (ParameterException e){ // 忽略已注册信息 } shiroHelp.getSession().login(shiroHelp.user(userLoginDto.getArea()+":"+userLoginDto.getMobile(), "")); User user = shiroHelp.getLoginUser(); User entity = usersService.get(user.getId()); MyDto dto = processUser(entity, request); return ResponseHelp.success(dto); } @RequestMapping(value = "/wechat_pc", method = RequestMethod.GET) @ApiOperation(value = "直接微信二维码登录", httpMethod = "GET") public Response directWechatPc( @RequestParam(required = false, defaultValue = "") String code, HttpSession session, HttpServletRequest request) { User user = (User) shiroHelp.getLoginUser(); user = usersService.Oauth(user, code, "wechat_pc", true); if (user.getId() != null && user.getId() > 0){ user = usersService.get(user.getId()); shiroHelp.getSession().login(shiroHelp.user(user.getArea()+":"+user.getMobile(), "")); } user = shiroHelp.getLoginUser(); MyDto dto = processUser(user, request); return ResponseHelp.success(dto); } // 公众号登录注册:wechat(false) -> wechat(true) -> bind // pc登录注册:wechat_pc(true) -> bind // login -> wechat_pc(true) @RequestMapping(value = "/wechat", method = RequestMethod.GET) @ApiOperation(value = "直接微信公众号登录", httpMethod = "GET") public Response directWechat( @RequestParam(required = false, defaultValue = "") String code, @RequestParam(required = false, defaultValue = "") boolean userInfo, HttpSession session, HttpServletRequest request) { User user = (User) shiroHelp.getLoginUser(); user = usersService.Oauth(user, code, "wechat_native", userInfo); if (user.getId() != null && user.getId() > 0){ user = usersService.get(user.getId()); shiroHelp.getSession().login(shiroHelp.user(user.getArea()+":"+user.getMobile(), "")); } MyDto dto = processUser(user, request); return ResponseHelp.success(dto); } @RequestMapping(value = "/logout", method = RequestMethod.POST) @ApiOperation(value = "登出", httpMethod = "POST") public Response logout(HttpSession session, HttpServletRequest request) { shiroHelp.logout(); return ResponseHelp.success(true); } @RequestMapping(value = "/bind", method = RequestMethod.POST) @ApiOperation(value = "绑定手机号", notes="第三方登录后可执行", httpMethod = "POST") public Response bind(@RequestBody @Validated UserValidMobileDto userValidMobileDto, HttpSession session, HttpServletRequest request) { if (!smsHelp.verifyCode(userValidMobileDto.getArea(), userValidMobileDto.getMobile(), userValidMobileDto.getMobileVerifyCode(), session)) { throw new ParameterException("验证码有误,请重新获取!"); } User openUser = (User) shiroHelp.getLoginUser(); if(openUser == null) throw new SystemException("第三方登录错误"); if(openUser.getMobile() != null && openUser.getMobile().length() > 0) throw new SystemException("手机号已绑定"); try{ // 创建新的账号,设定手机号,绑定第三方登录 String ip = Tools.getClientIp(request); User user = usersService.register(userValidMobileDto.getArea(), userValidMobileDto.getMobile(), userValidMobileDto.getInviteCode(), userValidMobileDto.getEmail(), openUser, ip, aiHelp.parseIp(ip)); }catch (ParameterException e){ throw new ParameterException("该手机号绑定其他账号,请更换手机号码!"); } shiroHelp.getSession().login(shiroHelp.user(userValidMobileDto.getArea()+":"+userValidMobileDto.getMobile(), "")); User user = shiroHelp.getLoginUser(); User entity = usersService.get(user.getId()); MyDto dto = processUser(entity, request); return ResponseHelp.success(dto); } @RequestMapping(value = "/valid/invite_code", method = RequestMethod.GET) @ApiOperation(value = "验证邀请码", notes="查询邀请码对应账号", httpMethod = "GET") public Response validInviteCode( @RequestParam(required = true) String inviteCode ){ User user = usersService.getByInviteCode(inviteCode); if(user == null){ return ResponseHelp.success(null); }else{ return ResponseHelp.success(user.getNickname()); } } @RequestMapping(value = "/valid/mobile", method = RequestMethod.GET) @ApiOperation(value = "验证手机号", notes="查询手机对应账号", httpMethod = "GET") public Response validMobile( @RequestParam(required = true) String area, @RequestParam(required = true) String mobile ){ User user = usersService.getByMobile(area, mobile); if(user != null){ return ResponseHelp.success(false); } return ResponseHelp.success(true); } @RequestMapping(value = "/valid/wechat", method = RequestMethod.GET) @ApiOperation(value = "验证手机号是否绑定微信", notes="查询手机对应账号", httpMethod = "GET") public Response validWechat( @RequestParam(required = true) String area, @RequestParam(required = true) String mobile ){ User user = usersService.getByMobile(area, mobile); if (user != null && user.getWechatUnionid() != null && !user.getWechatUnionid().equals("")){ return ResponseHelp.success(false); } return ResponseHelp.success(true); } private MyDto processUser(User user, HttpServletRequest request){ MyDto dto = Transform.convert(user, MyDto.class); if (user.getId() == null || user.getId() == 0) return dto; String ip = Tools.getClientIp(request); User entity = User.builder().id(user.getId()).build(); entity.setLatestLoginTime(new Date()); if (!user.getRegisterIp().equals(ip) && !user.getLatestLoginIp().equals(ip)){ entity.setLatestLoginIp(ip); // 登录异常处理 if(!aiHelp.compareIp(user.getRegisterIp(), ip)){ String[] info = aiHelp.parseIp(ip); userAbnormalService.push(user.getId(), ip, info); } } // 更新登录信息 usersService.edit(entity); if (!user.getMobile().isEmpty()){ dto.setBindMobile(true); } if (!user.getWechatUnionid().isEmpty()){ dto.setBindWechat(true); } if (user.getRealStatus() > 0){ dto.setBindReal(true); } if(!user.getPrepareStatus().isEmpty()){ dto.setBindPrepare(true); } // vip dto.setVip(userServiceService.timeService(user.getId(), ServiceKey.VIP)); // 最新机经 if (userServiceService.hasService(user.getId(), ServiceKey.TEXTBOOK)){ TextbookLibrary latest = textbookLibraryService.getLatest(); dto.setTextbook(latest.getUpdateTime()); } // 未读消息 Page messageList = userMessageService.list(1, 4, user.getId(), null, 0); dto.setMessageNumber((int)messageList.getTotal()); messageExtendService.refreshMessage(messageList); dto.setMessages(messageList); // 未完成作业 List recordList = userOrderRecordService.listWithCourse(1, 1000, null, null, true, false, null, null); Collection recordIds = Transform.getIds(recordList, UserOrderRecord.class, "id"); List relationList = previewService.listByRecordId(user.getId(), recordIds, 2); dto.setPreviewNumber(relationList.size()); return dto; } }