|
|
@@ -1,8 +1,10 @@
|
|
|
package com.tofly.common.oauth.config;
|
|
|
|
|
|
import com.alibaba.fastjson.JSON;
|
|
|
+import com.fasterxml.jackson.databind.ObjectMapper;
|
|
|
import com.tofly.base.api.entity.User;
|
|
|
import com.tofly.base.api.feign.AuthTokenService;
|
|
|
+import com.tofly.base.api.feign.TokenPermitService;
|
|
|
import com.tofly.common.core.constant.CommonConstants;
|
|
|
import com.tofly.common.core.constant.SecurityConstants;
|
|
|
import com.tofly.common.core.entity.ResultRespone;
|
|
|
@@ -28,6 +30,7 @@ import org.springframework.web.context.request.ServletRequestAttributes;
|
|
|
import springfox.documentation.spring.web.json.Json;
|
|
|
|
|
|
import javax.servlet.http.HttpServletRequest;
|
|
|
+import java.io.IOException;
|
|
|
import java.util.HashMap;
|
|
|
import java.util.Map;
|
|
|
import java.util.Objects;
|
|
|
@@ -42,6 +45,10 @@ public class ToflyAuthenticationProvider implements AuthenticationProvider {
|
|
|
private final CacheManager cacheManager;
|
|
|
|
|
|
private final AuthTokenService authTokenService;
|
|
|
+
|
|
|
+ private final TokenPermitService tokenPermitService;
|
|
|
+
|
|
|
+
|
|
|
|
|
|
* 进行身份认证
|
|
|
*
|
|
|
@@ -52,7 +59,156 @@ public class ToflyAuthenticationProvider implements AuthenticationProvider {
|
|
|
@Override
|
|
|
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
|
|
|
log.info("order 身份认证 来了。。。。。。。");
|
|
|
+ if("token".equals(((Map)authentication.getDetails()).get("loginType"))){
|
|
|
+ return authenticateByToken(authentication);
|
|
|
+ }
|
|
|
+ return authenticateByUsernamePassword(authentication);
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ }
|
|
|
+
|
|
|
+
|
|
|
+ * 这个方法 确保返回 true 即可,
|
|
|
+ *
|
|
|
+ * @param aClass
|
|
|
+ * @return
|
|
|
+ */
|
|
|
+ @Override
|
|
|
+ public boolean supports(Class<?> aClass) {
|
|
|
+ return true;
|
|
|
+ }
|
|
|
+
|
|
|
+ private Authentication authenticateByToken(Authentication authentication){
|
|
|
+ String token = ((Map) authentication.getDetails()).get("token").toString();
|
|
|
+ Map<String, Object> info = tokenPermitService.getInfo(((Map) authentication.getDetails()).get("appName").toString(), token);
|
|
|
+ Object o = info.get("data");
|
|
|
+ if(o != null){
|
|
|
+ String m2 = (String) o;
|
|
|
+ ObjectMapper mapper = new ObjectMapper();
|
|
|
+ Map<String, Object> map = null;
|
|
|
+ try {
|
|
|
+ map = mapper.readValue(m2, Map.class);
|
|
|
+ } catch (IOException e) {
|
|
|
+ throw new MyAuthenticationException("用户不存在");
|
|
|
+ }
|
|
|
+ String username1 = map.get("outerUsername").toString();
|
|
|
+ String username=username1.replaceAll("_ms","");
|
|
|
+ String password = token;
|
|
|
+
|
|
|
+ UserDetails userDetails = userDetailService.loadUserByUsername(username);
|
|
|
+
|
|
|
+
|
|
|
+ HttpServletRequest request = ((ServletRequestAttributes) Objects
|
|
|
+ .requireNonNull(RequestContextHolder.getRequestAttributes())).getRequest();
|
|
|
+ log.info("ip:{}",IpUtil.getIpAddr(request));
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ log.info("数据库查询出来的password:{}",userDetails.getPassword());
|
|
|
+
|
|
|
+ BCryptPasswordEncoder bCryptPasswordEncoder = new BCryptPasswordEncoder();
|
|
|
+ log.info("用{}加密后的密码为:{}", SecurityConstants.BCRYPT+password,bCryptPasswordEncoder.encode(SecurityConstants.BCRYPT+password));
|
|
|
+ boolean flag = bCryptPasswordEncoder.matches(SecurityConstants.BCRYPT+password, userDetails.getPassword());*/
|
|
|
+
|
|
|
+
|
|
|
+ boolean flag = false;
|
|
|
+ if(userDetails != null){
|
|
|
+ flag = true;
|
|
|
+ }
|
|
|
+
|
|
|
+ if(StringUtil.isEmpty(password) && !flag){
|
|
|
+ flag=true;
|
|
|
+ }
|
|
|
+
|
|
|
+ ToflyUser toflyUser=null;
|
|
|
+ Cache cache = cacheManager.getCache("user_details");
|
|
|
+ if (cache != null && cache.get(username) != null && cache.get(username).get()!=null) {
|
|
|
+ toflyUser= (ToflyUser) cache.get(username).get();
|
|
|
+
|
|
|
+ }
|
|
|
|
|
|
+ log.info("从缓存中获取到用户信息"+ JSON.toJSONString(toflyUser));
|
|
|
+
|
|
|
+ User sysUser=new User();
|
|
|
+ sysUser.setId(toflyUser.getUserid());
|
|
|
+ Short pwdt=toflyUser.getPwderrtimes();
|
|
|
+ if(pwdt == null){
|
|
|
+ pwdt=Short.valueOf("0");
|
|
|
+ }
|
|
|
+
|
|
|
+ if(pwdt>=5 && !CommonConstants.SUPER_ADMIN_ULEVEL.equals(toflyUser.getUserLevel())){
|
|
|
+
|
|
|
+ cache.put(username,null);
|
|
|
+ throw new MyAuthenticationException("账户已经被锁定,请联系管理人员");
|
|
|
+ }
|
|
|
+
|
|
|
+
|
|
|
+ if (flag){
|
|
|
+ sysUser.setPwderrtimes(Short.valueOf("0"));
|
|
|
+ sysUser.setLastIp(IpUtil.getIpAddr(request));
|
|
|
+ SpringContextHolder.publishEvent(new UserLoginEvent(sysUser));
|
|
|
+
|
|
|
+ Map<String, Object> params=new HashMap();
|
|
|
+ params.put("client_id",(String)((Map) authentication.getDetails()).get("client_id"));
|
|
|
+ params.put("username",authentication.getName());
|
|
|
+
|
|
|
+
|
|
|
+ ResultRespone resultRespone=authTokenService.removeTokenByUser(params,SecurityConstants.FROM_IN);
|
|
|
+
|
|
|
+
|
|
|
+ ToflyUser toflyUser1=new ToflyUser(toflyUser.getCompanyId(),toflyUser.getCompanyName(),Short.valueOf("0"),toflyUser.getUserid(),toflyUser.getDepartmentId(),toflyUser.getUserLevel(),
|
|
|
+ toflyUser.getRealName(),toflyUser.getDepartemntName(),toflyUser.getAvatar(),
|
|
|
+ toflyUser.getUsername(),*
|
|
|
+ true,true,
|
|
|
+ true,true,toflyUser.getAuthorities());
|
|
|
+ cache.put(username,toflyUser1);
|
|
|
+ }*/
|
|
|
+
|
|
|
+ if (username1.contains("_ms")) {
|
|
|
+ ToflyUser toflyUser2 = new ToflyUser(toflyUser.getCompanyId(),toflyUser.getCompanyName(),Short.valueOf("0"), toflyUser.getUserid(), toflyUser.getDepartmentId(), toflyUser.getUserLevel(),
|
|
|
+ toflyUser.getRealName(), toflyUser.getDepartemntName(), toflyUser.getAvatar(),
|
|
|
+ username1,toflyUser.getPassword(),
|
|
|
+ true, true,
|
|
|
+ true, true, toflyUser.getAuthorities());
|
|
|
+ UserDetails userDetails1 = toflyUser2;
|
|
|
+
|
|
|
+ return new UsernamePasswordAuthenticationToken(userDetails1, password, userDetails.getAuthorities());
|
|
|
+ }
|
|
|
+
|
|
|
+
|
|
|
+ return new UsernamePasswordAuthenticationToken(userDetails,password,userDetails.getAuthorities());
|
|
|
+ }
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ pwdt++;
|
|
|
+ sysUser.setPwderrtimes(pwdt);
|
|
|
+ if(pwdt>=5){
|
|
|
+ sysUser.setLockFlag(CommonConstants.USER_LOCK_LOCKED);
|
|
|
+ }
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ SpringContextHolder.publishEvent(new UserLoginEvent(sysUser));
|
|
|
+ cache.put(username,null);
|
|
|
+ String message=pwdt<5?"密码错误。当前密码错误次数是:"+pwdt+",密码错误5次账户将会被锁定":
|
|
|
+ "账户已经被锁定,请联系管理人员";
|
|
|
+ throw new MyAuthenticationException(message);
|
|
|
+ }else{
|
|
|
+ throw new MyAuthenticationException("用户不存在");
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
+ private Authentication authenticateByUsernamePassword(Authentication authentication){
|
|
|
|
|
|
String username1 = authentication.getName();
|
|
|
|
|
|
@@ -170,20 +326,6 @@ public class ToflyAuthenticationProvider implements AuthenticationProvider {
|
|
|
String message=pwdt<5?"密码错误。当前密码错误次数是:"+pwdt+",密码错误5次账户将会被锁定":
|
|
|
"账户已经被锁定,请联系管理人员";
|
|
|
throw new MyAuthenticationException(message);
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
- }
|
|
|
-
|
|
|
-
|
|
|
- * 这个方法 确保返回 true 即可,
|
|
|
- *
|
|
|
- * @param aClass
|
|
|
- * @return
|
|
|
- */
|
|
|
- @Override
|
|
|
- public boolean supports(Class<?> aClass) {
|
|
|
- return true;
|
|
|
}
|
|
|
|
|
|
class MyAuthenticationException extends AuthenticationException{
|
Lifan