Merge branch 'future/strokeList' into 'master'

商家登陆jwt添加mcid See merge request hewei/Jumeirah!29

Merge branch 'future/strokeList' into 'master'
商家登陆jwt添加mcid See merge request hewei/Jumeirah!29
a1573ab5 · hewei · 9ca4c871 · cf683383 · a1573ab5 · a1573ab5
Commit a1573ab5 authored Oct 16, 2020 by hewei
9 changed files
--- a/api-merchant/src/main/java/com/jumeirah/api/merchant/controller/MerchantHelloWorldController.java
+++ b/api-merchant/src/main/java/com/jumeirah/api/merchant/controller/MerchantHelloWorldController.java
@@ -2,9 +2,11 @@ package com.jumeirah.api.merchant.controller;
 import io.geekidea.springbootplus.framework.common.api.ApiResult;
 import io.geekidea.springbootplus.framework.log.annotation.OperationLog;
+import io.geekidea.springbootplus.framework.shiro.jwt.JwtToken;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.shiro.SecurityUtils;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.apache.shiro.authz.annotation.RequiresRoles;
 import org.springframework.web.bind.annotation.GetMapping;
@@ -26,6 +28,8 @@ public class MerchantHelloWorldController {
    @OperationLog(name = "helloWorld")
    @ApiOperation(value = "Hello World", response = String.class)
    public ApiResult<String> helloWorld() throws IOException {
+        JwtToken jwtToken = (JwtToken) SecurityUtils.getSubject().getPrincipal();
        log.debug("Hello World...app");
        return ApiResult.ok("Hello World app merchant");
    }
@@ -34,6 +38,8 @@ public class MerchantHelloWorldController {
    @OperationLog(name = "needRole")
    @ApiOperation(value = "needRole", response = String.class)
    public ApiResult<String> needRole() throws IOException {
+        JwtToken jwtToken = (JwtToken) SecurityUtils.getSubject().getPrincipal();
        log.debug("Hello World...app");
        return ApiResult.ok("Hello World app");
    }
@@ -43,6 +49,8 @@ public class MerchantHelloWorldController {
    @ApiOperation(value = "needRoleAdmin", response = String.class)
    @RequiresPermissions("merchant:admin")
    public ApiResult<String> needRoleAdmin() throws IOException {
+        JwtToken jwtToken = (JwtToken) SecurityUtils.getSubject().getPrincipal();
        log.debug("Hello World...app");
        return ApiResult.ok("Hello World needRoleAdmin");
    }
@@ -52,6 +60,8 @@ public class MerchantHelloWorldController {
    @ApiOperation(value = "needRoleAll", response = String.class)
    @RequiresRoles("merchant:all")
    public ApiResult<String> needRoleAll() throws IOException {
+        JwtToken jwtToken = (JwtToken) SecurityUtils.getSubject().getPrincipal();
        log.debug("Hello World...app");
        return ApiResult.ok("Hello World needRoleAll");
    }
@@ -60,6 +70,8 @@ public class MerchantHelloWorldController {
    @OperationLog(name = "noRole")
    @ApiOperation(value = "noRole", response = String.class)
    public ApiResult<String> noRole() throws IOException {
+        JwtToken jwtToken = (JwtToken) SecurityUtils.getSubject().getPrincipal();
        log.debug("Hello World...app");
        return ApiResult.ok("Hello World app noRole");
    }

--- a/common/src/main/java/com/jumeirah/common/service/impl/AppUserServiceImpl.java
+++ b/common/src/main/java/com/jumeirah/common/service/impl/AppUserServiceImpl.java
@@ -116,7 +116,7 @@ public class AppUserServiceImpl extends BaseServiceImpl<AppUserMapper, AppUser> 
        log.debug("token:{}", token);
        // 创建AuthenticationToken
-        JwtToken jwtToken = JwtToken.build(token, appUser.getId().toString(), appUser.getId(), newSalt, expireSecond, LoginClientTypeEnum.APP.getType());
+        JwtToken jwtToken = JwtToken.build(token, appUser.getId().toString(), appUser.getId(), newSalt, expireSecond, LoginClientTypeEnum.APP.getType(), null);
        boolean enableShiro = springBootPlusProperties.getShiro().isEnable();
        if (enableShiro) {

--- a/common/src/main/java/com/jumeirah/common/service/impl/MerchantUserServiceImpl.java
+++ b/common/src/main/java/com/jumeirah/common/service/impl/MerchantUserServiceImpl.java
@@ -92,14 +92,10 @@ public class MerchantUserServiceImpl extends BaseServiceImpl<MerchantUserMapper,
        return merchantUserMapper.selectOne(new QueryWrapper<MerchantUser>(sysUser));
    }
    @Transactional(rollbackFor = Exception.class)
    @Override
    public ApiResult<LoginMerUserTokenVo> login(MerchantLoginParam merchantLoginParam) throws Exception {
-//        // 校验验证码
-//        checkVerifyCode(merchantLoginParam.getVerifyToken(), merchantLoginParam.getCode());
        String username = merchantLoginParam.getUsername();
        // 从数据库中获取登录用户信息
        MerchantUser merchantUser = getMerUserByUsername(username);
@@ -108,7 +104,9 @@ public class MerchantUserServiceImpl extends BaseServiceImpl<MerchantUserMapper,
            return ApiResult.result(ApiCode.PWD_OR_USERNAME_ERROR, null);
        }
        if (StateEnum.DISABLE.getCode().equals(merchantUser.getState())) {
-            return ApiResult.result(ApiCode.PWD_OR_USERNAME_ERROR, null);
+            log.error("登录失败,禁用:{}", merchantLoginParam);
+            return ApiResult.result(ApiCode.LOGIN_EXCEPTION, null);
        }
        // 实际项目中，前端传过来的密码应先加密
@@ -123,17 +121,6 @@ public class MerchantUserServiceImpl extends BaseServiceImpl<MerchantUserMapper,
        // 将系统用户对象转换成登录用户对象
        LoginUserVo loginSysUserVo = UserConvert.INSTANCE.merchantUserToLoginSysUserVo(merchantUser);
-//        // 获取部门
-//        SysDepartment sysDepartment = sysDepartmentService.getById(merchantUser.getDepartmentId());
-//        if (sysDepartment == null) {
-//            throw new AuthenticationException("部门不存在");
-//        }
-//        if (!StateEnum.ENABLE.getCode().equals(sysDepartment.getState())) {
-//            throw new AuthenticationException("部门已禁用");
-//        }
-//        loginSysUserVo.setDepartmentId(sysDepartment.getId())
-//                .setDepartmentName(sysDepartment.getName());
        // 获取当前用户角色
        Long roleId = merchantUser.getRoleId();
        MerchantRole merchantRole = merchantRoleService.getById(roleId);
@@ -149,9 +136,6 @@ public class MerchantUserServiceImpl extends BaseServiceImpl<MerchantUserMapper,
        // 获取当前用户权限
        Set<String> permissionCodes = merchantRolePermissionService.getPermissionCodesByRoleId(roleId);
-//        if (CollectionUtils.isEmpty(permissionCodes)) {
-//            throw new AuthenticationException("权限列表不能为空");
-//        }
        loginSysUserVo.setPermissionCodes(permissionCodes);
        // 获取数据库中保存的盐值
@@ -163,7 +147,7 @@ public class MerchantUserServiceImpl extends BaseServiceImpl<MerchantUserMapper,
        log.debug("token:{}", token);
        // 创建AuthenticationToken
-        JwtToken jwtToken = JwtToken.build(token, username,merchantUser.getId(), newSalt, expireSecond, LoginClientTypeEnum.MERCHANT.getType());
+        JwtToken jwtToken = JwtToken.build(token, username, merchantUser.getId(), newSalt, expireSecond, LoginClientTypeEnum.MERCHANT.getType(),merchantUser.getMcId());
        boolean enableShiro = springBootPlusProperties.getShiro().isEnable();
        if (enableShiro) {
@@ -188,9 +172,6 @@ public class MerchantUserServiceImpl extends BaseServiceImpl<MerchantUserMapper,
        loginSysUserTokenVo.setToken(token);
        loginSysUserTokenVo.setLoginSysUserVo(loginSysUserVo);
-        // 设置token响应头
-//        response.setHeader(JwtTokenUtil.getTokenName(), loginSysUserTokenVo.getToken());
        return ApiResult.ok(loginSysUserTokenVo);
    }
@@ -222,7 +203,6 @@ public class MerchantUserServiceImpl extends BaseServiceImpl<MerchantUserMapper,
        // 创建一个该公司默认的管理员账号
        return ApiResult.ok();
    }

--- a/common/src/main/java/com/jumeirah/common/service/impl/SysLoginServiceImpl.java
+++ b/common/src/main/java/com/jumeirah/common/service/impl/SysLoginServiceImpl.java
@@ -162,7 +162,7 @@ public class SysLoginServiceImpl implements SysLoginService {
        log.debug("token:{}", token);
        // 创建AuthenticationToken
-        JwtToken jwtToken = JwtToken.build(token, username,sysUser.getId(), newSalt, expireSecond, LoginClientTypeEnum.SYSTEM.getType());
+        JwtToken jwtToken = JwtToken.build(token, username,sysUser.getId(), newSalt, expireSecond, LoginClientTypeEnum.SYSTEM.getType(),null);
        boolean enableShiro = springBootPlusProperties.getShiro().isEnable();
        if (enableShiro) {

--- a/framework/src/main/java/io/geekidea/springbootplus/framework/shiro/cache/impl/MerchantLoginRedisServiceImpl.java
+++ b/framework/src/main/java/io/geekidea/springbootplus/framework/shiro/cache/impl/MerchantLoginRedisServiceImpl.java
@@ -42,11 +42,11 @@ public class MerchantLoginRedisServiceImpl implements MerchantLoginRedisService 
     * username:num
     */
    @Override
-    public void cacheLoginInfo(JwtToken jwtToken, LoginUserVo loginSysUserVo) {
+    public void cacheLoginInfo(JwtToken jwtToken, LoginUserVo loginUserVo) {
        if (jwtToken == null) {
            throw new IllegalArgumentException("jwtToken不能为空");
        }
-        if (loginSysUserVo == null) {
+        if (loginUserVo == null) {
            throw new IllegalArgumentException("loginSysUserVo不能为空");
        }
        // token
@@ -54,20 +54,20 @@ public class MerchantLoginRedisServiceImpl implements MerchantLoginRedisService 
        // 盐值
        String salt = jwtToken.getSalt();
        // 登录用户名称
-        String username = loginSysUserVo.getUsername();
+        String username = loginUserVo.getUsername();
        // token md5值
        String tokenMd5 = DigestUtils.md5Hex(token);
        // Redis缓存JWT Token信息
        JwtTokenRedisVo jwtTokenRedisVo = ShiroMapstructConvert.INSTANCE.jwtTokenToJwtTokenRedisVo(jwtToken);
-        jwtTokenRedisVo.setUserId(loginSysUserVo.getId());
+        jwtTokenRedisVo.setUserId(loginUserVo.getId());
+        jwtTokenRedisVo.setMcId(jwtToken.getMcId());
        // 用户客户端信息
        ClientInfo clientInfo = ClientInfoUtil.get(HttpServletRequestUtil.getRequest());
        // Redis缓存登录用户信息
        // 将LoginSysUserVo对象复制到LoginSysUserRedisVo，使用mapstruct进行对象属性复制
-        LoginUserRedisVo loginSysUserRedisVo = LoginSysUserVoConvert.INSTANCE.voToRedisVo(loginSysUserVo);
+        LoginUserRedisVo loginSysUserRedisVo = LoginSysUserVoConvert.INSTANCE.voToRedisVo(loginUserVo);
        loginSysUserRedisVo.setSalt(salt);
        loginSysUserRedisVo.setClientInfo(clientInfo);

--- a/framework/src/main/java/io/geekidea/springbootplus/framework/shiro/jwt/JwtFilter.java
+++ b/framework/src/main/java/io/geekidea/springbootplus/framework/shiro/jwt/JwtFilter.java
@@ -80,7 +80,7 @@ public class JwtFilter extends AuthenticatingFilter {
        String username = JwtUtil.getUsername(token);
-        return JwtToken.build(token, username, jwt.getUserId(), shiroLoginService.getSalt(token), jwtProperties.getExpireSecond(), jwt.getType());
+        return JwtToken.build(token, username, jwt.getUserId(), shiroLoginService.getSalt(token), jwtProperties.getExpireSecond(), jwt.getType(),jwt.getMcId());
    }

--- a/framework/src/main/java/io/geekidea/springbootplus/framework/shiro/jwt/JwtToken.java
+++ b/framework/src/main/java/io/geekidea/springbootplus/framework/shiro/jwt/JwtToken.java
@@ -37,9 +37,17 @@ import java.util.Date;
 public class JwtToken implements HostAuthenticationToken {
    private static final long serialVersionUID = 5101247566043093405L;
+    /**
+     * 客户端类型
+     */
    private String type;
    /**
+     * mcId
+     */
+    private Long mcId;
+    /**
     * 登录ip
     */
    private String host;
@@ -78,7 +86,7 @@ public class JwtToken implements HostAuthenticationToken {
    private String credentials;
-    public static JwtToken build(String token, String username,Long userId, String salt, long expireSecond, String type) {
+    public static JwtToken build(String token, String username,Long userId, String salt, long expireSecond, String type,Long mcId) {
        DecodedJWT decodedJwt = JwtUtil.getJwtInfo(token);
        Date createDate = decodedJwt.getIssuedAt();
        Date expireDate = decodedJwt.getExpiresAt();
@@ -91,7 +99,8 @@ public class JwtToken implements HostAuthenticationToken {
                .setType(type)
                .setCreateDate(createDate)
                .setExpireSecond(expireSecond)
-                .setExpireDate(expireDate);
+                .setExpireDate(expireDate)
+                .setMcId(mcId);
    }

--- a/framework/src/main/java/io/geekidea/springbootplus/framework/shiro/service/impl/ShiroLoginServiceImpl.java
+++ b/framework/src/main/java/io/geekidea/springbootplus/framework/shiro/service/impl/ShiroLoginServiceImpl.java
@@ -100,7 +100,7 @@ public class ShiroLoginServiceImpl implements ShiroLoginService {
        // 生成新token字符串
        String newToken = JwtUtil.generateToken(username, salt, Duration.ofSeconds(expireSecond));
        // 生成新JwtToken对象
-        JwtToken newJwtToken = JwtToken.build(newToken, username, jwtToken.getUserId(), salt, expireSecond, jwtToken.getType());
+        JwtToken newJwtToken = JwtToken.build(newToken, username, jwtToken.getUserId(), salt, expireSecond, jwtToken.getType(), null);
        // 更新redis缓存
        sysLoginRedisService.refreshLoginInfo(token, username, newJwtToken);
        log.debug("刷新token成功，原token:{}，新token:{}", token, newToken);

--- a/framework/src/main/java/io/geekidea/springbootplus/framework/shiro/vo/JwtTokenRedisVo.java
+++ b/framework/src/main/java/io/geekidea/springbootplus/framework/shiro/vo/JwtTokenRedisVo.java
@@ -33,9 +33,16 @@ import java.util.Date;
 public class JwtTokenRedisVo implements Serializable {
    private static final long serialVersionUID = 1831633309466775223L;
+    /**
+     * 客户端类型
+     */
    private String type;
    /**
+     * mcId
+     */
+    private Long mcId;
+    /**
     * 登录ip
     */
    private String host;