单点登录

2 years ago · 444f6000e9
parent a423c5424f
commit 444f6000e9
6 changed files with 176 additions and 10 deletions
--- a/src/main/java/org/springblade/hospital/controller/AlarmInformationController.java
+++ b/src/main/java/org/springblade/hospital/controller/AlarmInformationController.java
@ -23,18 +23,22 @@ import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import com.google.gson.Gson;
 import com.google.protobuf.ByteString;
+import com.google.protobuf.ServiceException;
 import com.hisense.device.agent.grpc.Point;
 import lombok.AllArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.json.JSONException;
 import org.springblade.common.cache.DictBizCache;
+import org.springblade.common.cache.UserCache;
 import org.springblade.core.boot.ctrl.BladeController;
 import org.springblade.core.excel.util.ExcelUtil;
 import org.springblade.core.mp.support.Condition;
 import org.springblade.core.mp.support.Query;
 import org.springblade.core.tenant.annotation.NonDS;
 import org.springblade.core.tool.api.R;
+import org.springblade.core.tool.support.Kv;
 import org.springblade.core.tool.utils.DateUtil;
+import org.springblade.core.tool.utils.DigestUtil;
 import org.springblade.hospital.agent.utils.DataTrans;
 import org.springblade.hospital.agent.utils.QueueUtils;
 import org.springblade.hospital.entity.AlarmInformation;
@ -43,12 +47,18 @@ import org.springblade.hospital.hik.ArtemisPostTest;
 import org.springblade.hospital.hik.alarm.Alarm;
 import org.springblade.hospital.service.IAlarmInformationService;
 import org.springblade.hospital.websocket.WebSocketServer;
+import org.springblade.modules.system.entity.User;
 import org.springframework.http.*;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.client.RestTemplate;

 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import javax.sql.rowset.serial.SerialException;
+import java.math.BigInteger;
+import java.nio.charset.StandardCharsets;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
 import java.util.*;

 /**
@ -199,7 +209,7 @@ public class AlarmInformationController extends BladeController {
 					AlarmInformation alarmInformation = new AlarmInformation();
 					alarmInformation.setType("device_event");
 					alarmInformation.setReportTime(new Date(Long.parseLong(map.get("time").toString())));
-					alarmInformation.setContent("测试工卡报警");
+					alarmInformation.setContent("工卡报警");
 					alarmInformation.setHostSerialNumber(map3.get("sn").toString());
 					alarmInformation.setDeviceId(map3.get("mac").toString());
 					alarmInformation.setAlarmType(2);
@ -238,4 +248,38 @@ public class AlarmInformationController extends BladeController {
 		return R.data(ip);
 	}

+	/**
+	 * 获取用户加密后密码
+	 * @param token
+	 * @return
+	 */
+	@GetMapping("/getPassword")
+	public R getPassword(@RequestParam String token) {
+		RestTemplate restTemplate = new RestTemplate();
+		String url = "http://171.16.8.58:82/homepageapi/system/sys-sub/token/checkToken?token=" + token + "&appId=123&tripartiteVoucher=u7PgmMH5m6jK71yAg1Gi9Rid1SeSnc9J";
+		HttpHeaders headers = new HttpHeaders();
+		headers.setContentType(MediaType.parseMediaType("application/json;charset=UTF-8"));
+		HttpEntity request = new HttpEntity(headers);
+		// 发送get请求，并输出结果
+		ResponseEntity<Map> exchange = restTemplate.exchange(url, HttpMethod.GET, request, Map.class);
+		Map<String, Object> body = exchange.getBody();
+		String account = "";
+		if (body != null && body.get("code") != null) {
+			if (Integer.parseInt(JSON.toJSONString(body.get("code"))) == 0) {
+				Map<String, String> userName = JSONObject.parseObject(JSON.toJSONString(body.get("msg")), Map.class);
+				account = userName.get("userName");
+			}
+		}
+
+		// 根据租户id和用户名获取用户信息
+		String tenantId = "000000";
+		Map<String, String> map = new HashMap<>();
+		User user = UserCache.getUser(tenantId, account);
+		map.put("username", account);
+		if (user != null) {
+			map.put("password", user.getPassword());
+		}
+		return R.data(map);
+	}
+
 }
--- a/src/main/java/org/springblade/hospital/controller/AppDataController.java
+++ b/src/main/java/org/springblade/hospital/controller/AppDataController.java
@ -50,6 +50,7 @@ import javax.servlet.http.HttpServletRequest;
 import java.io.IOException;
 import java.nio.file.Files;
 import java.nio.file.Paths;
+import java.text.DecimalFormat;
 import java.util.*;

 import static org.springblade.common.constant.CommonConstant.IOT_PLATFORM_URL;
--- a/src/main/java/org/springblade/hospital/newalarm/communicationCom/HTTPClientUtil.java
+++ b/src/main/java/org/springblade/hospital/newalarm/communicationCom/HTTPClientUtil.java
@ -58,9 +58,9 @@ public class HTTPClientUtil {
 			strResponseData = new String(responseData, "utf-8");
 		} catch (IOException e) {
 			log.error("url:" + rzUrl + ",通讯出现错误，错误信息是：" + e.toString());
-			//出现错误，每隔1s，重新尝试调用
+			//出现错误，每隔30s，重新尝试调用
 			try {
-				Thread.sleep(1000);
+				Thread.sleep(30000);
 			} catch (InterruptedException ex) {
 				throw new RuntimeException(ex);
 			}
--- a/src/main/java/org/springblade/modules/auth/granter/NoPasswordTokenGranter.java
+++ b/src/main/java/org/springblade/modules/auth/granter/NoPasswordTokenGranter.java
@ -0,0 +1,117 @@
+/*
+ *      Copyright (c) 2018-2028, Chill Zhuang All rights reserved.
+ *
+ *  Redistribution and use in source and binary forms, with or without
+ *  modification, are permitted provided that the following conditions are met:
+ *
+ *  Redistributions of source code must retain the above copyright notice,
+ *  this list of conditions and the following disclaimer.
+ *  Redistributions in binary form must reproduce the above copyright
+ *  notice, this list of conditions and the following disclaimer in the
+ *  documentation and/or other materials provided with the distribution.
+ *  Neither the name of the dreamlu.net developer nor the names of its
+ *  contributors may be used to endorse or promote products derived from
+ *  this software without specific prior written permission.
+ *  Author: Chill 庄骞 (smallchill@163.com)
+ */
+package org.springblade.modules.auth.granter;
+
+import lombok.AllArgsConstructor;
+import org.springblade.common.cache.CacheNames;
+import org.springblade.common.cache.ParamCache;
+import org.springblade.core.log.exception.ServiceException;
+import org.springblade.core.redis.cache.BladeRedis;
+import org.springblade.core.tool.utils.DigestUtil;
+import org.springblade.core.tool.utils.Func;
+import org.springblade.core.tool.utils.WebUtil;
+import org.springblade.modules.auth.enums.UserEnum;
+import org.springblade.modules.auth.provider.ITokenGranter;
+import org.springblade.modules.auth.provider.TokenParameter;
+import org.springblade.modules.auth.utils.TokenUtil;
+import org.springblade.modules.system.entity.Tenant;
+import org.springblade.modules.system.entity.UserInfo;
+import org.springblade.modules.system.service.IRoleService;
+import org.springblade.modules.system.service.ITenantService;
+import org.springblade.modules.system.service.IUserService;
+import org.springframework.stereotype.Component;
+
+import javax.servlet.http.HttpServletRequest;
+import java.time.Duration;
+import java.util.List;
+
+/**
+ * PasswordTokenGranter
+ *
+ * @author Chill
+ */
+@Component
+@AllArgsConstructor
+public class NoPasswordTokenGranter implements ITokenGranter {
+
+	public static final String GRANT_TYPE = "nopassword";
+	public static final Integer FAIL_COUNT = 5;
+	public static final String FAIL_COUNT_VALUE = "account.failCount";
+
+	private final IUserService userService;
+	private final IRoleService roleService;
+	private final ITenantService tenantService;
+	private final BladeRedis bladeRedis;
+
+	@Override
+	public UserInfo grant(TokenParameter tokenParameter) {
+		HttpServletRequest request = WebUtil.getRequest();
+		// 获取用户绑定ID
+		String headerDept = request.getHeader(TokenUtil.DEPT_HEADER_KEY);
+		String headerRole = request.getHeader(TokenUtil.ROLE_HEADER_KEY);
+
+		// 获取用户信息
+		String tenantId = tokenParameter.getArgs().getStr("tenantId");
+		String username = tokenParameter.getArgs().getStr("username");
+		String password = tokenParameter.getArgs().getStr("password");
+
+		// 判断登录是否锁定
+		int cnt = Func.toInt(bladeRedis.get(CacheNames.tenantKey(tenantId, CacheNames.USER_FAIL_KEY, username)), 0);
+		int failCount = Func.toInt(ParamCache.getValue(FAIL_COUNT_VALUE), FAIL_COUNT);
+		if (cnt >= failCount) {
+			throw new ServiceException(TokenUtil.USER_HAS_TOO_MANY_FAILS);
+		}
+
+		UserInfo userInfo = null;
+		if (Func.isNoneBlank(username, password)) {
+			// 获取租户信息
+			Tenant tenant = tenantService.getByTenantId(tenantId);
+			if (TokenUtil.judgeTenant(tenant)) {
+				throw new ServiceException(TokenUtil.USER_HAS_NO_TENANT_PERMISSION);
+			}
+			// 获取用户类型
+			String userType = tokenParameter.getArgs().getStr("userType");
+			// 根据不同用户类型调用对应的接口返回数据，用户可自行拓展
+			if (userType.equals(UserEnum.WEB.getName())) {
+				userInfo = userService.userInfo(tenantId, username, password, UserEnum.WEB);
+			} else if (userType.equals(UserEnum.APP.getName())) {
+				userInfo = userService.userInfo(tenantId, username, password, UserEnum.APP);
+			} else {
+				userInfo = userService.userInfo(tenantId, username, password, UserEnum.OTHER);
+			}
+		}
+		if (userInfo == null || userInfo.getUser() == null) {
+			// 增加错误锁定次数
+			bladeRedis.setEx(CacheNames.tenantKey(tenantId, CacheNames.USER_FAIL_KEY, username), cnt + 1, Duration.ofMinutes(30));
+		} else {
+			// 成功则清除登录错误次数
+			bladeRedis.del(CacheNames.tenantKey(tenantId, CacheNames.USER_FAIL_KEY, username));
+		}
+		// 多部门情况下指定单部门
+		if (Func.isNotEmpty(headerDept) && userInfo != null && userInfo.getUser().getDeptId().contains(headerDept)) {
+			userInfo.getUser().setDeptId(headerDept);
+		}
+		// 多角色情况下指定单角色
+		if (Func.isNotEmpty(headerRole) && userInfo != null && userInfo.getUser().getRoleId().contains(headerRole)) {
+			List<String> roleAliases = roleService.getRoleAliases(headerRole);
+			userInfo.setRoles(roleAliases);
+			userInfo.getUser().setRoleId(headerRole);
+		}
+		return userInfo;
+	}
+
+}
--- a/src/main/java/org/springblade/modules/auth/provider/TokenGranterBuilder.java
+++ b/src/main/java/org/springblade/modules/auth/provider/TokenGranterBuilder.java
@ -20,10 +20,7 @@ import lombok.AllArgsConstructor;
 import org.springblade.core.secure.exception.SecureException;
 import org.springblade.core.tool.utils.Func;
 import org.springblade.core.tool.utils.SpringUtil;
-import org.springblade.modules.auth.granter.CaptchaTokenGranter;
-import org.springblade.modules.auth.granter.PasswordTokenGranter;
-import org.springblade.modules.auth.granter.RefreshTokenGranter;
-import org.springblade.modules.auth.granter.SocialTokenGranter;
+import org.springblade.modules.auth.granter.*;

 import java.util.Map;
 import java.util.concurrent.ConcurrentHashMap;
@ -43,6 +40,7 @@ public class TokenGranterBuilder {

 	static {
 		GRANTER_POOL.put(PasswordTokenGranter.GRANT_TYPE, SpringUtil.getBean(PasswordTokenGranter.class));
+		GRANTER_POOL.put(NoPasswordTokenGranter.GRANT_TYPE, SpringUtil.getBean(NoPasswordTokenGranter.class));
 		GRANTER_POOL.put(CaptchaTokenGranter.GRANT_TYPE, SpringUtil.getBean(CaptchaTokenGranter.class));
 		GRANTER_POOL.put(RefreshTokenGranter.GRANT_TYPE, SpringUtil.getBean(RefreshTokenGranter.class));
 		GRANTER_POOL.put(SocialTokenGranter.GRANT_TYPE, SpringUtil.getBean(SocialTokenGranter.class));
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@ -226,9 +226,15 @@ blade:
    #接口放行
    skip-url:
      - /blade-test/**
-      - /**
-      - /api/appData/putFile
-      - /alarmInformation/alarm
+      - /alarmInformation/**
+      - /appData/list
+      - /appData/putFile
+      - /appData/handle
+      - /appData/escalation
+      - /appData/getList
+      - /appData/coordinateToWGS84
+      - /hikvisionCamera/import-user
+      - /blade-system/user/getUser
    #授权认证配置
    auth:
      - method: ALL