diff --git a/src/main/java/org/springblade/hospital/controller/AlarmInformationController.java b/src/main/java/org/springblade/hospital/controller/AlarmInformationController.java index 91e4ce8..b321747 100644 --- a/src/main/java/org/springblade/hospital/controller/AlarmInformationController.java +++ b/src/main/java/org/springblade/hospital/controller/AlarmInformationController.java @@ -23,18 +23,22 @@ import com.baomidou.mybatisplus.core.metadata.IPage; import com.baomidou.mybatisplus.core.toolkit.Wrappers; import com.google.gson.Gson; import com.google.protobuf.ByteString; +import com.google.protobuf.ServiceException; import com.hisense.device.agent.grpc.Point; import lombok.AllArgsConstructor; import lombok.extern.slf4j.Slf4j; import org.json.JSONException; import org.springblade.common.cache.DictBizCache; +import org.springblade.common.cache.UserCache; import org.springblade.core.boot.ctrl.BladeController; import org.springblade.core.excel.util.ExcelUtil; import org.springblade.core.mp.support.Condition; import org.springblade.core.mp.support.Query; import org.springblade.core.tenant.annotation.NonDS; import org.springblade.core.tool.api.R; +import org.springblade.core.tool.support.Kv; import org.springblade.core.tool.utils.DateUtil; +import org.springblade.core.tool.utils.DigestUtil; import org.springblade.hospital.agent.utils.DataTrans; import org.springblade.hospital.agent.utils.QueueUtils; import org.springblade.hospital.entity.AlarmInformation; @@ -43,12 +47,18 @@ import org.springblade.hospital.hik.ArtemisPostTest; import org.springblade.hospital.hik.alarm.Alarm; import org.springblade.hospital.service.IAlarmInformationService; import org.springblade.hospital.websocket.WebSocketServer; +import org.springblade.modules.system.entity.User; import org.springframework.http.*; import org.springframework.web.bind.annotation.*; import org.springframework.web.client.RestTemplate; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import javax.sql.rowset.serial.SerialException; +import java.math.BigInteger; +import java.nio.charset.StandardCharsets; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; import java.util.*; /** @@ -199,7 +209,7 @@ public class AlarmInformationController extends BladeController { AlarmInformation alarmInformation = new AlarmInformation(); alarmInformation.setType("device_event"); alarmInformation.setReportTime(new Date(Long.parseLong(map.get("time").toString()))); - alarmInformation.setContent("测试工卡报警"); + alarmInformation.setContent("工卡报警"); alarmInformation.setHostSerialNumber(map3.get("sn").toString()); alarmInformation.setDeviceId(map3.get("mac").toString()); alarmInformation.setAlarmType(2); @@ -238,4 +248,38 @@ public class AlarmInformationController extends BladeController { return R.data(ip); } + /** + * 获取用户加密后密码 + * @param token + * @return + */ + @GetMapping("/getPassword") + public R getPassword(@RequestParam String token) { + RestTemplate restTemplate = new RestTemplate(); + String url = "http://171.16.8.58:82/homepageapi/system/sys-sub/token/checkToken?token=" + token + "&appId=123&tripartiteVoucher=u7PgmMH5m6jK71yAg1Gi9Rid1SeSnc9J"; + HttpHeaders headers = new HttpHeaders(); + headers.setContentType(MediaType.parseMediaType("application/json;charset=UTF-8")); + HttpEntity request = new HttpEntity(headers); + // 发送get请求,并输出结果 + ResponseEntity exchange = restTemplate.exchange(url, HttpMethod.GET, request, Map.class); + Map body = exchange.getBody(); + String account = ""; + if (body != null && body.get("code") != null) { + if (Integer.parseInt(JSON.toJSONString(body.get("code"))) == 0) { + Map userName = JSONObject.parseObject(JSON.toJSONString(body.get("msg")), Map.class); + account = userName.get("userName"); + } + } + + // 根据租户id和用户名获取用户信息 + String tenantId = "000000"; + Map map = new HashMap<>(); + User user = UserCache.getUser(tenantId, account); + map.put("username", account); + if (user != null) { + map.put("password", user.getPassword()); + } + return R.data(map); + } + } diff --git a/src/main/java/org/springblade/hospital/controller/AppDataController.java b/src/main/java/org/springblade/hospital/controller/AppDataController.java index 8ac877d..38d5968 100644 --- a/src/main/java/org/springblade/hospital/controller/AppDataController.java +++ b/src/main/java/org/springblade/hospital/controller/AppDataController.java @@ -50,6 +50,7 @@ import javax.servlet.http.HttpServletRequest; import java.io.IOException; import java.nio.file.Files; import java.nio.file.Paths; +import java.text.DecimalFormat; import java.util.*; import static org.springblade.common.constant.CommonConstant.IOT_PLATFORM_URL; diff --git a/src/main/java/org/springblade/hospital/newalarm/communicationCom/HTTPClientUtil.java b/src/main/java/org/springblade/hospital/newalarm/communicationCom/HTTPClientUtil.java index ccf479d..7478faf 100644 --- a/src/main/java/org/springblade/hospital/newalarm/communicationCom/HTTPClientUtil.java +++ b/src/main/java/org/springblade/hospital/newalarm/communicationCom/HTTPClientUtil.java @@ -58,9 +58,9 @@ public class HTTPClientUtil { strResponseData = new String(responseData, "utf-8"); } catch (IOException e) { log.error("url:" + rzUrl + ",通讯出现错误,错误信息是:" + e.toString()); - //出现错误,每隔1s,重新尝试调用 + //出现错误,每隔30s,重新尝试调用 try { - Thread.sleep(1000); + Thread.sleep(30000); } catch (InterruptedException ex) { throw new RuntimeException(ex); } diff --git a/src/main/java/org/springblade/modules/auth/granter/NoPasswordTokenGranter.java b/src/main/java/org/springblade/modules/auth/granter/NoPasswordTokenGranter.java new file mode 100644 index 0000000..2675610 --- /dev/null +++ b/src/main/java/org/springblade/modules/auth/granter/NoPasswordTokenGranter.java @@ -0,0 +1,117 @@ +/* + * Copyright (c) 2018-2028, Chill Zhuang All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * Neither the name of the dreamlu.net developer nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * Author: Chill 庄骞 (smallchill@163.com) + */ +package org.springblade.modules.auth.granter; + +import lombok.AllArgsConstructor; +import org.springblade.common.cache.CacheNames; +import org.springblade.common.cache.ParamCache; +import org.springblade.core.log.exception.ServiceException; +import org.springblade.core.redis.cache.BladeRedis; +import org.springblade.core.tool.utils.DigestUtil; +import org.springblade.core.tool.utils.Func; +import org.springblade.core.tool.utils.WebUtil; +import org.springblade.modules.auth.enums.UserEnum; +import org.springblade.modules.auth.provider.ITokenGranter; +import org.springblade.modules.auth.provider.TokenParameter; +import org.springblade.modules.auth.utils.TokenUtil; +import org.springblade.modules.system.entity.Tenant; +import org.springblade.modules.system.entity.UserInfo; +import org.springblade.modules.system.service.IRoleService; +import org.springblade.modules.system.service.ITenantService; +import org.springblade.modules.system.service.IUserService; +import org.springframework.stereotype.Component; + +import javax.servlet.http.HttpServletRequest; +import java.time.Duration; +import java.util.List; + +/** + * PasswordTokenGranter + * + * @author Chill + */ +@Component +@AllArgsConstructor +public class NoPasswordTokenGranter implements ITokenGranter { + + public static final String GRANT_TYPE = "nopassword"; + public static final Integer FAIL_COUNT = 5; + public static final String FAIL_COUNT_VALUE = "account.failCount"; + + private final IUserService userService; + private final IRoleService roleService; + private final ITenantService tenantService; + private final BladeRedis bladeRedis; + + @Override + public UserInfo grant(TokenParameter tokenParameter) { + HttpServletRequest request = WebUtil.getRequest(); + // 获取用户绑定ID + String headerDept = request.getHeader(TokenUtil.DEPT_HEADER_KEY); + String headerRole = request.getHeader(TokenUtil.ROLE_HEADER_KEY); + + // 获取用户信息 + String tenantId = tokenParameter.getArgs().getStr("tenantId"); + String username = tokenParameter.getArgs().getStr("username"); + String password = tokenParameter.getArgs().getStr("password"); + + // 判断登录是否锁定 + int cnt = Func.toInt(bladeRedis.get(CacheNames.tenantKey(tenantId, CacheNames.USER_FAIL_KEY, username)), 0); + int failCount = Func.toInt(ParamCache.getValue(FAIL_COUNT_VALUE), FAIL_COUNT); + if (cnt >= failCount) { + throw new ServiceException(TokenUtil.USER_HAS_TOO_MANY_FAILS); + } + + UserInfo userInfo = null; + if (Func.isNoneBlank(username, password)) { + // 获取租户信息 + Tenant tenant = tenantService.getByTenantId(tenantId); + if (TokenUtil.judgeTenant(tenant)) { + throw new ServiceException(TokenUtil.USER_HAS_NO_TENANT_PERMISSION); + } + // 获取用户类型 + String userType = tokenParameter.getArgs().getStr("userType"); + // 根据不同用户类型调用对应的接口返回数据,用户可自行拓展 + if (userType.equals(UserEnum.WEB.getName())) { + userInfo = userService.userInfo(tenantId, username, password, UserEnum.WEB); + } else if (userType.equals(UserEnum.APP.getName())) { + userInfo = userService.userInfo(tenantId, username, password, UserEnum.APP); + } else { + userInfo = userService.userInfo(tenantId, username, password, UserEnum.OTHER); + } + } + if (userInfo == null || userInfo.getUser() == null) { + // 增加错误锁定次数 + bladeRedis.setEx(CacheNames.tenantKey(tenantId, CacheNames.USER_FAIL_KEY, username), cnt + 1, Duration.ofMinutes(30)); + } else { + // 成功则清除登录错误次数 + bladeRedis.del(CacheNames.tenantKey(tenantId, CacheNames.USER_FAIL_KEY, username)); + } + // 多部门情况下指定单部门 + if (Func.isNotEmpty(headerDept) && userInfo != null && userInfo.getUser().getDeptId().contains(headerDept)) { + userInfo.getUser().setDeptId(headerDept); + } + // 多角色情况下指定单角色 + if (Func.isNotEmpty(headerRole) && userInfo != null && userInfo.getUser().getRoleId().contains(headerRole)) { + List roleAliases = roleService.getRoleAliases(headerRole); + userInfo.setRoles(roleAliases); + userInfo.getUser().setRoleId(headerRole); + } + return userInfo; + } + +} diff --git a/src/main/java/org/springblade/modules/auth/provider/TokenGranterBuilder.java b/src/main/java/org/springblade/modules/auth/provider/TokenGranterBuilder.java index 7e6177c..6db6258 100644 --- a/src/main/java/org/springblade/modules/auth/provider/TokenGranterBuilder.java +++ b/src/main/java/org/springblade/modules/auth/provider/TokenGranterBuilder.java @@ -20,10 +20,7 @@ import lombok.AllArgsConstructor; import org.springblade.core.secure.exception.SecureException; import org.springblade.core.tool.utils.Func; import org.springblade.core.tool.utils.SpringUtil; -import org.springblade.modules.auth.granter.CaptchaTokenGranter; -import org.springblade.modules.auth.granter.PasswordTokenGranter; -import org.springblade.modules.auth.granter.RefreshTokenGranter; -import org.springblade.modules.auth.granter.SocialTokenGranter; +import org.springblade.modules.auth.granter.*; import java.util.Map; import java.util.concurrent.ConcurrentHashMap; @@ -43,6 +40,7 @@ public class TokenGranterBuilder { static { GRANTER_POOL.put(PasswordTokenGranter.GRANT_TYPE, SpringUtil.getBean(PasswordTokenGranter.class)); + GRANTER_POOL.put(NoPasswordTokenGranter.GRANT_TYPE, SpringUtil.getBean(NoPasswordTokenGranter.class)); GRANTER_POOL.put(CaptchaTokenGranter.GRANT_TYPE, SpringUtil.getBean(CaptchaTokenGranter.class)); GRANTER_POOL.put(RefreshTokenGranter.GRANT_TYPE, SpringUtil.getBean(RefreshTokenGranter.class)); GRANTER_POOL.put(SocialTokenGranter.GRANT_TYPE, SpringUtil.getBean(SocialTokenGranter.class)); diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index 12feb67..f4b0d62 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -226,9 +226,15 @@ blade: #接口放行 skip-url: - /blade-test/** - - /** - - /api/appData/putFile - - /alarmInformation/alarm + - /alarmInformation/** + - /appData/list + - /appData/putFile + - /appData/handle + - /appData/escalation + - /appData/getList + - /appData/coordinateToWGS84 + - /hikvisionCamera/import-user + - /blade-system/user/getUser #授权认证配置 auth: - method: ALL