修改经办段统一门户登录
This commit is contained in:
@@ -3,6 +3,7 @@ package com.ruoyi.framework.web.service;
|
||||
import com.ruoyi.cms.util.oauth.OauthClient;
|
||||
import com.ruoyi.common.constant.Constants;
|
||||
import com.ruoyi.common.core.domain.entity.SysUser;
|
||||
import com.ruoyi.common.core.domain.entity.tymh.authority.QxUserRole;
|
||||
import com.ruoyi.common.core.domain.entity.tymh.nwToken.NwTokenResult;
|
||||
import com.ruoyi.common.core.domain.entity.tymh.nwToken.NwUserInfoResult;
|
||||
import com.ruoyi.common.core.domain.entity.tymh.nwToken.PortalTokenCacheDTO;
|
||||
@@ -19,15 +20,18 @@ import com.ruoyi.framework.manager.factory.AsyncFactory;
|
||||
import com.ruoyi.framework.security.context.AuthenticationContextHolder;
|
||||
import com.ruoyi.system.service.ISysUserService;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.authentication.AuthenticationManager;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.Date;
|
||||
import java.util.List;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
import java.util.concurrent.TimeoutException;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
@Service
|
||||
public class OauthLoginService {
|
||||
@@ -42,7 +46,7 @@ public class OauthLoginService {
|
||||
@Autowired
|
||||
private ISysUserService sysUserService;
|
||||
@Autowired
|
||||
private AuthenticationManager authenticationManager;
|
||||
private UserDetailsService userDetailsService;
|
||||
// Redis缓存:门户UserID → 若依本地用户名(避免重复匹配数据库)
|
||||
private static final String REDIS_KEY_PORTAL_USER_MAPPING = "portal:user:mapping:";
|
||||
// 门户 Token 存储前缀(Redis 键:门户 userId → 门户 Token 信息)
|
||||
@@ -92,6 +96,12 @@ public class OauthLoginService {
|
||||
String cacheKey = REDIS_KEY_PORTAL_USER_MAPPING + portalUserId;
|
||||
String localUsername = redisCache.getCacheObject(cacheKey);
|
||||
if (StringUtils.isNotBlank(localUsername)) {
|
||||
try {
|
||||
//更新用户信息
|
||||
//updateUserInfo(portalUser);
|
||||
}catch (Exception e){
|
||||
e.printStackTrace();
|
||||
}
|
||||
return localUsername;
|
||||
}
|
||||
|
||||
@@ -134,9 +144,20 @@ public class OauthLoginService {
|
||||
newUser.setUserId(portalUserId);
|
||||
newUser.setPassword(SecurityUtils.encryptPassword("123456"));
|
||||
newUser.setDelFlag("0");
|
||||
|
||||
// 调用若依原生方法新增用户(自动处理角色关联,需提前配置默认角色)
|
||||
sysUserService.insertUser(newUser);
|
||||
try {
|
||||
//查询权限,保存权限
|
||||
List<QxUserRole> userRoleList=oauthClient.getUserRoleList(portalUserId);
|
||||
if(userRoleList!=null&&userRoleList.size()>0){
|
||||
Long[] longs=userRoleList.stream().mapToLong(QxUserRole::getRoleId).boxed().toArray(Long[]::new);;
|
||||
newUser.setRoleIds(longs);
|
||||
}else {
|
||||
throw new Exception("未查询到用户角色,请授权后访问!");
|
||||
}
|
||||
// 调用若依原生方法新增用户(自动处理角色关联,需提前配置默认角色)
|
||||
sysUserService.insertUser(newUser);
|
||||
}catch (Exception e){
|
||||
e.printStackTrace();
|
||||
}
|
||||
return newUser;
|
||||
}
|
||||
|
||||
@@ -147,15 +168,16 @@ public class OauthLoginService {
|
||||
private Authentication authenticateLocalUser(String localUsername) {
|
||||
Authentication authentication = null;
|
||||
try {
|
||||
// 构建认证令牌:用户名+空密码(因为门户已验证身份,本地仅需加载用户信息)
|
||||
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(localUsername, "");
|
||||
AuthenticationContextHolder.setContext(authenticationToken);
|
||||
UserDetails userDetails = userDetailsService.loadUserByUsername(localUsername);
|
||||
|
||||
// 触发认证:会调用 UserDetailsServiceImpl.loadUserByUsername(localUsername)
|
||||
// 该方法会加载用户权限、角色,返回 LoginUser
|
||||
authentication = authenticationManager.authenticate(authenticationToken);
|
||||
authentication = new UsernamePasswordAuthenticationToken(
|
||||
userDetails,
|
||||
null, // 密码为 null,彻底绕过 Spring Security 的密码校验
|
||||
userDetails.getAuthorities()
|
||||
);
|
||||
|
||||
AuthenticationContextHolder.setContext(authentication);
|
||||
} catch (Exception e) {
|
||||
// 捕获认证异常(如用户被禁用、权限加载失败等)
|
||||
throw new ServiceException("本地用户认证失败:" + e.getMessage());
|
||||
} finally {
|
||||
AuthenticationContextHolder.clearContext();
|
||||
@@ -178,6 +200,34 @@ public class OauthLoginService {
|
||||
redisCache.setCacheObject(redisKey, tokenCache, safeLongToInt(tokenResult.getExpiresIn()), TimeUnit.SECONDS);
|
||||
}
|
||||
|
||||
/**
|
||||
* 修改用户信息
|
||||
* @param portalUser
|
||||
*/
|
||||
private void updateUserInfo(NwUserInfoResult portalUser){
|
||||
SysUser sysUser=new SysUser();
|
||||
Long portalUserId=parsePortalUserId(portalUser.getUserid());
|
||||
//查询用户角色
|
||||
try {
|
||||
List<QxUserRole> userRoleList=oauthClient.getUserRoleList(portalUserId);
|
||||
if(userRoleList!=null&&userRoleList.size()>0){
|
||||
Long[] longs=userRoleList.stream().mapToLong(QxUserRole::getRoleId).boxed().toArray(Long[]::new);;
|
||||
sysUser.setRoleIds(longs);
|
||||
}else {
|
||||
throw new Exception("未查询到用户角色,请授权后访问!");
|
||||
}
|
||||
}catch (Exception e){
|
||||
e.printStackTrace();
|
||||
}
|
||||
|
||||
String localUsername = "portal_" + portalUserId;
|
||||
sysUser.setUserName(localUsername);
|
||||
sysUser.setNickName(portalUser.getName());
|
||||
sysUser.setIdCard(portalUser.getIdcardno());
|
||||
sysUser.setUserId(portalUserId);
|
||||
sysUserService.updateUser(sysUser);
|
||||
}
|
||||
|
||||
/**
|
||||
* 记录登录信息(复用若依原生逻辑,直接复制过来)
|
||||
*/
|
||||
|
||||
@@ -53,8 +53,8 @@ public class UserDetailsServiceImpl implements UserDetailsService
|
||||
log.info("登录用户:{} 已被停用.", username);
|
||||
throw new ServiceException(MessageUtils.message("user.blocked"));
|
||||
}
|
||||
|
||||
passwordService.validate(user);
|
||||
////单点跳过验证密码阶段
|
||||
//passwordService.validate(user);
|
||||
|
||||
return createLoginUser(user);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user