添加扫码登录

ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/controller/AuthController.java

@@ -319,4 +319,13 @@ public class AuthController {
 
     }
 
+    @RequestMapping(value = "/chw/authLogin", method = RequestMethod.POST)
+    public ObjectRestResponse<String> authLogin(
+            @RequestBody Map<String,Object> body,
+            HttpServletRequest request) throws Exception {
+        log.info(" authLogin logging...");
+        String token = request.getHeader(tokenHeader);
+        return appAuthService.authLoginChw(token,2,body.get("uuId").toString());
+    }
+
 }

ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/feign/IUserService.java

@@ -11,6 +11,8 @@ import io.swagger.annotations.ApiModelProperty;
 import org.springframework.cloud.openfeign.FeignClient;
 import org.springframework.web.bind.annotation.*;
 
+import java.util.Map;
+
 
 /**
  * ${DESCRIPTION}
@@ -26,6 +28,14 @@ public interface IUserService {
     @RequestMapping(value = "/api/user/chw/validate", method = RequestMethod.POST)
     public UserInfo validateChw(@RequestBody JwtAuthenticationChwRequest authenticationRequest);
 
+
+    @RequestMapping(value = "/api/user/chw/validateAuth", method = RequestMethod.POST)
+    UserInfo validateAuth(@RequestBody JwtAuthenticationChwRequest authenticationRequest);
+
+    @RequestMapping(value = "api/app/user/chw/authLogin", method = RequestMethod.POST)
+    ObjectRestResponse authLogin(@RequestBody Map<String,String> body);
+
+
     @RequestMapping(value = "/api/user/validate/small", method = RequestMethod.POST)
     public UserInfo validateSmall(@RequestBody JwtAuthenticationRequest authenticationRequest);
 

ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/service/AuthService.java

@@ -9,6 +9,7 @@ import com.github.wxiaoqi.security.common.msg.ObjectRestResponse;
 public interface AuthService {
     String login(JwtAuthenticationRequest authenticationRequest) throws Exception;
     String loginChw(JwtAuthenticationChwRequest authenticationRequest) throws Exception;
+    ObjectRestResponse authLoginChw(String token,Integer bizType,String uuId) throws  Exception;
     ObjectRestResponse loginSmall(JwtAuthenticationRequest authenticationRequest) throws Exception;
     String refresh(String oldToken) throws Exception;
     void validate(String token) throws Exception;

ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/service/impl/AppAuthServiceImpl.java

@@ -19,6 +19,9 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 import org.springframework.util.StringUtils;
 
+import java.util.HashMap;
+import java.util.Map;
+
 /**
  * @author keliii
  */
@@ -170,4 +173,33 @@ public class AppAuthServiceImpl implements AuthService {
         }
     }
 
+
+    @Override
+    public ObjectRestResponse authLoginChw(String token,Integer bizType,String uuId) throws  Exception{
+        if (StringUtils.isEmpty(token)){
+            return ObjectRestResponse.createFailedResult(ResultCode.NULL_CODE,"token不能为空");
+        }
+        IJWTInfo ijwtInfo=jwtTokenUtil.getInfoFromToken(token);
+        if (ijwtInfo==null){
+            return ObjectRestResponse.createFailedResult(10009,"token失效");
+        }
+        String username = ijwtInfo.getUniqueName();
+        JwtAuthenticationChwRequest authenticationRequest = new JwtAuthenticationChwRequest();
+        authenticationRequest.setUsername(username);
+        authenticationRequest.setBizType(bizType);
+        UserInfo info = userService.validateAuth(authenticationRequest);
+        if (StringUtils.isEmpty(info.getId())) {
+            throw new UserInvalidException("无权限操作");
+        }
+        token = jwtTokenUtil.generateToken(new JWTInfo(info.getUsername(), info.getId() + "", info.getName()));
+        Map<String,String> body = new HashMap<>();
+        body.put("token",token);
+        body.put("uuId",uuId);
+        ObjectRestResponse objectRestResponse = userService.authLogin(body);
+        if (objectRestResponse.getStatus() == ResultCode.SUCCESS_CODE){
+            objectRestResponse.setData(token);
+        }
+        return objectRestResponse;
+    }
+
 }

ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/service/impl/AuthServiceImpl.java

@@ -51,6 +51,11 @@ public class AuthServiceImpl implements AuthService {
         throw new UserInvalidException("用户不存在或账户密码错误!");
     }
 
+    @Override
+    public ObjectRestResponse authLoginChw(String token, Integer bizType,String uuId) throws Exception {
+        return null;
+    }
+
     @Override
     public ObjectRestResponse loginSmall(JwtAuthenticationRequest authenticationRequest) throws Exception {
         UserInfo info = userService.validateSmall(authenticationRequest);

ace-modules/ace-admin-api/src/main/java/com/github/wxiaoqi/security/admin/constant/RedisKey.java

@@ -17,4 +17,11 @@ public class RedisKey {
     public static final String CONSTANT_ERROR_PREFIX ="cache:mobileerror:";
 
 
+    public static final String CONSTANT_AUTHLOGIN_PREFIX ="cache:authLogin:";
+
+    public static final String CONSTANT_AUTHLOGIN_CODE_PREFIX ="cache:authLogin:code:";
+
+    public static final String CONSTANT_AUTHLOGIN_TOKEN_PREFIX ="cache:authLogin:token:";
+
+
 }

ace-modules/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/rpc/AppUserRest.java

@@ -8,6 +8,7 @@ import com.github.wxiaoqi.security.admin.rpc.service.AppPermissionService;
 import com.github.wxiaoqi.security.admin.vo.ImiVo;
 import com.github.wxiaoqi.security.api.vo.authority.PermissionInfo;
 import com.github.wxiaoqi.security.api.vo.user.AppUserInfo;
+import com.github.wxiaoqi.security.auth.client.annotation.IgnoreClientToken;
 import com.github.wxiaoqi.security.auth.client.config.UserAuthConfig;
 import com.github.wxiaoqi.security.auth.client.jwt.UserAuthUtil;
 import com.github.wxiaoqi.security.auth.common.util.jwt.IJWTInfo;
@@ -24,8 +25,11 @@ import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
 
 import javax.servlet.http.HttpServletRequest;
+import java.io.BufferedReader;
 import java.util.List;
 import java.util.Map;
+import java.util.UUID;
+import java.util.concurrent.TimeUnit;
 
 /**
  * @author keliii
@@ -290,6 +294,39 @@ public class AppUserRest {
     }
 
 
+    @RequestMapping(value = "app/unauth/user/chw/loginQrCode", method = RequestMethod.GET)
+    @IgnoreClientToken
+    public ObjectRestResponse loginQrCode(@RequestParam(value = "oldUuId",defaultValue = "") String oldUuId){
+        String uuId  = UUID.randomUUID()+"";
+        return  appPermissionService.loginQrCode(uuId,oldUuId);
+    }
+
+    @RequestMapping(value = "app/unauth/user/chw/checkAuthLogin", method = RequestMethod.GET)
+    @IgnoreClientToken
+    public ObjectRestResponse checkAuthLogin(@RequestParam(value = "uuId") String uuId){
+        return  ObjectRestResponse.succ(appPermissionService.checkAuthLogin(uuId));
+    }
+
+
+    @RequestMapping(value = "/user/chw/authLoginCode", method = RequestMethod.GET)
+    public ObjectRestResponse authLoginCode(@RequestParam(value = "uuId") String uuId,@RequestParam(value = "type",defaultValue = "1") Integer type){
+        appPermissionService.authLoginCode(uuId);
+        JSONObject jsonObject = new JSONObject();
+        jsonObject.put("uuId",uuId);
+        jsonObject.put("type",type);
+        return  ObjectRestResponse.succ(jsonObject);
+    }
+
+
+    @RequestMapping(value = "/user/chw/authLogin", method = RequestMethod.POST)
+    public ObjectRestResponse authLogin(@RequestBody Map<String,String> body){
+        appPermissionService.authLogin(body.get("uuId"), body.get("token"));
+        return  ObjectRestResponse.succ();
+    }
+
+
+
+
     /*@GetMapping("/app/unauth/test")
     @IgnoreUserToken
     public ObjectRestResponse test(){

ace-modules/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/rpc/UserRest.java

@@ -46,6 +46,14 @@ public class UserRest {
         return permissionService.validateChw(body.get("username"), body.get("password"), Integer.valueOf(body.get("bizType")));
     }
 
+    @RequestMapping(value = "/user/chw/validateAuth", method = RequestMethod.POST)
+    public @ResponseBody UserInfo validateAuth(@RequestBody Map<String,String> body){
+        return permissionService.validateApp(body.get("username"), Integer.valueOf(body.get("bizType")));
+    }
+
+
+
+
     @RequestMapping(value = "/user/validate/small", method = RequestMethod.POST)
     public @ResponseBody UserInfo validateSmall(@RequestBody Map<String,String> body){
         return permissionService.validateSmall(body.get("username"),body.get("password"));

ace-modules/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/rpc/service/AppPermissionService.java

@@ -15,6 +15,7 @@ import com.github.wxiaoqi.security.admin.vo.ImiVo;
 import com.github.wxiaoqi.security.api.vo.authority.PermissionInfo;
 import com.github.wxiaoqi.security.api.vo.user.AppUserInfo;
 import com.github.wxiaoqi.security.common.config.rabbit.RabbitConstant;
+import com.github.wxiaoqi.security.common.exception.BaseException;
 import com.github.wxiaoqi.security.common.msg.BaseResponse;
 import com.github.wxiaoqi.security.common.msg.ObjectRestResponse;
 import com.github.wxiaoqi.security.common.util.EmojiFilter;
@@ -1466,4 +1467,102 @@ public class AppPermissionService {
         }
     }
 
+
+    public  void   authLogin(String uuId,String token){
+        String mobilecodeRedis  = checkUUID(uuId);
+        if (StringUtils.isBlank(mobilecodeRedis)) {
+            log.info("---uuId为空------uuId==="+uuId);
+            throw  new BaseException("二维码已失效",ResultCode.NOTEXIST_CODE);
+        }
+        mobilecodeRedis  = checkCode(uuId);
+        if (StringUtils.isBlank(mobilecodeRedis)) {
+            log.info("---未扫码------uuId==="+uuId);
+            throw  new BaseException("操作超时请重新扫码",ResultCode.USER_NOTEXIST_CODE);
+        }
+        String redisLockKey = RedisKey.CONSTANT_AUTHLOGIN_TOKEN_PREFIX + mobilecodeRedis;
+        Boolean suc = userRedisTemplate.opsForValue().setIfAbsent(redisLockKey,token);
+        if (suc) {
+            userRedisTemplate.expire(redisLockKey, 5, TimeUnit.MINUTES);//5分钟内过期
+        }
+    }
+
+    public  void   authLoginCode(String uuId){
+        String mobilecodeRedis  = checkUUID(uuId);
+        if (StringUtils.isBlank(mobilecodeRedis)) {
+            log.info("---uuId为空------uuId==="+uuId);
+            throw  new BaseException("二维码已失效",ResultCode.NOTEXIST_CODE);
+        }
+        String redisLockKey = RedisKey.CONSTANT_AUTHLOGIN_CODE_PREFIX + mobilecodeRedis;
+        Boolean suc = userRedisTemplate.opsForValue().setIfAbsent(redisLockKey,uuId);
+        if (suc) {
+            userRedisTemplate.expire(redisLockKey, 5, TimeUnit.MINUTES);//5分钟内过期
+        }
+    }
+
+    public  ObjectRestResponse  loginQrCode(String uuId,String oldUuId){
+        String redisLockKey = RedisKey.CONSTANT_AUTHLOGIN_PREFIX + oldUuId;
+        if (StringUtils.isNotBlank(oldUuId))
+                userRedisTemplate.delete(redisLockKey);
+        ObjectRestResponse<JSONObject> restResponse = thirdFeign.loginQrCode(uuId);
+        if (restResponse.getData() == null){
+            return restResponse;
+        }
+        redisLockKey = RedisKey.CONSTANT_AUTHLOGIN_PREFIX + uuId;
+        Integer minutes = 2*60;
+        Boolean suc = userRedisTemplate.opsForValue().setIfAbsent(redisLockKey,uuId);
+        if (suc) {
+            userRedisTemplate.expire(redisLockKey, minutes, TimeUnit.MINUTES);//5分钟内过期
+        }
+        JSONObject data = restResponse.getData();
+        data.put("minutes",minutes);
+        return  ObjectRestResponse.succ(data);
+    }
+
+
+    //检查验证码是否正确
+    public String checkAuthLogin(String uuId){
+        String mobilecodeRedis  = checkUUID(uuId);
+        if (StringUtils.isBlank(mobilecodeRedis)) {
+            log.info("---uuId为空------uuId==="+uuId);
+            throw  new BaseException("二维码已失效",ResultCode.NOTEXIST_CODE);
+        }
+        mobilecodeRedis  = checkCode(uuId);
+        if (StringUtils.isBlank(mobilecodeRedis)) {
+            log.info("---未扫码------uuId==="+uuId);
+            throw  new BaseException("app用户未扫码",ResultCode.USER_NOTEXIST_CODE);
+        }
+        String redisLockKey = RedisKey.CONSTANT_AUTHLOGIN_TOKEN_PREFIX + mobilecodeRedis;
+        mobilecodeRedis = userRedisTemplate.opsForValue().get(redisLockKey) == null ? "" : userRedisTemplate.opsForValue().get(redisLockKey).toString();
+        log.error("checkAuthLogin，获取redis中的token：" + mobilecodeRedis);
+        if (StringUtils.isBlank(mobilecodeRedis)) {
+            log.info("---token为空------uuId==="+uuId);
+            throw  new BaseException("未扫码登录",ResultCode.NULL_CODE);
+        }
+        return mobilecodeRedis;
+    }
+
+    public  String checkUUID(String uuId){
+        // 判断参数和验证码
+        if (StringUtils.isBlank(uuId)) {
+            log.info("---参数为空------");
+            return null;
+        }
+        String redisLockKey = RedisKey.CONSTANT_AUTHLOGIN_PREFIX + uuId;
+        String mobilecodeRedis = userRedisTemplate.opsForValue().get(redisLockKey) == null ? "" : userRedisTemplate.opsForValue().get(redisLockKey).toString();
+        log.error("checkUUID，获取redis中的uuId：" + mobilecodeRedis);
+        return  mobilecodeRedis;
+    }
+
+    public  String checkCode(String uuId){
+        // 判断参数和验证码
+        if (StringUtils.isBlank(uuId)) {
+            log.info("---参数为空------");
+            return null;
+        }
+        String redisLockKey = RedisKey.CONSTANT_AUTHLOGIN_CODE_PREFIX + uuId;
+        String mobilecodeRedis = userRedisTemplate.opsForValue().get(redisLockKey) == null ? "" : userRedisTemplate.opsForValue().get(redisLockKey).toString();
+        log.error("checkCode，获取redis中的uuId：" + mobilecodeRedis);
+        return  mobilecodeRedis;
+    }
+
 }

ace-modules/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/rpc/service/PermissionService.java

@@ -84,6 +84,20 @@ public class PermissionService {
         return info;
     }
 
+    public UserInfo validateApp(String username,Integer bizType){
+        UserInfo info = new UserInfo();
+        User user = userBiz.selectOne(new User(){{
+            setMobilePhone(username);
+            setBizType(bizType);
+            setIsDel(0);
+        }});
+        if (user!=null){
+            BeanUtils.copyProperties(user, info);
+            info.setId(user.getId().toString());
+        }
+        return info;
+    }
+
      //小程序登录
     public UserInfo validateSmall(String username,String password){
         UserInfo info = new UserInfo();
@@ -101,6 +115,7 @@ public class PermissionService {
         return info;
     }
 
+
     public List<PermissionInfo> getAllPermission() {
         List<Menu> menus = menuBiz.selectListAll();
         List<PermissionInfo> result = new ArrayList<PermissionInfo>();

xx-universal/xx-universal-api/src/main/java/com/xxfc/platform/universal/feign/ThirdFeign.java

@@ -108,4 +108,8 @@ public interface ThirdFeign {
 
     @RequestMapping(value = "app/file/app/unauth/uploadHead", method = RequestMethod.POST)
     ObjectRestResponse<String> uploadHead(@RequestBody UploadImgDTO uploadImgDTO)throws Exception;
+
+
+    @RequestMapping(value = "app/file/app/unauth/loginQrCode", method = RequestMethod.POST)
+    ObjectRestResponse<JSONObject> loginQrCode(@RequestParam("uuid") String uuid);
 }

xx-universal/xx-universal-server/src/main/java/com/xxfc/platform/universal/controller/AppUploadController.java

@@ -8,18 +8,20 @@ import com.github.wxiaoqi.security.common.msg.ObjectRestResponse;
 import com.github.wxiaoqi.security.common.util.result.JsonResultUtil;;
 import com.xxfc.platform.universal.dto.UploadImgDTO;
 import com.xxfc.platform.universal.service.UploadService;
+import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.multipart.MultipartFile;
 
+import java.util.UUID;
+
 
 /**
  * 图片上传
  */
 @RestController
 @RequestMapping("app/file")
-@IgnoreUserToken
 @Slf4j
 public class AppUploadController {
 
@@ -46,5 +48,20 @@ public class AppUploadController {
         return ObjectRestResponse.succ(uploadService.getHeadImg(uploadImgDTO));
     }
 
+
+    @ApiOperation("获取二维码")
+    @RequestMapping(value = "/app/unauth/loginQrCode", method = RequestMethod.POST)
+    @IgnoreUserToken
+    public ObjectRestResponse<JSONObject> loginQrCode(@RequestParam("uuid") String uuid){
+        String base64Img = uploadService.getLoginQrCode(uuid);
+        JSONObject jsonObject = new JSONObject();
+        jsonObject.put("base64Img",base64Img);
+        jsonObject.put("uuid",uuid);
+        return ObjectRestResponse.succ(jsonObject);
+    }
+
+
+
+
 }
 

xx-universal/xx-universal-server/src/main/java/com/xxfc/platform/universal/service/UploadService.java

 package com.xxfc.platform.universal.service;
 
 
+import com.github.wxiaoqi.security.common.util.ZXingCode;
 import com.github.wxiaoqi.security.common.util.process.SystemConfig;
 import com.xxfc.platform.universal.constant.RedisKey;
 import com.xxfc.platform.universal.dto.UploadImgDTO;
@@ -19,6 +20,8 @@ import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
 import org.springframework.stereotype.Service;
 import org.springframework.web.multipart.MultipartFile;
+import sun.misc.BASE64Encoder;
+
 import java.io.*;
 import java.net.HttpURLConnection;
 import java.net.URL;
@@ -37,6 +40,8 @@ public class    UploadService {
     private String avatar ;
     @Value("${universal.url}")
     private String xx_url ;
+    @Value("${universal.QrCodeUrl}")
+    private String QrCodeUrl;
     @Autowired
     private RedisTemplate redisTemplate;
 
@@ -314,6 +319,46 @@ public class    UploadService {
     }
 
 
+    public String getLoginQrCode(String uuid){
+        File logoFile = new File(baseUploadPath+"/app/shop_logo_default.png");
+        String QrCodePath = "/qrcode/";
+        File file=new File(baseUploadPath+QrCodePath);
+        if(!file.exists()){//如果文件夹不存在
+            file.mkdirs();//创建文件夹
+        }
+        QrCodePath = QrCodePath+"LOGIN_"+uuid+".png";
+        File QrCodeFile = new File(baseUploadPath+QrCodePath);
+        String url = xx_url+QrCodeUrl+"?uuId="+uuid;
+        String note = null;//"访问百度连接";
+        ZXingCode.drawLogoQRCode(logoFile, QrCodeFile, url, note);
+        String base64Img = GetImageStrFromPath(baseUploadPath + QrCodePath);
+        file=new File(baseUploadPath+QrCodePath);
+        if(file.exists()  && file.isFile()){
+            file.delete();
+        }
+        return  base64Img;
+    }
+
+
+    public  String GetImageStrFromPath(String imgPath) {
+        InputStream in = null;
+        byte[] data = null;
+        // 读取图片字节数组
+        try {
+            in = new FileInputStream(imgPath);
+            data = new byte[in.available()];
+            in.read(data);
+            in.close();
+        } catch (IOException e) {
+            e.printStackTrace();
+        }
+        // 对字节数组Base64编码
+        BASE64Encoder encoder = new BASE64Encoder();
+        // 返回Base64编码过的字节数组字符串
+        return encoder.encode(data);
+    }
+
+