zaixianjiaoyu
/
sourcecode


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327
							package com.qxgmat.controller.api;

import com.github.pagehelper.Page;
import com.nuliji.tools.Response;
import com.nuliji.tools.ResponseHelp;
import com.nuliji.tools.Tools;
import com.nuliji.tools.Transform;
import com.nuliji.tools.exception.AuthException;
import com.nuliji.tools.exception.ParameterException;
import com.nuliji.tools.exception.SystemException;
import com.qxgmat.data.constants.enums.ServiceKey;
import com.qxgmat.data.dao.entity.TextbookLibrary;
import com.qxgmat.data.dao.entity.User;
import com.qxgmat.data.dao.entity.UserMessage;
import com.qxgmat.data.dao.entity.UserOrderRecord;
import com.qxgmat.data.relation.entity.UserPreviewPaperRelation;
import com.qxgmat.dto.request.*;
import com.qxgmat.dto.response.MyDto;
import com.qxgmat.help.AiHelp;
import com.qxgmat.help.CaptchaHelp;
import com.qxgmat.help.ShiroHelp;
import com.qxgmat.help.SmsHelp;
import com.qxgmat.service.UsersService;
import com.qxgmat.service.UserServiceService;
import com.qxgmat.service.extend.MessageExtendService;
import com.qxgmat.service.extend.PreviewService;
import com.qxgmat.service.inline.TextbookLibraryService;
import com.qxgmat.service.inline.UserAbnormalService;
import com.qxgmat.service.inline.UserMessageService;
import com.qxgmat.service.inline.UserOrderRecordService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javax.validation.Validator;
import java.util.Collection;
import java.util.Date;
import java.util.List;

/**

 * Created by GaoJie on 2017/10/31.

 */
@RestController
@RequestMapping("/api/auth")
@Api(tags = "用户验证", description = "登录注册找回密码", produces = MediaType.APPLICATION_JSON_VALUE)
public class AuthController {

    @Autowired
    private CaptchaHelp captchaHelp;

    @Autowired
    private SmsHelp smsHelp;

    @Autowired
    private AiHelp aiHelp;

    @Autowired
    private ShiroHelp shiroHelp;

    @Autowired
    private UsersService usersService;

    @Autowired
    private UserServiceService userServiceService;

    @Autowired
    private UserAbnormalService userAbnormalService;

    // 初始化用户信息

    @Autowired
    private TextbookLibraryService textbookLibraryService;

    @Autowired
    private UserMessageService userMessageService;

    @Autowired
    private UserOrderRecordService userOrderRecordService;

    @Autowired
    private PreviewService previewService;

    @Autowired
    private MessageExtendService messageExtendService;


    @RequestMapping(value = "/token", method = RequestMethod.POST)
    @ApiOperation(value = "验证token", httpMethod = "POST")
    public Response<MyDto> token(@RequestHeader(value = "token", required = false) String token, HttpSession session, HttpServletRequest request) {
        User user;
        if (token == null || token.isEmpty()){
            user = shiroHelp.getLoginUser();
            if (user == null) {
                throw new AuthException("未登录");
            }
        }else{
            user = usersService.getUserByToken(token);
            // 用该token登录
            shiroHelp.getSession().login(shiroHelp.user(user.getArea()+":"+user.getMobile(), ""));
        }

        User entity = usersService.get(user.getId());
        MyDto dto = processUser(entity, request);
        return ResponseHelp.success(dto);
    }

    @RequestMapping(value = "/login", method = RequestMethod.POST)
    @ApiOperation(value = "登录/注册", httpMethod = "POST")
    public Response<MyDto> login(@RequestBody @Validated UserLoginDto userLoginDto, HttpSession session, HttpServletRequest request) {
        if (!smsHelp.verifyCode(userLoginDto.getArea(), userLoginDto.getMobile(), userLoginDto.getMobileVerifyCode(), session)) {
            throw new ParameterException("手机验证码错误！");
        }
        if (userLoginDto.getEmail() != null){
            User emailUser = usersService.getByEmail(userLoginDto.getEmail());
            if (emailUser != null){
                throw new ParameterException("该邮箱已绑定其他账号，请更换邮箱地址");
            }
        }
        try {
            String ip = Tools.getClientIp(request);
            usersService.register(userLoginDto.getArea(), userLoginDto.getMobile(), userLoginDto.getInviteCode(), userLoginDto.getEmail(), null, ip, aiHelp.parseIp(ip));
        }catch (ParameterException e){
            // 忽略已注册信息
        }
        shiroHelp.getSession().login(shiroHelp.user(userLoginDto.getArea()+":"+userLoginDto.getMobile(), ""));

        User user = shiroHelp.getLoginUser();
        User entity = usersService.get(user.getId());
        MyDto dto = processUser(entity, request);
        return ResponseHelp.success(dto);
    }


    @RequestMapping(value = "/wechat_pc", method = RequestMethod.GET)
    @ApiOperation(value = "直接微信二维码登录", httpMethod = "GET")
    public Response<MyDto> directWechatPc(

            @RequestParam(required = false, defaultValue = "") String code,

            HttpSession session, HttpServletRequest request) {
        User user = (User) shiroHelp.getLoginUser();
        try{
            if (user == null){
                // 直接二维码登录
                shiroHelp.getSession().login(shiroHelp.oauth(code, "wechat_pc", true));
            }else{
                // 登录成功绑定二维码
                usersService.Oauth(user, code, "wechat_pc", true);
            }
        }catch (Exception e){
            throw new ParameterException("登录失败");
        }
        User openUser = (User) shiroHelp.getLoginUser();
        if (openUser.getId() != null && openUser.getId() > 0){
            shiroHelp.getSession().login(shiroHelp.user(openUser.getArea()+":"+openUser.getMobile(), ""));
        }
        MyDto dto = processUser(openUser, request);
        return ResponseHelp.success(dto);
    }

    // 公众号登录注册：wechat(false) -> wechat(true) -> bind
    // pc登录注册：wechat_pc(true) -> bind
    //           login -> wechat_pc(true)
    @RequestMapping(value = "/wechat", method = RequestMethod.GET)
    @ApiOperation(value = "直接微信公众号登录", httpMethod = "GET")
    public Response<MyDto> directWechat(

            @RequestParam(required = false, defaultValue = "") String code,

            @RequestParam(required = false, defaultValue = "") boolean userInfo,

            HttpSession session, HttpServletRequest request) {
        try{
            // userInfo：false，尝试登录
            // userInfo：true，第一次登录，尝试授权，等待绑定手机号
            shiroHelp.getSession().login(shiroHelp.oauth(code, "wechat_native", userInfo));
        }catch (Exception e){
            throw new ParameterException("登录失败");
        }
        User openUser = (User) shiroHelp.getLoginUser();
        if (openUser.getId() != null && openUser.getId() > 0){
            shiroHelp.getSession().login(shiroHelp.user(openUser.getArea()+":"+openUser.getMobile(), ""));
        }
        MyDto dto = processUser(openUser, request);
        return ResponseHelp.success(dto);
    }

    @RequestMapping(value = "/logout", method = RequestMethod.POST)
    @ApiOperation(value = "登出", httpMethod = "POST")
    public Response<Boolean> logout(HttpSession session, HttpServletRequest request) {
        shiroHelp.logout();
        return ResponseHelp.success(true);
    }

    @RequestMapping(value = "/bind", method = RequestMethod.POST)
    @ApiOperation(value = "绑定手机号", notes="第三方登录后可执行", httpMethod = "POST")
    public Response<MyDto> bind(@RequestBody @Validated UserValidMobileDto userValidMobileDto, HttpSession session, HttpServletRequest request) {
        if (!smsHelp.verifyCode(userValidMobileDto.getArea(), userValidMobileDto.getMobile(), userValidMobileDto.getMobileVerifyCode(), session)) {
            throw new ParameterException("验证码有误，请重新获取！");
        }
        User openUser = (User) shiroHelp.getLoginUser();
        if(openUser == null)
            throw new SystemException("第三方登录错误");
        if(openUser.getMobile() != null && openUser.getMobile().length() > 0)
            throw new SystemException("手机号已绑定");

        if (userValidMobileDto.getEmail() != null){
            User emailUser = usersService.getByEmail(userValidMobileDto.getEmail());
            if (emailUser != null){
                throw new ParameterException("该邮箱已绑定其他账号，请更换邮箱地址");
            }
        }
        try{
            // 创建新的账号，设定手机号，绑定第三方登录
            String ip = Tools.getClientIp(request);
            User user = usersService.register(userValidMobileDto.getArea(), userValidMobileDto.getMobile(), userValidMobileDto.getInviteCode(), userValidMobileDto.getEmail(), openUser, ip, aiHelp.parseIp(ip));
        }catch (ParameterException e){
            throw new ParameterException("该手机号绑定其他账号，请更换手机号码！");
        }
        shiroHelp.getSession().login(shiroHelp.user(userValidMobileDto.getArea()+":"+userValidMobileDto.getMobile(), ""));

        User user = shiroHelp.getLoginUser();
        User entity = usersService.get(user.getId());
        MyDto dto = processUser(entity, request);
        return ResponseHelp.success(dto);
    }

    @RequestMapping(value = "/valid/invite_code", method = RequestMethod.GET)
    @ApiOperation(value = "验证邀请码", notes="查询邀请码对应账号", httpMethod = "GET")
    public Response<String> validInviteCode(

            @RequestParam(required = true) String inviteCode

    ){
        User user = usersService.getByInviteCode(inviteCode);
        if(user == null){
            return ResponseHelp.success(null);
        }else{
            return ResponseHelp.success(user.getNickname());
        }
    }

    @RequestMapping(value = "/valid/mobile", method = RequestMethod.GET)
    @ApiOperation(value = "验证手机号", notes="查询手机对应账号", httpMethod = "GET")
    public Response<Boolean> validMobile(

            @RequestParam(required = true) String area,

            @RequestParam(required = true) String mobile

    ){
        User user = usersService.getByMobile(area, mobile);
        if(user != null){
            return ResponseHelp.success(false);
        }
        return ResponseHelp.success(true);
    }

    @RequestMapping(value = "/valid/email", method = RequestMethod.GET)
    @ApiOperation(value = "验证手机号", notes="查询手机对应账号", httpMethod = "GET")
    public Response<Boolean> validEmail(

            @RequestParam(required = true) String email

    ){
        User user = usersService.getByEmail(email);
        if(user != null){
            return ResponseHelp.success(false);
        }
        return ResponseHelp.success(true);
    }

    @RequestMapping(value = "/valid/wechat", method = RequestMethod.GET)
    @ApiOperation(value = "验证手机号是否绑定微信", notes="查询手机对应账号", httpMethod = "GET")
    public Response<Boolean> validWechat(

            @RequestParam(required = true) String area,

            @RequestParam(required = true) String mobile

    ){
        User user = usersService.getByMobile(area, mobile);
        if (user != null && user.getWechatUnionid() != null && !user.getWechatUnionid().equals("")){
            return ResponseHelp.success(false);
        }
        return ResponseHelp.success(true);
    }

    private MyDto processUser(User user, HttpServletRequest request){
        MyDto dto = Transform.convert(user, MyDto.class);
        if (user.getId() == null || user.getId() == 0) return dto;
        String ip = Tools.getClientIp(request);
        User entity = User.builder().id(user.getId()).build();
        entity.setLatestLoginTime(new Date());
        if (!user.getRegisterIp().equals(ip) && !user.getLatestLoginIp().equals(ip)){
            entity.setLatestLoginIp(ip);
            // 登录异常处理
            if(!aiHelp.compareIp(user.getRegisterIp(), ip)){
                String[] info = aiHelp.parseIp(ip);
                userAbnormalService.push(user.getId(), ip, info);
            }
        }
        // 更新登录信息
        usersService.edit(entity);
        if (!user.getMobile().isEmpty()){
            dto.setBindMobile(true);
        }
        if (!user.getWechatUnionid().isEmpty()){
            dto.setBindWechat(true);
        }
        if (user.getRealStatus() > 0){
            dto.setBindReal(true);
        }
        if(!user.getPrepareStatus().isEmpty()){
            dto.setBindPrepare(true);
        }
        // vip
        dto.setVip(userServiceService.timeService(user.getId(), ServiceKey.VIP));
        // 最新机经
        if (userServiceService.hasService(user.getId(), ServiceKey.TEXTBOOK)){
            TextbookLibrary latest = textbookLibraryService.getLatest();
            dto.setTextbook(latest.getUpdateTime());
        }
        // 未读消息
        Page<UserMessage> messageList = userMessageService.list(1, 4, user.getId(), null, 0);
        dto.setMessageNumber((int)messageList.getTotal());
        messageExtendService.refreshMessage(messageList);
        dto.setMessages(messageList);
        // 未完成作业
        List<UserOrderRecord> recordList = userOrderRecordService.listWithCourse(1, 1000, null, null, true, false, null, null);
        Collection recordIds = Transform.getIds(recordList, UserOrderRecord.class, "id");
        List<UserPreviewPaperRelation> relationList = previewService.listByRecordId(user.getId(), recordIds, 2);
        dto.setPreviewNumber(relationList.size());
        return dto;
    }
}