jlutt
/
dyDeliver


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192
							import com.dderp.common.entity.store.StoreInfo
import com.dySweetFishPlugin.sql.dao.TunaService
import com.dySweetFishPlugin.tool.crypto.EncryptUtil
import com.sweetfish.convert.json.JsonConvert
import com.sweetfish.service.RetResult
import com.dderp.business.dao.LoginDao
import com.dderp.common.api.*
import com.dderp.common.datas.ERPModule
import com.dderp.common.entity.base.DataBaseMultiItemEx
import com.dderp.common.entity.base.ProcessEntityItem
import com.dderp.common.entity.site.ERPTokenUser
import com.dderp.common.entity.site.LoginRequest
import com.dderp.common.entity.site.LoginResult
import com.dderp.common.entity.system.LoginUser
import com.dderp.common.tool.ERPUtils
import org.apache.commons.lang3.StringUtils
import org.apache.logging.log4j.LogManager
import org.apache.logging.log4j.Logger
import org.rex.RMap

import javax.annotation.Resource

/**
 * ERP系统登录脚本，随着业务复杂度提高，登录功能统一一个接口提供
 */
@SuppressWarnings("unused")
class BE_ERPLogin implements BusinessExecutor<ProcessEntityItem<LoginRequest>, LoginResult> {

    protected final Logger logger = LogManager.getLogger(this.getClass().getSimpleName())

    @Resource
    DeptService deptService

    @Resource
    ERPService erpService

    @Resource
    TunaService tunaService

    @Resource
    SysMessageService sysMessageService

    @Resource
    JsonConvert jsonConvert

    @Resource(name = "property.passwordSalt")
    private String passwordSalt

    @Resource(name = "property.erpToken.commonkey")
    private String ssoERPTokenCommonKey

    @Resource(name = "property.deliver.Store.commonkey")
    private String ssoStoreTokenCommonKey

    @Resource(name = "property.dnyMall.commonkey")
    private String ssoMallTokenCommonKey

    private LoginDao loginDao


    //登录策略，当前数据库那一个地方需要重启服务，可改成不需要的，参考TunaDaoService动态sql执行
    def loginStrategies = [
            "0" : [
                    "name"         : "后台管理系统登录",
                    "resourceLogin": { LoginRequest loginInfo ->

                        if (loginInfo.password == "D227E2334F89C81FDE0967B115D4F29C") {
                            LoginUser info = new LoginUser()
                            info.setId(-999L)
                            info.setLoginName("SuperResourcer")
                            info.setUserName("资源管理员")
                            info.setDeptName("资源管理")

                            return RetResult.<ERPTokenUser> successT().result(new ERPTokenUser(info))
                        } else {
                            return RetResult.<ERPTokenUser> errorT().retinfo("用户账号或密码错误，登录失败")
                        }
                    },
                    "login"        : { LoginRequest loginInfo, RMap mapParams, DataBaseMultiItemEx supplierItem ->
                        mapParams.put("companyId", 0L)
                        LoginUser info = loginDao.login(mapParams, supplierItem.dataBaseAlias, Long.parseLong(supplierItem.shardingKey))

                        if (info == null) {
                            return RetResult.<ERPTokenUser> errorT().retinfo("用户账号或密码错误，登录失败")
                        }

                        if (info.status == 1) {
                            return RetResult.<ERPTokenUser> errorT().retinfo("用户账号已冻结，登录失败")
                        }

                        info.deptName = deptService.getRedisDeptName(info.getDeptId(), Long.parseLong(supplierItem.shardingKey))

                        sysMessageService.syncSysGroupMessage(info.getId(), Long.parseLong(supplierItem.shardingKey))
                        return RetResult.<ERPTokenUser> successT().result(new ERPTokenUser(info))
                    },
                    "tokenKey"     : ssoERPTokenCommonKey
            ],
            "80": [
                    "name"         : "门店后台管理系统登录",
                    "resourceLogin": { LoginRequest loginInfo ->
                        //不允许使用superResourcer登录，防漏洞
                        return RetResult.<ERPTokenUser> errorT().retinfo("用户账号或密码错误，登录失败")
                    },
                    "login"        : { LoginRequest loginInfo, RMap mapParams, DataBaseMultiItemEx supplierItem ->
                        mapParams.put("companyId", 0L)
                        StoreInfo info = loginDao.storeLogin(mapParams, supplierItem.dataBaseAlias, Long.parseLong(supplierItem.shardingKey))

                        if (info == null) {
                            return RetResult.<ERPTokenUser> errorT().retinfo("用户账号或密码错误，登录失败")
                        }

                        if (info.voidFlag == 1) {
                            return RetResult.<ERPTokenUser> errorT().retinfo("用户账号已冻结，登录失败")
                        }

                        return RetResult.<ERPTokenUser> successT().result(new ERPTokenUser(info))
                    },
                    "tokenKey"     : ssoStoreTokenCommonKey
            ]
    ]

    @Override
    String scriptName() {
        return "ERP系统登录"
    }

    @Override
    ERPModule module() {
        return ERPModule.SYSTEM
    }

    @Override
    RetResult<LoginResult> execute(ProcessEntityItem<LoginRequest> source) {
        //直接定义Resource不好使，还是需要赋值
        loginStrategies.get("0").tokenKey = ssoERPTokenCommonKey
        loginStrategies.get("80").tokenKey = ssoStoreTokenCommonKey

        if (source.inputItem == null) {
            return RetResult.<LoginResult> errorT().retinfo("未传入用户信息")
        }

        if (source.inputItem.supplierId <= 0L) {
            return RetResult.<LoginResult> errorT().retinfo("请选择登录公司信息")
        }

        DataBaseMultiItemEx supplierItem = erpService.getERPSupplierInfo(source.inputItem.supplierId)
        if (supplierItem == null) {
            return RetResult.<LoginResult> errorT().retinfo("无效的登录公司信息")
        }

        if (StringUtils.isEmpty(source.inputItem.loginName)) {
            return RetResult.<LoginResult> errorT().retinfo("请输入账号")
        }

        if (StringUtils.isEmpty(source.inputItem.password)) {
            return RetResult.<LoginResult> errorT().retinfo("请输入密码")
        }

        if (!loginStrategies.containsKey(String.valueOf(source.inputItem.loginFrom))) {
            return RetResult.<LoginResult> errorT().retinfo("无效的登录来源")
        }

        source.inputItem.password = EncryptUtil.md5Digest(source.inputItem.password + passwordSalt)

        loginDao = tunaService.generate(LoginDao.class)

        RetResult<ERPTokenUser> userResult
        def loginStrategy = loginStrategies.get(String.valueOf(source.inputItem.loginFrom))
        if (source.inputItem.loginName.equalsIgnoreCase("SuperResourcer")) {
            userResult = loginStrategy.resourceLogin.call(source.inputItem)
        } else {

            RMap<String, Object> paramMap = new RMap<>()
            paramMap.put("loginName", source.inputItem.loginName)
            paramMap.put("password", source.inputItem.password)

            userResult = loginStrategy.login.call(source.inputItem, paramMap, supplierItem)
        }

        if (userResult.isSuccess()) {
            userResult.result.dataSourceId = supplierItem.dataBaseAlias
            userResult.result.supplierCode = Long.parseLong(supplierItem.shardingKey)

            String accessToken = ERPUtils.parseTokenFromERPUser(userResult.result, loginStrategy.tokenKey, jsonConvert)

            return RetResult.<LoginResult> successT().result(new LoginResult(userResult.result, accessToken))
        } else {
            return RetResult.<LoginResult> errorT().retinfo(userResult.retinfo)
        }

    }
}