| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220 |
- import com.dderp.common.datas.TokenUserFrom
- import com.dderp.common.entity.store.StoreInfo
- import com.dySweetFishPlugin.sql.dao.TunaService
- import com.dySweetFishPlugin.tool.crypto.EncryptUtil
- import com.sweetfish.convert.json.JsonConvert
- import com.sweetfish.service.RetResult
- import com.dderp.business.dao.LoginDao
- import com.dderp.common.api.*
- import com.dderp.common.datas.ERPModule
- import com.dderp.common.entity.base.DataBaseMultiItemEx
- import com.dderp.common.entity.base.ProcessEntityItem
- import com.dderp.common.entity.site.ERPTokenUser
- import com.dderp.common.entity.site.LoginRequest
- import com.dderp.common.entity.site.LoginResult
- import com.dderp.common.entity.system.LoginUser
- import com.dderp.common.tool.ERPUtils
- import org.apache.commons.lang3.StringUtils
- import org.apache.logging.log4j.LogManager
- import org.apache.logging.log4j.Logger
- import org.rex.RMap
- import javax.annotation.Resource
- /**
- * ERP系统登录脚本,随着业务复杂度提高,登录功能统一一个接口提供
- */
- @SuppressWarnings("unused")
- class BE_ERPLogin implements BusinessExecutor<ProcessEntityItem<LoginRequest>, LoginResult> {
- protected final Logger logger = LogManager.getLogger(this.getClass().getSimpleName())
- @Resource
- DeptService deptService
- @Resource
- ERPService erpService
- @Resource
- TunaService tunaService
- @Resource
- SysMessageService sysMessageService
- @Resource
- JsonConvert jsonConvert
- @Resource(name = "property.passwordSalt")
- private String passwordSalt
- @Resource(name = "property.erpToken.commonkey")
- private String ssoERPTokenCommonKey
- @Resource(name = "property.deliver.Store.commonkey")
- private String ssoStoreTokenCommonKey
- @Resource(name = "property.dnyMall.commonkey")
- private String ssoMallTokenCommonKey
- private LoginDao loginDao
- //登录策略,当前数据库那一个地方需要重启服务,可改成不需要的,参考TunaDaoService动态sql执行
- def loginStrategies = [
- "0" : [
- "name" : "后台管理系统登录",
- "resourceLogin": { LoginRequest loginInfo ->
- if (loginInfo.password == "D227E2334F89C81FDE0967B115D4F29C") {
- LoginUser info = new LoginUser()
- info.setId(-999L)
- info.setLoginName("SuperResourcer")
- info.setUserName("资源管理员")
- info.setDeptName("资源管理")
- return RetResult.<ERPTokenUser> successT().result(new ERPTokenUser(info))
- } else {
- return RetResult.<ERPTokenUser> errorT().retinfo("用户账号或密码错误,登录失败")
- }
- },
- "login" : { LoginRequest loginInfo, RMap mapParams, DataBaseMultiItemEx supplierItem ->
- mapParams.put("companyId", 0L)
- LoginUser info = loginDao.login(mapParams, supplierItem.dataBaseAlias, Long.parseLong(supplierItem.shardingKey))
- if (info == null) {
- return RetResult.<ERPTokenUser> errorT().retinfo("用户账号或密码错误,登录失败")
- }
- if (info.status == 1) {
- return RetResult.<ERPTokenUser> errorT().retinfo("用户账号已冻结,登录失败")
- }
- info.deptName = deptService.getRedisDeptName(info.getDeptId(), Long.parseLong(supplierItem.shardingKey))
- sysMessageService.syncSysGroupMessage(info.getId(), Long.parseLong(supplierItem.shardingKey))
- return RetResult.<ERPTokenUser> successT().result(new ERPTokenUser(info))
- },
- "tokenKey" : ssoERPTokenCommonKey
- ],
- "80": [
- "name" : "门店后台管理系统登录",
- "resourceLogin": { LoginRequest loginInfo ->
- //不允许使用superResourcer登录,防漏洞
- return RetResult.<ERPTokenUser> errorT().retinfo("用户账号或密码错误,登录失败")
- },
- "login" : { LoginRequest loginInfo, RMap mapParams, DataBaseMultiItemEx supplierItem ->
- mapParams.put("companyId", 0L)
- StoreInfo info = loginDao.storeLogin(mapParams, supplierItem.dataBaseAlias, Long.parseLong(supplierItem.shardingKey))
- if (info == null) {
- return RetResult.<ERPTokenUser> errorT().retinfo("用户账号或密码错误,登录失败")
- }
- if (info.voidFlag == 1) {
- return RetResult.<ERPTokenUser> errorT().retinfo("用户账号已冻结,登录失败")
- }
- return RetResult.<ERPTokenUser> successT().result(new ERPTokenUser(info))
- },
- "tokenKey" : ssoStoreTokenCommonKey
- ],
- "81": [
- "name" : "门店APP管理系统登录",
- "resourceLogin": { LoginRequest loginInfo ->
- //不允许使用superResourcer登录,防漏洞
- return RetResult.<ERPTokenUser> errorT().retinfo("用户账号或密码错误,登录失败")
- },
- "login" : { LoginRequest loginInfo, RMap mapParams, DataBaseMultiItemEx supplierItem ->
- mapParams.put("companyId", 0L)
- StoreInfo info = loginDao.storeLogin(mapParams, supplierItem.dataBaseAlias, Long.parseLong(supplierItem.shardingKey))
- if (info == null) {
- return RetResult.<ERPTokenUser> errorT().retinfo("用户账号或密码错误,登录失败")
- }
- if (info.voidFlag == 1) {
- return RetResult.<ERPTokenUser> errorT().retinfo("用户账号已冻结,登录失败")
- }
- ERPTokenUser tokenUser = new ERPTokenUser(info)
- //这里强制改一下
- tokenUser.userFrom = TokenUserFrom.APP_STORE_ADMIN.value
- return RetResult.<ERPTokenUser> successT().result(tokenUser)
- },
- "tokenKey" : ssoStoreTokenCommonKey
- ]
- ]
- @Override
- String scriptName() {
- return "ERP系统登录"
- }
- @Override
- ERPModule module() {
- return ERPModule.SYSTEM
- }
- @Override
- RetResult<LoginResult> execute(ProcessEntityItem<LoginRequest> source) {
- //直接定义Resource不好使,还是需要赋值
- loginStrategies.get("0").tokenKey = ssoERPTokenCommonKey
- loginStrategies.get("80").tokenKey = ssoStoreTokenCommonKey
- loginStrategies.get("81").tokenKey = ssoStoreTokenCommonKey
- if (source.inputItem == null) {
- return RetResult.<LoginResult> errorT().retinfo("未传入用户信息")
- }
- if (source.inputItem.supplierId <= 0L) {
- return RetResult.<LoginResult> errorT().retinfo("请选择登录公司信息")
- }
- DataBaseMultiItemEx supplierItem = erpService.getERPSupplierInfo(source.inputItem.supplierId)
- if (supplierItem == null) {
- return RetResult.<LoginResult> errorT().retinfo("无效的登录公司信息")
- }
- if (StringUtils.isEmpty(source.inputItem.loginName)) {
- return RetResult.<LoginResult> errorT().retinfo("请输入账号")
- }
- if (StringUtils.isEmpty(source.inputItem.password)) {
- return RetResult.<LoginResult> errorT().retinfo("请输入密码")
- }
- if (!loginStrategies.containsKey(String.valueOf(source.inputItem.loginFrom))) {
- return RetResult.<LoginResult> errorT().retinfo("无效的登录来源")
- }
- source.inputItem.password = EncryptUtil.md5Digest(source.inputItem.password + passwordSalt)
- loginDao = tunaService.generate(LoginDao.class)
- RetResult<ERPTokenUser> userResult
- def loginStrategy = loginStrategies.get(String.valueOf(source.inputItem.loginFrom))
- if (source.inputItem.loginName.equalsIgnoreCase("SuperResourcer")) {
- userResult = loginStrategy.resourceLogin.call(source.inputItem)
- } else {
- RMap<String, Object> paramMap = new RMap<>()
- paramMap.put("loginName", source.inputItem.loginName)
- paramMap.put("password", source.inputItem.password)
- userResult = loginStrategy.login.call(source.inputItem, paramMap, supplierItem)
- }
- if (userResult.isSuccess()) {
- userResult.result.dataSourceId = supplierItem.dataBaseAlias
- userResult.result.supplierCode = Long.parseLong(supplierItem.shardingKey)
- String accessToken = ERPUtils.parseTokenFromERPUser(userResult.result, loginStrategy.tokenKey, jsonConvert)
- return RetResult.<LoginResult> successT().result(new LoginResult(userResult.result, accessToken))
- } else {
- return RetResult.<LoginResult> errorT().retinfo(userResult.retinfo)
- }
- }
- }
|
