doing : 后台登录接口

Signed-off-by: trumansdo <1012243881@qq.com>

plus-admin/admin-core/pom.xml

@@ -117,5 +117,10 @@
             <artifactId>jose4j</artifactId>
             <version>0.6.5</version>
         </dependency>
+        <dependency>
+            <groupId>cn.hutool</groupId>
+            <artifactId>hutool-all</artifactId>
+            <version>4.6.4</version>
+        </dependency>
     </dependencies>
 </project>

plus-admin/admin-core/src/main/java/com/ibeetl/admin/core/conf/MVCConf.java

 package com.ibeetl.admin.core.conf;
 
+import cn.hutool.core.convert.Convert;
+import cn.hutool.core.map.MapUtil;
+import cn.hutool.http.Header;
 import com.ibeetl.admin.core.entity.CoreOrg;
 import com.ibeetl.admin.core.entity.CoreUser;
 import com.ibeetl.admin.core.service.CorePlatformService;
 import com.ibeetl.admin.core.service.CoreUserService;
+import com.ibeetl.admin.core.util.ConvertUtil;
 import com.ibeetl.admin.core.util.HttpRequestLocal;
+import com.ibeetl.admin.core.util.JoseJwtUtil;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
 import org.beetl.core.GroupTemplate;
 import org.beetl.ext.spring.BeetlGroupUtilConfiguration;
 import org.springframework.beans.factory.InitializingBean;
@@ -18,6 +24,7 @@ import org.springframework.context.annotation.Configuration;
 import org.springframework.core.env.Environment;
 import org.springframework.format.FormatterRegistry;
 import org.springframework.format.datetime.DateFormatter;
+import org.springframework.http.HttpHeaders;
 import org.springframework.web.servlet.HandlerInterceptor;
 import org.springframework.web.servlet.ModelAndView;
 import org.springframework.web.servlet.config.annotation.CorsRegistry;
@@ -97,19 +104,26 @@ class SessionInterceptor implements HandlerInterceptor {
   }
 
   @Override
-  public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
-      throws Exception {
-    if (conf.useId != null
-        && conf.orgId != null
-        && request.getSession().getAttribute(CorePlatformService.ACCESS_CURRENT_USER) == null) {
+  public boolean preHandle(
+      HttpServletRequest request, HttpServletResponse response, Object handler) {
+    String token = request.getHeader(HttpHeaders.AUTHORIZATION);
+    Map<String, Object> payload = JoseJwtUtil.parsePayload(token);
+    if (payload.isEmpty()) {
+      /*验证失败，无效jwt*/
+      return false;
+    }
+    Long uid = Convert.toLong(payload.get("uid"), -9999999999L);
+    HttpSession requestSession = request.getSession(true);
+    if (requestSession.getAttribute(CorePlatformService.ACCESS_CURRENT_USER) == null) {
       // 模拟用户登录，用于快速开发,未来用rember么代替？
-      CoreUser user = conf.userService.getUserById(conf.useId);
-      CoreOrg org = conf.userService.getOrgById(conf.orgId);
-      List<CoreOrg> orgs = conf.userService.getUserOrg(conf.useId, org.getId());
-      request.getSession().setAttribute(CorePlatformService.ACCESS_CURRENT_USER, user);
-      request.getSession().setAttribute(CorePlatformService.ACCESS_CURRENT_ORG, org);
-      request.getSession().setAttribute(CorePlatformService.ACCESS_USER_ORGS, orgs);
-      request.getSession().setAttribute("ip", request.getRemoteHost());
+      CoreUser user = conf.userService.getUserById(uid);
+      Long orgId = user.getOrgId();
+      CoreOrg org = conf.userService.getOrgById(orgId);
+      List<CoreOrg> orgs = conf.userService.getUserOrg(uid, org.getId());
+      requestSession.setAttribute(CorePlatformService.ACCESS_CURRENT_USER, user);
+      requestSession.setAttribute(CorePlatformService.ACCESS_CURRENT_ORG, org);
+      requestSession.setAttribute(CorePlatformService.ACCESS_USER_ORGS, orgs);
+      requestSession.setAttribute("ip", httpRequestLocal.getRequestIP());
     }
     httpRequestLocal.set(request);
     return true;

plus-admin/admin-core/src/main/java/com/ibeetl/admin/core/util/JoseJwtUtil.java

 package com.ibeetl.admin.core.util;
 
+import cn.hutool.core.date.DateTime;
+import cn.hutool.core.date.DateUtil;
+import cn.hutool.core.map.MapUtil;
+import java.time.LocalDateTime;
+import java.util.Date;
+import java.util.Map;
+import java.util.Random;
+import org.jose4j.jwk.RsaJsonWebKey;
+import org.jose4j.jwk.RsaJwkGenerator;
+import org.jose4j.jws.AlgorithmIdentifiers;
+import org.jose4j.jws.JsonWebSignature;
+import org.jose4j.jwt.JwtClaims;
+import org.jose4j.jwt.consumer.InvalidJwtException;
+import org.jose4j.jwt.consumer.JwtConsumer;
+import org.jose4j.jwt.consumer.JwtConsumerBuilder;
 import org.jose4j.lang.JoseException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 /**
- * 基于jose4j的jwt库工具类。
- * 包括：生成，反生成
+ * 基于jose4j的jwt库工具类。 包括：生成，反生成
+ *
  * @author 一日看尽长安花
- * */
+ */
 public class JoseJwtUtil {
+  private static Logger logger = LoggerFactory.getLogger(JoseJwtUtil.class);
 
-  public Object generateJwtJson() throws JoseException {
-    return null;
+  public static String generateJwtJson(String uid, float expiration) {
+    JwtClaims jwtClaims = new JwtClaims();
+    jwtClaims.setExpirationTimeMinutesInTheFuture(expiration); // 以分钟为单位的过期时间
+    jwtClaims.setIssuer("Issuer"); // who creates the token and signs it
+    jwtClaims.setAudience("Audience"); // to whom the token is intended to be sent
+    jwtClaims.setGeneratedJwtId(); // a unique identifier for the token
+    jwtClaims.setIssuedAtToNow(); // when the token was issued/created (now)
+    jwtClaims.setNotBeforeMinutesInThePast(
+        2); // time before which the token is not yet valid (2 minutes ago)
+    /*主题：签证*/
+    jwtClaims.setSubject("Bearer");
+    /*用户id*/
+    jwtClaims.setClaim("uid", uid);
+    /*登录时间*/
+    jwtClaims.setClaim("ltm", new Date().getTime());
+
+    RsaJsonWebKey rsaJsonWebKey = RsaJsonWebKeyBuilder.getRasJsonWebKeyInstance();
+    JsonWebSignature jsonWebSignature = new JsonWebSignature();
+    jsonWebSignature.setPayload(jwtClaims.toJson());
+    jsonWebSignature.setKey(rsaJsonWebKey.getPrivateKey());
+    jsonWebSignature.setKeyIdHeaderValue(rsaJsonWebKey.getKeyId());
+    jsonWebSignature.setAlgorithmHeaderValue(AlgorithmIdentifiers.RSA_USING_SHA256);
+    String jwt = "invalid jwt";
+    try {
+      jwt = jsonWebSignature.getCompactSerialization();
+    } catch (JoseException e) {
+      logger.error(
+          "can't generate jwt of user: {}. detail see next follow: \n {} ",
+          uid,
+          e.getLocalizedMessage());
+    }
+    return jwt;
+  }
+
+  public static boolean verifyJwtJson(String token) {
+    return JoseJwtUtil.parsePayload(token).isEmpty();
   }
 
-  public Object degenerateJwtJson() throws JoseException {
-    return null;
+  public static Map<String, Object> parsePayload(String token) {
+    JwtConsumer jwtConsumer =
+        new JwtConsumerBuilder()
+            .setRequireExpirationTime() // the JWT must have an expiration time
+            .setMaxFutureValidityInMinutes(30) // but the  expiration time can't be too crazy
+            .setAllowedClockSkewInSeconds(30) // 允许校准过期时间的偏差30秒
+            .setRequireSubject() // the JWT must have a subject claim
+            .setExpectedIssuer("Issuer") // whom the JWT needs to have been issued by
+            .setExpectedAudience("Audience") // to whom the JWT is intended for
+            .setVerificationKey(
+                RsaJsonWebKeyBuilder.getRasJsonWebKeyInstance()
+                    .getPublicKey()) // verify the signature with the public key
+            .build(); // create the JwtConsumer instance
+    Map<String, Object> claimsMap = MapUtil.newHashMap(0);
+    try {
+      JwtClaims jwtClaims = jwtConsumer.processToClaims(token);
+      claimsMap = jwtClaims.getClaimsMap();
+    } catch (InvalidJwtException e) {
+      logger.error("parser token fail.detail see next follow: {} ", e.getLocalizedMessage());
+    }
+    return claimsMap;
+  }
+
+  private static class RsaJsonWebKeyBuilder {
+    private static volatile RsaJsonWebKey rsaJsonWebKey;
+
+    private RsaJsonWebKeyBuilder() {}
+
+    public static RsaJsonWebKey getRasJsonWebKeyInstance() {
+      if (rsaJsonWebKey == null) {
+        synchronized (RsaJsonWebKey.class) {
+          if (rsaJsonWebKey == null) {
+            try {
+              rsaJsonWebKey = RsaJwkGenerator.generateJwk(2048);
+              rsaJsonWebKey.setKeyId(String.valueOf(new Random().nextLong()));
+            } catch (Exception e) {
+              return null;
+            }
+          }
+        }
+      }
+      return rsaJsonWebKey;
+    }
   }
 }

plus-admin/admin-core/src/main/java/com/ibeetl/admin/core/web/IndexController.java

@@ -35,7 +35,7 @@ public class IndexController {
     return view;
   }
 
-  @PostMapping("/login.do")
+  /*@PostMapping("/login.do")
   public ModelAndView login(String code, String password) {
     UserLoginInfo info = userService.login(code, password);
     if (info == null) {
@@ -55,6 +55,27 @@ public class IndexController {
     this.platformService.setLoginUser(info.getUser(), info.getCurrentOrg(), info.getOrgs());
     ModelAndView view = new ModelAndView("redirect:/index.do");
     return view;
+  }*/
+
+  @PostMapping("/user/login")
+  public Object login(String username, String password) {
+    UserLoginInfo info = userService.login(username, password);
+    if (info == null) {
+      throw new PlatformException("用户名密码错误");
+    }
+    CoreUser user = info.getUser();
+    CoreOrg currentOrg = info.getOrgs().get(0);
+    for (CoreOrg org : info.getOrgs()) {
+      if (org.getId().equals(user.getOrgId())) {
+        currentOrg = org;
+        break;
+      }
+    }
+
+    info.setCurrentOrg(currentOrg);
+    // 记录登录信息到session
+    this.platformService.setLoginUser(info.getUser(), info.getCurrentOrg(), info.getOrgs());
+    return null;
   }
 
   @RequestMapping("/index.do")