package com.qianwen.smartman.modules.auth.granter;
|
|
import java.time.Duration;
|
import java.util.List;
|
import javax.servlet.http.HttpServletRequest;
|
import com.qianwen.smartman.common.cache.CacheNames;
|
import com.qianwen.smartman.common.cache.ParamCache;
|
import com.qianwen.smartman.common.constant.CommonConstant;
|
import com.qianwen.smartman.common.utils.MessageUtils;
|
import com.qianwen.core.log.exception.ServiceException;
|
import com.qianwen.core.redis.cache.BladeRedis;
|
import com.qianwen.core.tool.utils.DigestUtil;
|
import com.qianwen.core.tool.utils.Func;
|
import com.qianwen.core.tool.utils.WebUtil;
|
import com.qianwen.smartman.modules.auth.enums.UserEnum;
|
import com.qianwen.smartman.modules.auth.provider.ITokenGranter;
|
import com.qianwen.smartman.modules.auth.provider.TokenParameter;
|
import com.qianwen.smartman.modules.auth.utils.TokenUtil;
|
import com.qianwen.smartman.modules.system.entity.Tenant;
|
import com.qianwen.smartman.modules.system.entity.User;
|
import com.qianwen.smartman.modules.system.entity.UserInfo;
|
import com.qianwen.smartman.modules.system.service.IRoleService;
|
import com.qianwen.smartman.modules.system.service.ITenantService;
|
import com.qianwen.smartman.modules.system.service.IUserService;
|
import org.springframework.stereotype.Component;
|
|
@Component
|
public class PasswordTokenGranter implements ITokenGranter {
|
public static final String GRANT_TYPE = "password";
|
public static final Integer FAIL_COUNT = 5;
|
private final IUserService userService;
|
private final IRoleService roleService;
|
private final ITenantService tenantService;
|
private final BladeRedis bladeRedis;
|
|
public PasswordTokenGranter(IUserService userService, IRoleService roleService, ITenantService tenantService, BladeRedis bladeRedis) {
|
this.userService = userService;
|
this.roleService = roleService;
|
this.tenantService = tenantService;
|
this.bladeRedis = bladeRedis;
|
}
|
|
@Override // org.springblade.modules.auth.provider.ITokenGranter
|
public UserInfo grant(TokenParameter tokenParameter) {
|
HttpServletRequest request = WebUtil.getRequest();
|
String headerDept = request.getHeader(TokenUtil.DEPT_HEADER_KEY);
|
String headerRole = request.getHeader(TokenUtil.ROLE_HEADER_KEY);
|
String tenantId = tokenParameter.getArgs().getStr("tenantId");
|
String username = tokenParameter.getArgs().getStr("username");
|
String password = tokenParameter.getArgs().getStr(GRANT_TYPE);
|
String userId = tokenParameter.getArgs().getStr("userId");
|
int cnt = 0;
|
if (Func.isNotEmpty(username)) {
|
cnt = Func.toInt(this.bladeRedis.get(CacheNames.tenantKey(tenantId, CacheNames.USER_FAIL_KEY, username)), 0);
|
int failCount = Func.toInt(ParamCache.getValue(CommonConstant.FAIL_COUNT_VALUE), FAIL_COUNT.intValue());
|
if (cnt >= failCount) {
|
throw new ServiceException(MessageUtils.message(TokenUtil.USER_HAS_TOO_MANY_FAILS, new Object[0]));
|
}
|
}
|
UserInfo userInfo = null;
|
if (Func.isNotEmpty(userId)) {
|
User user = (User) this.userService.getById(userId);
|
username = user.getAccount();
|
userInfo = this.userService.buildUserInfo(user);
|
} else if (Func.isNoneBlank(new CharSequence[]{username, password})) {
|
Tenant tenant = this.tenantService.getByTenantId(tenantId);
|
if (TokenUtil.judgeTenant(tenant)) {
|
throw new ServiceException(MessageUtils.message(TokenUtil.USER_HAS_NO_TENANT_PERMISSION, new Object[0]));
|
}
|
String userType = tokenParameter.getArgs().getStr("userType");
|
if (userType.equals(UserEnum.WEB.getName())) {
|
userInfo = this.userService.userInfo(tenantId, username, DigestUtil.encrypt(password), UserEnum.WEB);
|
} else if (userType.equals(UserEnum.APP.getName())) {
|
userInfo = this.userService.userInfo(tenantId, username, DigestUtil.encrypt(password), UserEnum.APP);
|
} else {
|
userInfo = this.userService.userInfo(tenantId, username, DigestUtil.encrypt(password), UserEnum.OTHER);
|
}
|
}
|
if (userInfo == null || userInfo.getUser() == null) {
|
this.bladeRedis.setEx(CacheNames.tenantKey(tenantId, CacheNames.USER_FAIL_KEY, username), Integer.valueOf(cnt + 1), Duration.ofMinutes(30L));
|
} else {
|
this.bladeRedis.del(CacheNames.tenantKey(tenantId, CacheNames.USER_FAIL_KEY, username));
|
}
|
if (Func.isNotEmpty(headerDept) && userInfo != null && userInfo.getUser().getDeptId().contains(headerDept)) {
|
userInfo.getUser().setDeptId(headerDept);
|
}
|
if (Func.isNotEmpty(headerRole) && userInfo != null && userInfo.getUser().getRoleId().contains(headerRole)) {
|
List<String> roleAliases = this.roleService.getRoleAliases(headerRole);
|
userInfo.setRoles(roleAliases);
|
userInfo.getUser().setRoleId(headerRole);
|
}
|
return userInfo;
|
}
|
}
|
