kindring
/
wvp


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240
							package com.genersoft.iot.vmp.vmanager.user;

import cn.dev33.satoken.annotation.SaIgnore;
import com.genersoft.iot.vmp.conf.exception.ControllerException;
import com.genersoft.iot.vmp.conf.security.SecurityUtils;
import com.genersoft.iot.vmp.conf.security.dto.LoginUser;
import com.genersoft.iot.vmp.conf.security.saToken.SaAdminCheckRole;
import com.genersoft.iot.vmp.service.IAdminService;
import com.genersoft.iot.vmp.service.IRoleService;
import com.genersoft.iot.vmp.storager.dao.dto.AdminAccount;
import com.genersoft.iot.vmp.storager.dao.dto.Role;
import com.genersoft.iot.vmp.utils.DateUtil;
import com.genersoft.iot.vmp.utils.StpAdminUtil;
import com.genersoft.iot.vmp.vmanager.bean.ErrorCode;
import com.genersoft.iot.vmp.vmanager.bean.WVPResult;
import com.github.pagehelper.PageInfo;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.tags.Tag;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.util.DigestUtils;
import org.springframework.util.ObjectUtils;
import org.springframework.web.bind.annotation.*;

import javax.security.sasl.AuthenticationException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.List;

@Tag(name  = "用户管理")
@CrossOrigin(origins = "*")
@RestController
@SaAdminCheckRole("admin")
@RequestMapping("/api/user")
public class UserController {
    private Logger logger = LoggerFactory.getLogger(UserController.class);
    @Autowired
    private AuthenticationManager authenticationManager;

    @Autowired
    private IAdminService userService;

    @Autowired
    private IRoleService roleService;

    //    @GetMapping("/login")
    @PostMapping("/login")
    @SaIgnore
    @Operation(summary = "登录", description = "登录成功后返回AccessToken， 可以从返回值获取到也可以从响应头中获取到，" +
            "后续的请求需要添加请求头 'access-token'或者放在参数里")

    @Parameter(name = "username", description = "用户名", required = true)
    @Parameter(name = "password", description = "密码（32位md5加密）", required = true)
    public WVPResult login(HttpServletRequest request, HttpServletResponse response, @RequestParam String username, @RequestParam String password) {

        AdminAccount adminAccount = userService.getUser(username, password);
        if (adminAccount == null) {
            return WVPResult.fail(ErrorCode.ERROR100);
        }
        StpAdminUtil.login(adminAccount.getId());

        return WVPResult.success();
    }

    @GetMapping("/logout")
    @Operation(summary = "注销账户")
    public WVPResult<Boolean> logout() {
        StpAdminUtil.logout();
        return WVPResult.success(true);
    }

    @GetMapping("/default")
    @SaIgnore
    @Operation(summary = "获取是否为新平台", description = "获取是否为新平台")
    public WVPResult<Boolean> isDefault() {
        int accountSize = userService.getUserCount();
        if (accountSize > 0) {
            return WVPResult.success(false);
        }
        return WVPResult.success(true);
    }

    // 注册管理员
    @PostMapping("/register")
    @SaIgnore
    @Operation(summary = "注册管理员账户", description = "注册管理员账户")
    @Parameter(name = "username", description = "用户名", required = true)
    @Parameter(name = "password", description = "密码（32位md5加密）", required = true)
    public WVPResult register(@RequestParam String username, @RequestParam String password) {

        int accountSize = userService.getUserCount();
        if (accountSize > 0) {
            logger.warn("在已经拥有一个账户的情况下尝试注册管理员");
            return WVPResult.fail(ErrorCode.ERROR100);
        }
        if (!userService.registerAdmin(username, password)) {
            logger.warn("无法注册管理员账户");
            return WVPResult.fail(ErrorCode.ERROR100);
        }
        return WVPResult.success();
    }

    @PostMapping("/changePassword")
    @Operation(summary = "修改密码")
    @Parameter(name = "username", description = "用户名", required = true)
    @Parameter(name = "oldpassword", description = "旧密码（已md5加密的密码）", required = true)
    @Parameter(name = "password", description = "新密码（未md5加密的密码）", required = true)
    public WVPResult changePassword(@RequestParam String oldPassword, @RequestParam String password) {
        logger.info("[用户管理] 修改密码");
        // 获取当前登录用户id
        String adminId = StpAdminUtil.getLoginId().toString();
        AdminAccount adminAccount = userService.getUserById(adminId);
        String username = adminAccount.getUsername();
        if (oldPassword != adminAccount.getPassword()) {
            return WVPResult.fail(ErrorCode.ERROR403, "原密码错误");
        }
        String passwordMd5 = DigestUtils.md5DigestAsHex(password.getBytes());
        //
        logger.info("[用户管理] 修改密码，用户id：" + adminAccount.getId() + "，用户名：" + username);
        boolean result = userService.changePassword(adminAccount.getId(), passwordMd5);
        if (!result) {
            return WVPResult.fail(ErrorCode.ERROR100, "修改密码失败");
        }
        return WVPResult.success();
    }


    @PostMapping("/add")
    @Operation(summary = "添加用户")
    @Parameter(name = "username", description = "用户名", required = true)
    @Parameter(name = "password", description = "密码（未md5加密的密码）", required = true)
    public void add(@RequestParam String username, @RequestParam String password) {

        if (ObjectUtils.isEmpty(username) || ObjectUtils.isEmpty(password)) {
            throw new ControllerException(ErrorCode.ERROR400.getCode(), "参数不可为空");
        }

        // 获取当前登录用户id
        String accountId = StpAdminUtil.getLoginId().toString();
        logger.info("[用户管理] 添加用户，当前用户id：" + accountId);

        AdminAccount adminAccount = new AdminAccount();
        adminAccount.setUsername(username);
        adminAccount.setPassword(DigestUtils.md5DigestAsHex(password.getBytes()));
        //新增用户的pushKey的生成规则为md5(时间戳+用户名)
        adminAccount.setPushKey(DigestUtils.md5DigestAsHex((System.currentTimeMillis() + password).getBytes()));

        adminAccount.setCreateTime(DateUtil.getNow());
        adminAccount.setUpdateTime(DateUtil.getNow());
        int addResult = userService.addUser(adminAccount);
        if (addResult <= 0) {
            throw new ControllerException(ErrorCode.ERROR100);
        }
    }

    @DeleteMapping("/delete")
    @Operation(summary = "删除用户")
    @Parameter(name = "id", description = "用户Id", required = true)
    public WVPResult<String> delete(@RequestParam Integer id) {
        // 获取当前登录用户id
        if (!StpAdminUtil.hasRole("primary")) {
            return WVPResult.fail(ErrorCode.ERROR403, "无权限操作");
        }
        int deleteResult = userService.deleteUser(id);
        if (deleteResult <= 0) {
            return WVPResult.fail(ErrorCode.ERROR404, "该用户不存在");
        }
        return WVPResult.success("");
    }

    @GetMapping("/all")
    @Operation(summary = "查询用户")
    public WVPResult<List<AdminAccount>> all() {
        // 获取当前登录用户id
        if (!StpAdminUtil.hasRole("primary")) {
            return WVPResult.fail(ErrorCode.ERROR403, "无权限操作");
        }
        List<AdminAccount> adminAccount = userService.getAllUsers();
        return WVPResult.success(adminAccount);
    }


    /**
     * 分页查询用户
     *
     * @param page  当前页
     * @param count 每页查询数量
     * @return 分页用户列表
     */
    @GetMapping("/users")
    @Operation(summary = "分页查询用户")
    @Parameter(name = "page", description = "当前页", required = true)
    @Parameter(name = "count", description = "每页查询数量", required = true)
    public PageInfo<AdminAccount> users(int page, int count) {
        return userService.getUsers(page, count);
    }

    @RequestMapping("/changePushKey")
    @Operation(summary = "修改pushkey")
    @Parameter(name = "pushKey", description = "新的pushKey", required = true)
    public WVPResult changePushKey(@RequestParam String pushKey) {
        // 获取当前登录用户id
        String accountId = StpAdminUtil.getLoginId().toString();
        logger.info("[用户管理] 修改pushKey，当前用户id：" + accountId);
        int resetPushKeyResult = userService.changePushKey(accountId, pushKey);
        if (resetPushKeyResult <= 0) {
            return WVPResult.fail(ErrorCode.ERROR100);
        }
        return WVPResult.success();
    }

    @PostMapping("/changePasswordForAdmin")
    @Operation(summary = "管理员修改普通用户密码")
    @Parameter(name = "userId", description = "用户id", required = true)
    @Parameter(name = "password", description = "新密码（未md5加密的密码）", required = true)
    public WVPResult<String> changePasswordForAdmin(@RequestParam String userId, @RequestParam String password) {
        // 获取当前登录用户id

        // 获取当前登录用户id
        String adminId = StpAdminUtil.getLoginId().toString();
        AdminAccount adminAccount = userService.getUserById(adminId);
        AdminAccount changeAdminAccount = userService.getUserById(userId);
        String _passwordMd5 = DigestUtils.md5DigestAsHex(password.getBytes());
        boolean result = false;
        if (changeAdminAccount == null) {
            return WVPResult.fail(ErrorCode.ERROR404, "要更改的用户不存在");
        }
        if (StpAdminUtil.hasRole("primary")) {
            result = userService.changePassword(userId, _passwordMd5);
        }

        if (!result) {
            return WVPResult.fail(ErrorCode.ERROR100, "修改用户密码失败");
        }
        return WVPResult.success();
    }
}