LoginController.java

package cn.timer.api.controller;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.stream.Stream;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.transaction.interceptor.TransactionAspectSupport;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import com.alibaba.fastjson.JSONObject;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.baomidou.mybatisplus.extension.service.additional.query.impl.LambdaQueryChainWrapper;
import com.github.xiaoymin.knife4j.annotations.ApiOperationSupport;

import cn.hutool.core.date.DateUtil;
import cn.hutool.core.util.StrUtil;
import cn.timer.api.bean.qyzx.QyzxEmpEntAsso;
import cn.timer.api.bean.qyzx.QyzxEmpLogin;
import cn.timer.api.bean.qyzx.QyzxEntInfoM;
import cn.timer.api.bean.qyzx.QyzxSms;
import cn.timer.api.bean.qyzx.businessService.QyzxRemainingQuantity;
import cn.timer.api.bean.yggl.YgglMainEmp;
import cn.timer.api.bean.zzgl.ZzglAuth;
import cn.timer.api.bean.zzgl.ZzglBmgwM;
import cn.timer.api.config.annotation.CurrentUser;
import cn.timer.api.config.annotation.UserBean;
import cn.timer.api.config.enums.CommonEnum;
import cn.timer.api.dao.qyzx.QyzxEmpEntAssoMapper;
import cn.timer.api.dao.qyzx.QyzxEmpLoginMapper;
import cn.timer.api.dao.zzgl.ZzglBmgwMMapper;
import cn.timer.api.dto.login.QysDto;
import cn.timer.api.dto.qyzx.EntRegisterDto;
import cn.timer.api.utils.Md5;
import cn.timer.api.utils.Result;
import cn.timer.api.utils.ResultUtil;
import cn.timer.api.utils.UserIp;
import cn.timer.api.utils.aliyun.AliyunSMS;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;

@RestController
@Api(tags = "1.0登录注册")
@Transactional
@RequestMapping(value = "/login", produces = { "application/json" })
public class LoginController {

	@Value("${configtest.patht}")
	public String port;

	@Autowired
	private HttpSession session;

	@Autowired
	private QyzxEmpLoginMapper qyzxEmpLoginMapper;

	@Autowired
	private QyzxEmpEntAssoMapper qyzxEmpEntAssoMapper;

	// @Autowired
	// private DataSourceTransactionManager transactionManager;

	@GetMapping(value = "/testPro")
	public Result<String> testPro() {
		System.out.print(port);
		return ResultUtil.success("configtest:" + port);
	}

	/**
	 * 发送验证码
	 * 
	 * @param qyzxEmpLogin
	 * @return
	 */
	@PostMapping(value = "/sendcode")
	@ApiOperation(value = "1.发送验证码", httpMethod = "POST", notes = "接口发布说明")
	@ApiOperationSupport(order = 1)
	public Result<String> sendCode(@RequestBody EntRegisterDto entRegisterDto) {
		
		String phone = entRegisterDto.getPhone();
		
		Integer orgCode = QyzxEmpLogin.builder().build()
				.selectOne(new LambdaQueryWrapper<QyzxEmpLogin>().eq(QyzxEmpLogin::getPhone, phone)).getOrgId();
		QyzxRemainingQuantity quantity = QyzxRemainingQuantity.builder().build()
				.selectOne(new LambdaQueryWrapper<QyzxRemainingQuantity>()
						.eq(QyzxRemainingQuantity::getOrgCode, orgCode)
						.orderByAsc(QyzxRemainingQuantity::getExpireDate));
		if (quantity == null || quantity.getRemainder() == null || quantity.getRemainder() <= 0) { //判断充了钱没
			return ResultUtil.error("请充值后使用短信功能");
		}

		// 6位随机数验证码
		try {
			Integer code = (int) ((Math.random() * 9 + 1) * 100000);

			AliyunSMS aliyunSMS = new AliyunSMS();
			
			if (phone == null || "".equals(phone)) {
				phone = entRegisterDto.getUsername();
				entRegisterDto.setPhone(phone);
			}
			JSONObject j = aliyunSMS.authCode(entRegisterDto, entRegisterDto.getTc(), code);
			
			// 获取当前日期的字符串格式
			String today = DateUtil.today();
			// yyyy-MM-dd
			today = today.replace("-", "");

			Thread.sleep(500);
			JSONObject jsonObject = (JSONObject) JSONObject
					.parseObject(new AliyunSMS().QuerySendDetails(phone, today, j.getString("BizId")))
					.getJSONObject("SmsSendDetailDTOs").getJSONArray("SmsSendDetailDTO").get(0);
			String templateCode = jsonObject.getString("TemplateCode");
			String phoneNum = jsonObject.getString("PhoneNum");
			String content = jsonObject.getString("Content");
			String sendStatus = jsonObject.getString("SendStatus");
			String sendDate = jsonObject.getString("SendDate");

			QyzxSms qyzxSms = new QyzxSms();
			qyzxSms.setContent(content);
			qyzxSms.setCreateTime(new Date());
			qyzxSms.setMessageType(entRegisterDto.getTc());
			qyzxSms.setPhone(phoneNum);
			qyzxSms.setOrgCode(orgCode);
			qyzxSms.insert();

			String message = j.getString("Message");
			if ("OK".equals(message)) {
				session.setAttribute(phone, code);
				// redisTemplate.set(phone, code);
				// redisTemplate.expire(phone, 60);

				return ResultUtil.data("发送验证码成功");
			} else {
				return ResultUtil.error("发送验证码失败");
			}
		} catch (Exception e) {
			e.printStackTrace();
			return ResultUtil.error("发送验证码失败");
		}
	}

	/**
	 * 手机号码认证
	 * 
	 * @param qyzxEmpLogin
	 * @return
	 */
	@PostMapping(value = "/authentication")
	@ApiOperation(value = "2.手机号码认证", httpMethod = "POST", notes = "接口发布说明")
	@ApiOperationSupport(order = 2)
	public Result<String> authentication(@RequestBody EntRegisterDto entRegisterDto) {
		String phone = entRegisterDto.getPhone();
		String code = entRegisterDto.getCode().toString();
		// String codeRedis = (String) redisTemplate.get(phone);
		Integer codeRedis = (Integer) session.getAttribute(phone);

		if (code == null || !code.equals(codeRedis.toString())) {
			return ResultUtil.error("验证码不符");
		}
		return ResultUtil.success("验证码正确");
	}

	/**
	 * 手机号码认证
	 * 
	 * @param qyzxEmpLogin
	 * @return
	 * @throws IOException
	 *//*
		 * @PostMapping(value = "/test")
		 * 
		 * @ApiOperation(value = "3.测试", httpMethod = "POST", notes = "接口发布说明")
		 * 
		 * @ApiOperationSupport(order = 3) public void test(HttpServletRequest request,
		 * HttpServletResponse res) throws IOException {
		 * 
		 * res.setHeader("content-type","text/html;charset=UTF-8");
		 * res.setHeader("selfHeader","selfHeaderValue"); //
		 * res.addHeader("response_code", "123"); //
		 * res.setContentType("application/octet-stream"); //
		 * res.addHeader("Content-Length", "0");
		 * 
		 * res.addHeader("response_code", "100"); res.addHeader("trans_id", "");
		 * res.addHeader("cmd_code", "NO com");
		 * 
		 * res.setContentType("application/octet-stream");
		 * res.addHeader("Content-Length", "0");
		 * 
		 * res.flushBuffer(); // response.addHeader("response_code",
		 * "ERROR_INVALID_LIB_NAME"); //
		 * response.setContentType("application/octet-stream"); //
		 * response.addHeader("Content-Length", "0"); // response.flushBuffer();
		 * System.out.println(111); }
		 */

	@PostMapping(value = "/updatePwd")
	@ApiOperation(value = "4.修改密码(新)", httpMethod = "POST", notes = "接口发布说明")
	@ApiOperationSupport(order = 4)
	public Result<String> updatepwd(@RequestBody EntRegisterDto entRegisterDto) {
		String oldPwd = entRegisterDto.getOldPwd();// 输入的原密码
		String pw = entRegisterDto.getPw();// 输入的新密码
		String phone = entRegisterDto.getPhone();// 手机号
		String code = entRegisterDto.getCode();// 验证码
		Integer type = entRegisterDto.getPwUpdateType();// 验证方式
		QyzxEmpLogin qyzxEmpLogin = new LambdaQueryChainWrapper<QyzxEmpLogin>(qyzxEmpLoginMapper)
				.eq(!StrUtil.hasBlank(phone), QyzxEmpLogin::getPhone, phone).one();// 员工登录表
		String dbPwd = qyzxEmpLogin.getPw();// 数据库原密码
		if (type == 1) {
			if (!Md5.md5(oldPwd).equals(dbPwd)) {
				return ResultUtil.error("原密码验证失败");
			}
			if (pw.equals(oldPwd)) {
				return ResultUtil.error("新密码与原密码相同，请修改后重试！");
			}
		} else {
			Object codeRedis = session.getAttribute(phone);
			if (!code.equals(codeRedis.toString())) {
				return ResultUtil.error("短信验证码错误");
			}
			if (Md5.md5(pw).equals(dbPwd)) {
				return ResultUtil.error("新密码与原密码相同，请修改后重试！");
			}
		}
		qyzxEmpLogin.setPw(Md5.md5(pw));
		qyzxEmpLogin.updateById();
		return ResultUtil.success("修改成功");
	}

	/**
	 * 修改密码
	 * 
	 * @param qyzxEmpLogin
	 * @return
	 */
	@PostMapping(value = "/updatepassword")
	@ApiOperation(value = "4.修改密码", httpMethod = "POST", notes = "接口发布说明")
	@ApiOperationSupport(order = 4)
	public Result<String> updatepassword(@RequestBody EntRegisterDto entRegisterDto) {
		String phone = entRegisterDto.getPhone();
		String pw = entRegisterDto.getPw();
		String code = entRegisterDto.getCode();
		if (entRegisterDto.getPwUpdateType() != 2) {

			// String codeRedis =redisTemplate.get(phone).toString();
			String codeRedis = session.getAttribute(phone).toString();
			if (code == null) {
				return ResultUtil.error("请填写验证码");
			}
			if (!code.toString().equals(codeRedis)) {
				return ResultUtil.error("验证码不符");
			}
			QyzxEmpLogin qyzxEmpLogin = new LambdaQueryChainWrapper<QyzxEmpLogin>(qyzxEmpLoginMapper)
					.eq(!StrUtil.hasBlank(phone), QyzxEmpLogin::getPhone, phone).one();
			if (qyzxEmpLogin != null) {
				qyzxEmpLogin.setPhone(phone);
				qyzxEmpLogin.setPw(Md5.md5(pw));
				qyzxEmpLogin.updateById();
				return ResultUtil.success("修改密码成功");
			} else {
				return ResultUtil.error("修改密码失败,查找不到该人员！");
			}
		} else {
			if (code == null) {
				return ResultUtil.error("请填写原密码");
			}
			if (pw.trim().equals(code.trim())) {
				return ResultUtil.error("新密码与原密码相同！请更改重试");
			}
			QyzxEmpLogin qyzxEmpLogin = new LambdaQueryChainWrapper<QyzxEmpLogin>(qyzxEmpLoginMapper)
					.eq(!StrUtil.hasBlank(phone), QyzxEmpLogin::getPhone, phone).one();
			if (qyzxEmpLogin != null) {
				if (qyzxEmpLogin.getPw().equals(Md5.md5(pw))) {
					qyzxEmpLogin.setPhone(phone);
					qyzxEmpLogin.setPw(Md5.md5(code));
					qyzxEmpLogin.updateById();
					return ResultUtil.success("修改密码成功");
				} else {
					return ResultUtil.error("原密码有误！请核对重试");
				}

			}
			return ResultUtil.error("修改密码失败,查找不到该人员！");
		}
		// return ResultUtil.error("修改密码失败");
	}

	/**
	 * 修改手机号/用户名
	 * 
	 * @param qyzxEmpLogin
	 * @return
	 */
	@PostMapping(value = "/updatephone")
	@ApiOperation(value = "修改手机号/用户名", httpMethod = "POST", notes = "接口发布说明")
	public Result<String> updatephone(@CurrentUser UserBean userBean, @RequestBody EntRegisterDto entRegisterDto) {

		/*
		 * 登录->发送验证码 (参数：新手机号 新手机号验证码 )-> 验证 -> 修改手机号成功 密码初始化为123456 ->登出-> 重新登录
		 */
		Integer empNum = userBean.getEmpNum();
		String phone = entRegisterDto.getPhone();
		String code = entRegisterDto.getCode();
		// String codeRedis = redisTemplate.get(phone).toString();
		String codeRedis = (String) session.getAttribute(phone);

		if (code == null || !code.toString().equals(codeRedis)) {
			return ResultUtil.error("验证码不符/失效");
		}
		QyzxEmpLogin qyzxEmpLogin1 = qyzxEmpLoginMapper.selectById(empNum);
		if (qyzxEmpLogin1 != null) {

			qyzxEmpLogin1.setPhone(phone);
			qyzxEmpLogin1.setPw(Md5.md5("123456"));// 密码初始化

			qyzxEmpLogin1.updateById();
			return ResultUtil.success("修改手机号/用户名成功");
		}
		return ResultUtil.error("修改手机号/用户名失败");
	}

	/**
	 * 注册企业
	 * 
	 * @param entRegisterDto
	 * @return
	 */
	@PostMapping(value = "/register")
	@ApiOperation(value = "注册企业", httpMethod = "POST", notes = "接口发布说明")
	public Result<String> register(@RequestBody EntRegisterDto entRegisterDto) {
		// 事务回滚
		/*
		 * DefaultTransactionDefinition def = new DefaultTransactionDefinition();
		 * def.setName("register");
		 * def.setPropagationBehavior(TransactionDefinition.PROPAGATION_REQUIRED);
		 * TransactionStatus status = transactionManager.getTransaction(def);
		 */
		try {
			String username = entRegisterDto.getUsername();
			String phone = entRegisterDto.getPhone();
			if (phone == null || phone.equals("") && username == null || username.equals("")) {
				return ResultUtil.error("请输入手机号和用户名!");
			}
			if (phone == null || phone.equals(""))
				phone = username;
			if (username == null || username.equals(""))
				username = phone;
			String name = entRegisterDto.getName();
			String pw = entRegisterDto.getPw();
			QyzxEmpLogin login = new LambdaQueryChainWrapper<QyzxEmpLogin>(qyzxEmpLoginMapper)
					.eq(!StrUtil.hasBlank(phone), QyzxEmpLogin::getPhone, phone).one();
			if (login != null) {
				Integer count = new LambdaQueryChainWrapper<QyzxEmpEntAsso>(qyzxEmpEntAssoMapper)
						.eq(QyzxEmpEntAsso::getEmpNum, login.getId())
						.eq(QyzxEmpEntAsso::getUserType, CommonEnum.U_TYPE_ADMIN.getType()).count();

				if (count > 0) {
					return ResultUtil.error("已注册过企业");
				}
			}

			// 企业信息
			QyzxEntInfoM qyzxEntInfoM = QyzxEntInfoM.builder().name(name).registerTime(DateUtil.date()).build();
			boolean b1 = qyzxEntInfoM.insert();
			if (!b1) {
				TransactionAspectSupport.currentTransactionStatus().setRollbackOnly();
				return ResultUtil.error("注册企业失败1");
			}

			if (login == null) {
				// 员工信息
				QyzxEmpLogin qyzxEmpLogin = QyzxEmpLogin.builder().phone(phone).pw(Md5.md5(pw))
						.sts(CommonEnum.U_STS_ON.getType()).orgId(qyzxEntInfoM.getId()).regTime(DateUtil.date())
						.endTime(DateUtil.nextMonth()).build();
				boolean b2 = qyzxEmpLogin.insert();
				if (!b2) {
					TransactionAspectSupport.currentTransactionStatus().setRollbackOnly();
					return ResultUtil.error("注册企业失败2");
				}

				boolean b4 = YgglMainEmp.builder().orgCode(qyzxEntInfoM.getId()).empNum(qyzxEmpLogin.getId())
						.name(username).build().insert();
				if (!b4) {
					TransactionAspectSupport.currentTransactionStatus().setRollbackOnly();
					return ResultUtil.error("注册企业失败3");
				}

			}

			// 员工企业关联表
			QyzxEmpEntAsso qyzxEmpEntAsso = QyzxEmpEntAsso.builder().empNum(login.getId()).orgCode(qyzxEntInfoM.getId())
					.userType(CommonEnum.U_TYPE_ADMIN.getType()).build();
			boolean b3 = qyzxEmpEntAsso.insert();
			if (!b3) {
				TransactionAspectSupport.currentTransactionStatus().setRollbackOnly();
				return ResultUtil.error("注册企业失败4");
			}

			return ResultUtil.success("注册企业成功");
		} catch (Exception e) {
			TransactionAspectSupport.currentTransactionStatus().setRollbackOnly();
			e.printStackTrace();
			return ResultUtil.error("注册异常");
		}
	}

	/**
	 * 验证码登录
	 * 
	 * @param qyzxEmpLogin
	 * @return
	 */
	@PostMapping(value = "/code")
	@ApiOperation(value = "验证码登录", httpMethod = "POST", notes = "接口发布说明")
	public Result<QyzxEmpLogin> codelogin(@RequestBody EntRegisterDto entRegisterDto, HttpServletRequest request) {

		String code = entRegisterDto.getCode();
		String phone = entRegisterDto.getPhone();

		// Object codeRedis = redisTemplate.get(phone);
		Integer codeRedis = (Integer) session.getAttribute(phone);

		if (codeRedis == null || !code.equals(codeRedis.toString()))
			return ResultUtil.error("验证码不符");

		QyzxEmpLogin qyzxEmpLogin1 = new LambdaQueryChainWrapper<QyzxEmpLogin>(qyzxEmpLoginMapper)
				.eq(!StrUtil.hasBlank(phone), QyzxEmpLogin::getPhone, phone).one();

		return loginhan(qyzxEmpLogin1, request);
	}

	@Autowired
	ZzglBmgwMMapper zzglBmgwMMapper;

	private Result<QyzxEmpLogin> loginhan(QyzxEmpLogin qyzxEmpLogin1, HttpServletRequest request) {
		if (qyzxEmpLogin1 == null)
			return ResultUtil.error("帐号不存在！");
		String ip;
		try {
			ip = UserIp.getIpAddr(request);
			qyzxEmpLogin1.setIp(ip);
		} catch (Exception e) {
			e.printStackTrace();
		}
		List<QysDto> qys = qyzxEmpLoginMapper.getQys(qyzxEmpLogin1.getId());
		if (qys.size() == 0)
			return ResultUtil.error("没有任何公司可以查看！");
		qyzxEmpLogin1.setQys(qys);
		QysDto ctrl = qys.get(0);
		if (qyzxEmpLogin1.getOrgId() != null) {
			Stream<QysDto> s = qys.stream()
					.filter(item -> item.getStatus() == 1 && qyzxEmpLogin1.getOrgId().equals(item.getId()));
			if (s != null) {
				ctrl = s.findFirst().get();
			}
		}
		if (ctrl.getStatus() == null || ctrl.getStatus().equals(0)) {
			return ResultUtil.error("帐号被禁用");
		}
		qyzxEmpLogin1.setOrgId(ctrl.getId());
		@SuppressWarnings("unused")
		String phone = qyzxEmpLogin1.getPhone();
		if (CommonEnum.U_TYPE_ADMIN.getType().equals(ctrl.getUserType())
				|| CommonEnum.U_TYPE_C_ADMIN.getType().equals(ctrl.getUserType())) {
		} else {
			// 获取权限
			ArrayList<Integer> list = new ArrayList<Integer>();
			List<ZzglBmgwM> zzglBmgwMs = new LambdaQueryChainWrapper<ZzglBmgwM>(zzglBmgwMMapper)
					.eq(ZzglBmgwM::getOrgCode, qyzxEmpLogin1.getOrgId()).list();
			// 传入的部门岗位是登录者的岗位id.获取的list中只有一个元素,不必要
			ZzglBmgwM.getupDepts(list, ctrl.getBmgwId(), zzglBmgwMs);

			if (list != null && list.size() > 0) {
				LambdaQueryWrapper<ZzglAuth> wp = new LambdaQueryWrapper<>();
				wp.select(ZzglAuth::getMenuId).eq(ZzglAuth::getOrgCode, qyzxEmpLogin1.getOrgId())
						.and(i -> i.in(ZzglAuth::getBmgwId, list.toArray()));
				List<ZzglAuth> zas = ZzglAuth.builder().build().selectList(wp);
				List<String> menus = new ArrayList<>();
				zas.stream().forEach(o -> menus.add(o.getMenuId()));
				qyzxEmpLogin1.setMenus(menus);
			}
		}
		// 可操作企业

		// 需要更新最后一次登陆信息
		// 用户信息缓存
		session.setAttribute("ui", qyzxEmpLogin1);
		// redisTemplate.set("loginUser:" + phone, session.getId());
		// redisTemplate.set("empNum:" + session.getId(), qyzxEmpLogin1.getId());
		// redisTemplate.set("orgCode:" + session.getId(), qyzxEmpLogin1.getOrgId());
		return ResultUtil.data(qyzxEmpLogin1);
	}

	/**
	 * 密码登录
	 * 
	 * @param qyzxEmpLogin
	 * @return
	 */
	@PostMapping(value = "/password")
	@ApiOperation(value = "密码登录", httpMethod = "POST", notes = "接口发布说明")
	public Result<QyzxEmpLogin> passwordlogin(@RequestBody EntRegisterDto entRegisterDto, HttpServletRequest request) {

		String phone = entRegisterDto.getPhone();
		String pw = entRegisterDto.getPw();

		QyzxEmpLogin qyzxEmpLogin1 = new LambdaQueryChainWrapper<QyzxEmpLogin>(qyzxEmpLoginMapper)
				.eq(!StrUtil.hasBlank(phone), QyzxEmpLogin::getPhone, phone).one();
		if (qyzxEmpLogin1 != null) {
			if (StrUtil.hasBlank(pw) || !qyzxEmpLogin1.getPw().equals(Md5.md5(pw)))
				return ResultUtil.error("帐号密码错误");

			return loginhan(qyzxEmpLogin1, request);
		} else {
			return ResultUtil.error("帐号不存在-错误");
		}

	}

}