OpenIdController.java
6.28 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
package com.xkl.controller;
import com.wordnik.swagger.annotations.ApiImplicitParam;
import com.wordnik.swagger.annotations.ApiImplicitParams;
import com.wordnik.swagger.annotations.ApiOperation;
import com.xkl.authorization.annotation.Authorization;
import com.xkl.authorization.annotation.CurrentUser;
import com.xkl.authorization.annotation.LogAnnotation;
import com.xkl.authorization.annotation.Sign;
import com.xkl.authorization.manager.ITokenManager;
import com.xkl.authorization.model.TokenModel;
import com.xkl.config.Constants;
import com.xkl.config.ResultStatus;
import com.xkl.domain.*;
import com.xkl.model.ReportDetailModel;
import com.xkl.model.ResultModel;
import com.xkl.repository.*;
import com.xkl.security.AntiXSS;
import com.xkl.service.ILoginService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.util.Assert;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import javax.servlet.http.HttpServletRequest;
import java.util.ArrayList;
import java.util.List;
/**
* Created by win7 on 2016/10/19.
*/
@RestController
@RequestMapping("/openId")
public class OpenIdController {
@Autowired
private ITokenManager tokenManager;
@Autowired
private ILoginService loginService;
@Autowired
private XklMemberOpenidRespository xklMemberOpenidRespository;
@Autowired
private UserRepository userRepository;
@LogAnnotation
@AntiXSS
@Sign
@RequestMapping(method = RequestMethod.POST)
@ApiOperation(value = "OpenId绑定接口")
public ResponseEntity<ResultModel> openIdBind(HttpServletRequest request, @RequestParam String username, @RequestParam String password, @RequestParam String openId, @RequestParam int openIdType,
@RequestParam String sign, @RequestParam long t, @RequestParam int type) {
if (!(boolean) request.getAttribute("signAspect"))
return new ResponseEntity<>(ResultModel.error(ResultStatus.SIGN_ERROR), HttpStatus.OK);
Assert.notNull(username, "username can not be empty");
Assert.notNull(password, "password can not be empty");
User user = loginService.check(username, password);
if (user == null) {//用户,密码错误
return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.OK);
} else {
XklMemberOpenidEntity xklMemberOpenid = xklMemberOpenidRespository.findByAccountIdAndType(user.getId(), openIdType);
if (xklMemberOpenid == null) {
xklMemberOpenid = new XklMemberOpenidEntity();
xklMemberOpenid.setType(openIdType);
xklMemberOpenid.setAccountId(user.getId());
xklMemberOpenid.setMemberId(user.getMemberId());
xklMemberOpenid.setOpenid(openId);
} else {//已经存在
xklMemberOpenid.setOpenid(openId);
}
xklMemberOpenidRespository.deleteByOpenid(openId);
xklMemberOpenidRespository.save(xklMemberOpenid);
}
return new ResponseEntity<>(ResultModel.ok(ResultStatus.OPENID_BIND_SUCCESS), HttpStatus.OK);
}
@LogAnnotation
@AntiXSS
@Authorization
@Sign
@RequestMapping(method = RequestMethod.DELETE)
@ApiOperation(value = "OpenId解除绑定接口")
@ApiImplicitParams({
@ApiImplicitParam(name = "authorization", value = "请输入登录返回信息:userId_tokens", required = true, dataType = "string", paramType = "header"),
})
public ResponseEntity<ResultModel> openIdUnBind(HttpServletRequest request, @CurrentUser User user, @RequestParam String password, @RequestParam String openId, @RequestParam int openIdType,
@RequestParam String sign, @RequestParam long t, @RequestParam int type) {
user = loginService.check(user.getLoginAccount(), password);
if (user == null) {//用户,密码错误
return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.OK);
}
if (!(boolean) request.getAttribute("signAspect"))
return new ResponseEntity<>(ResultModel.error(ResultStatus.SIGN_ERROR), HttpStatus.OK);
XklMemberOpenidEntity xklMemberOpenid = xklMemberOpenidRespository.findByAccountIdAndTypeAndOpenid(user.getId(), openIdType, openId);
if (xklMemberOpenid != null) {
xklMemberOpenidRespository.delete(xklMemberOpenid);
return new ResponseEntity<>(ResultModel.ok(ResultStatus.OPENID_UNBIND_SUCESS), HttpStatus.OK);
} else {
return new ResponseEntity<>(ResultModel.error(ResultStatus.OPENID_ERROR), HttpStatus.OK);
}
}
@LogAnnotation
// @AntiXSS
@Sign
@RequestMapping(value = "/login", method = RequestMethod.POST)
@ApiOperation(value = "OpenId登录接口")
public ResponseEntity<ResultModel> openIdLogin(HttpServletRequest request, @RequestParam String openId, @RequestParam int openIdType,
@RequestParam String sign, @RequestParam long t, @RequestParam int type) {
if (!(boolean) request.getAttribute("signAspect"))
return new ResponseEntity<>(ResultModel.error(ResultStatus.SIGN_ERROR), HttpStatus.OK);
XklMemberOpenidEntity xklMemberOpenid = xklMemberOpenidRespository.findOneByOpenidAndType(openId, openIdType);
if (xklMemberOpenid == null) {
return new ResponseEntity<>(ResultModel.error(ResultStatus.OPENID_ERROR), HttpStatus.OK);
}
long accountId = xklMemberOpenid.getAccountId();
TokenModel model = tokenManager.createToken(String.valueOf(accountId));
User user = userRepository.findOne(accountId);
if (user.isStatus() == true) {
model.setUsername(user.getLoginAccount());
return new ResponseEntity<>(ResultModel.ok(model), HttpStatus.OK);
} else {
return new ResponseEntity<>(ResultModel.error(ResultStatus.USER_NOT_FOUND), HttpStatus.OK);
}
}
}